db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sure...@apache.org
Subject svn commit: r430714 - in /db/derby/code/trunk/java: engine/org/apache/derby/impl/jdbc/ engine/org/apache/derby/impl/store/raw/ testing/org/apache/derbyTesting/functionTests/master/ testing/org/apache/derbyTesting/functionTests/tests/store/
Date Fri, 11 Aug 2006 07:51:12 GMT
Author: suresht
Date: Fri Aug 11 00:51:11 2006
New Revision: 430714

URL: http://svn.apache.org/viewvc?rev=430714&view=rev
Log:
DERBY -1156 (partial) re-encryption of the database.

This patch:
1) prevents configuring a database for encryption or encryption with new 
key while restoring from backup using connection URL attributes createFrom/
restoreFrom/rollForwardRecoveryFrom. 

2) Modified the re-encryption crash recovery test to perform (re)encryption  while 
recovering from a previous crash with same attributes. 
 
3) Minor cleanup in  RawStore.java related to re-encryption.

 

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/ReEncryptCrashRecovery.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java?rev=430714&r1=430713&r2=430714&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/EmbedConnection.java Fri Aug
11 00:51:11 2006
@@ -339,6 +339,20 @@
 		if(restoreCount > 1)
 			throw newSQLException(SQLState.CONFLICTING_RESTORE_ATTRIBUTES);
 	
+        // check if user has specified re-encryption attributes 
+        // in combination with create/restore/recover attributes.
+        // re-encryption is not allowed when restoring from backup. 
+        if (restoreCount != 0 && 
+            (Boolean.valueOf(p.getProperty(
+                            Attribute.DATA_ENCRYPTION)).booleanValue() ||
+             p.getProperty(Attribute.NEW_BOOT_PASSWORD) != null ||
+             p.getProperty(Attribute.NEW_CRYPTO_EXTERNAL_KEY) != null
+             )) 
+        {
+            throw newSQLException(SQLState.CONFLICTING_RESTORE_ATTRIBUTES);
+        }
+
+
 		//add the restore count to create count to make sure 
 		//user has not specified and restore together by mistake.
 		createCount = createCount + restoreCount ;

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java?rev=430714&r1=430713&r2=430714&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java Fri Aug
11 00:51:11 2006
@@ -116,7 +116,6 @@
     private CipherProvider newEncryptionEngine;
 	private CipherProvider newDecryptionEngine;
 	private CipherFactory  currentCipherFactory;
-    private boolean reEncrypt = false;
     private CipherFactory newCipherFactory = null;
 	private int counter_encrypt;
 	private int counter_decrypt;
@@ -201,7 +200,7 @@
 
         // setup database encryption engines.
         if (create) 
-            setupEncryptionEngines(create, restoreFromBackup, properties);
+            setupEncryptionEngines(create, properties);
 
 
 		// let everyone knows who their rawStoreFactory is and they can use it
@@ -298,7 +297,7 @@
                 handleIncompleteDatabaseEncryption(properties);
             }
 
-            setupEncryptionEngines(create, restoreFromBackup, properties);
+            setupEncryptionEngines(create, properties);
         }
 
         if (databaseEncrypted) {
@@ -317,7 +316,6 @@
         // new alogorithm then do that now.  
         if (encryptDatabase) {
             configureDatabaseForEncryption(properties, 
-                                           reEncrypt, 
                                            newCipherFactory);
         }
 	}
@@ -1088,9 +1086,7 @@
     /*
      * Setup Encryption Engines. 
      */
-    private void setupEncryptionEngines(boolean create, 
-                                        String restoreFromBackup, 
-                                        Properties properties) 
+    private void setupEncryptionEngines(boolean create, Properties properties)
         throws StandardException
     {
                     
@@ -1101,8 +1097,9 @@
                 properties.getProperty(Attribute.DATA_ENCRYPTION);
             databaseEncrypted = Boolean.valueOf(dataEncryption).booleanValue(); 
 
+            boolean reEncrypt = false;
 
-            if (!create && restoreFromBackup == null) {
+            if (!create) {
                 // check if database is already encrypted, by directly peeking at the
                 // database service propertes instead of the properties passed 
                 // to this method. By looking at properties to the boot method ,
@@ -1145,6 +1142,7 @@
 
                 }
                 
+                
                 // NOTE: if user specifies Attribute.DATA_ENCRYPTION on the
                 // connection URL by mistake on an already encrypted database, 
                 // it is ignored.
@@ -1464,10 +1462,11 @@
      * @exception StandardException Standard Derby Error Policy
      */
     public void configureDatabaseForEncryption(Properties properties,
-                                               boolean reEncrypt, 
                                                CipherFactory newCipherFactory) 
         throws StandardException 
     {
+
+        boolean reEncrypt = (databaseEncrypted && encryptDatabase);
 
