search

cristianprofile / spring-boot-mvc-complete-example

spring boot mvc complete example integration and unit test with @config classes
54 stars 52 forks source link

Use jasypt to be able to encrypt/decript Spring boot properties #56

Closed cristianprofile closed 7 years ago

cristianprofile commented 7 years ago

Use jasypt to be able to encrypt/decript Spring boot properties

https://github.com/ulisesbocchio/jasypt-spring-boot

http://www.technovillage.org/?p=193

cristianprofile commented 7 years ago

http://www.bouncycastle.org/wiki/display/JA1/Provider+Installation

Installing the Provider Dynamically import org.bouncycastle.jce.provider.BouncyCastleProvider; ... Security.addProvider(new BouncyCastleProvider());

Installing the Provider Statically To install the provider statically you need to add it as an entry to the java.security file which can be found in $JAVA_HOME/jre/lib/security/java.security for the JRE/JDK you are using. Look for a list of lines with security.provider.X where X is some number. At the bottom of the list add the line: security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider where N is one more than the last number in the list.

cristianprofile commented 7 years ago

http://justrocketscience.com/post/install-bouncy-castle

cristianprofile commented 7 years ago

Java JCE Unlimited Strength Jurisdiction Policy is a must. You must replace local_policy.jar US_export_policy.jar

https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec1698523.html

cristianprofile commented 7 years ago

Example encrypt with sh provided with jasypt-1.9.2: Download

Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.

http://www.jasypt.org/download.html

source encrypt.sh input=xsdfewef password=master algorithm=PBEWITHSHA256AND128BITAES-CBC-BC providerClassName=org.bouncycastle.jce.provider.BouncyCastleProvider

----ENVIRONMENT-----------------

Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.80-b11 

----ARGUMENTS-------------------

algorithm: PBEWITHSHA256AND128BITAES-CBC-BC
input: xsdfewef
password: master
providerClassName: org.bouncycastle.jce.provider.BouncyCastleProvider

----OUTPUT----------------------

wObS5BBRQRBBfVu2ZZFxG/svPLgRBt/FDsAlyCoi1tk=

source decrypt.sh input=KZ5e1O3nPjbFBwtoGomEUrQRnrqmCWzpY+jtyv8OQ1A= password=master algorithm=PBEWITHSHA256AND128BITAES-CBC-BC providerClassName=org.bouncycastle.jce.provider.BouncyCastleProvider

----ENVIRONMENT-----------------

Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.80-b11 

----ARGUMENTS-------------------

algorithm: PBEWITHSHA256AND128BITAES-CBC-BC
input: KZ5e1O3nPjbFBwtoGomEUrQRnrqmCWzpY+jtyv8OQ1A=
password: master
providerClassName: org.bouncycastle.jce.provider.BouncyCastleProvider

----OUTPUT----------------------

xsdfewef
cristianprofile commented 7 years ago

This feature was implemented in another new repository: see https://github.com/cristianprofile/spring-boot-thread-local-and-bouncy-castle