Encrypted Fields
The UConn KFS application has 12 tables that contain an encrypted field. The file work/db/fieldsToEncrypt.properties lists the related objects and properties.
The database refresh process in non-production environments re-encrypts these 12 fields using the non-production key after obfuscating the values. The refresh process uses a version of the EncryptionService built to be used inside of Oracle. It has a dependency on the commons-codec.jar file.
The EncryptionService is called from within Oracle via the encrypt_string and decrypt_string functions.
To load the commons-codec classes:
Remotely log into the kfs.dev server.
Run the loadjava command:
loadjava -user <schema_name>/<password>@kfs40t -r -v /usr/share/tomcat6/webapps/kfs-dev/WEB-INF/lib/commons-codec-1.3.jar
To drop the commons-coded classes:
dropjava -user <schema_name>/<password>@kfs40t -r -v /usr/share/tomcat6/webapps/kfs-dev/WEB-INF/lib/commons-codec-1.3.jar
To reload/recompile EncryptionService:
The EncryptionService java source file must be dropped and reloaded from source. Or alternatively, this command can recompile an invalid source.
alter java source EncryptionService compile;Run the Clob Re-encryption process.