java - 数据库账号的加密解密

• 1 加密解密算法的实现 - base64Decoder
• 2.数据库账号的加密
• 3. 数据库账号的解密
• 4. 开放的数据库用户名、密码的加密解密接口
• • 4.1 开放接口`DatabaseEnDeCryptInterface`:
  • 4.2 接口实现 - 参考

  在平台部署时，要求对数据库中的账号密码进行加密，并在程序读取时进行解密。这里详细描述了加密解密算法的实现及调用。
  这里我们使用的加密算法是java se环境中自带的加密算法 ：

算法原理：https://blog.csdn.net/mafei852213034/article/details/53331233.

算法实现：

package com.cry;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import sun.misc.base64Decoder;
import sun.misc.base64Encoder;

public class EncryptAndDecryptStr {
	private static Key key;
	
	public static String encryptStr(String key,String strMing) {
		getKey(key);
		byte[] byteMi = null;
		byte[] byteMing = null;
		String strMi = "";
		base64Encoder base64en = new base64Encoder();
		try {
			byteMing = strMing.getBytes("UTF8");
			byteMi = encToByte(byteMing);
			strMi = base64en.encode(byteMi);
		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			base64en = null;
			byteMing = null;
			byteMi = null;
		}
		return strMi;
	}
	
	public static String decryptStr(String key,String strDecry) {
		getKey(key);
		base64Decoder base64De = new base64Decoder();
		byte[] byteMing = null;
		byte[] byteMi = null;
		String strMing = "";
		try {
			byteMi = base64De.decodeBuffer(strDecry);
			byteMing = byteToEnc(byteMi);
			strMing = new String(byteMing, "UTF8");
		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			base64De = null;
			byteMing = null;
			byteMi = null;
		}
		return strMing;
	}
	private static void getKey(String strKey) {
		if(strKey == null || "".equals(strKey)){
			strKey = "ytxsoft";
		}
		try {
			KeyGenerator _generator = KeyGenerator.getInstance("DES");
//			SecureRandom 实现完全随操作系统本身的內部状态，除非调用方在调用 getInstance 方法，然后调用 setSeed 方法；该实现在 windows 上每次生成的 key 都相同，但是在 solaris 或部分 linux 系统上则不同。
			SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
		    random.setSeed(strKey.getBytes());
			_generator.init(random);
			key = _generator.generateKey();
			_generator = null;
		} catch (Exception e) {
			e.printStackTrace();
		}
	}
	private static byte[] encToByte(byte[] byteS) {
		byte[] byteFina = null;
		Cipher cipher;

		try {
			cipher = Cipher.getInstance("DES");
			cipher.init(Cipher.ENCRYPT_MODE, key);
			byteFina = cipher.doFinal(byteS);
		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			cipher = null;
		}
		return byteFina;
	}

	private static byte[] byteToEnc(byte[] byteD) {
		Cipher cipher;
		byte[] byteFina = null;
		try {
			cipher = Cipher.getInstance("DES");
			cipher.init(Cipher.DECRYPT_MODE, key);
			byteFina = cipher.doFinal(byteD);
		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			cipher = null;
		}
		return byteFina;
	}
}

  对常见的数据库配置文件，如下：

     com.mysql.jdbc.Driver
     jdbc:mysql://localhost:testDB/jbpmdb?useSSL=true&useUnicode=true&characterEncoding=UTF-8
     
     user1
     pass1

  通过函数调用加密算法，生成对应的用户名和密码的加密字符串，替代文件中的真实用户名和密码：

	public static void main(String[] args) {
		System.out.println(EncryptAndDecryptStr.encryptStr("testDB", "user1"));
		System.out.println(EncryptAndDecryptStr.encryptStr("testDB", "pass1"));
	}

结果输出：

此时，配置文件可更新为：

     com.mysql.jdbc.Driver
     jdbc:mysql://localhost:testDB/jbpmdb?useSSL=true&useUnicode=true&characterEncoding=UTF-8
     	
     l60UHD130pk=
     Sk2XHkX15CQ=

在读取数据库配置文件后，将加密的用户名和密码解密成原始配置

	public static void main(String[] args) {
		//加密
		System.out.println(EncryptAndDecryptStr.encryptStr("testDB", "user1"));
		System.out.println(EncryptAndDecryptStr.encryptStr("testDB", "pass1"));
		//解密
		System.out.println(EncryptAndDecryptStr.decryptStr("testDB", "l60UHD130pk="));
		System.out.println(EncryptAndDecryptStr.decryptStr("testDB", "Sk2XHkX15CQ="));
	}

结果输出：

public interface DatabaseEnDeCryptInterface{
	
	public String getEncryptUserName(String key,String userName);
	
	public String getDecryptUserName(String key,String strDecryUserName);
	
	public String getEncryptPassward(String key,String passward);
	
	public String getDecryptPassward(String key,String passward);
}

接口实现可根据实际情况自己实现：

private static DatabaseEnDeCryptInterface databaseInter;
    static{
    	databaseInter = new DatabaseEnDeCryptInterface() {
			@Override
			public String getEncryptUserName(String arg0, String arg1) {
				return EncryptAndDecryptStr.encryptStr(arg0, arg1);
			}
			@Override
			public String getEncryptPassward(String arg0, String arg1) {
				return EncryptAndDecryptStr.encryptStr(arg0, arg1);
			}
			@Override
			public String getDecryptUserName(String arg0, String arg1) {
				return EncryptAndDecryptStr.decryptStr(arg0, arg1);
			}
			@Override
			public String getDecryptPassward(String arg0, String arg1) {
				return EncryptAndDecryptStr.decryptStr(arg0, arg1);
			}
		};
    }

1 . 源码下载链接: https://download.csdn.net/download/weixin_44462773/24395402.
2 . 下一章：jbpm - hibernate 的数据库加密解密的实现.