You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by ch...@apache.org on 2014/05/15 16:52:09 UTC

svn commit: r1594937 - in /db/derby/docs/trunk/src: devguide/cdevcsecure866716.dita devguide/cdevcsecure88690.dita devguide/tdevcsecurenewextkey.dita ref/rrefattribencryptkey.dita ref/rrefattribnewencryptkey.dita

Author: chaase3
Date: Thu May 15 14:52:08 2014
New Revision: 1594937

URL: http://svn.apache.org/r1594937
Log:
DERBY-6537  StringUtil.fromHexString is used to convert encryptionKey to byte[]

Modified 3 Developer's Guide and 2 Reference Manual topics.

Patch: DERBY-6537.diff

Modified:
    db/derby/docs/trunk/src/devguide/cdevcsecure866716.dita
    db/derby/docs/trunk/src/devguide/cdevcsecure88690.dita
    db/derby/docs/trunk/src/devguide/tdevcsecurenewextkey.dita
    db/derby/docs/trunk/src/ref/rrefattribencryptkey.dita
    db/derby/docs/trunk/src/ref/rrefattribnewencryptkey.dita

Modified: db/derby/docs/trunk/src/devguide/cdevcsecure866716.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevcsecure866716.dita?rev=1594937&r1=1594936&r2=1594937&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/cdevcsecure866716.dita (original)
+++ db/derby/docs/trunk/src/devguide/cdevcsecure866716.dita Thu May 15 14:52:08 2014
@@ -32,10 +32,14 @@ also specify an encryption key directly.
 <li>DESede (168 bits)</li>
 <li>All other algorithms (128 bits)</li>
 </ul>
-<note>The boot password should have at least as many characters as number
-of bytes in the encryption key (56 bits=8 bytes, 168 bits=24 bytes, 128 bits=16
-bytes). The minimum number of characters for the boot password allowed by <ph
-conref="../conrefs.dita#prod/productshortname"></ph> is eight.</note>
+<p>The boot password should have at least as many characters as the number
+of bytes in the encryption key (56 bits=8 bytes, 128 bits=16 bytes,
+168 bits=24 bytes). The minimum number of characters for the boot password
+allowed by <ph conref="../conrefs.dita#prod/productshortname"></ph> is
+eight.</p>
+<note>If you specify an encryption key directly, the value must be a hexadecimal
+string at least 16 digits in length (8 bytes), and it must contain an even
+number of digits.</note>
 <p>It is a good idea not to use words that would be easily guessed, such as
 a login name or simple words or numbers. A boot password, like any password,
 should be a mix of numbers and uppercase and lowercase letters.</p>

Modified: db/derby/docs/trunk/src/devguide/cdevcsecure88690.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevcsecure88690.dita?rev=1594937&r1=1594936&r2=1594937&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/cdevcsecure88690.dita (original)
+++ db/derby/docs/trunk/src/devguide/cdevcsecure88690.dita Thu May 15 14:52:08 2014
@@ -42,6 +42,8 @@ bootPassword=DBpassword</codeblock>
 <codeblock>jdbc:derby:encryptedDB;create=true;dataEncryption=true;
 encryptionKey=6162636465666768</codeblock></p>
 <p>The default encryption algorithm is DES.</p>
+<p>For details on specifying boot passwords and encryption keys, see
+<xref href="cdevcsecure866716.dita"/>.</p>
 <p>You can specify an encryption provider and/or encryption algorithm
 other than the defaults by using the <i>encryptionProvider=providerName</i> and
 <i>encryptionAlgorithm=algorithm</i> attributes. See

Modified: db/derby/docs/trunk/src/devguide/tdevcsecurenewextkey.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/tdevcsecurenewextkey.dita?rev=1594937&r1=1594936&r2=1594937&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/tdevcsecurenewextkey.dita (original)
+++ db/derby/docs/trunk/src/devguide/tdevcsecurenewextkey.dita Thu May 15 14:52:08 2014
@@ -49,9 +49,11 @@ the database.</cmd><stepxmp>For example,
 the <codeph>salesdb</codeph> database, the database is encrypted
 with the new encryption key <codeph>6862636465666768</codeph>:
 <codeblock>jdbc:derby:salesdb;encryptionKey=6162636465666768;
-newEncryptionKey=6862636465666768'</codeblock>
+newEncryptionKey=6862636465666768</codeblock>
 </stepxmp>
 <info>
+<p>The encryption key value must be a hexadecimal string at least 16 digits in
+length (8 bytes), and it must contain an even number of digits.</p>
   <p>
   If <xref href="cdevcsecure36127.dita#cdevcsecure36127">authentication</xref>
   and

Modified: db/derby/docs/trunk/src/ref/rrefattribencryptkey.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefattribencryptkey.dita?rev=1594937&r1=1594936&r2=1594937&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefattribencryptkey.dita (original)
+++ db/derby/docs/trunk/src/ref/rrefattribencryptkey.dita Thu May 15 14:52:08 2014
@@ -31,7 +31,9 @@ encryption key</indexterm></indexterm><i
 <li>Encrypt a new database</li>
 <li>Configure an existing unencrypted database for encryption</li>
 <li>Boot an existing encrypted database</li>
-</ul>Your application must provide the encryption key.</p>
+</ul>Your application must provide the encryption key. The encryption key value
+must be a hexadecimal string at least 16 digits in length (8 bytes), and it must
+contain an even number of digits.</p>
 <p>For information about data encryption, see "Encrypting databases on disk"
 in the <cite><ph conref="../conrefs.dita#pub/citdevelop"></ph></cite>.</p>
 </section>

Modified: db/derby/docs/trunk/src/ref/rrefattribnewencryptkey.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefattribnewencryptkey.dita?rev=1594937&r1=1594936&r2=1594937&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefattribnewencryptkey.dita (original)
+++ db/derby/docs/trunk/src/ref/rrefattribnewencryptkey.dita Thu May 15 14:52:08 2014
@@ -31,7 +31,11 @@ limitations under the License.
 for an encrypted database. All of the existing data in the database is encrypted
 using the new encryption key and any new data written to the database will
 use this key for encryption. For more information about this attribute, see
-"Encrypting databases with a new external encryption key" in the <cite><ph conref="../conrefs.dita#pub/citdevelop"></ph></cite>.</p> </section>
+"Encrypting databases with a new external encryption key" in the
+<cite><ph conref="../conrefs.dita#pub/citdevelop"></ph></cite>.</p>
+<p>The encryption key value must be a hexadecimal string at least 16 digits in
+length (8 bytes), and it must contain an even number of digits.</p>
+</section>
 <section><title>Combining with other attributes</title> 
 <p>The <i>newEncryptionKey=key</i> attribute must be combined with the
 <i><xref href="rrefattribencryptkey.dita#rrefattribencryptkey">encryptionKey=key</xref></i>