java自定义注解实现加密,解密,脱敏
目录
1.数据库连接加密
2.数据库字段存储加密
2.1定义加密对象Encrypt
2.2定义拦截处理EncryptTypeHandler
3.数据显示脱敏
3.1 定义脱敏注解
3.2 定义枚举
3.3 定义脱敏方法
3.4 实现序列化
4.使用列子
1.数据库连接加密
mybtisplus 自带连接加密
2.数据库字段存储加密,解密
mybtisplus实现。
定义数据类型为加密对象:
private Encrypt phone;
前端正常传入数据
{
“phone”:“1234567”
}
2.1定义加密对象Encrypt
public class Encrypt {
@ApiModelProperty(value = "加密",example = "xxx000XX")
private String value;
//返回给前端时候使用,去掉多层级
@JsonValue()
public String getValue() {
return value;
}
}2.2定义拦截处理EncryptTypeHandler
@Component
@MappedJdbcTypes(JdbcType.VARCHAR)
@MappedTypes(Encrypt.class)
public class EncryptTypeHandler extends BaseTypeHandler {
/**
* 设置参数
*/
@Override
public void setNonNullParameter(PreparedStatement ps, int i, Encrypt parameter, JdbcType jdbcType) throws SQLException {
if (parameter == null || parameter.getValue() == null) {
ps.setString(i, null);
return;
}
AES aes = SecureUtil.aes(CommonConstant.KEY);
String encrypt = aes.encryptHex(parameter.getValue());
ps.setString(i, encrypt);
}
/**
* 获取值
*/
@Override
public Encrypt getNullableResult(ResultSet rs, String columnName) throws SQLException {
return decrypt(rs.getString(columnName));
}
/**
* 获取值
*/
@Override
public Encrypt getNullableResult(ResultSet rs, int columnIndex) throws SQLException {
return decrypt(rs.getString(columnIndex));
}
/**
* 获取值
*/
@Override
public Encrypt getNullableResult(CallableStatement cs, int columnIndex) throws SQLException {
return decrypt(cs.getString(columnIndex));
}
public Encrypt decrypt(String value) {
if (null == value) {
return null;
}
return new Encrypt(SecureUtil.aes(CommonConstant.KEY).decryptStr(value));
}
}
3.数据显示脱敏
本质为在数据转为json时,替换默认的序列化方法
3.1 定义脱敏注解
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.FIELD)
@JacksonAnnotationsInside
@JsonSerialize(using = DesensitizationSerializer.class)
public @interface Desensitization {
/*
* 脱敏类型
*/
DesensitizeType type() default DesensitizeType.MOBILE;
/*
使用占位符
*/
String placeholder() default "*";
/*
脱敏开始位置,从0开始计数,默认为0
*/
int start() default 0;
/*
脱敏结束位置,默认为整个字符串长度
*/
int end() default 0;
}
3.2 定义枚举
public enum DesensitizeType {
MOBILE("mobile","手机号码"),
CUSTOMER("customer","自定义"),
EMAIL("mobile","邮箱"),
ADDRESS("mobile","地址"),
NAME("mobile","姓名"),
IDCARD("mobile","手机号码");
@JsonValue
private String code;
private String name;
DesensitizeType(String code, String name) {
this.code = code;
this.name = name;
}
}3.3 定义脱敏方法
public class DesensitizedUtils {
/**
* 对字符串进行脱敏操作
*
* @param origin 原始字符串
* @param prefixNoMaskLen 左侧需要保留几位明文字段
* @param suffixNoMaskLen 右侧需要保留几位明文字段
* @param maskStr 用于遮罩的字符串, 如'*'
* @return 脱敏后结果
*/
public static String desValue(String origin, int prefixNoMaskLen, int suffixNoMaskLen, String maskStr) {
if (origin == null) {
return null;
}
StringBuilder sb = new StringBuilder();
for (int i = 0, n = origin.length(); i < n; i++) {
if (i < prefixNoMaskLen) {
sb.append(origin.charAt(i));
continue;
}
if (i > (n - suffixNoMaskLen - 1)) {
sb.append(origin.charAt(i));
continue;
}
sb.append(maskStr);
}
return sb.toString();
}
/**
* 【中文姓名】只显示最后一个汉字,其他隐藏为星号,比如:**梦
*
* @param fullName 姓名
* @return 结果
*/
public static String chineseName(String fullName) {
if (fullName == null) {
return null;
}
return desValue(fullName, 1, 0, "*");
}
/**
* 【身份证号】显示前4位, 后2位,其他隐藏。
*
* @param id 身份证号码
* @return 结果
*/
public static String idCardNum(String id) {
return desValue(id, 4, 2, "*");
}
/**
* 【手机号码】前三位,后四位,其他隐藏。
*
* @param num 手机号码
* @return 结果
*/
public static String mobilePhone(String num) {
return desValue(num, 3, 4, "*");
}
}3.4 实现序列化
@NoArgsConstructor
@AllArgsConstructor
public class DesensitizationSerializer extends JsonSerializer implements ContextualSerializer {
/**
* 脱敏类型
*/
private DesensitizeType sensitiveTypeEnum;
/**
* 前几位不脱敏
*/
private Integer start;
/**
* 最后几位不脱敏
*/
private Integer end;
/**
* 用什么打码
*/
private String placeholder;
@Override
public void serialize(final Encrypt encrypt, final JsonGenerator jsonGenerator,
final SerializerProvider serializerProvider) throws IOException {
String origin = encrypt.getValue();
switch (sensitiveTypeEnum) {
case CUSTOMER:
jsonGenerator.writeString(DesensitizedUtils.desValue(origin, start, end, placeholder));
break;
case NAME:
jsonGenerator.writeString(DesensitizedUtils.chineseName(origin));
break;
case IDCARD:
jsonGenerator.writeString(DesensitizedUtils.idCardNum(origin));
break;
case MOBILE:
jsonGenerator.writeString(DesensitizedUtils.mobilePhone(origin));
break;
default:
throw new IllegalArgumentException("unknown sensitive type enum " + sensitiveTypeEnum);
}
}
@Override
public JsonSerializer createContextual(final SerializerProvider serializerProvider,
final BeanProperty beanProperty) throws JsonMappingException {
if (beanProperty != null) {
if (Objects.equals(beanProperty.getType().getRawClass(), Encrypt.class)) {
Desensitization sensitive = beanProperty.getAnnotation(Desensitization.class);
if (sensitive == null) {
sensitive = beanProperty.getContextAnnotation(Desensitization.class);
}
if (sensitive != null) {
return new DesensitizationSerializer(sensitive.type(), sensitive.start(),
sensitive.end(), sensitive.placeholder());
}
}
return serializerProvider.findValueSerializer(beanProperty.getType(), beanProperty);
}
return serializerProvider.findNullValueSerializer(null);
}
}
4.使用列子
@Desensitization
private Encrypt phone;