[
https://issues.apache.org/jira/browse/DERBY-4229?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kim Haase updated DERBY-4229:
-----------------------------
Attachment: cdevcsecure67151.html
DERBY-4229.diff
Attaching DERBY-4229.diff and cdevcsecure67151.html, which I hope provide the
information needed here. The topic where the information seems to belong is
"Specifying an alternate encryption algorithm."
I've added one sentence that I hope also fixes DERBY-2821, an issue filed a
long time ago.
> encryptionKeyLength connection attribute should be documented
> -------------------------------------------------------------
>
> Key: DERBY-4229
> URL: https://issues.apache.org/jira/browse/DERBY-4229
> Project: Derby
> Issue Type: Bug
> Components: Documentation
> Reporter: Kathey Marsden
> Assignee: Kim Haase
> Attachments: cdevcsecure67151.html, DERBY-4229.diff
>
>
> The developer guide says:
> The length of the encryption key depends on the algorithm used:
> AES (128, 192, and 256 bits)
> DES (the default) (56 bits)
> DESede (168 bits)
> All other algorithms (128 bits)
> Note: The boot password should have at least as many characters as number of
> bytes in the encryption key (56 bits=8 bytes, 168 bits=24 bytes, 128 bits=16
> bytes). The minimum number of characters for the boot password allowed by
> Derby is eight.
> For AES, however, it does not tell how to change the default key length of
> 128. This can be changed with the encryptionKeyLength connection attribute.
> The documentation should also specify that special policy files for the JRE
> may be necessary to accomodate the longer length.
> Also note that there is an outstanding issue DERBY-3710 regarding length of
> 192 for AES.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
