db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-3710) cannot access a database using AES encryption with encryptionKeyLength=192 after it's been shutdown
Date Mon, 03 Aug 2009 14:29:14 GMT

    [ https://issues.apache.org/jira/browse/DERBY-3710?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12738361#action_12738361
] 

Rick Hillegas commented on DERBY-3710:
--------------------------------------

Hi Dag,

Have you tried downloading and installing the "Java Cryptography Extension (JCE) Unlimited
Strength Jurisdiction Policy Files 6" from http://java.sun.com/javase/downloads/index.jsp
? Are you not allowed to use this strong encryption because you live in Norway?

Thanks,
-Rick

> cannot access a database using AES encryption with encryptionKeyLength=192 after it's
been shutdown
> ---------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-3710
>                 URL: https://issues.apache.org/jira/browse/DERBY-3710
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.5.1.1
>         Environment: reproduced with ibm's jdk 1.5 and 1.6, and sun's jdk15. 
> AES encryption with encryptionKeyLength=192 requires unrestricted security policy jars
on your jvm
>            Reporter: Myrna van Lunteren
>            Assignee: Rick Hillegas
>         Attachments: derby-3710-01-aa-digestPaddedPassword.diff, derby-3710-01-ab-digestPaddedPassword.diff,
repro-3710.sql, repro.sql
>
>
> Accessing a database created using encryptionAlgorithm: AES/CBC/NoPadding, and encryptionKeyLength=192
after it's been shutdown fails like so:
> -----------------------
> ERROR XJ040: Failed to start database 'encdbcbc_192', see the next exception for details.
> ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct
boot password.
> ----------------------
> This does not occur when you use encryptionKeyLength=128 (does not require unrestricted
jars) nor encryptionKeyLength=256 (does require unrestricted policy jars).
> Note: our test (in derbyall): store/aes.sql does not test this, firstly it doesn't test
the larger sizes (because it would diff & fail unless you have been able to adjust your
jvm's policy jars), and secondly it doesn't shutdown before reconnecting.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message