摘要
添加依赖
1
| implementation 'com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.3'
|
配置文件
1 2 3 4 5 6 7 8 9 10 11 12 13
| jasypt: encryptor: algorithm: PBEWithMD5AndDES password: 123456 property: prefix: ENC( suffix: ) iv-generator-classname: org.jasypt.iv.RandomIvGenerator
|
可用属性
Key |
Required |
Default Value |
jasypt.encryptor.password |
True |
- |
jasypt.encryptor.algorithm |
False |
PBEWITHHMACSHA512ANDAES_256 |
jasypt.encryptor.key-obtention-iterations |
False |
1000 |
jasypt.encryptor.pool-size |
False |
1 |
jasypt.encryptor.provider-name |
False |
SunJCE |
jasypt.encryptor.provider-class-name |
False |
null |
jasypt.encryptor.salt-generator-classname |
False |
org.jasypt.salt.RandomSaltGenerator |
jasypt.encryptor.iv-generator-classname |
False |
org.jasypt.iv.RandomIvGenerator |
jasypt.encryptor.string-output-type |
False |
base64 |
jasypt.encryptor.proxy-property-sources |
False |
false |
jasypt.encryptor.skip-property-sources |
False |
empty list |
生成密文
1 2 3 4 5 6 7
| # jar下载地址:https://repo1.maven.org/maven2/org/jasypt/jasypt/1.9.3/jasypt-1.9.3.jar # 实际上使用maven或者gradle配置jasypt-spring-boot-starter依赖后,这个jar就已经下载到本地仓库了,去本地仓库找找吧 #加密 java -cp jasypt-1.9.3.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI password=123456 algorithm=PBEWithMD5AndDES ivGeneratorClassName=org.jasypt.iv.RandomIvGenerator input=newpwd
#解密 java -cp jasypt-1.9.3.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI password=123456 algorithm=PBEWithMD5AndDES ivGeneratorClassName=org.jasypt.iv.RandomIvGenerator input=BwNPdUi+syCTKFj/nlbI5fAtGUKuhN8r
|
属性加密
1 2 3 4 5 6 7 8 9 10 11 12
| spring:
datasource: url: jdbc:mysql://localhost:3306/springboot?useUnicode=true&characterEncoding=utf-8&useTimezone=true&serverTimezone=GMT%2B8 username: root password: ENC(BwNPdUi+syCTKFj/nlbI5fAtGUKuhN8r) driver-class-name: com.mysql.cj.jdbc.Driver
redis: host: 127.0.0.1 password: ENC(FE4cpSc+2u9NFEY+Q5n9kNSxW6BUiNXGNTUPuhoQbPA=)
|
说明
- 配置文件将需要加密的属性使用
ENC(密文)
的方式进行配置,密文前缀和后缀可以在配置文件中进行配置
- jasypt-spring-boot-starter在服务运行时会自动对密文进行解密处理
密钥传递方式
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
| #1.启动参数 java -jar jasypt-spring-boot-demo.jar --jasypt.encryptor.password=password
#2.系统属性 java -Djasypt.encryptor.password=password -jar jasypt-spring-boot-demo.jar
#3.环境变量 jasypt: encryptor: password: ${JASYPT_ENCRYPTOR_PASSWORD:}
JASYPT_ENCRYPTOR_PASSWORD=password java -jar jasypt-spring-boot-demo.jar
#也可以先设置环境变量 export JASYPT_ENCRYPTOR_PASSWORD=password java -jar jasypt-spring-boot-demo.jar
|
代码中使用Jasypt
1 2 3 4 5 6 7 8 9 10 11 12 13 14
|
@Resource private StringEncryptor stringEncryptor;
public void StringEncryptor() { String encrypt = stringEncryptor.encrypt("newpwd"); System.out.println(encrypt);
String decrypt = stringEncryptor.decrypt(encrypt); System.out.println(decrypt); }
|
非springboot项目
依赖
1
| implementation 'org.jasypt:jasypt:1.9.3'
|
工具类
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73
| package com.example.utils;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor; import org.jasypt.encryption.pbe.StandardPBEStringEncryptor; import org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig; import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
public class JasyptUtil {
public static String encrypt(String secretKey, String message) { return stringEncryptor(secretKey, message, true); }
public static String decrypt(String secretKey, String message) { return stringEncryptor(secretKey, message, false); }
private static String stringEncryptor(String secretKey, String message, boolean isEncrypt) { PooledPBEStringEncryptor pooledPBEStringEncryptor = new PooledPBEStringEncryptor(); pooledPBEStringEncryptor.setConfig(getSimpleStringPBEConfig(secretKey)); String result = isEncrypt ? pooledPBEStringEncryptor.encrypt(message) : pooledPBEStringEncryptor.decrypt(message); return result; }
private static SimpleStringPBEConfig getSimpleStringPBEConfig(String secretKey) { SimpleStringPBEConfig config = new SimpleStringPBEConfig(); config.setPassword(secretKey); config.setAlgorithm("PBEWithMD5AndDES"); config.setPoolSize("1"); config.setKeyObtentionIterations("1000"); config.setProviderName("SunJCE"); config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator"); config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator"); config.setStringOutputType("base64"); return config; }
}
|
---------------- The End ----------------
分享到: