SoFunction
Updated on 2025-04-11

Technical Guide to Encryption and Decryption with Jasypt

1. Brief description

Jasypt (Java Simplified Encryption) is a library that simplifies encryption work in Java applications. It supports encryption and decryption operations and is easy to integrate with Spring Boot. Through Jasypt, sensitive information can be managed securely, such as database passwords, API keys, etc.

2. Core functions

  • Simplified encryption and decryption operations: Provide encryption and decryption capabilities through an easy-to-use API.
  • Various algorithms support: such as AES, PBE, etc.
  • Supports attribute encryption: seamless integration with Spring's @Value annotation to directly decrypt sensitive information in configuration files.
  • High security: Supports Salt and Iteration Count to enhance security.

3. Practical examples

3.1 Maven dependencies

Add the following dependencies to your file:

<dependency>
    <groupId></groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>3.0.5</version>
</dependency>

3.2 Configuring the application

  • Configuration File
=jdbc:mysql://localhost:3306/mydb
=root
=ENC(encrypted_password)
  • Encryption tools
    Encrypt passwords using the CLI tool provided by jasypt-spring-boot:
jasypt encrypt input=my_password password=my_secret_key algorithm=PBEWithMD5AndDES

The output result is similar:

ENC(3bf2jN+/NfM45y8OeM7TfQ==)

3.3 Dynamically set up the encryptor

In Spring Boot projects, you can dynamically set the properties of the encryptor by configuring it.

=my-strong-secret-key
=PBEWithHMACSHA512AndAES_256
-obtention-iterations=2000
-size=4
-generator-classname=

Custom configuration class:

import ;
import ;
import ;
import ;
import ;

@Configuration
public class JasyptConfig {
    @Bean("jasyptStringEncryptor")
    public StringEncryptor stringEncryptor() {
        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        ("my-strong-secret-key");
        ("PBEWithMD5AndTripleDES");
        (2000);
        (4);
        (new RandomSaltGenerator());
        return encryptor;
    }
}

4. Encryption algorithm

4.1 Encryption and decryption using advanced algorithms

The default PBEWithMD5AndDES algorithm is not safe enough to use the safer PBEWithHMACSHA512AndAES_256.

import ;

public class AdvancedJasyptExample {
    public static void main(String[] args) {
        // Create an encryptor        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
        ("my-strong-secret-key"); // Set the key        ("PBEWithHMACSHA512AndAES_256"); // Set up advanced algorithms
        // Encryption        String sensitiveData = "SuperSecretPassword123";
        String encryptedData = (sensitiveData);
        ("Encrypted Data: " + encryptedData);

        // Decrypt        String decryptedData = (encryptedData);
        ("Decrypted Data: " + decryptedData);
    }
}

4.2 Enhance encryption using Salt and Iteration Count

Salt and Iteration Count can significantly improve encryption security.

import ;
import ;

public class SaltAndIterationExample {
    public static void main(String[] args) {
        // Create an encryptor        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        ("my-strong-secret-key");
        ("PBEWithMD5AndTripleDES");
        (4); // Thread pool size
        // Set the salt value generator and iteration number        (new RandomSaltGenerator());
        (1000); // Increase cracking difficulty
        // Encryption        String sensitiveData = "ImportantDataToEncrypt";
        String encryptedData = (sensitiveData);
        ("Encrypted Data: " + encryptedData);

        // Decrypt        String decryptedData = (encryptedData);
        ("Decrypted Data: " + decryptedData);
    }
}

5. Application scenarios

Jasypt's advantages lie in its simple and easy-to-use API and powerful encryption capabilities. It provides a variety of crypto options, and you can choose the right crypto according to your specific needs. At the same time, Jasypt also supports encrypted configuration of sensitive data, which can store encrypted sensitive data in configuration files, improving application security.

Jasypt's application scenarios include but are not limited to the following aspects:

  • Database password encryption: Encrypt the database connection password to store it to improve the security of the database.
  • API key protection: Encrypt the API key and store it to prevent security risks caused by key leakage.
  • User password encryption: Encrypt the user password and store it to protect the user's privacy data.
  • Profile encryption: Encrypt sensitive data in the application's configuration file to improve application security.

6. Summary

Jasypt is a powerful and easy-to-use encryption tool that is especially suitable for the encryption needs of sensitive information in Java applications. In actual projects, the functions provided by Jasypt can improve the security of the system without changing a large amount of code.

This is the article about Java's technical guide for encryption and decryption using Jasypt. This is all about this. For more related Java Jasypt encryption and decryption content, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!