Jasypt is a library that provides simple encryption and decryption of configuration properties in Java-based applications. In this guide, we will show you how to use Jasypt to encrypt properties in a Spring Boot application.
First, add the Jasypt library to your project by adding the following dependency to your
'build.gradle'
file:
implementation "com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.5"
Next, encrypt the properties you want to keep secure. You can use the Jasypt CLI tool to encrypt the values of your properties. To do this, you'll need to download the Jasypt distribution, extract the contents, and then run the encrypt.sh script.
For example, to encrypt the value of a password property, run the following command:
sudo /bin/bash ./encrypt.sh input="your_password" password=jasypt_encryption_password algorithm=PBEWithMD5AndDES
----ENVIRONMENT-----------------
Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 17.0.4.1+1-LTS-2
----ARGUMENTS-------------------
input: your_password
password: jasypt_encryption_password
algorithm: PBEWithMD5AndDES
----OUTPUT----------------------
wBXj2dveGGQVppo0pPN+8xnSonOF5b6q
Note that jasypt_encryption_password is the encryption password that you will use to encrypt and decrypt your properties, and PBEWithMD5AndDES is the encryption algorithm you will use.
The output of the command will be an encrypted string, which you can then use as the value for your password property in your 'application.yml' file.
your_property: ENC(encrypted_value)
where 'encrypted_value' is the encrypted value you obtained in step 2.
Finally, to decrypt the properties in your Spring Boot application, you simply need to add the following configuration to your 'application.yml' file:
jasypt:
encryptor:
password: jasypt_encryption_password
we can also set this value with system variable
JASYPT_ENCRYPTOR_PASSWORD=mypassword
where 'jasypt_encryption_password' is the encryption password you used in step 2.
And that's it! Your properties are now encrypted and decrypted automatically in your Spring Boot application.
docker-compose up
or
java -jar property-encryption-with-jasypt-0.0.1.jar --jasypt.encryptor.password=password