db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhille...@apache.org
Subject svn commit: r1628206 - in /db/derby/code/trunk/java: engine/org/apache/derby/impl/services/jce/ testing/org/apache/derbyTesting/functionTests/tests/lang/
Date Mon, 29 Sep 2014 15:41:56 GMT
Author: rhillegas
Date: Mon Sep 29 15:41:56 2014
New Revision: 1628206

URL: http://svn.apache.org/r1628206
Log:
DERBY-6630: Reduce visibility of JCECipherFactory and protect it with the usederbyinternals
permission; tests passed cleanly on derby-6630-01-aa-usederbyinternals.diff.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactoryBuilder.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java?rev=1628206&r1=1628205&r2=1628206&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java
Mon Sep 29 15:41:56 2014
@@ -21,6 +21,7 @@
 
 package org.apache.derby.impl.services.jce;
 
+import org.apache.derby.iapi.security.SecurityUtil;
 import org.apache.derby.iapi.services.crypto.CipherFactory;
 import org.apache.derby.iapi.services.crypto.CipherProvider;
 
@@ -60,7 +61,7 @@ import org.apache.derby.io.StorageRandom
 
 	@see CipherFactory
  */
-public final class JCECipherFactory implements CipherFactory
+final class JCECipherFactory implements CipherFactory
 {
     private final static String MESSAGE_DIGEST = "MD5";
 
@@ -116,11 +117,14 @@ public final class JCECipherFactory impl
      *                  For example to reencrypt the database with 
      *                  a new password.
      */
-    public JCECipherFactory(boolean create, 
+    JCECipherFactory(boolean create, 
                             Properties props,
                             boolean newAttributes) 
         throws StandardException
     {
+        // Verify that we have permission to execute this method.
+        SecurityUtil.checkDerbyInternalsPrivilege();
+
         init(create, props, newAttributes);
     }
     

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactoryBuilder.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactoryBuilder.java?rev=1628206&r1=1628205&r2=1628206&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactoryBuilder.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/services/jce/JCECipherFactoryBuilder.java
Mon Sep 29 15:41:56 2014
@@ -1,6 +1,6 @@
 /*
 
-   Derby - Class org.apache.derby.iapi.services.crypto.JCECipherFactoryBuilder
+   Derby - Class org.apache.derby.impl.services.jce.JCECipherFactoryBuilder
 
    Licensed to the Apache Software Foundation (ASF) under one or more
    contributor license agreements.  See the NOTICE file distributed with

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java?rev=1628206&r1=1628205&r2=1628206&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NoDBInternalsPermissionTest.java
Mon Sep 29 15:41:56 2014
@@ -33,6 +33,7 @@ import org.apache.derbyTesting.junit.Tes
 
 import org.apache.derby.iapi.services.context.ContextService;
 import org.apache.derby.impl.jdbc.EmbedConnection;
+import org.apache.derby.impl.services.jce.JCECipherFactoryBuilder;
 
 /**
  * <p>
@@ -140,4 +141,21 @@ public class NoDBInternalsPermissionTest
         }
         catch (AccessControlException e) { println( "Caught an AccessControlException" );
}
     }
+
+    /**
+     * <p>
+     * Verify that you need usederbyinternals permission to create a cipher factory.
+     * See DERBY-6630.
+     * </p>
+     */
+    public  void    test_003_JCECipherFactory()
+        throws Exception
+    {
+        try {
+            JCECipherFactoryBuilder builder = new JCECipherFactoryBuilder();
+            builder.createCipherFactory( true, null, true );
+            fail( "Should have raised an AccessControlException" );
+        }
+        catch (AccessControlException e) { println( "Caught an AccessControlException" );
}
+    }
 }



Mime
View raw message