The springboot project uses jasypt to implement configuration file attribute encryption and decryption

Import jar package

        Introduce the corresponding jar package in the pom file of the project, where ${jasypt.version} can be defined in the properties attribute in the pom file. The version used in the article is 2.1.0

<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>${jasypt.version}</version>
</dependency>

Add startup class scan

        It is necessary to add "com.ulisesbocchio.jasyptspringboot" to the startup class in the springboot project and annotate the scanBasePackages of SpringBootApplication. This is the root path of the imported jar package, so that the config class imported into the jar package can be scanned

@SpringBootApplication(scanBasePackages = {"com.erge","com.ulisesbocchio.jasyptspringboot"})
public class ErbaogeApplication {

    public static void main(String[] args) {
        ConfigurableApplicationContext context = SpringApplication.run(ErbaogeApplication.class, args);
    }
}

configuration file open

        The configuration file is decrypted, and springboot will inject the corresponding config class after it is enabled. true means it is enabled

jasypt:
  encryptor:
    bootstrap: true

encrypted message

        To encrypt a message, you need to set the salt, algorithm, output type, etc. The example encryption method provides the default encryption algorithm of the tool, and the salt is defined by yourself. The final output string (assuming output 666666) needs to be placed in ENC(666666), where ENC() is the default format, directly replace ENC(666666) with plaintext.

public static void main(String[] args) {
    String password = "j+UsiwNckWaaU=";               //要加密的（数据库/redis等）密码

    String salt = "mtOWc6";                 //加密用的salt(密钥)
    SimpleStringPBEConfig config = new SimpleStringPBEConfig();
    config.setAlgorithm("PBEWithMD5AndDES");
    config.setKeyObtentionIterations(1000);
    config.setPoolSize(1);
    if(StringUtils.isEmpty(salt)) {
        config.setSaltGenerator(new RandomSaltGenerator());
        salt = "";
    } else {
        config.setPassword(salt);                      // 加密的密钥
    }
    config.setStringOutputType("base64");
    PooledPBEStringEncryptor pooledPBEStringEncryptor = new PooledPBEStringEncryptor();
    pooledPBEStringEncryptor.setConfig(config);
    String encryptedText = pooledPBEStringEncryptor.encrypt(password);
    System.out.println("===== SALT: "+salt);
    System.out.println("===== SRC: "+password);
    System.out.println("===== ENCRYPTED: "+encryptedText);
}

related configuration

        The above are only the default configurations, which can be used only by enabling them. There are also some related configurations, which can modify the default format, specify encryption and decryption algorithms, etc. The relevant configuration has not been verified here, and will be added in the future