CREATE ENCRYPT RULE

Description

The CREATE READWRITE_SPLITTING RULE syntax is used to create a readwrite splitting rule.

Syntax

  1. CreateEncryptRule ::=
  2.   'CREATE' 'ENCRYPT' 'RULE' encryptDefinition ( ',' encryptDefinition )*
  4. encryptDefinition ::=
  5.   tableName '(' 'COLUMNS' '(' columnDefinition ( ',' columnDefinition )*  ')' ',' 'QUERY_WITH_CIPHER_COLUMN' '=' ( 'TRUE' | 'FALSE' ) ')'
  7. columnDefinition ::=
  8.     'NAME' '=' columnName ',' ( 'PLAIN' '=' plainColumnName )? 'CIPHER' '=' cipherColumnName ','  'TYPE' '(' 'NAME' '=' encryptAlgorithmType ( ',' 'PROPERTIES' '(' 'key' '=' 'value' ( ',' 'key' '=' 'value' )* ')' )? ')'
  10. tableName ::=
  11.   identifier
  13. columnName ::=
  14.   identifier
  16. plainColumnName ::=
  17.   identifier
  19. cipherColumnName ::=
  20.   identifier
  22. encryptAlgorithmType ::=
  23.   string

Supplement

  • PLAIN specifies the plain column, CIPHER specifies the cipher column
  • encryptAlgorithmType specifies the encryption algorithm type, please refer to Encryption Algorithm
  • Duplicate tableName will not be created
  • queryWithCipherColumn support uppercase or lowercase true or false

Example

Create a encrypt rule

  1. CREATE ENCRYPT RULE t_encrypt (
  2. COLUMNS(
  3. (NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher,TYPE(NAME='AES',PROPERTIES('aes-key-value'='123456abc'))),
  4. (NAME=order_id, CIPHER =order_cipher,TYPE(NAME='MD5'))
  5. ),QUERY_WITH_CIPHER_COLUMN=true),
  6. t_encrypt_2 (
  7. COLUMNS(
  8. (NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher,TYPE(NAME='AES',PROPERTIES('aes-key-value'='123456abc'))),
  9. (NAME=order_id, CIPHER=order_cipher,TYPE(NAME='MD5'))
  10. ), QUERY_WITH_CIPHER_COLUMN=FALSE);

Reserved word

CREATE, ENCRYPT, RULE, COLUMNS, NAME, CIPHER, PLAIN, QUERY_WITH_CIPHER_COLUMN, TYPE, TRUE, FALSE