This is an automated email from the ASF dual-hosted git repository.
zhaojinchao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 740d47190d0 Add new cryptographic module and add aes cryptographic
algorithm (#32533)
740d47190d0 is described below
commit 740d47190d00ae65580dc3cf921ad56e2f395895
Author: Zhengqiang Duan <[email protected]>
AuthorDate: Thu Aug 15 18:54:26 2024 +0800
Add new cryptographic module and add aes cryptographic algorithm (#32533)
* Add new cryptographic module and add aes cryptographic algorithm
* remove useless blank line
---
.../type/{ => cryptographic/core}/pom.xml | 17 ++--
.../cryptographic/core/CryptographicAlgorithm.java | 42 ++++++++++
infra/algorithm/type/{ => cryptographic}/pom.xml | 9 +--
.../type/{ => cryptographic/type/aes}/pom.xml | 29 +++++--
.../aes/AESCryptographicAlgorithm.java | 88 ++++++++++++++++++++
...rithm.cryptographic.core.CryptographicAlgorithm | 18 +++++
.../aes/AESCryptographicAlgorithmTest.java | 93 ++++++++++++++++++++++
.../type/{ => cryptographic/type}/pom.xml | 8 +-
infra/algorithm/type/pom.xml | 1 +
9 files changed, 279 insertions(+), 26 deletions(-)
diff --git a/infra/algorithm/type/pom.xml
b/infra/algorithm/type/cryptographic/core/pom.xml
similarity index 75%
copy from infra/algorithm/type/pom.xml
copy to infra/algorithm/type/cryptographic/core/pom.xml
index 1ac81ea601d..e99491f349a 100644
--- a/infra/algorithm/type/pom.xml
+++ b/infra/algorithm/type/cryptographic/core/pom.xml
@@ -20,16 +20,17 @@
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.shardingsphere</groupId>
- <artifactId>shardingsphere-infra-algorithm</artifactId>
+ <artifactId>shardingsphere-infra-algorithm-cryptographic</artifactId>
<version>5.5.1-SNAPSHOT</version>
</parent>
- <artifactId>shardingsphere-infra-algorithm-type</artifactId>
- <packaging>pom</packaging>
+ <artifactId>shardingsphere-infra-algorithm-cryptographic-core</artifactId>
<name>${project.artifactId}</name>
- <modules>
- <module>key-generator</module>
- <module>load-balancer</module>
- <module>message-digest</module>
- </modules>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.shardingsphere</groupId>
+ <artifactId>shardingsphere-infra-algorithm-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
</project>
diff --git
a/infra/algorithm/type/cryptographic/core/src/main/java/org/apache/shardingsphere/infra/algorithm/cryptographic/core/CryptographicAlgorithm.java
b/infra/algorithm/type/cryptographic/core/src/main/java/org/apache/shardingsphere/infra/algorithm/cryptographic/core/CryptographicAlgorithm.java
new file mode 100644
index 00000000000..b2031f5552e
--- /dev/null
+++
b/infra/algorithm/type/cryptographic/core/src/main/java/org/apache/shardingsphere/infra/algorithm/cryptographic/core/CryptographicAlgorithm.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shardingsphere.infra.algorithm.cryptographic.core;
+
+import org.apache.shardingsphere.infra.algorithm.core.ShardingSphereAlgorithm;
+
+/**
+ * Cryptographic algorithm.
+ */
+public interface CryptographicAlgorithm extends ShardingSphereAlgorithm {
+
+ /**
+ * Encrypt.
+ *
+ * @param plainValue plain value
+ * @return cipher value
+ */
+ Object encrypt(Object plainValue);
+
+ /**
+ * Decrypt.
