Retro Eye care Haitian Deep Dark Default

Encryption

Background

The YAML configuration approach to data encryption is highly readable, with the YAML format enabling a quick understanding of dependencies between encryption rules. Based on the YAML configuration, ShardingSphere automatically completes the creation of ShardingSphereDataSource objects, reducing unnecessary coding efforts for users.

Parameters

rules:
- !ENCRYPT
  tables:
    <table_name> (+): # Encrypt table name
      columns:
        <column_name> (+): # Encrypt logic column name
          cipherColumn: # Cipher column name
          encryptorName: # Cipher encrypt algorithm name
          assistedQueryColumn (?):  # Assisted query column name
          assistedQueryEncryptorName:  # Assisted query encrypt algorithm name
          likeQueryColumn (?):  # Like query column name
          likeQueryEncryptorName:  # Like query encrypt algorithm name
    
  # Encrypt algorithm configuration
  encryptors:
    <encrypt_algorithm_name> (+): # Encrypt algorithm name
      type: # Encrypt algorithm type
      props: # Encrypt algorithm properties
        # ...

Please refer to Built-in Encrypt Algorithm List for more details about type of algorithm.

Procedure

  1. Configure data encryption rules in the YAML file, including data sources, encryption rules, global attributes, and other configuration items.
  2. Using the createDataSource of calling the YamlShardingSphereDataSourceFactory object to create ShardingSphereDataSource based on the configuration information in the YAML file.

Sample

The data encryption YAML configurations are as follows:

dataSources:
  unique_ds:
    dataSourceClassName: com.zaxxer.hikari.HikariDataSource
    driverClassName: com.mysql.jdbc.Driver
    jdbcUrl: jdbc:mysql://localhost:3306/demo_ds?serverTimezone=UTC&useSSL=false&useUnicode=true&characterEncoding=UTF-8
    username: root
    password:

rules:
- !ENCRYPT
  tables:
    t_user:
      columns:
        username:
          cipherColumn: username
          encryptorName: name_encryptor
          assistedQueryColumn: assisted_query_username
          assistedQueryEncryptorName: assisted_encryptor
          likeQueryColumn: like_query_username
          likeQueryEncryptorName: like_encryptor
        pwd:
          cipherColumn: pwd
          encryptorName: pwd_encryptor
          assistedQueryColumn: assisted_query_pwd
          assistedQueryEncryptorName: assisted_encryptor
  encryptors:
    name_encryptor:
      type: AES
      props:
        aes-key-value: 123456abc
    assisted_encryptor:
      type: AES
      props:
        aes-key-value: 123456abc
    like_encryptor:
      type: CHAR_DIGEST_LIKE
    pwd_encryptor:
      type: MD5

Read the YAML configuration to create a data source according to the createDataSource method of YamlShardingSphereDataSourceFactory.

YamlShardingSphereDataSourceFactory.createDataSource(getFile());