Encrypt in Java and Decrypt in MS SQL Server

2.3k views Asked by At

My application flow is as follow.

JAVA APP ----> MS SQL (Tables)---> MS SQL (Stored procedure) ---> Another DB

Here from Java application i am pushing certain Sensitive information that i even want to hide from DBA. So i want to encrypt those column values from java and before the Stored Procedure pushes it to Another DB i want to Decrypt it in SQL code.

But the Problem is that MS SQL do not allow Custom Keys to be passed for Encryption or Decryption .It generates those keys itself and we cant see those key values. So i cant decrypt them as i cant pass on my keys (Which i used to encrypt values in Java code) in SQL DecryptByKey Mehtod. i am using 3DES encryption Scheme. Can any one help me with this issue.

Now the core Question is. How can i decrypt any 3DES based Encrypted Value (i am encrypting this value in Java Code) in MS SQL server 2008 when i know all the details about of Encryption value such as salt and other things. Is there any method in SQL where i can pass my custom key and decrypt the values.

Any help will be deeply appreciated.

2

There are 2 answers

1
AudioBubble On

You can encrypt whole jdbc traffic with SSL. Look at https://msdn.microsoft.com/en-us/library/bb879935%28v=sql.110%29.aspx

1
Nimble Fungus On

It is not possible to view the SQL server keys, and hence we can't decrypt anything encrypted by SQL server.

I had to change my approach for this scenario.