Source code

001package io.ebean.config.dbplatform.oracle;
002
003import io.ebean.config.dbplatform.AbstractDbEncrypt;
004import io.ebean.config.dbplatform.DbEncryptFunction;
005
006/**
007 * Oracle encryption support.
008 *
009 * <p>
010 * You will typically need to create your own encryption and decryption
011 * functions similar to the example ones below.
012 * </p>
013 *
014 * <pre class="code">
015 *
016 *  // Remember your DB user needs execute privilege on DBMS_CRYPTO
017 *  // as well as your encryption and decryption functions
018 *
019 *
020 *  // This is an Example Encryption function only - please create your own.
021 *
022 * CREATE OR REPLACE FUNCTION eb_encrypt(data IN VARCHAR, key in VARCHAR) RETURN RAW IS
023 *
024 *     encryption_mode NUMBER := DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_CBC  + DBMS_CRYPTO.PAD_PKCS5;
025 *
026 *     BEGIN
027 *          RETURN DBMS_CRYPTO.ENCRYPT(UTL_I18N.STRING_TO_RAW (data, 'AL32UTF8'),
028 *            encryption_mode, UTL_I18N.STRING_TO_RAW(key, 'AL32UTF8') );
029 *     END;
030 *     /
031 *
032 *
033 *
034 *  // This is an Example Decryption function only - please create your own.
035 *
036 * CREATE OR REPLACE FUNCTION eb_decrypt(data IN RAW, key IN VARCHAR) RETURN VARCHAR IS
037 *
038 *     encryption_mode NUMBER := DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_CBC  + DBMS_CRYPTO.PAD_PKCS5;
039 *
040 *     BEGIN
041 *          RETURN UTL_RAW.CAST_TO_VARCHAR2(DBMS_CRYPTO.DECRYPT
042 *            (data, encryption_mode, UTL_I18N.STRING_TO_RAW(key, 'AL32UTF8')));
043 *     END;
044 *     /
045 * </pre>
046 */
047public class OracleDbEncrypt extends AbstractDbEncrypt {
048
049  /**
050   * Constructs the Oracle10DbEncrypt with default encrypt and decrypt stored procedures.
051   */
052  public OracleDbEncrypt() {
053    this("eb_encrypt", "eb_decrypt");
054  }
055
056  /**
057   * Constructs the Oracle10DbEncrypt specifying encrypt and decrypt stored procedures.
058   *
059   * @param encryptFunction the encrypt stored procedure
060   * @param decryptFunction the decrypt stored procedure
061   */
062  public OracleDbEncrypt(String encryptFunction, String decryptFunction) {
063
064    this.varcharEncryptFunction = new OraVarcharFunction(encryptFunction, decryptFunction);
065    this.dateEncryptFunction = new OraDateFunction(encryptFunction, decryptFunction);
066  }
067
068  /**
069   * VARCHAR encryption/decryption function.
070   */
071  private static class OraVarcharFunction implements DbEncryptFunction {
072
073    private final String encryptfunction;
074    private final String decryptfunction;
075
076    public OraVarcharFunction(String encryptfunction, String decryptfunction) {
077      this.encryptfunction = encryptfunction;
078      this.decryptfunction = decryptfunction;
079    }
080
081    @Override
082    public String getDecryptSql(String columnWithTableAlias) {
083      return decryptfunction + "(" + columnWithTableAlias + ",?)";
084    }
085
086    @Override
087    public String getEncryptBindSql() {
088      return encryptfunction + "(?,?)";
089    }
090
091  }
092
093  /**
094   * DATE encryption/decryption function.
095   */
096  private static class OraDateFunction implements DbEncryptFunction {
097
098    private final String encryptfunction;
099    private final String decryptfunction;
100
101    public OraDateFunction(String encryptfunction, String decryptfunction) {
102      this.encryptfunction = encryptfunction;
103      this.decryptfunction = decryptfunction;
104    }
105
106    @Override
107    public String getDecryptSql(String columnWithTableAlias) {
108      return "to_date(" + decryptfunction + "(" + columnWithTableAlias + ",?),'YYYYMMDD')";
109    }
110
111    @Override
112    public String getEncryptBindSql() {
113      return encryptfunction + "(to_char(?,'YYYYMMDD'),?)";
114    }
115
116  }
117}