Newer
Older
labs / tiddlers / content / labs / lab12 / _Labs_12_Encrypting the Database.md

Open the <> folder in the root of your home folder in the file manager (Windows users will find this in the root of your C: drive). You should see a file named project.mv.db. This is the file that contains your database. If a malicious attacker can get their hands on this file then they have your entire database.

Open a terminal in the <> folder.

Right click the background of the file manager and select <

>. Enter the following command:

strings project.mv.db

Windows users don't have a strings command by default, however you can download one from:

https://docs.microsoft.com/en-nz/sysinternals/downloads/strings

This will display any consecutive sequences of printable characters in the file. If you scroll up a bit you will see the data. This means that there currently isn't much protection on this file. Even if we had strong passwords on all of the database user accounts that prevented an attacker from opening the file with H2, they can still use tools like the strings command to extract the data.

Leave the command window open so that we can repeat the strings command once we have encrypted the database to see the difference.

Encrypting the database is fairly easy:

  1. The first thing that we need to do is add a password to the sa account. We need to do this because once we encrypt the database we will need to provide two passwords when we connect (the decryption password and the user password), and we can only do that if all of our users actually have a proper password.

    Find/open an H2 console that is connected using the sa user. You can enter the following to find out which user you are connected with:

    call user();

    Enter the following to set the password:

    alter user sa set password 'somepassword';
  2. Disconnect and reconnect as sa using the new password.

  3. In order to encrypt the database it can't have any active connections so disconnect again, and shut down your server in NetBeans.

  4. You should be back at the H2 Login page in the browser. In the navigation menu at the top, click <

    ChangeFileEncryption">>.

    Enter the following values:

                 Cipher:   AES
              Directory:   ~
          Database name:   project
    Encryption password:   encrypt

    Again, we can change this password easily later so let's just keep it to something simple and memorable for the meantime.

  5. Click the <

    > button. It should happen fairly quickly. If you don't see any error messages appear in the Result area you are good --- no news is good news in this case.

  6. Open another H2 Login console. This time you have to enter both the encryption password and the user password. The encryption password goes first, then a space, then the user password. Assuming you have used the passwords we have used in this document it will be: encrypt somepassword.

    When you click connect you will see an error message stating that the file is corrupted. This is because we haven't told H2 that it needs to use AES to decrypt the file.

    Append the following to the end of the JDBC URL: ;CIPHER=AES

    The complete JDBC URL should now be:

    jdbc:h2:tcp://localhost/project;CIPHER=AES

    Enter the passwords again. You should now be able to connect and run queries as per normal.

  7. How do we know if the file is encrypted? Run the strings command on the file again. This time you should see nothing that looks like data or even meta-data.

    If a bad guy gets hold of our database file his only option now is to guess or brute force two passwords.

  8. Update the jdbcUri field in each of the JdbiDaoFactory classes to include the ;CIPHER=AES option.

  9. Update the DB_PASSWORD field in each of the JdbiDaoFactory classes. The same rule applies --- the encryption password first, then a space, then the user/role password.

  10. Test your entire application again. It should still all work fine.