醉鱼

V1

2022/04/09阅读:14主题:自定义主题1

Mybatis-plus加解密存储查看

Mybatis-Plus 拦截SQL语句实现加解密存储

定义加解密工具类

package com.tz.mybatisplus.common.util;

import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Scanner;

/**
 * @author @醉鱼
 * @link https://github.com/TianPuJun
 * @ClassName AesUtils
 * @Description
 * @Date 19:58 2022/3/30
 **/
public class AesUtils {

    public static String AESEncode(String encodeRules, String content) {
        try {
            // 1.构造密钥生成器,指定为AES算法,不区分大小写
            KeyGenerator keygen = KeyGenerator.getInstance("AES");
            // 2.根据ecnodeRules规则初始化密钥生成器
            // 生成一个128位的随机源,根据传入的字节数组
            //keygen.init(128, new SecureRandom(encodeRules.getBytes()));
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            secureRandom.setSeed(encodeRules.getBytes());
            keygen.init(128, secureRandom);
            // 3.产生原始对称密钥
            SecretKey original_key = keygen.generateKey();
            // 4.获得原始对称密钥的字节数组
            byte[] raw = original_key.getEncoded();
            // 5.根据字节数组生成AES密钥
            SecretKey key = new SecretKeySpec(raw, "AES");
            // 6.根据指定算法AES自成密码器
            Cipher cipher = Cipher.getInstance("AES");
            // 7.初始化密码器,第一个参数为加密(Encrypt_mode)或者解密解密(Decrypt_mode)操作,第二个参数为使用的KEY
            cipher.init(Cipher.ENCRYPT_MODE, key);
            // 8.获取加密内容的字节数组(这里要设置为utf-8)不然内容中如果有中文和英文混合中文就会解密为乱码
            byte[] byte_encode = content.getBytes("utf-8");
            // 9.根据密码器的初始化方式--加密:将数据加密
            byte[] byte_AES = cipher.doFinal(byte_encode);
            // 10.将加密后的数据转换为字符串
            // 这里用Base64Encoder中会找不到包
            // 解决办法:
            // 在项目的Build path中先移除JRE System Library,再添加库JRE System Library,重新编译后就一切正常了。
            String AES_encode = new String(Base64.getEncoder().encodeToString(byte_AES));
            // 11.将字符串返回
            return AES_encode;
        } catch (NoSuchAlgorithmException e) {
        } catch (NoSuchPaddingException e) {
        } catch (InvalidKeyException e) {
        } catch (IllegalBlockSizeException e) {
        } catch (BadPaddingException e) {
        } catch (UnsupportedEncodingException e) {
        }

        // 如果有错就返加nulll
        return null;
    }

    /*
     * 解密 解密过程: 1.同加密1-4步 2.将加密后的字符串反纺成byte[]数组 3.将加密内容解密
     */
    public static String AESDecode(String encodeRules, String content) {
        try {
            // 1.构造密钥生成器,指定为AES算法,不区分大小写
            KeyGenerator keygen = KeyGenerator.getInstance("AES");
            // 2.根据ecnodeRules规则初始化密钥生成器
            // 生成一个128位的随机源,根据传入的字节数组
            //keygen.init(128, new SecureRandom(encodeRules.getBytes()));
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            secureRandom.setSeed(encodeRules.getBytes());
            keygen.init(128, secureRandom);
            // 3.产生原始对称密钥
            SecretKey original_key = keygen.generateKey();
            // 4.获得原始对称密钥的字节数组
            byte[] raw = original_key.getEncoded();
            // 5.根据字节数组生成AES密钥
            SecretKey key = new SecretKeySpec(raw, "AES");
            // 6.根据指定算法AES自成密码器
            Cipher cipher = Cipher.getInstance("AES");
            // 7.初始化密码器,第一个参数为加密(Encrypt_mode)或者解密(Decrypt_mode)操作,第二个参数为使用的KEY
            cipher.init(Cipher.DECRYPT_MODE, key);
            // 8.将加密并编码后的内容解码成字节数组
            byte[] byte_content = Base64.getDecoder().decode(content);
            /*
             * 解密
             */
            byte[] byte_decode = cipher.doFinal(byte_content);
            String AES_decode = new String(byte_decode, "utf-8");
            return AES_decode;
        } catch (NoSuchAlgorithmException e) {
        } catch (NoSuchPaddingException e) {
        } catch (InvalidKeyException e) {
        } catch (IOException e) {
        } catch (IllegalBlockSizeException e) {
        } catch (BadPaddingException e) {
        }

        // 如果有错就返加nulll
        return null;
    }

    public static void main(String[] args) {
        AesUtils se = new AesUtils();
        Scanner scanner = new Scanner(System.in);
        /*
         * 加密
         */
        System.out.println("使用AES对称加密,请输入加密的规则");
        String encodeRules = scanner.next();
        System.out.println("请输入要加密的内容:");
        String content = scanner.next();
        System.out.println("根据输入的规则" + encodeRules + "加密后的密文是:" + se.AESEncode(encodeRules, content));

