Derby
  1. Derby
  2. DERBY-1740

Change error message to indicate encryptionkey length to be atleast 16 characters instead of 8 characters

    Details

    • Urgency:
      Normal
    • Issue & fix info:
      Repro attached

      Description

      While attempting to create a encrypted database with even key length of 14 characters, it fails with the error message indicating the key length should be atleast 8 characters.


      -- Attempt to encrypt using key of lenght 14

      ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=11223344556677';
      ERROR XJ041: Failed to create database 'adb', see the next exception for details.
      ERROR XBM01: Startup failed due to an exception. See next exception for details.

      ERROR XBCX2: Initializing cipher with a boot password that is too short. The password must be at least 8 characters long.

      --Requires 16 characters for the encryptionKey

      ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=1122334455667788';
      ij>

      1. derby-1740-1a.diff
        3 kB
        Kristian Waagan

        Activity

        Hide
        Mike Matrigali added a comment -

        triaged for 10.9

        Show
        Mike Matrigali added a comment - triaged for 10.9
        Hide
        Knut Anders Hatlen added a comment -

        Triaged for 10.5.2.

        Show
        Knut Anders Hatlen added a comment - Triaged for 10.5.2.
        Hide
        Andrew McIntyre added a comment -

        Unsetting Fix Version for unassigned issues.

        Show
        Andrew McIntyre added a comment - Unsetting Fix Version for unassigned issues.
        Hide
        Rick Hillegas added a comment -

        Move to 10.2.3.0.

        Show
        Rick Hillegas added a comment - Move to 10.2.3.0.
        Hide
        Rick Hillegas added a comment -

        Moving to 10.2.2.0.

        Show
        Rick Hillegas added a comment - Moving to 10.2.2.0.
        Hide
        Francois Orsini added a comment -

        > It seems the concepts of 'bootPassword' and 'encryptionKey' are pretty much unrelated [in Derby].
        > If you create the database with a boot password, you must always boot the database with a boot password.
        > You cannot specify a "corresponding" encryption key to boot it. The same goes for encryptionKey, you cannot
        > boot it using a corresponding boot password.
        > Is my understanding correct?

        That is correct Kristian. You use either one of them but not both at the same time - as well as you can't use some encryption key generated out of a bootPassword as it is not made available (not known).

        > Further, it seems code handling these two concepts are co-located in the same classes/methods,
        > and often a single error message is used for error-situations for both concepts.
        > For instance, if I create an encrypted database using the encryptionKey attribute and try to boot it using
        > an incorrect encryptionKey, or by using the bootPassword attribute, I get:
        > ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password.
        > Also, specifying both attributes gives the same exception/SQLState as above.

        Correct - This is what the code does at the moment.

        > Thus it seems this Jira is only one of several related problems/inaccuracies related to
        > creating/booting encrypted databases.
        > Can anyone with more knowledge comment on this?

        Yes, error messaging has to be improved for some of the various scenarios you already came accross...

        The bootPassword must be of at least 8 bytes as the default cipher algorithm is DES (56 bits)...The external encryption key (when specified instead of the bootPassword) should be of a particular length (Hex string) depending on the cipher algorithm being specified or not (default being DES)...Of course, the minimum for the external encryption key also has to be of 16 bytes (8x2) (with a default cipher as DES).

        Your patch looks good IMO. I would re-phrase the error message into something like:
        XBCXM.S.1=The length of the external encryption key is

        {0}

        , it should be of at least

        {1}

        .

        Yes it is ok to use bytes for the bootPassword and hex string length for the (external) encryption key as a the units.

        Hope this helps a bit. There are some improvements that can be done in this area of code - certainly some refactoring as well as better handling of encryption key length, determining weak and semi-weak keys (other than just for DES - e.g. 3DES) ) for the various supported crypto cipher algorithms wherever it makes sense...

        You should test the patch with the database encryption test suite as well of course.

