使用时要注意jasypt版本的问题:
比如笔者在使用jasypt-spring-boot-starter.3.0.3版本进行decode时,发现不能完整解密已加密的内容,还有的甚至会直接报错。后来经过排查原因,发现加密内容时引用的是jasypt-spring-boot-starter.2.1.1,两者依赖的jasypt版本分别是org.jasypt:jasypt:jar:1.9.3和com.melloware:jasypt:jar:1.9.4,估计是不同版本的jasypt具体实现有差异,所以才造成加解密不一致的问题。
集成到springboot:
1、依赖信息:
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.3</version>
</dependency>
2、配置信息:
jasypt.encryptor.password=password
jasypt.encryptor.algorithm=PBEWithMD5AndDES
jasypt.encryptor.keyObtentionIterations=1000
jasypt.encryptor.poolSize=1
jasypt.encryptor.providerName=null
jasypt.encryptor.providerClassName=null
jasypt.encryptor.saltGeneratorClassname=org.jasypt.salt.RandomSaltGenerator
# jasypt.encryptor.ivGeneratorClassname=org.jasypt.salt.RandomIVGenerator
jasypt.encryptor.stringOutputType=base64
************************************************************************
加解密测试代码(脱离Spring容器):
package com.etoak.test;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
public class TestJasypt {
public static void main(String[] args) {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("password");
config.setAlgorithm("PBEWithMD5AndDES");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName(null);
config.setProviderClassName(null);
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
System.out.println(encryptor.encrypt("待加密内容"));
System.out.println();
System.out.println(encryptor.decrypt("待解密内容"));
}
}
pom依赖
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>1.16</version>
</dependency>
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.5</version>
</dependency>
application.yaml配置
jasypt:
encryptor:
algorithm: PBEWithMD5AndDES
keyObtentionIterations: 1000
password: G0CvDz7oJn6
poolSize: 1
saltGeneratorClassname: org.jasypt.salt.RandomSaltGenerator
stringOutputType: base64
测试方式1:
# maven依赖:org.jasypt:jasypt
java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI password=xxxyyyzzz algorithm=PBEWithMD5AndDES input="明文"
java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI password=xxxyyyzzz algorithm=PBEWithMD5AndDES input=密文
# 好像是必须带上ivGeneratorClassName=org.jasypt.iv.RandomIvGenerator
java -cp jasypt-1.9.3.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI password=xxxyyyzzz algorithm=PBEWithMD5AndDES ivGeneratorClassName=org.jasypt.iv.RandomIvGenerator input="明文"
java -cp jasypt-1.9.3.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI password=xxxyyyzzz algorithm=PBEWithMD5AndDES ivGeneratorClassName=org.jasypt.iv.RandomIvGenerator input=密文
# maven依赖:com.melloware:jasypt
# com.melloware:jasypt:1.9.4报错:Bad argument: ivGeneratorClassName=org.jasypt.iv.RandomIvGenerator,需要去掉ivGeneratorClassName参数
java -cp jasypt-1.9.4.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI password=password algorithm=PBEWithMD5AndDES input="XXX"
java -cp jasypt-1.9.4.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI password=password algorithm=PBEWithMD5AndDES input="XXX"
测试方式2:
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("jaspyt_password");
config.setAlgorithm("PBEWITHHMACSHA512ANDAES_256");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
//config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
System.out.println(encryptor.encrypt("root"));
测试方式3:
package com.etoak.wsdhla;
import org.jasypt.encryption.StringEncryptor;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
public class TestAppTest {
@Resource
private StringEncryptor stringEncryptor;
@Test
public void testEncrypt() {
// 加密
System.out.println(stringEncryptor.encrypt("100"));
// 解密
System.out.println(stringEncryptor.decrypt("9eO11FBv04dwRC3KUJjpXx0XpfA/nlhWy0ee91bpAlbLJZAlMtlh+pRFnL9HsX8o0do26JwkwnAuqk/RVuwa5FRtAdzwsL2B6ce1vQ43z2hXmbuiUBoDyh0UCbnVHqNX"));
}
}
SpringBoot何时解密?(待补充)
jasypt-spring-boot-starter在服务运行时会自动对密文进行解密处理
启动时
13:48:33.100 logback [main] INFO c.u.j.encryptor.DefaultLazyEncryptor - String Encryptor custom Bean not found with name 'jasyptStringEncryptor'. Initializing Default String Encryptor
13:48:33.121 logback [main] INFO c.u.j.c.StringEncryptorBuilder - Encryptor config not found for property jasypt.encryptor.key-obtention-iterations, using default value: 1000
13:48:33.122 logback [main] INFO c.u.j.c.StringEncryptorBuilder - Encryptor config not found for property jasypt.encryptor.pool-size, using default value: 1
13:48:33.123 logback [main] INFO c.u.j.c.StringEncryptorBuilder - Encryptor config not found for property jasypt.encryptor.provider-name, using default value: null
13:48:33.124 logback [main] INFO c.u.j.c.StringEncryptorBuilder - Encryptor config not found for property jasypt.encryptor.provider-class-name, using default value: null
13:48:33.125 logback [main] INFO c.u.j.c.StringEncryptorBuilder - Encryptor config not found for property jasypt.encryptor.salt-generator-classname, using default value: org.jasypt.salt.RandomSaltGenerator
13:48:33.128 logback [main] INFO c.u.j.c.StringEncryptorBuilder - Encryptor config not found for property jasypt.encryptor.iv-generator-classname, using default value: org.jasypt.iv.RandomIvGenerator
13:48:33.131 logback [main] INFO c.u.j.c.StringEncryptorBuilder - Encryptor config not found for property jasypt.encryptor.string-output-type, using default value: base64