Search code examples
encryptionmulepublic-key-encryptionpgp

PGP with empty passphrase fails in Mule

I'm trying to create an encryption-decryption service in Mule using PGP. As I created my key pair without a passphrase (since this is just a proof of concept), naturally I am not setting it in my config. However it seems Mule is enforcing a non-empty passphrase.

The error I'm getting:

    ERROR 2015-02-23 14:19:31,509 [[mule-pgp].HTTP_Listener_Configuration.worker.01] org.mule.exception.DefaultMessagingExceptionStrategy: 
********************************************************************************
Message               : Crypto Failure
Code                  : MULE_ERROR-111
--------------------------------------------------------------------------------
Exception stack is:
1. The password should not be null (java.lang.IllegalArgumentException)
  org.apache.commons.lang.Validate:203 (null)
2. Crypto Failure (org.mule.api.security.CryptoFailureException)
  org.mule.module.pgp.KeyBasedEncryptionStrategy:75 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/security/CryptoFailureException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
java.lang.IllegalArgumentException: The password should not be null
    at org.apache.commons.lang.Validate.notNull(Validate.java:203)
    at org.mule.module.pgp.DecryptStreamTransformer.<init>(DecryptStreamTransformer.java:56)
    at org.mule.module.pgp.KeyBasedEncryptionStrategy.decrypt(KeyBasedEncryptionStrategy.java:69)
    + 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************

Is there any way to get around this? I tried setting a space for the passphrase but no cigar.

Solution

  • The source code shows a bunch of validations that can't be bypassed:

    Validate.notNull(toBeDecrypted, "The toBeDecrypted should not be null");
Validate.notNull(publicKey, "The publicKey should not be null");
Validate.notNull(secretKey, "The secretKey should not be null");
Validate.notNull(password, "The password should not be null");
Validate.notNull(provider, "The security provider can't be null");

    So the only workaround for your problem I can think of is to actually use a passphrase.