Introduction to jasypt-spring-boot

Jasypt-spring-boot is a simple encryption library used in spring boot applications to encrypt/decrypt properties. It is a great way to secure sensitive data such as passwords, API keys, and other credentials.

Features

Some features of Jasypt-spring-boot include:

• Encryption/Decryption of properties
• Integration with Spring Boot and its configuration properties
• Simple integration with various encryption algorithms such as PBEWithMD5AndDES, PBEWithMD5AndTripleDES, PBEWithSHA1AndDESede, etc.
• Can be used for a wide range of applications, including web application security, data encryption, and more

Installation

The jasypt-spring-boot library is easy to install in your spring boot project via Maven or Gradle.

Maven

Add the following dependency to your project's pom.xml file:

<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>3.0.3</version>
</dependency>

Gradle

Add the following dependency to your project's build.gradle file:

dependencies {
    implementation 'com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.3'
}

Usage

To use jasypt-spring-boot, first, you need to configure your spring boot application properties. You can encrypt your properties using the encrypt command.

java -cp jasypt-1.9.3.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input="super_secret_password" password="password" algorithm=PBEWithMD5AndTripleDES

The output of the command will be something like:

----ENVIRONMENT-----------------

Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 25.111-b14

----ARGUMENTS-------------------

input: super_secret_password
password: password
algorithm: PBEWithMD5AndTripleDES

----OUTPUT----------------------

C1vd9XGudeT16bzqqyJvxw==

Copy this encrypted value to your application.properties file as shown below:

db.password=ENC(C1vd9XGudeT16bzqqyJvxw==)

Finally, you need to configure your spring boot application to use jasypt-spring-boot as shown below:

@Configuration
public class JasyptConfig {

    @Bean("jasyptStringEncryptor")
    public StringEncryptor stringEncryptor() {
        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        config.setPassword("password");
        config.setAlgorithm("PBEWithMD5AndTripleDES");
        config.setKeyObtentionIterations("1000");
        config.setPoolSize("1");
        config.setProviderName("SunJCE");
        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
        config.setStringOutputType("base64");
        encryptor.setConfig(config);
        return encryptor;
    }

}

After that, you can simply use @Value annotation in your spring boot application code to access the encrypted property.

@Service
public class MyService {
  
    @Value("${db.password}")
    private String password;
  
    // ...
}

Conclusion

Jasypt-spring-boot is an easy-to-use library for encrypting sensitive data in your spring boot applications. It provides a secure way to store sensitive credentials like passwords, API keys, and other data, keeping them safe from prying eyes.