        /*
         * 解密
         */
        System.out.println("使用AES对称解密,请输入加密的规则:(须与加密相同)");
        encodeRules = scanner.next();
        System.out.println("请输入要解密的内容(密文):");
        content = scanner.next();
        System.out.println("根据输入的规则" + encodeRules + "解密后的明文是:" + se.AESDecode(encodeRules, content));
    }
}

监听保存方法,实现数据加密存储

package com.tz.mybatisplus.interceptor;

import com.tz.mybatisplus.common.encrypt.EncryptField;
import com.tz.mybatisplus.common.util.AesUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.ParameterMapping;
import org.apache.ibatis.plugin.*;
import org.apache.ibatis.reflection.MetaObject;
import org.apache.ibatis.session.Configuration;
import org.apache.ibatis.type.TypeHandlerRegistry;
import org.springframework.stereotype.Component;

import java.text.DateFormat;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.Properties;

/**
 * @author @醉鱼
 * @link https://github.com/TianPuJun
 * @ClassName EncryptFieldInterceptor
 * @Description mapper 拦截器,处理sql语句,加密字段存储
 * @Date 09:56 2022/3/30
 **/
@Intercepts({
        // type 指定代理对象,method 指定代理方法,args 指定type代理类中method方法的参数
        @Signature(type = Executor.class, method = "update", args = {MappedStatement.class, Object.class}),

})
@Slf4j
@Component
public class EncryptFieldInterceptor implements Interceptor {

    @Override
    public Object intercept(Invocation invocation) throws Throwable {
        MappedStatement mappedStatement = (MappedStatement) invocation.getArgs()[0];

        Object parameter = null;
        if (invocation.getArgs().length > 1) {
            parameter = invocation.getArgs()[1];
        }
        String sqlId = mappedStatement.getId();
        log.info("==> intercept  SQL_ID: [{}]", sqlId);
        BoundSql boundSql = mappedStatement.getBoundSql(parameter);
        Configuration configuration = mappedStatement.getConfiguration();
        Object returnVal = null;
        String sql = genSql(configuration, boundSql);
        log.info("==> intercept  SQL: [{}]", sql);
        returnVal = invocation.proceed();
        return returnVal;
    }

    private String genSql(Configuration configuration, BoundSql boundSql) {

        Object parameterObject = boundSql.getParameterObject();
        List<ParameterMapping> parameterMappings = boundSql.getParameterMappings();
        String sql = boundSql.getSql().replaceAll("[\\s]+", " ");
        if (parameterMappings.size() > 0 && null != parameterObject) {
            TypeHandlerRegistry typeHandlerRegistry = configuration.getTypeHandlerRegistry();
            if (typeHandlerRegistry.hasTypeHandler(parameterObject.getClass())) {
                sql = sql.replaceFirst("\\?", getParameterVal(parameterObject));
            } else {
                MetaObject metaObject = configuration.newMetaObject(parameterObject);
                for (ParameterMapping parameterMapping : parameterMappings) {
                    String propertyName = parameterMapping.getProperty();
                    if (metaObject.hasGetter(propertyName)) {
                        Object value = metaObject.getValue(propertyName);

                        if (EncryptField.FULL_NAME.equalsIgnoreCase(propertyName) || EncryptField.PASSWORD.equalsIgnoreCase(propertyName)) {
                            log.info("==> genSql before [{}]: [{}]", propertyName, value);
                            value = AesUtils.AESEncode(EncryptField.AES_KEY, value.toString());
                            log.info("==> genSql after [{}]: [{}]", propertyName, value);
                            metaObject.setValue(propertyName, value);

                        }

                        sql = sql.replaceFirst("\\?", getParameterVal(value));
                    } else if (boundSql.hasAdditionalParameter(propertyName)) {
                        Object value = boundSql.getAdditionalParameter(propertyName);
                        sql = sql.replaceFirst("\\?", getParameterVal(value));
                    }

                }
            }
        }
        return sql;
    }

    private String getParameterVal(Object obj) {
        String val;
        if (obj instanceof String) {
            val = "'" + obj.toString() + "'";
        } else if (obj instanceof Date) {
            DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.DEFAULT, DateFormat.DEFAULT, Locale.CHINA);
            val = "'" + dateFormat.format(obj) + "'";
        } else {
            if (null != obj) {
                val = obj.toString();
            } else {
                val = "";
            }
        }
        return val;
    }

    @Override
    public Object plugin(Object target) {
        return Plugin.wrap(target, this);
    }

    @Override
    public void setProperties(Properties properties) {

    }
}

监听查询方法,实现数据解密查看

package com.tz.mybatisplus.interceptor;

import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.tz.mybatisplus.common.encrypt.EncryptField;
import com.tz.mybatisplus.common.util.AesUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.ibatis.cache.CacheKey;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.ParameterMapping;
import org.apache.ibatis.plugin.*;
import org.apache.ibatis.reflection.MetaObject;
import org.apache.ibatis.session.Configuration;
import org.apache.ibatis.session.ResultHandler;
import org.apache.ibatis.session.RowBounds;
import org.apache.ibatis.type.TypeHandlerRegistry;
import org.springframework.stereotype.Component;

import java.text.DateFormat;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.Properties;

