if you run digest.sh
multiple times you will get different hashes for same input values. i assume Jasypt uses a timestamp or a random string as a salt.
to be able to generate same hash, you must know the salt, which is used or control the way it is generated. There is a cli parameter called saltGeneratorClassName
. By providing a class, which implements the SaltGenerator interface you can control the salt generation.
UPDATE:
forget what i said about position of the salt. you just need to change the jasyptStringDigester
a little bit:
<beans:bean id="jasyptStringDigester" class="org.jasypt.digest.StandardStringDigester">
<beans:property name="algorithm">
<beans:value>SHA-256</beans:value>
</beans:property>
<beans:property name="provider">
<beans:ref bean="bcProvider" />
</beans:property>
<beans:property name="saltGenerator">
<beans:ref bean="saltGenerator" />
</beans:property>
</beans:bean>
<beans:bean class="impl.of.your.SaltGenerator" id="saltGenerator" />
and then you need to provide impl.of.your.SaltGenerator
to digest.sh
:
./digest.sh input=admin \
providerClassName=org.bouncycastle.jce.provider.BouncyCastleProvider \
algorithm=SHA-256 \
saltGeneratorClassName=impl.of.your.SaltGenerator