I have a public key value that I want to store it in DB. I stored it as Blob. The Java concerned lines are:
byte[] pk = ((BigInteger) Modulus ).toByteArray();
and
preparedStmt.setBytes(1, pk);
When I open MySQL DB in the workbench GUI, I don't see the value itself as bytes. Rather, I see the following:
Not sure if this is how it should appear or there is something missing.
Related
I have built a web application with a MySQL database that holds patients data. According to GDPR patients names must be encrypted inside the database. For connecting and performing operations to db, I use Hibernate 5.
Searching the web, I have found a lot of info regarding how to encrypt a specific column or columns inside a db table. Mainly the following three approaches:
Using #ColumnTransformer annotation of Hibernate which is the least destructive to existing code and requires the least code to be written
Using Jasypt and its Hibernate integration which is more destructive to existing code and requires a few lines of code.
Implementing a JPA Attribute Converter which required quite a few lines to be written
I decided to use #ColumnTransformer which seems to be the easiest implementation. If you think that one of the other approaches is better please say it and also explain the reason.
My question, however, has to do with existing data. My db already has data that is unencrypted which must be encrypted to work with #ColumnTransformer implementation. I intend to use the following annotation:
#ColumnTransformer(
read = "pgp_sym_decrypt(lastName, 'mySecretKey')",
write = "pgp_sym_encrypt(?, 'mySecretKey')"
)
and
#ColumnTransformer(
read = "pgp_sym_decrypt(firstName, 'mySecretKey')",
write = "pgp_sym_encrypt(?, 'mySecretKey')"
)
to the corresponding columns.
How should I encrypt existing data to comply with the above annotations? What SQL code should I use?
MySQL supports the following functions:
AES_ENCRYPT(str, key_str);
AES_DECRYPT(crypt_str,key_str);
However, I can't update all MySQL entries using the following (because aes_encrypt returns binary):
UPDATE Patient SET firstName=AES_ENCRYPT(firstName, "mySecretKey"), lastName=AES_ENCRYPT(lastName, "mySecretKey") //NOT WORKING
The solution is:
Rename existing columns using MySQLcommand:
ALTER TABLE Patient CHANGE firstName firstName-old;
ALTER TABLE Patient CHANGE lastName lastName-old;
Create two new MySQL columns of type varbinary(512) with command:
ALTER TABLE Patient ADD COLUMN lastName VARBINARY(512) NOT NULL;
ALTER TABLE Patient ADD COLUMN firstName VARBINARY(512) NOT NULL;
Update the new columns from the old ones with the following command:
UPDATE `gourvas_platform`.`Patient` SET firstName=aes_encrypt(`firstName-old`, "my secret"), lastName=aes_encrypt(`lastName-old`, "mysecret");
Now we can safely delete the old columns
Finally use the following Hibernate #ColumnTransformer annotations:
#ColumnTransformer(
read = "AES_DECRYPT(lastName, 'mySecretKey')",
write = "AES_ENCRYPT(?, 'mySecretKey')"
)
and
#ColumnTransformer(
read = "AES_DECRYPT(firstName, 'mySecretKey')",
write = "AES_ENCRYPT(?, 'mySecretKey')"
)
Note: Because I'm using MySQL 5.7 and AES_DECRYPT function returns binary[] instead of String, I need to cast to text. So the above #ColumnTransformer needs to be changed to the following:
#ColumnTransformer(
read = "cast(aes_decrypt(lastName, 'my secret') as char(255))",
write = "aes_encrypt(?, 'mysecret')"
)
and
#ColumnTransformer(
read = "cast(aes_decrypt(firstName, 'myscret') as char(255))",
write = "aes_encrypt(?, 'mysecret')"
)
i have a scenario where i have a file of the form,
id,class,type
1,234,gg
2,235,kk
3,236,hth
4,237,rgg
5,238,rgr
I also have a table in my database of the form PROPS,
id,class,property
1,7735,abc
2,3454,efg
3,235,hij
4,238,klm
5,24343,xyx
Now the first file and the db table are joined based on class so that final output will be of the form:
id,class,type,property
1,235,kk,hij
2,238,rgr,klm
Now, i can search the db table for each class record of the first file and so forth.
But this will take too much time.
Is there any way to do this same thing through a MySQL STORED PROCEDURE?
My question is whether there is a way to read the first file content line by line(WITHOUT MAKING USE OF A TEMPORARY TABLE), check the class with the class in the db table and insert the result into an output file and return the output file using MYSQL STORED PROCEDURE?
I want to select data from a mysql table, and then generate a sql script file for importing to another db.
The value type of blob in mysql is byte array in java. I have try to use new String(byte[], Charset) to transform it to String, using all charsets that java support. It can import successfully, but the imported value is incorrect. All the generated strings are not equal to what SQLyog generates.
how can i do?
I have a requirement to set the DB2SECURITYLABEL of a row upon inserting that row into the database via Hibernate. I've been unsuccessful thus far and I'm seeking advice on how to set the DB2SECURITYLABEL in Java and have Hibernate do the insert for me.
Inside of my entity, I have defined the following:
#Column(name="slabel") //this matches the name of the DB2SECURITYLABEL column
private byte[] slabel;
public void setSlabel(byte[] slabel){
this.slabel = slabel;
}
public byte[] getSlabel(){
return this.slabel;
}
In my controller I convert the hex string that represents my security label into a byte[], setSlabel with that byte[], and save the record through a Spring Data Repository .save(entity). Upon saving that record, the db2 driver throws an error:
SQLCODE=-20402 SQLSTATE=42519 .
This error code is indicative of a record being saved without a required DB2SECURITYLABEL.
Assumptions:
I am able to insert/select into/from this table via commandline using the same
security label. insert into schema.table (field1, slabel) values
(123,x'FFF01010101000CABBBBFFF') <-not my real label. I can select the records that I insert via commandline and in my application.
I am able to retrieve existing records with DB2SECURITYLABELS
and read the label as a byte[] and as hex string using my application.
I believe I am inserting a correct label. I have verified the byte[]
that I am applying to the object is correct. I was able to insert a
record with a valid DB2SECURITYLABEL via the commandline, and
retrieved it in my application; the two byte[] for the
DB2SECURITYLABELs are identical and convert back to the same hex
string.
Has anyone set a DB2SECURITYLABEL in a Java object as a byte[] and used Hibernate to save the data to a db2 database?
I appreciate any assistance.
I save an UUID token in a mysql databse table. In next section of my java program, I need to do a query like this
String sql = "SELECT expiray_time FROM recover_password WHERE token = '"+token+"'";
this token is an UUID value generated before and it is saved in a mysql table.
But when I run my program I get an error saying EmptyResultDataAccessException. I think I get this error because the UUID token value is not in the same form which was there when generating and inserting in to the database. It is in a different form now.
I have saved UUID in my databse as a text type value.
My questions are
Is it correct to save UUID values in the type of text in the database?
How to compare the generated token value with the token value in the database?
Are UUID values get hashed or encrypted in to a different format when getting inserted into a database?
Thank you !
If your UUID won't exceed 255 characters, then it's most preferable to use VARCHAR.
Use MySQL's STRCMP() function for string comparison.
http://dev.mysql.com/doc/refman/5.0/en/string-comparison-functions.html#function_strcmp