SpringBoot Druid对配置文件中数据库密码加密

引用依赖

        
            com.alibaba
            druid-spring-boot-starter
            1.2.16
        

配置文件，其中password为加密过的密码

spring:
  datasource:
    type: com.alibaba.druid.pool.DruidDataSource
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
    username: root
    password: gIAJRNPtYE2n+00XbtYHUZiXp3wJXkBgavDauejensplt4js+wVnl/kS7bPBra8YdBtxc4WgtVcnbZvskeOofQ==
    druid:
      initial-size: 10
      max-active: 100
      min-idle: 10
      max-wait: 6000
      pool-prepared-statements: true
      max-pool-prepared-statement-per-connection-size: 20
      time-between-eviction-runs-millis: 60000
      min-evictable-idle-time-millis: 300000
      #Oracle需要打开注释
      #      validation-query: SELECT 1 FROM DUAL
      test-while-idle: true
      test-on-borrow: false
      test-on-return: false
      stat-view-servlet:
        enabled: true
        url-pattern: /druid/*
        login-username: admin
        login-password: 123456
      filter:
        stat:
          log-slow-sql: true
          slow-sql-millis: 1000
          merge-sql: false
        wall:
          config:
            multi-statement-allow: true
        config:
          enabled: true

DataSource配置类，其中PUBLICKEY公钥为生成的用于解析加密密码所用

@Configuration
public class DataSourceConfig {

    private static final String PUBLICKEY="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAI" +
            "+pQptB9iOABJIJWoFeVkMQ7B26fSggMY6JUZLpcaNng/SKN70EKcadOxlF1D2hf27ZTRw/E9zG4DUZZGLRIT0CAwEAAQ==";
    @Value("${spring.datasource.url}")
    private String url;

    @Value("${spring.datasource.username}")
    private String username;

    @Value("${spring.datasource.password}")
    private String password;

    @Value("${spring.datasource.driver-class-name}")
    private String driverClass;

    @Bean
    @Primary
    public DataSource dataSource() throws SQLException {
        DruidDataSource dataSource = new DruidDataSource();
        dataSource.setDriverClassName(this.driverClass);
        dataSource.setUrl(this.url);
        dataSource.setUsername(this.username);
        dataSource.setPassword(this.password);

        Properties properties = new Properties();
        properties.setProperty("config.decrypt", "true");
        properties.setProperty("config.decrypt.key", PUBLICKEY);
        dataSource.setConnectProperties(properties);
        dataSource.setFilters("config");
        return dataSource;
    }
}

 公私钥的生成，Druid加密密码原理，私钥+明文密码生成加密后密码，公钥+加密后密码生成解密后明文密码

        String[] keyPair = ConfigTools.genKeyPair(512);
        String privateKey = keyPair[0];
        System.out.println(String.format("privateKey-->%s", privateKey));
        String publicKey = keyPair[1];
        System.out.println(String.format("publicKey-->%s", publicKey));

        String plainText = "123456";
        System.out.println("明文密码：" + plainText);
        String cipherText = ConfigTools.encrypt(privateKey, plainText);
        System.out.println("加密后密码：" + cipherText);

        System.out.println("加密密码：" + cipherText);
        String plainTextnew = ConfigTools.decrypt(publicKey, cipherText);
        System.out.println("解密后密码：" + plainTextnew);