针对客户要求敏感信息需要加密处理,并解密显示在页面上,比如用户名、手机号等敏感信息,如何针对多个字段进行处理:
1、Mybatis里面有一个TypeHandler可以解决这个问题,只需要在需要加密/解密的字段上使用@TableField(typeHandler = AesTypeHandler.class)(AesTypeHandler是自定义的TypeHandler),包含该字段的实体上使用@TableName(autoResultMap = true)即可,或者使用resultMap来进行映射也可以
首先引入Hutool的AES加密工具
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.7.9</version>
</dependency>
创建加密工具类
package com.test.hello.utils;
import cn.hutool.core.util.HexUtil;
import cn.hutool.crypto.SecureUtil;
import org.apache.commons.lang3.StringUtils;
public class AESUtil {
private static final String AES_KEY = "key自定义16位即可";
public static String Encrypt(String sSrc) {
try {
byte[] raw = sKey.getBytes("utf-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
//"算法/模式/补码方式"
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8"));
//此处使用BASE64做转码功能,同时能起到2次加密的作用。
return new Base64().encodeToString(encrypted);
} catch (Exception e) {
return null;
}
}
// 解密
public static String Decrypt(String sSrc) {
try {
byte[] raw = sKey.getBytes("utf-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
//先用base64解密
byte[] encrypted1 = new Base64().decode(sSrc);
try {
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, "utf-8");
return originalString;
} catch (Exception e) {
System.out.println(e.toString());
return null;
}
} catch (Exception ex) {
System.out.println(ex.toString());
return null;
}
}
创建自定义的AesTypeHandler
package com.test.hello.config;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.qjc.utils.AESUtil;
import org.apache.ibatis.type.BaseTypeHandler;
import org.apache.ibatis.type.JdbcType;
import org.apache.ibatis.type.MappedJdbcTypes;
import org.apache.ibatis.type.MappedTypes;
import java.sql.CallableStatement;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
/** 数据库中的数据类型 */
@MappedJdbcTypes(JdbcType.VARCHAR)
/** 处理后的数据类型 */
@MappedTypes(value = String.class)
public class AesTypeHandler extends BaseTypeHandler {
@Override
public void setNonNullParameter(PreparedStatement ps, int i, Object parameter, JdbcType jdbcType) throws SQLException {
ps.setString(i, AESUtil.encrypt((String) parameter));
}
@Override
public String getNullableResult(ResultSet rs, String columnName) throws SQLException {
return StringUtils.isBlank(rs.getString(columnName)) ? rs.getString(columnName) : AESUtil.decrypt(rs.getString(columnName));
}
@Override
public String getNullableResult(ResultSet rs, int columnIndex) throws SQLException {
return StringUtils.isBlank(rs.getString(columnIndex)) ? rs.getString(columnIndex) : AESUtil.decrypt(rs.getString(columnIndex));
}
@Override
public String getNullableResult(CallableStatement cs, int columnIndex) throws SQLException {
return StringUtils.isBlank(cs.getString(columnIndex)) ? cs.getString(columnIndex) : AESUtil.decrypt(cs.getString(columnIndex));
}
}
在实体上使用
package com.test.hello.entity;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import com.baomidou.mybatisplus.extension.activerecord.Model;
import java.time.LocalDateTime;
import com.qjc.config.AesTypeHandler;
import lombok.Data;
import lombok.EqualsAndHashCode;
@Data
@EqualsAndHashCode(callSuper = true)
@TableName(value = "base_user", autoResultMap = true)
public class BaseUser extends Model {
private static final long serialVersionUID = 1L;
@TableId("id")
private Long id;
@TableField(typeHandler = AesTypeHandler.class)
private String name;
@TableField(typeHandler = AesTypeHandler.class)
private String phone;
}
扫描二维码关注公众号,回复:
17296879 查看本文章