springboot整合jasypt-spring-boot-starter实现yml/properties配置文件加密解密(超级详细傻瓜式教程)

---

实现 $StringEncryptor$ 重写加解密方法
然后在配置文件上把需要加解密的属性上加$ENC(密文)$

---

第一步:maven引相关包

        <!--实现自动 加密解密-->
        <dependency>
            <groupId>com.github.ulisesbocchio</groupId>
            <artifactId>jasypt-spring-boot-starter</artifactId>
            <version>1.16</version>
        </dependency>
        <!--httpClient  http远程调用解密加密-->
        <dependency>
            <groupId>org.apache.httpcomponents</groupId>
            <artifactId>httpclient</artifactId>
            <version>4.5.9</version>
        </dependency>

第二步:本地的凯撒加密类 和 http请求类

/**
 * 凯撒加密解密工具类
 * @author lvxk 2019-07-10 14:02
 */
public class KaiserUtil {

    /**
     * 使用凯撒加密方式加密数据
     *
     * @param orignal :原文
     * @param key     :密钥
     * @return :加密后的数据
     */
    public static String encryptKaiser(String orignal, int key) {
        // 将字符串转为字符数组
        char[] chars = orignal.toCharArray();
        StringBuilder sb = new StringBuilder();
        // 遍历数组
        for (char aChar : chars) {
            // 获取字符的ASCII编码
            int asciiCode = aChar;
            // 偏移数据
            asciiCode += key;
            // 将偏移后的数据转为字符
            char result = (char) asciiCode;
            // 拼接数据
            sb.append(result);
        }

        return sb.toString();
    }

    /**
     * 使用凯撒加密方式解密数据
     *
     * @param encryptedData :密文
     * @param key           :密钥
     * @return : 源数据
     */
    public static String decryptKaiser(String encryptedData, int key) {
        // 将字符串转为字符数组
        char[] chars = encryptedData.toCharArray();
        StringBuilder sb = new StringBuilder();
        // 遍历数组
        for (char aChar : chars) {
            // 获取字符的ASCII编码
            int asciiCode = aChar;
            // 偏移数据
            asciiCode -= key;
            // 将偏移后的数据转为字符
            char result = (char) asciiCode;
            // 拼接数据
            sb.append(result);
        }
        return sb.toString();
    }

}

import org.apache.commons.codec.Charsets;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

/**
 * @author luokangtao
 * @create 2019-10-22 16:03
 */
public class HttpUtil {
    public static String sendHttpPost(String url, String body) throws Exception {
        CloseableHttpClient httpClient = HttpClients.createDefault();
        HttpPost httpPost = new HttpPost(url);
        httpPost.addHeader("Content-Type", "application/json;charset=UTF-8");
        httpPost.setHeader("Accept", "application/json");
        httpPost.setEntity(new StringEntity(body, Charsets.UTF_8));
        CloseableHttpResponse response = httpClient.execute(httpPost);
        System.out.println(response.getStatusLine().getStatusCode() + "\n");
        HttpEntity entity = response.getEntity();
        String responseContent = EntityUtils.toString(entity, "UTF-8");
        response.close();
        httpClient.close();
        return responseContent;
    }

    public static String sendHttpGet(String url) throws Exception {
        CloseableHttpClient httpClient = HttpClients.createDefault();
        HttpGet httpGet = new HttpGet(url);
        httpGet.addHeader("Content-Type", "application/json;charset=UTF-8");
        httpGet.setHeader("Accept", "application/json");
        CloseableHttpResponse response = httpClient.execute(httpGet);
        System.out.println(response.getStatusLine().getStatusCode() + "\n");
        HttpEntity entity = response.getEntity();
        String responseContent = EntityUtils.toString(entity, "UTF-8");
        response.close();
        httpClient.close();
        return responseContent;
    }

}

第三步:重写jasypt的加解密方法,实现自定义加解密

import com.zhuiyi.callrete.utils.HttpUtil;
import com.zhuiyi.callrete.utils.KaiserUtil;
import lombok.extern.slf4j.Slf4j;
import org.jasypt.encryption.StringEncryptor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.stereotype.Component;


/**
 * 重写jasypt的加解密方法,实现自定义加解密
 * @author luokangtao
 * @create 2020-01-15 10:29
 */
@Slf4j
@Configuration
@Component("desencrypt")
public class DesEncrypt implements StringEncryptor {

    @Value("${jasypt.encryptor.type}")
    private String type;

    @Value("${jasypt.encrypt.pubkey}")
    private String pubkey;

    @Value("${jasypt.encrypt.url}")
    private String encryptUrl;

    @Value("${jasypt.decrypt.url}")
    private String decryptUrl;

    /**
     * 加密
     * @param s
     * @return
     */
    @Override
    public String encrypt(String s) {
        String encode = "";
        if(type!=null && "1".equals(type)){
            //国密
            try {
            	//调用远程服务器方法进行加密
                encode = HttpUtil.sendHttpPost(encryptUrl, pubkey);
            } catch (Exception e) {
                log.info("国密加密失败");
            }
        }else {

            try {
                //本地解密方法
                encode= KaiserUtil.decryptKaiser(s, 123456789);
            } catch (Exception e) {
                log.info("普通加密失败");
            }
        }
        log.info("加密后的密码:[{}]",encode);
        return encode;
    }

    /**
     * 解密
     * @param s
     * @return
     */
    @Override
    public String decrypt(String s) {
        String decrypt = "";
        if(type!=null && "1".equals(type)){
            //国密
            try {
            	//调用远程服务器方法进行解密
                decrypt = HttpUtil.sendHttpPost(decryptUrl, pubkey);
            } catch (Exception e) {
                log.info("国密解密失败");
            }
        }else {
            try {
                //本地解密方法
                decrypt=KaiserUtil.decryptKaiser(s, 123456789);
            } catch (Exception e) {
                log.info("普通加密失败");
            }
        }
        log.info("解密成功");
        return decrypt;
    }
}

第四步:在yml/properties配置文件编写相关变量属性

server:
  ##端口号
  port: 9085
spring:
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://192.168.138.138:3306/luo?useUnicode=true&&characterEncoding=UTF-8
    ## mysql帐号   用 jasypt加密解密需要用到这种格式:  ENC(密文)
    username: ENC(춇춄춄춉)
    ## mysql密码
    password: ENC(쵆쵇쵈쵉쵊쵋)
    type: com.alibaba.druid.pool.DruidDataSource

jasypt:
  encryptor:
    ## 实现jasypt加密解密的类
    bean: desencrypt
    ## 0:普通加密 1:国密加密
    type: 0
  decrypt:
    ##解密地址
    url: http://21.96.45.122:8080/cgb/sm4Decrpt
  encrypt:
    ##加密地址
    url: http://21.96.45.122:8080/cgb/sm4Encrypt
    ##加密/解密秘钥
    pubkey: 0DDDB7576F4AA4226D6FE0DFBEED56C7

第五步:启动服务 实现自动加密解密