|
在SSH框架項(xiàng)目中�,如果遇到客戶需要加密數(shù)據(jù)庫(kù)配置文件(jdbc.properties等)�����,規(guī)定用戶名或者密碼不能以明文的形式出現(xiàn)在配置文件中����。該問(wèn)題可以通過(guò)重寫spring的processProperties方法來(lái)實(shí)現(xiàn),解決方法如下:
1�、首先確定加密/解密算法,這里以DES算法為例�,加密/解密算法較為簡(jiǎn)單,這里就不贅述了:
加密:
public class Encryption {
/**
* DES算法密鑰
*/
private static final byte[] DES_KEY = { xxx,-xxx,xxx,-xxx,xxx,-xxx,xxx,-xxx};
/**
* 數(shù)據(jù)加密���,算法(DES)
*
* @param data
* 要進(jìn)行加密的數(shù)據(jù)
* @return 加密后的數(shù)據(jù)
*/
public static String encryptBasedDes(String data) {
String encryptedData = null;
try {
// DES算法要求有一個(gè)可信任的隨機(jī)數(shù)源
SecureRandom sr = new SecureRandom();
DESKeySpec deskey = new DESKeySpec(DES_KEY);
// 創(chuàng)建一個(gè)密匙工廠�����,然后用它把DESKeySpec轉(zhuǎn)換成一個(gè)SecretKey對(duì)象
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey key = keyFactory.generateSecret(deskey);
// 加密對(duì)象
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, key, sr);
// 加密�,并把字節(jié)數(shù)組編碼成字符串
encryptedData = new sun.misc.BASE64Encoder().encode(cipher.doFinal(data.getBytes()));
} catch (Exception e) {
// log.error("加密錯(cuò)誤,錯(cuò)誤信息:", e);
throw new RuntimeException("加密錯(cuò)誤��,錯(cuò)誤信息:", e);
}
return encryptedData;
}
}
解密:
/**
* 解密
* */
public class Decryption {
/**
* DES算法密鑰
*/
private static final byte[] DES_KEY = { xxx,-xxx,xxx,-xxx,xxx,-xxx,xxx,-xxx};
/**
* 數(shù)據(jù)解密�����,算法(DES)
*
* @param cryptData
* 加密數(shù)據(jù)
* @return 解密后的數(shù)據(jù)
*/
public static String decryptBasedDes(String cryptData) {
String decryptedData = null;
try {
// DES算法要求有一個(gè)可信任的隨機(jī)數(shù)源
SecureRandom sr = new SecureRandom();
DESKeySpec deskey = new DESKeySpec(DES_KEY);
// 創(chuàng)建一個(gè)密匙工廠�,然后用它把DESKeySpec轉(zhuǎn)換成一個(gè)SecretKey對(duì)象
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey key = keyFactory.generateSecret(deskey);
// 解密對(duì)象
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, key, sr);
// 把字符串解碼為字節(jié)數(shù)組��,并解密
decryptedData = new String(cipher.doFinal(new sun.misc.BASE64Decoder().decodeBuffer(cryptData)));
} catch (Exception e) {
// log.error("解密錯(cuò)誤�,錯(cuò)誤信息:", e);
throw new RuntimeException("解密錯(cuò)誤,錯(cuò)誤信息:", e);
}
return decryptedData;
}
public static void main(String[] args)
{
String str = Decryption.decryptBasedDes("Decryption");
System.out.println(str);
}
}
2.創(chuàng)建解密類�����,需要覆蓋processProperties方法
/**
*
* @Title: JdbcDecryptPropertiesFile.java
* @Package com.xxx.common.util
* @Description: 重寫spring的processProperties方法���,以便在使用配置之前解密
* @author wsk
* @date 2016-6-12 下午3:28:45
* @version V1.0
*/
public class JdbcDecryptPropertiesFile extends PropertyPlaceholderConfigurer{
@Override
protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props) throws BeansException{
//讀取配置文件中的密文
String password = props.getProperty("jdbc.password");
//避免包之間的依賴
if(null != password && "" != password && "null" != password){
//將密文轉(zhuǎn)換為明文
String decPassword = Decryption.decryptBasedDes(password);
//將解密后的密碼放入property對(duì)象中
props.setProperty("jdbc.password", decPassword);
}
super.processProperties(beanFactory, props);
}
}
3.在spring配置使用自己的解密類
<bean class="com.xxx.common.util.JdbcDecryptPropertiesFile">
<property name="locations">
<value>classpath:jdbc.properties</value>
</property>
</bean>
|
