标签:rate start plugin temp required The 获取 array key
//继承JbootAppListenerBase @Override public void onPluginConfig(JfinalPlugins plugins) { PropKit.use("config.properties"); Prop prop=PropKit.use("jdbc.properties"); String url = prop.get("jdbcUrl"); String username = prop.get("user"); String password = prop.get("password"); // String privateKey = PropKit.get("privateKey"); String publicKey = prop.get("publicKey"); String driverClass = prop.get("driverClass"); String filters = prop.get("filters");//监控统计:"stat" 、 防SQL注入:"wall"、使用加密:"config" int initialSize = prop.getInt("db.initialSize"); int minIdle = prop.getInt("db.minIdle"); int maxActive = prop.getInt("db.maxActive"); long maxWait = prop.getLong("db.maxWait"); //DB+Record DruidPlugin druidPlugin = new DruidPlugin(url, username, password, driverClass, filters); druidPlugin.setPublicKey(publicKey);//数据库密码加密 druidPlugin.addFilter(new StatFilter()); druidPlugin.set(initialSize, minIdle, maxActive); druidPlugin.setMaxWait(maxWait); druidPlugin.setName(prop.get("poolName")); druidPlugin.start(); plugins.add(druidPlugin); //处理Model方式获取数据源、连接数据库 ActiveRecordPlugin activeRecordPlugin = new ActiveRecordPlugin(druidPlugin); activeRecordPlugin.setShowSql(false); DataSourceConfig datasourceConfig = Jboot.config(DataSourceConfig.class, "jboot.datasource"); datasourceConfig.setUrl(url); datasourceConfig.setDriverClassName(driverClass); datasourceConfig.setType(prop.get("type")); datasourceConfig.setUser(username); datasourceConfig.setPassword(password); datasourceConfig.setName(prop.get("name")); datasourceConfig.setPrepStmtCacheSize(prop.getInt("prepStmtCacheSize")); datasourceConfig.setPrepStmtCacheSqlLimit(prop.getInt("prepStmtCacheSqlLimit")); datasourceConfig.setCachePrepStmts(prop.getBoolean("cachePrepStmts")); datasourceConfig.setMinimumIdle(prop.getInt("minimumIdle")); datasourceConfig.setMaximumPoolSize(prop.getInt("maximumPoolSize")); datasourceConfig.setNeedAddMapping(prop.getBoolean("needAddMapping")); DataSourceConfigManager.me().addConfig(datasourceConfig); //获得该数据源匹配的表 List<TableInfo> tableInfos = TableInfoManager.me().getMatchTablesInfos(datasourceConfig); for (TableInfo ti : tableInfos) { if (StrUtil.isNotBlank(ti.getPrimaryKey())) { activeRecordPlugin.addMapping(ti.getTableName(), ti.getPrimaryKey(), (Class<? extends Model<?>>) ti.getModelClass()); } else { activeRecordPlugin.addMapping(ti.getTableName(), (Class<? extends Model<?>>) ti.getModelClass()); } } //template,DbKit activeRecordPlugin.addSqlTemplate(prop.get("sqlTemplate")); activeRecordPlugin.start(); plugins.add(activeRecordPlugin); }
driverClass = com.mysql.jdbc.Driver jdbcUrl = jdbc\:mysql\://127.0.0.1\:3306/use?characterEncoding\=utf8&useSSL\=false filters = stat,wall,config user = #password = password = #privateKey= publicKey= poolName=xbzx-subscriber db.initialSize=10 db.minIdle=20 db.maxActive=500 db.maxWait=60000 #dataSourceConfig type=mysql name=main prepStmtCacheSize=500 prepStmtCacheSqlLimit=2048 cachePrepStmts=true minimumIdle=0 maximumPoolSize=10 needAddMapping=true sqlTemplate=/sql/sys.sql
*jfinal 模板sql
*加密druid数据源
*私钥自己持有,私钥可以解密,公钥加密
方式一:
java -cp druid-1.0.20.jar com.alibaba.druid.filter.config.ConfigTools user
(user为数据库密码)
方式二
参考源码
/* * Copyright 1999-2101 Alibaba Group Holding Ltd. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.alibaba.druid.filter.config; import java.io.ByteArrayOutputStream; import java.io.FileInputStream; import java.security.InvalidKeyException; import java.security.Key; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.RSAPrivateKeySpec; import java.security.spec.RSAPublicKeySpec; import java.security.spec.X509EncodedKeySpec; import javax.crypto.Cipher; import com.alibaba.druid.util.Base64; import com.alibaba.druid.util.JdbcUtils; public class ConfigTools { private static final String DEFAULT_PRIVATE_KEY_STRING = "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAocbCrurZGbC5GArEHKlAfDSZi7gFBnd4yxOt0rwTqKBFzGyhtQLu5PRKjEiOXVa95aeIIBJ6OhC2f8FjqFUpawIDAQABAkAPejKaBYHrwUqUEEOe8lpnB6lBAsQIUFnQI/vXU4MV+MhIzW0BLVZCiarIQqUXeOhThVWXKFt8GxCykrrUsQ6BAiEA4vMVxEHBovz1di3aozzFvSMdsjTcYRRo82hS5Ru2/OECIQC2fAPoXixVTVY7bNMeuxCP4954ZkXp7fEPDINCjcQDywIgcc8XLkkPcs3Jxk7uYofaXaPbg39wuJpEmzPIxi3k0OECIGubmdpOnin3HuCP/bbjbJLNNoUdGiEmFL5hDI4UdwAdAiEAtcAwbm08bKN7pwwvyqaCBC//VnEWaq39DCzxr+Z2EIk="; public static final String DEFAULT_PUBLIC_KEY_STRING = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKHGwq7q2RmwuRgKxBypQHw0mYu4BQZ3eMsTrdK8E6igRcxsobUC7uT0SoxIjl1WveWniCASejoQtn/BY6hVKWsCAwEAAQ=="; public static void main(String[] args) throws Exception { String password = args[0]; String[] arr = genKeyPair(512); System.out.println("privateKey:" + arr[0]); System.out.println("publicKey:" + arr[1]); System.out.println("password:" + encrypt(arr[0], password)); } public static String decrypt(String cipherText) throws Exception { return