You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by pa...@apache.org on 2023/05/11 03:08:34 UTC
[shardingsphere] branch master updated: Update encrypt document for new api and compatible api (#25571)
This is an automated email from the ASF dual-hosted git repository.
panjuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 6ccce04ea5e Update encrypt document for new api and compatible api (#25571)
6ccce04ea5e is described below
commit 6ccce04ea5e697b3fa608f5502035934260b89f2
Author: Zhengqiang Duan <du...@apache.org>
AuthorDate: Thu May 11 11:08:26 2023 +0800
Update encrypt document for new api and compatible api (#25571)
---
.../java-api/rules/encrypt.cn.md | 32 ++++++++++++------
.../java-api/rules/encrypt.en.md | 32 ++++++++++++------
.../shardingsphere-jdbc/java-api/rules/mix.cn.md | 8 +++--
.../shardingsphere-jdbc/java-api/rules/mix.en.md | 10 +++---
.../yaml-config/rules/encrypt.cn.md | 39 ++++++++++++++++++++++
.../yaml-config/rules/encrypt.en.md | 39 ++++++++++++++++++++++
6 files changed, 131 insertions(+), 29 deletions(-)
diff --git a/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/encrypt.cn.md b/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/encrypt.cn.md
index c669843e010..2d61e5749bb 100644
--- a/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/encrypt.cn.md
+++ b/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/encrypt.cn.md
@@ -37,15 +37,23 @@ weight = 4
可配置属性:
-| *名称* | *数据类型* | *说明* |
-|----------------------------|---------|---------------|
-| logicColumn | String | 逻辑列名称 |
-| cipherColumn | String | 密文列名称 |
-| assistedQueryColumn (?) | String | 查询辅助列名称 |
-| likeQueryColumn (?) | String | 模糊查询列名称 |
-| encryptorName | String | 密文列加密算法名称 |
-| assistedQueryEncryptorName | String | 查询辅助列加密算法名称 |
-| likeQueryEncryptorName | String | 模糊查询列加密算法名称 |
+| *名称* | *数据类型* | *说明* |
+|-------------------|---------|-------------|
+| name | String | 逻辑列名称 |
+| cipher | EncryptColumnItemRuleConfiguration | 密文列配置 |
+| assistedQuery (?) | EncryptColumnItemRuleConfiguration | 查询辅助列配置 |
+| likeQuery (?) | EncryptColumnItemRuleConfiguration | 模糊查询列配置 |
+
+### 加密列属性规则配置
+
+类名称:org.apache.shardingsphere.encrypt.api.config.rule.EncryptColumnItemRuleConfiguration
+
+可配置属性:
+
+| *名称* | *数据类型* | *说明* |
+|-----------------|------------------------------------|---------|
+| name | String | 加密列属性名称 |
+| encryptorName | String | 加密列算法名称 |
### 加解密算法配置
@@ -75,8 +83,10 @@ public final class EncryptDatabasesConfiguration {
public DataSource getDataSource() throws SQLException {
Properties props = new Properties();
props.setProperty("aes-key-value", "123456");
- EncryptColumnRuleConfiguration columnConfigAes = new EncryptColumnRuleConfiguration("username", "username", "", "", "name_encryptor");
- EncryptColumnRuleConfiguration columnConfigTest = new EncryptColumnRuleConfiguration("pwd", "pwd", "assisted_query_pwd", "like_pwd", "pwd_encryptor");
+ EncryptColumnRuleConfiguration columnConfigAes = new EncryptColumnRuleConfiguration("username", new EncryptColumnItemRuleConfiguration("username", "name_encryptor"));
+ EncryptColumnRuleConfiguration columnConfigTest = new EncryptColumnRuleConfiguration("pwd", new EncryptColumnItemRuleConfiguration("pwd", "pwd_encryptor"));
+ columnConfigTest.setAssistedQuery(new EncryptColumnItemRuleConfiguration("assisted_query_pwd", "pwd_encryptor"));
+ columnConfigTest.setLikeQuery(new EncryptColumnItemRuleConfiguration("like_pwd", "like_encryptor"));
EncryptTableRuleConfiguration encryptTableRuleConfig = new EncryptTableRuleConfiguration("t_user", Arrays.asList(columnConfigAes, columnConfigTest));
