Application code development plan
1 Scenario requirements
After the ISV roughly confirms its access plan and encryption plan, enter development stage. You need to download the latest TOP SDK first. The following is an introduction to code development, divided into three parts: first, the API in the SDK is introduced, the second part is the specifications for code development, and finally some code demos in various scenarios are listed.
Please note that for the sake of performance and stability, please be sure to abide by the code specifications!
2 Introduction to the plan
# #2.1 APIIntroduction
| ##Function | Parameters | |
| Initialization | ##securityClient.encrypt | |
Automatically encrypt data with the latest version of the key | Data can be transferred in batches and returned in batches | securityClient .encryptPrevious |
Automatically encrypt data with the previous version key (may be used during key change migration) | Can be transferred in batches Enter data and return in batches | securityClient.decrypt |
Automatically determine the ciphertext version and decrypt it with the corresponding version key Data | can be imported in batches and returned in batches | securityClient.isEncrypt |
|
| securityClient.search |
Generate Fuzzy query for a given string |
| Initialization: ## SecurityClient SecurityClient = new SecurityClient(new DefaultTaobaoClient(serverUrl, appkey, appSecret), randomNumber) Note 1: The serverUrl used by defaultTaobaoClient must be https protocol
Encryption: securityClient.encrypt(“13888883333”, type, sessionKey)
Ciphertext judgment: SecurityClient.isEncrypt(“13888883333”, type)
Previous version key encryption: ##securityClient.encryptPrevious(“13888883333”, type, sessionKey)
Decryption: ##securityClient.decrypt(“~CKoqAl2hWzh54uBFv9Suug==~1~”, type, sessionKey)
Fuzzy search clause: String searchIndex = securityClient. search(“3333”, type, sessionKey) SELECT * FROM table_orders WHERE phone LIKE #searchIndex#% ##( This example is a mobile phone number. For other examples, please refer to the scene details below) 2.2 Encryption calling specification: 1) All use the session key of the main account. The sub-account may not have permissions2) Pre-judge the session key before calling 3) Authorization returns sessionkey with expiration time 4) Determine whether the expiration time of the session key has exceeded 90 days. If the expiration date exceeds 90 days, there is no need to call encryption or decryption (it will never succeed before re-authorization, which is a waste of resources). Assume that there is an error on the client side. Judgment, the actual call to encryption and decryption may throw an exception. The following solution can be used: try { // Encryption and decryption operations ##} catch (SecretException e) { if(ErrorUtil.isInvalidSession(e)) { // Mark the sessionkey as invalid before re-authorization Do not call } } 2.3Code scenario example:1) Initialization: SecurityClient securityClient = new SecurityClient (new DefaultTaobaoClient(serverUrl, appkey, appSecret), Random Number); defaultTaobaoClient serverUrl must be https protocol, currently it is https: //eco.taobao.com/router/rest (Sandbox environment: https://gw.api.tbsandbox.com/router/rest)
2) Encryption and decryption: receiver_mobile The encryption field type (type) is phone. Other encrypted field types (type) are based on the field query method: the field type (type) of the ordinary encryption method is simple, the field type (type) of the fuzzy query is search. Encryption and decryption Input parameters must bring sessionkey
Output result: Plain text of mobile phone number: 13834566786 -> Encrypted text: $138$SuR h6AtlSj8Z59W2W9EQ==$103$ ## Encrypted text of mobile phone number: $138$SuR h6AtlSj8Z59W2W9EQ==$103$ ->Clear text: 13834566786 ============================TOP====== ================= ## nick plain text: taobaoTEST -> cipher text: ~CKoqAl2hWzh54uBFv9Suug==~103~nick cipher text: ~CKoqAl2hWzh54uBFv9Suug==~103~ -> plain text: taobaoTEST ##3) Batch encryption and decryption
:##Mobile phone number Plain text: 15923847823 -> Encrypted text: $159$AtyBFui4xvl92WV7GKwfBw ==$103$ Mobile phone number plain text: 13834566786 ->Private text: $138$SuR h6AtlSj8Z59W2W9EQ==$103$ Mobile phone number secret text Text: $138$SuR h6AtlSj8Z59W2W9EQ==$103$ -> Plain text: 13834566786 ## Mobile phone number cipher text: $159$AtyBFui4xvl92WV7GKwfBw==$103$ -> Plain text: 15923847823===========================TOP================== ========= nick Plain text: taobaoTEST2 -> Cipher text: ~nID/f9qCBqgm7MXZSXBpfA==~103~ nick Plain text: taobaoTEST1 -> Cipher text: ~kgRCprD8gH2KuZ3dPoVuqg==~103~ nick Cipher text: ~nID/f9qCBqgm7MXZSXBpfA==~103~ -> Plain text: taobaoTEST2 nick Cipher text: ~kgRCprD8gH2KuZ3dPoVuqg==~103~ ->Plain text: taobaoTEST1
4) Normal encryption scenario: Scenario 1: does not appear in the where clause in the SQL statement. Directly get the data to decrypt and display or print: String cipher = ReadFromDataBase(); // SELECT cipher FROM table... ##String phone = securityClient.decrypt(cipher, “phone”, sessionKey); Scenario 2: Need to encrypt The fields are put into the where clause (key = “value”) as SQL search conditions: String cipher = securityClient.encrypt(p, “phone”, sessionKey); # SELECT * From Table where Phone = #cipher In the process of switching to the cipher text, there may be a mixed existence of confistent texts and ciphertexts. temporary state. This requires preparation for compatibility: SELECT * FROM table WHERE phone in (#cipher#, #p#) ##5) Support fuzzy query encryption scenarios (non-mobile phone number fields): Scenario 1: Non-mobile phone number field fuzzy query sample code: String partial = "cdefg"; Scenario 2:phone fuzzy query top 3 Sample code: (prefix index will be used) //Fragments that require fuzzy query String partial = "138"; ## // Go to the database to do fuzzy query ## Scenario 3: phone fuzzy query The last 4 digits of sample code: //Fragments that require fuzzy query //Get the fuzzy query ciphertext |
##Output result
