encryptionAlgorithm=algorithm attribute

Function

Specifies the algorithm for data encryption.

Use the Java conventions when you specify the algorithm, for example:
algorithmName/feedbackMode/padding

The only padding type that is allowed with Derby is NoPadding.

If no encryption algorithm is specified, the default value is DES/CBC/NoPadding.

For information about data encryption, see "Encrypting databases on disk" in the Derby Developer's Guide.

Combining with other attributes

The encryptionAlgorithm attribute must be combined with the bootPassword=key attribute and the dataEncryption=true attribute. You have the option of also specifying the encryptionProvider=providerName attribute to specify the encryption provider of the algorithm.

For an existing database for which authentication and SQL authorization are both enabled, only the database owner can perform encryption or reencryption. Please see "Enabling user authentication" and "Setting the SQL standard authorization mode" in the Derby Developer's Guide for more information.

Examples

 -- encrypt a new database
    jdbc:derby:encryptedDB;create=true;dataEncryption=true;
    encryptionProvider=com.sun.crypto.provider.SunJCE;
    encryptionAlgorithm=DESede/CBC/NoPadding;
    bootPassword=cLo4u922sc23aPe
-- configure an existing database for encryption 
    jdbc:derby:salesdb;dataEncryption=true; 
    encryptionProvider=com.sun.crypto.provider.SunJCE; 
    encryptionAlgorithm=DESede/CBC/NoPadding; 
    bootPassword=cLo4u922sc23aPe 
Note: If the specified provider does not support the specified algorithm, Derby returns an exception.