jasypt config 추가

pom.xml

@@ -74,6 +74,13 @@
             <version>1.16</version>
         </dependency>
 
+        <!-- https://mvnrepository.com/artifact/com.github.ulisesbocchio/jasypt-spring-boot-starter -->
+        <dependency>
+            <groupId>com.github.ulisesbocchio</groupId>
+            <artifactId>jasypt-spring-boot-starter</artifactId>
+            <version>3.0.5</version>
+        </dependency>
+
         <dependency>
             <groupId>com.microsoft.sqlserver</groupId>
             <artifactId>mssql-jdbc</artifactId>

src/main/java/com/interplug/qcast/QCastApplication.java

@@ -1,10 +1,13 @@
 package com.interplug.qcast;
 
+import com.interplug.qcast.config.jasypt.JasyptConfig;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
+import org.springframework.context.annotation.Import;
 
 @SpringBootApplication(exclude = {DataSourceAutoConfiguration.class})
+@Import({JasyptConfig.class})
 public class QCastApplication {
 
   public static void main(String[] args) {

src/main/java/com/interplug/qcast/config/jasypt/JasyptConfig.java

@@ -0,0 +1,70 @@
+package com.interplug.qcast.config.jasypt;
+
+import org.jasypt.encryption.StringEncryptor;
+import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
+import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
+import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
+import org.springframework.beans.factory.annotation.Configurable;
+import org.springframework.context.annotation.Bean;
+
+/**
+ *
+ *
+ * <pre>
+ * 설정파일(yml or properties)에 있는 password 를 암호화
+ * </pre>
+ *
+ * @author KimYoungHyun (youngh.kim@kt.com)
+ */
+@Configurable
+public class JasyptConfig {
+
+  private static final String KEY = "qcast_jasypt_key";
+  private static final String ALGORITHM = "PBEWithMD5AndDES";
+
+  /**
+   *
+   *
+   * <pre>
+   * jasyptEncryptor 설정
+   * </pre>
+   *
+   * @author KimYoungHyun (youngh.kim@kt.com)
+   * @return StringEncryptor
+   */
+  @Bean(name = "jasyptStringEncryptor")
+  public StringEncryptor jasyptEncryptor() {
+    PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
+    SimpleStringPBEConfig config = new SimpleStringPBEConfig();
+
+    config.setPassword(KEY);
+    config.setAlgorithm(ALGORITHM);
+    config.setKeyObtentionIterations("1000");
+    config.setPoolSize("1");
+    config.setProviderName("SunJCE");
+    config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
+    config.setStringOutputType("base64");
+    encryptor.setConfig(config);
+
+    return encryptor;
+  }
+
+  /**
+   *
+   *
+   * <pre>
+   * 평문을 암호화한다.
+   * </pre>
+   *
+   * @author KimYoungHyun (youngh.kim@kt.com)
+   * @param value
+   * @return String
+   */
+  public static String encrypt(String value) {
+    StandardPBEStringEncryptor pbeEnc = new StandardPBEStringEncryptor();
+    pbeEnc.setAlgorithm(ALGORITHM);
+    pbeEnc.setPassword(KEY);
+
+    return pbeEnc.encrypt(value);
+  }
+}

src/main/resources/config/application.yml

@@ -16,7 +16,7 @@ spring:
       driver-class-name: net.sf.log4jdbc.sql.jdbcapi.DriverSpy
       jdbc-url: jdbc:log4jdbc:sqlserver://localhost:1433;databaseName=qcastdb;encrypt=true;trustServerCertificate=true
       username: qcast
-      password: qcast1234!
+      password: ENC(rg8lFosEDRzKrg3WQjFrrbUDlzLnbsMa)
       maximum-pool-size: 4
       pool-name: Master-HikariPool
       #      connection-test-query: SELECT 1
@@ -24,7 +24,7 @@ spring:
       driver-class-name: net.sf.log4jdbc.sql.jdbcapi.DriverSpy
       jdbc-url: jdbc:log4jdbc:sqlserver://localhost:1433;databaseName=qcastdb;encrypt=true;trustServerCertificate=true
       username: qcast
-      password: qcast1234!
+      password: ENC(rg8lFosEDRzKrg3WQjFrrbUDlzLnbsMa)
       maximum-pool-size: 4
       pool-name: Read-HikariPool
   #      connection-test-query: SELECT 2

src/test/java/com/interplug/qcast/config/jasypt/JasyptConfigTest.java

@@ -0,0 +1,14 @@
+package com.interplug.qcast.config.jasypt;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import lombok.extern.slf4j.Slf4j;
+import org.junit.jupiter.api.Test;
+
+@Slf4j
+class JasyptConfigTest {
+  @Test
+  void test() {
+    log.info(JasyptConfig.encrypt("qcast1234!"));
+  }
+}