小贝子编程

SQL Server列使用Azure键库和Spring引导



我需要使用Azure键Vault

将数据保存在SQL Server中 
        @Bean
    @Primary
    public DataSource dataSource() throws SQLException {
        KeyVaultClient client = new KeyVaultClient(keyVaultCredentialService);
        String userName = client.getSecret(vaultURL, "spring-datasource-username").value();
        String password = client.getSecret(vaultURL, "spring-datasource-password").value();
        String url = "jdbc:sqlserver://test.database.windows.net;databaseName=encryption_demo;columnEncryptionSetting=Enabled;"; 
        String driverClass = client.getSecret(vaultURL, "spring-datasource-driverClassName").value();
        DataSource dataSource = DataSourceBuilder
                .create()
                .username(userName)
                .password(password)
                .url(url)
                .driverClassName(driverClass)
                .build();
SQLServerColumnEncryptionAzureKeyVaultProvider akvProvider = new SQLServerColumnEncryptionAzureKeyVaultProvider(clientId, clientKey);
Map<String, SQLServerColumnEncryptionKeyStoreProvider> keyStoreMap = new HashMap<String, SQLServerColumnEncryptionKeyStoreProvider>();
keyStoreMap.put(akvProvider.getName(), akvProvider);        SQLServerConnection.registerColumnEncryptionKeyStoreProviders(keyStoreMap);
return dataSource;
}
application.properties
azure.keyvault.uri= ....
azure.keyvault.client-id= ...
azure.keyvault.client-key= ...
SQLServer table
CREATE TABLE [dbo].[Patients](
    [id] [int] PRIMARY KEY NOT NULL,
    [ssn] [varchar](max) COLLATE Latin1_General_BIN2 ENCRYPTED WITH (COLUMN_ENCRYPTION_KEY = [CEK_Auto1], ENCRYPTION_TYPE = Randomized, ALGORITHM = 'AEAD_AES_256_CBC_HMAC_SHA_256') NOT NULL,
    [first_name] [varchar](max) COLLATE Latin1_General_BIN2 ENCRYPTED WITH (COLUMN_ENCRYPTION_KEY = [CEK_Auto1], ENCRYPTION_TYPE = Randomized, ALGORITHM = 'AEAD_AES_256_CBC_HMAC_SHA_256') NULL,
    [last_name] [varchar](max) COLLATE Latin1_General_BIN2 ENCRYPTED WITH (COLUMN_ENCRYPTION_KEY = [CEK_Auto1], ENCRYPTION_TYPE = Randomized, ALGORITHM = 'AEAD_AES_256_CBC_HMAC_SHA_256') NULL
) 
GO

在将数据保存在数据库中时会出现错误:引起的是:com.microsoft.sqlserver.jdbc.sqlserverexception:加密时内部错误:非法密钥大小

下载并安装Java加密扩展(JCE(无限强度管辖权策略文件。请务必阅读zip文件中包含的读数,以进行安装说明和有关导出/导入问题的相关详细信息。

如果使用mssql-jdbc-X.X.X.jre7.jarsqljdbc41.jar,则可以从Java Cryptography扩展(JCE(无限强度管辖权策略文件7下载。

如果使用mssql-jdbc-X.X.X.jre8.jarsqljdbc42.jar,则可以从Java密码扩展(JCE(无限强度管辖权策略文件下载8下载策略文件。

如果使用mssql-jdbc-X.X.X.jre9.jar,则不需要下载策略文件。 Java 9中的管辖权策略9默认为无限强度加密

有关更多详细信息,您可以参考本文。

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium