注解实现MyBatis对敏感数据的加密解密

注解实现MyBatis对敏感数据的加密解密

注释详细

通过注解实现数据加密解密

1. 在要加密的类添加注解 @SensitiveData 默认加密解密方式为 AES
2. 在要加密字段上添加注解 @EncryptField
3. 在要解密的字段添加注解 @DecryptField

例如

@Data
@SensitiveData
public class Customer {
          
   
    private Integer id;
    @DecryptField
    @EncryptField
    private String phone;
    @DecryptField
    @EncryptField
    private String address;
    private Integer age;
}

选用其他加解密方式方式

1. 实现 DecryptHandler 与 EncryptHandler 重写 encryptMethod（）方法
2. 注意： 加密解密时 添加前缀：避免重复加密 @Slf4j @Component("rsaDecryptImpl") public class RSADecryptImpl implements DecryptHandler { private final String KEY_SENSITIVE = "sensitive_"; @Override public String decryptMethod(String decryptValue) { //...... 解密方法 if (decryptValue.startsWith(KEY_SENSITIVE)) { decryptValue = decryptValue.substring(10); return RESUtil.decrypt(decryptValue, key); } return decryptValue; } } @Slf4j @Component("rsaEncryptImpl") public class RSAEncryptImpl implements EncryptHandler { private final String KEY_SENSITIVE = "sensitive_"; @Override public String encryptMethod(String encryptValue) { //...... 加密方法 if (!encryptValue.startsWith(KEY_SENSITIVE)) { String encrypted; encrypted = RESUtil.encrypt(encryptValue, key); encrypted = KEY_SENSITIVE + encrypted; return encrypted; } return encryptValue; } }
3. 使用

@SensitiveData(encryptMethod = "rsaEncryptImpl",decryptMethod = "rsaDecryptImpl")
@Data
public class Customer {
          
   
    private Integer id;
    @DecryptField
    @EncryptField
    private String phone;
    @DecryptField
    @EncryptField
    private String address;
    private Integer age;
}

效果展示

@GetMapping("batchInset")
    public Integer batchInsert() {
          
   
        List<Customer> list = new ArrayList<>();
        for (int i = 0; i < 10; i++) {
          
   
            Customer customer = new Customer();
            customer.setAge(i);
            customer.setPhone("1" + i);
            customer.setAddress("address" + i);
            list.add(customer);
        }
        return customerService.batchInsert(list);
    }

插入单条数据

@GetMapping("addCustomer")
    public String addCustomer(@RequestParam("phone") String phone, @RequestParam("address") String address) {
          
   
        Customer customer = new Customer();
        customer.setAddress(address);
        customer.setPhone(phone);
        customer.setAge(18);
        int result = customerService.addCustomer(customer);
        return "添加结果: " + result;
    }

查询

@PostMapping("findCustomerList")
    public List<Customer> findCustomerList(@RequestBody Customer customer) {
          
   
        return customerService.findCustomerList(customer);
    }