1

如果{cipher}您的 spring-boot 应用程序属性文件中使用了加密文本。

application.yml或者application.properties

my.password='{cipher}68e78a954bfa0297ecc733`

以上是在 SpringBoot2 中开始失败并显示错误消息Cannot decrypt: key=my.password

堆栈跟踪

java.lang.IllegalStateException: Cannot decrypt: key=enterpriseInventoryService.password
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:292)
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.lambda$decrypt$0(EnvironmentDecryptApplicationInitializer.java:270)
    at java.util.LinkedHashMap.replaceAll(Unknown Source)
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:265)
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:190)
    at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.initialize(EnvironmentDecryptApplicationInitializer.java:124)
    at org.springframework.cloud.bootstrap.BootstrapApplicationListener$DelegatingEnvironmentDecryptApplicationInitializer.initialize(BootstrapApplicationListener.java:413)
    at org.springframework.boot.SpringApplication.applyInitializers(SpringApplication.java:623)
.
.
Caused by: java.lang.IllegalStateException: Unable to invoke Cipher due to bad padding
    at org.springframework.security.crypto.encrypt.CipherUtils.doFinal(CipherUtils.java:142)
4

1 回答 1

2

弹簧引导-1

以下任何一个 VM 参数都可以有效地提供密钥,以便 spring'{cipher}f75146b2d391aa6'在加载属性时可以解密。

  1. encrypt.key(默认密钥)
  2. 加密密钥
  3. 加密密钥
  4. 加密密钥
  5. 加密密钥
  6. 加密密钥
  7. 加密密钥

Spring 用于org.springframework.boot.bind.RelaxedPropertyResolver解析上述密钥以获取密钥,但此类已被弃用并在spring-boot-2.

spring-cloud-context-1.x.jar类中的代码片段org.springframework.cloud.bootstrap.encrypt.EncryptionBootstrapConfiguration

Environment environment = context.getEnvironment();
RelaxedPropertyResolver propertyResolver = new RelaxedPropertyResolver(environment);
hasProperty(propertyResolver, environment, "encrypt.key");

private boolean hasProperty(RelaxedPropertyResolver propertyResolver, Environment environment, String key) {
        String value = propertyResolver.getProperty(key);
        if (value == null) {
            return false;
        }
        return StringUtils.hasText(environment.resolvePlaceholders(value));
    }

弹簧引导-2

只有encrypt.key有效的 VM 参数才能传递密钥。

spring-cloud-context-2.x.jar类中的代码片段org.springframework.cloud.bootstrap.encrypt.EncryptionBootstrapConfiguration

Environment environment = context.getEnvironment();
hasProperty(environment, "encrypt.key");

private boolean hasProperty(Environment environment, String key) {
            String value = environment.getProperty(key);
            if (value == null) {
                return false;
            }
            return StringUtils.hasText(environment.resolvePlaceholders(value));
        }
于 2019-10-24T12:33:36.943 回答