druid 数据库加密方法
利用配置完成加密
- 利用druid的jar包生成对应的publicKey,privateKey,password
~ java -cp D:\environment\apache-maven-3.6.3\repository\com\alibaba\druid\1.2.4\druid-1.2.4.jar com.alibaba.druid.filter.config.ConfigTools 123456
- 执行命令后生成对应的值:
privateKey:MIIBVgIBADANBgkqhkiG9w0BAQEFAASCAUAwggE8AgEAAkEAiNTHXZbTodDI86PXYVH8vh4JnYoYbNTUBWjRFZrzKgnuQtma/2XNNL16a4K0dtJrRmur/HUDZGtJsBJYJaIo3wIDAQABAkAMwbmskgk9BtgVTusfmaM0nlxLIbrROq5hqroDh6SwAIYdO2sHyp/lSrHzRPhVqinrcyLSO3zmH1wiA gZoYfKxAiEAvdqlMAr3JqJ5zlVylnJ6JE1ihQRuLQ13z1MKGeiCVlUCIQC4gPHJwyyMQzgOYbFxc8YnD/OwVrRVZG57OlVnHVmuYwIhAIXnQ2DKKx0NtVlo/OPNpAYcqmLlCAwwlpMcn2A8lEjtAiEArsefxNT6J2kp+h27nVDiPnDTFZIdRONd8ahB7OuV4CcCIQCjm3CKZhuxeCUJOq8+HQQ8XxWf/0UeMSIBD b9rAA0h8Q==publicKey:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIjUx12W06HQyPOj12FR/L4eCZ2KGGzU1AVo0RWa8yoJ7kLZmv9lzTS9emuCtHbSa0Zrq/x1A2RrSbASWCWiKN8CAwEAAQ==password:B0HU/gB6puPrjMg4EHs9Fw8GdW7rr4i9XCsbmTuQYtxw3SslSkCc1EjTt5fP/EYuuwltf3ls4oFbCbh8gO9+Bg==
- 将生成的publicKey, password配置到配置文件中
spring datasource typecom.alibaba.druid.pool.DruidDataSource driver-class-namecom.mysql.cj.jdbc.Driver druid usernametest passwordpU6kFhGmzI1DVeFtvIVBberT86KsIUE/iPQeN7wsqHyYNAnvQ/2GZBbOCvdm7SJpaC3klmqtCdvfDtk1FLocQA== urljdbcmysql//localhost3306/test?characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&allowMultiQueries=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=Asia/Shanghai filter config enabledtrue connection-propertiesconfig.decrypt=true;config.decrypt.key=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMUKJrfaFd7QgLYKdU6/auBBAHn7DgRZKRdMo6yRqcaAWLjudPH4OP58A3EgMc/GFlvHjVK3pF/Qz/FTVKBtPksCAwEAAQ== filtersstat,wall
- 进行程序连接
自定义key完成加密
自定义加密需要加一个重写密码解密的类
- 新建MyDruidPwd.java
packagecom.education.config; importcom.alibaba.druid.util.DruidPasswordCallback; importlombok.extern.slf4j.Slf4j; importjava.util.Properties; /*** @author code* @version 1.0* @date 2021/4/15 13:41*/publicclassMyDruidPwdextendsDruidPasswordCallback { publicstaticfinalStringkey="-education"; publicvoidsetProperties(Propertiesproperties) { super.setProperties(properties); char[] chars=null; try { Stringciphertext=properties.getProperty("pwd"); //安装之前密码加密的方式进行解密Stringpwd=encryptPwd(ciphertext); chars=pwd.toCharArray(); } catch (Exceptione) { e.printStackTrace(); log.info("解密失败,{}", e.getMessage()); } super.setPassword(chars); } /*** 自定义解密** @param pwd* @return*/privateStringencryptPwd(Stringpwd) { //自定义加密,可用md5加密//TODOreturnpwd.split(key)[0]; } /*** 自定义加密* @param ciphertext* @return*/privatestaticStringdecryptPwd(Stringciphertext) { //自定义解密,按照加密方式进行解密//TODOreturnciphertext+key; } publicstaticvoidmain(String[] args) { System.out.println(decryptPwd("pU6kFhGmzI1DVeFtvIVBberT86KsIUE/iPQeN7wsqHyYNAnvQ/2GZBbOCvdm7SJpaC3klmqtCdvfDtk1FLocQA==")); } }
- yml配置
spring datasource typecom.alibaba.druid.pool.DruidDataSource driver-class-namecom.mysql.cj.jdbc.Driver druid usernametest password urljdbcmysql//localhost3306/test?characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&allowMultiQueries=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=Asia/Shanghai connection-propertiespwd=test123456 filtersstat,wall password-callback-class-namecom.education.config.MyDruidPwd
- 解密过程
在自定义类的重写方法中按照自定义加密规则进行解密再赋值给druid.