+ *
+ * @param cipherValue cipher value
+ * @return plain value
+ */
+ Object decrypt(Object cipherValue);
+}
diff --git a/infra/algorithm/type/pom.xml
b/infra/algorithm/type/cryptographic/pom.xml
similarity index 84%
copy from infra/algorithm/type/pom.xml
copy to infra/algorithm/type/cryptographic/pom.xml
index 1ac81ea601d..a68ce23cdab 100644
--- a/infra/algorithm/type/pom.xml
+++ b/infra/algorithm/type/cryptographic/pom.xml
@@ -20,16 +20,15 @@
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.shardingsphere</groupId>
- <artifactId>shardingsphere-infra-algorithm</artifactId>
+ <artifactId>shardingsphere-infra-algorithm-type</artifactId>
<version>5.5.1-SNAPSHOT</version>
</parent>
- <artifactId>shardingsphere-infra-algorithm-type</artifactId>
+ <artifactId>shardingsphere-infra-algorithm-cryptographic</artifactId>
<packaging>pom</packaging>
<name>${project.artifactId}</name>
<modules>
- <module>key-generator</module>
- <module>load-balancer</module>
- <module>message-digest</module>
+ <module>core</module>
+ <module>type</module>
</modules>
</project>
diff --git a/infra/algorithm/type/pom.xml
b/infra/algorithm/type/cryptographic/type/aes/pom.xml
similarity index 60%
copy from infra/algorithm/type/pom.xml
copy to infra/algorithm/type/cryptographic/type/aes/pom.xml
index 1ac81ea601d..e6da4ae403a 100644
--- a/infra/algorithm/type/pom.xml
+++ b/infra/algorithm/type/cryptographic/type/aes/pom.xml
@@ -20,16 +20,29 @@
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.shardingsphere</groupId>
- <artifactId>shardingsphere-infra-algorithm</artifactId>
+
<artifactId>shardingsphere-infra-algorithm-cryptographic-type</artifactId>
<version>5.5.1-SNAPSHOT</version>
</parent>
- <artifactId>shardingsphere-infra-algorithm-type</artifactId>
- <packaging>pom</packaging>
+
+ <artifactId>shardingsphere-infra-algorithm-cryptographic-aes</artifactId>
<name>${project.artifactId}</name>
- <modules>
- <module>key-generator</module>
- <module>load-balancer</module>
- <module>message-digest</module>
- </modules>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.shardingsphere</groupId>
+
<artifactId>shardingsphere-infra-algorithm-cryptographic-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.shardingsphere</groupId>
+ <artifactId>shardingsphere-test-util</artifactId>
+ <version>${project.version}</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
</project>
diff --git
a/infra/algorithm/type/cryptographic/type/aes/src/main/java/org/apache/shardingsphere/infra/algorithm/cryptographic/aes/AESCryptographicAlgorithm.java
b/infra/algorithm/type/cryptographic/type/aes/src/main/java/org/apache/shardingsphere/infra/algorithm/cryptographic/aes/AESCryptographicAlgorithm.java
new file mode 100644
index 00000000000..83b9b58da35
--- /dev/null
+++
b/infra/algorithm/type/cryptographic/type/aes/src/main/java/org/apache/shardingsphere/infra/algorithm/cryptographic/aes/AESCryptographicAlgorithm.java
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shardingsphere.infra.algorithm.cryptographic.aes;
+
+import lombok.SneakyThrows;
+import org.apache.commons.codec.digest.DigestUtils;
+import
org.apache.shardingsphere.infra.algorithm.core.exception.AlgorithmInitializationException;
+import
org.apache.shardingsphere.infra.algorithm.cryptographic.core.CryptographicAlgorithm;
+import
org.apache.shardingsphere.infra.exception.core.ShardingSpherePreconditions;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.Properties;
+
+/**
+ * AES cryptographic algorithm.
