Spring加密和解密属性文件中的API密钥

本文介绍了Spring加密和解密属性文件中的API密钥的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！问题描述

我有一个位于Tomcat中的属性文件，以及位于src / test / resources中的测试的属性文件。

I have a properties file located in Tomcat and a properties file for testing located in src/test/resources.

目前我有以下设置。我的属性文件加载到我的XML文件 config.xml

At the moment I have the following setup. My properties files are loaded in my XML files config.xml

<?xml version="1.0" encoding="UTF-8"?>  <beans xmlns="www.springframework/schema/beans" xmlns:xsi="www.w3/2001/XMLSchema-instance" xmlns:p="www.springframework/schema/p" xmlns:cache="www.springframework/schema/cache" xmlns:context="www.springframework/schema/context" xmlns:tx="www.springframework/schema/tx" xsi:schemaLocation=" www.springframework/schema/beans www.springframework/schema/beans/spring-beans.xsd www.springframework/schema/context www.springframework/schema/context/spring-context.xsd www.springframework/schema/tx www.springframework/schema/tx/spring-tx.xsd www.springframework/schema/cache www.springframework/schema/cache/spring-cache.xsd">  <context:component-scan base-package="be.omniatravel.service" /> <context:property-placeholder location="file:${catalina.base}/conf/omniatravel.properties" ignore-unresolvable="true" /> <tx:annotation-driven /> </beans>

test-config.xml

<?xml version="1.0" encoding="UTF-8"?>  <beans xmlns="www.springframework/schema/beans" xmlns:xsi="www.w3/2001/XMLSchema-instance" xmlns:p="www.springframework/schema/p" xmlns:cache="www.springframework/schema/cache" xmlns:context="www.springframework/schema/context" xmlns:tx="www.springframework/schema/tx" xsi:schemaLocation=" www.springframework/schema/beans www.springframework/schema/beans/spring-beans.xsd www.springframework/schema/context www.springframework/schema/context/spring-context.xsd www.springframework/schema/tx www.springframework/schema/tx/spring-tx.xsd www.springframework/schema/cache www.springframework/schema/cache/spring-cache.xsd">  <context:component-scan base-package="be.omniatravel.service" /> <context:property-placeholder location="classpath:omniatravel_test.properties" ignore-unresolvable="true" /> <tx:annotation-driven /> </beans>

我可以通过将它放在我的Java文件中来访问这些值

And I am able to access these values by doing placing this in my Java files

public class SunnycarsClient extends WebServiceGatewaySupport { @Value("${sunnycars.serviceUri}") private String uri; // provided by the webservice @Value("${sunnycars.operatingKey}") private String key; // provide by the webservice @Value("${sunnycars.passphrase}") private String passphrase; // provided by the webservice }

目前，密码短语存储在这些属性中作为平面文本。我想将它们存储为加密值，以尽量减少风险，并且仍然可以按照现在的方式进行访问。

At the moment the operatingKey and passphrase are stored in these properties as plane text. I want to store them as an encrypted value to minimize the risk and still be able to access in the way I do now.

所以我现在做的是将config.xml的内容替换为

So what i did now is replace the content of config.xml to

<?xml version="1.0" encoding="UTF-8"?>  <beans xmlns="www.springframework/schema/beans" xmlns:xsi="www.w3/2001/XMLSchema-instance" xmlns:p="www.springframework/schema/p" xmlns:cache="www.springframework/schema/cache" xmlns:context="www.springframework/schema/context" xmlns:tx="www.springframework/schema/tx" xsi:schemaLocation=" www.springframework/schema/beans www.springframework/schema/beans/spring-beans.xsd www.springframework/schema/context www.springframework/schema/context/spring-context.xsd www.springframework/schema/tx www.springframework/schema/tx/spring-tx.xsd www.springframework/schema/cache www.springframework/schema/cache/spring-cache.xsd">  <context:component-scan base-package="be.omniatravel.service" />  <bean class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer"> <constructor-arg> <bean class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor"> <property name="config"> <bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig"> <property name="algorithm" value="PBEWithMD5AndDES" /> <property name="passwordEnvName" value="APP_ENCRYPTION_PASSWORD" /> </bean> </property> </bean> </constructor-arg> <property name="locations"> <list> <value>file:${catalina.base}/conf/omniatravel.properties</value> </list> </property> </bean> <bean id="dataSource" class="org.apachemons.dbcp.BasicDataSource" destroy-method="close"> <property name="sunnycarsMarshallerUri"> <value>${sunnycars.marshallerUri}</value> </property> <property name="sunnycarsServiceUri"> <value>${sunnycars.serviceUri}</value> </property> <property name="sunnycarsContextPath"> <value>${sunnycars.contextPath}</value> </property> <property name="sunnycarsOperatingKey"> <value>${sunnycars.operatingKey}</value> </property> <property name="sunnycarsPassphrase"> <value>${sunnycars.passphrase}</value> </property> </bean> <tx:annotation-driven /> </beans>

但我仍然不清楚我应该如何从我的Java代码访问这些。

But it's still not clear to me how I should access these from my Java code.

同样在propeties文件中，我应该用 sunnycars.operatingKey = enc（ENCRYPTED_KEY）替换 sunnycars.operatingKey = THE_KEY ，但是如何你得到ENCRYPTED_KEY值吗？

Also in the propeties files I should replace sunnycars.operatingKey = THE_KEY with sunnycars.operatingKey = enc(ENCRYPTED_KEY), but how do you get the ENCRYPTED_KEY value?

推荐答案

首先你必须从 www.jasypt/

和尝试在 cmd 中运行 encrypt.dat 文件，具有以下命令，如

and Try to run encrypt.dat file with following command in cmd like

encrypt.date input = [您的属性文件值] password = [加密密钥值] 它将生成输出的加密值，您需要在属性文件替换为

encrypt.date input=[YOUR PROPERTY FILE VALUE] password=[encryption key value] it will generate output of encrypted value which you need to replace at properties file with

= ENC（输出加密值）

=ENC(output encrypted value)

.. <bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig"> <property name="algorithm" value="PBEWithMD5AndDES" /> <property name="password" value="APP_ENCRYPTION_PASSWORD" /> </bean> ..

您还可以在类文件中硬编码密码，并分配给bean以及

you can also hardcode password at class file and assign to bean as well

其中Key.keyValue是Key类的静态方法。

where Key.keyValue is Static method of Key class.

更多推荐

Spring加密和解密属性文件中的API密钥