IMPORTANT: It is strongly advised not to use version 1.4 of the Apache Commons-Codec library as a dependency for Jasypt. Due to an important but still unsolved bug [#CODEC-89], commons-codec will append a line feed to every base64-encoded text it produces, so if you use this encoding for your encrypted texts (which Jasypt does by default), this may render your results inconsistent.
This problem will not arise if you use the default version of this library included by jasypt via Maven (which is 1.1).


Jasypt 1.6 RELEASED! (January 7th, 2010). [DOWNLOAD][ChangeLog ]

What's new:

Java Simplified Encryption

Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.

  • High-security, standards-based encryption techniques, both for unidirectional and bidirectional encryption. Encrypt passwords, texts, numbers, binaries...
  • Transparent integration with Hibernate.
  • Suitable for integration into Spring-based applications and also transparently integrable with Spring Security (formerly ACEGI).
  • Integrated capabilities for encrypting the configuration of applications (i.e. datasources).
  • Open API for use with any JCE provider.
  • ...and much more

Have a look at the complete set of Jasypt Features or check the FAQ.

With Jasypt, encrypting and checking a password can be as simple as...

BasicPasswordEncryptor passwordEncryptor = new BasicPasswordEncryptor();
String encryptedPassword = passwordEncryptor.encryptPassword(userPassword);
...
if (passwordEncryptor.checkPassword(inputPassword, encryptedPassword)) {
  // correct!
} else {
  // bad login!
}

...encrypting and decrypting a text...

BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPassword(myEncryptionPassword);
String myEncryptedText = textEncryptor.encrypt(myText);
...
String plainText = textEncryptor.decrypt(myEncryptedText);

...and what about encrypting some sensitive data directly from Hibernate?

<class name="Employee" table="EMPLOYEE">
  ...
  <property name="address" column="ADDRESS" type="encryptedString" />
  <property name="salary" column="SALARY" type="encryptedDecimal" />
  ...
<class>

But of course, besides easy, jasypt is highly configurable. You will be able to choose encryption algorithms, salt generation and many more advanced features...

Encryption can be simple to use, spread the word!

Have you written an article, tutorial or review about Jasypt in English or in your own language? Tell us so that we can link it from the External Resources page.