        Show
        Francois Orsini added a comment - > It seems the concepts of 'bootPassword' and 'encryptionKey' are pretty much unrelated [in Derby] . > If you create the database with a boot password, you must always boot the database with a boot password. > You cannot specify a "corresponding" encryption key to boot it. The same goes for encryptionKey, you cannot > boot it using a corresponding boot password. > Is my understanding correct? That is correct Kristian. You use either one of them but not both at the same time - as well as you can't use some encryption key generated out of a bootPassword as it is not made available (not known). > Further, it seems code handling these two concepts are co-located in the same classes/methods, > and often a single error message is used for error-situations for both concepts. > For instance, if I create an encrypted database using the encryptionKey attribute and try to boot it using > an incorrect encryptionKey, or by using the bootPassword attribute, I get: > ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password. > Also, specifying both attributes gives the same exception/SQLState as above. Correct - This is what the code does at the moment. > Thus it seems this Jira is only one of several related problems/inaccuracies related to > creating/booting encrypted databases. > Can anyone with more knowledge comment on this? Yes, error messaging has to be improved for some of the various scenarios you already came accross... The bootPassword must be of at least 8 bytes as the default cipher algorithm is DES (56 bits)...The external encryption key (when specified instead of the bootPassword) should be of a particular length (Hex string) depending on the cipher algorithm being specified or not (default being DES)...Of course, the minimum for the external encryption key also has to be of 16 bytes (8x2) (with a default cipher as DES). Your patch looks good IMO. I would re-phrase the error message into something like: XBCXM.S.1=The length of the external encryption key is {0} , it should be of at least {1} . Yes it is ok to use bytes for the bootPassword and hex string length for the (external) encryption key as a the units. Hope this helps a bit. There are some improvements that can be done in this area of code - certainly some refactoring as well as better handling of encryption key length, determining weak and semi-weak keys (other than just for DES - e.g. 3DES) ) for the various supported crypto cipher algorithms wherever it makes sense... You should test the patch with the database encryption test suite as well of course.
        Hide
        Andreas Korneliussen added a comment -

        Unsetting the urgency flag. I think the urgency should be set to normal, as it is a matter of incorrect error message, and not a bug which may cause data corruption etc.

        Show
        Andreas Korneliussen added a comment - Unsetting the urgency flag. I think the urgency should be set to normal, as it is a matter of incorrect error message, and not a bug which may cause data corruption etc.
        Hide
        Kristian Waagan added a comment -

        I think my previous comment is incorrect. Can anyone help my out here?

        It seems the concepts of 'bootPassword' and 'encryptionKey' are pretty much unrelated [in Derby]. If you create the database with a boot password, you must always boot the database with a boot password. You cannot specify a "corresponding" encryption key to boot it. The same goes for encryptionKey, you cannot boot it using a corresponding boot password.
        Is my understanding correct?

        Further, it seems code handling these two concepts are co-located in the same classes/methods, and often a single error message is used for error-situations for both concepts.
        For instance, if I create an encrypted database using the encryptionKey attribute and try to boot it using an incorrect encryptionKey, or by using the bootPassword attribute, I get:
        ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password.

        Also, specifying both attributes gives the same exception/SQLState as above.

        Thus it seems this Jira is only one of several related problems/inaccuracies related to creating/booting encrypted databases.
        Can anyone with more knowledge comment on this?

        Show
        Kristian Waagan added a comment - I think my previous comment is incorrect. Can anyone help my out here? It seems the concepts of 'bootPassword' and 'encryptionKey' are pretty much unrelated [in Derby] . If you create the database with a boot password, you must always boot the database with a boot password. You cannot specify a "corresponding" encryption key to boot it. The same goes for encryptionKey, you cannot boot it using a corresponding boot password. Is my understanding correct? Further, it seems code handling these two concepts are co-located in the same classes/methods, and often a single error message is used for error-situations for both concepts. For instance, if I create an encrypted database using the encryptionKey attribute and try to boot it using an incorrect encryptionKey, or by using the bootPassword attribute, I get: ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password. Also, specifying both attributes gives the same exception/SQLState as above. Thus it seems this Jira is only one of several related problems/inaccuracies related to creating/booting encrypted databases. Can anyone with more knowledge comment on this?
        Hide
        Kristian Waagan added a comment -

        The patch 'derby-1740-1a.diff' is a draft patch. I would like some feedback on it.
        Is it a viable solution to the problem?
        The error message contains two integers describing the length of the external encryption key. But what unit should be used? The external encryption key is a hexadecimal string generated by a utility method in Derby, where a byte is split into a high and a low nibble.
        A password of 8 characters, would result in an encryption key of length 16 [units] (if converted/processed by Derby). Is it okay to use characters as the unit?

