db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Knut Anders Hatlen (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-5792) Make it possible to turn off encryption on an already encrypted database.
Date Wed, 03 Oct 2012 14:48:08 GMT

    [ https://issues.apache.org/jira/browse/DERBY-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13468591#comment-13468591
] 

Knut Anders Hatlen commented on DERBY-5792:
-------------------------------------------

> Known missing tasks:
>  o logic to deal with DBO powers

What does this mean exactly? Can any user decrypt the database with the current state of the
patch?

In RAFContainer.java, the patch makes this change:

         else 
         {
-            if (dataFactory.databaseEncrypted() || encryptWithNewEngine) 
+            if (encryptionBuf != null &&
+                    (dataFactory.databaseEncrypted() || encryptWithNewEngine))
             {


I was a bit surprised that the original code checked for encryptWithNewEngine here. Is it
really the case that it's possible to end up encrypting the page even if the data factory
says it shouldn't be encrypted? If not, perhaps it could be simplified to just check for dataFactory.databaseEncrypted(),
in which case we don't need to add an extra check for encryptionBuf to support decryption?

The new DATABASE_DECRYPTION_DENIED message might be problematic to localize because it takes
an English string as an argument. We may need multiple messages to allow them to be fully
translated. Sharing SQL state between the messages would be fine, though.
                
> Make it possible to turn off encryption on an already encrypted database.
> -------------------------------------------------------------------------
>
>                 Key: DERBY-5792
>                 URL: https://issues.apache.org/jira/browse/DERBY-5792
>             Project: Derby
>          Issue Type: Improvement
>          Components: JDBC, Store
>    Affects Versions: 10.10.0.0
>            Reporter: Rick Hillegas
>            Assignee: Kristian Waagan
>         Attachments: derby-5792-1a-boilerplate_and_preparation.diff, derby-5792-1b-boilerplate_and_preparation.diff,
derby-5792-2a-decryptdatabasetest.diff, derby-5792-3a-decryption_feature.diff
>
>
> Currently, you can encrypt an unencrypted database and you can change the encryption
key on an already encrypted database. However, Derby does not expose a way to turn off (unencrypt)
an already encrypted database.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message