I'm using WebSphere 7 and their JPA 2.0 implementation which is based on OpenJPA, and I have something driving me crazy. I have to connect to a SQL Server 2008 database that uses the database column encryption. The encryption is done by several database commands:
1 - OPEN SYMMETRIC KEY DECRYPTION BY CERTIFICATION
2 - Perform insert/select/update/etc using the database methods EncryptByKey or DecryptByKey
3 - CLOSE SYMMETRIC KEY
I have searched and it does not appear that OpenJPA supports this functionality. Does anybody know how to get OpenJPA to play nicely with this type of encryption? Or should I just skip JPA for this project and use good old fashioned PreparedStatements?
So yeah, it does look like doing a native query is only way to do this. So it comes out to something like this:
EntityManager em = getEntityManager();
Query openKey = em.createNativeQuery("OPEN SYMMETRIC KEY MY_KEY DECRYPTION BY CERTIFICATE MY_CERT");
openKey.executeUpdate();
Query query = em.createNativeQuery("SELECT FIRSTNAME, LASTNAME, CONVERT(varchar, DECRYPTBYKEY(SSN)) as SSN from report where record_id = ?", Report.class);
query.setParameter(1, recordId);
report = (Report) query.getSingleResult();
Query closeKey = em.createNativeQuery("CLOSE SYMMETRIC KEY MY_KEY");
closeKey.executeUpdate();
Related
I want to find out what key name provided from an external provider my database is using in an encrypted database.
This is an example taken from Microsoft website.
CREATE ASYMMETRIC KEY EKM_askey1
FROM PROVIDER EKM_Provider1
WITH
ALGORITHM = RSA_2048,
CREATION_DISPOSITION = CREATE_NEW
, PROVIDER_KEY_NAME = 'key10_user1' ;
GO
But I don't know how to learn whether this is CREATE_NEW or OPEN_EXISTING and have no clue what view contains information about this key10_user1 as mentioned in the example.
Could you try:
SELECT * FROM sys.cryptographic_providers;
to get the provider id and then query using sys.dm_cryptographic_provider_keys:
SELECT * FROM sys.dm_cryptographic_provider_keys(1234567);
GO
I had the need to encrypt/decrypt some personal information in my database such as credit card no and passwords.
Following the steps from Microsoft I was successfully encrypt & decrypt the data.
But after some test I have questions.
Assume someone gets unauthorized access to the database (hack) and can see the database in SSMS from his own computer. Surly he can see that I had some certificate and symmetric key setup.
In order to display the data the examples shows the following query
OPEN symmetric KEY symmetrickey1
decryption BY certificate certificate1
Now list the original ID, the encrypted ID
SELECT customer_id,
credit_card_number_encrypt AS
'Encrypted Credit Card Number',
CONVERT(VARCHAR, Decryptbykey(credit_card_number_encrypt)) AS
'Decrypted Credit Card Number'
FROM dbo.customer_data;
-- Close the symmetric key
CLOSE symmetric KEY symmetrickey1;
If the above query returns the data and can see the credit card how can then be protected? Shouldn't it be necessary to pass a password somewhere in the query?
I am sure that I miss something here. Can anyone explain this to me?
i had to include a password to the cerificate
CREATE CERTIFICATE Certificate1
Encryption By Password='Password123'
WITH SUBJECT = 'Protect Data'
for retrieving data
OPEN Symmetric KEY SymmetricKey1
DECRYPTION BY CERTIFICATE Certificate1 With Password='Password123'
;
select *,CONVERT(nvarchar(255),DECRYPTBYKEY(Credit_Card_No)) as
[Credit_Card_No3] from Customers
;
Close Symmetric Key SymmetricKey1
How can I have a certificate in a Visual Studio 2010 database project that will be created, updated and removed depending on changes in the project similar to the way that it handles tables, stored procedures, keys and other objects?
Below is the syntax that I am currently using, and the $(CertName).
CREATE CERTIFICATE [$(CertName)]
AUTHORIZATION [dbo]
WITH SUBJECT = N'Encrypt Data', START_DATE = N'11/26/2012 15:13:03', EXPIRY_DATE = N'11/26/2013 15:13:03'
ACTIVE FOR BEGIN_DIALOG = ON;
I have tried to check if it exists using the below if statement.
IF (select Count(*) from sys.symmetric_keys where name like '$(CertName)') = 0
BEGIN
--insert create statement
END
However using this approach I get the following errors, due to the fact that I use the certificate in the definition of the symmetric key.
SQL03006: Symmetric Key: [$(KeyName)] has an unresolved reference to Certificate [$(CertName)].
Try this:
IF EXISTS (SELECT 1 FROM sys.certificates where name = '$(CertName)')
I can't solve my problem with my local Oracle database.
I'm tryong to connect to my local Oracle database (Oracle Database 11g Express Edition)
Later on I will use JNDI to another Oracle Database, but I think this should still work.
Driver: ojdbc6.jar in /lib
db.default.driver=oracle.jdbc.driver.OracleDriver
db.default.url="jdbc:oracle:thin:#localhost:1521:xe"
db.default.user="user"
db.default.pass="pass"
So I know I do connect to the database, but the error is that it says that the table does not exist. I'm not even creating or querying to a table (no model exists - but I've tried with having a model too, same error). Something seems to be wrong in the beginning and I don't know how to Debug this.
Error:
**java.sql.SQLSyntaxErrorException: ORA-00942: table or view does not exist**
oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:457)
oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:400)
oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:926)
oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:476)
oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:200)
oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:543)
oracle.jdbc.driver.T4CStatement.doOall8(T4CStatement.java:197)
oracle.jdbc.driver.T4CStatement.executeForDescribe(T4CStatement.java:1213)
oracle.jdbc.driver.OracleStatement.executeMaybeDescribe(OracleStatement.java:1492)
oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1710)
oracle.jdbc.driver.OracleStatement.executeQuery(OracleStatement.java:2006)
oracle.jdbc.driver.OracleStatementWrapper.executeQuery(OracleStatementWrapper.java:1709)
com.jolbox.bonecp.StatementHandle.executeQuery(StatementHandle.java:503)
play.api.db.evolutions.Evolutions$.executeQuery(Evolutions.scala:118)
play.api.db.evolutions.Evolutions$.databaseEvolutions(Evolutions.scala:334)
play.api.db.evolutions.Evolutions$.evolutionScript(Evolutions.scala:306)
play.api.db.evolutions.EvolutionsPlugin$$anonfun$onStart$1$$anonfun$apply$1.apply$mcV$sp(Evolutions.scala:435)
play.api.db.evolutions.EvolutionsPlugin.withLock(Evolutions.scala:478)
play.api.db.evolutions.EvolutionsPlugin$$anonfun$onStart$1.apply(Evolutions.scala:434)
play.api.db.evolutions.EvolutionsPlugin$$anonfun$onStart$1.apply(Evolutions.scala:432)
scala.collection.immutable.List.foreach(List.scala:309)
play.api.db.evolutions.EvolutionsPlugin.onStart(Evolutions.scala:432)
play.api.Play$$anonfun$start$1$$anonfun$apply$mcV$sp$1.apply(Play.scala:63)
play.api.Play$$anonfun$start$1$$anonfun$apply$mcV$sp$1.apply(Play.scala:63)
scala.collection.immutable.List.foreach(List.scala:309)
play.api.Play$$anonfun$start$1.apply$mcV$sp(Play.scala:63)
play.api.Play$$anonfun$start$1.apply(Play.scala:63)
play.api.Play$$anonfun$start$1.apply(Play.scala:63)
When reading about it I've only found that I might not have permission to some table, but the thing is that I use the same login in Oracle SQL Developer and it works.
As nico_ekito wrote, you need to create this table manually.
This one works for me:
CREATE TABLE play_evolutions
(
id Number(10,0) Not Null Enable,
hash VARCHAR2(255 Byte),
applied_at Timestamp Not Null,
apply_script clob,
revert_script clob,
state Varchar2(255),
last_problem clob,
CONSTRAINT play_evolutions_pk PRIMARY KEY (id)
);
Try to manually create a play_evolutions table with the following columns (by adapting the types to the ones used by Oracle):
id int not null primary key, hash varchar(255) not null,
applied_at timestamp not null,
apply_script text,
revert_script text,
state varchar(255),
last_problem text
In conf/application.conf
Un-comment the following line:
evolutionplugin=disabled
This is if you don't need Evolutions (to track schema changes).
I migrated PB7 to PB10.5 on SQL server DB. The system gives me this message:
"DBMS MSS Microsoft SQL Server 6.x is not supported in your current
installation"
I changed the database connection settings from:
Old connect used in PB7:
DBMS = MSS Microsoft SQL Server 6.x
Database = databaseName
ServerName = serverName
LogId = LogId
AutoCommit = 1
DBParm = ""
UserId = userid
DatabasePassword =
LogPassword=password
Lock=
Prompt=0
To this in PB10.5:
DBMS =SNC SQL Native Client(OLE DB)
Database =databaseName
ServerName =serverName
LogId =LogId
AutoCommit = 0
DBParm = "
Database='databaseName'
TrimSpaces=1"
UserId=userid
DatabasePassword=
LogPassword=password
Lock=
Prompt=0
The system run without previous error message,but when retrieve any old stored arabic data in datawindows it seem unreadable like
ÚãáíÇÊ ÇÎÑì
I can't believe this question got overlooked -- sorry about that. It is a common question when migrating from older versions of PowerBuilder to PowerBuilder version 10 and higher. Good news, very easy to fix just can be time consuming depending on how many places you need to fix.
I've already written a blog article on the subject or just duckduckgo migrating PowerBuilder Unicode issues.
Converting ANSI and Unicode Strings for PowerBuilder Migrations to Version 10 and Higher
Here is a summary of the conversion process:
Convert data to ANSI
Blob lbl_data
lbl_data = Blob("PowerBuilder is cool!", EncodingANSI!)
ls_data = String(lbl_data, EncodingANSI!)
Convert data read via file to ANSI
Blob lbl_data
lbl_data = Blob("PowerBuilder is cool!", EncodingANSI!)
ls_data = String(lbl_data, EncodingANSI!)