tianshuainan opened a new issue, #24307:
URL: https://github.com/apache/shardingsphere/issues/24307
As an avid shadingsphere user, I was using sharding-jdbc-spring-boot-starter
4.1.1, and now I want to update to 5.3.1. There are significant differences
between the two versions, and no detailed documentation of the implementation
steps has been found.
In my own experience, I wrote all the configurations as per the steps, but
did not execute it successfully because the database was not found. Please help
to see where the configuration is wrong or lack something. Thanks a lot.
1. Subclass implements StandardEncryptAlgorithm
```
public class SdEncryptor implements StandardEncryptAlgorithm<Object, String>
{
private SdkEncryptService getSdkEncryptService() {
return SpringContextUtils.getBean(SdkEncryptService.class);
}
@Override
public String encrypt(Object o, EncryptContext encryptContext) {
String encryptData;
try {
encryptData =
getSdkEncryptService().encryptData(String.valueOf(o));
} catch (IOException e) {
log.warn("SDK encrypt field {} failed: db {}, schema {}, table
{}, column {}",
o,
encryptContext.getDatabaseName(),
encryptContext.getSchemaName(),
encryptContext.getTableName(),
encryptContext.getColumnName());
throw new HulkException("SDK encrypt failed", e);
}
return encryptData;
}
@Override
public Object decrypt(String o, EncryptContext encryptContext) {
if (o == null) {
return null;
}
String ret;
try {
ret = getSdkEncryptService().decryptData(o);
} catch (IOException e) {
log.warn("SDK decrypt cipher field {} failed: db {}, schema {},
table {}, column {}",
o,
encryptContext.getDatabaseName(),
encryptContext.getSchemaName(),
encryptContext.getTableName(),
encryptContext.getColumnName());
throw new HulkException("SDK decrypt failed", e);
}
return ret;
}
```
2. Create a configuration file according to the SPI extension
File content is the fully qualified class name of the subclass:
3. Enable customed encryption for the configuration file
```
dataSources:
db:
dataSourceClassName: com.zaxxer.hikari.HikariDataSource
driverClassName: com.mysql.cj.jdbc.Driver
jdbcUrl: jdbc:mysql://....
username: admin
password: password
rules:
tables:
dsr_request:
columns:
requester_name:
plainColumn: requester_name
cipherColumn: requester_name_cipher
encryptorName: aes_encryptor
requester_phone:
plainColumn: requester_phone
cipherColumn: requester_phone_cipher
encryptorName: aes_encryptor
related_vehicle:
plainColumn: related_vehicle
cipherColumn: related_vehicle_cipher
encryptorName: aes_encryptor
requester_email:
plainColumn: requester_email
cipherColumn: requester_email_cipher
encryptorName: aes_encryptor
assistedQueryColumn: email_token_assisted
assistedQueryEncryptorName: assisted_encryptor
dsr_task:
columns:
requester_name:
plainColumn: requester_name
cipherColumn: requester_name_cipher
encryptorName: aes_encryptor
requester_phone:
plainColumn: requester_phone
cipherColumn: requester_phone_cipher
encryptorName: aes_encryptor
related_vehicle:
plainColumn: related_vehicle
cipherColumn: related_vehicle_cipher
encryptorName: aes_encryptor
vid:
plainColumn: vid
cipherColumn: vid_cipher
encryptorName: aes_encryptor
requester_email:
plainColumn: requester_email
cipherColumn: requester_email_cipher
encryptorName: aes_encryptor
assistedQueryColumn: email_token_assisted
assistedQueryEncryptorName: assisted_encryptor
dsr_email_verification:
columns:
requester_name:
plainColumn: email_token
cipherColumn: email_token_cipher
encryptorName: aes_encryptor
assistedQueryColumn: email_token_assisted
assistedQueryEncryptorName: assisted_encryptor
encryptors:
aes_encryptor:
type: SdEncryptor
assisted_encryptor:
type: SdQueryAssistedEncryptor
queryWithCipherColumn: true
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
[email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
