Encryption and decryption are frequently used processes, and Spring Security has a convenient interface and is easy to use, so let's create a sample.
For text: org.springframework.security.crypto.encrypt.TextEncryptor For byte array: org.springframework.security.crypto.encrypt.BytesEncryptor
For text: org.springframework.security.crypto.keygen.StringKeyGenerator For byte array: org.springframework.security.crypto.keygen.BytesKeyGenerator
package sample.security;
import java.util.Base64;
import org.apache.commons.codec.binary.Hex;
import org.springframework.security.crypto.encrypt.BytesEncryptor;
import org.springframework.security.crypto.encrypt.Encryptors;
import org.springframework.security.crypto.encrypt.TextEncryptor;
import org.springframework.security.crypto.keygen.KeyGenerators;
public class Test {
public static void main(String[] args) {
//Plaintext
String orginalText = "I like ◯◯.";
//Common key
String encryptSecrerKey = "GOV2dkHGQcE1ZcX8";
//Salt: Random number generation
byte[] bytes = KeyGenerators.secureRandom(16).generateKey();
String salt = new String(Hex.encodeHexString(bytes));
//CBC method
TextEncryptor cbcTextEncryptor = Encryptors.text(orginalText, salt);
//encryption
String encryptedCbcData = cbcTextEncryptor.encrypt(orginalText);
System.out.println("Encrypted result (AES-CBC): " + encryptedCbcData);
//Decryption
String decryptedCbcData = cbcTextEncryptor.decrypt(encryptedCbcData);
System.out.println("Decrypted result (AES-CBC): " + decryptedCbcData);
//GCM method
TextEncryptor aesGcmTextEncryptor = Encryptors.delux(encryptSecrerKey, salt);
//encryption
String encryptedData = aesGcmTextEncryptor.encrypt(orginalText);
System.out.println("Encrypted result (AES-GCM): " + encryptedData);
//Decryption
String decryptedData = aesGcmTextEncryptor.decrypt(encryptedData);
System.out.println("Decrypted result (AES-GCM): " + decryptedData);
//binary(CBC)
BytesEncryptor binaryEncryptor = Encryptors.standard(encryptSecrerKey, salt);
//encryption
String encryptedBinaryData = Base64.getEncoder()
.encodeToString(binaryEncryptor.encrypt(orginalText.getBytes()));
System.out.println("Encrypted result (binary CBC): " + encryptedBinaryData);
//Decryption
byte[] decryptedBinaryData = binaryEncryptor.decrypt(Base64.getDecoder().decode(encryptedBinaryData));
System.out.println("Decrypted result (binary CBC): " + new String(decryptedBinaryData));
//binary(GCM)
BytesEncryptor aesGcmBinaryEncryptor = Encryptors.stronger(encryptSecrerKey, salt);
//encryption
String gcmEncryptedBinaryData = Base64.getEncoder()
.encodeToString(aesGcmBinaryEncryptor.encrypt(orginalText.getBytes()));
System.out.println("Encrypted result (binary GCM): " + gcmEncryptedBinaryData);
//Decryption
byte[] gcmDecryptedBinaryData = binaryEncryptor.decrypt(Base64.getDecoder().decode(encryptedBinaryData));
System.out.println("Decrypted result (binary GCM): " + new String(gcmDecryptedBinaryData));
}
}
Execution result example:
Encrypted result (AES-CBC): a34e20774314b85322de3eaf6c10f6990befe353d382cc449039524ffb7042b442f2a7a00beeddc94c8ad1495f6a0fba Decrypted result (AES-CBC): I like ◯◯. Encrypted result (AES-GCM): 1f5c89aeabf9f05a3cb286d1eca6e06ecd3259e9e52cea96d80e41d60614e436657317b7e69ad5b3e8672adaadd2434af69cbd36b516462908bef26d1ecf Decrypted result (AES-GCM): I like ◯◯. Encrypted result (binary CBC): zQg1LujXz6lpMwVoqNvG + ETtDbEC / LE0kq1LKJ + 4d8ntbPDHDsAC0e5w6Eym7Hps Decrypted result (binary CBC): I like ◯◯. Encrypted result (binary GCM): gSFtQJCV0OSkjdg8sf + WHxYAFIdZrgb6MFWsPTmzau67lzFVW + ZJP36bWPQQ0p8 / QZ9FIgQ7isZm4fIYt1g = Decrypted result (binary GCM): I like ◯◯.
Reference: https://docs.spring.io/spring-security/site/docs/5.2.1.RELEASE/reference/htmlsingle/#spring-security-crypto-encryption-text
that's all