Return-Path: X-Original-To: apmail-db-derby-dev-archive@www.apache.org Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B23F09C9F for ; Fri, 17 Feb 2012 21:05:20 +0000 (UTC) Received: (qmail 90715 invoked by uid 500); 17 Feb 2012 21:05:20 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 90669 invoked by uid 500); 17 Feb 2012 21:05:20 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 90662 invoked by uid 99); 17 Feb 2012 21:05:20 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Feb 2012 21:05:20 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,T_RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Feb 2012 21:05:18 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 2586F1BD60D for ; Fri, 17 Feb 2012 21:04:57 +0000 (UTC) Date: Fri, 17 Feb 2012 21:04:57 +0000 (UTC) From: "Dag H. Wanvik (Created) (JIRA)" To: derby-dev@db.apache.org Message-ID: <2060878091.52119.1329512697155.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Created] (DERBY-5622) Reduce the chance for hash collisions when checking bootPassword at boot time and when changing password. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org Reduce the chance for hash collisions when checking bootPassword at boot time and when changing password. --------------------------------------------------------------------------------------------------------- Key: DERBY-5622 URL: https://issues.apache.org/jira/browse/DERBY-5622 Project: Derby Issue Type: Improvement Components: Store Reporter: Dag H. Wanvik There are two issues, already seen in DERBY-2687: "the boot issue": there is a 1/2**16 chance that a wrong bootpassword will allow boot to proceed (but since its decoded key is wrong the boot will fail). "the oassword change" issue: similarly, there is a chance that the wrong bootpassword will be accepted trying to change it via SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('bootPassword', ...) at least for algorithms that do not check IV (initialization vector) in addition to the digest, e.g. "DES/ECB/NoPadding" The latter case may lead to data corruption, cf. DERBY-2687 discussion. I think the risk is fairly low, though: One would need to have execution permission to change the property if SQL authorization is used, and in most scenarios the supplied existing password would be correct. But since the results can be bad, it would be good to reduce or eliminate the risk. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira