本文主要是介绍springboot使用jasypt对配置文件加密,加密数据库连接,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
springboot使用jasypt对配置文件加密
- springboot配置
- 通过明文获取加密的值
- 通过密文和盐值解密得到明文
- 代码封装工具类
<dependency><groupId>com.github.ulisesbocchio</groupId><artifactId>jasypt-spring-boot-starter</artifactId><version>1.14</version>
</dependency>
springboot配置
jasypt:encryptor:password: saltValue #salt值,密文加盐
spring:datasource: # 数据库链接db1:jdbc-url: jdbc:mysql://x.x.x.x:3306/db_test?useUnicode=true&characterEncoding=utf8&useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=GMT%2B8username: root #也可以加密用户名,依然是ENC()格式,这里没有进行加密password: ENC(OVL1V3KDtTa8w9IIOVuSdeyCOsZXAN0+) #加密了密码,ENC()括号内为密文driver-class-name: com.mysql.cj.jdbc.Drivermapper-locations: classpath*:mapper/otcmapper/*.xml
启动类添加注解:@EnableEncryptableProperties
@SpringBootApplication(exclude = DataSourceAutoConfiguration.class)
@EnableEncryptableProperties
@EnableScheduling
//@EnableAsync
public class SpBatchApplication {public static void main(String[] args) {SpringApplication.run(SpBatchApplication.class, args);}
}
通过明文获取加密的值
- cmd在自己的maven仓库目录下执行命令,(要保证依赖下载下来了)
解释:
input:
文字的明文
password:
加密的盐值(可随意,必须=jasypt:encryptor:password: saltValue)
algorithm:
PBEWithMD5AndDES(默认算法)
java -cp org/jasypt/jasypt/1.9.2/jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input="密码明文" password=saltValue algorithm=PBEWithMD5AndDES
执行后输出结果:OUTPUT就是密文了,把密文替换yml的属性值就行
ENC(OVL1V3KDtTa8w9IIOVuSdeyCOsZXAN0+)
----ARGUMENTS-------------------algorithm: PBEWithMD5AndDES
input: 密码明文
password: saltValue----OUTPUT----------------------OVL1V3KDtTa8w9IIOVuSdeyCOsZXAN0+
启动springboot就会自动解密了
通过密文和盐值解密得到明文
java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI input="加密后的密文" password=saltValue algorithm=PBEWithMD5AndDES
代码封装工具类
public class JasyptUtil {private static final String PBEWITHMD5ANDDES = "PBEWithMD5AndDES";private static final String PBEWITHHMACSHA512ANDAES_256 = "PBEWITHHMACSHA512ANDAES_256";/*** * @param text 待加密原文* @param crack 盐值(密钥)* @return 加密后的字符串* @Description: Jasypt加密(PBEWithMD5AndDES)*/public static String encryptWithMD5(String text, String crack) {
//1.创建加解密工具实例StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
//2.加解密配置EnvironmentStringPBEConfig config = new EnvironmentStringPBEConfig();config.setAlgorithm(PBEWITHMD5ANDDES);config.setPassword(crack);encryptor.setConfig(config);
//3.加密return encryptor.encrypt(text);}/*** * @param text 待解密原文* @param crack 盐值(密钥)* @return 解密后的字符串* @Description: Jasypt解密(PBEWithMD5AndDES)*/public static String decryptWithMD5(String text, String crack) {
//1.创建加解密工具实例StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
//2.加解密配置EnvironmentStringPBEConfig config = new EnvironmentStringPBEConfig();config.setAlgorithm(PBEWITHMD5ANDDES);config.setPassword(crack);encryptor.setConfig(config);
//解密return encryptor.decrypt(text);}/*** * @param text 待加密的原文* @param crack 盐值(密钥)* @return 加密后的字符串* @Description: jasypt 加密(PBEWITHHMACSHA512ANDAES_256)*/public static String encryptWithSHA512(String text, String crack) {
//1.创建加解密工具实例PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
//2.加解密配置SimpleStringPBEConfig config = new SimpleStringPBEConfig();config.setPassword(crack);config.setAlgorithm(PBEWITHHMACSHA512ANDAES_256);
// 为减少配置文件的书写,以下都是 Jasypt 3.x 版本,配置文件默认配置config.setKeyObtentionIterations("1000");config.setPoolSize("1");config.setProviderName("SunJCE");config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");config.setStringOutputType("base64");encryptor.setConfig(config);
//3.加密return encryptor.encrypt(text);}/*** * @param text 待解密原文* @param crack 盐值(密钥)* @return 解密后的字符串* @Description: jasypt 解密(PBEWITHHMACSHA512ANDAES_256)*/public static String decryptWithSHA512(String text, String crack) {
//1.创建加解密工具实例PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
//2.加解密配置SimpleStringPBEConfig config = new SimpleStringPBEConfig();config.setPassword(crack);config.setAlgorithm(PBEWITHHMACSHA512ANDAES_256);
// 为减少配置文件的书写,以下都是 Jasypt 3.x 版本,配置文件默认配置config.setKeyObtentionIterations("1000");config.setPoolSize("1");config.setProviderName("SunJCE");config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");config.setStringOutputType("base64");encryptor.setConfig(config);
//3.解密return encryptor.decrypt(text);}
}
这篇关于springboot使用jasypt对配置文件加密,加密数据库连接的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!