Map<String, AlgorithmConfiguration> encryptAlgorithmConfigs = new HashMap<>();
encryptAlgorithmConfigs.put("name_encryptor", new AlgorithmConfiguration("AES", props));
diff --git a/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/encrypt.en.md b/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/encrypt.en.md
index caee7caa475..86482562acb 100644
--- a/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/encrypt.en.md
+++ b/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/encrypt.en.md
@@ -37,15 +37,23 @@ Class name: org.apache.shardingsphere.encrypt.api.config.rule.EncryptColumnRuleC
Attributes:
-| *Name* | *DataType* | *Description* |
-|----------------------------|------------|----------------------------------------------------------------------|
-| logicColumn | String | Logic column name |
-| cipherColumn | String | Cipher column name |
-| assistedQueryColumn (?) | String | Assisted query column name |
-| likeQueryColumn (?) | String | Like query column name |
-| encryptorName | String | Encrypt algorithm name |
-| assistedQueryEncryptorName | String | Assisted query encrypt algorithm name |
-| likeQueryEncryptorName | String | Like query encrypt algorithm name |
+| *Name* | *DataType* | *Description* |
+|---------------|------------------------------------|------------------------------|
+| name | String | Logic column name |
+| cipher | EncryptColumnItemRuleConfiguration | Cipher column config |
+| assistedQuery (?) | EncryptColumnItemRuleConfiguration | Assisted query column config |
+| likeQuery (?) | EncryptColumnItemRuleConfiguration | Like query column config |
+
+### Encrypt Column Item Rule Configuration
+
+Class name: org.apache.shardingsphere.encrypt.api.config.rule.EncryptColumnItemRuleConfiguration
+
+Attributes:
+
+| *Name* | *DataType* | *Description* |
+|-----------------|------------------------------------|--------------------------|
+| name | String | encrypt column item name |
+| encryptorName | String | encryptor name |
### Encrypt Algorithm Configuration
@@ -75,8 +83,10 @@ public final class EncryptDatabasesConfiguration {
public DataSource getDataSource() throws SQLException {
Properties props = new Properties();
props.setProperty("aes-key-value", "123456");
- EncryptColumnRuleConfiguration columnConfigAes = new EncryptColumnRuleConfiguration("username", "username", "", "", "name_encryptor");
- EncryptColumnRuleConfiguration columnConfigTest = new EncryptColumnRuleConfiguration("pwd", "pwd", "assisted_query_pwd", "like_pwd", "pwd_encryptor");
+ EncryptColumnRuleConfiguration columnConfigAes = new EncryptColumnRuleConfiguration("username", new EncryptColumnItemRuleConfiguration("username", "name_encryptor"));
+ EncryptColumnRuleConfiguration columnConfigTest = new EncryptColumnRuleConfiguration("pwd", new EncryptColumnItemRuleConfiguration("pwd", "pwd_encryptor"));
+ columnConfigTest.setAssistedQuery(new EncryptColumnItemRuleConfiguration("assisted_query_pwd", "pwd_encryptor"));
+ columnConfigTest.setLikeQuery(new EncryptColumnItemRuleConfiguration("like_pwd", "like_encryptor"));
EncryptTableRuleConfiguration encryptTableRuleConfig = new EncryptTableRuleConfiguration("t_user", Arrays.asList(columnConfigAes, columnConfigTest));
Map<String, AlgorithmConfiguration> encryptAlgorithmConfigs = new HashMap<>();
encryptAlgorithmConfigs.put("name_encryptor", new AlgorithmConfiguration("AES", props));
diff --git a/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/mix.cn.md b/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/mix.cn.md
index e667cc471da..03c8b9d0d1a 100644
