IMPORTANT: It is strongly advised not to use version 1.4 of the Apache Commons-Codec library as a dependency for Jasypt. Due to an important but
still unsolved
bug [#CODEC-89], commons-codec will append a line feed to every base64-encoded
text it produces, so if you use this encoding for your encrypted texts (which Jasypt does by default), this may render your results inconsistent.
This problem will not arise if you use the default version of this library included by jasypt via Maven (which is 1.1).
Jasypt 1.6 RELEASED! (January 7th, 2010). [DOWNLOAD][ChangeLog ]
What's new:
Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
Have a look at the complete set of Jasypt Features or check the FAQ.
With Jasypt, encrypting and checking a password can be as simple as...
BasicPasswordEncryptor passwordEncryptor = new BasicPasswordEncryptor();
String encryptedPassword = passwordEncryptor.encryptPassword(userPassword);
...
if (passwordEncryptor.checkPassword(inputPassword, encryptedPassword)) {
// correct!
} else {
// bad login!
}
...encrypting and decrypting a text...
BasicTextEncryptor textEncryptor = new BasicTextEncryptor(); textEncryptor.setPassword(myEncryptionPassword); String myEncryptedText = textEncryptor.encrypt(myText); ... String plainText = textEncryptor.decrypt(myEncryptedText);
...and what about encrypting some sensitive data directly from Hibernate?
<class name="Employee" table="EMPLOYEE"> ... <property name="address" column="ADDRESS" type="encryptedString" /> <property name="salary" column="SALARY" type="encryptedDecimal" /> ... <class>
But of course, besides easy, jasypt is highly configurable. You will be able to choose encryption algorithms, salt generation and many more advanced features...
Have you written an article, tutorial or review about Jasypt in English or in your own language? Tell us so that we can link it from the External Resources page.