Tag Archives: jasypt

When using jasypt encryption configuration, an error is reported: decryptionexception: unable to decrypt

A few days ago, I shared an article “spring boot 2. X basic tutorial: sensitive information in encryption configuration”, and then saw that there were reactions from small partners in the group. This exception appeared following this article com.ulisesbocchio.jasyptsspringboot.exception.decryptionexception: unable to decrypt .

The specific and complete error information is as follows:

Caused by: com.ulisesbocchio.jasyptspringboot.exception.DecryptionException: Unable to decrypt: ENC(/AL9nJENCYCh9Pfzdf2xLPsqOZ6HwNgQ3AnMybFAMeOM5GphZlOK6PxzozwtCm+Q). Decryption of Properties failed,  make sure encryption/decryption passwords match
	at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.lambda$resolvePropertyValue$0(DefaultPropertyResolver.java:46) ~[jasypt-spring-boot-3.0.3.jar:na]
	at java.util.Optional.map(Optional.java:215) ~[na:1.8.0_151]
	at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.resolvePropertyValue(DefaultPropertyResolver.java:40) ~[jasypt-spring-boot-3.0.3.jar:na]
	at com.ulisesbocchio.jasyptspringboot.resolver.DefaultLazyPropertyResolver.resolvePropertyValue(DefaultLazyPropertyResolver.java:50) ~[jasypt-spring-boot-3.0.3.jar:na]
	at com.ulisesbocchio.jasyptspringboot.EncryptablePropertySource.getProperty(EncryptablePropertySource.java:20) ~[jasypt-spring-boot-3.0.3.jar:na]
	at com.ulisesbocchio.jasyptspringboot.caching.CachingDelegateEncryptablePropertySource.getProperty(CachingDelegateEncryptablePropertySource.java:41) ~[jasypt-spring-boot-3.0.3.jar:na]
	at com.ulisesbocchio.jasyptspringboot.wrapper.EncryptableMapPropertySourceWrapper.getProperty(EncryptableMapPropertySourceWrapper.java:31) ~[jasypt-spring-boot-3.0.3.jar:na]
	at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty(PropertySourcesPropertyResolver.java:85) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty(PropertySourcesPropertyResolver.java:62) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.core.env.AbstractEnvironment.getProperty(AbstractEnvironment.java:588) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.context.support.PropertySourcesPlaceholderConfigurer$1.getProperty(PropertySourcesPlaceholderConfigurer.java:137) ~[spring-context-5.3.8.jar:5.3.8]
	at org.springframework.context.support.PropertySourcesPlaceholderConfigurer$1.getProperty(PropertySourcesPlaceholderConfigurer.java:133) ~[spring-context-5.3.8.jar:5.3.8]
	at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty(PropertySourcesPropertyResolver.java:85) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.core.env.PropertySourcesPropertyResolver.getPropertyAsRawString(PropertySourcesPropertyResolver.java:74) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.util.PropertyPlaceholderHelper.parseStringValue(PropertyPlaceholderHelper.java:159) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.util.PropertyPlaceholderHelper.replacePlaceholders(PropertyPlaceholderHelper.java:126) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.core.env.AbstractPropertyResolver.doResolvePlaceholders(AbstractPropertyResolver.java:239) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.core.env.AbstractPropertyResolver.resolveRequiredPlaceholders(AbstractPropertyResolver.java:210) ~[spring-core-5.3.8.jar:5.3.8]
	at org.springframework.context.support.PropertySourcesPlaceholderConfigurer.lambda$processProperties$0(PropertySourcesPlaceholderConfigurer.java:175) ~[spring-context-5.3.8.jar:5.3.8]
	at org.springframework.beans.factory.support.AbstractBeanFactory.resolveEmbeddedValue(AbstractBeanFactory.java:936) ~[spring-beans-5.3.8.jar:5.3.8]
	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1321) ~[spring-beans-5.3.8.jar:5.3.8]
	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1300) ~[spring-beans-5.3.8.jar:5.3.8]
	at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.resolveFieldValue(AutowiredAnnotationBeanPostProcessor.java:657) ~[spring-beans-5.3.8.jar:5.3.8]
	at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:640) ~[spring-beans-5.3.8.jar:5.3.8]
	at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:119) ~[spring-beans-5.3.8.jar:5.3.8]
	at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessProperties(AutowiredAnnotationBeanPostProcessor.java:399) ~[spring-beans-5.3.8.jar:5.3.8]
	... 69 common frames omitted
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException: null
	at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:1165) ~[jasypt-1.9.3.jar:na]
	at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:738) ~[jasypt-1.9.3.jar:na]
	at org.jasypt.encryption.pbe.PooledPBEStringEncryptor.decrypt(PooledPBEStringEncryptor.java:511) ~[jasypt-1.9.3.jar:na]
	at com.ulisesbocchio.jasyptspringboot.encryptor.DefaultLazyEncryptor.decrypt(DefaultLazyEncryptor.java:57) ~[jasypt-spring-boot-3.0.3.jar:na]
	at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.lambda$resolvePropertyValue$0(DefaultPropertyResolver.java:44) ~[jasypt-spring-boot-3.0.3.jar:na]
	... 94 common frames omitted

Judging directly from the description of the error message is that the decryption failed.

Here are some possibilities of decryption failure:

First: it is speculated that the reason for the failure of decryption is that the keys used for encryption and decryption are inconsistent, that is, the configuration of jasypt. Encryptor. Password is different from the parameters transmitted when using the plug-in.

The second: the unlimited strength Java cryptography extension is not installed. Because DD has been installed when using spring cloud config before, this point was not mentioned when writing this case. It should be that some readers who have not yet contacted spring cloud are usually caused by this reason. In fact, this was mentioned in the previous article distributed configuration center (encryption and decryption), but it does not belong to a series of contents, so it is mentioned here.

We can download the JCE installation package corresponding to your Java version from Oracle’s official website, such as jce8 download address. It is a compressed package. After decompression, you can see the following three files:

README.txt
local_policy.jar
US_export_policy.jar

We need to set local_ Policy.jar and us_ export_ Policy.jar copy the two files to $Java_ In the home/JRE/lib/security directory, overwrite the original default content, so that the preparation for encryption and decryption is completed. Finally, if you are learning spring boot, please recommend this series of tutorials from 2016 to now. Click directly. Welcome to collect and forward! If you encounter difficulties in the learning process?You can join our spring technology exchange group, participate in exchanges and discussions, and make better learning and progress!

Welcome to my official account: program ape DD, sharing dry cargo and thinking outside!