1、查看SpringBoot和jasypt对应版本。
Jasypt 1.9.x 通常与 Spring Boot 1.5.x 相对应。
Jasypt 2.1.x 通常与 Spring Boot 2.0.x 相对应。
Jasypt 3.x 通常与 Spring Boot 2.1.x相对应。
2、引入maven
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.3</version>
</dependency>
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot</artifactId>
<version>3.0.3</version>
</dependency>
<dependency>
<groupId>org.jasypt</groupId>
<artifactId>jasypt</artifactId>
<version>1.9.3</version>
</dependency>
3、新建JasyptController方法来获取加密解密、也可以用main方法获取。
@RequestMapping("/m")
public class JasyptController {
@GetMapping("/o")
public String output(String key) {
String message = "www.baidu,com";
String strJasyp = stringEncryptor(message, key, true);
return "ENC("+strJasyp+")";
}
@PostMapping("/s")//这里使用JSONObject 接收、防止有特殊符号被转义掉。
public String select(@RequestBody JSONObject jsonObject) {
String message = "www.baidu,com";
String jasyptEncrypt1 = stringEncryptor(message, jsonObject.getString("key"), false);
return jasyptEncrypt1;
}
public static String stringEncryptor(String secretKey, String message, boolean isEncrypt) {
PooledPBEStringEncryptor pooledPBEStringEncryptor = new PooledPBEStringEncryptor();
pooledPBEStringEncryptor.setConfig(getSimpleStringPBEConfig(secretKey));
String result = isEncrypt ? pooledPBEStringEncryptor.encrypt(message) : pooledPBEStringEncryptor.decrypt(message);
return result;
}
private static PBEConfig getSimpleStringPBEConfig(String secretKey) {
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword(secretKey);
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
config.setStringOutputType("base64");
config.setPoolSize("1");
config.setAlgorithm("PBEWITHHMACSHA512ANDAES_256");//加密方法
config.setKeyObtentionIterations("1000");
config.setProviderName("SunJCE");
return config;
}
public static void main(String[] args) throws Exception {
String message = "www.baidu,com";//密钥
String password = "www";
String passwordJasyp = stringEncryptor(message, password, true);
System.out.println("password:ENC("+passwordJasyp+")");
String jasyptEncrypt = stringEncryptor(message, "加密后的字符串", false);
System.out.println(jasyptEncrypt);
}
}
4、加密后的密码放入对应的配置文件里面。加密后的密码要放入ENC()进行后续解析。并加入jasypt配置。
driver-class-name: dm.jdbc.driver.DmDriver
url: ENC(19ZBcsVnQdVRRQwsQyqyiCwI1Rf7jmB/2H6VXeSSaKGpzy2UU1+L1pM6/lrfNQnbCo=)
username: ENC(9Df7wDeAaOpDmWp/l6cuJRwyCZNd/KCN)
password: ENC(U+A2cGFir41Uaf1/BzNT3G9ecYw6)
jasypt:
encryptor:
bean: encryptorBean //此处为自定义,用来隐藏密钥,不在环境配置及配置文件直接出现。
5、增加@Bean(“encryptorBean”)进行秘钥等配置解析。
@Configuration
public class JasyptConfig {
@Bean("encryptorBean")
public StringEncryptor stringEncryptor() {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("www.baidu.com");
config.setAlgorithm("PBEWITHHMACSHA512ANDAES_256");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
return encryptor;
}
}