Derby
  1. Derby
  2. DERBY-3710

cannot access a database using AES encryption with encryptionKeyLength=192 after it's been shutdown

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 10.5.1.1
    • Fix Version/s: 10.5.3.0, 10.6.1.0
    • Component/s: Services
    • Labels:
      None
    • Environment:
      reproduced with ibm's jdk 1.5 and 1.6, and sun's jdk15.
      AES encryption with encryptionKeyLength=192 requires unrestricted security policy jars on your jvm
    • Urgency:
      Normal
    • Issue & fix info:
      Repro attached
    • Bug behavior facts:
      Data corruption

      Description

      Accessing a database created using encryptionAlgorithm: AES/CBC/NoPadding, and encryptionKeyLength=192 after it's been shutdown fails like so:
      -----------------------
      ERROR XJ040: Failed to start database 'encdbcbc_192', see the next exception for details.
      ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password.
      ----------------------

      This does not occur when you use encryptionKeyLength=128 (does not require unrestricted jars) nor encryptionKeyLength=256 (does require unrestricted policy jars).

      Note: our test (in derbyall): store/aes.sql does not test this, firstly it doesn't test the larger sizes (because it would diff & fail unless you have been able to adjust your jvm's policy jars), and secondly it doesn't shutdown before reconnecting.

      1. derby-3710-01-aa-digestPaddedPassword.diff
        6 kB
        Rick Hillegas
      2. derby-3710-01-ab-digestPaddedPassword.diff
        6 kB
        Rick Hillegas
      3. repro.sql
        3 kB
        Myrna van Lunteren
      4. repro-3710.sql
        2 kB
        Rick Hillegas

        Issue Links

          Activity

            People

            • Assignee:
              Rick Hillegas
              Reporter:
              Myrna van Lunteren
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development