Menu
How to decrypt the encrypted password using Jasypt library?
package com.uk.mysqlmaven.jsf.test;
import org.jasypt.util.password.StrongPasswordEncryptor;
import org.jasypt.util.text.StrongTextEncryptor;
public class PasswordEncryptionDecryptionUsingJASYPT {
public static void main(String[] args) {
try {
String password = "password";
StrongPasswordEncryptor encryptor = new StrongPasswordEncryptor();
String encryptedPassword = encryptor.encryptPassword(password);
if (encryptor.checkPassword(password, encryptedPassword)) {
//correct
System.out.println("Encrypted: "+ encryptedPassword);
} else {
//bad again
System.out.println("Error: ");
}
StrongTextEncryptor textEncryptor = new StrongTextEncryptor();
textEncryptor.setPassword(encryptedPassword);
String decryptedPassword = textEncryptor.decrypt(encryptedPassword);
System.out.println("Decrypted: "+ decryptedPassword);
} catch (Exception e) {
e.printStackTrace();
}
}
}
Error is displayed in console when trying to decrypt the password:
Encrypted: JIOYXNa1+3+QefY2S7sas7LmhyOuDQcG8TTsQoTkqj0OtobCvwAFHXxoTr7z6HuP
org.jasypt.exceptions.EncryptionOperationNotPossibleException: Encryption raised an exception. A possible cause is you are using strong encryption algorithms and you have not installed the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files in this Java Virtual Machine
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.handleInvalidKeyException(StandardPBEByteEncryptor.java:999)
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:976)
at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:725)
at org.jasypt.util.text.StrongTextEncryptor.decrypt(StrongTextEncryptor.java:118)
at com.uk.mysqlmaven.jsf.test.PasswordEncryptionDecryptionUsingJASYPT.main(PasswordEncryptionDecryptionUsingJASYPT.java:22)
810
The required steps to use it are: Create an instance (using new). Set a password (using setPassword(String) or setPasswordCharArray(char[])). Perform the desired encrypt(String) or decrypt(String) operations.
In this article, we'll be looking at the Jasypt (Java Simplified Encryption) library. Jasypt is a Java library which allows developers to add basic encryption capabilities to projects with minimum effort, and without the need of having an in-depth knowledge about implementation details of encryption protocols.
Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works. High-security, standards-based encryption techniques, both for unidirectional and bidirectional encryption.
You can try the below example. This will work for you: Please always keep mpCryptoPassword value very secret location, only application should be able to read that.
public class EncryptionDecryptionUsingJASYPT {
private static String mpCryptoPassword = "BornToFight";
public static void main(String[] args) {
String value = "Original Text: Eclipse";
System.out.println("Original Value : "+value);
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
encryptor.setPassword(mpCryptoPassword);
String encryptedPassword = encryptor.encrypt(value);
System.out.println(encryptedPassword);
StandardPBEStringEncryptor decryptor = new StandardPBEStringEncryptor();
decryptor.setPassword(mpCryptoPassword);
System.out.println(decryptor.decrypt(encryptedPassword));
}
}
generated encrypted string from command does not give desired result as it can not encrypt special chars like "!".and gives error "event not found"
KAD@ashutosh MINGW64 ~/Desktop
$ java -cp ~/.m2/repository/org/jasypt/jasypt/1.9.3/jasypt-1.9.3.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input="Test!email30#password" password="some_salt" algorithm=PBEWithMD5AndDES
bash: !email30#password: event not found
Here is an example using org.jasypt.util.text.AES256TextEncryptor
This is a utility class for easily performing high-strength encryption of texts.
This class internally holds a StandardPBEStringEncryptor configured this way:
Algorithm: PBEWithHMACSHA512AndAES_256.
Key obtention iterations: 1000.
The required steps to use it are:
pom.xml:
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.2</version>
</dependency>
You can use jasypt latest 2.1.2(with boot 2.1.1) or jasypt-1.9.3.jar.
Java Code:
import org.jasypt.util.text.AES256TextEncryptor;
import java.security.NoSuchAlgorithmException;
public class JasyptPasswordEcryptor {
public static void main(String[] args) throws NoSuchAlgorithmException {
String password = "Test!email30#password";
AES256TextEncryptor encryptor = new AES256TextEncryptor();
encryptor.setPassword("some_salt");
String myEncryptedText = encryptor.encrypt(password);
System.out.println("Encrypted: "+myEncryptedText);
String plainText = encryptor.decrypt(myEncryptedText);
System.out.println("Decrypted: "+plainText);
}
}
Output:
Encrypted: fureWQHrflMinY+KBOcNeJyYmQv+7Ung/IclGz3iSBYKqTNdgslADg+TMcfFI/unaqZ/P3kDGPco2jZ4vIhrFw==
Decrypted: Test!email30#password
Spring Boot Integration:
You can use @EnableEncryptableProperties in your any configuration class or @SpringBootApplication. See example:
import com.ulisesbocchio.jasyptspringboot.annotation.EnableEncryptableProperties;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.domain.EntityScan;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@EnableEncryptableProperties
@SpringBootApplication
@ComponentScan(basePackages = {"com.company"})
@EntityScan(basePackages = {"com.company.persistence.entities"})
@EnableJpaRepositories(value = {"com.company.persistence.repository"})
@EnableTransactionManagement
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
And in any properties/yml file:
email:
password:
# DO-NOT-USE/REMOVE THIS
plain: 'Test!email30#password'
# use this encrypted one
encrypted: ENC(fureWQHrflMinY+KBOcNeJyYmQv+7Ung/IclGz3iSBYKqTNdgslADg+TMcfFI/unaqZ/P3kDGPco2jZ4vIhrFw==)
jasypt:
encryptor:
password: some_salt
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
