java Hibernate 中的数据库加密
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5621422/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
DataBase encryption in Hibernate
提问by Chandrasekhar
How can encrypt the data base fields when using the hibernate?
使用休眠时如何加密数据库字段?
We have developed the product some of the clients are using that application Some clients is asking about the data base encryption Is there any possible to encrypt the data in application level with out more changes in the code.
我们已经开发了一些客户正在使用该应用程序的产品 一些客户正在询问数据库加密是否有可能在应用程序级别加密数据而无需对代码进行更多更改。
Please give me the suggestion as soon as possible.
请尽快给我建议。
回答by Andrés Canavesi
Try this:
试试这个:
Put an attribute in your entity:
在您的实体中放置一个属性:
private byte[] encryptedBody;
Use this getter and setters:
使用这个 getter 和 setter:
@Column(columnDefinition= "LONGBLOB", name="encryptedBody")
@ColumnTransformer(
read="AES_DECRYPT(encryptedBody, 'yourkey')",
write="AES_ENCRYPT(?, 'yourkey')")
public byte[] getEncryptedBody() {
return encryptedBody;
}
public void setEncryptedBody(byte[] encryptedBody) {
this.encryptedBody = encryptedBody;
}
And then when you retrive the column use:
然后当你检索列时使用:
private final Charset UTF8_CHARSET = Charset.forName("UTF-8");
String decodeUTF8(byte[] bytes) {
return new String(bytes, UTF8_CHARSET);
}
String s = decodeUTF8(entity.getEncryptedBody());
BEWARE: AES_DECRYPT and AES_ENCRYPT belong to MySQL. If you have a different data base engine find similar functions.
注意:AES_DECRYPT 和 AES_ENCRYPT 属于 MySQL。如果您有不同的数据库引擎,请找到类似的功能。
Hope this helps.
希望这可以帮助。
回答by Edwin Dalorzo
I think that you are looking for column transformers. You can find how to do it in the Hibernate reference:
我认为您正在寻找列变压器。您可以在 Hibernate 参考中找到如何执行此操作:
I hope that helps!
我希望这有帮助!
回答by Vlad Mihalcea
As explained in this article, you can use the @ColumnTransformerannotation like this:
如本文所述,您可以@ColumnTransformer像这样使用注释:
@ColumnTransformer(
read = "pgp_sym_decrypt(" +
" storage, " +
" current_setting('encrypt.key')" +
")",
write = "pgp_sym_encrypt( " +
" ?, " +
" current_setting('encrypt.key')" +
") "
)
@Column(columnDefinition = "bytea")
private String storage;
This way, Hibernate will be able to encrypt the entity attribute when you persist or mergeit and decrypt it when you read the entity.
这样,Hibernate 将能够在您持久化或合并实体属性时加密实体属性,并在您读取实体时对其进行解密。
回答by Ralph
You could use jasypt. It has an Hibernate integration that allows you to encrypt properties while saving (and decrypt while loading).
你可以使用jasypt。它具有 Hibernate 集成,允许您在保存时加密属性(并在加载时解密)。
回答by Bertrand RODRIGUES
If you need to use Java's cypher, you could use this library. It brings new types field for hibernate mapping.
如果你需要使用 Java 的密码,你可以使用这个库。它为休眠映射带来了新的类型字段。
https://github.com/zubial/hibernate-encrypt
https://github.com/zubial/hibernate-encrypt
@#
@#
