Issue Details (XML | Word | Printable)

Key: DERBY-4229
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Kim Haase
Reporter: Kathey Marsden
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Derby

encryptionKeyLength connection attribute should be documented

Created: 14/May/09 08:03 PM   Updated: 16/Jul/09 09:24 PM
Component/s: Documentation
Affects Version/s: 10.5.1.1
Fix Version/s: 10.5.2.0

Time Tracking:
Not Specified

File Attachments:
  File Name Date Attached Attached By Size
HTML File Licensed for inclusion in ASF works cdevcsecure67151.html 2009-05-20 08:58 PM Kim Haase 6 kB
File Licensed for inclusion in ASF works DERBY-4229.diff 2009-05-20 08:58 PM Kim Haase 2 kB
Issue Links:
Reference
 

Resolution Date: 21/May/09 03:10 PM
Labels:


 Description  « Hide
The developer guide says:

The length of the encryption key depends on the algorithm used:
AES (128, 192, and 256 bits)
DES (the default) (56 bits)
DESede (168 bits)
All other algorithms (128 bits)
Note: The boot password should have at least as many characters as number of bytes in the encryption key (56 bits=8 bytes, 168 bits=24 bytes, 128 bits=16 bytes). The minimum number of characters for the boot password allowed by Derby is eight.

For AES, however, it does not tell how to change the default key length of 128. This can be changed with the encryptionKeyLength connection attribute. The documentation should also specify that special policy files for the JRE may be necessary to accomodate the longer length.

Also note that there is an outstanding issue DERBY-3710 regarding length of 192 for AES.




 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Kim Haase made changes - 20/May/09 08:53 PM
Field Original Value New Value
Assignee Kim Haase [ chaase3 ]
[ Permalink | « Hide ]
Kim Haase added a comment - 20/May/09 08:58 PM
Attaching DERBY-4229.diff and cdevcsecure67151.html, which I hope provide the information needed here. The topic where the information seems to belong is "Specifying an alternate encryption algorithm."

I've added one sentence that I hope also fixes DERBY-2821, an issue filed a long time ago.

Kim Haase made changes - 20/May/09 08:58 PM
Attachment DERBY-4229.diff [ 12408619 ]
Attachment cdevcsecure67151.html [ 12408620 ]
Kim Haase made changes - 20/May/09 08:59 PM
Link This issue relates to DERBY-2821 [ DERBY-2821 ]
[ Permalink | « Hide ]
Kim Haase added a comment - 20/May/09 08:59 PM
DERBY-4229 and DERBY-2821 both require fixes to the same topic.

Kim Haase made changes - 20/May/09 09:00 PM
Fix Version/s 10.5.1.2 [ 12313870 ]
Derby Info [Patch Available]
Kim Haase made changes - 20/May/09 09:00 PM
Affects Version/s 10.5.1.1 [ 12313771 ]
[ Permalink | « Hide ]
Myrna van Lunteren added a comment - 20/May/09 10:20 PM
These changes look good to me.

Repository Revision Date User Message
ASF #777141 Thu May 21 14:56:05 UTC 2009 chaase3 DERBY-4229: encryptionKeyLength connection attribute should be documented
DERBY-2821: emphasize that derby encryption only supports NoPadding option

Updated "Specifying an alternate encryption algorithm" topic to fix two issues.

Patch: DERBY-4229.diff
Files Changed
MODIFY /db/derby/docs/trunk/src/devguide/cdevcsecure67151.dita

Repository Revision Date User Message
ASF #777148 Thu May 21 15:08:05 UTC 2009 chaase3 DERBY-4229: encryptionKeyLength connection attribute should be documented
DERBY-2821: emphasize that derby encryption only supports NoPadding option

Merged DERBY-4229.diff to 10.5 docs branch from trunk revision 777141.
Files Changed
MODIFY /db/derby/docs/branches/10.5/src/devguide/cdevcsecure67151.dita

[ Permalink | « Hide ]
Kim Haase added a comment - 21/May/09 03:10 PM
Thanks very much, Myrna.

Committed patch DERBY-4229.diff to documentation trunk at revision 777141.
Merged to 10.5 branch at revision 777148.

Kim Haase made changes - 21/May/09 03:10 PM
Status Open [ 1 ] Resolved [ 5 ]
Derby Info [Patch Available]
Resolution Fixed [ 1 ]
[ Permalink | « Hide ]
Kim Haase added a comment - 29/Jun/09 05:19 PM
Fix now appears in Latest Alpha Manuals, so closing issue.

Kim Haase made changes - 29/Jun/09 05:19 PM
Status Resolved [ 5 ] Closed [ 6 ]
Kathey Marsden made changes - 16/Jul/09 09:24 PM
Fix Version/s 10.5.2.0 [ 12314116 ]
Fix Version/s 10.5.1.2 [ 12313870 ]

Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.5-#360) - Bug/feature request - Atlassian news - Contact Administrators