spring*.xml配置文件明文加密的实现

说明:客户要求spring*.xml中Oracle/Redis/MongoDB的IP、端口、用户名、密码不能明文存放,接到需求的我,很无奈,但是还是的硬着头皮搞

系统架构:spring+mvc(Oracle是用jdbc自己封装的接口)

1.数据库配置文件加密

原xml配置

<?xml version="1.0" encoding="utf-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xmlns:aop="http://www.springframework.org/schema/aop"
 xmlns:tx="http://www.springframework.org/schema/tx"
 xmlns:context="http://www.springframework.org/schema/context"
 xsi:schemaLocation="
 http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
 http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
 http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
 http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"
 default-autowire="byType">

<context:component-scan base-package="cn.geoff" use-default-filters="false">
 <context:include-filter type="annotation" expression="org.springframework.stereotype.Service"/>
 </context:component-scan>

 <!-- Database Connection Pool -->
 <bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" init-method="init" destroy-method="close">
 <property name="url" value="jdbc:oracle:thin:@192.168.100.100:1521:orcl"/>
 <property name="username" value="Geoff"/>
 <property name="password" value="123456"/>
 <property name="validationQuery" value="select 'x' from dual"/>

 .....
 </bean>

 <bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
 <property name="dataSource" ref="dataSource"/>
 </bean>

  </beans>

加密实现过程

思路:继承DruidDataSource,在初始化set值的时候进行解密

/**
 * 数据库连接解密
 * @author: Geoff
 * @create: 2020-12-30 16:46
 **/
public class DataBaseXml extends DruidDataSource {

  /**
   * Log4j logger
   */
  private final static Logger lg = LoggerFactory.getLogger(DataBaseXml.class);

  @Override
  public String getUrl() {
    return this.jdbcUrl;
  }

  @Override
  public void setUrl(String jdbcUrl) {
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("数据库【jdbcUrl】解密初始化加载...");
      try {
        jdbcUrl = Encryption.decrypt(jdbcUrl, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("数据库【jdbcUrl】密文解密失败...");
        e.printStackTrace();
      }
    }
    this.jdbcUrl = jdbcUrl;
  }

  @Override
  public String getUsername() {
    return this.username;
  }

  @Override
  public void setUsername(String username) {
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("数据库【username】解密初始化加载...");
      try {
        username = Encryption.decrypt(username, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("数据库【username】密文解密失败...");
        e.printStackTrace();
      }
    }
    this.username = username;
  }

  @Override
  public String getPassword() {
    return this.password;
  }

  @Override
  public void setPassword(String password) {
    if(GEOFF.DATA_BASE_IS_ENCRYPTION){
      lg.info("数据库【password】解密初始化加载...");
      try {
        password = Encryption.decrypt(password, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("数据库【password】密文解密失败...");
        e.printStackTrace();
      }
    }
    this.password = password;
  }

}

修改后配置文件

<?xml version="1.0" encoding="utf-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xmlns:aop="http://www.springframework.org/schema/aop"
 xmlns:tx="http://www.springframework.org/schema/tx"
 xmlns:context="http://www.springframework.org/schema/context"
 xsi:schemaLocation="
 http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
 http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
 http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
 http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"
 default-autowire="byType">

<context:component-scan base-package="cn.GEOFF" use-default-filters="false">
 <context:include-filter type="annotation" expression="org.springframework.stereotype.Service"/>
 </context:component-scan>

 <bean id="dataSource" class="cn.GEOFF.framework.core.DataBaseXml" init-method="init" destroy-method="close">
 <property name="url" value="4lZ4l804zIDqOJ5Wt3VNVLZvSLSDqCuQwhg5cAbQ1VG/vx+x+pEJQ6VJmLPO+PKK"/>
 <property name="username" value="PFEz8V4uvb06KhQxCLvLNA=="/>
 <property name="password" value="mMckYd6C5fo="/>
 <property name="validationQuery" value="select 'x' from dual"/>

 .....
 </bean>

 <bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
 <property name="dataSource" ref="dataSource"/>
 </bean>

  </beans>

2.Redis配置文件加密

原配置文件

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN 2.0//EN" "http://www.springframework.org/dtd/spring-beans-2.0.dtd">

<!-- Jedis -->
<beans default-autowire="byName">

 <!-- Default Pool Config -->
 <bean id="defaultJedisPoolConfig" class="redis.clients.jedis.JedisPoolConfig">
 <property name="maxTotal" value="5"/>
 <property name="maxIdle" value="2"/>
 <property name="minIdle" value="2"/>
 <property name="testOnBorrow" value="true"/>
 <property name="testOnReturn" value="true"/>
 <property name="testWhileIdle" value="true"/>
 </bean>

 <bean id="one" class="redis.clients.jedis.JedisPool" destroy-method="destroy">
    <constructor-arg index="0" ref="defaultJedisPoolConfig"/>
    <constructor-arg index="1" value="127.0.0.1" type="java.lang.String"/>
    <constructor-arg index="2" value="6379" type="int"/>
    <constructor-arg index="3" value="0" type="int"/>
    <constructor-arg index="4" value="123456" type="java.lang.String"/>
 </bean>

 <bean id="two" class="redis.clients.jedis.JedisPool" destroy-method="destroy">
    <constructor-arg index="0" ref="defaultJedisPoolConfig"/>
    <constructor-arg index="1" value="127.0.0.1" type="java.lang.String"/>
    <constructor-arg index="2" value="6379" type="int"/>
    <constructor-arg index="3" value="0" type="int"/>
    <constructor-arg index="4" value="123456" type="java.lang.String"/>
 </bean>

 <bean id="three" class="redis.clients.jedis.JedisPool" destroy-method="destroy">
    <constructor-arg index="0" ref="defaultJedisPoolConfig"/>
    <constructor-arg index="1" value="127.0.0.1" type="java.lang.String"/>
    <constructor-arg index="2" value="6379" type="int"/>
    <constructor-arg index="3" value="0" type="int"/>
    <constructor-arg index="4" value="123456" type="java.lang.String"/>
 </bean>
</beans>

加密实现思路:由于JedisPool使用构造函数来创建,所以继承JedisPool后,在调用JedisPool构造函数的时候,调用static解密方法进行解密

import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import redis.clients.jedis.*;

/**
 * redis数据库用户名密码解密
 * @author: Geoff
 * @create: 2020-12-30 17:20
 **/
public class JedisPoolXml extends JedisPool{

  /**
   * Log4j logger
   */
  private final static Logger lg = LoggerFactory.getLogger(JedisPoolXml.class);

  public JedisPoolXml(GenericObjectPoolConfig poolConfig, String host, String port, String timeout, String password) {
    super(poolConfig,decryptHost(host),decryptPort(port),decryptTimeout(timeout),decryptPassword(password), 0, (String)null);
  }

  private JedisPoolXml(GenericObjectPoolConfig poolConfig, String host, String port,String timeout, String password, String database){
    super(poolConfig,decryptHost(host),decryptPort(port),decryptTimeout(timeout),decryptPassword(password),decryptDatabase(database));
  }

  private static String decryptHost(String host){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("Redis【host】解密初始化加载...");
      try {
        host = Encryption.decrypt(host, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("Redis【host】密文解密失败...");
        e.printStackTrace();
      }
    }
    return host;
  }

  private static int decryptPort(String port){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("Redis【port】解密初始化加载...");
      try {
        port = Encryption.decrypt(port, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("Redis【port】密文解密失败...");
        e.printStackTrace();
      }
    }
    return Integer.parseInt(port);
  }

  private static int decryptTimeout(String timeout){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("Redis【timeout】解密初始化加载...");
      try {
        timeout = Encryption.decrypt(timeout, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("Redis【timeout】密文解密失败...");
        e.printStackTrace();
      }
    }
    return Integer.parseInt(timeout);
  }

  private static String decryptPassword(String password){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("Redis【password】解密初始化加载...");
      try {
        password = Encryption.decrypt(password, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("Redis【password】密文解密失败...");
        e.printStackTrace();
      }
    }
    return password;
  }

  private static int decryptDatabase(String database){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("Redis【database】解密初始化加载...");
      try {
        database = Encryption.decrypt(database, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("Redis【database】密文解密失败...");
        e.printStackTrace();
      }
    }
    return Integer.parseInt(database);
  }

}

修改后xml

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN 2.0//EN" "http://www.springframework.org/dtd/spring-beans-2.0.dtd">

<!-- Jedis -->
<beans default-autowire="byName">

 <bean id="defaultJedisPoolConfig" class="redis.clients.jedis.JedisPoolConfig">
 <property name="maxTotal" value="5"/>
 <property name="maxIdle" value="2"/>
 <property name="minIdle" value="2"/>
 <property name="testOnBorrow" value="true"/>
 <property name="testOnReturn" value="true"/>
 <property name="testWhileIdle" value="true"/>
 </bean>

