Mybatis-Plus 拦截SQL语句实现加解密存储
定义加解密工具类
package com.tz.mybatisplus.common.util;
import Javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Scanner;
/**
* @author @醉鱼
* @link https://Github.com/TianPuJun
* @ClassName AesUtils
* @Description
* @Date 19:58 2022/3/30
**/
public class AesUtils {
public static String AESEncode(String encodeRules, String content) {
try {
// 1.构造密钥生成器,指定为AES算法,不区分大小写
KeyGenerator keygen = KeyGenerator.getInstance("AES");
// 2.根据ecnodeRules规则初始化密钥生成器
// 生成一个128位的随机源,根据传入的字节数组
//keygen.init(128, new SecureRandom(encodeRules.getBytes()));
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
secureRandom.setSeed(encodeRules.getBytes());
keygen.init(128, secureRandom);
// 3.产生原始对称密钥
SecretKey original_key = keygen.generateKey();
// 4.获得原始对称密钥的字节数组
byte[] raw = original_key.getEncoded();
// 5.根据字节数组生成AES密钥
SecretKey key = new SecretKeySpec(raw, "AES");
// 6.根据指定算法AES自成密码器
Cipher cipher = Cipher.getInstance("AES");
// 7.初始化密码器,第一个参数为加密(Encrypt_mode)或者解密解密(Decrypt_mode)操作,第二个参数为使用的KEY
cipher.init(Cipher.ENCRYPT_MODE, key);
// 8.获取加密内容的字节数组(这里要设置为utf-8)不然内容中如果有中文和英文混合中文就会解密为乱码
byte[] byte_encode = content.getBytes("utf-8");
// 9.根据密码器的初始化方式--加密:将数据加密
byte[] byte_AES = cipher.doFinal(byte_encode);
// 10.将加密后的数据转换为字符串
// 这里用Base64Encoder中会找不到包
// 解决办法:
// 在项目的Build path中先移除JRE System Library,再添加库JRE System Library,重新编译后就一切正常了。
String AES_encode = new String(Base64.getEncoder().encodeToString(byte_AES));
// 11.将字符串返回
return AES_encode;
} catch (NoSuchAlgorithmException e) {
} catch (NoSuchPaddingException e) {
} catch (InvalidKeyException e) {
} catch (IllegalBlockSizeException e) {
} catch (BadPaddingException e) {
} catch (UnsupportedEncodingException e) {
}
// 如果有错就返加nulll
return null;
}
/*
* 解密 解密过程:1.同加密1-4步 2.将加密后的字符串反纺成byte[]数组 3.将加密内容解密
*/
public static String AESDecode(String encodeRules, String content) {
try {
// 1.构造密钥生成器,指定为AES算法,不区分大小写
KeyGenerator keygen = KeyGenerator.getInstance("AES");
// 2.根据ecnodeRules规则初始化密钥生成器
// 生成一个128位的随机源,根据传入的字节数组
//keygen.init(128, new SecureRandom(encodeRules.getBytes()));
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
secureRandom.setSeed(encodeRules.getBytes());
keygen.init(128, secureRandom);
// 3.产生原始对称密钥
SecretKey original_key = keygen.generateKey();
// 4.获得原始对称密钥的字节数组
byte[] raw = original_key.getEncoded();
// 5.根据字节数组生成AES密钥
SecretKey key = new SecretKeySpec(raw, "AES");
// 6.根据指定算法AES自成密码器
Cipher cipher = Cipher.getInstance("AES");
// 7.初始化密码器,第一个参数为加密(Encrypt_mode)或者解密(Decrypt_mode)操作,第二个参数为使用的KEY
cipher.init(Cipher.DECRYPT_MODE, key);
// 8.将加密并编码后的内容解码成字节数组
byte[] byte_content = Base64.getDecoder().decode(content);
/*
* 解密
*/
byte[] byte_decode = cipher.doFinal(byte_content);
String AES_decode = new String(byte_decode, "utf-8");
return AES_decode;
} catch (NoSuchAlgorithmException e) {
} catch (NoSuchPaddingException e) {
} catch (InvalidKeyException e) {
} catch (IOException e) {
} catch (IllegalBlockSizeException e) {
} catch (BadPaddingException e) {
}
// 如果有错就返加nulll
return null;
}
public static void main(String[] args) {
AesUtils se = new AesUtils();
Scanner scanner = new Scanner(System.in);
/*
* 加密
*/
System.out.println("使用AES对称加密,请输入加密的规则");
String encodeRules = scanner.next();
System.out.println("请输入要加密的内容:");
String content = scanner.next();
System.out.println("根据输入的规则" + encodeRules + "加密后的密文是:" + se.AESEncode(encodeRules, content));
/*
* 解密
*/
System.out.println("使用AES对称解密,请输入加密的规则:(须与加密相同)");
encodeRules = scanner.next();
System.out.println("请输入要解密的内容(密文):");
content = scanner.next();
System.out.println("根据输入的规则" + encodeRules + "解密后的明文是:" + se.AESDecode(encodeRules, content));
}
}
监听保存方法,实现数据加密存储
package com.tz.mybatisplus.interceptor;
import com.tz.mybatisplus.common.encrypt.EncryptField;
import com.tz.mybatisplus.common.util.AesUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.ParameterMapping;
import org.apache.ibatis.plugin.*;
import org.apache.ibatis.reflection.MetaObject;
import org.apache.ibatis.session.Configuration;
import org.apache.ibatis.type.TypeHandlerRegistry;
