An small library which uses Spring Boot autoconfiguration capability that integrates Hiss with Spring Boot and Spring Data Mongo.
By integrating Hiss with Spring Boot project we mean registration of:
- Hiss bean using environment variables
- Mongo interceptor which automatically encrypts objects before saving to DB and decrypts them after loading.
An example project is created here.
Apache Maven:
<dependency>
<groupId>io.github.tap30</groupId>
<artifactId>hiss-spring-boot-mongo-starter</artifactId>
<version>0.10.0</version>
</dependency>Gradle (Groovy):
implementation 'io.github.tap30:hiss-spring-boot-mongo-starter:0.10.0'Gradle (Kotlin):
implementation("io.github.tap30:hiss-spring-boot-mongo-starter:0.10.0")HISS_KEYS_A=AAAAAAAAAAAAAAAAAAAAAA==
HISS_KEYS_B=AAAAAAAAAAAAAAAAAAAAAA==
# other keys...
HISS_DEFAULT_ENCRYPTION_KEY_ID=a
HISS_DEFAULT_ENCRYPTION_ALGORITHM=aes-128-gcm
HISS_DEFAULT_HASHING_KEY_ID=b
HISS_DEFAULT_HASHING_ALGORITHM=hmac-sha256For more information about envs see this.
import io.github.tap30.Encrypted;
public class User {
@Encrypted
private String phoneNumber;
private String hashedPhoneNumber;
// getters and setters
}Note: Getters and setters must exist as Hiss use them to get/set values.
By implementing HissPropertiesProvider and annotating it with @Component
this library will pick your implementation rather than default one.
Just like custom HissPropertiesProvider by implementing Encryptor and Hasher interfaces
and annotating them with @Component, this library will pick them up.
For more information about Encryptors and Hashers see Hiss readme.
Currently there is not an easy way to support querying encrypted fields.
To query data, inject Hiss bean (@Autowired Hiss hiss)
and use Hiss$hash(String) method to generate hash of content;
then pass it to the queries which use hashed fields.