decrypt((String) null, cipherText); } public static String decrypt(String publicKeyText, String cipherText) throws Exception { PublicKey publicKey = getPublicKey(publicKeyText); return decrypt(publicKey, cipherText); } public static PublicKey getPublicKeyByX509(String x509File) { if (x509File == null || x509File.length() == 0) { return ConfigTools.getPublicKey(null); } FileInputStream in = null; try { in = new FileInputStream(x509File); CertificateFactory factory = CertificateFactory .getInstance("X.509"); Certificate cer = factory.generateCertificate(in); return cer.getPublicKey(); } catch (Exception e) { throw new IllegalArgumentException("Failed to get public key", e); } finally { JdbcUtils.close(in); } } public static PublicKey getPublicKey(String publicKeyText) { if (publicKeyText == null || publicKeyText.length() == 0) { publicKeyText = ConfigTools.DEFAULT_PUBLIC_KEY_STRING; } try { byte[] publicKeyBytes = Base64.base64ToByteArray(publicKeyText); X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec( publicKeyBytes); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return keyFactory.generatePublic(x509KeySpec); } catch (Exception e) { throw new IllegalArgumentException("Failed to get public key", e); } } public static PublicKey getPublicKeyByPublicKeyFile(String publicKeyFile) { if (publicKeyFile == null || publicKeyFile.length() == 0) { return ConfigTools.getPublicKey(null); } FileInputStream in = null; try { in = new FileInputStream(publicKeyFile); ByteArrayOutputStream out = new ByteArrayOutputStream(); int len = 0; byte[] b = new byte[512 / 8]; while ((len = in.read(b)) != -1) { out.write(b, 0, len); } byte[] publicKeyBytes = out.toByteArray(); X509EncodedKeySpec spec = new X509EncodedKeySpec(publicKeyBytes); KeyFactory factory = KeyFactory.getInstance("RSA"); return factory.generatePublic(spec); } catch (Exception e) { throw new IllegalArgumentException("Failed to get public key", e); } finally { JdbcUtils.close(in); } } public static String decrypt(PublicKey publicKey, String cipherText) throws Exception { Cipher cipher = Cipher.getInstance("RSA"); try { cipher.init(Cipher.DECRYPT_MODE, publicKey); } catch (InvalidKeyException e) { // 因为 IBM JDK 不支持私钥加密, 公钥解密, 所以要反转公私钥 // 也就是说对于解密, 可以通过公钥的参数伪造一个私钥对象欺骗 IBM JDK RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; RSAPrivateKeySpec spec = new RSAPrivateKeySpec(rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent()); Key fakePrivateKey = KeyFactory.getInstance("RSA").generatePrivate(spec); cipher = Cipher.getInstance("RSA"); //It is a stateful object. so we need to get new one. cipher.init(Cipher.DECRYPT_MODE, fakePrivateKey); } if (cipherText == null || cipherText.length() == 0) { return cipherText; } byte[] cipherBytes = Base64.base64ToByteArray(cipherText); byte[] plainBytes = cipher.doFinal(cipherBytes); return new String(plainBytes); } public static String encrypt(String plainText) throws Exception { return encrypt((String) null, plainText); } public static String encrypt(String key, String plainText) throws Exception { if (key == null) { key = DEFAULT_PRIVATE_KEY_STRING; } byte[] keyBytes = Base64.base64ToByteArray(key); return encrypt(keyBytes, plainText); } public static String encrypt(byte[] keyBytes, String plainText) throws Exception { PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes); KeyFactory factory = KeyFactory.getInstance("RSA"); PrivateKey privateKey = factory.generatePrivate(spec); Cipher cipher = Cipher.getInstance("RSA"); try { cipher.init(Cipher.ENCRYPT_MODE, privateKey); } catch (InvalidKeyException e) { //For IBM JDK, 原因请看解密方法中的说明 RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) privateKey; RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(rsaPrivateKey.getModulus(), rsaPrivateKey.getPrivateExponent()); Key fakePublicKey = KeyFactory.getInstance("RSA").generatePublic(publicKeySpec); cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, fakePublicKey); } byte[] encryptedBytes = cipher.doFinal(plainText.getBytes("UTF-8")); String encryptedString = Base64.byteArrayToBase64(encryptedBytes); return encryptedString; } public static byte[][] genKeyPairBytes(int keySize) throws NoSuchAlgorithmException { byte[][] keyPairBytes = new byte[2][]; KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA"); gen.initialize(keySize, new SecureRandom()); KeyPair pair = gen.generateKeyPair(); keyPairBytes[0] = pair.getPrivate().getEncoded(); keyPairBytes[1] = pair.getPublic().getEncoded(); return keyPairBytes; } public static String[] genKeyPair(int keySize) throws NoSuchAlgorithmException { byte[][] keyPairBytes = genKeyPairBytes(keySize); String[] keyPairs = new String[2]; keyPairs[0] = Base64.byteArrayToBase64(keyPairBytes[0]); keyPairs[1] = Base64.byteArrayToBase64(keyPairBytes[1]); return keyPairs; } }
标签:rate start plugin temp required The 获取 array key
原文地址:https://www.cnblogs.com/zzlcome/p/11179973.html