jasypt-users

[jasypt-users] Unable to decrypt encrypted passwords in property files using EncryptablePropertyPlaceholderConfigurer

[bubenik <Wol...@ap...>]

Hallo list, 
I was realy happy to find such a  nice framework that promises easy to use
encryption features. 
Now I'm somewhat frustrated because my sinple scenario does not work and I
can't see my fault. 

The Scene: 
- The command line tool to encrypt a password
- A properties file with the encrypted Passwort
- a spring configuration that uses the
EncryptablePropertyPlaceholderConfigurer to replace the passwordPlaceholder
with the decrypted password

The porblem: 
decryption allways failes with an Exception:
javax.crypto.BadPaddingException: Given final block not properly padded

The configuration: 
- Windows XP, 
- Java 1.6.12 with Unlimited Strength Java(TM) Cryptography Extension Policy
Files
- Jasyp 1.5
- Spring configuration: 

<!-- use encrypted passwords in config files -->
    <bean id="propertyConfigurer"
class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
        <constructor-arg ref="strongEncryptor"/>
        <property name="location" value="classpath:degewo.properties"/>
    </bean>

    <bean id="strongEncryptor"
class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
        <property name="algorithm" value="PBEWithMD5AndTripleDES"/>
        <property name="password"
value="this-is-a-very-long-and-quiet-easy-to-guess-password-4-me!"/>
        <property name="saltGenerator" ref="nullGenerator"/>
    </bean>

    <bean id="nullGenerator" class="org.jasypt.salt.ZeroSaltGenerator"/>

I tries with the default SaltGenerator (Random I suppose) before but with
same result. 

The encrypted password has been generated with the CLI (encrypt
input=toBeEncrypted password=somePwdContaining-4!), copied the result from
the command line window and pasted it into the properties file. At this
stage i did not specify a SaltGenerator in my Spring configuration eg. using
default. 
Than I created a test case in my IDE (Idea 8), copied the code from
org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI, defined the
ZeroSaltGenerator (for encryption as well as for decryption) and got the
encrypted String in the IDE window. I copied and pasted it into the
properties file and watched the decryption failing as before. 
On debuging I did't see anything strange, the byte[] on encryption and
decryption (at all stages: base64 - encryption) had the same length...

Well, plese shed some light on this. Where is the error? How to do this
correctly? It appears to be so damned simple!

Thanks a lot
Bubenik
 
-- 
View this message in context: http://www.nabble.com/Unable-to-decrypt-encrypted-passwords-in-property-files-using-EncryptablePropertyPlaceholderConfigurer-tp24276481s21332p24276481.html
Sent from the Jasypt - Users mailing list archive at Nabble.com.

Re: [jasypt-users] Unable to decrypt encrypted passwords in property files using EncryptablePropertyPlaceholderConfigurer

[bubenik <Wol...@ap...>]

Some additional information: 

1) When executing encryption and decryption in one method (e.g. a unit test
method) everything is fine - no Exception. 
When reading password and encrypted message from the config file (created by
a previous run of the test method) I get the exception. 

2) I assumed that some error was introduced when copying strings from one
application to another, writing to and reading from a file. Thus I double
checked the byte arrays of the key, the message, encrypted message and
base64 encoded encrypted message while encryption and decryption. All byte[]
were identical on the corresponding stages of decryption and encryption.

Could it be that the cypher itself is different each time it is initialized?

Thanks for every hint.
Wolf
-- 
View this message in context: http://www.nabble.com/Unable-to-decrypt-encrypted-passwords-in-property-files-using-EncryptablePropertyPlaceholderConfigurer-tp24276481s21332p24303700.html
Sent from the Jasypt - Users mailing list archive at Nabble.com.

Re: [jasypt-users] Unable to decrypt encrypted passwords in property files using EncryptablePropertyPlaceholderConfigurer

[bubenik <Wol...@ap...>]

Finally I found my mistake.

For the decryption with the EncryptablePropertyPlaceholderConfigurer I
specified an algorithm beleving that the value given is the default value
used for encryption. 

Obviously that was not the case. 
Deleting the algorithm from my spring config (using real default) solved the
problem.

resend post because sitll pending....

regards bubenik
-- 
View this message in context: http://www.nabble.com/Unable-to-decrypt-encrypted-passwords-in-property-files-using-EncryptablePropertyPlaceholderConfigurer-tp24276481s21332p24309476.html
Sent from the Jasypt - Users mailing list archive at Nabble.com.

Re: [jasypt-users] Unable to decrypt encrypted passwords in property files using EncryptablePropertyPlaceholderConfigurer

[Niklas R. <nik...@gm...>]

On Thu, Jul 2, 2009 at 12:04 PM, bubenik <Wol...@ap...> wrote:

> +------------------------+
>  Jasypt Users List
>  http://www.jasypt.org
> +------------------------+
>
> Finally I found my mistake.
>
> For the decryption with the EncryptablePropertyPlaceholderConfigurer I
> specified an algorithm beleving that the value given is the default value
> used for encryption.
>
> Obviously that was not the case.
> Deleting the algorithm from my spring config (using real default) solved
> the
> problem.
>
> regards bubenik


Thank you for the informational update. It's good to know the jasypt
mistakes can get understood, handled and solved.
I don't use the same configuration and had less problems than expected with
a minimal configuration:
Register:

encryptedPassword = passwordEncryptor.encryptPassword(userPassword);

Check:

BasicPasswordEncryptor passwordEncryptor = new
BasicPasswordEncryptor();
if (passwordEncryptor.checkPassword(password,
database_stored_encryptedPassword)) {
...

Regards,
Niklas R