strongduanmu opened a new issue, #25383:
URL: https://github.com/apache/shardingsphere/issues/25383
Hi community,
Currently, ShardingSphere encrypt rule contains many configuration items,
the complete configuration items are as follows.
```yaml
rules:
- !ENCRYPT
tables:
<table_name> (+): # Encrypt table name
columns:
<column_name> (+): # Encrypt logic column name
plainColumn (?): # Plain column name
cipherColumn: # Cipher column name
encryptorName: # Cipher encrypt algorithm name
assistedQueryColumn (?): # Assisted query column name
assistedQueryEncryptorName: # Assisted query encrypt algorithm
name
likeQueryColumn (?): # Like query column name
likeQueryEncryptorName: # Like query encrypt algorithm name
queryWithCipherColumn(?): # The current table whether query with
cipher column for data encrypt.
# Encrypt algorithm configuration
encryptors:
<encrypt_algorithm_name> (+): # Encrypt algorithm name
type: # Encrypt algorithm type
props: # Encrypt algorithm properties
# ...
queryWithCipherColumn: # Whether query with cipher column for data
encrypt. User you can use plaintext to query if have
```
Some of configuration items are necessary for encrypt feature, such as:
cipherColumn, encryptorName, assistedQueryColumn, assistedQueryEncryptorName,
likeQueryColumn and likeQueryEncryptorName. These configuration items allow
users to configure encrypt columns and encryption algorithms.
Some other configuration items, such as plainColumn and different levels of
queryWithCipherColumn, have nothing to do with the encryption core function,
but only to meet the switching of business traffic. Maintaining plainColumn and
different levels of queryWithCipherColumn has brought great challenges to
ShardingSphere, resulting in too complicated SQL rewriting logic. Currently,
encrypted SQL rewriting logic is already very complicated.
In order to improve the maintainability of the encryption function, it is
time to simplify the encryption configuration and delete plainColumn and
queryWithCipherColumn. The work of switching business traffic is handed over to
users themselves, while ShardingSphere focuses on increasing the core
capabilities of encryption.
Everyone is welcome to participate in the discussion and express their
views. Thank you.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
[email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
