Reputation: 2520
Jasypt: How to decrypt property stored in Map<String, String>?
Collegues, could you help to decrypt password (it is a value in stmCredentials map) from properties file using jasypt.
I have next strings in my properties file:
creds.users={testLogin: 'ENC(w0H***pgsj)'}
user2.login = ENC(9j3fHz5c****cLRCVvLTQmr5)
user2.pass = ENC(w0HxpKq7V3Lf***g3zs/hpgsj)
I run the test in debug mode:
@RunWith(SpringRunner.class)
@SpringBootTest
@ActiveProfiles("dev")
@Slf4j
public class CredentialsTest {
@BeforeClass
public static void beforeClass(){
System.setProperty("jasypt.encryptor.password", "C*******L");
}
@Autowired
StmCredentials stmCredentials;
@Value("${user2.login}")
private String user2Login;
@Value("${user2.pass}")
private String user2Pass;
@Test
public void getCredspairs() {
HashMap<String, String> credspairs = stmCredentials.getCredspairs();
}
}
After run I have next values in variables:
credspairs:
key: "testLogin"
value:"ENC(w0HxpKq7V3LfEPsU5mbd0Vg3zs/hpgsj)" //it wasn't decrypt =(
and (attention!)
user2Login = testLogin //it was decrypt
user2Pass = K1212Zrde
It seems that something wrong in my properties file, in creds.users property. I tried to use "single quotes, double quotes", but it doesn't help.
StmCredentials bean looks like:
@Component
@EnableConfigurationProperties
public class StmCredentials {
@Value("#{${creds.users}}")
private HashMap<String, String> credspairs;
public HashMap<String, String> getCredspairs() {
return credspairs;
}
public void setCredspairs(HashMap<String, String> somedata) {
this.credspairs = somedata;
}
}
How to decrypt password stored in StmCredentials (value)?
Thank you for any advice.
Upvotes: 0
Views: 732
Answers (1)
Reputation: 478
Hope this helps:
I don't think Jasypt can detect and decrypt values from properties file in this manner (from the limited span of my knowledge). You can try putting this in application.yml file if you can. It should work there. Anyway, here's what we can do:
This actually isn't the solution but a possible workaround. We can create a class to decrypt the values ourselves if Jasypt automatically won't do it for us.
import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
public class MyStringEncryptor {
private StringEncryptor encryptor;
public MyStringEncryptor(String password) {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword(password);
config.setAlgorithm("PBEWITHMD5ANDDES");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
this.encryptor = encryptor;
}
public String encrypt(String message) {
return encryptor.encrypt(message);
}
public String decrypt(String message) {
return encryptor.decrypt(message);
}
}
Now we can create an object of MyStringEncryptor class and use the method decrypt to decrypt our desired value.
MyStringEncryptor encryptor = new MyStringEncryptor("mysecretpass"); // You can pass the password from properties file using @Value
String decryptedValue = encryptor.decerypt(encrypted-message);
Upvotes: 1
Related Questions
- Spring Properties Decryption
- String Encryption with JASYPT + Hibernate + Spring
- jasypt-spring-boot-1.17: Decryption of Properties failed, make sure encryption/decryption passwords match
- Loading decrypted Password with Jasypt in Spring Boot
- When using jasypt, how do I get the encrypted value to put in my config?
- Required Encryption configuration property missing: jasypt.encryptor.password
- How to disable jasypt's automatic property decryption for a single component?
- How to decrypt a property value when using PropertySourcesPlaceholderConfigurer
- How to decrypt properties used in @ConfigurationProperties beans?
- Unable to encrypt username/password from properties file using jasypt