 <bean id="one" class="cn.GEOFF.framework.core.JedisPoolXml" destroy-method="destroy">
 <constructor-arg index="0" ref="defaultJedisPoolConfig"/>
 <constructor-arg index="1" value="N98/M6A3acRnYMqIQEXGEg==" type="java.lang.String"/>
 <constructor-arg index="2" value="INDccYoGS/Y=" type="java.lang.String"/>
 <constructor-arg index="3" value="CXszBZysXWY=" type="java.lang.String"/>
 <constructor-arg index="4" value="mMckYd6C5fo=" type="java.lang.String"/>
 </bean>

 <bean id="two" class="cn.GEOFF.framework.core.JedisPoolXml" destroy-method="destroy">
 <constructor-arg index="0" ref="defaultJedisPoolConfig"/>
 <constructor-arg index="1" value="N98/M6A3acRnYMqIQEXGEg==" type="java.lang.String"/>
 <constructor-arg index="2" value="INDccYoGS/Y=" type="java.lang.String"/>
 <constructor-arg index="3" value="CXszBZysXWY=" type="java.lang.String"/>
 <constructor-arg index="4" value="mMckYd6C5fo=" type="java.lang.String"/>
 </bean>

 <bean id="three" class="cn.GEOFF.framework.core.JedisPoolXml" destroy-method="destroy">
 <constructor-arg index="0" ref="defaultJedisPoolConfig"/>
 <constructor-arg index="1" value="N98/M6A3acRnYMqIQEXGEg==" type="java.lang.String"/>
 <constructor-arg index="2" value="INDccYoGS/Y=" type="java.lang.String"/>
 <constructor-arg index="3" value="CXszBZysXWY=" type="java.lang.String"/>
 <constructor-arg index="4" value="mMckYd6C5fo=" type="java.lang.String"/>
 </bean>

</beans>

3.MongoDB配置文件加密(使用的是spring-data-mognodb框架)

原xml配置

<?xml version="1.0" encoding="utf-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xmlns:mongo="http://www.springframework.org/schema/data/mongo"
 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
 http://www.springframework.org/schema/data/mongo http://www.springframework.org/schema/data/mongo/spring-mongo.xsd">

 <mongo:mongo-client id="mongoClient" host="192.168.100.100" port="27017" credentials="jyzq_zsc:123456@JYZQ_ZSC">

 </mongo:mongo-client>

 <!-- Factory -->
 <mongo:db-factory id="mongoDbFactory" dbname="PFEz8V4uvb06KhQxCLvLNA==" mongo-ref="mongoClient"/>
 <mongo:db-factory id="mongoDbFactory" dbname="JYZQ_ZSC" mongo-ref="mongoClient"/>
 <mongo:mapping-converter id="converter" db-factory-ref="mongoDbFactory"/>

 <!-- Grid FS Template -->
 <bean id="gridFsTemplate" class="org.springframework.data.mongodb.gridfs.GridFsTemplate">
 <constructor-arg ref="mongoDbFactory"/>
 <constructor-arg ref="converter"/>
 </bean>

 <!-- Mongo Template -->
 <bean id="documentTemplate" class="org.springframework.data.mongodb.core.MongoTemplate">
 <constructor-arg ref="mongoDbFactory"/>
 <constructor-arg ref="converter"/>
 </bean>

</beans>

加密思路:由于项目使用的时候是获取bean的方式来获取MongoTemplate和mongoDbFactory的,尝试过各种方法来继承后加密,但是最后都不行,后面只能通过手动的方法进行初始化,并将对应MongoTemplate和mongoDbFactory注入到bean中

import com.mongodb.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;
import org.springframework.data.mongodb.core.MongoTemplate;
import org.springframework.data.mongodb.core.SimpleMongoDbFactory;
import org.springframework.data.mongodb.core.convert.DefaultDbRefResolver;
import org.springframework.data.mongodb.core.convert.MappingMongoConverter;
import org.springframework.data.mongodb.core.mapping.MongoMappingContext;
import org.springframework.data.mongodb.gridfs.GridFsTemplate;

import java.util.ArrayList;
import java.util.List;

