Notice
Recent Posts
Recent Comments
Link
«   2025/05   »
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
Tags
more
Archives
Today
Total
관리 메뉴

메모장

Jasypt 이용한 application.yml 암호화 본문

Java

Jasypt 이용한 application.yml 암호화

doopang 2023. 2. 24. 14:33

build.gradle

// https://mvnrepository.com/artifact/com.github.ulisesbocchio/jasypt-spring-boot-starter
implementation group: 'com.github.ulisesbocchio', name: 'jasypt-spring-boot-starter', version: '3.0.4'

 

Local

Edit Configurations...
Modify options
Add VM options

// 추가
-Djasypt.encryptor.password=Secret Key

 

JasyptConfig

import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class JasyptConfig {

  @Value("${jasypt.encryptor.password}")
  private String encryptKey;

  @Bean("jasyptStringEncryptor")
  public StringEncryptor stringEncryptor() {
    PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
    SimpleStringPBEConfig config = new SimpleStringPBEConfig();
    config.setPassword(encryptKey);
    config.setAlgorithm("PBEWithMD5AndDES");
    config.setKeyObtentionIterations("1000");
    config.setPoolSize("1");
    config.setProviderName("SunJCE");
    config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
    config.setIvGeneratorClassName("org.jasypt.iv.NoIvGenerator");
    config.setStringOutputType("base64");
    encryptor.setConfig(config);
    return encryptor;
  }
}

 

https://www.devglan.com/online-tools/jasypt-online-encryption-decryption

암호화/복호화

application.yml

// 암호화
spring:
  ...
  datasource:
    url: ENC(u9wfMcZRqZlcFqSuTJ79BcTtpghot/55tzJsDX70NvaW5wxDMISuvtg0tHYx/VIa)
    driver-class-name: org.mariadb.jdbc.Driver
    username: ENC(nQcMhi8KdOcOLE6rCpqMHA==)
    password: ENC(0P3dIScBQqWsBDxQFu7tbw==)
  ...

 

Server
docker-compose.yml

version: '3'
services:
  ...
  environment:
    JASYPT_ENCRYPTOR_PASSWORD: Secret Key
  ...

// 저장 후
docker-compose up -d

'Java' 카테고리의 다른 글

List Mapping  (0) 2023.10.11
ImmutableMap  (1) 2023.10.11
스프링 컨테이너(IoC)  (0) 2023.01.19
Gmail SMTP 메일 발송  (0) 2023.01.18
Swagger  (0) 2023.01.13
'Java' Related Articles more