Closed cristianprofile closed 7 years ago
http://www.bouncycastle.org/wiki/display/JA1/Provider+Installation
Installing the Provider Dynamically import org.bouncycastle.jce.provider.BouncyCastleProvider; ... Security.addProvider(new BouncyCastleProvider());
Installing the Provider Statically To install the provider statically you need to add it as an entry to the java.security file which can be found in $JAVA_HOME/jre/lib/security/java.security for the JRE/JDK you are using. Look for a list of lines with security.provider.X where X is some number. At the bottom of the list add the line: security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider where N is one more than the last number in the list.
Java JCE Unlimited Strength Jurisdiction Policy is a must. You must replace local_policy.jar US_export_policy.jar
Example encrypt with sh provided with jasypt-1.9.2: Download
Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
http://www.jasypt.org/download.html
source encrypt.sh input=xsdfewef password=master algorithm=PBEWITHSHA256AND128BITAES-CBC-BC providerClassName=org.bouncycastle.jce.provider.BouncyCastleProvider
----ENVIRONMENT-----------------
Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.80-b11
----ARGUMENTS-------------------
algorithm: PBEWITHSHA256AND128BITAES-CBC-BC
input: xsdfewef
password: master
providerClassName: org.bouncycastle.jce.provider.BouncyCastleProvider
----OUTPUT----------------------
wObS5BBRQRBBfVu2ZZFxG/svPLgRBt/FDsAlyCoi1tk=
source decrypt.sh input=KZ5e1O3nPjbFBwtoGomEUrQRnrqmCWzpY+jtyv8OQ1A= password=master algorithm=PBEWITHSHA256AND128BITAES-CBC-BC providerClassName=org.bouncycastle.jce.provider.BouncyCastleProvider
----ENVIRONMENT-----------------
Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.80-b11
----ARGUMENTS-------------------
algorithm: PBEWITHSHA256AND128BITAES-CBC-BC
input: KZ5e1O3nPjbFBwtoGomEUrQRnrqmCWzpY+jtyv8OQ1A=
password: master
providerClassName: org.bouncycastle.jce.provider.BouncyCastleProvider
----OUTPUT----------------------
xsdfewef
This feature was implemented in another new repository: see https://github.com/cristianprofile/spring-boot-thread-local-and-bouncy-castle
Use jasypt to be able to encrypt/decript Spring boot properties
https://github.com/ulisesbocchio/jasypt-spring-boot
http://www.technovillage.org/?p=193