本文介绍了如何使用Mybatis拦截器来实现数据库字段的加密和解密,包括使用数据库内置函数加密,定义注解如SensitiveData、EncryptField和EncryptClass,加密和解密工具类的接口与实现,以及参数和结果集拦截器的配置。此外,还提供了在业务方法中更新脱敏字段后的视图返回处理方法。
1.使用数据库本身自有的函数进行加密
UPDATE tuc_user SET mobileNo = HEX(AES_ENCRYPT(mobileNo, ‘xxxxxx’));
2.注解类
2.1 SensitiveData
package com.wisedu.campuses.sensitive;
import java.lang.annotation.*;
/**
* @author MR.MEI
*/
@Inherited
@Target({
ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
public @interface SensitiveData {
}
2.2 EncryptField
package com.wisedu.campuses.sensitive;
import java.lang.annotation.*;
/**
* @author MR.MEI
*/
@Documented
@Inherited
@Target({
ElementType.FIELD, ElementType.PARAMETER})
@Retention(RetentionPolicy.RUNTIME)
public @interface EncryptField {
String value() default "";
}
2.3 EncryptClass
package com.wisedu.campuses.sensitive;
import java.lang.annotation.*;
/**
* @author MR.MEI
*/
@Documented
@Inherited
@Target({
ElementType.FIELD})
@Retention(RetentionPolicy.RUNTIME)
public @interface EncryptClass {
}
3.加密工具类
3.1 接口
package com.wisedu.campuses.sensitive;
import java.lang.reflect.Field;
import java.util.List;
/**
* @author MR.MEI
*/
public interface IEncryptUtil {
/**
* 加密
*
* @param declaredFields 加密字段
* @param paramsObject 对象
* @param <T> 入参类型
* @return 返回加密
* @throws IllegalAccessException 不可访问
*/
<T> T encrypt(List<Field[]> declaredFields, T paramsObject) throws IllegalAccessException;
}
3.2 实现类
package com.wisedu.campuses.sensitive;
import cn.hutool.core.lang.Validator;
import com.wisedu.campuses.utils.DBAESUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Component;
import javax.crypto.IllegalBlockSizeException;
import java.lang.reflect.Field;
import java.util.List;
import java.util.Objects;
@Slf4j
@Component
public class EncryptUtilImpl implements IEncryptUtil {
@Override
public <T> T encrypt(List<Field[]> declaredFields, T paramsObject) throws IllegalAccessException {
//取出所有被EncryptTransaction注解的字段
for (Field[] declaredField : declaredFields) {
for (Field field : declaredField) {
EncryptField encryptTransaction = field.getAnnotation(EncryptField.class);
if (!Objects.isNull(encryptTransaction)) {
field.setAccessible(true);
Object object = field.get(paramsObject);
//暂时只实现String类型的加密
if (object instanceof String) {
String value = (String) object;
//加密
try {
if(StringUtils.isNotEmpty(value)){
//防止重复加密
if(Validator.isHex(value) && value.length()>=32){
try {
String decrypt = DBAESUtil.decrypt(value);
if(StringUtils.isNotEmpty(decrypt)){
value = decrypt;
}
}catch (IllegalBlockSizeException e){
log.error(e.getMessage(), e);
}
}
field.set(paramsObject, DBAESUtil.encrypt(value));
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
}
return paramsObject;
}
}
4.解密工具类
4.1 接口
package com.wisedu.campuses.sensitive;
/**
* @author MR.MEI
*/
public interface IDecryptUtil {
/**
* 解密
*
* @param result resultType的实例
* @return T
* @throws IllegalAccessException 字段不可访问异常
*/
<T> T decrypt(T result) throws IllegalAccessException;
}
4.2 实现类
package com.wisedu.campuses.sensitive;
import cn.hutool.core.lang.Validator;
import com.google.common.collect.Lists;
import com.wisedu.campuses.utils.DBAESUtil;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Component;
import java.lang.reflect.Field;
import java.util.List;
import java.util.Objects;
@Component
public class DecryptImpl implements IDecryptUtil {
/**
* 解密
*
* @param result resultType的实例
*/
@Override
public <T> T decrypt(T result) throws IllegalAccessException {
List<Field[]> fieldsList = Lists.newArrayList();
//取出resultType的类
Class<?> resultClass = result.getClass();
while (null != resultClass){
fieldsList.
最低0.47元/天 解锁文章
扫一扫
3万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