--- a/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/mix.cn.md
+++ b/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/mix.cn.md
@@ -41,11 +41,13 @@ private static ReadwriteSplittingRuleConfiguration createReadwriteSplittingConfi
}
// 数据加密配置
-public EncryptRuleConfiguration createEncryptRuleConfiguration() {
+private static EncryptRuleConfiguration createEncryptRuleConfiguration() {
Properties props = new Properties();
props.setProperty("aes-key-value", "123456");
- EncryptColumnRuleConfiguration columnConfigAes = new EncryptColumnRuleConfiguration("username", "username", "", "", "name_encryptor");
- EncryptColumnRuleConfiguration columnConfigTest = new EncryptColumnRuleConfiguration("pwd", "pwd", "assisted_query_pwd", "like_pwd", "pwd_encryptor");
+ EncryptColumnRuleConfiguration columnConfigAes = new EncryptColumnRuleConfiguration("username", new EncryptColumnItemRuleConfiguration("username", "name_encryptor"));
+ EncryptColumnRuleConfiguration columnConfigTest = new EncryptColumnRuleConfiguration("pwd", new EncryptColumnItemRuleConfiguration("pwd", "pwd_encryptor"));
+ columnConfigTest.setAssistedQuery(new EncryptColumnItemRuleConfiguration("assisted_query_pwd", "pwd_encryptor"));
+ columnConfigTest.setLikeQuery(new EncryptColumnItemRuleConfiguration("like_pwd", "like_encryptor"));
EncryptTableRuleConfiguration encryptTableRuleConfig = new EncryptTableRuleConfiguration("t_user", Arrays.asList(columnConfigAes, columnConfigTest));
Map<String, AlgorithmConfiguration> encryptAlgorithmConfigs = new HashMap<>();
encryptAlgorithmConfigs.put("name_encryptor", new AlgorithmConfiguration("AES", props));
diff --git a/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/mix.en.md b/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/mix.en.md
index d235242074b..70297088984 100644
--- a/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/mix.en.md
+++ b/docs/document/content/user-manual/shardingsphere-jdbc/java-api/rules/mix.en.md
@@ -42,12 +42,14 @@ private static ReadwriteSplittingRuleConfiguration createReadwriteSplittingConfi
}
// Data encryption configuration
-public EncryptRuleConfiguration createEncryptRuleConfiguration() {
+private static EncryptRuleConfiguration createEncryptRuleConfiguration() {
Properties props = new Properties();
props.setProperty("aes-key-value", "123456");
- EncryptColumnRuleConfiguration columnConfigAes = new EncryptColumnRuleConfiguration("username", "username", "", "", "username_plain", "name_encryptor", null);
- EncryptColumnRuleConfiguration columnConfigTest = new EncryptColumnRuleConfiguration("pwd", "pwd", "assisted_query_pwd", "like_pwd", "", "pwd_encryptor", null);
- EncryptTableRuleConfiguration encryptTableRuleConfig = new EncryptTableRuleConfiguration("t_user", Arrays.asList(columnConfigAes, columnConfigTest), null);
+ EncryptColumnRuleConfiguration columnConfigAes = new EncryptColumnRuleConfiguration("username", new EncryptColumnItemRuleConfiguration("username", "name_encryptor"));
+ EncryptColumnRuleConfiguration columnConfigTest = new EncryptColumnRuleConfiguration("pwd", new EncryptColumnItemRuleConfiguration("pwd", "pwd_encryptor"));
+ columnConfigTest.setAssistedQuery(new EncryptColumnItemRuleConfiguration("assisted_query_pwd", "pwd_encryptor"));
+ columnConfigTest.setLikeQuery(new EncryptColumnItemRuleConfiguration("like_pwd", "like_encryptor"));
+ EncryptTableRuleConfiguration encryptTableRuleConfig = new EncryptTableRuleConfiguration("t_user", Arrays.asList(columnConfigAes, columnConfigTest));
Map<String, AlgorithmConfiguration> encryptAlgorithmConfigs = new HashMap<>();
