業務背景:使用者插入資料時,敏感欄位要加密入庫;展示在前端時是解密後的。
但是加密後欄位只能精確篩選了。
使用的是sm4國密演算法
匯入依賴:
>
>
org.bouncycastlegroupid
>
>
bcprov-ext-jdk15onartifactid
>
>
1.58version
>
>
compilescope
>
dependency
>
>
>
org.bouncycastlegroupid
>
>
bcprov-jdk15onartifactid
>
>
1.58version
>
>
compilescope
>
dependency
>
>
>
com.jd.blockchaingroupid
>
>
crypto-smartifactid
>
>
1.1.2.releaseversion
>
dependency
>
public
class
smutil
private
static logger logger = logge***ctory.
getlogger
("smutil");
private
static
final
byte
secret_key = stringutils.
getbytesutf8
("b#uhhqyqttkgae08");
//帶偏移量的金鑰和偏移量似乎是固定16位長度的
private
static
final
byte
iv = stringutils.
getbytesutf8
("ivuhm**qkkkgaei8");
private
static
final string smencrypt_pre =
"smencrypt#"
;/**
* 將明文本串加密成密文後,用base64編碼,並加上smencrypt#作為字首
* @param plainstr 明文本串
* @return base64編碼後的密文,並且加上 smencrypt# 字首
*/public
static string encrypt
(string plainstr)
string encresult = null;
trycatch
(unsupportedencodingexception e)
return encresult;
}/**
* 國密演算法解密,要有字首smencrypt#
* @param encstr 加密字串,要有字首smencrypt#,表示是通過國密演算法加密的
* @return
*/public
static string decrypt
(string encstr)
string decresult = null;
string removepre = org.apache.commons.lang3.stringutils.
remove
(encstr, smencrypt_pre)
;try
catch
(unsupportedencodingexception e)
return decresult;
}/**
* 判斷是否用國密演算法加密過,通過判斷字首是否有smencrypt#
* @return 有smencrypt#為true表示用了國密演算法加密了
*/public
static
boolean
isencryptbysmcrypto
(string encstr)
}
public
class
smcryptotypehandler
extends
basetypehandler
@override
public string getnullableresult
(resultset resultset, string s)
throws sqlexception
@override
public string getnullableresult
(resultset resultset,
int i)
throws sqlexception
@override
public string getnullableresult
(callablestatement callablestatement,
int i)
throws sqlexception
}
"baseresultmap1"
type
="com.thunisoft.dzsjdc.repository.model.tyws**bxx"
>
column
="c_id"
jdbctype
="char"
property
="cid"
/>
column
="c_bdcrxm"
jdbctype
="varchar"
property
="cbdcrxm"
typehandler
="com......smcryptotypehandler"
/>
column
="c_bdcrsf"
jdbctype
="varchar"
property
="cbdcrsf"
typehandler
="com......smcryptotypehandler"
/>
column
="c_bdcrzw"
jdbctype
="varchar"
property
="cbdcrzw"
typehandler
="com......smcryptotypehandler"
/>
column
="c_saay"
jdbctype
="varchar"
property
="csaay"
/>
column
="c_bwtdwid"
jdbctype
="varchar"
property
="cbwtdwid"
/>
resultmap
>
@column
(name =
"c_bdcrxm"
)@apimodelproperty
("..."
)@columntype
(typehandler = smcryptotypehandler.
class
)private string cbdcrxm;
and c_bdcrxm like
concat('%', #,'%')
mysql資料庫字段加密
linux version centos7.3 mysql vrsion mysql5.6.34 最近兩天,接到業務上乙個需求,需要對錶中的部分字段 比如手機號,email 進行加密,在檢視mysql的相關資料後,發現需要對資料庫中的部分字段加密,基本就只能從業務層面的角度來實現。大概提供了如下幾個...
MySQL資料庫字段加密
一 匯入表結構 use qskj 03 table structure for table test drop table if exists test create table test id int 10 not null auto increment comment 主鍵 username v...
mysql欄位加密儲存過程 資料庫 加密儲存過程
如何簡單的建立乙個加密儲存過程 create proc test 引數列表 with encription as主體 go為了演示,現在我們建立乙個具備各種引數型別的儲存過程作為測試 create proc test x int 3,s nvarchar 20 y int output with e...