Return-Path: X-Original-To: apmail-db-derby-dev-archive@www.apache.org Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id F352B11603 for ; Wed, 3 Sep 2014 06:47:57 +0000 (UTC) Received: (qmail 13416 invoked by uid 500); 3 Sep 2014 06:47:51 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 13385 invoked by uid 500); 3 Sep 2014 06:47:51 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 13373 invoked by uid 99); 3 Sep 2014 06:47:51 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Sep 2014 06:47:51 +0000 Date: Wed, 3 Sep 2014 06:47:51 +0000 (UTC) From: "Dyre Tjeldvoll (JIRA)" To: derby-dev@db.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Closed] (DERBY-6537) StringUtil.fromHexString is used to convert encryptionKey to byte[] MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DERBY-6537?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dyre Tjeldvoll closed DERBY-6537. --------------------------------- Fix verified > StringUtil.fromHexString is used to convert encryptionKey to byte[] > ------------------------------------------------------------------- > > Key: DERBY-6537 > URL: https://issues.apache.org/jira/browse/DERBY-6537 > Project: Derby > Issue Type: Bug > Components: Documentation, Services > Affects Versions: 10.10.1.1 > Reporter: Dyre Tjeldvoll > Assignee: Kim Haase > Priority: Minor > Fix For: 10.11.1.1 > > Attachments: DERBY-6537.diff, DERBY-6537.stat, DERBY-6537.zip > > > The javadoc for StringUtil.fromHexString states that its intended use is to "Convert a hexidecimal string generated by toHexString() back into a byte array", and that null is returned if the length of the hex-string is not even. > But in JCECipherFactory.init() it is being used to convert the encryptionKey property string to byte[]. For this usage such a restriction makes no sense, and is confusing as it is not documented (at least not in the dev guide chapter about encrypting databases). > For this usage it would be better to use > new BigInt(encryptionKey,16).toByteArray() which would not have this restriction. But even with this change the documentation should probably be updated to state that the value for the key must be a valid hex-string, as that is what it will be interpreted as. The first section of the doc should probably also mention that DES is the default algo, and what its minimum key length requirements are (now you need to look at the section about specifying an alternate algo, to find that). -- This message was sent by Atlassian JIRA (v6.3.4#6332)