The company I work for had a portal written for them that is written in Java. They are using Jasypt PBE to encrypt birtdates, driver's license numbers and social security numbers. I need to decrypt this data from a windows application that I am writing (not in Java). I am attempting to use an ActiveX control from Chilkat to do the decryption (and encryption) in this application. I am unable to figure out how to go about the decryption and the people who wrote the portal are not all that helpful.
I believe the data in the database has the "salt" appended to the front of the encrypted data. It is supposed to be base64 encoded. I know the password used to encrypt it. The people who wrote the portal said that they think the first 8 characters of the encrypted data string is the salt. They think I need to base64 decode the data, then use the first 8 characters as the salt and the remaining data as the data to be decrypted. They think the iteration count is 1000. (Which I don't think I need to decrypt. That is only used when generating a new salt, right?) They said Jasypt uses "PBEWithMD5AndDES", which I'm thinking means MD5 hash algorithm for the salt generation and DES for the actual data encryption algorithm.
There appears to be 2 versions of PBE encryption and they can't tell me which one is being used. They don't know what the key length should be (they think it might be 128).
I've tried every combination of parameters that I can come up with but I am getting no where on this and I've spent many days on it already. Can anybody point me in the right direction?
Is there an ActiveX control available that handles this for me in the same manner that it is done in Java?
I have used the Jasypt CLI and it works for my testing but is not a viable solution for the production environment.
Thanks for your time and consideration,
Larry
