当前位置:网站首页>Jasypt configuration file encryption | quick start | actual combat
Jasypt configuration file encryption | quick start | actual combat
2022-07-05 13:36:00 【Bulst】
List of articles
Jasypt (Java Simplified Encryption) It's a java library , It allows developers to add basic encryption capabilities to projects at minimal cost , There is no need to understand the working principle of cryptography .
Introduce dependencies
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.4</version>
</dependency>
take effect
If it's for spring boot Project configuration file encryption , No additional configuration is required , Start... On the class @SpringBootApplication It will be automatically injected into the program , Make it effective .
Scope
Specify the scope of the configuration file , Other configuration files are not affected jasypt influence
@Configuration
@EncryptablePropertySources({
@EncryptablePropertySource("classpath:sentinel-1.properties"),
@EncryptablePropertySource("classpath:sentinel-2.properties")
})
application
Tool class
import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
/** * @author issavior */
public class JasyptUtil {
/** * org.jasypt.encryption.StringEncryptor object */
private static StringEncryptor stringEncryptor = null;
public static StringEncryptor getInstance(String secretKey) throws Exception {
if (secretKey == null || secretKey.trim().equals("")) {
System.out.println(" The secret key cannot be empty !");
throw new Exception("org.jasypt.encryption.StringEncryptor The secret key cannot be empty !");
}
if (stringEncryptor == null) {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
// This secret key must be defined by ourselves
config.setPassword(secretKey);
config.setAlgorithm("PBEWITHHMACSHA512ANDAES_256");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
stringEncryptor = encryptor;
}
return stringEncryptor;
}
public static void main(final String[] args) {
// Secret key string
String secretKey = "[email protected]#";
// Plaintext password to be encrypted
String pass = "123456";
try {
StringEncryptor stringEncryptor = JasyptUtil.getInstance(secretKey);
String encryptPass = stringEncryptor.encrypt(pass);
System.out.println("【" + pass + "】 Encrypted into 【" + encryptPass + "】");
String clearPass = stringEncryptor.decrypt(encryptPass);
System.out.println("【" + encryptPass + "】 Decrypted as 【" + clearPass + "】");
} catch (Exception e) {
e.printStackTrace();
}
}
}
To configure
jasypt:
encryptor:
password: 123[email protected]#
my:
# Must use ENC() wrap up , such jasypt To recognize this password, decrypt it and then send it to the application
msg: ENC(PwyGulNOC9YERAC9A6zpH8Da1tn50dtgJ1XBqygkdNoBTkjmENd+F5yJJMp4sthf)
List of properties
Advanced
Its internal properties can be rewritten , Include ENC() etc. .
Yes, of course , Your salt and password must be stored separately , in other words , The encrypted password is configured in the configuration file , The encrypted salt can be placed on the startup parameters .
边栏推荐
- mysql econnreset_Nodejs 套接字报错处理 Error: read ECONNRESET
- Asemi rectifier bridge hd06 parameters, hd06 pictures, hd06 applications
- What happened to the communication industry in the first half of this year?
- stm32逆向入门
- 蜀天梦图×微言科技丨达梦图数据库朋友圈+1
- Integer = = the comparison will unpack automatically. This variable cannot be assigned empty
- 私有地址有那些
- Don't know these four caching modes, dare you say you understand caching?
- Shandong University Summer Training - 20220620
- Catch all asynchronous artifact completable future
猜你喜欢
Usage, installation and use of TortoiseSVN
redis6主从复制及集群
Idea设置方法注释和类注释
The real king of caching, Google guava is just a brother
Datapipeline was selected into the 2022 digital intelligence atlas and database development report of China Academy of communications and communications
Wonderful express | Tencent cloud database June issue
量价虽降,商业银行结构性存款为何受上市公司所偏爱?
Aikesheng sqle audit tool successfully completed the evaluation of "SQL quality management platform grading ability" of the Academy of communications and communications
Fragmented knowledge management tool memos
不知道这4种缓存模式,敢说懂缓存吗?
随机推荐
Aikesheng sqle audit tool successfully completed the evaluation of "SQL quality management platform grading ability" of the Academy of communications and communications
go 字符串操作
Talking about fake demand from takeout order
内网穿透工具 netapp
4年工作经验,多线程间的5种通信方式都说不出来,你敢信?
Matlab paper chart standard format output (dry goods)
Go pointer
Datapipeline was selected into the 2022 digital intelligence atlas and database development report of China Academy of communications and communications
#从源头解决# 自定义头文件在VS上出现“无法打开源文件“XX.h“的问题
Talk about seven ways to realize asynchronous programming
Summary and arrangement of JPA specifications
Shuttle INKWELL & ink components
Cloudcompare - point cloud slice
[server data recovery] a case of RAID5 data recovery stored in a brand of server
量价虽降,商业银行结构性存款为何受上市公司所偏爱?
Shandong University Summer Training - 20220620
The "Baidu Cup" CTF competition was held in February 2017, Web: explosion-2
面试官灵魂拷问:为什么代码规范要求 SQL 语句不要过多的 join?
"Baidu Cup" CTF competition in September, web:upload
【Hot100】33. Search rotation sort array