1.在工具包下加入加密类、解密类、工具类。
加密
/**
* 对敏感信息例如身份证、手机号进行加密
*
* @Author: qinencheng
* @Date: 2021/04/07
*/
public class SensitiveInfoDeserializer extends JsonDeserializer {
@Override
public String deserialize(JsonParser jsonParser, DeserializationContext deserializationContext)
throws IOException, JsonProcessingException {
String plainSensitiveInfo = jsonParser.getText();
try {
String cipherSensitiveInfo = SensitiveInfoUtil.encryptSensitiveInfoBak(plainSensitiveInfo);
return cipherSensitiveInfo;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}
在这里插入代码片
解密
/** 对敏感信息例如身份证、手机号进行解密
* @Author: qinencheng
* @Date: 20210407
*/
public class SensitiveInfoSerializer extends JsonSerializer {
@Override
public void serialize(Object value, JsonGenerator gen, SerializerProvider serializers) throws IOException, JsonProcessingException {
String cipherSensitiveInfo = String.valueOf(value);
try {
String plainSensitiveInfo = SensitiveInfoUtil.decryptSensitiveInfoBak(cipherSensitiveInfo);
gen.writeString(plainSensitiveInfo);
} catch (Exception e) {
e.printStackTrace();
}
}
}
工具类
public class SensitiveInfoUtil {
private static final Logger logger = LoggerFactory.getLogger(SensitiveInfoUtil.class);
private static final String DEFAULT_KEY = Constant.DB_SENSITIVE_INFORMATION_KEY;
/**
* 加密敏感信息
* @param originalInfo 原始待加密敏感信息字符串
* @return 加密后的信息字符串
*/
public static String encryptSensitiveInfo(String originalInfo) throws Exception {
return originalInfo;
}
/**
* 解密敏感信息
* @param encryptResult 被加密的敏感信息字符串
* @return 解密后的敏感信息
*/
public static String decryptSensitiveInfo(String encryptResult) throws Exception {
return encryptResult;
}
/**
* 加密敏感信息
* @param originalInfo 原始待加密敏感信息字符串
* @return 加密后的信息字符串
*/
public static String encryptSensitiveInfoBak(String originalInfo) throws Exception {
String encryptResult = null;
if(StringUtils.isBlank(originalInfo))
return originalInfo;
byte[] raw = DEFAULT_KEY.getBytes("utf-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");//"算法/模式/补码方式"
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(originalInfo.getBytes("utf-8"));
encryptResult = new BASE64Encoder().encode(encrypted);
return encryptResult;
}
/**
* 解密敏感信息
* @param encryptResult 被加密的敏感信息字符串
* @return 解密后的敏感信息
*/
public static String decryptSensitiveInfoBak(String encryptResult) throws Exception {
String originalInfo = null;
if(null == encryptResult || StringUtils.isBlank(encryptResult) || StringUtils.equals("null", encryptResult))
return "";
if(StringUtils.length(encryptResult) <= 20 || encryptResult.contains("_") || isContainChinese(encryptResult))
return encryptResult;
byte[] raw = DEFAULT_KEY.getBytes("utf-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] encrypted1 = new BASE64Decoder().decodeBuffer(encryptResult);//先用base64解密
byte[] original = cipher.doFinal(encrypted1);
originalInfo = new String(original, "utf-8");
return originalInfo;
}
private static boolean isContainChinese(String str) {
Pattern p = Pattern.compile("[\u4e00-\u9fa5]");
Matcher m = p.matcher(str);
if (m.find()) {
return true;
}
return false;
}
public static void main(String[] args) throws Exception {
// 需要加密的字串
String cSrc = "110108196607016033";
// System.out.println(cSrc);
// // 加密
// String enString = SensitiveInfoUtil.encryptSensitiveInfo(cSrc);
// System.out.println("加密后的字串是:" + enString);
String enString = SensitiveInfoUtil.encryptSensitiveInfoBak(cSrc);
System.out.println("加密后的字串是:" + enString);
//
// // 解密
String DeString = SensitiveInfoUtil.decryptSensitiveInfoBak("R7AdqCy0Pw/RZxjSObKuaI9EJ4rkC0P/1AcRZ2Rek+E=");
System.out.println("解密后的字串是:" + DeString);
//
// //String string = "130302198611121421";
// DeString = SensitiveInfoUtil.encryptSensitiveInfo(DeString);
// System.out.println("解密后的字串是:" + DeString);
//
// String string = "中国铁路北京局集团有限公司京沪高速铁路天津西站工程建设指挥部(洗涤)基础岗位";
// DeString = SensitiveInfoUtil.encryptSensitiveInfo(string);
// System.out.println("解密后的字串是:" + DeString);
// String string1 = "sr/0QyAxajVXdqR7/Pev2ncqrdyRUVleSETFuR7ItQA=";
// string1 = SensitiveInfoUtil.decryptSensitiveInfo(string1);
// System.out.println("解密后的字串是:" + string1);
/*string = "admin123";
DeString = SensitiveInfoUtil.encryptSensitiveInfo(string);
System.out.println("解密后的字串是:" + DeString);*/
}
}
2.使用注解序列化,反序列化。
/**
* 手机号
*/
@TableField(value = "TEL")
@ApiModelProperty(value = "手机号")
@JsonDeserialize(using = SensitiveInfoDeserializer.class)
@JsonSerialize(using = SensitiveInfoSerializer.class)
private String tel;