001package io.ebean.config.dbplatform.oracle; 002 003import io.ebean.config.dbplatform.AbstractDbEncrypt; 004import io.ebean.config.dbplatform.DbEncryptFunction; 005 006/** 007 * Oracle encryption support. 008 * 009 * <p> 010 * You will typically need to create your own encryption and decryption 011 * functions similar to the example ones below. 012 * </p> 013 * 014 * <pre class="code"> 015 * 016 * // Remember your DB user needs execute privilege on DBMS_CRYPTO 017 * // as well as your encryption and decryption functions 018 * 019 * 020 * // This is an Example Encryption function only - please create your own. 021 * 022 * CREATE OR REPLACE FUNCTION eb_encrypt(data IN VARCHAR, key in VARCHAR) RETURN RAW IS 023 * 024 * encryption_mode NUMBER := DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_CBC + DBMS_CRYPTO.PAD_PKCS5; 025 * 026 * BEGIN 027 * RETURN DBMS_CRYPTO.ENCRYPT(UTL_I18N.STRING_TO_RAW (data, 'AL32UTF8'), 028 * encryption_mode, UTL_I18N.STRING_TO_RAW(key, 'AL32UTF8') ); 029 * END; 030 * / 031 * 032 * 033 * 034 * // This is an Example Decryption function only - please create your own. 035 * 036 * CREATE OR REPLACE FUNCTION eb_decrypt(data IN RAW, key IN VARCHAR) RETURN VARCHAR IS 037 * 038 * encryption_mode NUMBER := DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_CBC + DBMS_CRYPTO.PAD_PKCS5; 039 * 040 * BEGIN 041 * RETURN UTL_RAW.CAST_TO_VARCHAR2(DBMS_CRYPTO.DECRYPT 042 * (data, encryption_mode, UTL_I18N.STRING_TO_RAW(key, 'AL32UTF8'))); 043 * END; 044 * / 045 * </pre> 046 */ 047public class OracleDbEncrypt extends AbstractDbEncrypt { 048 049 /** 050 * Constructs the Oracle10DbEncrypt with default encrypt and decrypt stored procedures. 051 */ 052 public OracleDbEncrypt() { 053 this("eb_encrypt", "eb_decrypt"); 054 } 055 056 /** 057 * Constructs the Oracle10DbEncrypt specifying encrypt and decrypt stored procedures. 058 * 059 * @param encryptFunction the encrypt stored procedure 060 * @param decryptFunction the decrypt stored procedure 061 */ 062 public OracleDbEncrypt(String encryptFunction, String decryptFunction) { 063 this.varcharEncryptFunction = new OraVarcharFunction(encryptFunction, decryptFunction); 064 this.dateEncryptFunction = new OraDateFunction(encryptFunction, decryptFunction); 065 } 066 067 /** 068 * VARCHAR encryption/decryption function. 069 */ 070 private static class OraVarcharFunction implements DbEncryptFunction { 071 072 private final String encryptfunction; 073 private final String decryptfunction; 074 075 public OraVarcharFunction(String encryptfunction, String decryptfunction) { 076 this.encryptfunction = encryptfunction; 077 this.decryptfunction = decryptfunction; 078 } 079 080 @Override 081 public String getDecryptSql(String columnWithTableAlias) { 082 return decryptfunction + "(" + columnWithTableAlias + ",?)"; 083 } 084 085 @Override 086 public String getEncryptBindSql() { 087 return encryptfunction + "(?,?)"; 088 } 089 090 } 091 092 /** 093 * DATE encryption/decryption function. 094 */ 095 private static class OraDateFunction implements DbEncryptFunction { 096 097 private final String encryptfunction; 098 private final String decryptfunction; 099 100 public OraDateFunction(String encryptfunction, String decryptfunction) { 101 this.encryptfunction = encryptfunction; 102 this.decryptfunction = decryptfunction; 103 } 104 105 @Override 106 public String getDecryptSql(String columnWithTableAlias) { 107 return "to_date(" + decryptfunction + "(" + columnWithTableAlias + ",?),'YYYYMMDD')"; 108 } 109 110 @Override 111 public String getEncryptBindSql() { 112 return encryptfunction + "(to_char(?,'YYYYMMDD'),?)"; 113 } 114 115 } 116}