You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by GitBox <gi...@apache.org> on 2021/09/09 14:55:04 UTC
[GitHub] [shardingsphere] dbin0123 opened a new issue #12322: Data encryption exception
dbin0123 opened a new issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322
### Which version of ShardingSphere did you use?
```xml
<dependency>
<groupId>org.apache.shardingsphere</groupId>
<artifactId>shardingsphere-jdbc-core</artifactId>
<version>5.0.0-beta</version>
</dependency>
```
### Which project did you use? ShardingSphere-JDBC or ShardingSphere-Proxy?
ShardingSphere-JDBC
### Expected behavior
Save encrypted data successfully.
### Actual behavior
The value of the encrypted field is "NULL", and it fails to save data using JPA!
### Reason analyze (If you can)
EncryptInsertValueParameterRewriter#encryptInsertValue
```java
private void encryptInsertValue(final EncryptAlgorithm encryptAlgorithm, final String tableName, final int parameterIndex,
final Object originalValue, final StandardParameterBuilder parameterBuilder, final String encryptLogicColumnName) {
parameterBuilder.addReplacedParameters(parameterIndex, encryptAlgorithm.encrypt(originalValue));
Collection<Object> addedParameters = new LinkedList<>();
if (encryptAlgorithm instanceof QueryAssistedEncryptAlgorithm) {
Optional<String> assistedColumnName = getEncryptRule().findAssistedQueryColumn(tableName, encryptLogicColumnName);
Preconditions.checkArgument(assistedColumnName.isPresent(), "Can not find assisted query Column Name");
addedParameters.add(((QueryAssistedEncryptAlgorithm) encryptAlgorithm).queryAssistedEncrypt(originalValue.toString()));
}
if (getEncryptRule().findPlainColumn(tableName, encryptLogicColumnName).isPresent()) {
addedParameters.add(originalValue);
}
if (!addedParameters.isEmpty()) {
if (!parameterBuilder.getAddedIndexAndParameters().containsKey(parameterIndex + 1)) {
parameterBuilder.getAddedIndexAndParameters().put(parameterIndex + 1, new LinkedList<>());
}
parameterBuilder.getAddedIndexAndParameters().get(parameterIndex + 1).addAll(addedParameters);
}
}
```
`originalValue.toString()` `originalValue` is null, `toString` NullPointerException will be reported
### Steps to reproduce the behavior, such as: SQL to execute, sharding rule configuration, when exception occur etc.
1. japconfig
```java
@Primary
@Bean(name = "shardingDataSource")
public DataSource shardingDataSource() throws SQLException {
List<RuleConfiguration> listEncryptRuleConfiguration = new ArrayList<>();
Properties encryptorProperts = new Properties();
encryptorProperts.put("sm2.prik", "ae91044472cd879b405914cc1fc14d44728bc09eb7b371ba89bea95e5d6d61ac");
encryptorProperts.put("sm2.pubk", "049f364fe12d0c02d37ad15c26ec7ca3ac36a2ce1ec00e425d33ff7a49eeb1ed4834d8bacec123ecc75fc309b9b1bda78ba7af02ca93300d51ee0e460e71fa63cb");
ShardingSphereAlgorithmConfiguration encryptorConfig = new ShardingSphereAlgorithmConfiguration("SM2", encryptorProperts);
List<EncryptTableRuleConfiguration> listEncryptTableRuleConfiguration = new ArrayList<>();
EncryptTableRuleConfiguration userCardNoEncryptTableRuleConfiguration = new EncryptTableRuleConfiguration("tb_course",
Arrays.asList(
new EncryptColumnRuleConfiguration("user_card_no", "ciphertext_user_card_no", "assist_user_card_no", null, "encryptor_sm2"),
new EncryptColumnRuleConfiguration("user_name", "ciphertext_user_name", "assist_user_name", "user_name", "encryptor_sm2")
));
listEncryptTableRuleConfiguration.add(userCardNoEncryptTableRuleConfiguration);
//final Collection<EncryptTableRuleConfiguration> tables, final Map<String, ShardingSphereAlgorithmConfiguration> encryptors
Map<String, ShardingSphereAlgorithmConfiguration> encryptors = new HashMap<>();
encryptors.put("encryptor_sm2", encryptorConfig);
listEncryptRuleConfiguration.add(new EncryptRuleConfiguration(listEncryptTableRuleConfiguration, encryptors));
return ShardingSphereDataSourceFactory.createDataSource(getDataSource(), listEncryptRuleConfiguration, props);
}
private DataSource getDataSource() {
DruidDataSource dataSource = new DruidDataSource();
dataSource.setDriverClassName("com.mysql.cj.jdbc.Driver");
dataSource.setUrl("jdbc:mysql://localhost:3306/test?serverTimezone=Asia/Shanghai");
dataSource.setUsername("root");
dataSource.setPassword("123456");
dataSource.setInitialSize(10);
dataSource.setMinIdle(1);
dataSource.setMaxActive(2000);
dataSource.setMaxWait(60000L);
dataSource.setTimeBetweenEvictionRunsMillis(60000L);
dataSource.setMinEvictableIdleTimeMillis(300000L);
dataSource.setValidationQuery("SELECT 1");
dataSource.setTestWhileIdle(true);
dataSource.setTestOnBorrow(true);
dataSource.setTestOnReturn(false);
