This folder explains how to enable property encryption, and how to encrypt and decrypt values.
We are using jasypt
In this folder, run:
./unpack-jasypt.sh
npm install
A number of Node.js scripts are provided here to make dealing with encrypted properties smoother. These follow the Unix convention of converting standard input to standard output, so they can be piped together.
- Check the following entry under
Tech logins
in 1Password to see if there's already an encryption key for the given environment:Passwords for encrypted property files
. - If there's not yet a password, create one by adding a new field to the entry in 1Password.
- Run
node encrypt-properties.js --help
to learn how to encrypt properties in a file. - Make sure that the password is added to the following environment variable, and present when the app is running in the given environment:
properties_decrypt_key
.
- Find the password for the environment under
Tech logins
in 1Password. - Run
node decrypt-properties.js --help
for more information.
- Run
node encrypt-properties-with-new-password.js --help
for more information.
See the official documentation for further details.
If you get a EncryptionOperationNotPossibleException when the application tries to decrypt the value, double check that
the algorithm and IV generator arguments you've provided to the jasypt binary match the values in EncryptablePropertiesFactory.java
.
We have included the jasypt distribution zip in our repo for convenience and consistency.
The current version is 1.9.3 and was downloaded from the following URL: https://github.com/jasypt/jasypt/releases/download/jasypt-1.9.3/jasypt-1.9.3-dist.zip