db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kahat...@apache.org
Subject svn commit: r1403268 - in /db/derby/code/trunk/java: engine/org/apache/derby/impl/store/raw/ engine/org/apache/derby/loc/ shared/org/apache/derby/shared/common/reference/ testing/org/apache/derbyTesting/functionTests/master/ testing/org/apache/derbyTes...
Date Mon, 29 Oct 2012 12:35:09 GMT
Author: kahatlen
Date: Mon Oct 29 12:35:08 2012
New Revision: 1403268

URL: http://svn.apache.org/viewvc?rev=1403268&view=rev
Log:
DERBY-5962: Internationalize error messages for database decryption

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java
    db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml
    db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java?rev=1403268&r1=1403267&r2=1403268&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/store/raw/RawStore.java Mon Oct
29 12:35:08 2012
@@ -1318,23 +1318,10 @@ public final class RawStore implements R
             // connection URL by mistake on an already encrypted database,
             // it is ignored.
 
-            // Prevent attempt to (re)encrypt a read-only database.
-            if (encryptDatabase) {
-                if (isReadOnly()) {
-                    if (reEncrypt) {
-                        throw StandardException.newException(
-                                 SQLState.CANNOT_REENCRYPT_READONLY_DATABASE);
-                    } else {
-                        throw StandardException.newException(
-                                 SQLState.CANNOT_ENCRYPT_READONLY_DATABASE);
-                    }
-                }
-            }
-            // Prevent attempt to decrypt a read-only database.
-            if (decryptDatabase && isReadOnly()) {
+            // Prevent attempts to (re)encrypt or decrypt a read-only database.
+            if ((encryptDatabase || decryptDatabase) && isReadOnly()) {
                 throw StandardException.newException(
-                        SQLState.DATABASE_DECRYPTION_DENIED,
-                        "read-only");
+                        SQLState.CANNOT_ENCRYPT_READONLY_DATABASE);
             }
         }
 
@@ -1581,8 +1568,7 @@ public final class RawStore implements R
             if (SanityManager.DEBUG_ON(debugFlag))
             {
                StandardException se = StandardException.newException(
-                                      (reEncrypt ? SQLState.DATABASE_REENCRYPTION_FAILED
:
-                                      SQLState.DATABASE_ENCRYPTION_FAILED),
+                                      SQLState.DATABASE_ENCRYPTION_FAILED,
                                       debugFlag);
                markCorrupt(se);
                throw se;
@@ -1868,15 +1854,8 @@ public final class RawStore implements R
             transaction.close(); 
 
         } catch (StandardException se) {
-            String sqlState;
-            if (decryptDatabase) {
-                sqlState = SQLState.DATABASE_DECRYPTION_FAILED;
-            } else if (reEncrypt) {
-                sqlState = SQLState.DATABASE_REENCRYPTION_FAILED;
-            } else {
-                sqlState = SQLState.DATABASE_ENCRYPTION_FAILED;
-            }
-            throw StandardException.newException(sqlState, se, se.getMessage());
+            throw StandardException.newException(
+                SQLState.DATABASE_ENCRYPTION_FAILED, se, se.getMessage());
         } finally {
             // clear the new encryption engines.
             newDecryptionEngine = null;   
@@ -2145,17 +2124,8 @@ public final class RawStore implements R
         // be read once database is reconfigure with new encryption 
         // key.
         if (xactFactory.hasPreparedXact()) {
-            if (decrypt) {
-                throw StandardException.newException(
-                        SQLState.DATABASE_DECRYPTION_DENIED,
-                        "prepared global transaction");
-            } else if (reEncrypt) {
-                throw StandardException.newException(
-                       SQLState.REENCRYPTION_PREPARED_XACT_EXIST);
-            } else {
-                throw StandardException.newException(
-                       SQLState.ENCRYPTION_PREPARED_XACT_EXIST);
-            }
+            throw StandardException.newException(
+                    SQLState.ENCRYPTION_PREPARED_XACT_EXIST);
         }
 
