logo标签列表

使用Jasypt进行解密

javaencryptionwindows-8java-7jasypt
11
使用Jasypt库如何解密加密密码?
package com.uk.mysqlmaven.jsf.test;

import org.jasypt.util.password.StrongPasswordEncryptor;
import org.jasypt.util.text.StrongTextEncryptor;


public class PasswordEncryptionDecryptionUsingJASYPT {
    public static void main(String[] args) {
        try {
            String password = "password";
            StrongPasswordEncryptor encryptor = new StrongPasswordEncryptor();
            String encryptedPassword = encryptor.encryptPassword(password);
            if (encryptor.checkPassword(password, encryptedPassword)) {
                //correct
                System.out.println("Encrypted: "+ encryptedPassword);
            } else {
                //bad again
                System.out.println("Error: ");
            }
            StrongTextEncryptor textEncryptor = new StrongTextEncryptor();
            textEncryptor.setPassword(encryptedPassword);
            String decryptedPassword = textEncryptor.decrypt(encryptedPassword);
            System.out.println("Decrypted: "+ decryptedPassword);
            
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

尝试解密密码时,控制台显示错误:

Encrypted: JIOYXNa1+3+QefY2S7sas7LmhyOuDQcG8TTsQoTkqj0OtobCvwAFHXxoTr7z6HuP
org.jasypt.exceptions.EncryptionOperationNotPossibleException: Encryption raised an exception. A possible cause is you are using strong encryption algorithms and you have not installed the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files in this Java Virtual Machine
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.handleInvalidKeyException(StandardPBEByteEncryptor.java:999)
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:976)
    at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:725)
    at org.jasypt.util.text.StrongTextEncryptor.decrypt(StrongTextEncryptor.java:118)
    at com.uk.mysqlmaven.jsf.test.PasswordEncryptionDecryptionUsingJASYPT.main(PasswordEncryptionDecryptionUsingJASYPT.java:22)
@sᴜʀᴇsʜᴀᴛᴛᴀ,我们能解密已加密的密码吗? - UdayKiran Pulipati
当然可以。毕竟它也只是一个简单的字符串。如果它被哈希了,你就无法得到它。 - Suresh Atta
让我们在聊天中继续这个讨论:http://chat.stackoverflow.com/rooms/48574/discussion-between-ss--and-udaykiran-pulipati - Suresh Atta
2个回答
16

您可以尝试下面的示例。这将适用于您:请始终保持mpCryptoPassword值非常保密,只有应用程序才能读取它。

public class EncryptionDecryptionUsingJASYPT {

    private static String mpCryptoPassword = "BornToFight";

    public static void main(String[] args) {
        String value = "Original Text: Eclipse";

        System.out.println("Original Value : "+value);
        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
        encryptor.setPassword(mpCryptoPassword);
        String encryptedPassword = encryptor.encrypt(value);
        System.out.println(encryptedPassword);

        StandardPBEStringEncryptor decryptor = new StandardPBEStringEncryptor();
        decryptor.setPassword(mpCryptoPassword);
        System.out.println(decryptor.decrypt(encryptedPassword));
    }
}
3

在命令行中生成的加密字符串不能正确加密特殊字符,如"!",并报错 "event not found"。

KAD@ashutosh MINGW64 ~/Desktop

$ java -cp ~/.m2/repository/org/jasypt/jasypt/1.9.3/jasypt-1.9.3.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input="Test!email30#password" password="some_salt" algorithm=PBEWithMD5AndDES

bash: !email30#password: event not found

以下示例使用 org.jasypt.util.text.AES256TextEncryptor 进行加密。这是一个实用工具类,可轻松进行高强度文本加密。

该类内部持有一个以以下方式配置的 StandardPBEStringEncryptor

  • 算法: PBEWithHMACSHA512AndAES_256

  • 密钥获取迭代次数: 1000

使用它的步骤如下:

  1. 创建一个实例(使用 new)。
  2. 设置密码(使用 setPassword(String) 或 setPasswordCharArray(char[]))。
  3. 执行所需的 encrypt(String) 或 decrypt(String) 操作。

pom.xml:

<dependency>
        <groupId>com.github.ulisesbocchio</groupId>
        <artifactId>jasypt-spring-boot-starter</artifactId>
        <version>2.1.2</version>
    </dependency>

你可以使用最新的jasypt 2.1.2(与boot 2.1.1一起)或jasypt-1.9.3.jar。
Java代码:
import org.jasypt.util.text.AES256TextEncryptor;
import java.security.NoSuchAlgorithmException;

public class JasyptPasswordEcryptor {
 public static void main(String[] args) throws NoSuchAlgorithmException {

    String password = "Test!email30#password";

    AES256TextEncryptor encryptor = new AES256TextEncryptor();
    encryptor.setPassword("some_salt");
    String myEncryptedText = encryptor.encrypt(password);
    System.out.println("Encrypted: "+myEncryptedText);

    String plainText = encryptor.decrypt(myEncryptedText);
    System.out.println("Decrypted: "+plainText);
 }
}

输出:

加密后:fureWQHrflMinY+KBOcNeJyYmQv+7Ung/IclGz3iSBYKqTNdgslADg+TMcfFI/unaqZ/P3kDGPco2jZ4vIhrFw==

解密后:Test!email30#password

Spring Boot 集成:

您可以在任何配置类或 @SpringBootApplication 中使用 @EnableEncryptableProperties。参见以下示例:

import com.ulisesbocchio.jasyptspringboot.annotation.EnableEncryptableProperties;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.domain.EntityScan;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
import org.springframework.transaction.annotation.EnableTransactionManagement;

@EnableEncryptableProperties
@SpringBootApplication
@ComponentScan(basePackages = {"com.company"})
@EntityScan(basePackages = {"com.company.persistence.entities"})
@EnableJpaRepositories(value = {"com.company.persistence.repository"})
@EnableTransactionManagement
public class Application {

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }

}

在任何properties/yml文件中:

email:
    password:
        # DO-NOT-USE/REMOVE THIS
        plain: 'Test!email30#password'
        # use this encrypted one
        encrypted: ENC(fureWQHrflMinY+KBOcNeJyYmQv+7Ung/IclGz3iSBYKqTNdgslADg+TMcfFI/unaqZ/P3kDGPco2jZ4vIhrFw==)

jasypt:
    encryptor:
        password: some_salt
3
你的CLI示例有问题,因为 "!" 是一个保留的shell字符。如果你在该字符串周围使用单引号,它将防止shell解释 "!" 并按预期工作。那个错误消息来自你的shell而不是Jasypt jar。 - Jason Slobotski
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接