Connecting to an encrypted database after changing encryption key in OrientDB

90 views Asked by At

I am new to OrientDB and working on database encryption. Can anyone please guide me about followings: How to encrypt database in OrientDB? and more importantly, can we execute quires on the encrypted database?

I tried to enable AES encryption but didn't see any encryption outcome. At the end, it allows database connection, where contents are unencrypted even with an incorrect encryption key.

According to the documentation, I performed following steps to enable database encryption:

------- create database with key1 ------
config set storage.encryptionKey Ohjojiegahv3tachah9eib==
create database remote:localhost/databases/encrypted-db root 12345 plocal 
document -encryption=aes

CREATE CLASS Customer 
CREATE PROPERTY Customer.id integer 
CREATE PROPERTY Customer.name String 
CREATE PROPERTY Customer.age integer

INSERT INTO Customer (id, name, age) VALUES (01,'satish', 25) 
INSERT INTO Customer SET id = 02, name = 'krishna', age = 26 
INSERT INTO Customer CONTENT {"id": "03", "name": "kiran", "age": "29"}
INSERT INTO Customer (id, name, age) VALUES (04,'javeed', 21), (05,'raja', 29) 

SELECT FROM Customer

disconnect

------- open encrypted database with key2 (different from key1) ------
config set storage.encryptionKey Ohj11iegahv3tac1111111==
CONNECT remote:localhost/databases/encrypted-db root 12345
SELECT FROM Customer

OrientDB will show original data of Customer CLASS.

1

There are 1 answers

0
Lvca On

Encryption at rest is not supported on remote protocol yet. It can be used only with plocal. So you're using a non-encrypted database. The documentation wasn't very clear about that, sorry. I'm fixing the docs right now.