import org.Springframework.stereotype.Component;
import java.text.DateFormat;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
/**
* @author @醉鱼
* @link https://github.com/TianPuJun
* @ClassName EncryptFieldInterceptor
* @Description mapper 拦截器,处理sql语句,加密字段存储
* @Date 09:56 2022/3/30
**/
@Intercepts({
// type 指定代理对象,method 指定代理方法,args 指定type代理类中method方法的参数
@Signature(type = Executor.class, method = "update", args = {MappedStatement.class, Object.class}),
})
@Slf4j
@Component
public class EncryptFieldInterceptor implements Interceptor {
@Override
public Object intercept(Invocation invocation) throws Throwable {
MappedStatement mappedStatement = (MappedStatement) invocation.getArgs()[0];
Object parameter = null;
if (invocation.getArgs().length > 1) {
parameter = invocation.getArgs()[1];
}
String sqlId = mappedStatement.getId();
log.info("==> intercept SQL_ID: [{}]", sqlId);
BoundSql boundSql = mappedStatement.getBoundSql(parameter);
Configuration configuration = mappedStatement.getConfiguration();
Object returnVal = null;
String sql = genSql(configuration, boundSql);
log.info("==> intercept SQL: [{}]", sql);
returnVal = invocation.proceed();
return returnVal;
}
private String genSql(Configuration configuration, BoundSql boundSql) {
Object parameterObject = boundSql.getParameterObject();
List<ParameterMapping> parameterMappings = boundSql.getParameterMappings();
String sql = boundSql.getSql().replaceAll("[\s]+", " ");
if (parameterMappings.size() > 0 && null != parameterObject) {
TypeHandlerRegistry typeHandlerRegistry = configuration.getTypeHandlerRegistry();
if (typeHandlerRegistry.hasTypeHandler(parameterObject.getClass())) {
sql = sql.replaceFirst("\?", getParameterVal(parameterObject));
} else {
MetaObject metaObject = configuration.newMetaObject(parameterObject);
for (ParameterMapping parameterMapping : parameterMappings) {
String propertyName = parameterMapping.getProperty();
if (metaObject.hasGetter(propertyName)) {
Object value = metaObject.getValue(propertyName);
if (EncryptField.FULL_NAME.equalsIgnoreCase(propertyName) || EncryptField.PASSWORD.equalsIgnoreCase(propertyName)) {
log.info("==> genSql before [{}]: [{}]", propertyName, value);
value = AesUtils.AESEncode(EncryptField.AES_KEY, value.toString());
log.info("==> genSql after [{}]: [{}]", propertyName, value);
metaObject.setValue(propertyName, value);
}
sql = sql.replaceFirst("\?", getParameterVal(value));
} else if (boundSql.hasAdditionalParameter(propertyName)) {
Object value = boundSql.getAdditionalParameter(propertyName);
sql = sql.replaceFirst("\?", getParameterVal(value));
}
}
}
}
return sql;
}
private String getParameterVal(Object obj) {
String val;
if (obj instanceof String) {
val = "'" + obj.toString() + "'";
} else if (obj instanceof Date) {
DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.DEFAULT, DateFormat.DEFAULT, Locale.CHINA);
val = "'" + dateFormat.format(obj) + "'";
} else {
if (null != obj) {
val = obj.toString();
} else {
val = "";
}
}
return val;
}
@Override
public Object plugin(Object target) {
return Plugin.wrap(target, this);
}
@Override
public void setProperties(Properties properties) {
}
}
监听查询方法,实现数据解密查看
package com.tz.mybatisplus.interceptor;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.tz.mybatisplus.common.encrypt.EncryptField;
import com.tz.mybatisplus.common.util.AesUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.ibatis.cache.CacheKey;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.ParameterMapping;
import org.apache.ibatis.plugin.*;
import org.apache.ibatis.reflection.MetaObject;
import org.apache.ibatis.session.Configuration;
import org.apache.ibatis.session.ResultHandler;
import org.apache.ibatis.session.RowBounds;
import org.apache.ibatis.type.TypeHandlerRegistry;
import org.springframework.stereotype.Component;
import java.text.DateFormat;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
/**
* @author @醉鱼
* @link https://github.com/TianPuJun
* @ClassName DecryptFieldInterceptor
* @Description mapper 拦截器,处理sql语句,解密数据
* @Date 09:56 2022/3/30
**/
@Intercepts({
