首页

EncryptionOperationNotPossibleException by Jasypt with Bouncy Castle

java hibernate spring bouncycastle jasypt
2022-09-04 07:01:22

我尝试在Spring应用程序中将JasyptBouncy Castle crypro提供的(128Bit AES)结合使用,以解密实体属性,同时使用Hibernate保存它们。但是当我试图保存吸引力时,我总是会得到这个。org.jasypt.exceptions.EncryptionOperationNotPossibleException

org.jasypt.exceptions.EncryptionOperationNotPossibleException
  Encryption raised an exception. A possible cause is you are using strong encryption
  algorithms and you have not installed the Java Cryptography Extension (JCE) Unlimited
  Strength Jurisdiction Policy Files in this Java Virtual Machine
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.handleInvalidKeyException(StandardPBEByteEncryptor.java:1073)
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.encrypt(StandardPBEByteEncryptor.java:924)
at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.encrypt(StandardPBEStringEncryptor.java:642)
at org.jasypt.hibernate4.type.AbstractEncryptedAsStringType.nullSafeSet(AbstractEncryptedAsStringType.java:155)
at org.hibernate.type.CustomType.nullSafeSet(CustomType.java:158)

(下面是完整的堆栈跟踪)

我不使用Java加密扩展(JCE),这就是为什么我尝试使用Bouncy Castle的原因

我认为弹簧配置有问题,有人发现问题吗?

我的弹簧配置是:

<bean id="bouncyCastleProvider" class="org.bouncycastle.jce.provider.BouncyCastleProvider"/>
<bean class="org.jasypt.hibernate4.encryptor.HibernatePBEStringEncryptor" depends-on="bouncyCastleProvider">

    <property name="provider" ref="bouncyCastleProvider"/>  
    <property name="providerName" value="BC"/>

    <property name="saltGenerator">
        <bean class="org.jasypt.salt.RandomSaltGenerator"/>
    </property>

    <property name="registeredName" value="STRING_ENCRYPTOR"/>      
    <property name="algorithm" value="PBEWITHSHA256AND128BITAES-CBC-BC"/>
    <property name="password" value="sEcRET1234"/>
</bean>

用法:

@Entity
@TypeDef(name = "encryptedString", typeClass = EncryptedStringType.class, parameters = { @Parameter(name = "encryptorRegisteredName", value = "STRING_ENCRYPTOR") })
public class SubscriptionProcess {
  ...      
   @Type(type = "encryptedString")
   private String debitAccountIban;
  ...
}

pom/dependenies

    <dependency>
        <groupId>org.jasypt</groupId>
        <artifactId>jasypt</artifactId>
        <version>1.9.2</version>
    </dependency>
    <dependency>
        <groupId>org.jasypt</groupId>
        <artifactId>jasypt-hibernate4</artifactId>
        <version>1.9.2</version>
    </dependency>
 ...
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <!-- I use an older version of bouncy castle that is also used by tika  -->
        <artifactId>bcprov-jdk15</artifactId>           
        <version>1.45</version>
    </dependency>
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcmail-jdk15</artifactId>           
        <version>1.45</version>
    </dependency>

