From: Daniel F. <dfe...@us...> - 2009-01-22 02:06:29
|
Hello, Jasypt only supports Password Based Encryption (PBE) algorithms, this is, those that allow a password to be specified as a String, so that a digest algorithm can be applied on these passwords to obtain the real algorithm key (which is a byte[]). This is what the "PBEWith<digestAlg>And<encryptionAlg>" algorithms do, and these are the algorithms supported by the library. Regards, Daniel. nlif wrote: > +------------------------+ > Jasypt Users List > http://www.jasypt.org > +------------------------+ > > StandardPBEByteEncryptor uses the same algorithm string for the Cipher and > the SecretKeyFactory. This is a problem in some cases, for example, in the > case of SunJce Provider, and the "AES/CBC/PKCS5Padding" algorithm, the > SecretKeyFactory will throw an exception, although this algorithm is > supported by this provider. The factory simply expects "AES" and not > "AES/CBC/PKCS5Padding". The Cipher, however, requires > "AES/CBC/PKCS5Padding". So it seems as if there should be two parameters: > cipherAlgorithm, and secretKeyFactoryAlgorithm. > > is this the correct behavior, a bug or a known-limitation? > > Furthremore, searching the forum, I found this post: > http://www.nabble.com/SunJCE-has-AES-algorithm,-but-CLI-says-AES-is-not-supported-td14200612s21332.html > http://www.nabble.com/SunJCE-has-AES-algorithm,-but-CLI-says-AES-is-not-supported-td14200612s21332.html > > The claim that "Sun's JCE implements AES, but not for password-based > encryption (PBE)" seems questionable, since, SunJCE does support > AES/CBC/PKCS5Padding. > > I'd appreciate if anyone can comment whether this is correct or not. > > > Thanks, > Naaman > > > Exception thrown: > > org.jasypt.exceptions.EncryptionInitializationException: > java.security.NoSuchAlgorithmException: AES/CBC/PKCS5Padding > SecretKeyFactory not available > at > org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:597) > at > org.jasypt.encryption.pbe.StandardPBEStringEncryptor.initialize(StandardPBEStringEncryptor.java:488) > at > org.jasypt.encryption.pbe.StandardPBEStringEncryptor.encrypt(StandardPBEStringEncryptor.java:541) > : > : > : > Caused by: java.security.NoSuchAlgorithmException: AES/CBC/PKCS5Padding > SecretKeyFactory not available > at javax.crypto.SecretKeyFactory.<init>(DashoA13*..) > at javax.crypto.SecretKeyFactory.getInstance(DashoA13*..) > at > org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:584) > ... 33 more > > > |