[ http://issues.apache.org/jira/browse/DERBY-1622?page=comments#action_12429117 ] Sunitha Kambhampati commented on DERBY-1622: --------------------------------------------
Hi Laura, Thanks for making the changes. They look good. One minor comment, in the html file:/tdevdvlp40140.html, the third bullet looks misplaced. There is some overlap between the derby-1636 changes and this one. As a result, I have some changes to the below file FILE:rrefattribencryptkey.html 1)In Function: Instead of the first two lines, please just add the below (which is similar to what is in bootPassword changes that you are doing for DERBY-1636) Function: Specifies the external key to use to : * Encrypt a new database * Configure an existing database for encryption * Boot an existing encrypted database 2)heading: Combining with other attributes Please add the following statement: When you configure an existing database for encryption, the encryptionKey attribute must be combined with the dataEncryption=true attribute and also the encryptionAlgorithm attribute if you want to use any other default algorithm Please add the following example Examples: -- configure an existing database for encryption jdbc:derby:salesdb;dataEncryption=true;encryptionKey=6162636465666768 > Add documentation for encrypted database using encryptionKey > ------------------------------------------------------------ > > Key: DERBY-1622 > URL: http://issues.apache.org/jira/browse/DERBY-1622 > Project: Derby > Issue Type: Task > Components: Documentation > Affects Versions: 10.2.1.0 > Reporter: Sunitha Kambhampati > Assigned To: Laura Stewart > Priority: Minor > Fix For: 10.2.1.0 > > Attachments: derby1622.diff, derby1622_2.diff, Derby1622_html.zip, > derby1622_html2.zip > > > 1) > In Reference Manual:Section: Setting attributes for the database connection > url > Add the following attribute: > encryptionKey=key > Function > Specifies the key to use for encrypting a new database or booting an existing > encrypted database. The application > provides the encryption key. > Combining with other attributes > When creating a new database, must be combined with create=true and > dataEncryption=true. When booting an existing > encrypted database, the encryptionAlgorithm is also required to be specified > if the algorithm used when creating the > database was not the default algorithm. The default encryption algorithm used > by Derby is DES/CBC/NoPadding. > -- create a new, encrypted database > jdbc:derby:newDB;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768 > -- boot an encrypted database > jdbc:derby:encryptedDB;encryptionKey=6162636465666768 > 2) > Developers Guide: > http://db.apache.org/derby/docs/dev/devguide/tdevdvlp40140.html > This should say , Booting an encrypted database. > This section should also mention the encryptionKey attribute. > http://db.apache.org/derby/docs/dev/devguide/cdevcsecure60146.html > This section should also mention the encryptionKey attribute. > Something like change this line from > "Once you have created an encrypted database, you must supply the boot > password to reboot it." > to > "If you have created an encrypted database using the bootPassword, then you > must supply the boot password to reboot it. If you have created an encrypted > database using the encryptionKey, then you must supply the encryptionKey to > reboot it" > The example should also include the example to boot using the encryptionKey. > For example, to access an encrypted database called encryptedDB, created with > the encryptionKey c566bab9ee8b62a5ddb4d9229224c678 and with > encryptionAlgorithm=AES/CBC/NoPadding, you would use the following connection > URL: > jdbc:derby:encryptedDB;encryptionAlgorithm=AES/CBC/NoPadding;encryptionKey=c566bab9ee8b62a5ddb4d9229224c678 > -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira