Return-Path: X-Original-To: apmail-db-derby-dev-archive@www.apache.org Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 059CCD51F for ; Fri, 21 Sep 2012 20:14:10 +0000 (UTC) Received: (qmail 90905 invoked by uid 500); 21 Sep 2012 20:14:08 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 90875 invoked by uid 500); 21 Sep 2012 20:14:08 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 90375 invoked by uid 99); 21 Sep 2012 20:14:08 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 21 Sep 2012 20:14:08 +0000 Date: Sat, 22 Sep 2012 07:14:08 +1100 (NCT) From: "Kim Haase (JIRA)" To: derby-dev@db.apache.org Message-ID: <1161941655.109386.1348258448170.JavaMail.jiratomcat@arcas> Subject: [jira] [Updated] (DERBY-4229) encryptionKeyLength connection attribute should be documented MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DERBY-4229?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kim Haase updated DERBY-4229: ----------------------------- Issue & fix info: Patch Available > encryptionKeyLength connection attribute should be documented > ------------------------------------------------------------- > > Key: DERBY-4229 > URL: https://issues.apache.org/jira/browse/DERBY-4229 > Project: Derby > Issue Type: Bug > Components: Documentation > Affects Versions: 10.5.1.1 > Reporter: Kathey Marsden > Assignee: Kim Haase > Fix For: 10.5.2.0 > > Attachments: cdevcsecure67151.html, DERBY-4229-2.diff, DERBY-4229-2.stat, DERBY-4229.diff, rrefattribencryptkeylength.html > > > The developer guide says: > The length of the encryption key depends on the algorithm used: > AES (128, 192, and 256 bits) > DES (the default) (56 bits) > DESede (168 bits) > All other algorithms (128 bits) > Note: The boot password should have at least as many characters as number of bytes in the encryption key (56 bits=8 bytes, 168 bits=24 bytes, 128 bits=16 bytes). The minimum number of characters for the boot password allowed by Derby is eight. > For AES, however, it does not tell how to change the default key length of 128. This can be changed with the encryptionKeyLength connection attribute. The documentation should also specify that special policy files for the JRE may be necessary to accomodate the longer length. > Also note that there is an outstanding issue DERBY-3710 regarding length of 192 for AES. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira