Re: Query for way to use Karaf 4.4.3 Jaas with jasypt encryption

[Jean-Baptiste Onofré]

Hi

Do you have the jasypt feature installed ?

Regards
JB

On Fri, Jul 21, 2023 at 10:35 AM Patange, Sneha via user
 wrote:
>
> Hello Team,
>
>  I am using Karaf 4.4.3 version for my application. My 
> application is java(17) based which is using the karaf osgi environment for 
> deployment and running. Recently there is a requirement for securing 
> sensitive information of bundle configuration files which contains mainly 
> password. From analysis, I came to know that we can use karaf jaas for 
> encryption and decryption as well.
>
>
>
> To enable encryption via jaas using jasypt encryption I have done the 
> following things,
>
>
>
> Added dependency of jaas jasypt to karaf pom.xml
>
>
>
> 
>
> org.apache.karaf.jaas
>
> org.apache.karaf.jaas.jasypt
>
> 4.4.3
>
> test
>
> 
>
>
>
> Also changed the properties of /etc/org.apache.karaf.jaas.cfg file as follows,
>
>
>
>   encryption.name=jasypt
>
>   encryption.algorithm = SHA-256
>
>   encryption.encoding = hexadecimal
>
>   encryption.prefix = {CRYPT}
>
>   encryption.suffix = {CRYPT}
>
> config.file = /opt/icom/conf/myconfig.cfg
>
>
>
> Changed the configuration file property for which the encryption is required 
> such as,
>
>
>
> # /opt/icom/conf/myconfig.cfg
>
> password=ENC(SHA-256:password)
>
>
>
> I have built the karaf assembly with the added dependency and started the 
> karaf.
>
>
>
> Got the below issue in karaf shell,
>
>
>
> Exception in thread "encryption-2-thread-1" Exception in thread 
> "encryption-1-thread-1" java.lang.IllegalStateException: Encryption service 
> jasypt not found. Please check that the encryption service is correctly set 
> up.
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryptionInternal(EncryptionSupport.java:137)
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryption(EncryptionSupport.java:123)
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.encrypt(EncryptionSupport.java:74)
>
> at 
> org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.encryptedPassword(AutoEncryptionSupport.java:138)
>
> at 
> org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.run(AutoEncryptionSupport.java:90)
>
> at 
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
>
> at 
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
>
> at java.base/java.lang.Thread.run(Thread.java:833)
>
> java.lang.IllegalStateException: Encryption service jasypt not found. Please 
> check that the encryption service is correctly set up.
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryptionInternal(EncryptionSupport.java:137)
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryption(EncryptionSupport.java:123)
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.encrypt(EncryptionSupport.java:74)
>
> at 
> org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.encryptedPassword(AutoEncryptionSupport.java:138)
>
> at 
> org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.run(AutoEncryptionSupport.java:90)
>
> at 
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
>
> at 
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
>
> at java.base/java.lang.Thread.run(Thread.java:833)
>
> Exception in thread "encryption-3-thread-1" java.lang.IllegalStateException: 
> Encryption service jasypt not found. Please check that the encryption service 
> is correctly set up.
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryptionInternal(EncryptionSupport.java:137)
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryption(EncryptionSupport.java:123)
>
> at 
> org.apache.karaf.jaas.modules.encryption.EncryptionSupport.encrypt(EncryptionSupport.java:74)
>
> at 
> org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.encryptedPassword(AutoEncryptionSupport.java:138)
>
> at 
> org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.run(AutoEncryptionSupport.java:90)
>
> at 
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
>
> at 
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
>
> at java.base/java.lang.Thread.run(Thread.java:833)
>
>
>
> I have dug down more to resolve the issue. Come to know that I also need to 
> define and register a StringEncryptor service. How can I register it without 
> blueprint.xml configuration?
>
>
>
> am I missing something to do? Please let me know the exact way of doing it. 
> Please help me to resolve the issue. I am 

Query for way to use Karaf 4.4.3 Jaas with jasypt encryption

[Patange, Sneha via user]

Hello Team,
 I am using Karaf 4.4.3 version for my application. My 
application is java(17) based which is using the karaf osgi environment for 
deployment and running. Recently there is a requirement for securing sensitive 
information of bundle configuration files which contains mainly password. >From 
analysis, I came to know that we can use karaf jaas for encryption and 
decryption as well.

To enable encryption via jaas using jasypt encryption I have done the following 
things,


  1.  Added dependency of jaas jasypt to karaf pom.xml





org.apache.karaf.jaas

org.apache.karaf.jaas.jasypt

4.4.3

test





  1.  Also changed the properties of /etc/org.apache.karaf.jaas.cfg file as 
follows,


  encryption.name=jasypt
  encryption.algorithm = SHA-256
  encryption.encoding = hexadecimal
  encryption.prefix = {CRYPT}
  encryption.suffix = {CRYPT}

config.file = /opt/icom/conf/myconfig.cfg


  1.  Changed the configuration file property for which the encryption is 
required such as,



# /opt/icom/conf/myconfig.cfg

password=ENC(SHA-256:password)



  1.  I have built the karaf assembly with the added dependency and started the 
karaf.

Got the below issue in karaf shell,

Exception in thread "encryption-2-thread-1" Exception in thread 
"encryption-1-thread-1" java.lang.IllegalStateException: Encryption service 
jasypt not found. Please check that the encryption service is correctly set up.
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryptionInternal(EncryptionSupport.java:137)
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryption(EncryptionSupport.java:123)
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.encrypt(EncryptionSupport.java:74)
at 
org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.encryptedPassword(AutoEncryptionSupport.java:138)
at 
org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.run(AutoEncryptionSupport.java:90)
at 
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at 
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:833)
java.lang.IllegalStateException: Encryption service jasypt not found. Please 
check that the encryption service is correctly set up.
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryptionInternal(EncryptionSupport.java:137)
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryption(EncryptionSupport.java:123)
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.encrypt(EncryptionSupport.java:74)
at 
org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.encryptedPassword(AutoEncryptionSupport.java:138)
at 
org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.run(AutoEncryptionSupport.java:90)
at 
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at 
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:833)
Exception in thread "encryption-3-thread-1" java.lang.IllegalStateException: 
Encryption service jasypt not found. Please check that the encryption service 
is correctly set up.
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryptionInternal(EncryptionSupport.java:137)
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.getEncryption(EncryptionSupport.java:123)
at 
org.apache.karaf.jaas.modules.encryption.EncryptionSupport.encrypt(EncryptionSupport.java:74)
at 
org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.encryptedPassword(AutoEncryptionSupport.java:138)
at 
org.apache.karaf.jaas.modules.properties.AutoEncryptionSupport.run(AutoEncryptionSupport.java:90)
at 
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at 
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at java.base/java.lang.Thread.run(Thread.java:833)

I have dug down more to resolve the issue. Come to know that I also need to 
define and register a StringEncryptor service. How can I register it without 
blueprint.xml configuration?

am I missing something to do? Please let me know the exact way of doing it. 
Please help me to resolve the issue. I am waiting for your answer.

Thanks & regards,
Sneha Patange




This transmission is intended solely for the addressee and contains 
confidential information.
If you are not the intended recipient, please immediately inform the sender and 
delete the message and any attachments from your system.
Furthermore, please do not copy the message or disclose the contents to anyone 
unless agreed otherwise.