数据库加密

最新推荐文章于 2025-10-22 19:07:28 发布

原创最新推荐文章于 2025-10-22 19:07:28 发布 · 2.4k 阅读

2 ·

CC 4.0 BY-SA版权

文章标签：

#数据库加密

替换hibernate.xml中

<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:database.properties</value>
</list>
</property>
</bean>

为

<bean id="propertyConfigurer" class="com.loan.common.utils.PropertyEncrypt">
<property name="locations">
<list>
<value>classpath:database.properties</value>
</list>
</property>
</bean>

package com.loan.common.utils;

import java.io.FileReader;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;

import com.loan.common.encryption.Base64;
import com.qcash.rsa.server.DecryptionRSASecret;

/**
* Purpose: Spring-Hibernate Config xml database.properties content edcrypt
* @author Hermanwang
* @since JDK 1.8
* @date 2018年7月30日
* @MaintenancePersonnel Hermanwang
*/
public class PropertyEncrypt extends PropertyPlaceholderConfigurer {
   /**
   * 系统日志记录对象
   */
   private static final Log LOGGER = LogFactory.getLog(PropertyEncrypt.class);
   /**
   * 驱动
   */
   private String JDBC_DRIVER = "jdbc.driver";
   /**
   * Web 数据库URL
   */
   private String JDBC_URL = "jdbc.url";
   /**
   * Web 数据库用户名称
   */
   private String JDBC_USER = "jdbc.user";
   /**
   * Web 数据库用户密码
   */
   private String JDBC_PASSWORD = "jdbc.password";

   /**
   * (non-Javadoc)
   * @see org.springframework.beans.factory.config.PropertyPlaceholderConfigurer#processProperties(org.springframework.beans.factory.config.ConfigurableListableBeanFactory, java.util.Properties)
   */
   @Override
   protected void processProperties(ConfigurableListableBeanFactory beanFactoryToProcess, Properties props)
           throws BeansException {
       FileReader fReader = null;
       try {
           fReader = new FileReader(PropertiesManager.getProValueByKey(PropertiesManager.ENCRYPTION_PATH));
           Map<String, String> maps = new HashMap<String, String>();
           maps.put(JDBC_DRIVER, props.getProperty(JDBC_DRIVER));
           maps.put(JDBC_URL, props.getProperty(JDBC_URL));
           maps.put(JDBC_USER, props.getProperty(JDBC_USER));
           maps.put(JDBC_PASSWORD, props.getProperty(JDBC_PASSWORD));
           // 解密
           maps = DBdecrypt.decryptMap(fReader, maps);
           // Driver
           props.setProperty(JDBC_DRIVER, maps.get(JDBC_DRIVER));
           // web url
           props.setProperty(JDBC_URL, maps.get(JDBC_URL));
           // web username
           props.setProperty(JDBC_USER, maps.get(JDBC_USER));
           // web password
           props.setProperty(JDBC_PASSWORD, maps.get(JDBC_PASSWORD));
           super.processProperties(beanFactoryToProcess, props);
       } catch (Exception e) {
           LOGGER.error(this.getClass().getName() + ".processProperties() is error --> " + e);
       } finally {
           try {
               fReader.close();
           } catch (IOException ioe) {
               LOGGER.error(this.getClass().getName() + ".processProperties() try catch finally is error --> " + ioe);
           }
       }
   }
}

package com.loan.common.utils;

import java.io.BufferedReader;
import java.io.FileReader;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Iterator;
import java.util.Map;

import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;

import sun.misc.BASE64Decoder;
/**
 * Purpose: 数据库解密
 * @author Hermanwang
 * @since  JDK 1.8
 * @date   2018年11月21日
 * @MaintenancePersonnel Hermanwang
 */
public class DBdecrypt {
    
    private static Cipher cipher;

    static {
        try {
            cipher = Cipher.getInstance("RSA");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (NoSuchPaddingException e) {
            e.printStackTrace();
        }
    }
    /**
     * 得到私钥
     * 
     * @param key
     *            密钥字符串（经过base64编码）
     * @throws Exception
     */
    public static PrivateKey getPrivateKey(String key) throws Exception {
        byte[] keyBytes;
        keyBytes = (new BASE64Decoder()).decodeBuffer(key);
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
        return privateKey;
    }
    /**
     * Purpose:批量解密
     * @author Hermanwang
     * @param fr
     * @param maps
     * @return
     * @return Map<String,String>
     */
    public static Map<String, String> decryptMap(FileReader fr, Map<String, String> maps) {
        try {
            BufferedReader br = new BufferedReader(fr);
            String privateKeyString = "";
            String str;
            while ((str = br.readLine()) != null) {
                privateKeyString += str;
            }
            br.close();
            fr.close();
            cipher.init(Cipher.DECRYPT_MODE, getPrivateKey(privateKeyString));
            Iterator it = maps.entrySet().iterator();
            while (it.hasNext()) {
                Map.Entry entry = (Map.Entry) it.next();
                maps.put(entry.getKey().toString(), new String(cipher.doFinal((new BASE64Decoder()).decodeBuffer(entry.getValue().toString()))));
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return maps;
    }
}