001package io.ebean.config.dbplatform.oracle; 002 003import io.ebean.config.dbplatform.AbstractDbEncrypt; 004import io.ebean.config.dbplatform.DbEncryptFunction; 005 006/** 007 * Oracle encryption support. 008 * 009 * <p> 010 * You will typically need to create your own encryption and decryption 011 * functions similar to the example ones below. 012 * </p> 013 * 014 * <pre class="code"> 015 * 016 * // Remember your DB user needs execute privilege on DBMS_CRYPTO 017 * // as well as your encryption and decryption functions 018 * 019 * 020 * // This is an Example Encryption function only - please create your own. 021 * 022 * CREATE OR REPLACE FUNCTION eb_encrypt(data IN VARCHAR, key in VARCHAR) RETURN RAW IS 023 * 024 * encryption_mode NUMBER := DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_CBC + DBMS_CRYPTO.PAD_PKCS5; 025 * 026 * BEGIN 027 * RETURN DBMS_CRYPTO.ENCRYPT(UTL_I18N.STRING_TO_RAW (data, 'AL32UTF8'), 028 * encryption_mode, UTL_I18N.STRING_TO_RAW(key, 'AL32UTF8') ); 029 * END; 030 * / 031 * 032 * 033 * 034 * // This is an Example Decryption function only - please create your own. 035 * 036 * CREATE OR REPLACE FUNCTION eb_decrypt(data IN RAW, key IN VARCHAR) RETURN VARCHAR IS 037 * 038 * encryption_mode NUMBER := DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_CBC + DBMS_CRYPTO.PAD_PKCS5; 039 * 040 * BEGIN 041 * RETURN UTL_RAW.CAST_TO_VARCHAR2(DBMS_CRYPTO.DECRYPT 042 * (data, encryption_mode, UTL_I18N.STRING_TO_RAW(key, 'AL32UTF8'))); 043 * END; 044 * / 045 * </pre> 046 */ 047public class OracleDbEncrypt extends AbstractDbEncrypt { 048 049 /** 050 * Constructs the Oracle10DbEncrypt with default encrypt and decrypt stored procedures. 051 */ 052 public OracleDbEncrypt() { 053 this("eb_encrypt", "eb_decrypt"); 054 } 055 056 /** 057 * Constructs the Oracle10DbEncrypt specifying encrypt and decrypt stored procedures. 058 * 059 * @param encryptFunction the encrypt stored procedure 060 * @param decryptFunction the decrypt stored procedure 061 */ 062 public OracleDbEncrypt(String encryptFunction, String decryptFunction) { 063 064 this.varcharEncryptFunction = new OraVarcharFunction(encryptFunction, decryptFunction); 065 this.dateEncryptFunction = new OraDateFunction(encryptFunction, decryptFunction); 066 } 067 068 /** 069 * VARCHAR encryption/decryption function. 070 */ 071 private static class OraVarcharFunction implements DbEncryptFunction { 072 073 private final String encryptfunction; 074 private final String decryptfunction; 075 076 public OraVarcharFunction(String encryptfunction, String decryptfunction) { 077 this.encryptfunction = encryptfunction; 078 this.decryptfunction = decryptfunction; 079 } 080 081 @Override 082 public String getDecryptSql(String columnWithTableAlias) { 083 return decryptfunction + "(" + columnWithTableAlias + ",?)"; 084 } 085 086 @Override 087 public String getEncryptBindSql() { 088 return encryptfunction + "(?,?)"; 089 } 090 091 } 092 093 /** 094 * DATE encryption/decryption function. 095 */ 096 private static class OraDateFunction implements DbEncryptFunction { 097 098 private final String encryptfunction; 099 private final String decryptfunction; 100 101 public OraDateFunction(String encryptfunction, String decryptfunction) { 102 this.encryptfunction = encryptfunction; 103 this.decryptfunction = decryptfunction; 104 } 105 106 @Override 107 public String getDecryptSql(String columnWithTableAlias) { 108 return "to_date(" + decryptfunction + "(" + columnWithTableAlias + ",?),'YYYYMMDD')"; 109 } 110 111 @Override 112 public String getEncryptBindSql() { 113 return encryptfunction + "(to_char(?,'YYYYMMDD'),?)"; 114 } 115 116 } 117}