配置文件中保存明文密码显得不那么安全,这里解决这个问题。配置文件中保存加密后的密文,在使用的时候再解密还原。
java.util.Base64是Java 1.8新增的,如果jdk版本低于1.8,请更换成其他的Base64工具。
import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.Base64; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.SecretKeySpec; public class EncryptUtils { /** * AES加密 * * [@param](https://my.oschina.net/u/2303379) ciphertext * 待加密的内容 * [@param](https://my.oschina.net/u/2303379) encryptKey * 加密密钥 * [@return](https://my.oschina.net/u/556800) 加密后的byte[] */ public static byte[] aesEncryptToBytes(String ciphertext, String encryptKey) { try { return getCipher(Cipher.ENCRYPT_MODE, encryptKey).doFinal( ciphertext.getBytes("utf-8")); } catch (IllegalBlockSizeException e) { e.printStackTrace(); return null; } catch (BadPaddingException e) { e.printStackTrace(); return null; } catch (UnsupportedEncodingException e) { e.printStackTrace(); return null; } catch (NoSuchAlgorithmException e) { e.printStackTrace(); return null; } } /** * AES解密 * * [@param](https://my.oschina.net/u/2303379) encryptBytes * 待解密的byte[] * [@param](https://my.oschina.net/u/2303379) decryptKey * 解密密钥 * @return 解密后的String */ public static String aesDecryptByBytes(byte[] encryptBytes, String decryptKey) { byte[] decryptBytes; try { decryptBytes = getCipher(Cipher.DECRYPT_MODE, decryptKey).doFinal( encryptBytes); } catch (IllegalBlockSizeException e) { e.printStackTrace(); return null; } catch (BadPaddingException e) { e.printStackTrace(); return null; } catch (NoSuchAlgorithmException e) { e.printStackTrace(); return null; } return new String(decryptBytes); } private static Cipher getCipher(int cipherMode, String encryptKey) throws NoSuchAlgorithmException { KeyGenerator kgen; SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); random.setSeed(encryptKey.getBytes()); try { kgen = KeyGenerator.getInstance("AES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); return null; } kgen.init(128, random); Cipher cipher; try { cipher = Cipher.getInstance("AES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); return null; } catch (NoSuchPaddingException e) { e.printStackTrace(); return null; } try { cipher.init(cipherMode, new SecretKeySpec(kgen.generateKey() .getEncoded(), "AES")); } catch (InvalidKeyException e) { e.printStackTrace(); return null; } return cipher; } /** * 根据传入的内容和密钥,返回加密后得到的base64字符串 * * @author ChangJian * @data 2018年7月25日 * @param ciphertext * 待加密的内容 * @param encryptKey * 密钥 * @return */ public static String encryptAesBase64(String ciphertext, String encryptKey) { return Base64.getEncoder().encodeToString(aesEncryptToBytes(ciphertext, encryptKey)); } /** * 把encryptAesBase64方法生成的base64形式的密码还原成明文密码 * * @author ChangJian * @data 2018年7月25日 * @param ciphertext * base64形式的密码 * @param decryptKey * 解密的密钥 * @return */ public static String decryptAesBase64(String ciphertext, String decryptKey) { return aesDecryptByBytes(Base64.getDecoder().decode(ciphertext), decryptKey); } /** * 测试 */ public static void main(String[] args) { String password = "password123456"; String decryptKey = "8F85C42859C4B883817EB72E37AF2A3E"; String ciphertext = encryptAesBase64(password, decryptKey); System.out.println("密文:" + ciphertext); System.out.println("解密:" + decryptAesBase64(ciphertext, decryptKey)); } }