目录
一、jasypt介绍
jasypt一个开源的java加密库,旨在简化Java应用程序中的加密操作。它提供了一种简单而强大的方式来处理数据的加密和解密,使开发者能够轻松地保护应用程序中的敏感信息,如数据库密码、API密钥等。Jasypt的设计理念是简化加密操作,使其对开发者更加友好,同时采用密码学强度的加密算法,支持多种加密算法,从而平衡了性能和安全性。
二、spring boot 集成 jasypt
1.pom.xml引入依赖包
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.18.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.springboot</groupId>
<artifactId>springboot</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>springboot</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- mysql -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<!-- jasypt -->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.2</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
2.配置MyUtils加密工具类,并使用main方法生成加密串
package com.springboot.common.utils;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
/**
* Description 自定义工具类
*/
public class MyUtils {
/**
* @Description jasypt加解密
* @param secretKey :密钥。加/解密必须使用同一个密钥
* @param message :加/解密的内容
* @param isEncrypt :true 表示加密、false 表示解密
* @return
*/
public static String jasyptStringEncryptor(String secretKey, String message, boolean isEncrypt) {
//配置加解密实现类对象
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword(secretKey);
config.setPoolSize("1");
config.setAlgorithm("PBEWithMD5AndDES");
config.setKeyObtentionIterations("1000");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
config.setStringOutputType("base64");
//配置加解密池
PooledPBEStringEncryptor pooledPBEStringEncryptor = new PooledPBEStringEncryptor();
pooledPBEStringEncryptor.setConfig(config);
String result = isEncrypt ? pooledPBEStringEncryptor.encrypt(message) : pooledPBEStringEncryptor.decrypt(message);
return result;
}
public static void main(String[] args) {
String s = MyUtils.jasyptStringEncryptor("miyao", "root", true);
System.out.println("加密后字符串:" + s);
}
}
3.配置application.yml对mysql密码进行加密配置
jasypt:
encryptor:
#密钥
password: miyao
#解密算法
algorithm: PBEWithMD5AndDES
spring:
datasource:
url: jdbc:mysql://localhost:3306/db_basedemo?useUnicode=true&characterEncoding=utf-8&serverTimezone=GMT%2B8
driver-class-name: com.mysql.cj.jdbc.Driver
username: username
#使用ENC()将加密信息包裹,jasypt会自动将内容进行解密使用
password: ENC(U+bQGNUzevKrx3CwuFPKg7/0W4USWl9b)