db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Ondruška <peter.ondru...@kaibo.eu>
Subject Re: Derby DB Encryption
Date Thu, 25 Jul 2019 02:37:16 GMT
https://db.apache.org/derby/docs/10.14/security/cseccsecure88690.html

The default encryption algorithm is DES.

You can specify an encryption provider and/or encryption algorithm other
than the defaults by using the encryptionProvider=*providerName* and
encryptionAlgorithm=*algorithm* attributes.

On Thu, 25 Jul 2019, 01:13 Oskar Z, <oskarzn@yahoo.com> wrote:

> Does anyone know what is the default encryption algorithm for the Derby DB
> encryption?
>
> Thanks,
> Oskar
>
> On Jul 24, 2019, at 6:14 PM, Oskar Z <oskarzn@yahoo.com> wrote:
>
> Looks like the database when being encrypted, must be the FIRST connection
> to DB. If DB has existing connections before encryption, then it will not
> work, and thus the passwords don’t matter.
>
> If encryption is done as a first connection to DB, then the DB must be
> shutdown, and then it seems to work, and the first call should have
> bootPassword. That’s what I found.
>
> Thanks for the help and pointers! It got me thinking :-)
>
> Regards,
> Oskar
>
> On Jul 24, 2019, at 2:08 PM, Peter Ondruška <peter.ondruska@kaibo.eu>
> wrote:
>
> Well, you "boot" with bootPassword only once. After your database is
> opened you do not need to specify bootPassword anymore. Maybe even
> specifying incorrect bootPassword after database is already opened does not
> trigger any error and may seem misleading.
>
> On Wed, 24 Jul 2019 at 19:47, Oskar Zinger <oskarzn@yahoo.com> wrote:
>
>> I already have authentication working fine. I would like to also have
>> data encryption.
>>
>> Can I have both authentication and data encryption in Derby?
>>
>> Sent from my iPhone
>>
>> On Jul 24, 2019, at 11:37 AM, Peter Ondruška <peter.ondruska@kaibo.eu>
>> wrote:
>>
>> Oskar, you mixed two distinct topics, encryption and authentication. You
>> should also follow
>> https://db.apache.org/derby/docs/10.14/security/cseccsecure42374.html.
>> Peter
>>
>> On Wed, 24 Jul 2019 at 16:27, Oskar Z <oskarzn@yahoo.com> wrote:
>>
>>> Hello - hope that someone has experience with Derby encryption.
>>>
>>> I’ve been using this documentation:
>>> https://db.apache.org/derby/docs/10.14/security/cseccsecure97760.html
>>>
>>> I’m not sure what’s happening, I’ve encrypted the DB using
>>> dataEncryption=true and provided bootPassword, at first I used the same
>>> password as the Owner of DB, but then I used a different password. But
>>> regardless, what ever password I specify or not specify as bootPassword,
>>> the connection is made OK.
>>>
>>> So to me, it looks as if the DB has not been really encrypted, even
>>> though I’m not see any exceptions/errors in derby.log.
>>>
>>> How can I tell for sure that DB encryption really happened?
>>>
>>> Thanks for you help!
>>>
>>> Kind regards,
>>> Oskar
>>>
>>
>> kaibo, s.r.o., ID 28435036, registered with the commercial register
>> administered by the Municipal Court in Prague, section C, file 141269.
>> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
>> https://kaibo.eu
>>
>>
> kaibo, s.r.o., ID 28435036, registered with the commercial register
> administered by the Municipal Court in Prague, section C, file 141269.
> Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.
> https://kaibo.eu
>
>
>
>

-- 
kaibo, s.r.o., ID 28435036, registered with the commercial register 
administered by the Municipal Court in Prague, section C, file 141269.

Registered office: Kališnická 379/10, Prague 3, 130 00, Czech Republic.

https://kaibo.eu <https://kaibo.eu>

Mime
View raw message