当我执行我的 Spring Boot 应用程序时,我覆盖了生命周期中一个名为postConstruct的方法,当我想设置一些特定的属性时,例如server.ssl.key-store-password和server.ssl.trust-store-password这里是我的代码:@PostConstruct private void postConstruct() { try { Map<String, String> encryptedPass = new HashMap<String,String>(); System.getProperties().setProperty("server.ssl.key-store-password","decryptedpass1"); System.getProperties().setProperty("server.ssl.trust-store-password","decryptedpass2"); logger.info("########decryptedpass1 "+System.getProperty("server.ssl.key-store-password")); //return decryptedpass1 logger.info("########decryptedpass2 "+System.getProperty("server.ssl.trust-store-password"));//return decryptedpass2 } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } }控制台上打印得很好,但我有一个例外java.security.UnrecoverableKeyException: Password verification failed!那么我怎样才能覆盖真正的(application.propoerties)
1 回答
慕斯709654
TA贡献1840条经验 获得超5个赞
您必须使用相同的算法来加密/解密密码,为此,这个算法可以为您工作:
//encrypt password
String ALGORITHM = "PBKDF2WithHmacSHA256";
String KEYPATH = "/home/apiuser/toto";
String SECRET = "SECRET";
int ITERATIONCOUNT = 65536;
int KEYSIZE = 256;
String password = "pass";
SecretKeyFactory factory = SecretKeyFactory.getInstance(ALGORITHM);
PBEKeySpec spec = new PBEKeySpec(SECRET.toCharArray(), salt.getBytes(), ITERATIONCOUNT, KEYSIZE);
SecretKey secretKey = factory.generateSecret(spec);
SecretKeySpec secret = new SecretKeySpec(secretKey.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secret);
byte[] ivBytes = cipher.getParameters().getParameterSpec(IvParameterSpec.class).getIV();
Map<String,String> encryptedPasswords = new HashMap<String,String>();
byte[] encryptedTextBytes = cipher.doFinal(password.getBytes("UTF-8"));
byte[] finalByteArray = new byte[ivBytes.length + encryptedTextBytes.length];
System.arraycopy(ivBytes, 0, finalByteArray, 0, ivBytes.length);
System.arraycopy(encryptedTextBytes, 0, finalByteArray, ivBytes.length, encryptedTextBytes.length);
String encryptedpass= DatatypeConverter.printBase64Binary(finalByteArray);
public static String generateSalt() {
return KeyGenerators.string().generateKey();
}
//decrypt password
String ALGORITHM = "PBKDF2WithHmacSHA256";
String SECRET = "SECRET";
String key = "salt_key";
String encryptedPasswords = "encodedpass";
encryptedPassword = encryptedPasswords.get(key);
if (encryptedPassword.length() <= IV_LENGTH) {
throw new Exception("The input string is not long enough to contain the initialisation bytes and data.");
}
byte[] byteArray = DatatypeConverter.parseBase64Binary(encryptedPassword);
byte[] ivBytes = new byte[IV_LENGTH];
System.arraycopy(byteArray, 0, ivBytes, 0, 16);
byte[] encryptedTextBytes = new byte[byteArray.length - ivBytes.length];
System.arraycopy(byteArray, IV_LENGTH, encryptedTextBytes, 0, encryptedTextBytes.length);
SecretKeyFactory factory = SecretKeyFactory.getInstance(ALGORITHM);
PBEKeySpec spec = new PBEKeySpec(SECRET.toCharArray(), key.getBytes(), 65536, 256);
SecretKey secretKey = factory.generateSecret(spec);
SecretKeySpec secret = new SecretKeySpec(secretKey.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(ivBytes));
byte[] decryptedTextBytes = cipher.doFinal(encryptedTextBytes);
添加回答
举报
0/150
提交
取消