3

I'm working on a project where some database table fields need to be encrypted. The way this will be done is using Microsoft SQL Server built-in encryption/decryption function:

ENCRYPTBYPASSPHRASE('PASSPHRASE',‘text’)

DECRYPTBYPASSPHRASE ('12',password)

So to insert data the SQL will be like this:

insert into login_details(uid,username,password) values(1,'smith',EncryptByPassPhrase('12',’XXX’))

And to read data the SQL will be this way:

select uid,username, DECRYPTBYPASSPHRASE ('12',password) as Password from login_details

So my question is how I can I make use of this in Hibernate using my existing OR mappings? I'm using JPA Annotations. Is there an easy way to do this with JPA annotations?

Improve this question

3 Answers 3

Reset to default
10

Sounds like you are looking for org.hibernate.annotations.ColumnTransformer

@Column( name = "pswd" )
@ColumnTransformer( write="EncryptByPassPhrase('12',?)", read="DECRYPTBYPASSPHRASE ('12',pswd)" )
public String getPassword() {
    return password;
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

6

Reviving an old thread, but I was having a similar requirement and found that Jasypt has some very nice support for this.

Once Jasypt configured, it's as easy as adding a "@Type(type="encryptedString")" annotation:

@Column(name = "password")
@Type(type="encryptedString")
public String getPassword() {
    return password;
}
Improve this answer

Comments

4

I don't see how you might do that. But from what I've read, ENCRYPTBYPASSPHRASE uses triple-DES. So you might encrypt the data yourself and persist it as is with Hibernate. Here's how it would look like to make it transparent (except for queries, obviously)

@Entity
public class LoginDetails {
    @Column(name = "password")
    private byte[] encryptedPassword;

    @Transient
    private String password;

    public String getPassword() {
        if (password == null) {
            password = CryptoUtils.decrypt(encryptedPassword);
        }
        return password;
    }

    public void setPassword(String password) {
        this.encryptedPassword = CryptoUtils.encrypt(password);
        this.password = password;
    }
}

where CryptoUtils would be responsible for storing the secret key and encrypting/decrypting using triple-DES (which is natively supported in the JDK : see http://download.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#Cipher)

Just make sure to test it and make sure that your decryption is able to decrypt what SQL-Server has encrypted, and vice-versa.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.