Last Published: 16 Jan 2008 | Version: 1.4.1

Main | Download | Features | Users Forum | Sourceforge.net Project Page

The Jasypt Project

Reference

Community

Guides

Articles

· How to encrypt user passwords

Built with Maven 2

Hosted on SourceForge.net

Jasypt Users Forum

|

»

»

»

Jasypt with the built-in Oracle encrypt/decrypt functions

View: New views

4 Messages — Rating Filter: Alert me

	Jasypt with the built-in Oracle encrypt/decrypt functions by Trent Larson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message We are currently using Hibernate with many custom SQL statements to handle our encrypted fields, which are encrypted with Oracle's built-in 'encrypt' function with a password. In other words, most of our POJOs have annotations on each field for persistence, but a few of them have full SQL insert/update/select statements because of the one field in that class that must be encryped and decrypted. I want to switch to Jasypt (and someday let it control all my encryption, maybe), but I don't see any encryptor that will simply translate an update into a 'encrypt' SQL wrapper (and likewise a select into a 'decrypt' wrapper) for the fields marked as encrypted. Thanks for any help. Trent
	Re: Jasypt with the built-in Oracle encrypt/decrypt functions by dfernandez :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message +------------------------+ Jasypt Users List http://www.jasypt.org +------------------------+ Hello, Maybe I don't understand correctly, but if you are looking for a way to integrate jasypt with the native "encrypt"/"decrypt" functions of Oracle... the fact is, that I don't really see the point of that. I mean: jasypt's purpose is to act as the encryptor and decryptor of data... but, if you use the database's native functions for doing the encryption and decryption... why use Jasypt then? Your needs can maybe be solved with a Hibernate custom type made ad-hoc, but I don't think Jasypt would be of much help... Anyway, tell me if I am not understanding correctly, please. Regards, Daniel. Trent Larson wrote: > +------------------------+ > Jasypt Users List > http://www.jasypt.org > +------------------------+ > > We are currently using Hibernate with many custom SQL statements to handle > our encrypted fields, which are encrypted with Oracle's built-in 'encrypt' > function with a password. In other words, most of our POJOs have > annotations on each field for persistence, but a few of them have full SQL > insert/update/select statements because of the one field in that class that > must be encryped and decrypted. > > I want to switch to Jasypt (and someday let it control all my encryption, > maybe), but I don't see any encryptor that will simply translate an update > into a 'encrypt' SQL wrapper (and likewise a select into a 'decrypt' > wrapper) for the fields marked as encrypted. > > Thanks for any help. > Trent > ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ jasypt-users mailing list jasypt-users@... https://lists.sourceforge.net/lists/listinfo/jasypt-users
	Re: Jasypt with the built-in Oracle encrypt/decrypt functions by Trent Larson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message You're absolutely right: I'm not familiar with that Hibernate feature, so any pointers would be appreciated. As a side note, we are moving toward Java encryption, so if I can insert Jasypt to help with this first problem, it will be a lot easier to do the migration away from the DB encryption! So any pointers will help us move this drection. Thanks. dfernandez wrote: +------------------------+ Jasypt Users List http://www.jasypt.org +------------------------+ Hello, Maybe I don't understand correctly, but if you are looking for a way to integrate jasypt with the native "encrypt"/"decrypt" functions of Oracle... the fact is, that I don't really see the point of that. I mean: jasypt's purpose is to act as the encryptor and decryptor of data... but, if you use the database's native functions for doing the encryption and decryption... why use Jasypt then? Your needs can maybe be solved with a Hibernate custom type made ad-hoc, but I don't think Jasypt would be of much help... Anyway, tell me if I am not understanding correctly, please. Regards, Daniel. Trent Larson wrote: > +------------------------+ > Jasypt Users List > http://www.jasypt.org > +------------------------+ > > We are currently using Hibernate with many custom SQL statements to handle > our encrypted fields, which are encrypted with Oracle's built-in 'encrypt' > function with a password. In other words, most of our POJOs have > annotations on each field for persistence, but a few of them have full SQL > insert/update/select statements because of the one field in that class that > must be encryped and decrypted. > > I want to switch to Jasypt (and someday let it control all my encryption, > maybe), but I don't see any encryptor that will simply translate an update > into a 'encrypt' SQL wrapper (and likewise a select into a 'decrypt' > wrapper) for the fields marked as encrypted. > > Thanks for any help. > Trent > ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ jasypt-users mailing list jasypt-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jasypt-users
	Re: Jasypt with the built-in Oracle encrypt/decrypt functions by dfernandez :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message +------------------------+ Jasypt Users List http://www.jasypt.org +------------------------+ As for creating a new Hibernate user type, it is quite simple. It is just a class implementing the org.hibernate.usertype.UserType interface and probably also org.hibernate.usertype.ParameterizedType also (if you need it to receive parameters). For an example of this, I would recommend you to have a look at the source code for org.jasypt.hibernate.type.AbstractEncryptedAsStringType and any of its subclasses. As for using jasypt for substituting your current Oracle implementation... the first step you would have to take is to be able to replicate exactly the same encryption configuration Oracle uses with Jasypt. This is, finding out which algorithm, salt, iteration count, etc. it uses, and then testing whether you can decrypt, using jasypt, things encrypted by Oracle. But think that Jasypt only supports Password Based Encryption for two-way encryption, and not other mechanisms like using a key directly specified in bytes... I don't know what encryption Oracle uses, but if it is not some kind of PBE, inserting Jasypt here would be somewhat difficult and you might need to go to the Java Crypto API directly or some other external libraries like Bouncy Castle... Regards, Daniel. Trent Larson wrote: +------------------------+ Jasypt Users List http://www.jasypt.org +------------------------+ You're absolutely right: I'm not familiar with that Hibernate feature, so any pointers would be appreciated. As a side note, we are moving toward Java encryption, so if I can insert Jasypt to help with this first problem, it will be a lot easier to do the migration away from the DB encryption! So any pointers will help us move this drection. Thanks. dfernandez wrote: +------------------------+ Jasypt Users List http://www.jasypt.org +------------------------+ Hello, Maybe I don't understand correctly, but if you are looking for a way to integrate jasypt with the native "encrypt"/"decrypt" functions of Oracle... the fact is, that I don't really see the point of that. I mean: jasypt's purpose is to act as the encryptor and decryptor of data... but, if you use the database's native functions for doing the encryption and decryption... why use Jasypt then? Your needs can maybe be solved with a Hibernate custom type made ad-hoc, but I don't think Jasypt would be of much help... Anyway, tell me if I am not understanding correctly, please. Regards, Daniel. Trent Larson wrote: +------------------------+ Jasypt Users List http://www.jasypt.org +------------------------+ We are currently using Hibernate with many custom SQL statements to handle our encrypted fields, which are encrypted with Oracle's built-in 'encrypt' function with a password. In other words, most of our POJOs have annotations on each field for persistence, but a few of them have full SQL insert/update/select statements because of the one field in that class that must be encryped and decrypted. I want to switch to Jasypt (and someday let it control all my encryption, maybe), but I don't see any encryptor that will simply translate an update into a 'encrypt' SQL wrapper (and likewise a select into a 'decrypt' wrapper) for the fields marked as encrypted. Thanks for any help. Trent ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ jasypt-users mailing list jasypt-users@... https://lists.sourceforge.net/lists/listinfo/jasypt-users ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ jasypt-users mailing list jasypt-users@... https://lists.sourceforge.net/lists/listinfo/jasypt-users

LightInTheBox - Buy quality products at wholesale price