From derby-user-return-11951-apmail-db-derby-user-archive=db.apache.org@db.apache.org Tue Dec 01 08:41:59 2009 Return-Path: Delivered-To: apmail-db-derby-user-archive@www.apache.org Received: (qmail 12850 invoked from network); 1 Dec 2009 08:41:59 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 1 Dec 2009 08:41:59 -0000 Received: (qmail 50957 invoked by uid 500); 1 Dec 2009 08:41:58 -0000 Delivered-To: apmail-db-derby-user-archive@db.apache.org Received: (qmail 50907 invoked by uid 500); 1 Dec 2009 08:41:57 -0000 Mailing-List: contact derby-user-help@db.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Reply-To: "Derby Discussion" Delivered-To: mailing list derby-user@db.apache.org Received: (qmail 50899 invoked by uid 99); 1 Dec 2009 08:41:57 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Dec 2009 08:41:57 +0000 X-ASF-Spam-Status: No, hits=2.2 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of francois.orsini@gmail.com designates 209.85.216.183 as permitted sender) Received: from [209.85.216.183] (HELO mail-px0-f183.google.com) (209.85.216.183) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Dec 2009 08:41:49 +0000 Received: by pxi13 with SMTP id 13so663695pxi.24 for ; Tue, 01 Dec 2009 00:41:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=NQE0AFm3GQhR1DjWlJ3CjXoo4+ect6Q2VG9Cltu/a8Y=; b=NeD/nuEVUQ60coJ4oANn9soOY309fbPYUrk33lysm6BVfVvorhUIwB2+whCZUzGvb7 n13LxxJ4CrsIFkUUllZSxUKFm0NN40P2cF0MtbDPdu04375ADbSruZomiD1M9GMWyiC2 j5438fchPxN1jCtWUOa+fdS8eF8wdXNFC9Xp0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=vOpGkbGMtXDTJNAyKoMtTyemPO3e3R8ydab1TYOiXaTXUkATQnNQNlYkiH3TsqE+Xx 7WxX7naCa7yUsf7BFXQX+DJfWJGr3UME5cLgLsD3Tvr/nIzWJiF4BpJFhzwvHFejYG9k ehtiYifP1KnuSZMlGPzmdOQXc5q9vzkxfnUz4= MIME-Version: 1.0 Received: by 10.114.29.14 with SMTP id c14mr2996502wac.111.1259656881412; Tue, 01 Dec 2009 00:41:21 -0800 (PST) In-Reply-To: References: Date: Tue, 1 Dec 2009 00:41:21 -0800 Message-ID: <7921d3e40912010041u5b8e1d40s2377f1effd6bbc54@mail.gmail.com> Subject: Re: setting encryptionKey attribute in jdbc url From: Francois Orsini To: Derby Discussion Content-Type: multipart/alternative; boundary=00504502e956f49a190479a6b84c X-Virus-Checked: Checked by ClamAV on apache.org --00504502e956f49a190479a6b84c Content-Type: text/plain; charset=ISO-8859-1 Hi George, key.getEncoded() returns a byte array that is a textual representation of the external key in Hex. Just Stringify the byte array and set it to the 'encryptedKey' JDBC connection URL attribute - that should work. Cheers, --Francois On Mon, Nov 30, 2009 at 10:45 PM, George H wrote: > Hi, > > I am trying to create an embedded derby db using an encryption key that I > generate before hand. I've read the derby v10.5.3.0 ref guide and the > developer guide and I still have one question that lingers in my mind. > > In the JDBC url where I have to specify the encryption key attribute how do > we get the key in string form? In the docs they use examples (Dev guide page > 114 (PDF)) where the key looks like a letters and numbers and in most cases > just numbers. > > Now when I generate my key like > > KeyGenerator keyGen = KeyGenerator.getInstance("AES") > keyGen.init(256); > SecretKey key = keyGen.generateKey(); > > I only have the method key.getEncoded() that I can use which returns an > array of bytes. I wonder how I can give this key to derby in the jdbc url ? > Do I have to convert the byte array to a HEX string ? or to decimals? I > don't know. If someone could help me out on this specific part it would be > great. > > Thanks > -- > George H > george.dma@gmail.com > --00504502e956f49a190479a6b84c Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi George,

key.getEncoded() returns a byte array that is a textual r= epresentation of the external key in Hex.

Just Stringify the byte ar= ray and set it to the 'encryptedKey' JDBC connection URL attribute = - that should work.

Cheers,

--Francois

On Mon, Nov= 30, 2009 at 10:45 PM, George H <george.dma@gmail.com> wrote:
Hi,

I am trying to create an embedded derby db usin= g an encryption key that I generate before hand. I've read the derby v1= 0.5.3.0 ref guide and the developer guide and I still have one question tha= t lingers in my mind.

In the JDBC url where I have to specify the encryption key attribute ho= w do we get the key in string form? In the docs they use examples (Dev guid= e page 114 (PDF)) where the key looks like a letters and numbers and in mos= t cases just numbers.

Now when I generate my key like

KeyGenerator keyGen =3D KeyGener= ator.getInstance("AES")
keyGen.init(256);
SecretKey key =3D= keyGen.generateKey();

I only have the method=A0=A0 key.getEncoded()= that I can use which returns an array of bytes. I wonder how I can give th= is key to derby in the jdbc url ? Do I have to convert the byte array to a = HEX string ? or to decimals? I don't know. If someone could help me out= on this specific part it would be great.

Thanks
--
George H
george.dma@gmail.com

--00504502e956f49a190479a6b84c--