我有一个 Spring Boot 项目(使用 Spring Boot v2.1.7.RELEASE、Spring v5.1.9.RELEASE 运行),我正在尝试使用 Jasypt (2.1.2) 来加密我的数据库密码。
我有一个 application.yml 文件,用于存储我的数据库用户/密码 url 等'
我的 pom.xml 与 Jasypt 看起来像这样:
<!--Jasypt-->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.2</version>
<scope>compile</scope>
</dependency>
我的 Main 有以下注释:
@EnableEncryptableProperties
我的数据库配置类: 配置
@PropertySource("classpath:application.yml")
@PropertySource("classpath:external.properties")
//@EncryptablePropertySource("classpath:external.properties")
//@EncryptablePropertySource("classpath:application.yml")
@EnableTransactionManagement
public class DBConfiguration {
@Value("${spring.datasource.pps-db.driver-class-name}")
private String driver;
@Value("${spring.datasource.pps-db.password}")
private String password;
我已经使用以下方式生成了密码:
java -cp ~/.m2/repository/org/jasypt/jasypt/1.9.2/jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input="Aa123456" password=secret algorithm=PBEWithMD5AndDES
----ENVIRONMENT-----------------
Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 11.0.5+10-LTS
----ARGUMENTS-------------------
input: Aa123456
password: secret
algorithm: PBEWithMD5AndDES
----OUTPUT----------------------
c+E+8syd2Y1Tp1oNkJ2Xqk/9Pqt9l92B
在我的 application.yaml 中,在数据库密码位置,我放置了使用 Jasypt 生成的生成密码。 ENC(“我的生成密码”)
当我运行我的应用程序时,一切正常,密码被解密,应用程序工作正常。
我的问题是当我有一个强密码时,例如:“A12$$T@@!”和我 。想要加密它, 我明白:
java -cp ~/.m2/repository/org/jasypt/jasypt/1.9.2/jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input="A12$$T@@!" password=secret algorithm=PBEWithMD5AndDESA1
-**bash: !": event not found**
我认为这是因为“!”
我创建了一个类来使用更强的密码:
import org.jasypt.util.text.AES256TextEncryptor;
import java.security.NoSuchAlgorithmException;
public class JasyptPasswordEcryptor {
public static void main(String[] args) throws NoSuchAlgorithmException {
String password = "A12$$T@@!";
AES256TextEncryptor encryptor = new AES256TextEncryptor();
encryptor.setPassword("secret");
String myEncryptedText = encryptor.encrypt(password);
System.out.println("Encrypted: "+myEncryptedText);
String plainText = encryptor.decrypt(myEncryptedText);
System.out.println("Decrypted: "+plainText);
}
}
结果是: 加密:QGPEnAN7MpkRC4opCHn8ztSMoiX8Imx0PT/HI7X6yVDtE/bIs/pTaAID76teJ6TG 解密:A12$$T@@!
当我在 application.yml 中应用新的加密密码时: 密码:ENC(QGPEnAN7MpkRC4opCHn8ztSMoiX8Imx0PT/HI7X6yVDtE/bIs/pTaAID76teJ6TG)
然后我尝试运行我的应用程序(mvn spring-boot:run):我得到一个异常..并且我不明白问题是什么..(我认为这与 java.lang.Error 有关)。安全性,,,没有 AES256TextEncryptor 算法或类似的算法)
我从解密过程中得到一个空值: 这是堆栈跟踪:
Caused by: org.springframework.cache.Cache$ValueRetrievalException: Value for key 'spring.datasource.pps-db.password' could not be loaded using 'com.ulisesbocchio.jasyptspringboot.caching.CachingDelegateEncryptablePropertySource$$Lambda$400/0x0000000800721440@2dec0f40'
at org.springframework.cache.concurrent.ConcurrentMapCache.lambda$get$0 (ConcurrentMapCache.java:149)
at java.util.concurrent.ConcurrentHashMap.computeIfAbsent (ConcurrentHashMap.java:1705)
at org.springframework.cache.concurrent.ConcurrentMapCache.get (ConcurrentMapCache.java:144)
at com.ulisesbocchio.jasyptspringboot.caching.CachingDelegateEncryptablePropertySource.getProperty (CachingDelegateEncryptablePropertySource.java:34)
at com.ulisesbocchio.jasyptspringboot.wrapper.EncryptableMapPropertySourceWrapper.getProperty (EncryptableMapPropertySourceWrapper.java:31)
at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty (PropertySourcesPropertyResolver.java:85)
