0

I use the excellent JASYPT plugin to encrypt and decrypt certain database columns. Works great. But I have a usecase for encryption/decryption for simple Strings that are not going to the database and I'd love to use my already set up Jasypt configuration with my secret and the digest to do it rather than bring in another plugin or crypto configuration, but it seems the documentation only show how use it for GORM and domain classes.

https://bitbucket.org/tednaleid/grails-jasypt/wiki/Home

Ideally I'd keep things really simple like this

String encrypted = myJasyptConfig().encrypt(myString)
//then later
String decrypted = myJasyptConfig().decrypt(encrypted)

Possible?

Peter
  • 29,498
  • 21
  • 89
  • 122
  • This is not for password storage or something similar, right? – ntoskrnl Oct 05 '13 at 14:55
  • No not related to password storage. – Peter Oct 07 '13 at 01:22
  • But isn't this effectively the same thing – in other words, instead of decrypting the stored ciphertext and comparing it with the given plaintext, why not encrypt the given plaintext and compare the result to the stored ciphertext? This way you could use a one-way hash function instead of a reversible encryption method. – ntoskrnl Oct 07 '13 at 16:03
  • Oh I see what your comment is related to. My example code is not indicative of my use case. I see how that can be confusing and have changed it. – Peter Oct 07 '13 at 17:08

1 Answers1

2

The plugin has jasypt dependencies and they are exported to app (plugin dependencies are transitively available to the app by default).

I think you can use the StandardPBEStringEncryptor as is based on your config.

Add the below method as an action in a sample controller (inject grailsApplication) of your app and hit it.

def standard(){
    def jasyptConfig = grailsApplication.config.jasypt
    org.jasypt.encryption.pbe.StandardPBEStringEncryptor stringEncryptor = 
           new org.jasypt.encryption.pbe.StandardPBEStringEncryptor(jasyptConfig)

    def encrypted = stringEncryptor.encrypt("Hello World")
    def decrypted = stringEncryptor.decrypt(encrypted)

    render([encrypted: encrypted, decrypted: decrypted] as JSON)
}

or just run the above method in grails console.

dmahapatro
  • 49,365
  • 7
  • 88
  • 117
  • Worked like a charm outside of unit tests. It appears the configured jasypt providers aren't wired into the java security framework for unit tests - not a huge deal as I can metaclass override the encryption methods for testing but if you have an idea how to make your solution work in unit tests let me know – Peter Oct 08 '13 at 20:52
  • @pete Can you add the unit test that you have tried, to the question? – dmahapatro Oct 08 '13 at 20:55