/**
 * @author: Geoff
 * @create: 2020-12-31 16:15
 **/

@Configuration
public class MongoDBXml {

  /**
   * Log4j logger
   */
  private final static Logger lg = LoggerFactory.getLogger(MongoDBXml.class);

  private String host;
  private Integer port;
  private String userName;
  private String passWord;
  private String dataBase;

  private SimpleMongoDbFactory mongoDbFactory = null;
  private MappingMongoConverter converter = null;

  public String getHost() {
    return host;
  }

  public void setHost(String host) {
    this.host = decryptHost(host);
  }

  public Integer getPort() {
    return port;
  }

  public void setPort(String port) {
    this.port = decryptPort(port);
  }

  public String getUserName() {
    return userName;
  }

  public void setUserName(String userName) {
    this.userName = decryptUserName(userName);
  }

  public String getPassWord() {
    return passWord;
  }

  public void setPassWord(String passWord) {
    this.passWord = decryptPassword(passWord);
  }

  public String getDataBase() {
    return dataBase;
  }

  public void setDataBase(String dataBase) {
    this.dataBase = decryptDatabase(dataBase);
  }

  private String decryptHost(String host){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("MongoDB【host】解密初始化加载...");
      try {
        host = Encryption.decrypt(host, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("MongoDB【host】密文解密失败...");
        e.printStackTrace();
      }
    }
    return host;
  }

  private int decryptPort(String port){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("MongoDB【port】解密初始化加载...");
      try {
        port = Encryption.decrypt(port, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("MongoDB【port】密文解密失败...");
        e.printStackTrace();
      }
    }
    return Integer.parseInt(port);
  }

  private String decryptUserName(String userName){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("MongoDB【userName】解密初始化加载...");
      try {
        userName = Encryption.decrypt(userName, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("MongoDB【userName】密文解密失败...");
        e.printStackTrace();
      }
    }
    return userName;
  }

  private String decryptPassword(String passWord){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("MongoDB【password】解密初始化加载...");
      try {
        passWord = Encryption.decrypt(passWord, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("MongoDB【password】密文解密失败...");
        e.printStackTrace();
      }
    }
    return passWord;
  }

  private String decryptDatabase(String dataBase){
    if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
      lg.info("MongoDB【database】解密初始化加载...");
      try {
        dataBase = Encryption.decrypt(dataBase, GEOFF.DATA_BASE_ENCRYPTION_KEY);
      } catch (Exception e) {
        lg.error("MongoDB【database】密文解密失败...");
        e.printStackTrace();
      }
    }
    return dataBase;
  }

  public void init() {
    MongoClientOptions.Builder build = new MongoClientOptions.Builder();
    MongoClientOptions options = build.build();
    try {
      List<ServerAddress> addrs = new ArrayList<ServerAddress>();
      ServerAddress serverAddress = new ServerAddress(host, port);
      addrs.add(serverAddress);
      MongoCredential credential = MongoCredential.createScramSha1Credential(userName, dataBase, passWord.toCharArray());
      List<MongoCredential> credentials = new ArrayList<MongoCredential>();
      credentials.add(credential);
      MongoClient mongoClient = new MongoClient(addrs, credentials, options);
      mongoDbFactory = new SimpleMongoDbFactory(mongoClient, dataBase);
      DefaultDbRefResolver dbRefResolver = new DefaultDbRefResolver(mongoDbFactory);
      MongoMappingContext mongoMappingContext = new MongoMappingContext();
      converter = new MappingMongoConverter(dbRefResolver, mongoMappingContext);
      lg.info(" mongodb客户端创建成功 ");
    } catch (Exception e) {
      lg.info(" mongodb客户端创建失败 ");
      e.printStackTrace();
    }
    documentTemplate();
    gridFsTemplate();

  }

  @Bean
  public MongoTemplate documentTemplate() {
    if (mongoDbFactory != null && converter != null) {
      lg.info("MongoTemplate初始化成功......");
      MongoTemplate mongoTemplate = new MongoTemplate(mongoDbFactory, converter);
      return mongoTemplate;
    } else {
      lg.error("MongoTemplate初始化失败......");
      return null;
    }
  }

  @Bean
  public GridFsTemplate gridFsTemplate() {
    if (mongoDbFactory != null && converter != null) {
      lg.info("GridFsTemplate初始化成功......");
      GridFsTemplate gridFsTemplate = new GridFsTemplate(mongoDbFactory, converter);
      return gridFsTemplate;
    } else {
      lg.error("GridFsTemplate初始化失败......");
      return null;
    }
  }

  public void destroy(){
    try {
      this.mongoDbFactory.destroy();
    } catch (Exception e) {
      e.printStackTrace();
    }
  }