/**
 * @author @醉鱼
 * @link https://github.com/TianPuJun
 * @ClassName DecryptFieldInterceptor
 * @Description mapper 拦截器,处理sql语句,解密数据
 * @Date 09:56 2022/3/30
 **/
@Intercepts({
        // type 指定代理对象,method 指定代理方法,args 指定type代理类中method方法的参数
        @Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class, RowBounds.class, ResultHandler.class, CacheKey.class, BoundSql.class}),
        @Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class, RowBounds.class, ResultHandler.class}),

})
@Slf4j
@Component
public class DecryptFieldInterceptor implements Interceptor {
    @Override
    public Object intercept(Invocation invocation) throws Throwable {
        MappedStatement mappedStatement = (MappedStatement) invocation.getArgs()[0];
        String sqlId = mappedStatement.getId();
        log.info("==> intercept  SQL_ID: [{}]", sqlId);
        Object proceed = invocation.proceed();
        if (sqlId.contains("selectCount")) {
            log.warn("==> SQL 语句类型是[selectCount] 直接返回结果");
            return proceed;
        }
        Object parameter = null;
        if (invocation.getArgs().length > 1) {
            parameter = invocation.getArgs()[1];
        }
        BoundSql boundSql = mappedStatement.getBoundSql(parameter);
        Configuration configuration = mappedStatement.getConfiguration();
        String sql = genSql(configuration, boundSql);
        if (sql.contains("count") || sql.contains("COUNT") || sql.contains("Count")) {
            log.warn("==> SQL 语句包含[count|COUNT|Count] 直接返回结果");
            return proceed;
        }
        String result = JSONObject.toJSONString(proceed);
        log.info("==> SQL 查询结果 [{}]", result);
        JSONArray array = JSONArray.parseArray(result);
        log.info("==> SQL 查询结果转换json [{}]", array);

        JSONArray retArray = new JSONArray();
        for (Object o : array) {
            JSONObject jsonObject = JSONObject.parseObject(o.toString());
            jsonObject.put(EncryptField.PASSWORD, AesUtils.AESDecode(EncryptField.AES_KEY, jsonObject.getString(EncryptField.PASSWORD)));
            // 这种的最好还是统一
            if (jsonObject.containsKey(EncryptField.FULL_NAME)) {
                jsonObject.put(EncryptField.FULL_NAME, AesUtils.AESDecode(EncryptField.AES_KEY, jsonObject.getString(EncryptField.FULL_NAME)));

            } else {
                jsonObject.put("full_name", AesUtils.AESDecode(EncryptField.AES_KEY, jsonObject.getString("full_name")));

            }
            retArray.add(jsonObject);
        }
        return retArray;
    }

    private String genSql(Configuration configuration, BoundSql boundSql) {

        Object parameterObject = boundSql.getParameterObject();
        List<ParameterMapping> parameterMappings = boundSql.getParameterMappings();
        String sql = boundSql.getSql().replaceAll("[\\s]+", " ");
        if (parameterMappings.size() > 0 && null != parameterObject) {
            TypeHandlerRegistry typeHandlerRegistry = configuration.getTypeHandlerRegistry();
            if (typeHandlerRegistry.hasTypeHandler(parameterObject.getClass())) {
                sql = sql.replaceFirst("\\?", getParameterVal(parameterObject));
            } else {
                MetaObject metaObject = configuration.newMetaObject(parameterObject);
                for (ParameterMapping parameterMapping : parameterMappings) {
                    String propertyName = parameterMapping.getProperty();
                    if (metaObject.hasGetter(propertyName)) {
                        Object value = metaObject.getValue(propertyName);

                        if (EncryptField.FULL_NAME.equalsIgnoreCase(propertyName) || EncryptField.PASSWORD.equalsIgnoreCase(propertyName)) {
                            log.info("==> genSql before [{}]: [{}]", propertyName, value);
                            value = AesUtils.AESEncode(EncryptField.AES_KEY, value.toString());
                            log.info("==> genSql after [{}]: [{}]", propertyName, value);
                            metaObject.setValue(propertyName, value);

                        }

                        sql = sql.replaceFirst("\\?", getParameterVal(value));
                    } else if (boundSql.hasAdditionalParameter(propertyName)) {
                        Object value = boundSql.getAdditionalParameter(propertyName);
                        sql = sql.replaceFirst("\\?", getParameterVal(value));
                    }

                }
            }
        }
        return sql;
    }

    private String getParameterVal(Object obj) {
        String val;
        if (obj instanceof String) {
            val = "'" + obj.toString() + "'";
        } else if (obj instanceof Date) {
            DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.DEFAULT, DateFormat.DEFAULT, Locale.CHINA);
            val = "'" + dateFormat.format(obj) + "'";
        } else {
            if (null != obj) {
                val = obj.toString();
            } else {
                val = "";
            }
        }
        return val;
    }

    @Override
    public Object plugin(Object target) {
        return Plugin.wrap(target, this);
    }

    @Override
    public void setProperties(Properties properties) {
    }
}

源代码地址

分类:

后端

标签:

后端

作者介绍

醉鱼
V1