encryptionAlgorithm=algorithm attribute

Function

Specifies the algorithm for data encryption.

Use the Java conventions when you specify the algorithm, for example:
algorithmName/feedbackMode/padding

The only padding type that is allowed with Derby is NoPadding.

If no encryption algorithm is specified, the default value is DES/CBC/NoPadding.

For information about data encryption, see "Encrypting databases on disk" in the Derby Developer's Guide.

Combining with other attributes

The encryptionAlgorithm=algorithm attribute must be combined with the dataEncryption=true attribute and with either the bootPassword=key attribute or the encryptionKey=key attribute. You can also use the encryptionProvider=providerName attribute to specify the encryption provider of the algorithm.

For an existing database for which authentication and SQL authorization are both enabled, only the database owner can perform encryption or reencryption. Please see "Enabling user authentication" and "Setting the SQL standard authorization mode" in the Derby Developer's Guide for more information.

Examples

-- encrypt a new database
jdbc:derby:encryptedDB;create=true;dataEncryption=true;
    encryptionProvider=com.sun.crypto.provider.SunJCE;
    encryptionAlgorithm=DESede/CBC/NoPadding;
    bootPassword=cLo4u922sc23aPe
-- configure an existing database for encryption 
jdbc:derby:salesdb;dataEncryption=true; 
    encryptionProvider=com.sun.crypto.provider.SunJCE; 
    encryptionAlgorithm=DESede/CBC/NoPadding; 
    bootPassword=cLo4u922sc23aPe 
Note: If the specified provider does not support the specified algorithm, Derby returns an exception.