try {
dataSource.setFilters("wall");
} catch (SQLException ex) {
//ignore
}
return dataSource;
}
```
2. entity
```java
@Data
@Entity(name = "tb_course")
public class Course {
@Id
@Column(name = "`id`")
private String id;
@Column(name = "`name`")
private String name;
@Column(name = "`description`")
private String description;
@Column(name = "`user_id`")
private String userId;
@Column(name = "`user_card_no`")
private String userCardNo;
@Column(name = "`user_name`")
private String userName;
@Column(name = "`create_time`")
private LocalDateTime localDateTime;
}
```
3. test Sample
```java
@Test
public void addCourse(){
Course course = new Course();
course.setId(UUID.randomUUID().toString());
course.setName("java");
course.setDescription("java");
course.setUserId("10001");
course.setUserName("jack");
// course.setUserCardNo("110101199XXX07054X");
course.setLocalDateTime(LocalDateTime.now());
courseRepository.save(course);
}
```
### Example codes for reproduce this issue (such as a github link).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shardingsphere] tristaZero commented on issue #12322: Data encryption exception
Posted by GitBox <gi...@apache.org>.
tristaZero commented on issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322#issuecomment-917600320
Hi @CodingBingo @dbin0123 Thanks for your comments here. @CodingBingo 's idea looks interesting. @strongduanmu Please give a close attention to this issue.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shardingsphere] strongduanmu closed issue #12322: Data encryption exception
Posted by GitBox <gi...@apache.org>.
strongduanmu closed issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shardingsphere] strongduanmu removed a comment on issue #12322: Data encryption exception
Posted by GitBox <gi...@apache.org>.
strongduanmu removed a comment on issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322#issuecomment-917813518
Thank you for your feedback @CodingBingo, I will investigate this issue.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shardingsphere] CodingBingo commented on issue #12322: Data encryption exception
Posted by GitBox <gi...@apache.org>.
CodingBingo commented on issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322#issuecomment-916277249
In my opinion, in your code**courseRepository.save(course);**, if you don't assign a value for **userCardNo**, it will assign a null value for this column automatically;
For ** QueryAssistedEncryptAlgorithm**, I think it does some design problem. I think the method
```
String queryAssistedEncrypt(String plaintext);
```
should be change to
```
String queryAssistedEncrypt(Object plainValue);
```
so user can directly transfer plain value to the algorithm and decide how to process this value to generate assistant value. @tristaZero @strongduanmu
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shardingsphere] strongduanmu commented on issue #12322: Data encryption exception
Posted by GitBox <gi...@apache.org>.
strongduanmu commented on issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322#issuecomment-917875751
@CodingBingo Assigned.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shardingsphere] CodingBingo commented on issue #12322: Data encryption exception
Posted by GitBox <gi...@apache.org>.
CodingBingo commented on issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322#issuecomment-917871225
> @dbin0123 Thank you for your feedback. @CodingBingo I agree with you that the input parameter type of queryAssistedEncrypt should be changed to Object, and then the user should handle it. Are you interested in submitting a PR to improve this question?
Thanks, please assign this to me.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shardingsphere] strongduanmu commented on issue #12322: Data encryption exception
Posted by GitBox <gi...@apache.org>.
strongduanmu commented on issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322#issuecomment-917820064
@dbin0123 Thank you for your feedback. @CodingBingo I agree with you that the input parameter type of queryAssistedEncrypt should be changed to Object, and then the user should handle it. Are you interested in submitting a PR to improve this question?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shardingsphere] strongduanmu commented on issue #12322: Data encryption exception
Posted by GitBox <gi...@apache.org>.
strongduanmu commented on issue #12322:
URL: https://github.com/apache/shardingsphere/issues/12322#issuecomment-917813518
Thank you for your feedback @CodingBingo, I will investigate this issue.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org