at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty (PropertySourcesPropertyResolver.java:62)
at org.springframework.core.env.AbstractEnvironment.getProperty (AbstractEnvironment.java:539)
at org.springframework.context.support.PropertySourcesPlaceholderConfigurer$1.getProperty (PropertySourcesPlaceholderConfigurer.java:137)
at org.springframework.context.support.PropertySourcesPlaceholderConfigurer$1.getProperty (PropertySourcesPlaceholderConfigurer.java:133)
at org.springframework.core.env.PropertySourcesPropertyResolver.getProperty (PropertySourcesPropertyResolver.java:85)
at org.springframework.core.env.PropertySourcesPropertyResolver.getPropertyAsRawString (PropertySourcesPropertyResolver.java:74)
at org.springframework.util.PropertyPlaceholderHelper.parseStringValue (PropertyPlaceholderHelper.java:151)
at org.springframework.util.PropertyPlaceholderHelper.replacePlaceholders (PropertyPlaceholderHelper.java:124)
at org.springframework.core.env.AbstractPropertyResolver.doResolvePlaceholders (AbstractPropertyResolver.java:237)
at org.springframework.core.env.AbstractPropertyResolver.resolveRequiredPlaceholders (AbstractPropertyResolver.java:211)
at org.springframework.context.support.PropertySourcesPlaceholderConfigurer.lambda$processProperties$0 (PropertySourcesPlaceholderConfigurer.java:175)
at org.springframework.beans.factory.support.AbstractBeanFactory.resolveEmbeddedValue (AbstractBeanFactory.java:851)
当我再次尝试 mvn apring-boot:run 我得到:
at java.lang.Thread.run (Thread.java:834)
Caused by: org.springframework.cache.Cache$ValueRetrievalException: Value for key 'spring.datasource.pps-db.password' could not be loaded using 'com.ulisesbocchio.jasyptspringboot.caching.CachingDelegateEncryptablePropertySource$$Lambda$401/0x000000080071f840@618d748'
at org.springframework.cache.concurrent.ConcurrentMapCache.lambda$get$0 (ConcurrentMapCache.java:149)
at java.lang.reflect.Method.invoke (Method.java:566)
at org.springframework.boot.maven.AbstractRunMojo$LaunchRunner.run (AbstractRunMojo.java:543)
at java.lang.Thread.run (Thread.java:834)
Caused by: java.lang.IllegalStateException: either 'jasypt.encryptor.password' or one of ['jasypt.encryptor.private-key-string', 'jasypt.encryptor.private-key-location'] must be provided for Password-based or Asymmetric encryption
at com.ulisesbocchio.jasyptspringboot.encryptor.DefaultLazyEncryptor.lambda$null$5 (DefaultLazyEncryptor.java:54)
at java.util.Optional.orElseThrow (Optional.java:408)
at com.ulisesbocchio.jasyptspringboot.encryptor.DefaultLazyEncryptor.lambda$createDefault$6 (DefaultLazyEncryptor.java:54)
at java.util.Optional.orElseGet (Optional.java:369)
at com.ulisesbocchio.jasyptspringboot.encryptor.DefaultLazyEncryptor.createDefault (DefaultLazyEncryptor.java:50)
at com.ulisesbocchio.jasyptspringboot.encryptor.DefaultLazyEncryptor.lambda$null$2 (DefaultLazyEncryptor.java:38)
at java.util.Optional.orElseGet (O
希望有人能帮助我!!
谢谢大家,
最佳答案
我想分享我的 ipnut。
尝试加密密码时,请使用以下内容:
当尝试用“!”加密字符串时,,,请使用“您的密码!!!”
请使用“”代替“”
使用版本1.9.3
java -cp ~/.m2/repository/org/jasypt/jasypt/1.9.3/jasypt-1.9.3.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input='Aa$$@123456 !'密码= secret
算法=PBEWithMD5AndDES
并将其添加到您的 pom 中:
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.2</version>
</dependency>
我希望它有帮助。
关于java - JASYPT 与 Spring Boot 问题加密强密码并在应用程序中使用它,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58808345/