Jasypt 1.2 released, enhances Hibernate encryption support

Discussions

News: Jasypt 1.2 released, enhances Hibernate encryption support

  1. Jasypt (Java Simplified Encryption) is a library aimed at providing developers a simple way to add encryption capabilities to their projects including: password digesting, text/binary encryption, Hibernate transparent encryption and Spring Security (ACEGI) integration. What's new in 1.2:
    • Number encryption support.
    • New and more flexible salt generation infrastructure.
    • Refactored and enhanced easy API (util package).
    • Greatly enhanced Hibernate integration:
      • Easier configuration.
      • Support for encryption of new data types: texts, binaries, numeric types, booleans, dates...
    • Refactored and enhanced Spring Security (ACEGI) integration support.
    • New and updated documentation.
    Jasypt's main features:
    • Jasypt follows the RSA standards for password-based cryptography, and provides you with both unidirectional and bidirectional encryption techniques.
    • Higher security for your users' passwords.
    • Binary encryption support. Jasypt allows the digest and encryption of binaries (byte arrays). Encrypt your objects or files when needed (for being sent over the net, for example).
    • Number encryption support. Besides texts and binaries, it allows the digest and encryption of numeric values (BigInteger and BigDecimal, other numeric types are supported when encrypting for Hibernate persistence).
    • Completely thread-safe.
    • Provides both easy, no-configuration encryption tools for users new to encryption, and also highly configurable standard encryption tools, for power-users.
    • Hibernate 3 optional integration for persisting fields of your mapped entities in an encrypted manner. Encryption of fields is defined in the Hibernate mapping files, and it remains transparent for the rest of the application (useful for sensitive personal data, databases with many read-enabled users...). Encrypt texts, binaries, numbers, booleans, dates...
    • Seamlessly integrable into a Spring application. All the digesters and encryptors in jasypt are designed to be easily used (instantiated, dependency-injected...) from Spring. And, because of their being thread-safe, they can be used without synchronization worries in a singleton-oriented environment like Spring.
    • Spring Security (Acegi Security) optional integration for performing password encryption and matching tasks for the security framework, improving the security of your users' passwords by using safer password encryption mechanisms and providing you with a higher degree of configuration and control.
    • Comprehensive guides and javadoc documentation, to allow developers to better understand what they are really doing to their data.
    • Robust charset support, designed to adequately encrypt and digest texts whichever the original charset is. Complete support for languages like Japanese, Korean, Arabic... with no encoding or platform issues.
    • Very high level of configuration capabilities: The developer can implement tricks like instructing an "encryptor" to ask a, for example, remote HTTPS server for the password to be used for encryption. It lets you meet your security needs.
    Visit the project's website at: http://www.jasypt.org
  2. good tool. Is there sample code that use javascript to encrypt the messages from browser and then use this tool to decrypt the message on the server side? -Hank http://www.imhaha.com