java实现方法,以base64和ase两张加密来说
base64其实只是编码,让数据库看不到明文信息,加密和解密都非常快
ase有秘钥,java里面必须要16位的长度,加密和解密慢
package cn.utils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;
/**
* @author liuxianwen
* @version 1.0
* @date 2023/11/9 16:25
*/
public class EncryptionUtils {
private final Logger LOGGER = LoggerFactory.getLogger(EncryptionUtils.class);
private static final String SECRET_KEY = "1234567890abcdef"; // 替换为你自己的密钥,建议存储在安全的地方
//第一中: 复杂实现和查询慢,但是安全一些: 数据库可以解密处理
// SELECT encode(encrypt('abcd1234', '0123456789ABHAEQ', 'aes-cbc/pad:pkcs'), 'base64');
// 注意:变量更新时,添加类型转换 cast(phone as bytea) 历史数据加密
// update base_user t SET phone =encode(encrypt(cast(phone as bytea),'abc','aes') ,'hex') where phone is not null;
// SELECT convert_from(
// decrypt(decode('PImErwkXUSepyi+aibt/Fg==','base64'), '1234567890abcdef', 'aes-cbc/pad:pkcs') , 'SQL_ASCII');
public String encrypt(String input){
byte[] crypted = null;
try{
SecretKeySpec skey = new SecretKeySpec(SECRET_KEY.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, skey);
crypted = cipher.doFinal(input.getBytes());
}catch(Exception e){
LOGGER.error(e.toString());
}
return new String( new org.apache.commons.codec.binary.Base64().encode(crypted));
}
public String decrypt(String input){
byte[] output = null;
try{
SecretKeySpec skey = new SecretKeySpec(SECRET_KEY.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, skey);
output = cipher.doFinal(new org.apache.commons.codec.binary.Base64().decode(input));
}catch(Exception e){
LOGGER.error(e.toString());
}
return new String(output);
}
//第二种:简单base64,查询快 但是容易破解
// select encode('刘贤tcps1234','base64');
// 注意:变量更新时,要添加类型转换 cast(phone as bytea)
// update base_user t set phone = encode(cast(phone as bytea) ,'base64') where phone is not null;
// select convert_from(decode('5YiY6LSkdGNwczEyMzQ=','base64'),'SQL_ASCII');
// 加密
public static String encryptBASE64(String key) {
return (new org.apache.commons.codec.binary.Base64()).encodeBase64String(key.getBytes());
}
// 解密
public static String decryptBASE64(String key) {
String de_key=new String((new org.apache.commons.codec.binary.Base64()).decodeBase64(key));
return de_key;
}
// public static void main(String[] args) throws Exception{
// EncryptionUtils encryptionUtils=new EncryptionUtils();
// String key="ASJDN年后125";
// String en_key= encryptionUtils.encrypt(key);
// System.out.println("en_key:"+en_key);
// System.out.println("de_key:"+encryptionUtils.decrypt(en_key));
// String key="ASJDN年后125";
// String en_key=EncryptionUtils.encryptBASE64(key);
// System.out.println("en_key:"+en_key);
// System.out.println("de_key:"+EncryptionUtils.decryptBASE64(en_key));
// }
}
-- 检查pgcrypto扩展是否已安装和加载
SELECT exists(SELECT 1 FROM pg_extension WHERE extname = 'pgcrypto');
-- 如果没有,就加载pgcrypto扩展
CREATE EXTENSION IF NOT EXISTS pgcrypto;
base64
批量加密:
update base_user t set phone = encode(cast(phone as bytea) ,'base64') where phone is not null;
解密:
select convert_from(decode(phone ,'base64'),'SQL_ASCII') from base_user ;
aes
批量加密:
update base_user t SET phone =encode(encrypt(cast(t.phone as bytea),'abc','aes') ,'hex') where phone is not null;
解密:
select convert_from(decrypt(decode(phone ,'hex'),'abc','aes'),'SQL_ASCII') as jiemi_phone ,phone as jiami_phone
from base_user limit 100;