}

修改后配置文件

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN 2.0//EN" "http://www.springframework.org/dtd/spring-beans-2.0.dtd">

<!-- mongoDB -->
<beans>

 <bean id="mongoDBXml" class="cn.GEOFF.framework.core.MongoDBXml" init-method="init" destroy-method="destroy" >
 <property name="host" value="PpmNMR+X2UIVhG8gmNFFqg=="/>
 <property name="port" value="51QH8fifl1k="/>
 <property name="userName" value="yre5DufK9os6KhQxCLvLNA=="/>
 <property name="passWord" value="mMckYd6C5fo="/>
 <property name="dataBase" value="PFEz8V4uvb06KhQxCLvLNA=="/>
 </bean>

</beans>

4.最后附上对应的加解密类

import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import java.security.Key;
import java.security.SecureRandom;

/**
 * 加密生成token的方法
 *
 * @author: Geoff
 * @create: 2020-12-30 17:03
 **/

public class Encryption {
  // 算法名称
  public static final String KEY_ALGORITHM = "DES";
  // 算法名称/加密模式/填充方式
  // DES共有四种工作模式-->>ECB:电子密码本模式、CBC:加密分组链接模式、CFB:加密反馈模式、OFB:输出反馈模式
  public static final String CIPHER_ALGORITHM = "DES/ECB/PKCS5Padding";

  /**
   * 生成密钥key对象
   *
   * @param
   * @return 密钥对象
   * @throws Exception
   */
  private static SecretKey keyGenerator(String keyStr) throws Exception {
    byte[] input = HexString2Bytes(keyStr);
    DESKeySpec desKey = new DESKeySpec(input);
    // 创建一个密匙工厂,然后用它把DESKeySpec转换成
    SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(KEY_ALGORITHM);
    SecretKey securekey = keyFactory.generateSecret(desKey);
    return securekey;
  }

  /**
   * 从十六进制字符串到字节数组转换
   */
  public static byte[] HexString2Bytes(String hexStr) {
    byte[] keyBytes = hexStr.getBytes();
    if (keyBytes.length == 16) {
      byte[] tmpKey = new byte[24];
      System.arraycopy(keyBytes, 0, tmpKey, 0, 16);
      System.arraycopy(keyBytes, 0, tmpKey, 16, 8);
      keyBytes = tmpKey;
    }
    return keyBytes;
  }

  /**
   * 加密数据
   *
   * @param data 待加密数据
   * @param key 密钥
   * @return 加密后的数据
   */
  public static String encrypt(String data, String key) throws Exception {
    Key deskey = keyGenerator(key);
    // 实例化Cipher对象,它用于完成实际的加密操作
    Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
    SecureRandom random = new SecureRandom();
    // 初始化Cipher对象,设置为加密模式
    cipher.init(Cipher.ENCRYPT_MODE, deskey, random);
    byte[] results = cipher.doFinal(data.getBytes());
    // 执行加密操作。加密后的结果通常都会用Base64编码进行传输
    return Base64.encodeBase64String(results);
  }

  /**
   * 解密数据
   *
   * @param data 待解密数据
   * @param key 密钥
   * @return 解密后的数据
   */
  public static String decrypt(String data, String key) throws Exception {
    Key deskey = keyGenerator(key);
    Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
    // 初始化Cipher对象,设置为解密模式
    cipher.init(Cipher.DECRYPT_MODE, deskey);
    // 执行解密操作
    return new String(cipher.doFinal(Base64.decodeBase64(data)));
  }

}

到此这篇关于spring*.xml配置文件明文加密的实现的文章就介绍到这了,更多相关spring*.xml配置文件加密内容请搜索我们以前的文章或继续浏览下面的相关文章希望大家以后多多支持我们!

(0)

相关推荐

  • 利用Jasypt如何对Spring Boot配置文件加密

    前言 本文主要介绍了Jasypt对Spring Boot配置文件加密的相关方法,下面话不多说了,来一起看看详细的介绍吧 方法如下: 引入jasypt <dependency> <groupId>com.github.ulisesbocchio</groupId> <artifactId>jasypt-spring-boot-starter</artifactId> <version>2.0.0</version> <

  • spring配置文件加密方法示例

    Spring的配置文件是用于指导Spring工厂进行Bean生成.依赖关系注入及Bean示例分发的"图纸",他是一个或多个标砖的XML文档,J2EE程序员必须学会灵活应用这份"图纸",准确的表达自己的"生成意图".Spring配置文件是一个或多个标准的XML文档,applicationContext.xml是Spring的默认配置文件,当容器启动时找不到指定的配置文档时,将会尝试加载这个默认的配置文件. spring框架在一些对安全性要求较高的生