 
@@ -2168,17 +2138,8 @@ public final class RawStore implements R
         // when rollforward recovery is performed. 
     
         if (logFactory.logArchived()) {
-            if (decrypt) {
-                throw StandardException.newException(
-                        SQLState.DATABASE_DECRYPTION_DENIED,
-                        "log archived");
-            } else if (reEncrypt) {
-                throw StandardException.newException(
-                       SQLState.CANNOT_REENCRYPT_LOG_ARCHIVED_DATABASE);
-            } else {
-                throw StandardException.newException(
-                       SQLState.CANNOT_ENCRYPT_LOG_ARCHIVED_DATABASE);
-            }
+            throw StandardException.newException(
+                   SQLState.CANNOT_ENCRYPT_LOG_ARCHIVED_DATABASE);
         }
     }
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml?rev=1403268&r1=1403267&r2=1403268&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml Mon Oct 29 12:35:08
2012
@@ -3764,43 +3764,22 @@ Guide.
 
             <msg>
                 <name>XBCXO.S</name>
-                <text>Cannot encrypt the database when there is a global transaction
in the prepared state.</text>
-            </msg>
-
-            <msg>
-                <name>XBCXP.S</name>
-                <text>Cannot re-encrypt the database with a new boot password or an
external encryption key when there is a global transaction in the prepared state.</text>
+                <text>Cannot encrypt, re-encrypt or decrypt the database when there
is a global transaction in the prepared state.</text>
             </msg>
 
             <msg>
                 <name>XBCXQ.S</name>
-                <text>Cannot configure a read-only database for encryption.</text>
-            </msg>
-
-            <msg>
-                <name>XBCXR.S</name>
-                <text>Cannot re-encrypt a read-only database with a new boot password
or an external encryption key .</text>
+                <text>Cannot encrypt, re-encrypt or decrypt a read-only database.</text>
             </msg>
 
             <msg>
                 <name>XBCXS.S</name>
-                <text>Cannot configure a database for encryption, when database is
in the log archive mode.</text>
-            </msg>
-
-            <msg>
-                <name>XBCXT.S</name>
-                <text>Cannot re-encrypt a database with a new boot password or an external
encryption key, when database is in the log archive mode.</text>
+                <text>Cannot encrypt, re-encrypt or decrypt a database when it is in
the log archive mode.</text>
             </msg>
 
             <msg>
                 <name>XBCXU.S</name>
-                <text>Encryption of an un-encrypted database failed: {0}</text>
-                <arg>failureMessage</arg>
-            </msg>
-
-            <msg>
-                <name>XBCXV.S</name>
-                <text>Encryption of an encrypted database with a new key or a new password
failed: {0}</text>
+                <text>Encryption, re-encryption or decryption of a database failed:
{0}</text>
                 <arg>failureMessage</arg>
             </msg>
 
@@ -3810,17 +3789,6 @@ Guide.
                 <arg>algorithmName</arg>
             </msg>
 
-            <msg>
-                <name>XBCXX.S</name>
-                <text>Database decryption failed: {0}</text>
-                <arg>failureMessage</arg>
-            </msg>
-
-            <msg>
-                <name>XBCXY.S</name>
-                <text>Cannot decrypt database because of the database state: {0}</text>
-                <arg>databaseState</arg>
-            </msg>
         </family>
 
 

Modified: db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java?rev=1403268&r1=1403267&r2=1403268&view=diff
==============================================================================
--- db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
(original)
+++ db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
Mon Oct 29 12:35:08 2012
@@ -241,16 +241,10 @@ public interface SQLState {
     String ENCRYPTION_INVALID_EXKEY_LENGTH          = "XBCXM.S";
     String ENCRYPTION_ILLEGAL_EXKEY_CHARS           = "XBCXN.S";
     String ENCRYPTION_PREPARED_XACT_EXIST             = "XBCXO.S";
-    String REENCRYPTION_PREPARED_XACT_EXIST           = "XBCXP.S";
     String CANNOT_ENCRYPT_READONLY_DATABASE           = "XBCXQ.S";
-    String CANNOT_REENCRYPT_READONLY_DATABASE         = "XBCXR.S";
     String CANNOT_ENCRYPT_LOG_ARCHIVED_DATABASE       = "XBCXS.S";
-    String CANNOT_REENCRYPT_LOG_ARCHIVED_DATABASE     = "XBCXT.S";
     String DATABASE_ENCRYPTION_FAILED                 = "XBCXU.S";
-    String DATABASE_REENCRYPTION_FAILED               = "XBCXV.S";
     String DIGEST_NO_SUCH_ALGORITHM                   = "XBCXW.S";
-    String DATABASE_DECRYPTION_FAILED                 = "XBCXX.S";
-    String DATABASE_DECRYPTION_DENIED                 = "XBCXY.S";
 
