问题描述
我正在使用Jasypt将数据库密码以非明文格式存储在休眠配置文件中.
I am using Jasypt to store our database passwords in our hibernate config file in non-clear-text format.
例如代替
<property name="hibernate.connection.username">user1</property>
<property name="hibernate.connection.password">password1</property>
我想要类似的东西
<property name="hibernate.connection.username">user1</property>
<property name="hibernate.connection.password">ENC(0HY4F73HFPQ85CN)</property>
我正在使用PBEWITHMD5ANDTRIPLEDES算法.我正在阅读它,看来这可能需要安装JCE或管辖权政策"扩展.我的问题是,如果我在PBE算法列表中看到了这些东西,是否已经安装了这些东西?
I am using the PBEWITHMD5ANDTRIPLEDES algorithm. I was reading up on it, and it seems that this may require installing a JCE, or a 'Jurisdiction Policy' extension. My question is, are these things already installed if I see this in my list of PBE Algorithms?
我运行了listAlgorithms.bat脚本:
I ran the listAlgorithms.bat script:
C:\dev\jasypt-1.9.1\bin>listAlgorithms.bat
DIGEST ALGORITHMS: [MD2, MD5, SHA, SHA-256, SHA-384, SHA-512]
PBE ALGORITHMS: [PBEWITHMD5ANDDES, PBEWITHMD5ANDTRIPLEDES, PBEWITHSHA1ANDDESEDE, PBEWITHSHA1ANDRC2_40]
但是当我尝试加密密码时,我收到一条非常无用的错误消息:
But when I try to encrypt my password, I get a very unhelpful error message:
C:\dev\jasypt-1.9.1\bin>encrypt.bat input=etrading_rw_123 password=encryptionkey algorithm=PBEWITHMD5ANDTRIPLEDES
----ENVIRONMENT-----------------
Runtime: Sun Microsystems Inc. Java HotSpot(TM) Client VM 20.14-b01
----ARGUMENTS-------------------
algorithm: PBEWITHMD5ANDTRIPLEDES
input: etrading_rw_123
password: encryptionkey
----ERROR-----------------------
Operation not possible (Bad input or parameters)
如果我使用algorithm = PBEWITHMD5ANDDES运行相同的脚本,则可以正常工作. 支持的算法"列表实际上是指如果启用这些算法将支持的算法",而不是适合使用的算法"?
If I run the same script with algorithm=PBEWITHMD5ANDDES, it works fine. Does the list of 'supported algorithms' actually mean 'algorithms that would be supported if you enabled them' rather than 'algorithms that are good to go'?
我正在使用Java版本:
I am using Java version:
java version "1.6.0_17"
Java(TM) SE Runtime Environment (build 1.6.0_17-b04)
Java HotSpot(TM) Client VM (build 14.3-b01, mixed mode, sharing)
推荐答案
- Java密码学扩展(JCE)无限强度管辖策略(小下载)可以启用强度更高的算法.
https://www.oracle .com/technetwork/java/javase/downloads/jce-all-download-5170447.html
仅供参考:JDK 9和更高版本附带无限制的策略文件,并在默认情况下使用.
FYI:JDK 9 and later ship with, and use by default, the unlimited policy files.
仅对于早于8u161、7u171和6u181的JDK 8、7和6更新,才需要上述早期版本的不受限制的策略文件.在那些版本和更高版本中,策略文件已包括在内,但默认情况下未启用.
The unlimited policy files for earlier releases available above are required only for JDK 8, 7, and 6 updates earlier than 8u161, 7u171, and 6u181. On those versions and later the policy files are included, but not enabled by default.
有关详细信息,请参见JDK-8170157. https://bugs.java.com/bugdatabase/view_bug.do? bug_id = JDK-8170157
See JDK-8170157 for details.https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8170157
- 另一个问题可能是您的
JAVA_HOME环境变量指向的是较旧 Java版本.如果该环境变量存在,Jasypt的bin/*.sh和* .cmd脚本将使用$JAVA_HOME/bin/java或%JAVA_HOME%\bin\java.
- Another issue, could be that your
JAVA_HOMEenvironment variable points to an older Java version. Jasypt's bin/*.sh and *.cmd scripts uses$JAVA_HOME/bin/javaor%JAVA_HOME%\bin\javaif that environment variable exists.
这篇关于命令行Jasypt客户端加密“无法操作"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!