[jira] [Commented] (DERBY-5792) Make it possible to turn off encryption on an already encrypted database.

Wed, 03 Oct 2012 07:48:10 -0700 

    [ 
https://issues.apache.org/jira/browse/DERBY-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13468591#comment-13468591
 ] 

Knut Anders Hatlen commented on DERBY-5792:
-------------------------------------------

> Known missing tasks:
>  o logic to deal with DBO powers

What does this mean exactly? Can any user decrypt the database with the current 
state of the patch?

In RAFContainer.java, the patch makes this change:

         else 
         {
-            if (dataFactory.databaseEncrypted() || encryptWithNewEngine) 
+            if (encryptionBuf != null &&
+                    (dataFactory.databaseEncrypted() || encryptWithNewEngine))
             {


I was a bit surprised that the original code checked for encryptWithNewEngine 
here. Is it really the case that it's possible to end up encrypting the page 
even if the data factory says it shouldn't be encrypted? If not, perhaps it 
could be simplified to just check for dataFactory.databaseEncrypted(), in which 
case we don't need to add an extra check for encryptionBuf to support 
decryption?

The new DATABASE_DECRYPTION_DENIED message might be problematic to localize 
because it takes an English string as an argument. We may need multiple 
messages to allow them to be fully translated. Sharing SQL state between the 
messages would be fine, though.
                
> Make it possible to turn off encryption on an already encrypted database.
> -------------------------------------------------------------------------
>
>                 Key: DERBY-5792
>                 URL: https://issues.apache.org/jira/browse/DERBY-5792
>             Project: Derby
>          Issue Type: Improvement
>          Components: JDBC, Store
>    Affects Versions: 10.10.0.0
>            Reporter: Rick Hillegas
>            Assignee: Kristian Waagan
>         Attachments: derby-5792-1a-boilerplate_and_preparation.diff, 
> derby-5792-1b-boilerplate_and_preparation.diff, 
> derby-5792-2a-decryptdatabasetest.diff, derby-5792-3a-decryption_feature.diff
>
>
> Currently, you can encrypt an unencrypted database and you can change the 
> encryption key on an already encrypted database. However, Derby does not 
> expose a way to turn off (unencrypt) an already encrypted database.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to