         // check if the database can be encrypted.
         canEncryptDatabase(reEncrypt);

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out?rev=430714&r1=430713&r2=430714&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out
Fri Aug 11 00:51:11 2006
@@ -2,8 +2,9 @@
 -- or re-encrption of an encrypted databases with new password/key should fail 
 -- when 
 --   1) the database is booted read-only mode using jar subprotocol.
---   2) the databases with log archive mode enabled. It shoud 
+--   2) the databases with log archive mode enabled. It should 
 ---     succeed after disabling the log archive mode.
+--   3) when restoring from backup.
 --------------------------------------------------------------------
 -- Case : create a plain database, jar it up and then attempt 
 -- to encrypt using the jar protocol 
@@ -92,6 +93,9 @@
 1 row inserted/updated/deleted
 ij> insert into emp values(3 , 'robert');
 1 row inserted/updated/deleted
+ij> -- take a backup , this is used later. 
+call SYSCS_UTIL.SYSCS_BACKUP_DATABASE('extinout/mybackup');
+0 rows inserted/updated/deleted
 ij> -- enable the log archive mode and perform backup.
 call SYSCS_UTIL.SYSCS_BACKUP_DATABASE_AND_ENABLE_LOG_ARCHIVE_MODE(
                                            'extinout/mybackup1', 0);
@@ -237,6 +241,8 @@
 3 rows selected
 ij> call SYSCS_UTIL.SYSCS_DISABLE_LOG_ARCHIVE_MODE(1);
 0 rows inserted/updated/deleted
+ij> call SYSCS_UTIL.SYSCS_BACKUP_DATABASE('extinout/mybackup1');
+0 rows inserted/updated/deleted
 ij> disconnect;
 ij> connect 'jdbc:derby:wombat;shutdown=true';
 ERROR 08006: Database 'wombat' shutdown.
@@ -250,6 +256,29 @@
 2          
 3          
 3 rows selected
+ij> select count(*) from emp;
+1          
+-----------
+3          
+1 row selected
+ij> disconnect;
+ij> connect 'jdbc:derby:wombat;shutdown=true';
+ERROR 08006: Database 'wombat' shutdown.
+ij> -- restore from backup and attempt to configure database for encryption.
+-- it shoud fail.
+connect 'jdbc:derby:wombat;restoreFrom=extinout/mybackup/wombat;dataEncryption=true;bootPassword=xyz1234abc';
+ERROR XJ081: Conflicting create/restore/recovery attributes specified.
+ij> -- creating database from backup and attempting to configure database for encryption.
+-- it shoud fail.
+connect 'jdbc:derby:wombat_new;createFrom=extinout/mybackup/wombat;dataEncryption=true;bootPassword=xyz1234abc';
+ERROR XJ081: Conflicting create/restore/recovery attributes specified.
+ij> -- restore from backup and attempt to reEncrypt
+-- it should fail.
+connect 'jdbc:derby:wombat;restoreFrom=extinout/mybackup1/wombat;encryptionKey=6162636465666768;newEncryptionKey=5666768616263646';
+ERROR XJ081: Conflicting create/restore/recovery attributes specified.
+ij> -- restore from backup without re-encryption
+-- it shoud boot. 
+connect 'jdbc:derby:wombat;restoreFrom=extinout/mybackup1/wombat;encryptionKey=6162636465666768';
 ij> select count(*) from emp;
 1          
 -----------

