db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oskar Z <oska...@yahoo.com>
Subject Re: Derby DB Encryption
Date Wed, 24 Jul 2019 23:12:50 GMT
Does anyone know what is the default encryption algorithm for the Derby DB encryption?

Thanks,
Oskar

> On Jul 24, 2019, at 6:14 PM, Oskar Z <oskarzn@yahoo.com> wrote:
> 
> Looks like the database when being encrypted, must be the FIRST connection to DB. If
DB has existing connections before encryption, then it will not work, and thus the passwords
don’t matter.
> 
> If encryption is done as a first connection to DB, then the DB must be shutdown, and
then it seems to work, and the first call should have bootPassword. That’s what I found.
> 
> Thanks for the help and pointers! It got me thinking :-)
> 
> Regards,
> Oskar
> 
>> On Jul 24, 2019, at 2:08 PM, Peter Ondruška <peter.ondruska@kaibo.eu <mailto:peter.ondruska@kaibo.eu>>
wrote:
>> 
>> Well, you "boot" with bootPassword only once. After your database is opened you do
not need to specify bootPassword anymore. Maybe even specifying incorrect bootPassword after
database is already opened does not trigger any error and may seem misleading.
>> 
>> On Wed, 24 Jul 2019 at 19:47, Oskar Zinger <oskarzn@yahoo.com <mailto:oskarzn@yahoo.com>>
wrote:
>> I already have authentication working fine. I would like to also have data encryption.
>> 
>> Can I have both authentication and data encryption in Derby?
>> 
>> Sent from my iPhone
>> 
>> On Jul 24, 2019, at 11:37 AM, Peter Ondruška <peter.ondruska@kaibo.eu <mailto:peter.ondruska@kaibo.eu>>
wrote:
>> 
>>> Oskar, you mixed two distinct topics, encryption and authentication. You should
also follow https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html <https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html>.
Peter
>>> 
>>> On Wed, 24 Jul 2019 at 16:27, Oskar Z <oskarzn@yahoo.com <mailto:oskarzn@yahoo.com>>
wrote:
>>> Hello - hope that someone has experience with Derby encryption.
>>> 
>>> I’ve been using this documentation:
>>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html <https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html>
>>> 
>>> I’m not sure what’s happening, I’ve encrypted the DB using dataEncryption=true
and provided bootPassword, at first I used the same password as the Owner of DB, but then
I used a different password. But regardless, what ever password I specify or not specify as
bootPassword, the connection is made OK.
>>> 
>>> So to me, it looks as if the DB has not been really encrypted, even though I’m
not see any exceptions/errors in derby.log.
>>> 
>>> How can I tell for sure that DB encryption really happened?
>>> 
>>> Thanks for you help!
>>> 
>>> Kind regards,
>>> Oskar
>>> 
>>> kaibo, s.r.o., ID 28435036, registered with the commercial register administered
by the Municipal Court in Prague, section C, file 141269.
>>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>>> https://kaibo.eu <https://kaibo.eu/>
>> 
>> kaibo, s.r.o., ID 28435036, registered with the commercial register administered
by the Municipal Court in Prague, section C, file 141269.
>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>> https://kaibo.eu <https://kaibo.eu/>
> 


Mime
View raw message