        I have only tested the patch with the repro, it is not ready for commit.

        Show
        Kristian Waagan added a comment - The patch 'derby-1740-1a.diff' is a draft patch. I would like some feedback on it. Is it a viable solution to the problem? The error message contains two integers describing the length of the external encryption key. But what unit should be used? The external encryption key is a hexadecimal string generated by a utility method in Derby, where a byte is split into a high and a low nibble. A password of 8 characters, would result in an encryption key of length 16 [units] (if converted/processed by Derby). Is it okay to use characters as the unit? I have only tested the patch with the repro, it is not ready for commit.
        Hide
        Kristian Waagan added a comment -

        Thank you Rajesh

        The reason I asked for more information was that I did not see the problem when I thought I ran the repro from the description. Maybe I copied the valid connection string twice...

        Anyway, I am now seeing the problem on both Solaris (x86) and Linux (amd64). The extra information you provided will be helpful for the person taking this issue on!

        Regards,

        Show
        Kristian Waagan added a comment - Thank you Rajesh The reason I asked for more information was that I did not see the problem when I thought I ran the repro from the description. Maybe I copied the valid connection string twice... Anyway, I am now seeing the problem on both Solaris (x86) and Linux (amd64). The extra information you provided will be helpful for the person taking this issue on! Regards,
        Hide
        Rajesh Kartha added a comment -

        The issue is only when the 'encryptionKey' paramater is used and is of length less than 16. For example:

        connect 'jdbc:derby:adb;create=true;dataEncryption=true;encryptionKey=11223344556677';
        the error message is:
        ERROR XBCX2: Initializing cipher with a boot password that is too short, must be at least 8 characters long

        Two issues here are:
        1) the length should mention 'atleast 16 characters long'
        2) the message indicates 'boot password' shouldn't that be made 'encryption key'

        Note: In this case I am not using any specific security provider. For the 'bootPassword' parameter the message and behaviour is consistent.

        Stack Trace:
        ===========
        Here is the stack trace from the sane build of trunk:
        C:\derby\trunk\TEST>java -Dij.exceptionTrace=true org.apache.derby.tools.ij
        ij version 10.3
        ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;encryptionKey=11223344556677';
        ERROR XJ041: Failed to create database 'adb', see the next exception for details
        .
        java.sql.SQLException: Failed to create database 'adb', see the next exception for details.
        at org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(SQLExceptionFactory.java:45)
        at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:89)
        at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:95)
        at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Util.java:174)

        at org.apache.derby.impl.jdbc.EmbedConnection.newSQLException(EmbedConnection.java:1985)
        at org.apache.derby.impl.jdbc.EmbedConnection.createDatabase(EmbedConnection.java:1600)
        at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:250)
        at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73)
        at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:74)
        at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:210)
        at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:117)
        at java.sql.DriverManager.getConnection(DriverManager.java:525)
        at java.sql.DriverManager.getConnection(DriverManager.java:140)
        at org.apache.derby.impl.tools.ij.ij.dynamicConnection(ij.java:1109)
        at org.apache.derby.impl.tools.ij.ij.ConnectStatement(ij.java:959)
        at org.apache.derby.impl.tools.ij.ij.ijStatement(ij.java:787)
        at org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:327)
        at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:249)
        at org.apache.derby.impl.tools.ij.Main.go(Main.java:204)
        at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:170)
        at org.apache.derby.impl.tools.ij.Main14.main(Main14.java:56)
        at org.apache.derby.tools.ij.main(ij.java:70)
        ERROR XBM01: Startup failed due to an exception. See next exception for details.
        ERROR XBM01: Startup failed due to an exception. See next exception for details.
        at org.apache.derby.iapi.error.StandardException.newException(StandardException.java:298)
        at org.apache.derby.iapi.services.monitor.Monitor.exceptionStartingModule(Monitor.java:669)
        at org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1850)
        at org.apache.derby.impl.services.monitor.BaseMonitor.createPersistentService(BaseMonitor.java:1014)
        at org.apache.derby.iapi.services.monitor.Monitor.createPersistentService(Monitor.java:588)
        at org.apache.derby.impl.jdbc.EmbedConnection.createDatabase(EmbedConnection.java:1593)
        at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:250)
        at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73)
        at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:74)
        at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:210)

        at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:117)
        at java.sql.DriverManager.getConnection(DriverManager.java:525)
        at java.sql.DriverManager.getConnection(DriverManager.java:140)
        at org.apache.derby.impl.tools.ij.ij.dynamicConnection(ij.java:1109)
        at org.apache.derby.impl.tools.ij.ij.ConnectStatement(ij.java:959)
        at org.apache.derby.impl.tools.ij.ij.ijStatement(ij.java:787)
        at org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:327)
        at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:249)
        at org.apache.derby.impl.tools.ij.Main.go(Main.java:204)
        at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:170)
        at org.apache.derby.impl.tools.ij.Main14.main(Main14.java:56)
        at org.apache.derby.tools.ij.main(ij.java:70)
        ERROR XBCX2: Initializing cipher with a boot password that is too short. The password must be at least 8 characters long.
        ERROR XBCX2: Initializing cipher with a boot password that is too short. The password must be at least 8 characters long.
        at org.apache.derby.iapi.error.StandardException.newException(StandardException.java:305)
        at org.apache.derby.impl.services.jce.JCECipherFactory.generateKey(JCECipherFactory.java:308)
        at org.apache.derby.impl.services.jce.JCECipherFactory.init(JCECipherFactory.java:610)
        at org.apache.derby.impl.services.jce.JCECipherFactory.<init>(JCECipherFactory.java:136)
        at org.apache.derby.impl.services.jce.JCECipherFactoryBuilder.createCipherFactory(JCECipherFactoryBuilder.java:60)
        at org.apache.derby.impl.store.raw.RawStore.setupEncryptionEngines(RawStore.java:1186)
        at org.apache.derby.impl.store.raw.RawStore.boot(RawStore.java:203)
        at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1997)
        at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:291)
        at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:543)
        at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:419)
        at org.apache.derby.impl.store.access.RAMAccessManager.boot(RAMAccessManager.java:988)
        at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1997)
        at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:291)
        at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:543)
        at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:419)
        at org.apache.derby.impl.db.BasicDatabase.bootStore(BasicDatabase.java:739)
        at org.apache.derby.impl.db.BasicDatabase.boot(BasicDatabase.java:179)
        at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1997)
        at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:291)
        at org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1832)
        at org.apache.derby.impl.services.monitor.BaseMonitor.createPersistentService(BaseMonitor.java:1014)
        at org.apache.derby.iapi.services.monitor.Monitor.createPersistentService(Monitor.java:588)
        at org.apache.derby.impl.jdbc.EmbedConnection.createDatabase(EmbedConnection.java:1593)
        at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:250)
        at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73)
        at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:74)
        at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:210)
        at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:117)
        at java.sql.DriverManager.getConnection(DriverManager.java:525)
        at java.sql.DriverManager.getConnection(DriverManager.java:140)
        at org.apache.derby.impl.tools.ij.ij.dynamicConnection(ij.java:1109)
        at org.apache.derby.impl.tools.ij.ij.ConnectStatement(ij.java:959)
        at org.apache.derby.impl.tools.ij.ij.ijStatement(ij.java:787)
        at org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:327)
        at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:249)
        at org.apache.derby.impl.tools.ij.Main.go(Main.java:204)
        at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:170)
        at org.apache.derby.impl.tools.ij.Main14.main(Main14.java:56)
        at org.apache.derby.tools.ij.main(ij.java:70)
        ij>

        Java:
        ====
        The Java version I am using is:

        java version "1.5.0_02"
        Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_02-b09)
        Java HotSpot(TM) Client VM (build 1.5.0_02-b09, mixed mode)

        10.0
        ====
        The earliest version I had was: 10.0.2.2.349072

        C:\POINTREL\10.0.2.2.349072>java org.apache.derby.tools.ij
        ij version 10.0

        --encryptionKey of 14 characters

        ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;encryptionKey=11223344556677';
        ERROR XJ041: Failed to create database 'adb', see the next exception for details.
        ERROR XBM01: Startup failed due to an exception, see next exception for details.
        ERROR XBCX2: Initializing cipher with a boot password that is too short, must be at least 8 characters long

        --bootPassword of 6 characters, error message is correct, ERROR XBM07

        ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;bootPassword=112233';
        ERROR XJ041: Failed to create database 'adb', see the next exception for details.
        ERROR XBM07: Startup failed, boot password must be at least 8 bytes long.

