Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: jboss-fuse-6.2.1
Affects Version/s: jboss-fuse-6.2
Component/s: Security
Labels:
None

Affects:

Documentation (Ref Guide, User Guide, etc.)
Fuse Progress Bar:

% %
Steps to Reproduce:
Hide

Follow the steps outlined in section 2.3 of the Fuse 6.2 Security Guide (1) to encrypt a property placeholder in the activemq.xml file. Choose one of the stronger ciphers like, PBEWITHHMACSHA224ANDAES_128. When starting the Fuse container, the broker will not start because of the following exception:

org.jasypt.exceptions.EncryptionOperationNotPossibleException at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:1055)[26:org.apache.servicemix.bundles.jasypt:1.9.2.1] at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:725)[26:org.apache.servicemix.bundles.jasypt:1.9.2.1] at org.jasypt.properties.PropertyValueEncryptionUtils.decrypt(PropertyValueEncryptionUtils.java:72)[26:org.apache.servicemix.bundles.jasypt:1.9.2.1] at org.jasypt.spring31.properties.EncryptablePropertyPlaceholderConfigurer.convertPropertyValue(EncryptablePropertyPlaceholderConfigurer.java:109)[187:org.apache.servicemix.bundles.jasypt-spring31:1.9.2.1]

If you revert back to one of the weaker ciphers, the exception no longer occurs. I have attached an example activemq.xml and corresponding properties file that includes the encrypted password.

(1) https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.2/html/Security_Guide/FMQSecurityEncryptProperties.html
Show
Follow the steps outlined in section 2.3 of the Fuse 6.2 Security Guide (1) to encrypt a property placeholder in the activemq.xml file. Choose one of the stronger ciphers like, PBEWITHHMACSHA224ANDAES_128. When starting the Fuse container, the broker will not start because of the following exception: org.jasypt.exceptions.EncryptionOperationNotPossibleException at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:1055)[26:org.apache.servicemix.bundles.jasypt:1.9.2.1] at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:725)[26:org.apache.servicemix.bundles.jasypt:1.9.2.1] at org.jasypt.properties.PropertyValueEncryptionUtils.decrypt(PropertyValueEncryptionUtils.java:72)[26:org.apache.servicemix.bundles.jasypt:1.9.2.1] at org.jasypt.spring31.properties.EncryptablePropertyPlaceholderConfigurer.convertPropertyValue(EncryptablePropertyPlaceholderConfigurer.java:109)[187:org.apache.servicemix.bundles.jasypt-spring31:1.9.2.1] If you revert back to one of the weaker ciphers, the exception no longer occurs. I have attached an example activemq.xml and corresponding properties file that includes the encrypted password. (1) https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.2/html/Security_Guide/FMQSecurityEncryptProperties.html

SFDC Cases Counter:
SFDC Cases Links:

Description

Not all the cipher algorithms listed by jasypt-1.9.2/bin/listAlgothims.sh work for encrypting property placeholders.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

activemq.xml
6 kB
2015/07/23 1:13 PM
myamq.properties
0.0 kB
2015/07/23 1:13 PM

Issue Links

relates to

ENTESB-9727 Please ship org.apache.servicemix.bundles.jasypt-1.9.3.redhat_3.jar or get associated fixes

Closed

Activity

People

Assignee:: William Collins (Inactive)

Reporter:: Travis North (Inactive)

Tester:: Tomas Plevko

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2015/07/23 1:11 PM

Updated:: 2018/11/02 10:42 AM

Resolved:: 2015/08/21 3:55 PM