[jira] [Updated] (DERBY-6537) StringUtil.fromHexString is used to convert encryptionKey to byte[]

Thu, 15 May 2014 21:12:09 -0700 

     [ 
https://issues.apache.org/jira/browse/DERBY-6537?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kim Haase updated DERBY-6537:
-----------------------------

    Attachment: DERBY-6537.zip
                DERBY-6537.stat
                DERBY-6537.diff

Thanks for your clarifications, Dyre! I'm attaching DERBY-6537.diff, 
DERBY-6537.stat, and DERBY-6537.zip, with changes to the following:

M       src/ref/rrefattribencryptkey.dita
M       src/ref/rrefattribnewencryptkey.dita
M       src/devguide/cdevcsecure866716.dita
M       src/devguide/cdevcsecure88690.dita
M       src/devguide/tdevcsecurenewextkey.dita

Please let me know if more changes are needed.

> StringUtil.fromHexString is used to convert encryptionKey to byte[]
> -------------------------------------------------------------------
>
>                 Key: DERBY-6537
>                 URL: https://issues.apache.org/jira/browse/DERBY-6537
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation, Services
>    Affects Versions: 10.10.1.1
>            Reporter: Dyre Tjeldvoll
>            Assignee: Kim Haase
>            Priority: Minor
>         Attachments: DERBY-6537.diff, DERBY-6537.stat, DERBY-6537.zip
>
>
> The javadoc for StringUtil.fromHexString states that its intended use is to 
> "Convert a hexidecimal string generated by toHexString() back into a byte 
> array", and that null is returned if the length of the hex-string is not 
> even. 
> But in JCECipherFactory.init() it is being used to convert the encryptionKey 
> property string to byte[]. For this usage such a restriction makes no sense, 
> and is confusing as it is not documented (at least not in the dev guide 
> chapter about encrypting databases).
> For this usage it would be better to use 
> new BigInt(encryptionKey,16).toByteArray() which would not have this 
> restriction. But even with this change the documentation should probably be 
> updated to state that the value for the key must be a valid hex-string, as 
> that is what it will be interpreted as. The first section of the doc should 
> probably also mention that DES is the default algo, and what its minimum key 
> length requirements are (now you need to look at the section about specifying 
> an alternate algo, to find that).



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to