1. 低版本2.x

引入依赖

1
2
3
4
5
<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>2.1.0</version>
</dependency>

手动引入依赖(内网环境)

1
2
3
4
5
6
7
8
9
10
<dependency>
    <groupId>org.jasypt</groupId>
    <artifactId>jasypt</artifactId>
    <version>1.9.2</version>
</dependency>
<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot</artifactId>
    <version>2.1.0</version>
</dependency>

生成密码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
public class PasswordEncrypt {

    public static void main(String[] args) {
	// write your code here
    StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
    EnvironmentPBEConfig config = new EnvironmentPBEConfig();

    config.setAlgorithm("PBEWithMD5AndDES");          // 加密的算法,这个算法是默认的
    config.setPassword("sigtuna");                        // 加密的密钥,随便自己填写,很重要千万不要告诉别人
    standardPBEStringEncryptor.setConfig(config);
    String url = "jdbc:mysql://xxx.xxx.xxx.xxx:3306/test?useUnicode=true&characterEncoding=UTF-8&useSSL=FALSE&serverTimezone=UTC&useOldAliasMetadataBehavior=true";         //自己的密码
    String root = "test";         //自己的密码
    String pwd = "test";         //自己的密码

    System.out.println("url "+ standardPBEStringEncryptor.encrypt(url));
    System.out.println("root "+ standardPBEStringEncryptor.encrypt(root));
    System.out.println("pwd "+ standardPBEStringEncryptor.encrypt(pwd));
    }
    
}

解密

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
public static List<String> decrypt(String url, String username, String pwd){

    StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
    EnvironmentPBEConfig config = new EnvironmentPBEConfig();
 
    config.setAlgorithm("PBEWithMD5AndDES");
    config.setPassword("sigtuna");
    standardPBEStringEncryptor.setConfig(config);
    String plainTextUrl = standardPBEStringEncryptor.decrypt(url);
    String plainTextUser = standardPBEStringEncryptor.decrypt(username);
    String plainTextPwd = standardPBEStringEncryptor.decrypt(pwd);
    System.out.println("url: "+plainTextUrl);
    System.out.println("username: "+plainTextUser);
    System.out.println("password: "+plainTextPwd);
    return null;
}

自动获取yml文件里的数据库配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157

public class PasswordDecrypt {

    public static void main(String[] args) throws FileNotFoundException {
//        decrypt("秘钥",
//                "秘钥",
//                "秘钥");
        EaseDecrypt();
    }

    public static List<String> Encrypt(String url,String username,String pwd){

        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        EnvironmentPBEConfig config = new EnvironmentPBEConfig();

        config.setAlgorithm("PBEWithMD5AndDES");          // 加密的算法,这个算法是默认的
        config.setPassword("sigtuna");                        // 加密的密钥,随便自己填写,很重要千万不要告诉别人
        standardPBEStringEncryptor.setConfig(config);
        // String url = "jdbc:mysql://xxx.xxxx.xxx.xxx:3306/test?useUnicode=true&characterEncoding=UTF-8&serverTimezone=GMT&autoReconnect=true&useSSL=false";         //自己的密码
        // String root = "test";         //自己的密码
        // String pwd = "test";         //自己的密码

        System.out.println("url "+ standardPBEStringEncryptor.encrypt(url));
        System.out.println("root "+ standardPBEStringEncryptor.encrypt(username));
        System.out.println("pwd "+ standardPBEStringEncryptor.encrypt(pwd));
        return null;
    }

    public static List<String> decrypt(String url, String username, String pwd){

        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        EnvironmentPBEConfig config = new EnvironmentPBEConfig();
 
        config.setAlgorithm("PBEWithMD5AndDES");
        config.setPassword("sigtuna");
        standardPBEStringEncryptor.setConfig(config);
        String plainTextUrl = standardPBEStringEncryptor.decrypt(url);
        String plainTextUser = standardPBEStringEncryptor.decrypt(username);
        String plainTextPwd = standardPBEStringEncryptor.decrypt(pwd);
        System.out.println("url: "+plainTextUrl);
        System.out.println("username: "+plainTextUser);
        System.out.println("password: "+plainTextPwd);
        return null;
    }


