db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kristian Waagan (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (DERBY-5792) Make it possible to turn off encryption on an already encrypted database.
Date Wed, 03 Oct 2012 23:29:08 GMT

     [ https://issues.apache.org/jira/browse/DERBY-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kristian Waagan updated DERBY-5792:
-----------------------------------

    Attachment: derby-5792-4a-crash_and_dbo.diff

Patch 4a adds test cases for DBO powers for decryption, it modifies the logic for crash recovery
for cryptographic operations on a database, and it adds crash recovery tests for database
decryption.
Patch 4a is generated on top of 3a.

The crash recovery logic is getting pretty involved and delicate - I'm not too happy about
it...

A correction on my own comment regarding DBO powers: patch 3a will also reject decryption
attempts from non-DBO users if authentication and authorization are enabled, but it will say
that the operation denied is (re-)encryption.

Patch ready for review.
                
> Make it possible to turn off encryption on an already encrypted database.
> -------------------------------------------------------------------------
>
>                 Key: DERBY-5792
>                 URL: https://issues.apache.org/jira/browse/DERBY-5792
>             Project: Derby
>          Issue Type: Improvement
>          Components: JDBC, Store
>    Affects Versions: 10.10.0.0
>            Reporter: Rick Hillegas
>            Assignee: Kristian Waagan
>         Attachments: derby-5792-1a-boilerplate_and_preparation.diff, derby-5792-1b-boilerplate_and_preparation.diff,
derby-5792-2a-decryptdatabasetest.diff, derby-5792-3a-decryption_feature.diff, derby-5792-4a-crash_and_dbo.diff
>
>
> Currently, you can encrypt an unencrypted database and you can change the encryption
key on an already encrypted database. However, Derby does not expose a way to turn off (unencrypt)
an already encrypted database.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message