Encrypted databases cannot be booted using the jar subprotocol (and possibly
also using http/https/classpath)
-------------------------------------------------------------------------------------------------------------
Key: DERBY-1373
URL: http://issues.apache.org/jira/browse/DERBY-1373
Project: Derby
Type: Bug
Components: Store
Versions: 10.1.2.4
Environment: Environment does not matter.
Reporter: Mathias Herberts
An encrypted database cannot be booted when using the jar subprotocol.
The problem lies in the method run from JCECipherFactory. The call to
getRandomAccessFile returns null when the verifyKeyFile is an instance of
InputStreamFile and the key verification therefore fails.
The implementation of getRandomAccessFile for InputStreamFile states that its
code cannot be reached which is untrue.
The provided patch does two things, it provides a new class
InputStreamRandomAccessFile in package org.apache.derby.impl.io. This class
provides simple implementations of readInt and readFully so the key
verification process succeeds. A quick scan of the derby source tree showed no
problem or possible impact of this simple implementation.
The second thing the patch does is to modify
org/apache/derby/impl/io/InputStreamFile.java so the getRandomAccessFile
creates an instance of InputStreamRandomAccessFile instead of returning null.
This patch has been tested against trunk 410361. It solves the problem at least
under the jar subprotocol.
The patch has not been tested against http/https/classpath.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