encryptAlgorithmConfigs.put("name_encryptor", new AlgorithmConfiguration("AES", props));
encryptAlgorithmConfigs.put("pwd_encryptor", new AlgorithmConfiguration("assistedTest", props));
diff --git a/docs/document/content/user-manual/shardingsphere-jdbc/yaml-config/rules/encrypt.cn.md b/docs/document/content/user-manual/shardingsphere-jdbc/yaml-config/rules/encrypt.cn.md
index 4a51dc76a53..940a439b0f4 100644
--- a/docs/document/content/user-manual/shardingsphere-jdbc/yaml-config/rules/encrypt.cn.md
+++ b/docs/document/content/user-manual/shardingsphere-jdbc/yaml-config/rules/encrypt.cn.md
@@ -93,6 +93,45 @@ rules:
YamlShardingSphereDataSourceFactory.createDataSource(getFile());
```
+为了保持对低版本 YAML 配置的兼容,ShardingSphere 通过 `COMPATIBLE_ENCRYPT` 提供了如下的兼容配置,该配置会在后续版本中删除,建议及时升级最新 YAML 配置。
+
+```yaml
+dataSources:
+ unique_ds:
+ dataSourceClassName: com.zaxxer.hikari.HikariDataSource
+ driverClassName: com.mysql.jdbc.Driver
+ jdbcUrl: jdbc:mysql://localhost:3306/demo_ds?serverTimezone=UTC&useSSL=false&useUnicode=true&characterEncoding=UTF-8
+ username: root
+ password:
+
+rules:
+- !COMPATIBLE_ENCRYPT
+ tables:
+ t_user:
+ columns:
+ username:
+ cipherColumn: username
+ encryptorName: aes_encryptor
+ assistedQueryColumn: assisted_query_username
+ assistedQueryEncryptorName: assisted_encryptor
+ likeQueryColumn: like_query_username
+ likeQueryEncryptorName: like_encryptor
+ pwd:
+ cipherColumn: pwd
+ encryptorName: aes_encryptor
+ assistedQueryColumn: assisted_query_pwd
+ assistedQueryEncryptorName: assisted_encryptor
+ encryptors:
+ aes_encryptor:
+ type: AES
+ props:
+ aes-key-value: 123456abc
+ assisted_encryptor:
+ type: MD5
+ like_encryptor:
+ type: CHAR_DIGEST_LIKE
+```
+
## 相关参考
- [核心特性:数据加密](/cn/features/encrypt/)
diff --git a/docs/document/content/user-manual/shardingsphere-jdbc/yaml-config/rules/encrypt.en.md b/docs/document/content/user-manual/shardingsphere-jdbc/yaml-config/rules/encrypt.en.md
index 89be5263905..22935ad2a83 100644
--- a/docs/document/content/user-manual/shardingsphere-jdbc/yaml-config/rules/encrypt.en.md
+++ b/docs/document/content/user-manual/shardingsphere-jdbc/yaml-config/rules/encrypt.en.md
@@ -94,6 +94,45 @@ Read the YAML configuration to create a data source according to the createDataS
YamlShardingSphereDataSourceFactory.createDataSource(getFile());
```
+In order to keep compatibility with earlier YAML configuration, ShardingSphere provides following compatible configuration through 'COMPATIBLE_ENCRYPT', which will be removed in future versions, and it is recommended to upgrade latest YAML configuration.
+
+```yaml
+dataSources:
+ unique_ds:
+ dataSourceClassName: com.zaxxer.hikari.HikariDataSource
+ driverClassName: com.mysql.jdbc.Driver
+ jdbcUrl: jdbc:mysql://localhost:3306/demo_ds?serverTimezone=UTC&useSSL=false&useUnicode=true&characterEncoding=UTF-8
+ username: root
+ password:
+
+rules:
+- !COMPATIBLE_ENCRYPT
+ tables:
+ t_user:
+ columns:
+ username:
+ cipherColumn: username
+ encryptorName: aes_encryptor
+ assistedQueryColumn: assisted_query_username
+ assistedQueryEncryptorName: assisted_encryptor
+ likeQueryColumn: like_query_username
+ likeQueryEncryptorName: like_encryptor
+ pwd:
+ cipherColumn: pwd
+ encryptorName: aes_encryptor
+ assistedQueryColumn: assisted_query_pwd
+ assistedQueryEncryptorName: assisted_encryptor
+ encryptors:
+ aes_encryptor:
+ type: AES
+ props:
+ aes-key-value: 123456abc
+ assisted_encryptor:
+ type: MD5
+ like_encryptor:
+ type: CHAR_DIGEST_LIKE
+```
+
## Related References
- [Core Feature: Data Encryption](/en/features/encrypt/)