You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by pa...@apache.org on 2022/12/29 03:54:01 UTC
[shardingsphere] branch master updated: Add salt for MD5MaskAlgorithm and MD5EncryptAlgorithm and adjust document and proxy config-mask.yaml (#23147)
This is an automated email from the ASF dual-hosted git repository.
panjuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 1f226a9fe1d Add salt for MD5MaskAlgorithm and MD5EncryptAlgorithm and adjust document and proxy config-mask.yaml (#23147)
1f226a9fe1d is described below
commit 1f226a9fe1dc1c42c3f78209f3321fa42b7f3dce
Author: Zhengqiang Duan <du...@apache.org>
AuthorDate: Thu Dec 29 11:53:54 2022 +0800
Add salt for MD5MaskAlgorithm and MD5EncryptAlgorithm and adjust document and proxy config-mask.yaml (#23147)
* Add salt for MD5MaskAlgorithm and MD5EncryptAlgorithm and adjust document and proxy config-mask.yaml
* modify indent
---
.../common-config/builtin-algorithm/encrypt.cn.md | 6 ++-
.../common-config/builtin-algorithm/encrypt.en.md | 6 ++-
.../algorithm/encrypt/MD5EncryptAlgorithm.java | 9 +++-
.../algorithm/encrypt/MD5EncryptAlgorithmTest.java | 12 ++++-
.../mask/algorithm/hash/MD5MaskAlgorithm.java | 9 +++-
.../mask/algorithm/hash/MD5MaskAlgorithmTest.java | 59 ++++++++++++++++++++++
.../src/main/resources/conf/config-mask.yaml | 10 ++--
7 files changed, 99 insertions(+), 12 deletions(-)
diff --git a/docs/document/content/user-manual/common-config/builtin-algorithm/encrypt.cn.md b/docs/document/content/user-manual/common-config/builtin-algorithm/encrypt.cn.md
index 4bfa58340a8..0f5485c0958 100644
--- a/docs/document/content/user-manual/common-config/builtin-algorithm/encrypt.cn.md
+++ b/docs/document/content/user-manual/common-config/builtin-algorithm/encrypt.cn.md
@@ -15,7 +15,11 @@ weight = 5
类型:MD5
-可配置属性:无
+可配置属性:
+
+| *名称* | *数据类型* | *说明* |
+|--------| --------- |-------|
+| salt | String | 盐值(可选)|
#### AES 加密算法
diff --git a/docs/document/content/user-manual/common-config/builtin-algorithm/encrypt.en.md b/docs/document/content/user-manual/common-config/builtin-algorithm/encrypt.en.md
index 99044037493..8f4155ba6b0 100644
--- a/docs/document/content/user-manual/common-config/builtin-algorithm/encrypt.en.md
+++ b/docs/document/content/user-manual/common-config/builtin-algorithm/encrypt.en.md
@@ -15,7 +15,11 @@ Encryption algorithms are by the encryption features of Apache ShardingSphere. A
Type: MD5
-Attributes: None
+Attributes:
+
+| *Name* | *DataType* | *Description* |
+|--------| ---------- |----------------------|
+| salt | String | Salt value(optional) |
#### AES Encrypt Algorithm
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/MD5EncryptAlgorithm.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/MD5EncryptAlgorithm.java
index b42baaea87e..f6f44883975 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/MD5EncryptAlgorithm.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/MD5EncryptAlgorithm.java
@@ -27,19 +27,24 @@ import java.util.Properties;
/**
* MD5 encrypt algorithm.
*/
-@Getter
public final class MD5EncryptAlgorithm implements StandardEncryptAlgorithm<Object, String> {
+ private static final String SALT = "salt";
+
+ private String salt;
+
+ @Getter
private Properties props;
@Override
public void init(final Properties props) {
this.props = props;
+ this.salt = props.getProperty(SALT, "");
}
@Override
public String encrypt(final Object plainValue, final EncryptContext encryptContext) {
- return null == plainValue ? null : DigestUtils.md5Hex(String.valueOf(plainValue));
+ return null == plainValue ? null : DigestUtils.md5Hex(plainValue + salt);
}
@Override
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/MD5EncryptAlgorithmTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/MD5EncryptAlgorithmTest.java
index cfaca8bb85a..e5a52ce1047 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/MD5EncryptAlgorithmTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/MD5EncryptAlgorithmTest.java
@@ -42,7 +42,7 @@ public final class MD5EncryptAlgorithmTest {
}
@Test
- public void assertEncode() {
+ public void assertEncrypt() {
assertThat(encryptAlgorithm.encrypt("test", mock(EncryptContext.class)), is("098f6bcd4621d373cade4e832627b4f6"));
}
@@ -52,7 +52,15 @@ public final class MD5EncryptAlgorithmTest {
}
@Test
- public void assertDecode() {
+ public void assertEncryptWhenConfigSalt() {
+ Properties props = new Properties();
+ props.setProperty("salt", "202cb962ac5907");
+ encryptAlgorithm.init(props);
+ assertThat(encryptAlgorithm.encrypt("test", mock(EncryptContext.class)), is("0c243d2934937738f36514035d95344a"));
+ }
+
+ @Test
+ public void assertDecrypt() {
assertThat(encryptAlgorithm.decrypt("test", mock(EncryptContext.class)).toString(), is("test"));
}
}
diff --git a/features/mask/core/src/main/java/org/apache/shardingsphere/mask/algorithm/hash/MD5MaskAlgorithm.java b/features/mask/core/src/main/java/org/apache/shardingsphere/mask/algorithm/hash/MD5MaskAlgorithm.java
index 52ad6a50f53..25ce03bae65 100644
--- a/features/mask/core/src/main/java/org/apache/shardingsphere/mask/algorithm/hash/MD5MaskAlgorithm.java
+++ b/features/mask/core/src/main/java/org/apache/shardingsphere/mask/algorithm/hash/MD5MaskAlgorithm.java
@@ -26,19 +26,24 @@ import java.util.Properties;
/**
* MD5 mask algorithm.
