How to encrypt field in MongoDB

问题

I need to encrypt one field in a mongo document. What is the best way to do it? I use spring. There is spring annotation for it?

回答1:

the encryption can be done for now only from java. here you have the same question asked last month

this has been done already in ruby, so if you want to use jruby for this in your project take a look at this

or you can wait until the MongoDB includes this in their API

回答2:

You can use this library that adds support for @Encrypted annotation fields:

<dependency>
    <groupId>com.bol</groupId>
    <artifactId>spring-data-mongodb-encrypt</artifactId>
    <version>1.0.1</version>
</dependency>

To configure spring:

@Bean
public CryptVault cryptVault() {
    return new CryptVault()
            .with256BitAesCbcPkcs5PaddingAnd128BitSaltKey(0, oldKey)
            .with256BitAesCbcPkcs5PaddingAnd128BitSaltKey(1, secretKey)
            // can be omitted if it's the highest version
            .withDefaultKeyVersion(1);
}

@Bean
public EncryptionEventListener encryptionEventListener(CryptVault cryptVault) {
    return new EncryptionEventListener(cryptVault);
}

And to use it:

@Document
public class MyBean {
    @Id
    public String id;

    // not encrypted
    @Field
    public String nonSensitiveData;

    // encrypted primitive types
    @Field
    @Encrypted
    public String secretString;

    @Field
    @Encrypted
    public Long secretLong;

    // encrypted sub-document (MySubBean is serialized, encrypted and stored as byte[])
    @Field
    @Encrypted
    public MySubBean secretSubBean;

    // encrypted collection (list is serialized, encrypted and stored as byte[])
    @Field
    @Encrypted
    public List<String> secretStringList;

    // values containing @Encrypted fields are encrypted
    @Field
    public MySubBean nonSensitiveSubBean;

    // values containing @Encrypted fields are encrypted
    @Field
    public List<MySubBean> nonSensitiveSubBeanList;

    // encrypted map (values containing @Encrypted fields are replaced by encrypted byte[])
    @Field
    public Map<String, MySubBean> publicMapWithSecretParts;
}

public class MySubBean {
    @Field
    public String nonSensitiveData;

    @Field
    @Encrypted
    public String secretString;
}

For more info, check out the project website

回答3:

You can use custom encryption scheme and store that, into database. In rails it will be easy to do so.

 include Mongoid::Document
 field :encrypted_me, type: String, encrypted: true

If you can describe what platform you are using that will make some clarification.

来源：https://stackoverflow.com/questions/30726414/how-to-encrypt-field-in-mongodb