    public static List<String> EaseDecrypt() throws FileNotFoundException{

        // System.out.println("输入解密的配置文件地址");
        // Scanner scanner = new Scanner(System.in);
        // String filePath = scanner.nextLine();
        InputStream io = new FileInputStream("x:\\xxx\\application-dev.yml");
        Yaml yaml=new Yaml();
        Map<String, Object> map =yaml.load(io);
        String url = "";
        String username = "";
        String pwd = "";
//        System.out.println(map);
//        System.out.println(map.get("spring"));
//        System.out.println();

        // 获得url
        if (map.get("spring") != null && !map.get("spring").equals("")) {
            Map<String,Object> mapd = (Map<String, Object>) map.get("spring");
            if (mapd.get("datasource") != null) {
                Map<String,Object> mapdata = (Map<String, Object>) mapd.get("datasource");
                if (mapdata.get("druid") != null) {
                    Map<String,Object> mapdata1 = (Map<String, Object>) mapdata.get("druid");
                    if (mapdata1.get("master") != null) {
                        Map<String,Object> mapdata2 = (Map<String, Object>) mapdata1.get("master");
                        if (mapdata2.get("url") != null) {
                            url = (String) mapdata2.get("url");
                            username = (String) mapdata2.get("username");
                            pwd = (String) mapdata2.get("password");;
                        }
                    }
                }
            }
        }

        // 获得加密密码
        String algorithm = "";
        String password = "";
        String prefix = "";
        String suffix = "";
        if (map.get("jasypt") != null && !map.get("jasypt").equals("")) {
            Map<String,Object> mapd = (Map<String, Object>) map.get("jasypt");
            if (mapd.get("encryptor") != null) {
                Map<String,Object> mapdata = (Map<String, Object>) mapd.get("encryptor");
                algorithm = (String) mapdata.get("algorithm");
                password = (String) mapdata.get("password");


                if(mapdata.get("property")!= null){
                    Map<String,Object> mapdata1 = (Map<String, Object>) mapdata.get("property");
                    prefix = (String) mapdata1.get("prefix");
                    suffix = (String) mapdata1.get("suffix");
                }
            }
        }


        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        // 去除前缀
        url = removePro(url,prefix,suffix);
        username = removePro(username,prefix,suffix);
        pwd = removePro(pwd,prefix,suffix);

        EnvironmentPBEConfig config = new EnvironmentPBEConfig();
 
        config.setAlgorithm(algorithm);
        config.setPassword(password);
        standardPBEStringEncryptor.setConfig(config);
        String plainTextUrl = standardPBEStringEncryptor.decrypt(url);
        String plainTextUser = standardPBEStringEncryptor.decrypt(username);
        String plainTextPwd = standardPBEStringEncryptor.decrypt(pwd);
        System.out.println("url: "+plainTextUrl);
        System.out.println("username: "+plainTextUser);
        System.out.println("password: "+plainTextPwd);
        return null;
    }


    public static String removePro(String oString,String prefix,String suffix){

        String str = oString;
        if (prefix!=null) {
            str = oString.substring(prefix.length(), oString.length());
            oString = str;
            if (suffix!=null) {
                str = oString.substring(0, oString.length()-suffix.length());
            }
        }
        
        return str;
    }

    public static List<String> getMapKey(String key , Map<String,Object> map){

        List<String> list = new ArrayList<>();
        Map<String,Object> keyMap = new HashMap<>();
        if (key != null) {
            if (map.get(key) != null) {
                keyMap = (Map<String, Object>) map.get(key);
            }else{
                return null;
            }
        }else{
            keyMap = map;
        }
        for(String x : keyMap.keySet()){

        }
        return null;
    }

}

yml配置

1
2
3
4
5
6
7
jasypt:
  encryptor:
    algorithm: PBEWithMD5AndDES
    password: sigtuna
    property:
      prefix: reisen
      suffix:

