Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-3710

cannot access a database using AES encryption with encryptionKeyLength=192 after it's been shutdown

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 10.5.1.1
    • 10.5.3.0, 10.6.1.0
    • Services
    • None
    • reproduced with ibm's jdk 1.5 and 1.6, and sun's jdk15.
      AES encryption with encryptionKeyLength=192 requires unrestricted security policy jars on your jvm
    • Normal
    • Repro attached
    • Data corruption

    Description

      Accessing a database created using encryptionAlgorithm: AES/CBC/NoPadding, and encryptionKeyLength=192 after it's been shutdown fails like so:
      -----------------------
      ERROR XJ040: Failed to start database 'encdbcbc_192', see the next exception for details.
      ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password.
      ----------------------

      This does not occur when you use encryptionKeyLength=128 (does not require unrestricted jars) nor encryptionKeyLength=256 (does require unrestricted policy jars).

      Note: our test (in derbyall): store/aes.sql does not test this, firstly it doesn't test the larger sizes (because it would diff & fail unless you have been able to adjust your jvm's policy jars), and secondly it doesn't shutdown before reconnecting.

      Attachments

        1. derby-3710-01-aa-digestPaddedPassword.diff
          6 kB
          Richard N. Hillegas
        2. derby-3710-01-ab-digestPaddedPassword.diff
          6 kB
          Richard N. Hillegas
        3. repro.sql
          3 kB
          Myrna van Lunteren
        4. repro-3710.sql
          2 kB
          Richard N. Hillegas

        Issue Links

          Activity

            People

              rhillegas Richard N. Hillegas
              myrna Myrna van Lunteren
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: