Encrypt Passwords and Keys in a Spring Boot Project using Jasypt
How to keep your passwords safe in a public repository
I hear about many people’s stories who push their Google or Amazon API key, password, or something like that to a public repository, and they have real troubles.
So to make sensitive info safe you should encrypt it, How? That is what you will know in the following section
If you already have a project, you can skip this step 1 to create a new project!
Step 1: Generate a new spring boot project
Step 2:
We need Jasypt dependency, for me, it’s version 3.0.3, you can check for the last version here.
You will need this plugin too:
Step 3: Encryption
There are two ways to encrypt a text using Jasypt.
The 1st way: is by going to Jasypt-online
Then you replace your password or key with : ENC(the_Hash_Code_Genarated), see the example below.
The 2ed way: is using command line:
mvn jasypt:encrypt-value -Djasypt.encryptor.password=MySecretKey -Djasypt.plugin.value=myPassword
Step 4: Compile project
To compile the project you should give them the secret key is not it will the compilation will fail, and to do that you have two options, one is by command line:
mvn spring-boot:run -Djasypt.encryptor.password=MySecretKey
The second option is using IDE:
Edit Configurations…-> Configuration -> VM options
Then write this command: -Djasypt.encryptor.password=MySecretKey
To decrypt the hash code also, you can use Jasypt-online or command line:
Using website see the GIF bellow
Using the command line:
mvn jasypt:decrypt-value -Djasypt.encryptor.password=MySecretKey -Djasypt.plugin.value=ENC(XsGP8uozNnjLuvcAojDQqfiz/8kK1Mhv)
Now you are enabled to use Jasypt to encrypt your passwords and keep your sensitive info safe.