java - Jasypt を使用して復号化する

Question

Jasyptライブラリを使用して暗号化されたパスワードを解読するには?

package com.uk.mysqlmaven.jsf.test;

import org.jasypt.util.password.StrongPasswordEncryptor;
import org.jasypt.util.text.StrongTextEncryptor;


public class PasswordEncryptionDecryptionUsingJASYPT {
    public static void main(String[] args) {
        try {
            String password = "password";
            StrongPasswordEncryptor encryptor = new StrongPasswordEncryptor();
            String encryptedPassword = encryptor.encryptPassword(password);
            if (encryptor.checkPassword(password, encryptedPassword)) {
                //correct
                System.out.println("Encrypted: "+ encryptedPassword);
            } else {
                //bad again
                System.out.println("Error: ");
            }
            StrongTextEncryptor textEncryptor = new StrongTextEncryptor();
            textEncryptor.setPassword(encryptedPassword);
            String decryptedPassword = textEncryptor.decrypt(encryptedPassword);
            System.out.println("Decrypted: "+ decryptedPassword);
            
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

パスワードを復号化しようとすると、コンソールに次のエラーが表示されます。

Encrypted: JIOYXNa1+3+QefY2S7sas7LmhyOuDQcG8TTsQoTkqj0OtobCvwAFHXxoTr7z6HuP
org.jasypt.exceptions.EncryptionOperationNotPossibleException: Encryption raised an exception. A possible cause is you are using strong encryption algorithms and you have not installed the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files in this Java Virtual Machine
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.handleInvalidKeyException(StandardPBEByteEncryptor.java:999)
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:976)
    at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:725)
    at org.jasypt.util.text.StrongTextEncryptor.decrypt(StrongTextEncryptor.java:118)
    at com.uk.mysqlmaven.jsf.test.PasswordEncryptionDecryptionUsingJASYPT.main(PasswordEncryptionDecryptionUsingJASYPT.java:22)

Answer 1

以下の例を試すことができます。これはうまくいきます: mpCryptoPassword の値は常に秘密の場所に保管してください。アプリケーションだけがそれを読み取れるようにする必要があります。

public class EncryptionDecryptionUsingJASYPT {

    private static String mpCryptoPassword = "BornToFight";

    public static void main(String[] args) {
        String value = "Original Text: Eclipse";

        System.out.println("Original Value : "+value);
        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
        encryptor.setPassword(mpCryptoPassword);
        String encryptedPassword = encryptor.encrypt(value);
        System.out.println(encryptedPassword);

        StandardPBEStringEncryptor decryptor = new StandardPBEStringEncryptor();
        decryptor.setPassword(mpCryptoPassword);
        System.out.println(decryptor.decrypt(encryptedPassword));
    }
}