 	/*
 	** Cache Service

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out?rev=1403268&r1=1403267&r2=1403268&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest2.out
Mon Oct 29 12:35:08 2012
@@ -54,13 +54,13 @@ ij> -- configure the database for encryp
 -- this should fail because of the global transacton in the prepared state.
 connect 'jdbc:derby:wombat_en;dataEncryption=true;encryptionKey=6162636465666768';
 ERROR XJ040: Failed to start database 'wombat_en' with class loader XXXX,  see the next exception
for details.
-ERROR XBCXO: Cannot encrypt the database when there is a global transaction in the prepared
state.
+ERROR XBCXO: Cannot encrypt, re-encrypt or decrypt the database when there is a global transaction
in the prepared state.
 ij> ---attempt to configure the database for encrypion with a boot password.
 -- this should fail because of the global transacton in 
 -- the prepared state.
 connect 'jdbc:derby:wombat_en;dataEncryption=true;bootPassword=xyz1234abc';
 ERROR XJ040: Failed to start database 'wombat_en' with class loader XXXX,  see the next exception
for details.
-ERROR XBCXO: Cannot encrypt the database when there is a global transaction in the prepared
state.
+ERROR XBCXO: Cannot encrypt, re-encrypt or decrypt the database when there is a global transaction
in the prepared state.
 ij> -- now reboot the db and commit the transaction in the prepapred state. 
 xa_datasource 'wombat_en';
 ij> xa_connect ;
@@ -108,7 +108,12 @@ ij> -- attempt to reconfigure the databa
 -- after recovery.
 connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
 ERROR XJ040: Failed to start database 'wombat_en' with class loader XXXX,  see the next exception
for details.
-ERROR XBCXP: Cannot re-encrypt the database with a new boot password or an external encryption
key when there is a global transaction in the prepared state.
+ERROR XBCXO: Cannot encrypt, re-encrypt or decrypt the database when there is a global transaction
in the prepared state.
+ij> -- Attempt to decrypt the database.
+-- This should fail because of the global transaction in the prepared state.
+connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc;decryptDatabase=true';
+ERROR XJ040: Failed to start database 'wombat_en' with class loader XXXX,  see the next exception
for details.
+ERROR XBCXO: Cannot encrypt, re-encrypt or decrypt the database when there is a global transaction
in the prepared state.
 ij> -- now reboot the db and commit the transaction in the prepared state. 
 connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc';
 ij> disconnect;

