db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-4328) The Developer's Guide falsely claims that you can use SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY to change the boot password on an encrypted database.
Date Mon, 17 Aug 2009 15:43:14 GMT

    [ https://issues.apache.org/jira/browse/DERBY-4328?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12744105#action_12744105
] 

Rick Hillegas commented on DERBY-4328:
--------------------------------------

Thanks for pointing this out, Knut. I can verify that the following script runs as expected:

connect 'jdbc:derby:memory:encdbcbc_128;create=true;dataEncryption=true;encryptionKeyLength=128;encryptionAlgorithm=AES/CBC/NoPadding;bootPassword=Thursday';
create table t1(i1 int);
insert into t1 values ( 1);
select * from t1;
call SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('bootPassword', 'Thursday , Saturday');
disconnect;
connect 'jdbc:derby:memory:encdbcbc_128;shutdown=true';

-- should fail
connect 'jdbc:derby:memory:encdbcbc_128;dataEncryption=true;encryptionKeyLength=128;encryptionAlgorithm=AES/CBC/NoPadding;bootPassword=Thursday';

-- should succeed
connect 'jdbc:derby:memory:encdbcbc_128;dataEncryption=true;encryptionKeyLength=128;encryptionAlgorithm=AES/CBC/NoPadding;bootPassword=Saturday';
select * from t1;
disconnect;

But now I don't understand how the passwords are supposed to be escaped if they contain commas
or end in whitespace. It doesn't appear to me that the code addresses this issue. The second
argument is parsed into old and new passwords by JCECipherFactory.changeBootPassword(). That
method seems to just look for the first comma, then trims all the trailing whitespace off
of the first boot password. See this script:

connect 'jdbc:derby:memory:encdbcbc_128;create=true;dataEncryption=true;encryptionKeyLength=128;encryptionAlgorithm=AES/CBC/NoPadding;bootPassword=Thursday
,';
create table t1(i1 int);
insert into t1 values ( 1);
select * from t1;

-- this fails to parse the old boot password
call SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('bootPassword', 'Thursday , , Saturday');
disconnect;
connect 'jdbc:derby:memory:encdbcbc_128;shutdown=true';

-- succeeds
connect 'jdbc:derby:memory:encdbcbc_128;dataEncryption=true;encryptionKeyLength=128;encryptionAlgorithm=AES/CBC/NoPadding;bootPassword=Thursday
,';
select * from t1;
disconnect;

-- fails
connect 'jdbc:derby:memory:encdbcbc_128;dataEncryption=true;encryptionKeyLength=128;encryptionAlgorithm=AES/CBC/NoPadding;bootPassword=Saturday';

If someone wants to re-instate this documentation, then I think that the new documentation
should address the escaping topic. I can see a couple resolutions of this issue:

1) Leave the situation as it is. Don't re-instate this documentation. Users can continue to
change the boot password using the currently documented technique. The currently documented
technique may have its own escaping issues involving semicolons.

2) Re-instate the documentation with a note that this technique will not work for boot passwords
which contain commas or end in whitespace.

3) Invent some escaping syntax, wire it into JCECipherFactory, then describe that in the re-instated
documentation. If we go this route, then we may want to make the escaping syntax work for
the other (currently documented) technique for changing boot passwords.


> The Developer's Guide falsely claims that you can use SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY
to change the boot password on an encrypted database.
> --------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-4328
>                 URL: https://issues.apache.org/jira/browse/DERBY-4328
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>            Reporter: Rick Hillegas
>            Assignee: Rick Hillegas
>             Fix For: 10.5.3.0
>
>         Attachments: derby-4328-01-aa-removeFalseReencryptionClaim.diff
>
>
> This claim is made in the section titled 'Changing the boot password'. If you try to
run the example, you get this error:
> CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY( 'bootPassword', 'Thursday' , 'Saturday');
> ERROR 42Y03: 'SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY' is not recognized as a function
or procedure.
> The correct way to change the boot password is documented earlier on in the section titled
'Encrypting databases with a new boot password'. We should remove the section titled 'Changing
the boot password'.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message