0

I'm trying to configure Jasypt StandardPBEStringEncryptor using the following code.

StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
strongEncryptor.setAlgorithm(ALGORITHM);
strongEncryptor.setPassword(PASSWORD);

And then call the encrypt() and decrypt() methods of the 'strongEncryptor' to perform the encryption and decryption operations.

Is it possible or is there a way I can configure the Jasypt encryptor using my own SecretKey instead of setting a password?

Like in Java Cipher, we do...

Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, MY_SECRET_KEY);

I see that Jasypt internally uses the String password to create the SecretKey and initiate the Java Cipher. Is it possible to provide my Key here?

always_a_rookie
  • 4,515
  • 1
  • 25
  • 46

1 Answers1

0

PBE stands for Password Based Encryption.

That means instead of requiring a SecretKey it needs a passphrase which will then be used to generate the key by hashing it many times.

So manually settings the SecretKey for a PBE-encryption would invalidate it's purpose. For exactly that reason StandardPBEStringEncryptor does not allow this. (see it's doc for more information)

If you want to use your own SecretKey, simply use a standard encryption function.

i_turo
  • 2,679
  • 1
  • 13
  • 15