数据库的配置用reisen包裹就可以了,这块可以自定义,默认的ENC

2.高版本3.x

引入依赖包

1
2
3
4
5
<dependency>
        <groupId>com.github.ulisesbocchio</groupId>
        <artifactId>jasypt-spring-boot-starter</artifactId>
        <version>3.0.3</version>
</dependency>

内网情况如下

1
2
3
4
5
6
7
8
9
10
11
12
<!-- https://mvnrepository.com/artifact/org.jasypt/jasypt -->
<dependency>
    <groupId>org.jasypt</groupId>
    <artifactId>jasypt</artifactId>
    <version>1.9.3</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.github.ulisesbocchio/jasypt-spring-boot -->
<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot</artifactId>
    <version>3.0.3</version>
</dependency>

生成秘钥

下面是一个工具类

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
 
public class JasypUtil {
 
    private static final String PBEWITHHMACSHA512ANDAES_256 = "PBEWITHHMACSHA512ANDAES_256";
 
    /**
     * @Description: Jasyp 加密(PBEWITHHMACSHA512ANDAES_256)
     * @Author:      Rambo
     * @CreateDate:  2020/7/25 14:34
     * @UpdateUser:  Rambo
     * @UpdateDate:  2020/7/25 14:34
     * @param		 plainText  待加密的原文
     * @param		 factor     加密秘钥
     * @return       java.lang.String
     * @Version:     1.0.0
     */
    public static String encryptWithSHA512(String plainText, String factor) {
        // 1. 创建加解密工具实例
        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        // 2. 加解密配置
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        config.setPassword(factor);
        config.setAlgorithm(PBEWITHHMACSHA512ANDAES_256);
        // 为减少配置文件的书写,以下都是 Jasyp 3.x 版本,配置文件默认配置
        config.setKeyObtentionIterations( "1000");
        config.setPoolSize("1");
        config.setProviderName("SunJCE");
        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
        config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
        config.setStringOutputType("base64");
        encryptor.setConfig(config);
        // 3. 加密
        return encryptor.encrypt(plainText);
    }
 
    /**
     * @Description: Jaspy解密(PBEWITHHMACSHA512ANDAES_256)
     * @Author:      Rambo
     * @CreateDate:  2020/7/25 14:40
     * @UpdateUser:  Rambo
     * @UpdateDate:  2020/7/25 14:40
     * @param		 encryptedText  待解密密文
     * @param		 factor         解密秘钥
     * @return       java.lang.String
     * @Version:     1.0.0
     */
    public static String decryptWithSHA512(String encryptedText, String factor) {
        // 1. 创建加解密工具实例
        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        // 2. 加解密配置
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        config.setPassword(factor);
        config.setAlgorithm(PBEWITHHMACSHA512ANDAES_256);
        // 为减少配置文件的书写,以下都是 Jasyp 3.x 版本,配置文件默认配置
        config.setKeyObtentionIterations( "1000");
        config.setPoolSize("1");
        config.setProviderName("SunJCE");
        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
        config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
        config.setStringOutputType("base64");
        encryptor.setConfig(config);
        // 3. 解密
        return encryptor.decrypt(encryptedText);
    }
    
    public static void main(String[] args) {
        String factor = "Angel";
        String plainText = "123456";
 
        String encryptWithSHA512Str = encryptWithSHA512(plainText, factor);
        String decryptWithSHA512Str = decryptWithSHA512(encryptWithSHA512Str, factor);
        System.out.println("采用AES256加密前原文密文:" + encryptWithSHA512Str);
        System.out.println("采用AES256解密后密文原文:" + decryptWithSHA512Str);
    }
}

yml的配置

1
2
3
4
5
6
7
8
9
10
11
spring:
 datasource:
  username: root
  password: ENC(8jLUdq0Fr7UhJGNwK/Nc6i6/WV4+UBpvtfBLDh4e3jZMJZAhPqfZdGlpFEUk24UZ)
  url: jdbc:mysql://localhost:3306/test?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC
  driver-class-name: com.mysql.cj.jdbc.Driver
 
jasypt:
 encryptor:
  password: Angel
  algorithm: PBEWITHHMACSHA512ANDAES_256