Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-3710

cannot access a database using AES encryption with encryptionKeyLength=192 after it's been shutdown

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 10.5.1.1
    • Fix Version/s: 10.5.3.0, 10.6.1.0
    • Component/s: Services
    • Labels:
      None
    • Environment:
      reproduced with ibm's jdk 1.5 and 1.6, and sun's jdk15.
      AES encryption with encryptionKeyLength=192 requires unrestricted security policy jars on your jvm
    • Urgency:
      Normal
    • Issue & fix info:
      Repro attached
    • Bug behavior facts:
      Data corruption

      Description

      Accessing a database created using encryptionAlgorithm: AES/CBC/NoPadding, and encryptionKeyLength=192 after it's been shutdown fails like so:
      -----------------------
      ERROR XJ040: Failed to start database 'encdbcbc_192', see the next exception for details.
      ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password.
      ----------------------

      This does not occur when you use encryptionKeyLength=128 (does not require unrestricted jars) nor encryptionKeyLength=256 (does require unrestricted policy jars).

      Note: our test (in derbyall): store/aes.sql does not test this, firstly it doesn't test the larger sizes (because it would diff & fail unless you have been able to adjust your jvm's policy jars), and secondly it doesn't shutdown before reconnecting.

        Attachments

        1. derby-3710-01-aa-digestPaddedPassword.diff
          6 kB
          Rick Hillegas
        2. derby-3710-01-ab-digestPaddedPassword.diff
          6 kB
          Rick Hillegas
        3. repro.sql
          3 kB
          Myrna van Lunteren
        4. repro-3710.sql
          2 kB
          Rick Hillegas

          Issue Links

            Activity

              People

              • Assignee:
                rhillegas Rick Hillegas
                Reporter:
                myrna Myrna van Lunteren
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: