SSM資料庫賬號密碼加密
阿新 • • 發佈:2019-01-30
使用SSM框架開發WEB專案時,資料庫的賬號密碼一般會寫在dbconfig.properties裡,為了做到保護版權等效果,要對資料庫賬號密碼進行加密,一共有分為三步。
一、建立DESUtil類
提供自定義金鑰,加密解密的方法。
package com.hzdy.DCAD.common.util;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import java.security.Key;
import java.security.SecureRandom;
/**
* Created by Wongy on 2017/10/30.
*/
public class DESUtil {
private static Key key;
//自己的金鑰
private static String KEY_STR = "mykey";
static {
try {
KeyGenerator generator = KeyGenerator.getInstance("DES");
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG" );
secureRandom.setSeed(KEY_STR.getBytes());
generator.init(secureRandom);
key = generator.generateKey();
generator = null;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
/**
* 對字串進行加密,返回BASE64的加密字串
*
* @param str
* @return
* @see [類、類#方法、類#成員]
*/
public static String getEncryptString(String str) {
BASE64Encoder base64Encoder = new BASE64Encoder();
try {
byte[] strBytes = str.getBytes("UTF-8");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] encryptStrBytes = cipher.doFinal(strBytes);
return base64Encoder.encode(encryptStrBytes);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
/**
* 對BASE64加密字串進行解密
*
*/
public static String getDecryptString(String str) {
BASE64Decoder base64Decoder = new BASE64Decoder();
try {
byte[] strBytes = base64Decoder.decodeBuffer(str);
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] encryptStrBytes = cipher.doFinal(strBytes);
return new String(encryptStrBytes, "UTF-8");
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static void main(String[] args) {
String name = "root";
String password = "hzdy2016";
String encryname = getEncryptString(name);
String encrypassword = getEncryptString(password);
System.out.println("encryname : " + encryname);
System.out.println("encrypassword : " + encrypassword);
System.out.println("name : " + getDecryptString(encryname));
System.out.println("password : " + getDecryptString(encrypassword));
}
}
二、 建立EncryptPropertyPlaceholderConfigurer類
建立與配置檔案的關聯。
package com.hzdy.DCAD.common.util;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
public class EncryptPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
//屬性需與配置檔案的KEY保持一直
private String[] encryptPropNames = {"jdbc.username", "jdbc.password"};
@Override
protected String convertProperty(String propertyName, String propertyValue) {
//如果在加密屬性名單中發現該屬性
if (isEncryptProp(propertyName)) {
String decryptValue = DESUtil.getDecryptString(propertyValue);
System.out.println(decryptValue);
return decryptValue;
} else {
return propertyValue;
}
}
private boolean isEncryptProp(String propertyName) {
for (String encryptName : encryptPropNames) {
if (encryptName.equals(propertyName)) {
return true;
}
}
return false;
}
}
修改配置檔案
將spring-context中的
<context:property-placeholder location="classpath:.properties" />
修改為
<bean class="com.hzdy.DCAD.common.util.EncryptPropertyPlaceholderConfigurer"p:locations="classpath:*.properties"/>
//注意只能存在一個讀取配置檔案的bean,否則系統只會讀取最前面的
這個時候就能實現,在配置檔案中寫密文,系統讀取時自動變成明文的效果。