https://bit.ly/2zcHsrv

패스워드 암호화(encrypt password).java

pom.xml
<!-- Encryption Library -->
<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>3.0.2</version>
</dependency>
<dependency>
    <groupId>org.bouncycastle</groupId>
    <artifactId>bcprov-jdk15on</artifactId>
    <version>1.64</version>
</dependency>

——————————————————————— 


@Configuration
public class EncryptConfig {

    @Bean("jasyptStringEncryptor")
    public StringEncryptor stringEncryptor() {
        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        config.setPassword("{CUSTOM_PASSWORD}");    //적용할 패스워드를 넣는다 
        config.setAlgorithm("PBEWithSHA1AndDESede");
        config.setKeyObtentionIterations("1000");
        config.setPoolSize("1");
        config.setProvider(new BouncyCastleProvider());
        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
        config.setStringOutputType("base64");
        encryptor.setConfig(config);
        return encryptor;
    }
}

——————————————————————— 

public class EncryptConfigTest {

    @Autowired
    private StringEncryptor jasyptStringEncryptor;

    @Test
    public void testEncrypt() {
        String originString = "EncryptConfigTest";

        String encryptedString = jasyptStringEncryptor.encrypt(originString);
        log.info("##### encrypted string : {}", encryptedString);
        
        String decryptedString = jasyptStringEncryptor.decrypt(encryptedString); 
        log.info("##### decrypted string : {}", decryptedString);
    }

}

——————————————————————— 

property file도 암호화된 문자열을 ENC() 형태로 감싸서 적용할 수 있습니다.
spring:
  profiles: local
  datasource:
    url: jdbc:mysql://localhost:13306/testDB?useUnicode=yes&characterEncoding=UTF-8
    username: ENC(iz8p6xZ6Or+gbMphJu8VsHIHwNGKNgVW)     #암호화된 유저정보 
    password: ENC(tDUfykZXyTthimgZT35ECw+GpX0y/TZz)     #암호화된 패스워드
    driver-class-name: com.mysql.cj.jdbc.Driver
    
———————————————————————

PA Entity에 암복호화가 필요한 필드에 대해서도 AttributeConverter를 통해 자동 암복호화가 가능합니다.
아래와 같이 AttributeConverter 를 정의하고

@Converter
public class StringEncryptConverter implements AttributeConverter<String, String> {

    private static StringEncryptor stringEncryptor;

    @Autowired
    @Qualifier("jasyptStringEncryptor")
    public void setStringEncryptor(StringEncryptor encryptor) {
        StringEncryptConverter.stringEncryptor = encryptor;
    }

    @Override
    public String convertToDatabaseColumn(String entityString) {

        return Optional.ofNullable(entityString)
                       .filter(s -> !s.isEmpty())
                       .map(StringEncryptConverter.stringEncryptor::encrypt)
                       .orElse("");
    }

    @Override
    public String convertToEntityAttribute(String dbString) {

        return Optional.ofNullable(dbString)
                       .filter(s -> !s.isEmpty())
                       .map(StringEncryptConverter.stringEncryptor::decrypt)
                       .orElse("");
    }
}

———————————————————————

Entity에 Converter를 적용합니다.

@Entity
@Table(name = "user")
@Data
@NoArgsConstructor
@AllArgsConstructor
public class User {

    @Id
    private String userId;

    //자동으로 DB 암복호화가 가능
    @Convert(converter = StringEncryptConverter.class)
    private String password;
}

———————————————————————