数据库密码加解密

4dkankan-utils-db/pom.xml

@@ -54,6 +54,12 @@
             <version>1.1.22</version>
         </dependency>
 
+        <dependency>
+            <groupId>com.icbc</groupId>
+            <artifactId>hsm-software-icbc</artifactId>
+            <version>1.0.4</version>
+        </dependency>
+
 
     </dependencies>
 

4dkankan-utils-db/src/main/java/com/fdkankan/db/config/DruidConfig.java

@@ -4,6 +4,8 @@ import java.sql.SQLException;
 //import javax.servlet.Filter;
 //import javax.servlet.Servlet;
 import javax.sql.DataSource;
+
+import com.fdkankan.db.utils.SM4;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
@@ -27,15 +29,12 @@ public class DruidConfig {
 
     @Bean
     @ConditionalOnMissingBean
-    public DataSource druidDataSource() {
-
-//        String
-
+    public DataSource druidDataSource() throws Exception {
         DruidDataSource druidDataSource = new DruidDataSource();
         druidDataSource.setDriverClassName(properties.getDriverClassName());
         druidDataSource.setUrl(properties.getUrl());
         druidDataSource.setUsername(properties.getUsername());
-        druidDataSource.setPassword(properties.getPassword());
+        druidDataSource.setPassword(SM4.decryptBySM4FromFile(properties.getPassword()));
         druidDataSource.setInitialSize(properties.getInitialSize());
         druidDataSource.setMinIdle(properties.getMinIdle());
         druidDataSource.setMaxActive(properties.getMaxActive());

4dkankan-utils-db/src/main/java/com/fdkankan/db/utils/SM4.java

@@ -1,75 +1,71 @@
-//package com.fdkankan.db.utils;
-//
-//import java.io.File;
-//import org.springframework.core.io.ClassPathResource;
-//import com.icbc.hsm.software.apiLib.Cipher;
-//import com.icbc.hsm.software.basic.HsmKeyParameter;
-//import com.icbc.hsm.software.security.KeyLoader;
-//import com.icbc.hsm.utils.encoders.Hex;
-//
-//public class SM4 {
-//
-//	private final static String algorithm = "SM4";//加密算法
-//	private final static String pass = null;//不预留口令，设置为null
-//	private static String cmcKeyPath="";
-//
-//	public static String encryptBySM4FromFile(String sourceData) throws Exception {
-//		cmcKeyPath=(new ClassPathResource("CMC_SM4KEY_DMSP.key").getFile()).getPath();
-//		File cmcKeyFile = new File(cmcKeyPath);
-//		String cmcKey = FileUtil.getFileConent(cmcKeyFile,"UTF-8");
-//
-//		String pass = encryptBySM4(sourceData,cmcKey);
-//		return pass;
-//	}
-//
-//	public static String decryptBySM4FromFile(String sourceData) throws Exception {
-//		cmcKeyPath=(new ClassPathResource("CMC_SM4KEY_DMSP.key").getFile()).getPath();
-//		File cmcKeyFile = new File(cmcKeyPath);
-//		String cmcKey = FileUtil.getFileConent(cmcKeyFile,"UTF-8");
-//
-//		String pass = decryptBySM4(sourceData,cmcKey);
-//		return pass;
-//	}
-//
-//	public static String encryptBySM4(String sourceData, String sm4Dek) throws Exception {
-//		// 1. 获得密钥对象
-//		HsmKeyParameter keyParm = null;
-//		try {
-//			keyParm = KeyLoader.loadOneKey(sm4Dek, pass);
-//		} catch (Exception e) {
-//			throw e;
-//		}
-//		// 2. 获得算法实例
-//		Cipher cipher = Cipher.getInstance(algorithm);
-//		// 3. 获得加密结果
-//		byte[] data = sourceData.getBytes();
-//		byte[] encrytedData = null;
-//		try {
-//			encrytedData = cipher.encipher(keyParm, data);
-//		} catch (Exception e) {
-//			throw e;
-//		}
-//		return Hex.toHexString(encrytedData);//密文转换成String
-//	}
-//
-//	public static String decryptBySM4(String encrytedData, String sm4Dek) throws Exception {
-//		// 1. 获得密钥对象
-//		HsmKeyParameter keyParm = null;
-//		try {
-//			keyParm = KeyLoader.loadOneKey(sm4Dek, pass);
-//		} catch (Exception e) {
-//			throw e;
-//		}
-//		// 2. 获得算法实例
-//		Cipher cipher = Cipher.getInstance(algorithm);
-//		// 3. 获得解密结果
-//		byte[] decryptedData = null;
-//		try {
-//			decryptedData = cipher.decipher(keyParm, Hex.decode(encrytedData));
-//		} catch (Exception e) {
-//			// TODO Auto-generated catch block
-//			e.printStackTrace();
-//		}
-//		return new String(decryptedData);
-//	}
-//}
+package com.fdkankan.db.utils;
+
+import java.io.File;
+
+import cn.hutool.core.io.FileUtil;
+import org.springframework.core.io.ClassPathResource;
+import com.icbc.hsm.software.apiLib.Cipher;
+import com.icbc.hsm.software.basic.HsmKeyParameter;
+import com.icbc.hsm.software.security.KeyLoader;
+import com.icbc.hsm.utils.encoders.Hex;
+
+public class SM4 {
+
+	private final static String algorithm = "SM4";//加密算法
+	private final static String pass = null;//不预留口令，设置为null
+	private static String cmcKeyPath="/opt/ossutil/CMC_SM4KEY_DMSP.key";
+
+	public static String encryptBySM4FromFile(String sourceData) throws Exception {
+        String cmcKey = FileUtil.readUtf8String(cmcKeyPath);
+		String pass = encryptBySM4(sourceData,cmcKey);
+		return pass;
+	}
+
+	public static String decryptBySM4FromFile(String sourceData) throws Exception {
+        String cmcKey = FileUtil.readUtf8String(cmcKeyPath);
+		String pass = decryptBySM4(sourceData,cmcKey);
+		return pass;
+	}
+
+	public static String encryptBySM4(String sourceData, String sm4Dek) throws Exception {
+		// 1. 获得密钥对象
+		HsmKeyParameter keyParm = null;
+		try {
+			keyParm = KeyLoader.loadOneKey(sm4Dek, pass);
+		} catch (Exception e) {
+			throw e;
+		}
+		// 2. 获得算法实例
+		Cipher cipher = Cipher.getInstance(algorithm);
+		// 3. 获得加密结果
+		byte[] data = sourceData.getBytes();
+		byte[] encrytedData = null;
+		try {
+			encrytedData = cipher.encipher(keyParm, data);
+		} catch (Exception e) {
+			throw e;
+		}
+		return Hex.toHexString(encrytedData);//密文转换成String
+	}
+
+	public static String decryptBySM4(String encrytedData, String sm4Dek) throws Exception {
+		// 1. 获得密钥对象
+		HsmKeyParameter keyParm = null;
+		try {
+			keyParm = KeyLoader.loadOneKey(sm4Dek, pass);
+		} catch (Exception e) {
+			throw e;
+		}
+		// 2. 获得算法实例
+		Cipher cipher = Cipher.getInstance(algorithm);
+		// 3. 获得解密结果
+		byte[] decryptedData = null;
+		try {
+			decryptedData = cipher.decipher(keyParm, Hex.decode(encrytedData));
+		} catch (Exception e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+		return new String(decryptedData);
+	}
+}