文件加密并上传到hdfs中, 分享一下优雅的文件加密方法
hdfs上传每个公司可能不一样, 使用的时候自己调整一下
点击(此处)折叠或打开
- import com.meili.erp.common.MsgConstants;
- import com.meili.erp.common.exception.ErpException;
- import com.meili.erp.util.DateUtil;
- import com.meili.erp.util.LogUtil;
- import org.apache.hadoop.conf.Configuration;
- import org.apache.hadoop.fs.FSDataInputStream;
- import org.apache.hadoop.fs.FSDataOutputStream;
- import org.apache.hadoop.fs.FileSystem;
- import org.apache.hadoop.fs.Path;
- import org.apache.hadoop.io.IOUtils;
- import org.springframework.beans.factory.annotation.Value;
- import org.springframework.stereotype.Service;
- import javax.annotation.PostConstruct;
- import javax.crypto.Cipher;
- import javax.crypto.CipherInputStream;
- import javax.crypto.SecretKey;
- import javax.crypto.SecretKeyFactory;
- import javax.crypto.spec.DESKeySpec;
- import javax.crypto.spec.IvParameterSpec;
- import java.io.File;
- import java.io.InputStream;
- import java.security.SecureRandom;
- /**
- * hdfs服务层操作类
- */
- @Service
- public class HDFSUtil {
- @Value("${hdfs_data_path}")
- private String hdfsDataPath;
- @Value("${hdfs_data_user}")
- private String hdfsUser;
- private Configuration conf;
- private FileSystem hdfs;
- private static final String PASSKEY = "XXXX";
- private static final String DESKEY = "XXXX";
- @PostConstruct
- public void init() {
- conf = new Configuration();
- System.setProperty("HADOOP_USER_NAME", hdfsUser);
- try {
- hdfs = FileSystem.get(conf);
- } catch (Exception e) {
- LogUtil.error("HDFS 初始化失败:" + e.getMessage(), e);
- }
- }
- /**
- * 加密文件,并且上传到hdfs中
- * @param inputStream
- */
- public String upload(InputStream inputStream) throws Exception {
- CipherInputStream cis = null;
- Integer forder = DateUtil.getThisDay();
- String fileName = DateUtil.now().toString();
- SecureRandom sr = new SecureRandom();
- DESKeySpec dks = new DESKeySpec(DESKEY.getBytes("UTF-8"));
- SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
- SecretKey securekey = keyFactory.generateSecret(dks);
- IvParameterSpec iv = new IvParameterSpec(PASSKEY.getBytes("UTF-8"));
- Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
- cipher.init(Cipher.ENCRYPT_MODE, securekey, iv, sr);
- cis = new CipherInputStream(inputStream, cipher);
- FSDataOutputStream output = null;
- try {
- String folder = hdfsDataPath + File.separator + forder;
- Path folderPath = new Path(folder);
- if (!hdfs.exists(folderPath)) {
- hdfs.mkdirs(folderPath);
- }
- Path dst = new Path(folder + File.separator + fileName);
- output = hdfs.create(dst);
- int reads;
- byte buf[] = new byte[8192];
- while ((reads = cis.read(buf)) > 0) {
- output.write(buf, 0, reads);
- }
- } catch (Exception ex) {
- throw new Exception("附件上传失败|uuid:" + fileName, ex);
- } finally {
- IOUtils.closeStream(inputStream);
- IOUtils.closeStream(cis);
- IOUtils.closeStream(output);
- }
- return forder + File.separator + fileName;
- }
- /**
- * 从hdfs中拿到文件并且解密
- * @param path
- * @return
- * @throws Exception
- */
- public InputStream download(String path) throws Exception {
- SecureRandom sr = new SecureRandom();
- DESKeySpec dks = new DESKeySpec(DESKEY.getBytes("UTF-8"));
- SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
- SecretKey securekey = keyFactory.generateSecret(dks);
- IvParameterSpec iv = new IvParameterSpec(PASSKEY.getBytes("UTF-8"));
- Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
- cipher.init(Cipher.DECRYPT_MODE, securekey, iv, sr);
- FSDataInputStream in = null;
- try {
- Path f = new Path(hdfsDataPath + File.separator + path);
- boolean isExists = hdfs.exists(f);
- if (isExists) {
- in = hdfs.open(f);
- return new CipherInputStream(in.getWrappedStream(), cipher);
- }
- throw new ErpException(MsgConstants.CONTRACT_DATE_END_IS_EMPTY);
- } catch (ErpException ex) {
- throw ex;
- } catch (Exception ex) {
- throw new Exception("下载附件异常:" + path);
- }
- }
- }