给hibernate配置文件加密、解密的方案

作者：（来自javaeye论坛） 2007-04-20

内容导航：

【IT168 技术文档】

之前有人问过hibernate密码问题，大家都没有给出一个具体的解决方案，所以我就看了一下代码，把我的想法和实现拿出来和大家讨论一下。我现在的环境是spring+hibernate，但是这并不影响这个加密解密的问题，其他环境应该是略有不同，但是思路肯定是一样的。

总体思路：在工程的配置文件中填写数据库密码的密文，在应用程序使用datasource的时候解密成明文以创建连接。

步骤1
使用java的中cipher类并使用DES（对称加密算法）算法对明文进行加密
````````````````这里如何使用cipher类和DES算法的原理可以上网查找，我懒得写了，如果大家真的也怕麻烦自己去找的话我再写一个贴出来吧

 1public class DESUtil ...{
 2
 3    public static void main(String[] args)...{
 4        try ...{
 5            if(args[0].equals("-genKey"))...{
 6                generateKey(args[1]);
 7            }else...{
 8
 9                //if (args[0].equals("-encrypt"))encrypt();
10
11                //else decrypt();      
12            }
13        }catch (Exception e) ...{
14            // TODO: handle exception   
15        }
16    }
17
18    public static String encrypt(String plainText, String encryptString, File keyFile)throws IOException, ClassNotFoundException,GeneralSecurityException...{
19        ObjectInputStream keyIn = new ObjectInputStream(new FileInputStream(keyFile));
20        int mode = Cipher.ENCRYPT_MODE;
21        Key key = (Key)keyIn.readObject();
22        keyIn.close();
23
24        InputStream in = new FileInputStream(plainText);
25        OutputStream out = new FileOutputStream(encryptString);
26
27        Cipher cipher = Cipher.getInstance("DES");
28        cipher.init(mode, key);
29
30        doEncryptAndDecrypt(in, out, cipher);
31
32        String result = out.toString();
33        System.out.print(result);
34        in.close();
35        out.close();
36        return result;
37    }
38
39    public static String decrypt(String encryptString, String plainText, File keyFile)throws IOException, ClassNotFoundException,GeneralSecurityException...{
40        ObjectInputStream keyIn = new ObjectInputStream(new FileInputStream(keyFile));
41        int mode = Cipher.DECRYPT_MODE;
42        Key key = (Key)keyIn.readObject();
43        keyIn.close();
44
45        InputStream in = new FileInputStream(encryptString);
46        OutputStream out = new FileOutputStream(plainText);
47
48        Cipher cipher = Cipher.getInstance("DES");
49        cipher.init(mode, key);
50
51        doEncryptAndDecrypt(in, out, cipher);
52
53        String result = out.toString();
54        System.out.print(result);
55        in.close();
56        out.close();
57        return result;
58    }
59
60    public static void doEncryptAndDecrypt(InputStream in, OutputStream out, Cipher cipher)throws IOException, GeneralSecurityException...{
61        int blockSize = cipher.getBlockSize();
62        int outputSize = cipher.getOutputSize(blockSize);
63
64        byte[] inBytes = new byte[blockSize];
65        byte[]  outBytes = new byte[outputSize];
66
67        int inLength = 0;
68        boolean more = true;
69
70        while(more)...{
71            inLength = in.read(inBytes);
72            if(inLength == blockSize)...{
73                int outLength = cipher.update(inBytes, 0, blockSize, outBytes);
74                out.write(outBytes,0,outLength);
75            }
76            else more = false;
77        }
78
79        if(inLength>0) outBytes = cipher.doFinal(inBytes, 0, inLength);
80        else outBytes = cipher.doFinal();
81
82        out.write(outBytes);
83
84    }
85
86    public static void generateKey(String path) throws Exception...{
87        KeyGenerator keygen = KeyGenerator.getInstance("DES");
88        SecureRandom random = new SecureRandom();
89
90        keygen.init(random);
91        SecretKey key = keygen.generateKey();
92
93        ObjectOutputStream out = new ObjectOutputStream( new FileOutputStream(path));
94        out.writeObject(key);
95        out.close();
96    }
97
98}
99

通过以上的encrypt方法得到一个密码的密文（一般的密码是明文，作为参数传进去可以得到对应的密文），比如说21sadf25

1 2

【内容导航】

第1页： 步骤1

第2页：步骤2

[责任编辑：李宁]

[an error occurred while processing this directive]