问题
I want to use the Jasypt library to decrypt properties in Spring through the EncryptablePropertyPlaceholderConfigurer class. I want to encrypt/decrypt these properties using the asymmetric public/private key approach.
Could you please confirm the Jasypt does or does not support it (out of the box or maybe using the JCE)? If not is there any other library doing it (providing both the spring integration and asymmetric public/private key approach)?
回答1:
Finally, I used the following solution. Maybe somebody will find it is useful.
- Wrote a simple helper class decrypting the data using RSA (you can find how to do it here)
- Implemented my own version of PropertyPlaceholderConfigurer class by extending the original one (org.springframework.beans.factory.config.PropertyPlaceholderConfigurer) and calling the helper class to decode the data, whenever an encrypted property value was found.
回答2:
I don't know about Jasypt but asymmetric encryption is not suitable to encrypt data bigger than its key size. It's unlikely that any library offers a full encryption using an asymmetric algorithm. That's not the purpose of asymmetric encryption.
Usually you share a symmetric key (e.g. AES) using an asymmetric encryption (e.g. RSA).
来源:https://stackoverflow.com/questions/29517807/jasypt-and-asymmetric-encryption