采用DES加密方式对properties配置文件敏感信息加密处理

由于项目的需要,要求对配置文件中的敏感信息进行加密处理,例如数据库用户名密码之类的


处理方式如下:


MyWebConstant

/**
 * 对外接口,管理公共常量
 * 对应properties中的key值
 * @author Administrator
 *
 */
public class MyWebConstant {

    public static final String JDBC_DATASOURCE_DRIVERCLASSNAME_KEY = "jdbc.driverClassName";
    
    public static final String JDBC_DATASOURCE_URL_KEY = "jdbc.url";
    
    public static final String JDBC_DATASOURCE_USERNAME_KEY = "jdbc.username";
    
    public static final String JDBC_DATASOURCE_PASSWORD_KEY = "jdbc.password";
}


EncryptablePropertyPlaceholderConfigurer.java



import java.util.Properties;

import org.springframework.beans.BeansException;
import org.springframework.beans.factory.BeanInitializationException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;

/**
 * 配置文件解密核心类
 * 作为自定义类加到配置文件中,解密使用
 * @author Administrator
 *
 */
public class EncryptablePropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {

	protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props)
			throws BeansException {
		try {
			// DesEncrypt des = new DesEncrypt();
			String username = props.getProperty(MyWebConstant.JDBC_DATASOURCE_USERNAME_KEY);
			if (username != null) {
				props.setProperty(MyWebConstant.JDBC_DATASOURCE_USERNAME_KEY,
						DesEncrypt.decrypt(username, DesEncrypt.PASSWORD_CRYPT_KEY));
			}

			String password = props.getProperty(MyWebConstant.JDBC_DATASOURCE_PASSWORD_KEY);
			if (password != null) {
				props.setProperty(MyWebConstant.JDBC_DATASOURCE_PASSWORD_KEY,
						DesEncrypt.decrypt(password, DesEncrypt.PASSWORD_CRYPT_KEY));
			}

			String url = props.getProperty(MyWebConstant.JDBC_DATASOURCE_URL_KEY);
			if (url != null) {
				props.setProperty(MyWebConstant.JDBC_DATASOURCE_URL_KEY,
						DesEncrypt.decrypt(url, DesEncrypt.PASSWORD_CRYPT_KEY));
			}

			String driverClassName = props.getProperty(MyWebConstant.JDBC_DATASOURCE_DRIVERCLASSNAME_KEY);
			if (driverClassName != null) {
				props.setProperty(MyWebConstant.JDBC_DATASOURCE_DRIVERCLASSNAME_KEY,
						DesEncrypt.decrypt(driverClassName, DesEncrypt.PASSWORD_CRYPT_KEY));
			}
			super.processProperties(beanFactory, props);
		} catch (Exception e) {
			e.printStackTrace();
			throw new BeanInitializationException(e.getMessage());
		}
	}
}


DesEncrypt.java

import java.security.SecureRandom;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;

/**
 * 加密解密核心类
 * @author Administrator
 *
 */
public class DesEncrypt {
    /** 加密、解密key. */  
    public static final String PASSWORD_CRYPT_KEY = "kEHrDooxWHCWtfeSxvDvgqZq";
    /** 加密算法,可用 DES,DESede,Blowfish. */  
    private final static String ALGORITHM = "DES";  
    /** 工具,用于加密字符串 
     * @throws Exception */
    public static void main(String[] args) throws Exception {  
        String md5Password = "jdbc:oracle:thin:@localhost:1521:orcl";  
        String str = DesEncrypt.encrypt(md5Password);  
        System.out.println("加密str: " + str);  
        str = DesEncrypt.decrypt(str,PASSWORD_CRYPT_KEY);  
        System.out.println("解密str: " + str);  
    } 
  
    /** 
     * 对用DES加密过的数据进行解密. 
     * @param data DES加密数据 
     * @return 返回解密后的数据 
     * @throws Exception 
     */  
    public final static String decrypt(String data,String key) throws Exception {  
        return new String(decrypt(hex2byte(data.getBytes()),key.getBytes()));  
    }

    /** 
     * 对数据进行DES加密. 
     * @param data 待进行DES加密的数据 
     * @param key DES加密的key 
     * @return 返回经过DES加密后的数据 
     * @throws Exception 
     */  
    public final static String encrypt(String data) throws Exception  {  
        return byte2hex(encrypt(data.getBytes(), PASSWORD_CRYPT_KEY.getBytes()));  
    }
      
    /** 
     * 加密. 
     */  
    private static byte[] encrypt(byte[] data, byte[] key) throws Exception {  
        // DES算法要求有一个可信任的随机数源  
        SecureRandom sr = new SecureRandom();  
        // 从原始密匙数据创建DESKeySpec对象  
        DESKeySpec dks = new DESKeySpec(key);  
        // 创建一个密匙工厂,然后用它把DESKeySpec转换成  
        // 一个SecretKey对象  
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);  
        SecretKey securekey = keyFactory.generateSecret(dks);  
        // Cipher对象实际完成加密操作  
        Cipher cipher = Cipher.getInstance(ALGORITHM);  
        // 用密匙初始化Cipher对象  
        cipher.init(Cipher.ENCRYPT_MODE, securekey, sr);  
        // 现在,获取数据并加密  
        // 正式执行加密操作  
        return cipher.doFinal(data);  
    }  
    /** 
     * 解密. 
     */  
    private static byte[] decrypt(byte[] data, byte[] key) throws Exception {  
        // DES算法要求有一个可信任的随机数源  
        SecureRandom sr = new SecureRandom();  
        // 从原始密匙数据创建一个DESKeySpec对象  
        DESKeySpec dks = new DESKeySpec(key);  
        // 创建一个密匙工厂,然后用它把DESKeySpec对象转换成  
        // 一个SecretKey对象  
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);  
        SecretKey securekey = keyFactory.generateSecret(dks);  
        // Cipher对象实际完成解密操作  
        Cipher cipher = Cipher.getInstance(ALGORITHM);  
        // 用密匙初始化Cipher对象  
        cipher.init(Cipher.DECRYPT_MODE, securekey, sr);  
        // 现在,获取数据并解密  
        // 正式执行解密操作  
        return cipher.doFinal(data);  
    }  
    public static byte[] hex2byte(byte[] b) {  
        if ((b.length % 2) != 0)  
            throw new IllegalArgumentException("长度不是偶数");  
        byte[] b2 = new byte[b.length / 2];  
        for (int n = 0; n < b.length; n += 2) {  
            String item = new String(b, n, 2);  
            b2[n / 2] = (byte) Integer.parseInt(item, 16);  
        }  
        return b2;  
    }  
    public static String byte2hex(byte[] b) {  
        String hs = "";  
        String stmp = "";  
        for (int n = 0; n < b.length; n++) {  
            stmp = (java.lang.Integer.toHexString(b[n] & 0XFF));  
            if (stmp.length() == 1)  
                hs = hs + "0" + stmp;  
            else  
                hs = hs + stmp;  
        }  
        return hs.toUpperCase();  
    }  
}

使用方式:

applicationContext.xml

	
	  
            
                
                    classpath:jdbc.properties
                
            
       

	
		
	
        
            ${jdbc.driverClassName}
        

        
            ${jdbc.url}
        
        
            ${jdbc.username}
        
        
            ${jdbc.password}
        
		

则配置文件内容如下

jdbc.properties

databaseType=oracle


jdbc.driverClassName=EEA5BC6768D58CD1D4FD13AFAB68FF8C0175E46D44CF8CB3D8201139F32A6A31

#localhost
#jdbc.url=96B8431EF61A243F563E61B9FB74AB72D3C70E0FE22E09447234A79C0B4BE729C6FC1ABA62E71130

#172.0.0.1
jdbc.url=96B8431EF61A243F563E61B9FB74AB726464B1BB2C5D174A9514EEE48015A87BC6FC1ABA62E71130
jdbc.username=24DDF3AB7770F8A7
jdbc.password=9E81A937B272BB92F3C11AB9447D7D3D




你可能感兴趣的:(采用DES加密方式对properties配置文件敏感信息加密处理)