springboot项目利用ShardingSphere实现数据库字段加解密
使用默认的加解密方式
<dependency>
<groupId>org.apache.shardingsphere</groupId>
<artifactId>sharding-jdbc-spring-boot-starter</artifactId>
<version>4.0.0</version>
</dependency>
spring:
shardingsphere:
datasource:
name: master
master:
type: com.alibaba.druid.pool.DruidDataSource
driverClassName: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://192.168.20.181:3060/collateral?useSSL=false&allowPublicKeyRetrieval=true&characterEncoding=utf8
username: 数据库用户名
password: 数据库密码
encrypt:
encryptors:
encryptor_aes:
type: aes
props:
aes.key.value: abcdef#ghij#klmn
tables:
t_collateral_record:
columns:
project_name:
cipherColumn: project_name
encryptor: encryptor_aes
project_no:
cipherColumn: project_no
encryptor: encryptor_aes
props:
sql:
show: false
query:
with:
cipher:
column: true
使用自定义的加解密方式
spring:
shardingsphere:
datasource:
name: master
master:
type: com.alibaba.druid.pool.DruidDataSource
driverClassName: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://192.168.20.181:3060/collateral?useSSL=false&allowPublicKeyRetrieval=true&characterEncoding=utf8
username: 数据库用户名
password: 数据库密码
encrypt:
encryptors:
encryptor_aes:
type: my-aes
tables:
t_collateral_record:
columns:
project_name:
cipherColumn: project_name
encryptor: encryptor_aes
project_no:
cipherColumn: project_no
encryptor: encryptor_aes
props:
sql:
show: false
query:
with:
cipher:
column: true
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.symmetric.AES;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.apache.shardingsphere.spi.encrypt.ShardingEncryptor;
import org.springframework.core.io.support.PropertiesLoaderUtils;
import org.springframework.util.StringUtils;
import java.io.IOException;
import java.util.Properties;
@Slf4j
@Data
public class ShardingEncryptorAes implements ShardingEncryptor {
private static final String AES_PROPERTIES = "aes.properties";
private Properties properties;
@Override
public void init() {
try {
properties = PropertiesLoaderUtils.loadAllProperties(AES_PROPERTIES);
} catch (IOException e) {
e.printStackTrace();
throw new RuntimeException("aes秘钥配置文件读取失败", e);
}
}
@Override
public String encrypt(Object o) {
if (o == null) {
return null;
}
AES aes = SecureUtil.aes(getKey().getBytes());
return aes.encryptHex((String) o);
}
@Override
public Object decrypt(String str) {
AES aes = SecureUtil.aes(getKey().getBytes());
if (StringUtils.isEmpty(str)) {
return null;
}
return aes.decryptStr(str);
}
@Override
public String getType() {
return "my-aes";
}
@Override
public Properties getProperties() {
return properties;
}
@Override
public void setProperties(Properties properties) {
}
private String getKey() {
return getProperties().getProperty("aesKey");
}
}
- 在resources目录下创建文件
- 在resources目录下创建子目录META-INF\services
- 在META-INF\services目录下创建文件org.apache.shardingsphere.spi.encrypt.ShardingEncryptor
- 文件里面写上加密类全称com.defang.collateral.util.ShardingEncryptorAes
- 在resources目录下创建aes秘钥配置文件 aes.properties
aesKey=/sbJqG2uF+/40CoabQ+b893T6vNEnVVG