+ */
+public final class AESCryptographicAlgorithm implements CryptographicAlgorithm
{
+
+ private static final String AES_KEY = "aes-key-value";
+
+ private static final String DIGEST_ALGORITHM_NAME =
"digest-algorithm-name";
+
+ private byte[] secretKey;
+
+ @Override
+ public void init(final Properties props) {
+ secretKey = getSecretKey(props);
+ }
+
+ private byte[] getSecretKey(final Properties props) {
+ String aesKey = props.getProperty(AES_KEY);
+ ShardingSpherePreconditions.checkNotEmpty(aesKey, () -> new
AlgorithmInitializationException(this, "%s can not be null or empty", AES_KEY));
+ String digestAlgorithm = props.getProperty(DIGEST_ALGORITHM_NAME);
+ ShardingSpherePreconditions.checkNotEmpty(digestAlgorithm, () -> new
AlgorithmInitializationException(this, "%s can not be null or empty",
DIGEST_ALGORITHM_NAME));
+ return
Arrays.copyOf(DigestUtils.getDigest(digestAlgorithm.toUpperCase()).digest(aesKey.getBytes(StandardCharsets.UTF_8)),
16);
+ }
+
+ @SneakyThrows(GeneralSecurityException.class)
+ @Override
+ public String encrypt(final Object plainValue) {
+ if (null == plainValue) {
+ return null;
+ }
+ byte[] result =
getCipher(Cipher.ENCRYPT_MODE).doFinal(String.valueOf(plainValue).getBytes(StandardCharsets.UTF_8));
+ return Base64.getEncoder().encodeToString(result);
+ }
+
+ @SneakyThrows(GeneralSecurityException.class)
+ @Override
+ public Object decrypt(final Object cipherValue) {
+ if (null == cipherValue) {
+ return null;
+ }
+ byte[] result =
getCipher(Cipher.DECRYPT_MODE).doFinal(Base64.getDecoder().decode(cipherValue.toString().trim()));
+ return new String(result, StandardCharsets.UTF_8);
+ }
+
+ private Cipher getCipher(final int decryptMode) throws
GeneralSecurityException {
+ Cipher result = Cipher.getInstance(getType());
+ result.init(decryptMode, new SecretKeySpec(secretKey, getType()));
+ return result;
+ }
+
+ @Override
+ public String getType() {
+ return "AES";
+ }
+}
diff --git
a/infra/algorithm/type/cryptographic/type/aes/src/main/resources/META-INF/services/org.apache.shardingsphere.infra.algorithm.cryptographic.core.CryptographicAlgorithm
b/infra/algorithm/type/cryptographic/type/aes/src/main/resources/META-INF/services/org.apache.shardingsphere.infra.algorithm.cryptographic.core.CryptographicAlgorithm
new file mode 100644
index 00000000000..3cfceba4d05
--- /dev/null
+++
b/infra/algorithm/type/cryptographic/type/aes/src/main/resources/META-INF/services/org.apache.shardingsphere.infra.algorithm.cryptographic.core.CryptographicAlgorithm
@@ -0,0 +1,18 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+org.apache.shardingsphere.infra.algorithm.cryptographic.aes.AESCryptographicAlgorithm
diff --git
a/infra/algorithm/type/cryptographic/type/aes/src/test/java/org/apache/shardingsphere/infra/algorithm/cryptographic/aes/AESCryptographicAlgorithmTest.java
b/infra/algorithm/type/cryptographic/type/aes/src/test/java/org/apache/shardingsphere/infra/algorithm/cryptographic/aes/AESCryptographicAlgorithmTest.java
new file mode 100644
index 00000000000..3cf523cd3bf
--- /dev/null
+++
b/infra/algorithm/type/cryptographic/type/aes/src/test/java/org/apache/shardingsphere/infra/algorithm/cryptographic/aes/AESCryptographicAlgorithmTest.java
@@ -0,0 +1,93 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shardingsphere.infra.algorithm.cryptographic.aes;
+
+import org.apache.commons.codec.digest.DigestUtils;
+import
org.apache.shardingsphere.infra.algorithm.core.exception.AlgorithmInitializationException;
+import
org.apache.shardingsphere.infra.algorithm.cryptographic.core.CryptographicAlgorithm;
+import org.apache.shardingsphere.infra.spi.type.typed.TypedSPILoader;
