We are transferring data from the old Java application to our new .NET application. The Java application has a MySQL backend, and the .NET application has an end to SQL Server. We have the full source code and configuration files for both, but not one of the developers who worked on the Java application is still in the company, and we have to reconstruct part of the logic for data transfer. We have most of the data moved properly in our tests. But there is one column with encrypted values that we are having problems with.
As far as I can tell, no methods are explicitly called in a Java application to encrypt or decrypt a column when it is accessed. Rather, the encryption seems to occur automatically inside the ORM used to access the data (Hibernate). I found an XML file with a name /entities/TABLENAME.hbm.xmlwhich, in my opinion, is the Hibernate model definition for the column. The corresponding lines inside the XML file are as follows:
<property name="columnname" type="stringEncrypted">
<column name="TBL_COLUMNNAME" not-null="false" unique="false" sql-type="VARCHAR(255)"/>
</property>
Please note that type stringEncrypted. The definition stringEncryptedappears to be in /entities/global/User.hbm.xml, as shown below:
<typedef name="stringEncrypted" class="org.jasypt.hibernate.type.EncryptedStringType">
<param name="encryptorRegisteredName">stringEncrypter</param>
</typedef>
And then the settings are stringEncrypterdisplayed /webapp/resources/spring/CompanyName-encryption.xmlas follows (sanitized, of course):
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="stringEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="password">
<value>PASSWORD</value>
</property>
<property name="algorithm">
<value>PBEWithMD5AndDES</value>
</property>
<property name="saltGenerator">
<ref bean="fixedStringSaltGenerator"/>
</property>
</bean>
<bean id="fixedStringSaltGenerator" class="org.jasypt.salt.FixedStringSaltGenerator">
<property name="salt">
<value>SALTSALTSALTSALTSALTSALTSALTSALTSALT</value>
</property>
</bean>
<bean id="hibernateEncryptor" class="org.jasypt.hibernate.encryptor.HibernatePBEStringEncryptor">
<property name="registeredName">
<value>stringEncrypter</value>
</property>
<property name="encryptor">
<ref bean="stringEncryptor" />
</property>
</bean>
</beans>
, , , PBEWithMD5AndDES - , PASSWORD SALTSALTSALTSALTSALTSALTSALTSALTSALT. , : .NET?
- PKCSKeyGenerator, . , .NET:
string encryptedInput = "mG5bz6duwBL3jVCLKyI8Zw==";
string saltString = "SALTSALTSALTSALTSALTSALTSALTSALTSALT";
string keyString = "PASSWORD";
byte[] saltBytes = new byte[saltString.Length * sizeof(char)];
System.Buffer.BlockCopy(saltString.ToCharArray(), 0, saltBytes, 0, saltBytes.Length);
PKCSKeyGenerator crypto = new PKCSKeyGenerator(
keyString,
saltBytes,
13, 1);
ICryptoTransform ct = crypto.Decryptor;
byte[] cipherBytes = Convert.FromBase64String(encryptedInput);
byte[] clearBytes = ct.TransformFinalBlock(cipherBytes, 0, cipherBytes.Length);
string clearString = Encoding.Unicode.GetString(clearBytes);
, :
CryptographicException: Bad Data
, Java , , PKCSKeyGenerator, . . - ? .