前幾天分享了一篇《Spring Boot 2.x基礎教程:加密配置中的敏感信息》 ,然后看到群里有小伙伴反應跟着這篇文章出現了這個異常com.ulisesbocchio.jasyptspringboot.exception.DecryptionException: Unable to decrypt。
具體完整的錯誤信息如下:
Caused by: com.ulisesbocchio.jasyptspringboot.exception.DecryptionException: Unable to decrypt: ENC(/AL9nJENCYCh9Pfzdf2xLPsqOZ6HwNgQ3AnMybFAMeOM5GphZlOK6PxzozwtCm+Q). Decryption of Properties failed, make sure encryption/decryption passwords match
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.lambda$resolvePropertyValue$0(DefaultPropertyResolver.java:46) ~[jasypt-spring-boot-3.0.3.jar:na]
at java.util.Optional.map(Optional.java:215) ~[na:1.8.0_151]
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.resolvePropertyValue(DefaultPropertyResolver.java:40) ~[jasypt-spring-boot-3.0.3.jar:na]
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultLazyPropertyResolver.resolvePropertyValue(DefaultLazyPropertyResolver.java:50) ~[jasypt-spring-boot-3.0.3.jar:na]
at com.ulisesbocchio.jasyptspringboot.EncryptablePropertySource.getProperty(EncryptablePropertySource.java:20) ~[jasypt-spring-boot-3.0.3.jar:na]
at com.ulisesbocchio.jasyptspringboot.caching.CachingDelegateEncryptablePropertySource.getProperty(CachingDelegateEncryptablePropertySource.java:41) ~[jasypt-spring-boot-3.0.3.jar:na]
at com.ulisesbocchio.jasyptspringboot.wrapper.EncryptableMapPropertySourceWrapper.getProperty(EncryptableMapPropertySourceWrapper.java:31) ~[jasypt-spring-boot-3.0.3.jar:na]
at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty(PropertySourcesPropertyResolver.java:85) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty(PropertySourcesPropertyResolver.java:62) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.core.env.AbstractEnvironment.getProperty(AbstractEnvironment.java:588) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.context.support.PropertySourcesPlaceholderConfigurer$1.getProperty(PropertySourcesPlaceholderConfigurer.java:137) ~[spring-context-5.3.8.jar:5.3.8]
at org.springframework.context.support.PropertySourcesPlaceholderConfigurer$1.getProperty(PropertySourcesPlaceholderConfigurer.java:133) ~[spring-context-5.3.8.jar:5.3.8]
at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty(PropertySourcesPropertyResolver.java:85) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.core.env.PropertySourcesPropertyResolver.getPropertyAsRawString(PropertySourcesPropertyResolver.java:74) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.util.PropertyPlaceholderHelper.parseStringValue(PropertyPlaceholderHelper.java:159) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.util.PropertyPlaceholderHelper.replacePlaceholders(PropertyPlaceholderHelper.java:126) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.core.env.AbstractPropertyResolver.doResolvePlaceholders(AbstractPropertyResolver.java:239) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.core.env.AbstractPropertyResolver.resolveRequiredPlaceholders(AbstractPropertyResolver.java:210) ~[spring-core-5.3.8.jar:5.3.8]
at org.springframework.context.support.PropertySourcesPlaceholderConfigurer.lambda$processProperties$0(PropertySourcesPlaceholderConfigurer.java:175) ~[spring-context-5.3.8.jar:5.3.8]
at org.springframework.beans.factory.support.AbstractBeanFactory.resolveEmbeddedValue(AbstractBeanFactory.java:936) ~[spring-beans-5.3.8.jar:5.3.8]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1321) ~[spring-beans-5.3.8.jar:5.3.8]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1300) ~[spring-beans-5.3.8.jar:5.3.8]
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.resolveFieldValue(AutowiredAnnotationBeanPostProcessor.java:657) ~[spring-beans-5.3.8.jar:5.3.8]
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:640) ~[spring-beans-5.3.8.jar:5.3.8]
at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:119) ~[spring-beans-5.3.8.jar:5.3.8]
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessProperties(AutowiredAnnotationBeanPostProcessor.java:399) ~[spring-beans-5.3.8.jar:5.3.8]
... 69 common frames omitted
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException: null
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:1165) ~[jasypt-1.9.3.jar:na]
at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:738) ~[jasypt-1.9.3.jar:na]
at org.jasypt.encryption.pbe.PooledPBEStringEncryptor.decrypt(PooledPBEStringEncryptor.java:511) ~[jasypt-1.9.3.jar:na]
at com.ulisesbocchio.jasyptspringboot.encryptor.DefaultLazyEncryptor.decrypt(DefaultLazyEncryptor.java:57) ~[jasypt-spring-boot-3.0.3.jar:na]
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.lambda$resolvePropertyValue$0(DefaultPropertyResolver.java:44) ~[jasypt-spring-boot-3.0.3.jar:na]
... 94 common frames omitted
直接根據錯誤信息的描述來判斷,就是解密失敗了。
下面整理一下可能產生解密失敗的幾種可能:
第一種:推測解密失敗的原因是加密和解密使用的密鑰不一致,也就是jasypt.encryptor.password的配置和使用插件時候的參數傳的不同。
第二種:沒有安裝不限長度的JCE版本(Unlimited Strength Java Cryptography Extension)。因為DD以前在用Spring Cloud Config的時候已經裝過了,所以在寫之前這個案例的時候沒有提到這點,應該一些還沒有接觸Spring Cloud的讀者通常都是這個原因導致。其實這個在之前的《分布式配置中心(加密解密)》 一文中提過,但因為不屬於一個系列內容,這里所以再提一下。
我們可以從Oracle的官方網站中下載你所用Java版本對應的JCE安裝包,比如:JCE8下載地址。它是一個壓縮包,解壓后可以看到下面三個文件:
README.txt
local_policy.jar
US_export_policy.jar
我們需要將local_policy.jar和US_export_policy.jar兩個文件復制到$JAVA_HOME/jre/lib/security目錄下,覆蓋原來的默認內容,這樣加密解密的准備工作就完成了。 最后如果你在學習Spring Boot,再推薦一下這個從2016年連載至今的系列教程點擊直達,歡迎收藏與轉發!如果學習過程中如遇困難?可以加入我們 Spring技術交流群 ,參與交流與討論,更好的學習與進步!
歡迎關注我的公眾號:程序猿DD,分享外面看不到的干貨與思考!