db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dag H. Wanvik (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-2687) store/encryptDatabase.sql fails intermittently with ClassNotFoundException, Log Corrupted
Date Wed, 15 Feb 2012 17:31:04 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13208598#comment-13208598
] 

Dag H. Wanvik commented on DERBY-2687:
--------------------------------------

Thanks, Knut. That was the piece missing I was missing last night :) Well, that accounts from
the wrong boots we have seen: the check done to allow a boot attempt only relies on the two
byte digest.
The case of the wrong password change allowed ("thursday" vs "Thursday"), that is more unlikely
as far as I can see: in that case, we use
the boot password to decrypt the key, and use that to generate an initialization vector IV
(8 bytes), cf the method in JCECipherFactory:

        private byte[] generateIV(byte[] secretKey)

There is a small change of a collision here too: we transform the bogus secretKey (8 bytes)
to an IV, which is compared against the exisiting one produced with the correct key (decrypted
with the correct boothashword at boot time). Note we only changed one bit in the boot hashword
('T'->'t'): that might increase the likelihood that we decoded a (albeit wrong) key, but
similar, for which we would get the same IV as for the correct key. 
If so, the change of boot password would succeed. Depending on the uniformity or the computation
of the IV hashing, the likelihood of this would vary, but its not impossible as far as I can
see.
                
> store/encryptDatabase.sql fails intermittently with ClassNotFoundException, Log Corrupted
> -----------------------------------------------------------------------------------------
>
>                 Key: DERBY-2687
>                 URL: https://issues.apache.org/jira/browse/DERBY-2687
>             Project: Derby
>          Issue Type: Bug
>          Components: Store
>    Affects Versions: 10.2.2.1, 10.3.1.4
>         Environment: Microsoft Windows XP Professional - 5.1.2600 Service Pack 2, Sun
JVM 1.4.2_08-b03, 10.2.2.1.
> SUSE Linux Enterprise Server 10 (x86_64) (Linux 2.6.16.21-0.8-smp), Sun JVM 1.6.0_01-b06,
trunk (SVN 531991).
> Solaris 10 x86, Sun JVM 1.5.0, SVN 371617 (2006-01-23).
> Solaris 9 SPARC, Sun JVM 1.5.0, SVN 169872 (2005-05-13).
> etc...
>            Reporter: John H. Embretsen
>              Labels: derby_triage10_5_2
>         Attachments: derby.log, tmp-82.zip, wombat.zip
>
>
> Failure seen in derbyall/encryptionAll run on WinXP (10.2.2.1). So far unable to reproduce
(standalone or as part of derbyall, encryptionAll or encryptionBlowfish).
> <method>
> store/encryptDatabase.sql
> </method>
> <signature>
> Failure details:
> ********* Diff file derbyall/encryptionAll/encryptionBlowfish/encryptDatabase.diff
> *** Start: encryptDatabase jdk1.4.2_08 encryptionAll:encryptionBlowfish 2007-05-21 05:07:55
***
> 95 del
> < ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the
correct boot password.
> 95a95
> > ERROR XJ001: Java exception: 'ERROR XBM0U: No class was registered for identifier
15009.: java.lang.ClassNotFoundException'.
> Test Failed.
> *** End:   encryptDatabase jdk1.4.2_08 encryptionAll:encryptionBlowfish 2007-05-21 05:08:12
***
> </signature>
> derby.log also reports "ERROR XSLA3: Log Corrupted, has invalid data in the log stream."

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message