Using the 'like' operator to perform a fuzzy search on an encrypted column in version 5.3.0.

[wangleizone]

Bug Report

For English only, other languages will not accept.

Before report a bug, make sure you have:

• Searched open and closed GitHub issues.
• Read documentation: ShardingSphere Doc.

Please pay attention on issues you submitted, because we maybe need more details.
If no response anymore and we cannot reproduce it on current information, we will close it.

Please answer these questions before submitting your issue. Thanks!

Which version of ShardingSphere did you use?

5.3.0

Which project did you use? ShardingSphere-JDBC or ShardingSphere-Proxy?

ShardingSphere-JDBC

Expected behavior

I am using the new feature in version 5.3.0, which allows encryption on a column for a LIKE fuzzy search. I am also using the CHAR_DIGEST_LIKE algorithm to generate the likeQueryColumn.

But when I execute the following SQL for a fuzzy search, it throws an exception.

select * from sla_user_service_recorde where user_name like CONCAT('%', #{userName}, '%')

Cause: java.sql.SQLException: Unknown exception: null
; uncategorized SQLException; SQL state [HY000]; error code [30000]; Unknown exception: null; nested exception is java.sql.SQLException: Unknown exception: null
at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:89)

Caused by: java.sql.SQLException: Unknown exception: null
at org.apache.shardingsphere.infra.util.exception.external.sql.ShardingSphereSQLException.toSQLException(ShardingSphereSQLException.java:62)

I tried to remove the 'concat' function from the SQL statement and passed '%' as a part of the string parameter, and the query worked normally.
select * from sla_user_service_recorde where user_name like #{userName}

Reason analyze (If you can)

And I found that when using the '=' operator in the SQL query, the 'concat' function can be used normally. It is only when using the 'like' operator with the 'concat' function that an exception is thrown. I suspect this is a bug introduced in the new 5.3.0 version.

[strongduanmu]

Hi @wangleizone, thank you for your feedback. Encrypt like feature does not currently support functions. Are you interested in submitting PR for enhanced function support?

[gxxiong]

@strongduanmu let me see how to fix it

[strongduanmu]

@gxxiong That's great, I will assign this issue to you.

[strongduanmu]

Hi @wangleizone, can you help test this enhancement on master branch?

[starldh]

@strongduanmu @gxxiong
Hello. I use 5.3.2-SNAPSHOT. But it doesn't work well.
select * from sla_user_service_recorde where user_name like CONCAT('%', 'abc', '%'). It work well
select * from sla_user_service_recorde where user_name like CONCAT('%', #{userName}, '%'). It doen't work.
Error is ：
java.lang.IndexOutOfBoundsException: Index: 2, Size: 2 at java.util.LinkedList.checkElementIndex(LinkedList.java:555) ~[na:1.8.0_362] at java.util.LinkedList.get(LinkedList.java:476) ~[na:1.8.0_362] at org.apache.shardingsphere.encrypt.rewrite.token.generator.EncryptPredicateRightValueTokenGenerator.getPositionValues(EncryptPredicateRightValueTokenGenerator.java:141) ~[shardingsphere-encrypt-core-5.3.2-SNAPSHOT.jar:5.3.2-SNAPSHOT]

[strongduanmu]

@starldh Thank you for your feedback, I will check it.

[strongduanmu]

Hi @starldh, can you try it again? I modify the logic and add e2e test case for prepared statement.

[starldh]

Hi @starldh, can you try it again? I modify the logic and add e2e test case for prepared statement.

Hi @strongduanmu . I checked agaiin. And it works now.
Thank you for you work!

[strongduanmu]

That's great, let's support more SQL statements for encrypt feature.