Getting an encrypted Jasypt password in SpringBoot without Plugin

Decryption

I was exploring ulisesbocchio/jasypt-spring-boot: Jasypt integration for Spring boot (github.com) to encrypt a password only for the dev environment.

To decrypt the password from the application.yaml is straightforward.

1. Add the dependency.

dependencies {
   implementation("com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.5")
}

2. Annotate the application

It’s recommended to store the password in a separate file, I store in yaml for convenience because I use cloud solution on higher environments

@SpringBootApplication
@EnableEncryptableProperties
@PropertySource(name="EncryptedProperties", value = ["classpath:application-local.yaml"])
class MongoSpringbootApplication

3. application-local.yaml

jasypt:
  encryptor:
    password: ${password}
encrypted-password: ENC(encrypted-password)

Encryption

There are several ways you could encrypt your password

1. Online Tool (Risk of exposing your plain-text password. Blocked by my organization)
2. Maven Plugin
3. Quick-and-Dirty-Debugging way

If you did not customize Jasypt in SpringBoot, it is using DefaultLazyEncryptor for decryption.

public class DefaultLazyEncryptor implements StringEncryptor {

    ......

    /** {@inheritDoc} */
    @Override
    public String encrypt(final String message) {
        return singleton.get().encrypt(message);
    }

    /** {@inheritDoc} */
    @Override
    public String decrypt(final String encryptedMessage) {
        return singleton.get().decrypt(encryptedMessage);
    }

Place a debugger at L73. Press Alt+F8 to get the Encrytor instance and invoke the encrypt method.

Hope this provide another idea to get an encrypted text quickly.