1.配置文件中采用DES()形式
application.properties中使用DES(),括号中使用加密后的信息
jdbc.url = DES(SDFKLJDFKLJDLK1244KKLHKJHKASJDF343HJKHKJDSFDSF3124324)
jdbc.user = DES(SDNFKJDNFKDNFKNK324324KJ3B4JKB3KJ32K4J3B2KJ4B3KJB4KJ32)
jdbc.password = DES(HK23H4K3J2H4KJ32H4KJ32H4KL32H4KJL32H4KJL32H4JK32H4K3L4H)
2.使用
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.security.Security;
public class DESEncryptUtil
{
private static final String Algorithm = "DES"; //定义 加密算法,可用 DES,DESede,Blowfish
static String strKey = "123456";
//src为被加密的数据缓冲区(源)
public static byte[] encryptMode(byte[] keybyte, byte[] src) {
try {
//生成密钥
SecretKey deskey = new SecretKeySpec(keybyte, Algorithm);
//加密
Cipher c1 = Cipher.getInstance(Algorithm);
c1.init(Cipher.ENCRYPT_MODE, deskey);
return c1.doFinal(src);
}
catch (java.security.NoSuchAlgorithmException e1) {
e1.printStackTrace();
}
catch (javax.crypto.NoSuchPaddingException e2) {
e2.printStackTrace();
}
catch (Exception e3) {
e3.printStackTrace();
}
return null;
}
//keybyte为加密密钥,长度为24字节
//src为加密后的缓冲区
public static byte[] decryptMode(byte[] keybyte, byte[] src) {
try {
//生成密钥
SecretKey deskey = new SecretKeySpec(keybyte, Algorithm);
//解密
Cipher c1 = Cipher.getInstance(Algorithm);
c1.init(Cipher.DECRYPT_MODE, deskey);
return c1.doFinal(src);
}
catch (java.security.NoSuchAlgorithmException e1) {
e1.printStackTrace();
}
catch (javax.crypto.NoSuchPaddingException e2) {
e2.printStackTrace();
}
catch (Exception e3) {
e3.printStackTrace();
}
return null;
}
//转换成十六进制字符串
public static String byte2hex(byte[] b) {
String hs="";
String stmp="";
for (int n=0;n<b.length;n++) {
stmp=(Integer.toHexString(b[n] & 0XFF));
if (stmp.length()==1) hs=hs+"0"+stmp;
else hs=hs+stmp;
if (n<b.length-1) hs=hs+"";
}
return hs.toUpperCase();
}
//16 进制 转 2 进制
public static byte[] hex2byte(String hex) throws IllegalArgumentException {
if (hex.length() % 2 != 0) {
throw new IllegalArgumentException();
}
char[] arr = hex.toCharArray();
byte[] b = new byte[hex.length() / 2];
for (int i = 0, j = 0, l = hex.length(); i < l; i++, j++) {
String swap = "" + arr[i++] + arr[i];
int byteint = Integer.parseInt(swap, 16) & 0xFF;
b[j] = new Integer(byteint).byteValue();
}
return b;
}
private static byte[] hex2byte(byte[] b) {
if ((b.length % 2) != 0)
throw new IllegalArgumentException("长度不是偶数");
byte[] b2 = new byte[b.length / 2];
for (int n = 0; n < b.length; n += 2) {
String item = new String(b, n, 2);
b2[n / 2] = (byte) Integer.parseInt(item, 16);
}
return b2;
}
//加密
public static String Encrypt(String str, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] encrypt = encryptMode(key, str.getBytes());
return byte2hex(encrypt);
}
//加密
public static byte[] EncryptRetByte(byte[] src, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] encrypt = encryptMode(key, src);
return encrypt;
}
//解密
public static String Decrypt(String str, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] decrypt = decryptMode(key, hex2byte(str));
return new String(decrypt);
}
public static void main(String arg[]){
String str = "jdbc";
String s3 = Encrypt(str, hex2byte(strKey));
String s4 = Decrypt(s3, hex2byte(strKey));
System.out.println(s3);
System.out.println(s4);
str = "root";
s3 = Encrypt(str, hex2byte(strKey));
s4 = Decrypt(s3, hex2byte(strKey));
System.out.println(s3);
System.out.println(s4);
str = "123456";
s3 = Encrypt(str, hex2byte(strKey));
s4 = Decrypt(s3, hex2byte(strKey));
System.out.println(s3);
System.out.println(s4);
}
}
加密方式可以选择自己想要的加密方式,也可以自定义括号的前缀信息DES等。
3.项目启动运行时解密配置文件
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.BeanInitializationException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
import java.util.Properties;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
* 配置文件加解密 以DES(...)包括起来的数据是已经加密的数据 通过这个工具会被解密
*/
public class DecryptPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
private Logger logger = LoggerFactory.getLogger(DecryptPropertyPlaceholderConfigurer.class);
private static Pattern pattern = Pattern.compile("^DES\\((.*)\\)$");
@Override
protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props) throws BeansException {
try {
Set<String> propertyNamesSet = props.stringPropertyNames();
for (String propertyName : propertyNamesSet) {
String propertyValue = props.getProperty(propertyName);
if(propertyValue == null) {
continue;
}
Matcher matcher = pattern.matcher(propertyValue);
if(matcher.matches() && matcher.groupCount() == 1) {
String desValue = matcher.group(1);
String originalValue = DESEncryptUtil.Decrypt(desValue, DESEncryptUtil.hex2byte(DESEncryptUtil.strKey));
props.setProperty(propertyName, originalValue);
}
}
super.processProperties(beanFactory, props);
} catch (Exception e) {
throw new BeanInitializationException(e.getMessage());
}
}
}
通过自定义DecryptPropertyPlaceholderConfigu 继承 PropertyPlaceholderConfigurer,默认的spring框架会自动加载PropertyPlaceholderConfigurer,通过自定义继承,然后再把所有DES中的配置文件进行解密后还原原有信息。