1. 首先,自己编写加密工具类,我这里使用的是国密(免得其他地方有要求),并使用hutool工具,需要应入pom
package com.banyoyo.epdb.utils;
import cn.hutool.core.util.CharsetUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.symmetric.SymmetricCrypto;
/**
* @ClassName SM4Utils
* @Description TODO
* @Author Banyoyo
* @Date 2024/4/18 9:50
*/
public class SM4Utils {
//key必须是16字节,即128位
final static String key = "abcdefghabcdefgh";
//指明加密算法和秘钥
static SymmetricCrypto sm4 = new SymmetricCrypto("SM4/ECB/PKCS5Padding", key.getBytes());
/**
* 加密为16进制,也可以加密成base64/字节数组
*
* @param plaintext
* @return
*/
public static String encryptSm4(String plaintext) {
if (StrUtil.isBlank(plaintext)) {
return "";
}
return sm4.encryptHex(plaintext, CharsetUtil.CHARSET_UTF_8);
}
/**
* 解密
*
* @param ciphertext
* @return
*/
public static String decryptSm4(String ciphertext) {
if (StrUtil.isBlank(ciphertext)) {
return "";
}
return sm4.decryptStr(ciphertext,CharsetUtil.CHARSET_UTF_8);
}
public static void main(String[] args) {
String url="jdbc:mysql://localhost:3306/ep?useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&serverTimezone=Asia/Shanghai&nullCatalogMeansCurrent=true";
String username="root";
String password="123456";
String urlstr = SM4Utils.encryptSm4(url);
String usernamestr = SM4Utils.encryptSm4(username);
String passwordstr = SM4Utils.encryptSm4(password);
System.out.println("加密后的urlstr字符串为"+urlstr);
System.out.println("加密后的usernamestr字符串为"+usernamestr);
System.out.println("加密后的passwordstr字符串为"+passwordstr);
System.out.println("解密后的urlstr字符串为"+SM4Utils.decryptSm4(urlstr));
System.out.println("解密后的usernamestr字符串为"+SM4Utils.decryptSm4(usernamestr));
System.out.println("解密后的passwordstr字符串为"+SM4Utils.decryptSm4(passwordstr));
}
}
打印结果:
加密后的urlstr字符串为55cefb31b2a805c71443be1a7e0c5b01aa899256121fdd1af5f098f1c1d8ed4bd0aa7fabb91bb9e204596e2522b1aa87486cc60fd45dc64f2d8b01adb3df80e459807cbce9b50eb68ddccc8af042dde5aa39ca7398e97efb662498c641a788809d7efd6414314db6dab13609eb473384f3e15a53efeff4e0c7d1707a0ac2a967497f93f37dc229ebce4bf8963cd91a631ed8218197be5654fce709d7b6fe25cb
加密后的usernamestr字符串为c9fd389f247df4eacaff9693735ac1c5
加密后的passwordstr字符串为951fd163e9d0894fec3d1dac43a2deb8
解密后的urlstr字符串为jdbc:mysql://localhost:3306/ep?useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&serverTimezone=Asia/Shanghai&nullCatalogMeansCurrent=true
解密后的usernamestr字符串为root
解密后的passwordstr字符串为123456
2.在项目启动读取配置前解密
数据库配置不管写在spring.datasource下还是写在spring.datasource.druid下都能读取得到
package com.banyoyo.epdb.config.dataSource;
import cn.hutool.db.ds.DataSourceWrapper;
import com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceWrapper;
import com.ambition.epdb.utils.SM4Utils;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* @ClassName DataSourceConfig
* @Description TODO
* @Author banyoyo
* @Date 2024/4/16 16:21 DataSourceProperties
*/
@Configuration
public class DruidDataSourceConfig extends DruidDataSourceWrapper {
@Bean(value = "druidDataSource")
public void druidDataSource() {
String url = getUrl(); //获取配置中加密链接
//System.out.println("Druid: "+url);
setUrl(SM4Utils.decryptSm4(url)); //写入解秘后链接
String username = getUsername(); //获取配置中加密账号
// System.out.println("Druid: "+username);
setUsername(SM4Utils.decryptSm4(username)); //写入解秘后账号
String password = getPassword(); //获取配置加密密码
//System.out.println("Druid: "+password);
setPassword(SM4Utils.decryptSm4(password)); //写入解密密码
}
}
3.dynamic-datasource多数据源(主要还是继承DynamicDataSourceProperties )
@Configuration
@Qualifier("myDataSourceConfig")
@Primary
public class DataSourceConfig extends DynamicDataSourceProperties {
@Autowired
private Environment env;
@Bean
public DynamicDataSourceProvider handleData() throws Exception{
Map<String, DataSourceProperty> datasource = getDatasource();
DataSourceProperty dbone= datasource.get("dbone");
String username = env.getProperty("spring.datasource.dynamic.datasource.dbone.username");
String password = env.getProperty("spring.datasource.dynamic.datasource.dbone.password");
String key= env.getProperty("key");
dbone.setUsername(SymmetricEncoderUtils.decrypt(username, key));
dbone.setPassword(SymmetricEncoderUtils.decrypt(password, key));
datasource.put("dbone",dbone);
return new YmlDynamicDataSourceProvider(datasource);
}
}