You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Knut Anders Hatlen (JIRA)" <ji...@apache.org> on 2012/10/03 16:48:08 UTC

[jira] [Commented] (DERBY-5792) Make it possible to turn off encryption on an already encrypted database.

    [ https://issues.apache.org/jira/browse/DERBY-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13468591#comment-13468591 ] 

Knut Anders Hatlen commented on DERBY-5792:
-------------------------------------------

> Known missing tasks:
>  o logic to deal with DBO powers

What does this mean exactly? Can any user decrypt the database with the current state of the patch?

In RAFContainer.java, the patch makes this change:

         else 
         {
-            if (dataFactory.databaseEncrypted() || encryptWithNewEngine) 
+            if (encryptionBuf != null &&
+                    (dataFactory.databaseEncrypted() || encryptWithNewEngine))
             {


I was a bit surprised that the original code checked for encryptWithNewEngine here. Is it really the case that it's possible to end up encrypting the page even if the data factory says it shouldn't be encrypted? If not, perhaps it could be simplified to just check for dataFactory.databaseEncrypted(), in which case we don't need to add an extra check for encryptionBuf to support decryption?

The new DATABASE_DECRYPTION_DENIED message might be problematic to localize because it takes an English string as an argument. We may need multiple messages to allow them to be fully translated. Sharing SQL state between the messages would be fine, though.
                
> Make it possible to turn off encryption on an already encrypted database.
> -------------------------------------------------------------------------
>
>                 Key: DERBY-5792
>                 URL: https://issues.apache.org/jira/browse/DERBY-5792
>             Project: Derby
>          Issue Type: Improvement
>          Components: JDBC, Store
>    Affects Versions: 10.10.0.0
>            Reporter: Rick Hillegas
>            Assignee: Kristian Waagan
>         Attachments: derby-5792-1a-boilerplate_and_preparation.diff, derby-5792-1b-boilerplate_and_preparation.diff, derby-5792-2a-decryptdatabasetest.diff, derby-5792-3a-decryption_feature.diff
>
>
> Currently, you can encrypt an unencrypted database and you can change the encryption key on an already encrypted database. However, Derby does not expose a way to turn off (unencrypt) an already encrypted database.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira