Encryption #

Configuration Item Explanation #

Namespace: http://shardingsphere.apache.org/schema/shardingsphere/encrypt/encrypt-5.1.0.xsd

<encrypt:rule />

Name	Type	Description	Default Value
id	Attribute	Spring Bean Id
queryWithCipherColumn (?)	Attribute	Whether query with cipher column for data encrypt. User you can use plaintext to query if have	true
table (+)	Tag	Encrypt table configuration

<encrypt:table />

Name	Type	Description
name	Attribute	Encrypt table name
column (+)	Tag	Encrypt column configuration
query-with-cipher-column(?)	Attribute	Whether query with cipher column for data encrypt. User you can use plaintext to query if have

<encrypt:column />

Name	Type	Description
logic-column	Attribute	Encrypted column logical name
data-type(?)	Attribute	Logical column type
cipher-column	Attribute	Encrypted column name
cipher-data-type(?)	Attribute	Encrypted column type
assisted-query-column (?)	Attribute	Query auxiliary column name
assisted-query-data-type(?)	Attribute	Query auxiliary column type
plain-column (?)	Attribute	Plaintext column name
plain-data-type(?)	Attribute	Plaintext column type
encrypt-algorithm-ref	Attribute	Encryption algorithm name

<encrypt:encrypt-algorithm />

Name	Type	Description
id	Attribute	Encrypt algorithm name
type	Attribute	Encrypt algorithm type
props (?)	Tag	Encrypt algorithm properties

Example #

<encrypt:encrypt-algorithm id="name_encryptor" type="AES">
    <props>
        <prop key="aes-key-value">123456</prop>
    </props>
</encrypt:encrypt-algorithm>

<encrypt:rule id="encryptRule">
    <encrypt:table name="t_user">
        <encrypt:column logic-column="pwd" cipher-column="pwd_encrypt" data-type="VARCHAR(20) NOT NULL" cipher-data-type="VARCHAR(200) NOT NULL" plain-column="pwd_plain" plain-data-type="VARCHAR(20) NOT NULL" assisted-query-column="pwd_assisted" assisted-query-data-type="VARCHAR(20) NOT NULL" encrypt-algorithm-ref="name_encryptor" />
    </encrypt:table>
</encrypt:rule>

Please refer to Built-in Encrypt Algorithm List for more details about type of algorithm.