// type 指定代理对象,method 指定代理方法,args 指定type代理类中method方法的参数
@Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class, RowBounds.class, ResultHandler.class, CacheKey.class, BoundSql.class}),
@Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class, RowBounds.class, ResultHandler.class}),
})
@Slf4j
@Component
public class DecryptFieldInterceptor implements Interceptor {
@Override
public Object intercept(Invocation invocation) throws Throwable {
MappedStatement mappedStatement = (MappedStatement) invocation.getArgs()[0];
String sqlId = mappedStatement.getId();
log.info("==> intercept SQL_ID: [{}]", sqlId);
Object proceed = invocation.proceed();
if (sqlId.contains("selectCount")) {
log.warn("==> SQL 语句类型是[selectCount] 直接返回结果");
return proceed;
}
Object parameter = null;
if (invocation.getArgs().length > 1) {
parameter = invocation.getArgs()[1];
}
BoundSql boundSql = mappedStatement.getBoundSql(parameter);
Configuration configuration = mappedStatement.getConfiguration();
String sql = genSql(configuration, boundSql);
if (sql.contains("count") || sql.contains("COUNT") || sql.contains("Count")) {
log.warn("==> SQL 语句包含[count|COUNT|Count] 直接返回结果");
return proceed;
}
String result = JSONObject.toJSONString(proceed);
log.info("==> SQL 查询结果 [{}]", result);
JSONArray array = JSONArray.parseArray(result);
log.info("==> SQL 查询结果转换json [{}]", array);
JSONArray retArray = new JSONArray();
for (Object o : array) {
JSONObject jsonObject = JSONObject.parseObject(o.toString());
jsonObject.put(EncryptField.PASSWORD, AesUtils.AESDecode(EncryptField.AES_KEY, jsonObject.getString(EncryptField.PASSWORD)));
// 这种的最好还是统一
if (jsonObject.containsKey(EncryptField.FULL_NAME)) {
jsonObject.put(EncryptField.FULL_NAME, AesUtils.AESDecode(EncryptField.AES_KEY, jsonObject.getString(EncryptField.FULL_NAME)));
} else {
jsonObject.put("full_name", AesUtils.AESDecode(EncryptField.AES_KEY, jsonObject.getString("full_name")));
}
retArray.add(jsonObject);
}
return retArray;
}
private String genSql(Configuration configuration, BoundSql boundSql) {
Object parameterObject = boundSql.getParameterObject();
List<ParameterMapping> parameterMappings = boundSql.getParameterMappings();
String sql = boundSql.getSql().replaceAll("[\s]+", " ");
if (parameterMappings.size() > 0 && null != parameterObject) {
TypeHandlerRegistry typeHandlerRegistry = configuration.getTypeHandlerRegistry();
if (typeHandlerRegistry.hasTypeHandler(parameterObject.getClass())) {
sql = sql.replaceFirst("\?", getParameterVal(parameterObject));
} else {
MetaObject metaObject = configuration.newMetaObject(parameterObject);
for (ParameterMapping parameterMapping : parameterMappings) {
String propertyName = parameterMapping.getProperty();
if (metaObject.hasGetter(propertyName)) {
Object value = metaObject.getValue(propertyName);
if (EncryptField.FULL_NAME.equalsIgnoreCase(propertyName) || EncryptField.PASSWORD.equalsIgnoreCase(propertyName)) {
log.info("==> genSql before [{}]: [{}]", propertyName, value);
value = AesUtils.AESEncode(EncryptField.AES_KEY, value.toString());
log.info("==> genSql after [{}]: [{}]", propertyName, value);
metaObject.setValue(propertyName, value);
}
sql = sql.replaceFirst("\?", getParameterVal(value));
} else if (boundSql.hasAdditionalParameter(propertyName)) {
Object value = boundSql.getAdditionalParameter(propertyName);
sql = sql.replaceFirst("\?", getParameterVal(value));
}
}
}
}
return sql;
}
private String getParameterVal(Object obj) {
String val;
if (obj instanceof String) {
val = "'" + obj.toString() + "'";
} else if (obj instanceof Date) {
DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.DEFAULT, DateFormat.DEFAULT, Locale.CHINA);
val = "'" + dateFormat.format(obj) + "'";
} else {
if (null != obj) {
val = obj.toString();
} else {
val = "";
}
}
return val;
}
@Override
public Object plugin(Object target) {
return Plugin.wrap(target, this);
}
@Override
public void setProperties(Properties properties) {
}
}
源代码地址
原文始发于微信公众号(醉鱼Java):Mybatis-plus加解密存储查看
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
文章由极客之音整理,本文链接:https://www.bmabk.com/index.php/post/231748.html
