db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bryan Pendleton (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-4493) encryptionAlgorithm is ignored at boot, but Documentation states it is required
Date Sat, 26 Dec 2009 19:44:29 GMT

    [ https://issues.apache.org/jira/browse/DERBY-4493?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12794642#action_12794642

Bryan Pendleton commented on DERBY-4493:

Sent a mail to the derby-dev list to try to get clarification on some of the confusing behaviors
in this area.

> encryptionAlgorithm is ignored at boot, but Documentation states it is required
> -------------------------------------------------------------------------------
>                 Key: DERBY-4493
>                 URL: https://issues.apache.org/jira/browse/DERBY-4493
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions:
>         Environment: Windows XP SP3 / JRE 1.5 / Derby embedded.
>            Reporter: Sven Pedersen
>            Assignee: Bryan Pendleton
>            Priority: Minor
> The documentation @ http://db.apache.org/derby/docs/10.5/devguide/tdevdvlp40140.html
> states that 
> "If the algorithm that was used when the database was created is not the default algorithm,
you must also specify the encryptionAlgorithm attribute"
> yet when I gave the wrong value of "DES/CBC/NoPadding", having created the database with
"DESede", it booted without a problem. I was concerned that it might not have actually encrypted
with the correct algorithm, given this Java bug:
> http://forums.sun.com/thread.jspa?threadID=5129170&start=15
> I was concerned that it might not use strong (>128 bit) encryption. Other people may
be similarly concerned about what the documentation seems to say, given the behavior of the
code. I think that statement in quotes should be removed entirely, and one stating something
to the effect of 
> "Just supply the bootPassword or encryptionKey attributes to boot the database."
> Should replace it.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message