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out?rev=430714&r1=430713&r2=430714&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out
Fri Aug 11 00:51:11 2006
@@ -73,7 +73,7 @@
 -----------
 1          
 ij(CONNECTION3)> -- case 3 :create db from backup using correct key
-connect 'jdbc:derby:encdbcbc_key2;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
+connect 'jdbc:derby:encdbcbc_key2;createFrom=extinout/bkup1/encdbcbc_key;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
 ij(CONNECTION4)> select * from t1;
 I1         
 -----------
@@ -81,7 +81,7 @@
 ij(CONNECTION4)> connect 'jdbc:derby:encdbcbc_key2;shutdown=true';
 ERROR 08006: Database 'encdbcbc_key2' shutdown.
 ij(CONNECTION4)> -- create db from backup using wrong key
-connect 'jdbc:derby:encdbcbc_key3;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6122636465666768';
+connect 'jdbc:derby:encdbcbc_key3;createFrom=extinout/bkup1/encdbcbc_key;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6122636465666768';
 ERROR XJ040: Failed to start database 'encdbcbc_key3', see the next exception for details.
 ERROR XBCXK: The given encryption key does not match the encryption key used when creating
the database. Please ensure that you are using the correct encryption key and try again. 
 ij(CONNECTION4)> select * from t1;
@@ -89,7 +89,7 @@
 ij(CONNECTION4)> connect 'jdbc:derby:encdbcbc_key3;shutdown=true';
 ERROR XJ004: Database 'encdbcbc_key3' not found.
 ij(CONNECTION4)> -- create db from backup using correct key
-connect 'jdbc:derby:encdbcbc_12;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
+connect 'jdbc:derby:encdbcbc_12;createFrom=extinout/bkup1/encdbcbc_key;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
 ij(CONNECTION5)> select * from t1;
 I1         
 -----------
@@ -110,7 +110,7 @@
 ij(CONNECTION6)> connect 'jdbc:derby:encdb;shutdown=true';
 ERROR 08006: Database 'encdb' shutdown.
 ij(CONNECTION6)> disconnect;
-ij> connect 'jdbc:derby:encdb;restoreFrom=extinout/mybackup2/encdb;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
+ij> connect 'jdbc:derby:encdb;restoreFrom=extinout/mybackup2/encdb;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
 ij(CONNECTION6)> select * from t1;
 I1         |C2                  
 --------------------------------

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/ReEncryptCrashRecovery.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/ReEncryptCrashRecovery.java?rev=430714&r1=430713&r2=430714&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/ReEncryptCrashRecovery.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/ReEncryptCrashRecovery.java
Fri Aug 11 00:51:11 2006
@@ -41,8 +41,7 @@
  *  set database boot itself fails. To test the recovery, it is just a matter 
  *  of clearing up the debug flag and rebooting the database. 
  *  
- * In Non debug mode, this tests just acts as a plain re-encryption test,
- * just testing re-encrytpion multiple times. 
+ * In Non debug mode, this tests does not do anything.
  *
  * @author <a href="mailto:suresh.thalamati@gmail.com">Suresh Thalamati</a>
  * @version 1.0
@@ -176,8 +175,6 @@
         int passwordKey = (reEncrypt ? OLD : NONE );
 
         crash(reEncrypt, TEST_REENCRYPT_CRASH_BEFORE_COMMT);
-        recover(passwordKey);
-        shutdown();
 
         crash(reEncrypt, TEST_REENCRYPT_CRASH_AFTER_COMMT);
         crashInRecovery(passwordKey, 
@@ -186,8 +183,13 @@
                      TEST_REENCRYPT_CRASH_AFTER_RECOVERY_UNDO_REVERTING_KEY);
         crashInRecovery(passwordKey, 
                      TEST_REENCRYPT_CRASH_BEFORE_RECOVERY_FINAL_CLEANUP);
-        recover(passwordKey);
-        shutdown();
+
+        
+        crash(reEncrypt, TEST_REENCRYPT_CRASH_AFTER_COMMT);
+        crashInRecovery(passwordKey, 
+                     TEST_REENCRYPT_CRASH_AFTER_RECOVERY_UNDO_LOGFILE_DELETE);
+        // retry (re)encryption and crash.
+        crash(reEncrypt, TEST_REENCRYPT_CRASH_AFTER_COMMT);
 
 
         crash(reEncrypt, TEST_REENCRYPT_CRASH_AFTER_SWITCH_TO_NEWKEY);
@@ -198,8 +200,15 @@
         crashInRecovery(passwordKey, 
                      TEST_REENCRYPT_CRASH_BEFORE_RECOVERY_FINAL_CLEANUP);
 
-        recover(passwordKey);
-        shutdown();
+
+        crash(reEncrypt, TEST_REENCRYPT_CRASH_AFTER_SWITCH_TO_NEWKEY);
+        crashInRecovery(passwordKey, 
+                     TEST_REENCRYPT_CRASH_AFTER_RECOVERY_UNDO_REVERTING_KEY);
+        // retry (re)encryption and crash.
+        crash(reEncrypt, TEST_REENCRYPT_CRASH_AFTER_SWITCH_TO_NEWKEY);
+        crashInRecovery(passwordKey, 
+                     TEST_REENCRYPT_CRASH_BEFORE_RECOVERY_FINAL_CLEANUP);
+
 
         // following cases  (re) encryption should be successful, only 
         // cleanup is pending. 
@@ -565,6 +574,10 @@
                 ";newEncryptionKey=" + NEW_KEY;
         }
         
+        if (verbose)
+            logMessage("re-encrypting " + currentTestDatabase + 
+                       " with " + connAttrs);
+
         return TestUtil.getConnection(currentTestDatabase, connAttrs); 
     }
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql?rev=430714&r1=430713&r2=430714&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql
Fri Aug 11 00:51:11 2006
@@ -2,8 +2,9 @@
 -- or re-encrption of an encrypted databases with new password/key should fail 
 -- when 
 --   1) the database is booted read-only mode using jar subprotocol.
---   2) the databases with log archive mode enabled. It shoud 
+--   2) the databases with log archive mode enabled. It should 
 ---     succeed after disabling the log archive mode.
+--   3) when restoring from backup.
 
