mybatis plus 实现敏感数据的加密

  • 2019 年 12 月 19 日
  • 筆記

最近在做项目,需要实现对身份证,密码等敏感数据的加密,即不能以明文存储密码到数据库。 上网查了一下资料,解决办法如下:

  1. 写加密解密的工具类
import org.apache.commons.codec.binary.Base64;    import javax.crypto.Cipher;  import javax.crypto.spec.IvParameterSpec;  import javax.crypto.spec.SecretKeySpec;    public class AES {        // 密钥      public static String key = "AD42F6697B035B7580E4FEF93BE20BAD";      private static String charset = "utf-8";      // 偏移量      private static int offset = 16;      private static String transformation = "AES/CBC/PKCS5Padding";      private static String algorithm = "AES";        /**       * 加密       *       * @param content       * @return       */      public static String encrypt(String content) {          return encrypt(content, key);      }        /**       * 解密       *       * @param content       * @return       */      public static String decrypt(String content) {          return decrypt(content, key);      }        /**       * 加密       *       * @param content 需要加密的内容       * @param key     加密密码       * @return       */      public static String encrypt(String content, String key) {          try {              SecretKeySpec skey = new SecretKeySpec(key.getBytes(), algorithm);              IvParameterSpec iv = new IvParameterSpec(key.getBytes(), 0, offset);              Cipher cipher = Cipher.getInstance(transformation);              byte[] byteContent = content.getBytes(charset);              cipher.init(Cipher.ENCRYPT_MODE, skey, iv);// 初始化              byte[] result = cipher.doFinal(byteContent);              return new Base64().encodeToString(result); // 加密          } catch (Exception e) {              // LogUtil.exception(e);          }          return null;      }        /**       * AES(256)解密       *       * @param content 待解密内容       * @param key     解密密钥       * @return 解密之后       * @throws Exception       */      public static String decrypt(String content, String key) {          try {                SecretKeySpec skey = new SecretKeySpec(key.getBytes(), algorithm);              IvParameterSpec iv = new IvParameterSpec(key.getBytes(), 0, offset);              Cipher cipher = Cipher.getInstance(transformation);              cipher.init(Cipher.DECRYPT_MODE, skey, iv);// 初始化              byte[] result = cipher.doFinal(new Base64().decode(content));              return new String(result); // 解密          } catch (Exception e) {              //LogUtil.exception(e);          }          return null;      }        public static void main(String[] args) throws Exception {          String s = "hello world";          // 加密          System.out.println("加密前:" + s);          String encryptResultStr = encrypt(s);          System.out.println("加密后:" + encryptResultStr);          // 解密          System.out.println("解密后:" + decrypt(encryptResultStr));      }  }
  1. 继承BaseTypeHandler ,实现对数据的转换
import org.apache.ibatis.type.BaseTypeHandler;  import org.apache.ibatis.type.JdbcType;    import java.sql.CallableStatement;  import java.sql.PreparedStatement;  import java.sql.ResultSet;  import java.sql.SQLException;    /**   * @author starmark   * @date 19-12-17  下午8:38   */  public class AESEncryptHandler extends BaseTypeHandler {      @Override      public void setNonNullParameter(PreparedStatement ps, int i, Object parameter, JdbcType jdbcType) throws SQLException {          ps.setString(i, AES.encrypt((String)parameter));      }      @Override      public String getNullableResult(ResultSet rs, String columnName) throws SQLException {          String columnValue = rs.getString(columnName);          return AES.decrypt(columnValue);      }      @Override      public String getNullableResult(ResultSet rs, int columnIndex) throws SQLException {          String columnValue = rs.getString(columnIndex);          return AES.decrypt(columnValue);      }      @Override      public String getNullableResult(CallableStatement cs, int columnIndex)              throws SQLException {          String columnValue = cs.getString(columnIndex);          return AES.decrypt(columnValue);      }  }
  1. 有po类中,实现相关类型注解,
/**   * 用户管理   */    @Data  @EqualsAndHashCode(callSuper = false)  @TableName(autoResultMap = true)  public class SysOrgUser extends BaseUpdateModel {          /**       * 登陆帐户       */      private String loginName;      /**       * 密码       */      @TableField(typeHandler = AESEncryptHandler.class)      private String password;

至此,密码等敏感信息已处理好。