Menu
▾
▴
#34 PBE encryption/decryption, decryption "decrypts" w/ garbage rather than throwing EncryptionOperationNotPossibleException
Please see this github gist: https://gist.github.com/bitsofinfo/145ea7279dfc18d1dc9d
See the comment at the top, run w/ Jasypt 1.9.1 and (optionally) the latest 1.5.1 BouncyCastle provider
This test is very simple. I have 2 PBE encryptors.... with different passwords. One would expect that I would never be able to "decrypt" the output generated by one instance to be "decrypted" without an EncryptionOperationNotPossibleException being thrown from a totally separate PBE encryptor seeded with a different password.... Yet over the course of several iterations this appears to be the case... The output albiet is garbage, however if my program does not know what expect as far as "correct" output, how can one possibly detect this false-positive decryption before the output is returned to the caller?
Expected? Not expected?
This is expected behaviour.
As happens with your own code, Jasypt has no way to determine the correctness of the obtained results. If Jasypt obtains results from the Cipher object (instead of an exception), it outputs these results.
Why then does it not always fail?
Because your Cipher objects are not always encrypting exactly the same text, even if you always feed them with "hello world". These PBE algorithms allow the specification of a random salt, which is being appended to your text and provokes that each time you execute "encrypt" you obtain a different result. That is something the jasypt objects you are using do by default.
And some of these different results might be "able to decrypt into garbage" using some non-valid passwords, if the keys generated by applying the hash algorithm (MD5 and SHA256 in your examples) to your passwords happen to have, by mere coincidence, the adequate length and padding features for decrypting the (semi-random) result of the encryption operation.
If you move the encryption operation in your sample code outside the 0..500 loop, you will find that your code will either raise an exception the whole 500 times, or allow "invalid decryptions" always.