What is the correct way to configure a spring TextEncryptor for use on Heroku

Posted by Ollie Edwards on Stack Overflow See other posts from Stack Overflow or by Ollie Edwards
Published on 2012-09-27T11:09:14Z Indexed on 2012/09/27 15:37 UTC
Read the original article Hit count: 428

Filed under:
|

I have a spring TextEncryptor defined like this

<bean id="textEncryptor" class="org.springframework.security.crypto.encrypt.Encryptors"
                                                  factory-method="text">
        <constructor-arg value="${security.encryptPassword}" />
        <constructor-arg value="${security.encryptSalt}" />
</bean>

Which is fed these properties

security.encryptPassword=47582920264f212c566d5e5a6d
security.encryptSalt=39783e315e6a207e733d6f4141

Which works fine on my local environment. When I deploy to Heroku I get

java.lang.IllegalArgumentException: Unable to initialize due to invalid secret key
at org.springframework.security.crypto.encrypt.CipherUtils.initCipher(CipherUtils.java:110)
at org.springframework.security.crypto.encrypt.AesBytesEncryptor.encrypt(AesBytesEncryptor.java:65)
at org.springframework.security.crypto.encrypt.HexEncodingTextEncryptor.encrypt(HexEncodingTextEncryptor.java:36)
...
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:972)
at javax.crypto.Cipher.implInit(Cipher.java:738)
at javax.crypto.Cipher.chooseProvider(Cipher.java:797)
at javax.crypto.Cipher.init(Cipher.java:1276)
at javax.crypto.Cipher.init(Cipher.java:1215)
at org.springframework.security.crypto.encrypt.CipherUtils.initCipher(CipherUtils.java:105)
... 53 more

So I tried some smaller keys but I always get the same problem. What is the correct key size to use on Heroku?

© Stack Overflow or respective owner

Related posts about heroku

Related posts about spring-security