db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dyre Tjeldvoll (JIRA)" <j...@apache.org>
Subject [jira] [Created] (DERBY-6537) StringUtil.fromHexString is used to convert encryptionKey to byte[]
Date Wed, 02 Apr 2014 13:47:14 GMT
Dyre Tjeldvoll created DERBY-6537:

             Summary: StringUtil.fromHexString is used to convert encryptionKey to byte[]
                 Key: DERBY-6537
                 URL: https://issues.apache.org/jira/browse/DERBY-6537
             Project: Derby
          Issue Type: Bug
          Components: Documentation, Services
    Affects Versions:
            Reporter: Dyre Tjeldvoll
            Priority: Minor

The javadoc for StringUtil.fromHexString states that its intended use is to "Convert a hexidecimal
string generated by toHexString() back into a byte array", and that null is returned if the
length of the hex-string is not even. 

But in JCECipherFactory.init() it is being used to convert the encryptionKey property string
to byte[]. For this usage such a restriction makes no sense, and is confusing as it is not
documented (at least not in the dev guide chapter about encrypting databases).

For this usage it would be better to use 
new BigInt(encryptionKey,16).toByteArray() which would not have this restriction. But even
with this change the documentation should probably be updated to state that the value for
the key must be a valid hex-string, as that is what it will be interpreted as. The first section
of the doc should probably also mention that DES is the default algo, and what its minimum
key length requirements are (now you need to look at the section about specifying an alternate
algo, to find that).

This message was sent by Atlassian JIRA

View raw message