Springboot项目使用Jasypt对数据库账号密码加解密

Jasypt包地址：https://github.com/ulisesbocchio/jasypt-spring-boot

分3步：

1. 在pom.xml中引入Jasypt包：

<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>3.0.5</version>
</dependency>

2. 在application.yml 或 application。properties 配置文件中配置：

注意：官方说明中只要求password必填，但后面两项也要填上，否则出现错误

Failed to bind properties under 'spring.datasource.password' to java.lang.String:
Reason: org.springframework.boot.context.properties.bind.BindException: Failed to bind properties under 'spring.datasource.password' to java.lang.String
Unable to decrypt property: ENC(LPlBnj/36Tq4KtnmKSeHJQ==) resolved to: ENC(LPlBnj/36Tq4KtnmKSeHJQ==). Decryption of Properties failed, make sure encryption/decryption passwords match

jasypt.encryptor.password=abc!@#123
jasypt.encryptor.algorithm=PBEWithMD5AndDES
jasypt.encryptor.iv-generator-classname=org.jasypt.iv.NoIvGenerator

3. 写一个Test类生成加密后的密码：

public class JasyptEncryptorTest {

    public static void main(String[] args) {
        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
        //加密所需的salt(盐)
        encryptor.setPassword("abc!@#123");
        //要加密的数据（数据库的用户名或密码）
        String username = encryptor.encrypt("root");
        String password = encryptor.encrypt("123456");
        System.out.println("username:"+username);
        System.out.println("password:"+password);

        System.out.println("解密1：" + encryptor.decrypt(username));
        System.out.println("解密2：" + encryptor.decrypt(password));
    }
}

4. 最后将密码替换到配置的数据库账号密码中：

spring.datasource.username=ENC(HDug3fR97rx12L72yVsA1A==)
spring.datasource.password=ENC(LPlBnj/36Tq4KtnmKSeHJQ==)

更多玩法详见官方说明：https://github.com/ulisesbocchio/jasypt-spring-boot