db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oskar Zinger <oska...@yahoo.com>
Subject Re: Derby DB Encryption
Date Thu, 25 Jul 2019 04:26:08 GMT
Thanks Peter!

Sent from my iPhone

> On Jul 24, 2019, at 10:37 PM, Peter Ondruška <peter.ondruska@kaibo.eu> wrote:
> 
> https://db.apache.org/derby/docs/10.14/security/cseccsecure88690.html
> The default encryption algorithm is DES.
> 
> You can specify an encryption provider and/or encryption algorithm other than the defaults
by using the encryptionProvider=providerName andencryptionAlgorithm=algorithm attributes.
> 
> 
>> On Thu, 25 Jul 2019, 01:13 Oskar Z, <oskarzn@yahoo.com> wrote:
>> Does anyone know what is the default encryption algorithm for the Derby DB encryption?
>> 
>> Thanks,
>> Oskar
>> 
>>> On Jul 24, 2019, at 6:14 PM, Oskar Z <oskarzn@yahoo.com> wrote:
>>> 
>>> Looks like the database when being encrypted, must be the FIRST connection to
DB. If DB has existing connections before encryption, then it will not work, and thus the
passwords don’t matter.
>>> 
>>> If encryption is done as a first connection to DB, then the DB must be shutdown,
and then it seems to work, and the first call should have bootPassword. That’s what I found.
>>> 
>>> Thanks for the help and pointers! It got me thinking :-)
>>> 
>>> Regards,
>>> Oskar
>>> 
>>>> On Jul 24, 2019, at 2:08 PM, Peter Ondruška <peter.ondruska@kaibo.eu>
wrote:
>>>> 
>>>> Well, you "boot" with bootPassword only once. After your database is opened
you do not need to specify bootPassword anymore. Maybe even specifying incorrect bootPassword
after database is already opened does not trigger any error and may seem misleading.
>>>> 
>>>> On Wed, 24 Jul 2019 at 19:47, Oskar Zinger <oskarzn@yahoo.com> wrote:
>>>>> I already have authentication working fine. I would like to also have
data encryption.
>>>>> 
>>>>> Can I have both authentication and data encryption in Derby?
>>>>> 
>>>>> Sent from my iPhone
>>>>> 
>>>>>> On Jul 24, 2019, at 11:37 AM, Peter Ondruška <peter.ondruska@kaibo.eu>
wrote:
>>>>>> 
>>>>>> Oskar, you mixed two distinct topics, encryption and authentication.
You should also follow https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html.
Peter
>>>>>> 
>>>>>>> On Wed, 24 Jul 2019 at 16:27, Oskar Z <oskarzn@yahoo.com>
wrote:
>>>>>>> Hello - hope that someone has experience with Derby encryption.
>>>>>>> 
>>>>>>> I’ve been using this documentation:
>>>>>>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html
>>>>>>> 
>>>>>>> I’m not sure what’s happening, I’ve encrypted the DB using
dataEncryption=true and provided bootPassword, at first I used the same password as the Owner
of DB, but then I used a different password. But regardless, what ever password I specify
or not specify as bootPassword, the connection is made OK.
>>>>>>> 
>>>>>>> So to me, it looks as if the DB has not been really encrypted,
even though I’m not see any exceptions/errors in derby.log.
>>>>>>> 
>>>>>>> How can I tell for sure that DB encryption really happened?
>>>>>>> 
>>>>>>> Thanks for you help!
>>>>>>> 
>>>>>>> Kind regards,
>>>>>>> Oskar
>>>>>> 
>>>>>> kaibo, s.r.o., ID 28435036, registered with the commercial register
administered by the Municipal Court in Prague, section C, file 141269.
>>>>>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>>>>>> https://kaibo.eu
>>>> 
>>>> kaibo, s.r.o., ID 28435036, registered with the commercial register administered
by the Municipal Court in Prague, section C, file 141269.
>>>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>>>> https://kaibo.eu
>>> 
>> 
> 
> kaibo, s.r.o., ID 28435036, registered with the commercial register administered by the
Municipal Court in Prague, section C, file 141269.
> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
> https://kaibo.eu

Mime
View raw message