1.编写加密,解密工具类
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
/**
* DES是一种对称加密算法,所谓对称加密算法即:加密和解密使用相同密钥的算法。
*
*/
public class DESUtil {
private static Key key;
// 设置密钥key
private static String KEY_STR = "myKey";
private static String CHARSETNAME = "UTF-8";
private static String ALGORITHM = "DES";
static {
try {
// 生成DES算法对象
KeyGenerator generator = KeyGenerator.getInstance(ALGORITHM);
// 运用SHA1安全策略
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
// 设置上密钥种子
secureRandom.setSeed(KEY_STR.getBytes());
// 初始化基于SHA1的算法对象
generator.init(secureRandom);
// 生成密钥对象
key = generator.generateKey();
generator = null;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
/**
* 获取加密后的信息
*
* @param str
* @return
*/
public static String getEncryptString(String str) {
// 基于BASE64编码,接收byte[]并转换成String
BASE64Encoder base64encoder = new BASE64Encoder();
try {
// 按UTF8编码
byte[] bytes = str.getBytes(CHARSETNAME);
// 获取加密对象
Cipher cipher = Cipher.getInstance(ALGORITHM);
// 初始化密码信息
cipher.init(Cipher.ENCRYPT_MODE, key);
// 加密
byte[] doFinal = cipher.doFinal(bytes);
// byte[]to encode好的String并返回
return base64encoder.encode(doFinal);
} catch (Exception e) {
// TODO: handle exception
throw new RuntimeException(e);
}
}
/**
* 获取解密之后的信息
*
* @param str
* @return
*/
public static String getDecryptString(String str) {
// 基于BASE64编码,接收byte[]并转换成String
BASE64Decoder base64decoder = new BASE64Decoder();
try {
// 将字符串decode成byte[]
byte[] bytes = base64decoder.decodeBuffer(str);
// 获取解密对象
Cipher cipher = Cipher.getInstance(ALGORITHM);
// 初始化解密信息
cipher.init(Cipher.DECRYPT_MODE, key);
// 解密
byte[] doFinal = cipher.doFinal(bytes);
// 返回解密之后的信息
return new String(doFinal, CHARSETNAME);
} catch (Exception e) {
// TODO: handle exception
throw new RuntimeException(e);
}
}
/**
* 测试
*
* @param args
*/
public static void main(String[] args) {
//测试加密
System.out.println(getEncryptString("root"));
//测试解密
System.out.println(getDecryptString(getEncryptString("root")));
}
}
2.编写解密配置类
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
public class EncryptPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
// 需要加密的字段数组
private String[] encryptPropNames = { "jdbc.username", "jdbc.password" };
/**
* 对关键的属性进行转换
*/
@Override
protected String convertProperty(String propertyName, String propertyValue) {
if (isEncryptProp(propertyName)) {
// 对已加密的字段进行解密工作
String decryptValue = DESUtil.getDecryptString(propertyValue);
return decryptValue;
} else {
return propertyValue;
}
}
/**
* 该属性是否已加密
*
* @param propertyName
* @return
*/
private boolean isEncryptProp(String propertyName) {
// 若等于需要加密的field,则进行加密
for (String encryptpropertyName : encryptPropNames) {
if (encryptpropertyName.equals(propertyName))
return true;
}
return false;
}
3.编写配置文件,把刚才加密的数据写到配置文件中
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/o2o?useUnicode=true&characterEncoding=utf8
jdbc.username=WnplV/ietfQ=
jdbc.password=WnplV/ietfQ=
#jdbc.username=root
#jdbc.password=root
4.在加载数据库配置的时候进行解密操作
<!--读取数据库配置文件 -->
<bean id="placeholderConfigurer"
class="com.imooc.o2o.common.util.EncryptPropertyPlaceholderConfigurer">
<property name="locations">
<array>
<value>classpath*:jdbc.properties</value>
</array>
</property>
<property name="fileEncoding" value="UTF-8"></property>
</bean>
<!-- 2.数据库连接池 -->
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close">
<property name="driverClass" value="${jdbc.driver}" />
<property name="jdbcUrl" value="${jdbc.url}" />
<property name="user" value="${jdbc.username}" />
<property name="password" value="${jdbc.password}" />
<!-- c3p0连接池的私有属性 -->
<property name="maxPoolSize" value="30" />
<property name="minPoolSize" value="10" />
<!-- 关闭连接后不自动commit -->
<property name="autoCommitOnClose" value="false" />
<!-- 获取连接超时时间 -->
<property name="checkoutTimeout" value="10000" />
<!-- 当获取连接失败重试次数 -->
<property name="acquireRetryAttempts" value="2" />
</bean>