Jasypt 也即Java Simplified Encryption是Sourceforge.net上的一个开源项目
添加依赖:
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.0</version>
</dependency>
ps: 注意jasypt与springboot的版本
jasypt版本 | springboot版本 |
2.1.0 | 2.1.0 |
1.5 | 1.4.2 |
1.5 | 1.5.3 |
1.8 | 1.4.2 |
配置文件中配置jasypt 加解密 密码:
jasypt:
encryptor:
password: test
public static void main(String[] args) throws Exception {
StringEncryptor stringEncryptor = new DefaultLazyEncryptor(new StandardEnvironment());
//加密
System.out.println(stringEncryptor.encrypt("原来的字符串"));
//解密
System.out.println(stringEncryptor.decrypt(stringEncryptor.encrypt("原来的字符串")));
}
将输出的
ENC(bokQ+vKkCtgW951jsT5gqkfqyJF8nP/aEzZ0pckj408=) 配置的配置文件:
password: ENC(bokQ+vKkCtgW951jsT5gqkfqyJF8nP/aEzZ0pckj408=)
读取password:
@RestController
public class Test2 {
@Autowired
Environment environment;
@GetMapping("/ddd")
public void ddd(){
System.out.println(environment.getProperty("paasword")); // 输出的是:原来的字符串
}
}
报错:
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException: null
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:1055) ~[jasypt-1.9.2.jar:na]
at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:725) ~[jasypt-1.9.2.jar:na]
at org.jasypt.encryption.pbe.PooledPBEStringEncryptor.decrypt(PooledPBEStringEncryptor.java:498) ~[jasypt-1.9.2.jar:na]
at com.ulisesbocchio.jasyptspringboot.encryptor.DefaultLazyEncryptor.decrypt(DefaultLazyEncryptor.java:82) ~[jasypt-spring-boot-2.0.0.jar:na]
at com.landasoft.common.config.EncryptionPropertyConfig$EncryptionPropertyResolver.resolvePropertyValue(EncryptionPropertyConfig.java:38) ~[itap-hubei-jcw-tool-1.0-SNAPSHOT.jar:na]
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultLazyPropertyResolver.resolvePropertyValue(DefaultLazyPropertyResolver.java:41) ~[jasypt-spring-boot-2.0.0.jar:na]
at com.ulisesbocchio.jasyptspringboot.EncryptablePropertySource.getProperty(EncryptablePropertySource.java:16) ~[jasypt-spring-boot-2.0.0.jar:na]
at com.ulisesbocchio.jasyptspringboot.wrapper.EncryptableMapPropertySourceWrapper.getProperty(EncryptableMapPropertySourceWrapper.java:29) ~[jasypt-spring-boot-2.0.0.jar:na]
at org.springframework.boot.bind.PropertySourcesPropertyValues.getEnumerableProperty(PropertySourcesPropertyValues.java:165) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
at org.springframework.boot.bind.PropertySourcesPropertyValues.processEnumerablePropertySource(PropertySourcesPropertyValues.java:148) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
at org.springframework.boot.bind.PropertySourcesPropertyValues.processPropertySource(PropertySourcesPropertyValues.java:127) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
at org.springframework.boot.bind.PropertySourcesPropertyValues.<init>(PropertySourcesPropertyValues.java:117) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
at org.springframework.boot.bind.PropertiesConfigurationFactory.getPropertySourcesPropertyValues(PropertiesConfigurationFactory.java:316) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
at org.springframework.boot.bind.PropertiesConfigurationFactory.doBindPropertiesToTarget(PropertiesConfigurationFactory.java:270) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
at org.springframework.boot.bind.PropertiesConfigurationFactory.bindPropertiesToTarget(PropertiesConfigurationFactory.java:240) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
at org.springframework.boot.context.properties.ConfigurationPropertiesBindingPostProcessor.postProcessBeforeInitialization(ConfigurationPropertiesBindingPostProcessor.java:329) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
... 76 common frames omitted
解决:org.jasypt.exceptions.EncryptionOperationNotPossibleException: null_高冷的自卑患者的博客-CSDN博客
排查了各种情况都不能解决,网上也没有找到解决的方法
最后发现是因为加密后的密文不知什么原因损坏,导致用现有的密钥不能正确解密,从而报这个错误。
解决方法:用密钥重新对原配置项数据进行加密,然后替换掉加密后的密文,问题解决
3.0.3版本
引入依赖:
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.3</version>
</dependency>
加解密:
public static void main(String[] args) {
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("zjtest");
config.setAlgorithm("PBEWITHHMACSHA512ANDAES_256");
//以下都是默认值
config.setPoolSize("1");
config.setKeyObtentionIterations("1000");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
//命令行执行时要指定这个参数
config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
config.setStringOutputType("base64");
PooledPBEStringEncryptor pooledPBEStringEncryptor = new PooledPBEStringEncryptor();
pooledPBEStringEncryptor.setConfig(config);
System.out.println(pooledPBEStringEncryptor.encrypt("mysql123"));
System.out.println(pooledPBEStringEncryptor.decrypt("GsMIpIkA94VXseta24kBPGQaLaDYlKn6bHid3IXnVkzq3cH7V/E4/B7wOthCO1wo"));
}