*/
-@Getter
public final class MD5MaskAlgorithm implements MaskAlgorithm<Object, String> {
+ private static final String SALT = "salt";
+
+ private String salt;
+
+ @Getter
private Properties props;
@Override
public void init(final Properties props) {
this.props = props;
+ this.salt = props.getProperty(SALT, "");
}
@Override
public String mask(final Object plainValue) {
- return null == plainValue ? null : DigestUtils.md5Hex(String.valueOf(plainValue));
+ return null == plainValue ? null : DigestUtils.md5Hex(plainValue + salt);
}
@Override
diff --git a/features/mask/core/src/test/java/org/apache/shardingsphere/mask/algorithm/hash/MD5MaskAlgorithmTest.java b/features/mask/core/src/test/java/org/apache/shardingsphere/mask/algorithm/hash/MD5MaskAlgorithmTest.java
new file mode 100644
index 00000000000..5cd612404d4
--- /dev/null
+++ b/features/mask/core/src/test/java/org/apache/shardingsphere/mask/algorithm/hash/MD5MaskAlgorithmTest.java
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shardingsphere.mask.algorithm.hash;
+
+import org.junit.Test;
+
+import java.util.Properties;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.Assert.assertNull;
+
+public final class MD5MaskAlgorithmTest {
+
+ @Test
+ public void assertMask() {
+ String actual = createMaskAlgorithm("").mask("abc123456");
+ assertThat(actual, is("0659c7992e268962384eb17fafe88364"));
+ }
+
+ @Test
+ public void assertMaskWhenPlainValueIsNull() {
+ String actual = createMaskAlgorithm("").mask(null);
+ assertNull(actual);
+ }
+
+ @Test
+ public void assertMaskWhenConfigSalt() {
+ String actual = createMaskAlgorithm("202cb962ac5907").mask("abc123456");
+ assertThat(actual, is("02d44390e9354b72dd2aa78d55016f7f"));
+ }
+
+ private MD5MaskAlgorithm createMaskAlgorithm(final String salt) {
+ MD5MaskAlgorithm result = new MD5MaskAlgorithm();
+ result.init(createProperties(salt));
+ return result;
+ }
+
+ private Properties createProperties(final String salt) {
+ Properties result = new Properties();
+ result.setProperty("salt", salt);
+ return result;
+ }
+}
diff --git a/proxy/bootstrap/src/main/resources/conf/config-mask.yaml b/proxy/bootstrap/src/main/resources/conf/config-mask.yaml
index 0878d764fb1..d8d36b35622 100644
--- a/proxy/bootstrap/src/main/resources/conf/config-mask.yaml
+++ b/proxy/bootstrap/src/main/resources/conf/config-mask.yaml
@@ -105,19 +105,21 @@
# password:
# maskAlgorithm: md5_mask
# email:
-# maskAlgorithm: mask_before_special_char_mask
+# maskAlgorithm: mask_before_special_chars_mask
# telephone:
# maskAlgorithm: keep_first_n_last_m_mask
#
# maskAlgorithms:
# md5_mask:
# type: MD5
-# mask_before_special_char_mask:
-# type: MASK_BEFORE_SPECIAL_CHAR
+# mask_before_special_chars_mask:
+# type: MASK_BEFORE_SPECIAL_CHARS
# props:
-# special-characters: @
+# special-chars: '@'
+# replace-char: '*'
# keep_first_n_last_m_mask:
# type: KEEP_FIRST_N_LAST_M
# props:
# first-n: 3
# last-m: 4
+# replace-char: '*'