search

ulisesbocchio / jasypt-spring-boot

Jasypt integration for Spring boot
MIT License
2.86k stars 510 forks source link

jasypt not decrypting already encrypted property (i.e in application.properties file) in xml based configuration spring boot project #378

Open Udaykumar519 opened 7 months ago

Udaykumar519 commented 7 months ago

@ulisesbocchio I have two spring boot projects, one uses java based configuration and other uses XML based configuration.

We have a new requirement of encrypting properties present in application.properties file.

So, we have tried using jasypt-spring-boot-starter (v3.0.5) and jasypt-maven-plugin (v3.0.5) in both the projects for encryption/decryption.

  1. Encryption is done using mvn plugin command mvn jasypt:encrypt "-Djasypt.encryptor.password=pvt-key" "-Djasypt.plugin.path=file:src/main/resources/application.properties"

  2. Property file after encryption spring.db.password=ENC(encrypted-password)

  3. Decryption For decrypting above property, we used @Value annotation provided by spring @Value("${spring.db.password}")

DECRYPTION is working as expected in project where java based configurations are used.

*But in XML based Configuration project, I am getting ENCRYPTED VALUES only, without any Decryption. [FYI, Even after adding and in respective XML file]

Spring boot versions used: For Java based Configuration Project: v2.4.0

For XML based Configuration Project: v2.1.4

Please help

huangyfGG commented 7 months ago

do you now have any soluations?

huangyfGG commented 7 months ago

In my case,i can decryptie xml config in some linux machine, while use the same jar, in other linux machine can not decryptie xml config. the xml config is a datasource config.The log prints invalid username/password; logon denied

Udaykumar519 commented 7 months ago

@huangyfGG

I have written custom jasypt encryptor in my application, i have used this for decrypting

@Configuration public class JasyptEncryptorConfig { @Bean(name = "jasyptStringEncryptor") public static StringEncryptor customStringEncryptor(){ PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor(); SimpleStringPBEConfig config = new SimpleStringPBEConfig(); config.setPassword("your_encryption_key"); // encryptor's private key config.setAlgorithm("PBEWITHHMACSHA512ANDAES_256"); config.setKeyObtentionIterations("1000"); config.setPoolSize("1"); config.setProviderName(null); config.setProviderClassName(null); config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator"); config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator"); config.setStringOutputType("base64"); encryptor.setConfig(config); return encryptor; } }