db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kathey Marsden (JIRA)" <j...@apache.org>
Subject [jira] Created: (DERBY-4229) encryptionKeyLength connection attribute should be documented
Date Thu, 14 May 2009 20:05:45 GMT
encryptionKeyLength connection attribute should be documented

                 Key: DERBY-4229
                 URL: https://issues.apache.org/jira/browse/DERBY-4229
             Project: Derby
          Issue Type: Bug
          Components: Documentation
            Reporter: Kathey Marsden

The developer guide says:

The length of the encryption key depends on the algorithm used:
AES (128, 192, and 256 bits) 
DES (the default) (56 bits) 
DESede (168 bits) 
All other algorithms (128 bits) 
Note: The boot password should have at least as many characters as number of bytes in the
encryption key (56 bits=8 bytes, 168 bits=24 bytes, 128 bits=16 bytes). The minimum number
of characters for the boot password allowed by Derby is eight.

For AES, however,  it does not tell how to change the default key length  of 128.  This can
be changed with the encryptionKeyLength connection attribute.  The documentation should also
specify that special policy files for the JRE may be necessary to accomodate the longer length.

Also note that there is an outstanding issue DERBY-3710 regarding length of 192 for AES.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message