        --bootPassword of 8 characters, as expected - passes

        ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;bootPassword=11223344';

        --encryptionKey of 16 characters, passes fine

        ij> connect 'jdbc:derby:bdb;create=true;dataEncryption=true;encryptionKey=1122334455667788';
        ij(CONNECTION1)>

        Hope I answered all the questions.

        Show
        Rajesh Kartha added a comment - The issue is only when the 'encryptionKey' paramater is used and is of length less than 16. For example: connect 'jdbc:derby:adb;create=true;dataEncryption=true;encryptionKey=11223344556677'; the error message is: ERROR XBCX2: Initializing cipher with a boot password that is too short, must be at least 8 characters long Two issues here are: 1) the length should mention 'atleast 16 characters long' 2) the message indicates 'boot password' shouldn't that be made 'encryption key' Note: In this case I am not using any specific security provider. For the 'bootPassword' parameter the message and behaviour is consistent. Stack Trace: =========== Here is the stack trace from the sane build of trunk: C:\derby\trunk\TEST>java -Dij.exceptionTrace=true org.apache.derby.tools.ij ij version 10.3 ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;encryptionKey=11223344556677'; ERROR XJ041: Failed to create database 'adb', see the next exception for details . java.sql.SQLException: Failed to create database 'adb', see the next exception for details. at org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(SQLExceptionFactory.java:45) at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:89) at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:95) at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Util.java:174) at org.apache.derby.impl.jdbc.EmbedConnection.newSQLException(EmbedConnection.java:1985) at org.apache.derby.impl.jdbc.EmbedConnection.createDatabase(EmbedConnection.java:1600) at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:250) at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73) at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:74) at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:210) at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:117) at java.sql.DriverManager.getConnection(DriverManager.java:525) at java.sql.DriverManager.getConnection(DriverManager.java:140) at org.apache.derby.impl.tools.ij.ij.dynamicConnection(ij.java:1109) at org.apache.derby.impl.tools.ij.ij.ConnectStatement(ij.java:959) at org.apache.derby.impl.tools.ij.ij.ijStatement(ij.java:787) at org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:327) at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:249) at org.apache.derby.impl.tools.ij.Main.go(Main.java:204) at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:170) at org.apache.derby.impl.tools.ij.Main14.main(Main14.java:56) at org.apache.derby.tools.ij.main(ij.java:70) ERROR XBM01: Startup failed due to an exception. See next exception for details. ERROR XBM01: Startup failed due to an exception. See next exception for details. at org.apache.derby.iapi.error.StandardException.newException(StandardException.java:298) at org.apache.derby.iapi.services.monitor.Monitor.exceptionStartingModule(Monitor.java:669) at org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1850) at org.apache.derby.impl.services.monitor.BaseMonitor.createPersistentService(BaseMonitor.java:1014) at org.apache.derby.iapi.services.monitor.Monitor.createPersistentService(Monitor.java:588) at org.apache.derby.impl.jdbc.EmbedConnection.createDatabase(EmbedConnection.java:1593) at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:250) at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73) at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:74) at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:210) at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:117) at java.sql.DriverManager.getConnection(DriverManager.java:525) at java.sql.DriverManager.getConnection(DriverManager.java:140) at org.apache.derby.impl.tools.ij.ij.dynamicConnection(ij.java:1109) at org.apache.derby.impl.tools.ij.ij.ConnectStatement(ij.java:959) at org.apache.derby.impl.tools.ij.ij.ijStatement(ij.java:787) at org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:327) at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:249) at org.apache.derby.impl.tools.ij.Main.go(Main.java:204) at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:170) at org.apache.derby.impl.tools.ij.Main14.main(Main14.java:56) at org.apache.derby.tools.ij.main(ij.java:70) ERROR XBCX2: Initializing cipher with a boot password that is too short. The password must be at least 8 characters long. ERROR XBCX2: Initializing cipher with a boot password that is too short. The password must be at least 8 characters long. at org.apache.derby.iapi.error.StandardException.newException(StandardException.java:305) at org.apache.derby.impl.services.jce.JCECipherFactory.generateKey(JCECipherFactory.java:308) at org.apache.derby.impl.services.jce.JCECipherFactory.init(JCECipherFactory.java:610) at org.apache.derby.impl.services.jce.JCECipherFactory.