Introduction to the
Mybatis – Crypto is a field encryption and decryption component based on mybatis plug-in mechanism, which can encrypt and decrypt sensitive data through a annotation. You can customize Encryptor and specify special fields to meet most application scenarios.
The module
Mybatis – Crypto consists of three modules:
mybatis-crypto-coreThe core function module of the plug-inmybatis-crypto-spring-boot-starterprovidesSpring bootQuick integrationmybatis-crypto-encryptorsSeveral IEncryptor implementations are provided
Method of use
- Introduction of depend on
<dependency>
<groupId>io.github.whitedg</groupId>
<artifactId>mybatis-crypto-spring-boot-starter</artifactId>
<version>${latest.version}</version>
</dependency>
Copy the code- Implement IEncryptor
import io.github.whitedg.mybatis.crypto.IEncryptor;
public class MyEncryptor implements IEncryptor {
@Override
public String encrypt(Object val2bEncrypted, String key) throws Exception {
// Implement this method to return encrypted data
return "encrypted string";
}
@Override
public String decrypt(Object val2bDecrypted, String key) throws Exception {
// Implement this method to return decrypted data
return "decrypted string"; }}Copy the codeOr introduce mybatis-crypto-encryptors
<dependency>
<groupId>io.github.whitedg</groupId>
<artifactId>mybatis-crypto-encryptors</artifactId>
<version>${latest.version}</version>
</dependency>
Copy the codeUsing the Encryptor it provides:
io.github.whitedg.mybatis.crypto.Base64Encryptorio.github.whitedg.mybatis.crypto.BasicTextEncryptorio.github.whitedg.mybatis.crypto.AES256Encryptorio.github.whitedg.mybatis.crypto.StrongTextEncryptor
- Add the configuration
mybatis-crypto:
# Whether to enable plug-ins. Default is true
enabled: true
# fast fail, default true
fail-fast: false
Encryptor global default
default-encryptor: io.github.whitedg.mybatis.crypto.BasicTextEncryptor
# Encryptor default key
default-key: global-key
# mybatis @param # mybatis @param
mapped-key-prefixes: et,encrypted
Copy the code- Specify the encryption field
- Add annotations to fields that need to be encrypted and decrypted
@EncryptedField
public class User {
@EncryptedField
private String encryptedStr;
@EncryptedField(encryptor = YourEncryptor.class, key = "Your Key")
private String customizedStr;
}
Copy the code- Use the configured @param parameter key prefix
import org.apache.ibatis.annotations.Param;
interface YourEntityMapper {
int insert(@Param("et") YourEntity entity);
// Arrays are supported
int batchInsert(@Param("encrypted-entities") List<YourEntity> entity);
// The return value can also support a single object or array
YourEntity selectOne(a);
List<YourEntity> selectList(a);
}
Copy the codeDemo
Configuration Item Description
| Configuration items | instructions | The default value |
|---|---|---|
| mybatis-crypto.enabled | Whether to enable mybatis-crypto | true |
| mybatis-crypto.fail-fast | Fast failure, encryption and decryption in the process of abnormal whether to interrupt. True: an exception is thrown. False: Logs of WARN level are printed using the original value | true |
| mybatis-crypto.mapped-key-prefixes | The prefix of the @param parameter name. Matching the prefix will be encrypted | empty |
| mybatis-crypto.default-encryptor | Encryptor is the global default | empty |
| mybatis-crypto.default-key | The global default Encryptor key | empty |
Open source link
Github.com/WhiteDG/myb…