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out?rev=1403268&r1=1403267&r2=1403268&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/encryptDatabaseTest3.out
Mon Oct 29 12:35:08 2012
@@ -55,10 +55,10 @@ ij> -- try encrypting the database 'jdb1
 -- should fail 
 connect 'jdbc:derby:jar:(ina.jar)jdb1;dataEncryption=true;bootPassword=xyz1234abc';
 ERROR XJ040: Failed to start database 'jar:(ina.jar)jdb1' with class loader XXXX,  see the
next exception for details.
-ERROR XBCXQ: Cannot configure a read-only database for encryption.
+ERROR XBCXQ: Cannot encrypt, re-encrypt or decrypt a read-only database.
 ij> connect 'jdbc:derby:jar:(ina.jar)jdb1;dataEncryption=true;encryptionKey=6162636465666768';
 ERROR XJ040: Failed to start database 'jar:(ina.jar)jdb1' with class loader XXXX,  see the
next exception for details.
-ERROR XBCXQ: Cannot configure a read-only database for encryption.
+ERROR XBCXQ: Cannot encrypt, re-encrypt or decrypt a read-only database.
 ij> -- Case: create a a jar file of an encrypted database and  
 -- try  re-encrypting it while boot it with the jar sub protocol 
 -- encrypt the databases.
@@ -95,7 +95,11 @@ ij> -- now finally attempt to re-encrypt
 -- a new boot password, it should fail.
 connect 'jdbc:derby:jar:(ina.jar)jdb1;dataEncryption=true;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
 ERROR XJ040: Failed to start database 'jar:(ina.jar)jdb1' with class loader XXXX,  see the
next exception for details.
-ERROR XBCXR: Cannot re-encrypt a read-only database with a new boot password or an external
encryption key .
+ERROR XBCXQ: Cannot encrypt, re-encrypt or decrypt a read-only database.
+ij> -- Decrypting a read-only db should also fail.
+connect 'jdbc:derby:jar:(ina.jar)jdb1;bootPassword=xyz1234abc;decryptDatabase=true';
+ERROR XJ040: Failed to start database 'jar:(ina.jar)jdb1' with class loader XXXX,  see the
next exception for details.
+ERROR XBCXQ: Cannot encrypt, re-encrypt or decrypt a read-only database.
 ij> -- testing (re) encryption of a database 
 -- when the log arhive mode enabled -----
 -- Case : configuring a un-encrypted database for 
@@ -128,11 +132,11 @@ ERROR 08006: Database 'wombat' shutdown.
 ij> -- attempt to configure the database for encryption using password.
 connect 'jdbc:derby:wombat;dataEncryption=true;bootPassword=xyz1234abc;';
 ERROR XJ040: Failed to start database 'wombat' with class loader XXXX,  see the next exception
for details.
-ERROR XBCXS: Cannot configure a database for encryption, when database is in the log archive
mode.
+ERROR XBCXS: Cannot encrypt, re-encrypt or decrypt a database when it is in the log archive
mode.
 ij> -- attempt to configure the database for encryption using key.
 connect 'jdbc:derby:wombat;dataEncryption=true;encryptionKey=6162636465666768';
 ERROR XJ040: Failed to start database 'wombat' with class loader XXXX,  see the next exception
for details.
-ERROR XBCXS: Cannot configure a database for encryption, when database is in the log archive
mode.
+ERROR XBCXS: Cannot encrypt, re-encrypt or decrypt a database when it is in the log archive
mode.
 ij> -- disable log archive mode and then reattempt encryption on 
 -- next boot.
 connect 'jdbc:derby:wombat';
@@ -172,7 +176,12 @@ ij> -- attempt to re-encrypt the databas
 -- it should fail.
 connect 'jdbc:derby:wombat;dataEncryption=true;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
 ERROR XJ040: Failed to start database 'wombat' with class loader XXXX,  see the next exception
for details.
-ERROR XBCXT: Cannot re-encrypt a database with a new boot password or an external encryption
key, when database is in the log archive mode.
+ERROR XBCXS: Cannot encrypt, re-encrypt or decrypt a database when it is in the log archive
mode.
+ij> -- Attempt to decrypt the database with log archive mode enabled.
+-- It should fail.
+connect 'jdbc:derby:wombat;bootPassword=xyz1234abc;decryptDatabase=true';
+ERROR XJ040: Failed to start database 'wombat' with class loader XXXX,  see the next exception
for details.
+ERROR XBCXS: Cannot encrypt, re-encrypt or decrypt a database when it is in the log archive
mode.
 ij> -- reboot the db and disable the log archive mode
 connect 'jdbc:derby:wombat;bootPassword=xyz1234abc';
 ij> select * from t1;
@@ -245,7 +254,7 @@ ij> -- attempt to re-encrypt the databas
 -- it should fail.
 connect 'jdbc:derby:wombat;encryptionKey=6162636465666768;newEncryptionKey=5666768616263646';
 ERROR XJ040: Failed to start database 'wombat' with class loader XXXX,  see the next exception
for details.
-ERROR XBCXT: Cannot re-encrypt a database with a new boot password or an external encryption
key, when database is in the log archive mode.
+ERROR XBCXS: Cannot encrypt, re-encrypt or decrypt a database when it is in the log archive
mode.
 ij> -- reboot the db and disable the log archive mode
 connect 'jdbc:derby:wombat;encryptionKey=6162636465666768';
 ij> select * from t1;
@@ -280,6 +289,24 @@ ij> select count(*) from emp;
 ij> disconnect;
 ij> connect 'jdbc:derby:wombat;shutdown=true';
 ERROR 08006: Database 'wombat' shutdown.
+ij> -- Finally, decrypt the database with log archive mode disabled.
+-- It should pass.
+connect 'jdbc:derby:wombat;encryptionKey=5666768616263646;decryptDatabase=true';
+ij> select * from t1;
+A          
+-----------
+1          
+2          
+3          
+3 rows selected
+ij> select count(*) from emp;
+1          
+-----------
+3          
+1 row selected
+ij> disconnect;
+ij> connect 'jdbc:derby:wombat;shutdown=true';
+ERROR 08006: Database 'wombat' shutdown.
 ij> -- restore from backup and attempt to configure database for encryption.
 -- it shoud fail.
 connect 'jdbc:derby:wombat;restoreFrom=extinout/mybackup/wombat;dataEncryption=true;bootPassword=xyz1234abc';

