Mybatis plus 数据加密

数据加密重中之重个铁铁

先准备加解密工具类

package com.byyl.web.utils;


import org.springframework.util.Base64Utils;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import java.security.SecureRandom;


/**
 * DES加密工具类
 */
public class DES {

    private static final String algorithm = "DES";
    private static final String key = "sssss";

    /**
     * 加密
     *
     * @return
     * @throws Exception
     */
    public static String encrypt(String data){
        try {
            byte[] bt = encrypt(data.getBytes(), key.getBytes());
            return Base64Utils.encodeToString(bt);
        }catch (Exception e){
            return null;
        }
    }


    /**
     * 解密
     *
     * @return
     * @throws Exception
     */
    public static String decrypt(String data){
        if (data == null) return null;
        try{
            byte[] bt = decrypt(Base64Utils.decodeFromString(data), key.getBytes());
            return new String(bt);
        }catch (Exception e){
            return null;
        }
    }

    /**
     * 根据键值进行加密
     */
    private static byte[] encrypt(byte[] data, byte[] key) throws Exception {
        return initCipher(data, key, Cipher.ENCRYPT_MODE);
    }

    /**
     * 根据键值进行解密
     */
    private static byte[] decrypt(byte[] data, byte[] key) throws Exception {
        return initCipher(data, key, Cipher.DECRYPT_MODE);
    }

    public static byte[] initCipher(byte[] data, byte[] key, int decryptMode) throws Exception {
        /** 生成一个可信任的随机数源 **/
        SecureRandom sr = new SecureRandom();
        /** 从原始密钥数据创建DESKeySpec对象 **/
        DESKeySpec dks = new DESKeySpec(key);
        /** 创建一个密钥工厂，然后用它把DESKeySpec转换成SecretKey对象 **/
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
        /** 将DESKeySpec对象转换成SecretKey对象 **/
        SecretKey securekey = keyFactory.generateSecret(dks);
        /** Cipher对象实际完成加密或解密操作 **/
        Cipher cipher = Cipher.getInstance(algorithm);
        /** 用密钥初始化Cipher对象 **/
        cipher.init(decryptMode, securekey, sr);
        return cipher.doFinal(data);
    }

    public static void main(String[] args) throws Exception {
        // 待加密内容
        String data = "helloworld";
        // 密码，长度要是8的倍数
        //加密
        String str = DES.encrypt(data);
        System.out.println(str);
        //解密
        System.out.println(DES.decrypt(str));
    }
}

编写自定义加解密Handler类继承 BaseTypeHandler

package com.byyl.web.config;

import com.byyl.web.utils.DES;
import org.apache.ibatis.type.BaseTypeHandler;
import org.apache.ibatis.type.JdbcType;

import java.sql.CallableStatement;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

/**
 * 配置mybatis 敏感数据加密
 */
public class DesEncryptHandler extends BaseTypeHandler {
    @Override
    public void setNonNullParameter(PreparedStatement preparedStatement, int i, Object o, JdbcType jdbcType) throws SQLException {
        preparedStatement.setString(i, DES.encrypt((String)o));
    }

    @Override
    public Object getNullableResult(ResultSet resultSet, String s) throws SQLException {
        String columnValue = resultSet.getString(s);
        return DES.decrypt(columnValue);
    }

    @Override
    public Object getNullableResult(ResultSet resultSet, int i) throws SQLException {
        String columnValue = resultSet.getString(i);
        return DES.decrypt(columnValue);

    }

    @Override
    public Object getNullableResult(CallableStatement callableStatement, int i) throws SQLException {
        String columnValue = callableStatement.getString(i);
        return DES.decrypt(columnValue);
    }
}

类中使用

@Data
@EqualsAndHashCode(callSuper = false)
//autoResultMap = true  要有否则查询时无法解密
@TableName(value = "vd_patient",autoResultMap = true )
@ApiModel(value="VdPatient对象")
public class VdPatient implements Serializable {
//typeHandle设置成自己编写的DesEncryptHandler 
   @TableField(typeHandler = DesEncryptHandler.class)
    private String idCard;
}