当前位置:theitroad>java How to read encrypted database field using Hibernate

java How to read encrypted database field using Hibernate

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/5871343/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-10-30 13:13:01  来源:igfitidea点击:

How to read encrypted database field using Hibernate

javasql-serverhibernatejpa

提问by Marquinio

I'm working on a project where some database table fields need to be encrypted. The way this will be done is using Microsoft SQL Server built-in encryption/decryption function:

I'm working on a project where some database table fields need to be encrypted. The way this will be done is using Microsoft SQL Server built-in encryption/decryption function:

ENCRYPTBYPASSPHRASE('PASSPHRASE',‘text')

DECRYPTBYPASSPHRASE ('12',password)

So to insert data the SQL will be like this:

So to insert data the SQL will be like this:

insert into login_details(uid,username,password) values(1,'smith',EncryptByPassPhrase('12','XXX'))

And to read data the SQL will be this way:

And to read data the SQL will be this way:

select uid,username, DECRYPTBYPASSPHRASE ('12',password) as Password from login_details

So my question is how I can I make use of this in Hibernate using my existing OR mappings? I'm using JPA Annotations. Is there an easy way to do this with JPA annotations?

So my question is how I can I make use of this in Hibernate using my existing OR mappings? I'm using JPA Annotations. Is there an easy way to do this with JPA annotations?

采纳答案by JB Nizet

I don't see how you might do that. But from what I've read, ENCRYPTBYPASSPHRASE uses triple-DES. So you might encrypt the data yourself and persist it as is with Hibernate. Here's how it would look like to make it transparent (except for queries, obviously)

I don't see how you might do that. But from what I've read, ENCRYPTBYPASSPHRASE uses triple-DES. So you might encrypt the data yourself and persist it as is with Hibernate. Here's how it would look like to make it transparent (except for queries, obviously)

@Entity
public class LoginDetails {
    @Column(name = "password")
    private byte[] encryptedPassword;

    @Transient
    private String password;

    public void getPassword() {
        if (password == null) {
            password = CryptoUtils.decrypt(encryptedPassword);
        }
        return password;
    }

    public void setPassword(String password) {
        this.encryptedPassword = CryptoUtils.encrypt(password);
        this.password = password;
    }
}

where CryptoUtilswould be responsible for storing the secret key and encrypting/decrypting using triple-DES (which is natively supported in the JDK : see http://download.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#Cipher)

where CryptoUtilswould be responsible for storing the secret key and encrypting/decrypting using triple-DES (which is natively supported in the JDK : see http://download.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#Cipher)

Just make sure to test it and make sure that your decryption is able to decrypt what SQL-Server has encrypted, and vice-versa.

Just make sure to test it and make sure that your decryption is able to decrypt what SQL-Server has encrypted, and vice-versa.

回答by Steve Ebersole

Sounds like you are looking for org.hibernate.annotations.ColumnTransformer

Sounds like you are looking for org.hibernate.annotations.ColumnTransformer

@Column( name = "pswd" )
@ColumnTransformer( write="EncryptByPassPhrase('12',?)", read="DECRYPTBYPASSPHRASE ('12',pswd)" )
public String getPassword() {
    return password;
}

回答by Christophe L

Reviving an old thread, but I was having a similar requirement and found that Jasypthas some very nice support for this.

Reviving an old thread, but I was having a similar requirement and found that Jasypthas some very nice support for this.

Once Jasypt configured, it's as easy as adding a "@Type(type="encryptedString")" annotation:

Once Jasypt configured, it's as easy as adding a "@Type(type="encryptedString")" annotation:

@Column(name = "password")
@Type(type="encryptedString")
public String getPassword() {
    return password;
}

相关推荐

java 如何将 JLabel 放在标题栏下方的右上角?

java 如何将 JLabel 放在标题栏下方的右上角?

java 如何将参数传递给 jsp:include

java 如何将参数传递给 jsp:include

java 如何删除(常规)视图的背景(Android)

java 如何删除(常规)视图的背景(Android)

java ZXing Barcode Reader:如何在捕获屏幕周围制作自定义边框?

java ZXing Barcode Reader:如何在捕获屏幕周围制作自定义边框?