db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mathias Herberts (JIRA)" <derby-...@db.apache.org>
Subject [jira] Updated: (DERBY-1373) Encrypted databases cannot be booted using the jar subprotocol (and possibly also using http/https/classpath)
Date Sun, 25 Jun 2006 12:36:31 GMT
     [ http://issues.apache.org/jira/browse/DERBY-1373?page=all ]

Mathias Herberts updated DERBY-1373:

    Attachment: encryptedJar.patch

Patch meant to be applied to the 10.1 branch.

> Encrypted databases cannot be booted using the jar subprotocol (and possibly also using
> -------------------------------------------------------------------------------------------------------------
>          Key: DERBY-1373
>          URL: http://issues.apache.org/jira/browse/DERBY-1373
>      Project: Derby
>         Type: Bug

>   Components: Store
>     Versions:
>  Environment: Environment does not matter.
>     Reporter: Mathias Herberts
>     Assignee: Mathias Herberts
>      Fix For:
>  Attachments: InputStreamFile.java-patch, InputStreamRandomAccessFile.java, encryptedJar.patch
> An encrypted database cannot be booted when using the jar subprotocol.
> The problem lies in the method run from JCECipherFactory. The call to getRandomAccessFile
returns null when the verifyKeyFile is an instance of InputStreamFile and the key verification
therefore fails.
> The implementation of getRandomAccessFile for InputStreamFile states that its code cannot
be reached which is untrue.
> The provided patch does two things, it provides a new class InputStreamRandomAccessFile
in package org.apache.derby.impl.io. This class provides simple implementations of readInt
and readFully so the key verification process succeeds. A quick scan of the derby source tree
showed no problem or possible impact of this simple implementation.
> The second thing the patch does is to modify org/apache/derby/impl/io/InputStreamFile.java
so the getRandomAccessFile creates an instance of InputStreamRandomAccessFile instead of returning
> This patch has been tested against trunk 410361. It solves the problem at least under
the jar subprotocol.
> The patch has not been tested against http/https/classpath.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message