 --------------------------------------------------------------------
 -- Case : create a plain database, jar it up and then attempt 
@@ -70,7 +71,8 @@
 insert into emp values (1, 'john');
 insert into emp values(2 , 'mike');
 insert into emp values(3 , 'robert');
-
+-- take a backup , this is used later. 
+call SYSCS_UTIL.SYSCS_BACKUP_DATABASE('extinout/mybackup');
 -- enable the log archive mode and perform backup.
 call SYSCS_UTIL.SYSCS_BACKUP_DATABASE_AND_ENABLE_LOG_ARCHIVE_MODE(
                                            'extinout/mybackup1', 0);
@@ -156,6 +158,7 @@
 connect 'jdbc:derby:wombat;encryptionKey=6162636465666768';
 select * from t1;
 call SYSCS_UTIL.SYSCS_DISABLE_LOG_ARCHIVE_MODE(1);
+call SYSCS_UTIL.SYSCS_BACKUP_DATABASE('extinout/mybackup1');
 disconnect;
 connect 'jdbc:derby:wombat;shutdown=true';
 
@@ -164,5 +167,26 @@
 connect 'jdbc:derby:wombat;encryptionKey=6162636465666768;newEncryptionKey=5666768616263646';
 select * from t1;
 select count(*) from emp;
+
+disconnect;
+connect 'jdbc:derby:wombat;shutdown=true';
+
+-- restore from backup and attempt to configure database for encryption.
+-- it shoud fail.
+connect 'jdbc:derby:wombat;restoreFrom=extinout/mybackup/wombat;dataEncryption=true;bootPassword=xyz1234abc';
+
+-- creating database from backup and attempting to configure database for encryption.
+-- it shoud fail.
+connect 'jdbc:derby:wombat_new;createFrom=extinout/mybackup/wombat;dataEncryption=true;bootPassword=xyz1234abc';
+
+-- restore from backup and attempt to reEncrypt
+-- it should fail.
+connect 'jdbc:derby:wombat;restoreFrom=extinout/mybackup1/wombat;encryptionKey=6162636465666768;newEncryptionKey=5666768616263646';
+
+-- restore from backup without re-encryption
+-- it shoud boot. 
+connect 'jdbc:derby:wombat;restoreFrom=extinout/mybackup1/wombat;encryptionKey=6162636465666768';
+select count(*) from emp;
 disconnect;
 connect 'jdbc:derby:wombat;shutdown=true';
+

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql?rev=430714&r1=430713&r2=430714&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql
Fri Aug 11 00:51:11 2006
@@ -57,18 +57,18 @@
 select * from t1;
 
 -- case 3 :create db from backup using correct key
-connect 'jdbc:derby:encdbcbc_key2;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
+connect 'jdbc:derby:encdbcbc_key2;createFrom=extinout/bkup1/encdbcbc_key;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
 select * from t1;
 connect 'jdbc:derby:encdbcbc_key2;shutdown=true';
 
 -- create db from backup using wrong key
-connect 'jdbc:derby:encdbcbc_key3;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6122636465666768';
+connect 'jdbc:derby:encdbcbc_key3;createFrom=extinout/bkup1/encdbcbc_key;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6122636465666768';
 select * from t1;
 
 connect 'jdbc:derby:encdbcbc_key3;shutdown=true';
 
 -- create db from backup using correct key
-connect 'jdbc:derby:encdbcbc_12;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
+connect 'jdbc:derby:encdbcbc_12;createFrom=extinout/bkup1/encdbcbc_key;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
 select * from t1;
 
 connect 'jdbc:derby:encdbcbc_key12;shutdown=true';
@@ -83,7 +83,7 @@
 connect 'jdbc:derby:encdb;shutdown=true';
 disconnect;
 
-connect 'jdbc:derby:encdb;restoreFrom=extinout/mybackup2/encdb;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
+connect 'jdbc:derby:encdb;restoreFrom=extinout/mybackup2/encdb;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
 select * from t1;
 disconnect;
 



Mime
View raw message