hibernate - Unable to get entity using named query on jasypt encrypted column -
i have employee entity having ssn field encrypted using jasypt. following mock definition:
@typedef(name = "encryptedstring", typeclass = encryptedstringtype.class, parameters = {@parameter(name = "encryptorregisteredname",value = "stronghibernatestringencryptor")}) @entity @table(name="employee") @namedqueries(value = { @namedquery(name = "employee.getemployeebyssn", query = "select employee employee employee employee.ssn=:ssn"), @namedquery(name = "employee.getemployeebyname", query = "select employee employee employee employee.name=:name") }) public class employee { @id @generatedvalue private long id; private string name; @type(type = "encryptedstring") private string ssn; }
this entity contains 2 named queries getting employees, 1 name , other ssn. ssn field encrypted using jasypt. code mock implementation hence have used following basic configuration:
public static void main(string[] args) throws serialexception, sqlexception { //configure jasypt encryptor pooledpbestringencryptor strongencryptor = new pooledpbestringencryptor(); strongencryptor.setalgorithm("pbewithmd5anddes"); strongencryptor.setpassword("jasypt"); strongencryptor.setpoolsize(2); //register hibernate hibernatepbeencryptorregistry registry = hibernatepbeencryptorregistry.getinstance(); registry.registerpbestringencryptor("stronghibernatestringencryptor", strongencryptor); //get entity manager factory entitymanagerfactory emf = persistence.createentitymanagerfactory("helloworld"); //get entity manager entitymanager em = emf.createentitymanager(); entitytransaction tx = em.gettransaction(); tx.begin(); //create employee employee employee = new employee(); employee.setname("vaibhav"); employee.setssn("1234567"); em.persist(employee); tx.commit(); entitytransaction newtx = em.gettransaction(); newtx.begin(); //search employee ssn query queryobject1 = em.createnamedquery("employee.getemployeebyssn"); queryobject1.setparameter("ssn", "1234567"); //no results here list employees1 = queryobject1.getresultlist(); newtx.commit(); em.close(); }
i no result in employees1
list. when run following named query, i'm able see decrypted ssn in employee object.
query queryobject = em.createnamedquery("employee.getemployeebyname"); queryobject.setparameter("name", "vaibhav"); list employees = queryobject.getresultlist(); employee employee1 = (employee)employees.get(0);
i unable understand there bug in code or how hibernate supposed work. in documentation integrating jasypt hibernate 3.x or 4.x, written that:
but encryption sets limitation on hibernate usage: security standards establish 2 different encryption operations on same data should not return same value (due use of random salt). because of this, none of fields set encrypted when persisted can part of clause in search queries entity belong to.
so means 1 cannot perform search operations on encrypted field.
i using random salt generator. after adding 0 salt generator, able solve issue:
strongencryptor.setsaltgenerator(new zerosaltgenerator());
Comments
Post a Comment