The asymmetric password encryption mechanism uses RSA encryption algorithms to encrypt the password being transmitted. To perform this RSA encryption, configure your JRE with a suitable Java Cryptography Extension (JCE) provider. The configured JCE provider should be capable of supporting the “RSA/NONE/OAEPWithSHA1AndMGF1Padding” transformation.
The Sun JCE provider included with Sun JREs may not be capable of handling the “RSA/NONE/OAEPWithSHA1AndMGF1Padding” transformation. To use the extended password encryption feature in this case, configure an external JCE provider that includes support for this transformation. If JCE cannot handle the required transformation, you receive an error message at login.
You can use the JCE_PROVIDER_CLASS connection property to specify the JCE provider. There are a number of commercial and open source JCE providers that you can choose from. For example, the “Bouncy Castle Crypto APIs for Java” is a popular open source Java JCE provider. If you choose not to specify the JCE_PROVIDER_CLASS property, jConnect attempts to use any bundled JCE.
To specify a JCE provider:
Set the JCE_PROVIDER_CLASS property to the fully qualified class name of the provider you want to use. For example, to use the Bouncy Castle JCE:
String url = "jdbc:sybase:Tds:myserver:3697"; Properties props = new Properties(); props.put("ENCRYPT_PASSWORD ", “true”); props.put("JCE_PROVIDER_CLASS", "org.bouncycastle.jce.provider.BouncyCastleProvider"); /* Set up additional connnection properties as needed */ props.put("user", "xyz"); props.put("password", "123"); /* get the connection */ Connection con = DriverManager.getConnection(url, props);
Configure the JCE provider before using it. This can be done by one of two ways:
Copy the JCE provider jar file into the JRE standard extension directory:
For UNIX / Mac OS X platforms: ${JAVA_HOME}/jre/lib/ext
For Windows: %JAVA_HOME%\jre\lib\ext
If you cannot copy the JCE jar file to the appropriate directory, refer to the Sun JCE Reference Guide for instructions on setting up an external JCE provider.
If jConnect cannot use the specified JCE provider, it attempts to use the JCE providers configured in the JRE security profile. If no other JCE providers are configured, or if configured providers do not support the required transformation and password encryption is enabled, the connection fails.