全栈跟踪

org.jasypt.exceptions.EncryptionOperationNotPossibleException: Encryption raised an exception. A possible cause is you are using strong encryption algorithms and you have not installed the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files in this Java Virtual Machine
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.handleInvalidKeyException(StandardPBEByteEncryptor.java:1073)
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.encrypt(StandardPBEByteEncryptor.java:924)
    at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.encrypt(StandardPBEStringEncryptor.java:642)
    at org.jasypt.hibernate4.type.AbstractEncryptedAsStringType.nullSafeSet(AbstractEncryptedAsStringType.java:155)
    at org.hibernate.type.CustomType.nullSafeSet(CustomType.java:158)
    at org.hibernate.persister.entity.AbstractEntityPersister.dehydrate(AbstractEntityPersister.java:2843)
    at org.hibernate.persister.entity.AbstractEntityPersister.dehydrate(AbstractEntityPersister.java:2818)
    at org.hibernate.persister.entity.AbstractEntityPersister$4.bindValues(AbstractEntityPersister.java:3025)
    at org.hibernate.id.insert.AbstractReturningDelegate.performInsert(AbstractReturningDelegate.java:57)
    at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:3032)
    at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:3556)
    at org.hibernate.action.internal.EntityIdentityInsertAction.execute(EntityIdentityInsertAction.java:97)
    at org.hibernate.engine.spi.ActionQueue.execute(ActionQueue.java:480)
    at org.hibernate.engine.spi.ActionQueue.addResolvedEntityInsertAction(ActionQueue.java:191)
    at org.hibernate.engine.spi.ActionQueue.addInsertAction(ActionQueue.java:175)
    at org.hibernate.engine.spi.ActionQueue.addAction(ActionQueue.java:210)
    at org.hibernate.event.internal.AbstractSaveEventListener.addInsertAction(AbstractSaveEventListener.java:324)
    at org.hibernate.event.internal.AbstractSaveEventListener.performSaveOrReplicate(AbstractSaveEventListener.java:288)
    at org.hibernate.event.internal.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:194)
    at org.hibernate.event.internal.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:125)
    at org.hibernate.jpa.event.internal.core.JpaPersistEventListener.saveWithGeneratedId(JpaPersistEventListener.java:84)
    at org.hibernate.event.internal.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:206)
    at org.hibernate.event.internal.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:149)
    at org.hibernate.event.internal.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:75)
    at org.hibernate.internal.SessionImpl.firePersist(SessionImpl.java:807)
    at org.hibernate.internal.SessionImpl.persist(SessionImpl.java:780)
    at org.hibernate.internal.SessionImpl.persist(SessionImpl.java:785)
    at org.hibernate.jpa.spi.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:1181)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:291)
    at com.sun.proxy.$Proxy78.persist(Unknown Source)
    at com.demo.base.user.BaseUserDomainCreatorUtil$Persistent.postCreate(BaseUserDomainCreatorUtil.java:424)
    at com.demo.base.user.BaseUserDomainCreatorUtil.createSafeCustodyAccount(BaseUserDomainCreatorUtil.java:321)
    at com.demo.base.user.BaseUserDomainCreatorUtil.createSafeCustodyAccount(BaseUserDomainCreatorUtil.java:329)
    at com.demo.base.user.BaseUserDomainCreatorUtil.createSafeCustodyAccount(BaseUserDomainCreatorUtil.java:333)
    at com.demo.base.user.BaseUserDomainCreatorUtil.createUserWithSafeCustodyAccount(BaseUserDomainCreatorUtil.java:128)
    at com.demo.app.asset.AssetTestScenario.<init>(AssetTestScenario.java:66)
    at com.demo.app.asset.dao.SubscriptionProcessDaoSpringTest.testPersistence_aroundBody0(SubscriptionProcessDaoSpringTest.java:62)
    at com.demo.app.asset.dao.SubscriptionProcessDaoSpringTest$AjcClosure1.run(SubscriptionProcessDaoSpringTest.java:1)
    at org.springframework.transaction.aspectj.AbstractTransactionAspect.ajc$around$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96cproceed(AbstractTransactionAspect.aj:60)
    at org.springframework.transaction.aspectj.AbstractTransactionAspect$AbstractTransactionAspect$1.proceedWithInvocation(AbstractTransactionAspect.aj:66)
    at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:267)
    at org.springframework.transaction.aspectj.AbstractTransactionAspect.ajc$around$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(AbstractTransactionAspect.aj:64)
    at com.demo.app.asset.dao.SubscriptionProcessDaoSpringTest.testPersistence(SubscriptionProcessDaoSpringTest.java:61)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
    at org.springframework.test.context.junit4.statements.RunBeforeTestMethodCallbacks.evaluate(RunBeforeTestMethodCallbacks.java:73)
    at org.springframework.test.context.junit4.statements.RunAfterTestMethodCallbacks.evaluate(RunAfterTestMethodCallbacks.java:82)
    at org.springframework.test.context.junit4.statements.SpringRepeat.evaluate(SpringRepeat.java:73)
    at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
    at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:217)
    at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:83)
    at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
    at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
    at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
    at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
    at org.springframework.test.context.junit4.statements.RunBeforeTestClassCallbacks.evaluate(RunBeforeTestClassCallbacks.java:61)
    at org.springframework.test.context.junit4.statements.RunAfterTestClassCallbacks.evaluate(RunAfterTestClassCallbacks.java:68)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
    at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.run(SpringJUnit4ClassRunner.java:163)
    at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)
    at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)

答案 1

Jasypt 旨在与 一起使用,此项目在其 Web 上使用的术语可能会让您感到困惑,因为有以下句子:JCE providers

打开 API 以用于任何 JCE 提供程序,而不仅仅是默认的 Java VM 提供程序。Jasypt可以很容易地与著名的提供商(如Bouncy Castle)一起使用

从这句话中,也许你明白Jasypt可以与BouncyCastle一起使用,或者与BouncyCastle一起使用,就像两者的工作方式不同或类似的东西一样;然而,这句话的意思是,有许多默认的,默认的提供者带有默认的java安装和非默认的,但是两者都完成了JCA / JCE规范,并且都可以与Jasypt一起使用。JCEJCE providers

正如我所说,BouncyCastle有一个,从弹跳城堡你可以看到:JCE provider

Java Cryptography Extension 和 Java Cryptography Architecture 的提供程序。

因此,如果您尝试使用作为提供程序进行加密/解密操作,则与所有提供程序都有相同的限制,包括可用的算法和密钥长度。org.bouncycastle.jce.provider.BouncyCastleProviderJCE

要避免有关密钥长度和算法的此限制并传递错误,必须为 jvm 版本进行安装。Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files

例如,对于java 1.7,您可以从此处下载文件。然后复制$JAVA_HOME\jre\lib\security中的jars,覆盖现有的和.local_policy.jarUS_export_policy.jar

希望这有帮助。


答案 2

请检查 JRE 主路径(右键单击 windows->preferences->单击位置 ->检查 JRE 主路径是否指向 jdk),如果它指向 jre,请将其更改为 jdk


推荐
更多 »
标签
更多 »
php pass-by-reference optional-parameters default-value javascript arrays dom function string object serialization tostring visibility syntax jslint use-strict operators equality equality-operator identity-operator datetime timestamp date-arithmetic redirect angularjs loops foreach iteration scope variables
推荐
更多 »