Created
October 29, 2019 05:57
-
-
Save ashutosh049/d714f921c7b4e2e4a741051b737abf33 to your computer and use it in GitHub Desktop.
Spring Boot Encryption with JASYPT
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
visit: https://stackoverflow.com/a/58601972/5324721 | |
generated encrypted string from command does not give desired result as it can not encrypt special chards like "!".and gives error "event not found" | |
> KAD@ashutosh MINGW64 ~/Desktop | |
> $ java -cp | |
> ~/.m2/repository/org/jasypt/jasypt/1.9.3/jasypt-1.9.3.jar | |
> org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI | |
> input="Test!email30#password" password="some_salt" | |
> algorithm=PBEWithMD5AndDES | |
> bash: !email30#password: event not found | |
Here is an example using `org.jasypt.util.text.AES256TextEncryptor` | |
This is a utility class for easily performing `high-strength encryption of texts`. | |
This class internally holds a `StandardPBEStringEncryptor` configured this way: | |
- Algorithm: `PBEWithHMACSHA512AndAES_256`. | |
- Key obtention iterations: `1000`. | |
The required steps to use it are: | |
1. Create an instance (using new). | |
2. Set a password (using setPassword(String) or setPasswordCharArray(char[])). | |
3. Perform the desired encrypt(String) or decrypt(String) operations. | |
**pom.xml:** | |
<dependency> | |
<groupId>com.github.ulisesbocchio</groupId> | |
<artifactId>jasypt-spring-boot-starter</artifactId> | |
<version>2.1.2</version> | |
</dependency> | |
You can use jasypt latest 2.1.2(with boot 2.1.1) or `jasypt-1.9.3.jar`. | |
**Java Code:** | |
import org.jasypt.util.text.AES256TextEncryptor; | |
import java.security.NoSuchAlgorithmException; | |
public class JasyptPasswordEcryptor { | |
public static void main(String[] args) throws NoSuchAlgorithmException { | |
String password = "Test!email30#password"; | |
AES256TextEncryptor encryptor = new AES256TextEncryptor(); | |
encryptor.setPassword("some_salt"); | |
String myEncryptedText = encryptor.encrypt(password); | |
System.out.println("Encrypted: "+myEncryptedText); | |
String plainText = encryptor.decrypt(myEncryptedText); | |
System.out.println("Decrypted: "+plainText); | |
} | |
} | |
**Output:** | |
> Encrypted: | |
> fureWQHrflMinY+KBOcNeJyYmQv+7Ung/IclGz3iSBYKqTNdgslADg+TMcfFI/unaqZ/P3kDGPco2jZ4vIhrFw== | |
> Decrypted: Test!email30#password | |
**Spring Boot Integration:** | |
You can use `@EnableEncryptableProperties` in your any configuration class or `@SpringBootApplication`. See example: | |
import com.ulisesbocchio.jasyptspringboot.annotation.EnableEncryptableProperties; | |
import org.springframework.boot.SpringApplication; | |
import org.springframework.boot.autoconfigure.SpringBootApplication; | |
import org.springframework.boot.autoconfigure.domain.EntityScan; | |
import org.springframework.context.annotation.ComponentScan; | |
import org.springframework.data.jpa.repository.config.EnableJpaRepositories; | |
import org.springframework.transaction.annotation.EnableTransactionManagement; | |
@EnableEncryptableProperties | |
@SpringBootApplication | |
@ComponentScan(basePackages = {"com.company"}) | |
@EntityScan(basePackages = {"com.company.persistence.entities"}) | |
@EnableJpaRepositories(value = {"com.company.persistence.repository"}) | |
@EnableTransactionManagement | |
public class Application { | |
public static void main(String[] args) { | |
SpringApplication.run(Application.class, args); | |
} | |
} | |
**And in any properties/yml file:** | |
email: | |
password: | |
# DO-NOT-USE/REMOVE THIS | |
plain: 'Test!email30#password' | |
# use this encrypted one | |
encrypted: ENC(fureWQHrflMinY+KBOcNeJyYmQv+7Ung/IclGz3iSBYKqTNdgslADg+TMcfFI/unaqZ/P3kDGPco2jZ4vIhrFw==) | |
jasypt: | |
encryptor: | |
password: some_salt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment