use of com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider in project mssql-jdbc by Microsoft.
the class AlwaysEncrypted method main.
public static void main(String[] args) {
try (BufferedReader br = new BufferedReader(new InputStreamReader(System.in))) {
System.out.print("Enter server name: ");
serverName = br.readLine();
System.out.print("Enter port number: ");
portNumber = br.readLine();
System.out.print("Enter database name: ");
databaseName = br.readLine();
System.out.print("Enter username: ");
username = br.readLine();
System.out.print("Enter password: ");
password = br.readLine();
// e.g. C:\\Dev\\Always Encrypted\\keystore.jks
System.out.print("Enter the location of the keystore: ");
keyStoreLocation = br.readLine();
// e.g. lp-e796acea-c3bd-4a27-b657-2bb71e3517d1
System.out.print("Enter the alias of the key stored in the keystore: ");
keyAlias = br.readLine();
System.out.print("Enter the password of the keystore and the key: ");
keyStoreSecret = br.readLine().toCharArray();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
String connectionString = GetConnectionString();
try {
// Note: if you are not using try-with-resources statements (as here),
// you must remember to call close() on any Connection, Statement,
// ResultSet objects that you create.
// Open a connection to the database.
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
try (Connection sourceConnection = DriverManager.getConnection(connectionString)) {
// Instantiate the Java Key Store provider.
SQLServerColumnEncryptionKeyStoreProvider storeProvider = new SQLServerColumnEncryptionJavaKeyStoreProvider(keyStoreLocation, keyStoreSecret);
dropKeys(sourceConnection);
System.out.println();
/**
* Create column mater key For details on syntax refer: https://msdn.microsoft.com/library/mt146393.aspx
*/
String createCMKSQL = "CREATE COLUMN MASTER KEY " + columnMasterKeyName + " WITH ( " + " KEY_STORE_PROVIDER_NAME = '" + storeProvider.getName() + "' , KEY_PATH = '" + keyAlias + "' ) ";
try (Statement cmkStatement = sourceConnection.createStatement()) {
cmkStatement.executeUpdate(createCMKSQL);
System.out.println("Column Master Key created with name : " + columnMasterKeyName);
}
byte[] encryptedCEK = getEncryptedCEK(storeProvider);
/**
* Create column encryption key For more details on the syntax refer: https://msdn.microsoft.com/library/mt146372.aspx Encrypted CEK
* first needs to be converted into varbinary_literal from bytes, for which DatatypeConverter.printHexBinary is used
*/
String createCEKSQL = "CREATE COLUMN ENCRYPTION KEY " + columnEncryptionKey + " WITH VALUES ( " + " COLUMN_MASTER_KEY = " + columnMasterKeyName + " , ALGORITHM = '" + algorithm + "' , ENCRYPTED_VALUE = 0x" + bytesToHexString(encryptedCEK, encryptedCEK.length) + " ) ";
try (Statement cekStatement = sourceConnection.createStatement()) {
cekStatement.executeUpdate(createCEKSQL);
System.out.println("CEK created with name : " + columnEncryptionKey);
}
}
} catch (Exception e) {
// Handle any errors that may have occurred.
e.printStackTrace();
}
}
Aggregations