+import org.apache.shardingsphere.test.util.PropertiesBuilder;
+import org.apache.shardingsphere.test.util.PropertiesBuilder.Property;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.Answers;
+import org.mockito.MockedStatic;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.Mockito.mockStatic;
+import static org.mockito.Mockito.times;
+
+class AESCryptographicAlgorithmTest {
+
+ private CryptographicAlgorithm cryptographicAlgorithm;
+
+ @BeforeEach
+ void setUp() {
+ cryptographicAlgorithm =
+ TypedSPILoader.getService(CryptographicAlgorithm.class, "AES",
PropertiesBuilder.build(new Property("aes-key-value", "test"), new
Property("digest-algorithm-name", "SHA-1")));
+ }
+
+ @Test
+ void assertDigestAlgorithm() {
+ MockedStatic<DigestUtils> digestUtilsMockedStatic =
mockStatic(DigestUtils.class, Answers.CALLS_REAL_METHODS);
+ TypedSPILoader.getService(CryptographicAlgorithm.class, "AES",
PropertiesBuilder.build(new Property("aes-key-value", "test"), new
Property("digest-algorithm-name", "SHA-1")));
+ digestUtilsMockedStatic.verify(() -> DigestUtils.getDigest("SHA-1"),
times(1));
+ digestUtilsMockedStatic.close();
+ }
+
+ @Test
+ void assertCreateNewInstanceWithoutAESKey() {
+ assertThrows(AlgorithmInitializationException.class, () ->
TypedSPILoader.getService(CryptographicAlgorithm.class, "AES"));
+ }
+
+ @Test
+ void assertCreateNewInstanceWithEmptyAESKey() {
+ assertThrows(AlgorithmInitializationException.class, () ->
cryptographicAlgorithm.init(PropertiesBuilder.build(new
Property("aes-key-value", ""))));
+ }
+
+ @Test
+ void assertCreateNewInstanceWithEmptyDigestAlgorithm() {
+ assertThrows(AlgorithmInitializationException.class, () ->
cryptographicAlgorithm.init(PropertiesBuilder.build(new
Property("aes-key-value", "123456abc"),
+ new Property("digest-algorithm-name", ""))));
+ }
+
+ @Test
+ void assertEncrypt() {
+ Object actual = cryptographicAlgorithm.encrypt("test");
+ assertThat(actual, is("dSpPiyENQGDUXMKFMJPGWA=="));
+ }
+
+ @Test
+ void assertEncryptNullValue() {
+ assertNull(cryptographicAlgorithm.encrypt(null));
+ }
+
+ @Test
+ void assertDecrypt() {
+ Object actual =
cryptographicAlgorithm.decrypt("dSpPiyENQGDUXMKFMJPGWA==");
+ assertThat(actual.toString(), is("test"));
+ }
+
+ @Test
+ void assertDecryptNullValue() {
+ assertNull(cryptographicAlgorithm.decrypt(null));
+ }
+}
diff --git a/infra/algorithm/type/pom.xml
b/infra/algorithm/type/cryptographic/type/pom.xml
similarity index 84%
copy from infra/algorithm/type/pom.xml
copy to infra/algorithm/type/cryptographic/type/pom.xml
index 1ac81ea601d..0acf63b0131 100644
--- a/infra/algorithm/type/pom.xml
+++ b/infra/algorithm/type/cryptographic/type/pom.xml
@@ -20,16 +20,14 @@
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.shardingsphere</groupId>
- <artifactId>shardingsphere-infra-algorithm</artifactId>
+ <artifactId>shardingsphere-infra-algorithm-cryptographic</artifactId>
<version>5.5.1-SNAPSHOT</version>
</parent>
- <artifactId>shardingsphere-infra-algorithm-type</artifactId>
+ <artifactId>shardingsphere-infra-algorithm-cryptographic-type</artifactId>
<packaging>pom</packaging>
<name>${project.artifactId}</name>
<modules>
- <module>key-generator</module>
- <module>load-balancer</module>
- <module>message-digest</module>
+ <module>aes</module>
</modules>
</project>
diff --git a/infra/algorithm/type/pom.xml b/infra/algorithm/type/pom.xml
index 1ac81ea601d..8839d707bf0 100644
--- a/infra/algorithm/type/pom.xml
+++ b/infra/algorithm/type/pom.xml
@@ -28,6 +28,7 @@
<name>${project.artifactId}</name>
<modules>
+ <module>cryptographic</module>
<module>key-generator</module>
<module>load-balancer</module>
<module>message-digest</module>
