shop--12.升级--加密数据库明文密码

使用PropertyPlaceholderConfigurer实现对称加密

使用DES进行加密

编写DESUtil加密的工具类

package com.shop.util;

import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

/**
 * Created by Skye on 2018/5/12.
 */
public class DESUtils {
    private static Key key;
    //设置秘钥key
    private static String KEY_STR = "myKey";
    private static String CHARSETNAME = "UTF-8";
    private static String ALGORITHM = "DES";

    //生成DES算法实例
    static{
        try {
            //生成DES算法对象
            KeyGenerator keyGenerator = KeyGenerator.getInstance( ALGORITHM );
            //运用SHA1安全策略
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            //设置秘钥种子
            secureRandom.setSeed( KEY_STR.getBytes() );
            //初始化基于SHA1的算法对象
            keyGenerator.init(secureRandom);
            //生成秘钥对象
            key = keyGenerator.generateKey();
            keyGenerator = null;
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
    }

    /**
     * 将信息进行加密
     * @param str
     * @return
     */
    public static String getEncryptString(String str){
        //基于BASE64进行编码,接收byte,并转化为String
        BASE64Encoder base64Encoder = new BASE64Encoder();
        try {
            //按utf-8进行编码
            byte[] bytes = str.getBytes(CHARSETNAME);
            //获取加密对象
            Cipher cipher = Cipher.getInstance( ALGORITHM );
            //初始化加密信息
            cipher.init( Cipher.ENCRYPT_MODE, key );
            //加密
            byte[] doFinal = cipher.doFinal(bytes);
            //返回encode好的String对象
            return base64Encoder.encode( doFinal );
        } catch (Exception e) {
            throw new RuntimeException( e );
        }
    }


    /**
     * 获取解密后的信息
     * @param str
     * @return
     */
    public static String getDecryptString(String str){
        //基于BASE64进行编码,接收byte,并转化为String
        BASE64Decoder base64Decoder = new BASE64Decoder();
        try {
            //将字符串decode成byte[]
            byte[] bytes = base64Decoder.decodeBuffer( str );
            //获取解密对象
            Cipher cipher = Cipher.getInstance( ALGORITHM );
            //初始化解密信息
            cipher.init( Cipher.DECRYPT_MODE, key );
            //解密
            byte[] doFinal = cipher.doFinal(bytes);
            //返回解密后的信息
            return new String(doFinal, CHARSETNAME);
        } catch (Exception e) {
            throw new RuntimeException( e );
        }
    }

    public static void main(String[] args){
        System.out.println(getEncryptString( "root" ));
        System.out.println(getEncryptString( "1234" ));
    }
}

  

编写继承了PropertyPlaceholderConfigurer的类,来实现对相应的关键字进行解密

package com.shop.util;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
/**
 * Created by Skye on 2018/5/13.
 */
public class EncryptPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
    //需要加密的字段数组
    private String[] encryptPropNames = {"jdbc.username", "jdbc.password"};

    /**
     * 对关键属性进行转换
     * @param propertyName
     * @param propertyValue
     * @return
     */
    @Override
    protected String convertProperty(String propertyName, String propertyValue) {
        if(isEncryptProp(propertyName)){
            //对已加密的字段进行解密
            String decryptValue = DESUtils.getDecryptString(propertyValue);
            return decryptValue;
        } else{
            return propertyValue;
        }
    }

    /**
     * 判断该属性是否已加密
     * @param propertyName
     * @return
     */
    private boolean isEncryptProp(String propertyName){
        //若等于需要加密的field,则进行解密
        for(String encrptpropertyName : encryptPropNames){
            if(encrptpropertyName.equals(propertyName)) return true;
        }
        return false;
    }
}

  

配置spring-dao.xml

将context:property-placeholder改为下面的

<!-- 1.配置数据库相关参数properties的属性:${url} -->
    <!--<context:property-placeholder location="classpath:jdbc.properties"/>-->
    <bean class="com.shop.util.EncryptPropertyPlaceholderConfigurer">
        <property name="locations">
            <list>
                <value>classpath:jdbc.properties</value>
            </list>
        </property>
        <property name="fileEncoding" value="utf-8"/>
    </bean>

  

然后就可以了,首先要将jdbc.properties中的相应位置上的value值改为加密之后的值。然后才能调用这个方法进行解密。

posted @ 2018-05-12 23:17  SkyeAngel  阅读(186)  评论(0编辑  收藏  举报