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql?rev=1403268&r1=1403267&r2=1403268&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest2.sql
Mon Oct 29 12:35:08 2012
@@ -99,6 +99,10 @@ connect 'jdbc:derby:;shutdown=true';
 -- after recovery.
 connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
 
+-- Attempt to decrypt the database.
+-- This should fail because of the global transaction in the prepared state.
+connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc;decryptDatabase=true';
+
 -- now reboot the db and commit the transaction in the prepared state. 
 connect 'jdbc:derby:wombat_en;bootPassword=xyz1234abc';
 disconnect;

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql?rev=1403268&r1=1403267&r2=1403268&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptDatabaseTest3.sql
Mon Oct 29 12:35:08 2012
@@ -77,6 +77,9 @@ connect 'jdbc:derby:;shutdown=true';
 -- a new boot password, it should fail.
 connect 'jdbc:derby:jar:(ina.jar)jdb1;dataEncryption=true;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
 
+-- Decrypting a read-only db should also fail.
+connect 'jdbc:derby:jar:(ina.jar)jdb1;bootPassword=xyz1234abc;decryptDatabase=true';
+
 -- testing (re) encryption of a database 
 -- when the log arhive mode enabled -----
 
@@ -128,6 +131,10 @@ connect 'jdbc:derby:wombat;shutdown=true
 -- it should fail.
 connect 'jdbc:derby:wombat;dataEncryption=true;bootPassword=xyz1234abc;newBootPassword=new1234xyz';
 
+-- Attempt to decrypt the database with log archive mode enabled.
+-- It should fail.
+connect 'jdbc:derby:wombat;bootPassword=xyz1234abc;decryptDatabase=true';
+
 -- reboot the db and disable the log archive mode
 connect 'jdbc:derby:wombat;bootPassword=xyz1234abc';
 select * from t1;
@@ -183,7 +190,14 @@ connect 'jdbc:derby:wombat;shutdown=true
 connect 'jdbc:derby:wombat;encryptionKey=6162636465666768;newEncryptionKey=5666768616263646';
 select * from t1;
 select count(*) from emp;
+disconnect;
+connect 'jdbc:derby:wombat;shutdown=true';
 
+-- Finally, decrypt the database with log archive mode disabled.
+-- It should pass.
+connect 'jdbc:derby:wombat;encryptionKey=5666768616263646;decryptDatabase=true';
+select * from t1;
+select count(*) from emp;
 disconnect;
 connect 'jdbc:derby:wombat;shutdown=true';
 



Mime
View raw message