<init>(JCECipherFactory.java:136) at org.apache.derby.impl.services.jce.JCECipherFactoryBuilder.createCipherFactory(JCECipherFactoryBuilder.java:60) at org.apache.derby.impl.store.raw.RawStore.setupEncryptionEngines(RawStore.java:1186) at org.apache.derby.impl.store.raw.RawStore.boot(RawStore.java:203) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1997) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:291) at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:543) at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:419) at org.apache.derby.impl.store.access.RAMAccessManager.boot(RAMAccessManager.java:988) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1997) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:291) at org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:543) at org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:419) at org.apache.derby.impl.db.BasicDatabase.bootStore(BasicDatabase.java:739) at org.apache.derby.impl.db.BasicDatabase.boot(BasicDatabase.java:179) at org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1997) at org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:291) at org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1832) at org.apache.derby.impl.services.monitor.BaseMonitor.createPersistentService(BaseMonitor.java:1014) at org.apache.derby.iapi.services.monitor.Monitor.createPersistentService(Monitor.java:588) at org.apache.derby.impl.jdbc.EmbedConnection.createDatabase(EmbedConnection.java:1593) at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:250) at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73) at org.apache.derby.jdbc.Driver30.getNewEmbedConnection(Driver30.java:74) at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:210) at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:117) at java.sql.DriverManager.getConnection(DriverManager.java:525) at java.sql.DriverManager.getConnection(DriverManager.java:140) at org.apache.derby.impl.tools.ij.ij.dynamicConnection(ij.java:1109) at org.apache.derby.impl.tools.ij.ij.ConnectStatement(ij.java:959) at org.apache.derby.impl.tools.ij.ij.ijStatement(ij.java:787) at org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:327) at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:249) at org.apache.derby.impl.tools.ij.Main.go(Main.java:204) at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:170) at org.apache.derby.impl.tools.ij.Main14.main(Main14.java:56) at org.apache.derby.tools.ij.main(ij.java:70) ij> Java: ==== The Java version I am using is: java version "1.5.0_02" Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_02-b09) Java HotSpot(TM) Client VM (build 1.5.0_02-b09, mixed mode) 10.0 ==== The earliest version I had was: 10.0.2.2.349072 C:\POINTREL\10.0.2.2.349072>java org.apache.derby.tools.ij ij version 10.0 – --encryptionKey of 14 characters – ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;encryptionKey=11223344556677'; ERROR XJ041: Failed to create database 'adb', see the next exception for details. ERROR XBM01: Startup failed due to an exception, see next exception for details. ERROR XBCX2: Initializing cipher with a boot password that is too short, must be at least 8 characters long – --bootPassword of 6 characters, error message is correct, ERROR XBM07 – ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;bootPassword=112233'; ERROR XJ041: Failed to create database 'adb', see the next exception for details. ERROR XBM07: Startup failed, boot password must be at least 8 bytes long. – --bootPassword of 8 characters, as expected - passes – ij> connect 'jdbc:derby:adb;create=true;dataEncryption=true;bootPassword=11223344'; – --encryptionKey of 16 characters, passes fine – ij> connect 'jdbc:derby:bdb;create=true;dataEncryption=true;encryptionKey=1122334455667788'; ij(CONNECTION1)> Hope I answered all the questions.
        Hide
        Kristian Waagan added a comment -

        Could you provide more detail on this issue?
        I'm not able to reproduce it. It caught my interest because I worked on DERBY-788.

        1) Is the 'Affects Version/s' correct?
        It is terribly old

        2) What JVM and security provider did you use?

        3) Do you have a stack trace?
        In the trunk, there are only two places where the exception can be thrown.

        Thanks,

        Show
        Kristian Waagan added a comment - Could you provide more detail on this issue? I'm not able to reproduce it. It caught my interest because I worked on DERBY-788 . 1) Is the 'Affects Version/s' correct? It is terribly old 2) What JVM and security provider did you use? 3) Do you have a stack trace? In the trunk, there are only two places where the exception can be thrown. Thanks,
        Hide
        Rajesh Kartha added a comment -

        update fix versions

        Show
        Rajesh Kartha added a comment - update fix versions

          People

          • Assignee:
            Unassigned
            Reporter:
            Rajesh Kartha
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:

              Development