文件加密并上传到hdfs中, 分享一下优雅的文件加密方法
hdfs上传每个公司可能不一样, 使用的时候自己调整一下
-
import com.meili.erp.common.MsgConstants;
-
import com.meili.erp.common.exception.ErpException;
-
import com.meili.erp.util.DateUtil;
-
import com.meili.erp.util.LogUtil;
-
import org.apache.hadoop.conf.Configuration;
-
import org.apache.hadoop.fs.FSDataInputStream;
-
import org.apache.hadoop.fs.FSDataOutputStream;
-
import org.apache.hadoop.fs.FileSystem;
-
import org.apache.hadoop.fs.Path;
-
import org.apache.hadoop.io.IOUtils;
-
import org.springframework.beans.factory.annotation.Value;
-
import org.springframework.stereotype.Service;
-
-
import javax.annotation.PostConstruct;
-
import javax.crypto.Cipher;
-
import javax.crypto.CipherInputStream;
-
import javax.crypto.SecretKey;
-
import javax.crypto.SecretKeyFactory;
-
import javax.crypto.spec.DESKeySpec;
-
import javax.crypto.spec.IvParameterSpec;
-
import java.io.File;
-
import java.io.InputStream;
-
import java.security.SecureRandom;
-
-
/**
-
* hdfs服务层操作类
-
*/
-
@Service
-
public class HDFSUtil {
-
@Value("${hdfs_data_path}")
-
private String hdfsDataPath;
-
@Value("${hdfs_data_user}")
-
private String hdfsUser;
-
-
private Configuration conf;
-
private FileSystem hdfs;
-
-
private static final String PASSKEY = "XXXX";
-
private static final String DESKEY = "XXXX";
-
-
-
@PostConstruct
-
public void init() {
-
conf = new Configuration();
-
System.setProperty("HADOOP_USER_NAME", hdfsUser);
-
try {
-
hdfs = FileSystem.get(conf);
-
} catch (Exception e) {
-
LogUtil.error("HDFS 初始化失败:" + e.getMessage(), e);
-
}
-
}
-
-
/**
-
* 加密文件,并且上传到hdfs中
-
* @param inputStream
-
*/
-
public String upload(InputStream inputStream) throws Exception {
-
CipherInputStream cis = null;
-
Integer forder = DateUtil.getThisDay();
-
String fileName = DateUtil.now().toString();
-
SecureRandom sr = new SecureRandom();
-
DESKeySpec dks = new DESKeySpec(DESKEY.getBytes("UTF-8"));
-
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
-
SecretKey securekey = keyFactory.generateSecret(dks);
-
IvParameterSpec iv = new IvParameterSpec(PASSKEY.getBytes("UTF-8"));
-
Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
-
cipher.init(Cipher.ENCRYPT_MODE, securekey, iv, sr);
-
cis = new CipherInputStream(inputStream, cipher);
-
-
FSDataOutputStream output = null;
-
try {
-
String folder = hdfsDataPath + File.separator + forder;
-
Path folderPath = new Path(folder);
-
if (!hdfs.exists(folderPath)) {
-
hdfs.mkdirs(folderPath);
-
}
-
-
Path dst = new Path(folder + File.separator + fileName);
-
output = hdfs.create(dst);
-
int reads;
-
byte buf[] = new byte[8192];
-
while ((reads = cis.read(buf)) > 0) {
-
output.write(buf, 0, reads);
-
}
-
} catch (Exception ex) {
-
throw new Exception("附件上传失败|uuid:" + fileName, ex);
-
} finally {
-
IOUtils.closeStream(inputStream);
-
IOUtils.closeStream(cis);
-
IOUtils.closeStream(output);
-
}
-
return forder + File.separator + fileName;
-
}
-
-
/**
-
* 从hdfs中拿到文件并且解密
-
* @param path
-
* @return
-
* @throws Exception
-
*/
-
public InputStream download(String path) throws Exception {
-
SecureRandom sr = new SecureRandom();
-
DESKeySpec dks = new DESKeySpec(DESKEY.getBytes("UTF-8"));
-
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
-
SecretKey securekey = keyFactory.generateSecret(dks);
-
IvParameterSpec iv = new IvParameterSpec(PASSKEY.getBytes("UTF-8"));
-
Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
-
cipher.init(Cipher.DECRYPT_MODE, securekey, iv, sr);
-
-
FSDataInputStream in = null;
-
try {
-
Path f = new Path(hdfsDataPath + File.separator + path);
-
boolean isExists = hdfs.exists(f);
-
if (isExists) {
-
in = hdfs.open(f);
-
return new CipherInputStream(in.getWrappedStream(), cipher);
-
}
-
throw new ErpException(MsgConstants.CONTRACT_DATE_END_IS_EMPTY);
-
} catch (ErpException ex) {
-
throw ex;
-
} catch (Exception ex) {
-
throw new Exception("下载附件异常:" + path);
-
}
-
-
}
-
-
}
阅读(1529) | 评论(0) | 转发(0) |