  • Spring Cloud Config配置文件使用对称加密的方法

    补充 使用Spring Cloud Config加密功能需要下载JCE扩展,用于生成无限长度的密文.链接:http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html 下载完成之后解压,把得到到两个Jar包复制到$JAVA_HOME\jre\lib\security目录下. 简介 在真实项目环境下,我们不会在配置文件中明文存储密码等机密性文本,以防被窃.Spring Cloud Config提

  • Spring Boot加密配置文件特殊内容的示例代码详解

    有时安全不得不考虑,看看新闻泄漏风波事件就知道了我们在用Spring boot进行开发时,经常要配置很多外置参数ftp.数据库连接信息.支付信息等敏感隐私信息,如下 ​ 这不太好,特别是互联网应用,应该用加密的方式比较安全,有点类似一些应用如电商.公安.安检平台.滚动式大屏中奖信息等显示身份证号和手机号都是前几位4109128*********和158*******.那就把图中的明文改造下1. 引入加密包,可选,要是自己实现加解密算法,就不需要引入第三方加解密库 <dependency> &l

  • Spring Cloud Config RSA简介及使用RSA加密配置文件的方法

    Spring Cloud 为开发人员提供了一系列的工具来快速构建分布式系统的通用模型 .例如:配置管理.服务发现.断路由.智能路由.微代理.控制总线.一次性Token.全局锁.决策竞选.分布式session.集群状态等等.分布式系统的协助需要一大堆的模型,使用Spring Cloud开发者能快速的建立支持实现这些模式的服务和应用程序.他们将适用于任何分布式环境,无论是开发者的个人电脑还是生产环境,还是云平台. 特性 Spring Cloud 专注于提供良好开箱即用的典型方案和可扩展方式. 分布式

  • SpringBoot配置文件中数据库密码加密两种方案(推荐)

    SpringBoot项目经常将连接数据库的密码明文放在配置文件里,安全性就比较低一些,尤其在一些企业对安全性要求很高,因此我们就考虑如何对密码进行加密. 介绍两种加密方式:jasypt 可加密配置文件中所有属性值; druid 自带了加解密,可对数据库密码进行加密. jasypt 加解密 jasypt 是一个简单易用的加解密Java库,可以快速集成到 Spring 项目中.可以快速集成到 Spring Boot 项目中,并提供了自动配置,使用非常简单. 步骤如下: 1)引入maven依赖 <de

  • Spring cloud config 配置文件加密方式

    前言 我们会使用git来保存我们项目的配置文件,但是文件中总有一些敏感数据,对于这些敏感数据我们通常需要给它加密,加密通常有两种加密方式,一种是对称加密,一种是非对称加密,对称加密简单方便,但是安全性没有非对称加密高,非对称加密需要生成证书,安全性比较高.但是请记住没有绝对的安全. 配置环境 java8 jce config server 的加密解密需要依赖与java Cryptography Extension (jce) 安装方式:可以参考里面的README,其实也很简单:把jdk下面 /j

  • Spring数据源及配置文件数据加密实现过程详解

    The following example shows the corresponding XML configuration: <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <property name="driverClassName" value="${jdbc.driverCl

  • Springboot配置文件内容加密代码实例

    这篇文章主要介绍了Springboot配置文件内容加密代码实例,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下 使用的是jasypt-spring-boot-starter,具体介绍可以参考  https://gitee.com/yangziyi2017/Jasypt-Spring-Boot 引入依赖 <dependency> <groupId>com.github.ulisesbocchio</groupId> <

  • 基于Jasypt对SpringBoot配置文件加密

    这篇文章主要介绍了基于Jasypt对SpringBoot配置文件加密,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下 引入jasypt <dependency> <groupId>com.github.ulisesbocchio</groupId> <artifactId>jasypt-spring-boot-starter</artifactId> <version>2.0.0<

  • Spring加载加密的配置文件详解

    本文实例为大家分享了Spring加载加密的配置文件,供大家参考,具体内容如下 一.继承并实现自己的属性文件配置器类 /** * 带加密的Spring属性配置文件扩展类 * 加密方式:AES * @author simon * */ public class EncryptPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer { //指定需要加密的属性 private String[] propertyNames =

随机推荐