背景: 配置文件中, 连接数据库需要写入显式的密码, 不安全.
解决: 借助Druid工具将数据库密码加密
实现:
- 引入依赖:
<!-- druid连接池 -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid-spring-boot-starter</artifactId>
<version>1.1.22</version>
</dependency>
- 加密工具类:
import com.alibaba.druid.filter.config.ConfigTools;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
/**
* @description: 数据库加密
* @author: dcy
* @create: 2024-01-21 17:53
*/
public class DruidEncryptUtil {
private static String publicKey;
private static String privateKey;
static {
try {
String[] keyPair = ConfigTools.genKeyPair(512);
privateKey = keyPair[0];
System.out.println("privateKey: " + privateKey);
publicKey = keyPair[1];
System.out.println("publicKey: " + publicKey);
} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
e.printStackTrace();
}
}
public static String encrypt(String plainText) throws Exception {
String encrypt = ConfigTools.encrypt(privateKey, plainText);
System.out.println("encrypt: " + encrypt);
return encrypt;
}
public static String decrypt(String plainText) throws Exception {
String decrypt = ConfigTools.decrypt(publicKey, plainText);
System.out.println("decrypt: " + decrypt);
return decrypt;
}
public static void main(String[] args) throws Exception {
encrypt("数据库密码");
}
}
控制台输出:
3. 修改配置问价application.yml. 配置密码和publicKey
spring:
datasource:
username: root
password: X2IRX0Ky7HA5pzuHhrw+NrFEOASdPDd/mcRPToB1RtNCzK6sRPeP6HHeRQntbdb+ADtcWyOGidN9zY81Ho6Fyg==
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://localhost:3306/test?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&useSSL=false
type: com.alibaba.druid.pool.DruidDataSource
druid:
initial-size: 20
min-idle: 20
connectionProperties: config.decrypt=true;config.decrypt.key=${publicKey};
max-active: 100
max-wait: 60000
stat-view-servlet:
enabled: true
url-pattern: /druid/*
login-username: admin
login-password: 123456
filter:
stat:
enabled: true
slow-sql-millis: 2000
log-slow-sql: true
wall:
enabled: true
config:
enabled: true
publicKey: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAPfZSVqPm4CQHho4BvMWVpnC73/pFzIarwlcTmJdhA6Pt4iBLRPAlxP+H6Hz3XyyPvYn2+oVTQcii/iolD595vcCAwEAAQ==