ingrun

Appearance

Return to top
本页目录

数据库链接加密

引入依赖

xml
     <dependency>
            <groupId>cn.hutool</groupId>
            <artifactId>hutool-all</artifactId>
            <version>5.8.20</version>
        </dependency>

        <!--        国密加密-->
        <dependency>
            <groupId>org.bouncycastle</groupId>
            <artifactId>bcpkix-jdk15on</artifactId>
            <version>1.60</version>
        </dependency>

        <!-- 数据库加密 -->
        <dependency>
            <groupId>com.github.ulisesbocchio</groupId>
            <artifactId>jasypt-spring-boot-starter</artifactId>
            <version>3.0.5</version>
        </dependency>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

自定义加密方法

java
import cn.hutool.core.util.CharsetUtil;
import cn.hutool.crypto.SmUtil;
import cn.hutool.crypto.symmetric.SymmetricCrypto;
import org.jasypt.encryption.StringEncryptor;
import org.springframework.stereotype.Component;

@Component("customStringEncryptor")
public class CustomStringEncryptor implements StringEncryptor {

    // 加密秘钥可以从其他地方引入,  例如配置文件,然后可以在启动时用命令行指定,提高安全性
    private final String salt = "1234567891234567";

    @Override
    public String encrypt(String message) {
        SymmetricCrypto sm4 = SmUtil.sm4(salt.getBytes());
        return sm4.encryptHex(message);
    }

    @Override
    public String decrypt(String encryptedMessage) {
        SymmetricCrypto sm41 = SmUtil.sm4(salt.getBytes());
        return sm41.decryptStr(encryptedMessage, CharsetUtil.CHARSET_UTF_8);
    }

}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

添加配置

yaml
# application.yml
jasypt:
  encryptor:
    bean: customStringEncryptor
1
2
3
4

输出加密串

java
    public static void main(String[] args) {

        String url = "jdbc:mysql://127.0.0.1:3306/test";
        String username = "root";
        String password = "root";

        System.out.println(new CustomStringEncryptor().encrypt(url));
        System.out.println(new CustomStringEncryptor().encrypt(username));
        System.out.println(new CustomStringEncryptor().encrypt(password));
    }


// 获取加密串后记得移除此代码
1
2
3
4
5
6
7
8
9
10
11
12
13

配置加密后的连接地址

yaml
# application.yml

spring:
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: ENC(***********************)
    username: ENC(***********************)
    password: ENC(***********************)
1
2
3
4
5
6
7
8