Currently the code uses system call "php -r ...mcrypt_decrypt..." to decrypt settings stored in a encset field (http://drupal.org/node/1133302). This is problematic because remote system needs to have PHP mcrypt environment. Besides, the system call might fail unexpectedly.

Using java.security has these problems:
1. padding issue
2. don't know how to Cipher.getInstance() and cipher.init().