Derby
  1. Derby
  2. DERBY-5622

Reduce the chance for hash collisions when checking bootPassword at boot time and when changing password.

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 10.8.3.0, 10.9.2.2, 10.10.1.1
    • Component/s: Store
    • Labels:
      None
    • Bug behavior facts:
      Data corruption, Security

      Description

      There are two issues, already seen in DERBY-2687:

      "the boot issue": there is a 1/2**16 chance that a wrong bootPassword will allow boot to proceed (but since its decoded key is wrong the boot will fail).
      "the password change" issue: similarly, there is a chance that the wrong bootPassword will be accepted trying to change it via
      SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('bootPassword', ...) at least for algorithms that do not check IV (initialization vector) in addition to the
      digest, e.g. "DES/ECB/NoPadding"

      The latter case may lead to data corruption, cf. DERBY-2687 discussion. I think the risk is fairly low, though: One would need to have execution permission to change the property if SQL authorization is used, and in most scenarios the supplied existing password would be correct. But since the results can be bad, it would be good to reduce or eliminate the risk.

      1. derby-5622-instrumentation.diff
        2 kB
        Dag H. Wanvik
      2. repro.sh
        1 kB
        Dag H. Wanvik
      3. derby-5622-01-aa-decryptEncryptedSample.diff
        3 kB
        Rick Hillegas
      4. derby-5622-TT-fixWithTestScaffolding.diff
        4 kB
        Rick Hillegas
      5. derby-5622-repro.sql
        0.4 kB
        Rick Hillegas

        Issue Links

          Activity

          Dag H. Wanvik created issue -
          Dag H. Wanvik made changes -
          Field Original Value New Value
          Description There are two issues, already seen in DERBY-2687:

             "the boot issue": there is a 1/2**16 chance that a wrong bootpassword will allow boot to proceed (but since its decoded key is wrong the boot will fail).
             "the oassword change" issue: similarly, there is a chance that the wrong bootpassword will be accepted trying to change it via
              SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('bootPassword', ...) at least for algorithms that do not check IV (initialization vector) in addition to the
              digest, e.g. "DES/ECB/NoPadding"

          The latter case may lead to data corruption, cf. DERBY-2687 discussion. I think the risk is fairly low, though: One would need to have execution permission to change the property if SQL authorization is used, and in most scenarios the supplied existing password would be correct. But since the results can be bad, it would be good to reduce or eliminate the risk.
          There are two issues, already seen in DERBY-2687:

             "the boot issue": there is a 1/2**16 chance that a wrong bootPassword will allow boot to proceed (but since its decoded key is wrong the boot will fail).
             "the password change" issue: similarly, there is a chance that the wrong bootPassword will be accepted trying to change it via
              SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('bootPassword', ...) at least for algorithms that do not check IV (initialization vector) in addition to the
              digest, e.g. "DES/ECB/NoPadding"

          The latter case may lead to data corruption, cf. DERBY-2687 discussion. I think the risk is fairly low, though: One would need to have execution permission to change the property if SQL authorization is used, and in most scenarios the supplied existing password would be correct. But since the results can be bad, it would be good to reduce or eliminate the risk.
          Dag H. Wanvik made changes -
          Link This issue is related to DERBY-2687 [ DERBY-2687 ]
          Dag H. Wanvik made changes -
          Attachment derby-5622-instrumentation.diff [ 12531008 ]
          Attachment repro.sh [ 12531009 ]
          Kim Haase made changes -
          Link This issue is related to DERBY-5805 [ DERBY-5805 ]
          Rick Hillegas made changes -
          Attachment derby-5622-01-aa-decryptEncryptedSample.diff [ 12531874 ]
          Attachment derby-5622-TT-fixWithTestScaffolding.diff [ 12531875 ]
          Attachment derby-5622-repro.sql [ 12531876 ]
          Rick Hillegas made changes -
          Status Open [ 1 ] Resolved [ 5 ]
          Fix Version/s 10.8.2.3 [ 12318540 ]
          Fix Version/s 10.9.1.1 [ 12321551 ]
          Fix Version/s 10.10.0.0 [ 12321550 ]
          Resolution Fixed [ 1 ]
          Kathey Marsden made changes -
          Fix Version/s 10.8.3.0 [ 12323456 ]
          Fix Version/s 10.8.2.3 [ 12318540 ]
          Kathey Marsden made changes -
          Fix Version/s 10.9.2.0 [ 12323562 ]
          Fix Version/s 10.9.1.1 [ 12321551 ]
          Gavin made changes -
          Workflow jira [ 12653821 ] Default workflow, editable Closed status [ 12796954 ]
          Knut Anders Hatlen made changes -
          Status Resolved [ 5 ] Closed [ 6 ]

            People

            • Assignee:
              Unassigned
              Reporter:
              Dag H. Wanvik
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development