You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by fu...@apache.org on 2006/04/28 20:07:37 UTC
svn commit: r397972 - in /db/derby/code/branches/10.1/java:
engine/org/apache/derby/iapi/reference/
engine/org/apache/derby/impl/services/jce/ engine/org/apache/derby/loc/
testing/org/apache/derbyTesting/functionTests/master/
testing/org/apache/derbyTe...
Author: fuzzylogic
Date: Fri Apr 28 11:07:32 2006
New Revision: 397972
URL: http://svn.apache.org/viewcvs?rev=397972&view=rev
Log:
DERBY-746 DERBY-788: Merge revision 365785, 367712, and 381333 from trunk to
10.1
Modified:
db/derby/code/branches/10.1/java/engine/org/apache/derby/iapi/reference/SQLState.java
db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java
db/derby/code/branches/10.1/java/engine/org/apache/derby/loc/messages_en.properties
db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out
db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql
Modified: db/derby/code/branches/10.1/java/engine/org/apache/derby/iapi/reference/SQLState.java
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/engine/org/apache/derby/iapi/reference/SQLState.java?rev=397972&r1=397971&r2=397972&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/engine/org/apache/derby/iapi/reference/SQLState.java (original)
+++ db/derby/code/branches/10.1/java/engine/org/apache/derby/iapi/reference/SQLState.java Fri Apr 28 11:07:32 2006
@@ -221,6 +221,9 @@
String ENCRYPTION_BAD_JCE = "XBCXJ.S";
String ENCRYPTION_BAD_EXTERNAL_KEY = "XBCXK.S";
String ENCRYPTION_UNABLE_KEY_VERIFICATION = "XBCXL.S";
+ String ENCRYPTION_INVALID_EXKEY_LENGTH = "XBCXM.S";
+ String ENCRYPTION_ILLEGAL_EXKEY_CHARS = "XBCXN.S";
+
/*
** Cache Service
*/
Modified: db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java?rev=397972&r1=397971&r2=397972&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java (original)
+++ db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/services/jce/JCECipherFactory.java Fri Apr 28 11:07:32 2006
@@ -546,6 +546,14 @@
throw StandardException.newException(SQLState.SERVICE_WRONG_BOOT_PASSWORD);
generatedKey = org.apache.derby.iapi.util.StringUtil.fromHexString(externalKey, 0, externalKey.length());
+ if (generatedKey == null) {
+ throw StandardException.newException(
+ // If length is even, we assume invalid character(s),
+ // based on how 'fromHexString' behaves.
+ externalKey.length() % 2 == 0
+ ? SQLState.ENCRYPTION_ILLEGAL_EXKEY_CHARS
+ : SQLState.ENCRYPTION_INVALID_EXKEY_LENGTH);
+ }
} else {
Modified: db/derby/code/branches/10.1/java/engine/org/apache/derby/loc/messages_en.properties
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/engine/org/apache/derby/loc/messages_en.properties?rev=397972&r1=397971&r2=397972&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/engine/org/apache/derby/loc/messages_en.properties (original)
+++ db/derby/code/branches/10.1/java/engine/org/apache/derby/loc/messages_en.properties Fri Apr 28 11:07:32 2006
@@ -80,6 +80,8 @@
XBCXJ.S=The application is using a version of the Java Cryptography Extension (JCE) earlier than 1.2.1. Please upgrade to JCE 1.2.1 and try the operation again.
XBCXK.S=The given encryption key does not match the encryption key used when creating the database. Please ensure that you are using the correct encryption key and try again.
XBCXL.S=The verification process for the encryption key was not successful. This could have been caused by an error when accessing the appropriate file to do the verification process. See next exception for details.
+XBCXM.S=The length of the external encryption key must be an even number.
+XBCXN.S=The external encryption key contains one or more illegal characters. Allowed characters for a hexadecimal number are 0-9, a-f and A-F.
#../java/com/ibm/db2j/impl/BasicServices/CacheService/Generic/messages.properties
Modified: db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out?rev=397972&r1=397971&r2=397972&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out (original)
+++ db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/master/encryptionKey.out Fri Apr 28 11:07:32 2006
@@ -13,11 +13,14 @@
-- with right key
-- with wrong key
-- with right key
--- test restoreFrom
+-- test restoreFrom
+-- Case 4: use invalid key when trying to create
+-- key length not even
+-- key contains invalid character(s)
--
------------------------------------------------------------------------------------
-- case1: give external encryptionKey instead of bootpassword
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
ij> create table t1(i1 int);
0 rows inserted/updated/deleted
ij> insert into t1 values(1);
@@ -30,7 +33,7 @@
ij> connect 'jdbc:derby:encdbcbc_key;shutdown=true';
ERROR 08006: Database 'encdbcbc_key' shutdown.
ij> -- case 1.1 - right key
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
WARNING 01J01: Database 'encdbcbc_key' not created, connection made to existing database instead.
ij(CONNECTION1)> select * from t1;
I1
@@ -41,17 +44,17 @@
ij(CONNECTION1)> -- (-ve case) connect without the encryptionKey
-- connect with encryptionKey and keylength ( will ignore the keylength value)
-- wrong length
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=616364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6163646566676868';
ERROR XJ040: Failed to start database 'encdbcbc_key', see the next exception for details.
ERROR XBCXK: The given encryption key does not match the encryption key used when creating the database. Please ensure that you are using the correct encryption key and try again.
ij(CONNECTION1)> -- wrong key
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=68626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6862636465666768';
ERROR XJ040: Failed to start database 'encdbcbc_key', see the next exception for details.
ERROR XBCXK: The given encryption key does not match the encryption key used when creating the database. Please ensure that you are using the correct encryption key and try again.
ij(CONNECTION1)> select * from t1;
ERROR 08003: No current connection.
ij(CONNECTION1)> -- correct key
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
WARNING 01J01: Database 'encdbcbc_key' not created, connection made to existing database instead.
ij(CONNECTION2)> select * from t1;
I1
@@ -63,14 +66,14 @@
ij(CONNECTION2)> connect 'jdbc:derby:encdbcbc_key;shutdown=true';
ERROR 08006: Database 'encdbcbc_key' shutdown.
ij(CONNECTION2)> -- connect to original db after backup
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
WARNING 01J01: Database 'encdbcbc_key' not created, connection made to existing database instead.
ij(CONNECTION3)> select * from t1;
I1
-----------
1
ij(CONNECTION3)> -- case 3 :create db from backup using correct key
-connect 'jdbc:derby:encdbcbc_key2;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key2;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
ij(CONNECTION4)> select * from t1;
I1
-----------
@@ -78,7 +81,7 @@
ij(CONNECTION4)> connect 'jdbc:derby:encdbcbc_key2;shutdown=true';
ERROR 08006: Database 'encdbcbc_key2' shutdown.
ij(CONNECTION4)> -- create db from backup using wrong key
-connect 'jdbc:derby:encdbcbc_key3;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61226364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key3;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6122636465666768';
ERROR XJ040: Failed to start database 'encdbcbc_key3', see the next exception for details.
ERROR XBCXK: The given encryption key does not match the encryption key used when creating the database. Please ensure that you are using the correct encryption key and try again.
ij(CONNECTION4)> select * from t1;
@@ -86,14 +89,14 @@
ij(CONNECTION4)> connect 'jdbc:derby:encdbcbc_key3;shutdown=true';
ERROR XJ004: Database 'encdbcbc_key3' not found.
ij(CONNECTION4)> -- create db from backup using correct key
-connect 'jdbc:derby:encdbcbc_12;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_12;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
ij(CONNECTION5)> select * from t1;
I1
-----------
1
ij(CONNECTION5)> connect 'jdbc:derby:encdbcbc_key12;shutdown=true';
ERROR XJ004: Database 'encdbcbc_key12' not found.
-ij(CONNECTION5)> connect 'jdbc:derby:encdb;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+ij(CONNECTION5)> connect 'jdbc:derby:encdb;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
ij(CONNECTION6)> create table t1(i1 int ,c2 char(20));
0 rows inserted/updated/deleted
ij(CONNECTION6)> insert into t1 values(1,'a');
@@ -107,10 +110,21 @@
ij(CONNECTION6)> connect 'jdbc:derby:encdb;shutdown=true';
ERROR 08006: Database 'encdb' shutdown.
ij(CONNECTION6)> disconnect;
-ij> connect 'jdbc:derby:encdb;restoreFrom=extinout/mybackup2/encdb;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+ij> connect 'jdbc:derby:encdb;restoreFrom=extinout/mybackup2/encdb;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
ij(CONNECTION6)> select * from t1;
I1 |C2
--------------------------------
1 |a
ij(CONNECTION6)> disconnect;
+ij> -- case 4 : invalid keys
+-- key length not even
+connect 'jdbc:derby:encddbdb_invkey;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=123456789';
+ERROR XJ041: Failed to create database 'encddbdb_invkey', see the next exception for details.
+ERROR XBM01: Startup failed due to an exception. See next exception for details.
+ERROR XBCXM: The length of the external encryption key must be an even number.
+ij> -- key contains illegal character(s)
+connect 'jdbc:derby:encddbdb_invkey;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667XY';
+ERROR XJ041: Failed to create database 'encddbdb_invkey', see the next exception for details.
+ERROR XBM01: Startup failed due to an exception. See next exception for details.
+ERROR XBCXN: The external encryption key contains one or more illegal characters. Allowed characters for a hexadecimal number are 0-9, a-f and A-F.
ij>
Modified: db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql?rev=397972&r1=397971&r2=397972&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql (original)
+++ db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/store/encryptionKey.sql Fri Apr 28 11:07:32 2006
@@ -13,11 +13,14 @@
-- with right key
-- with wrong key
-- with right key
--- test restoreFrom
+-- test restoreFrom
+-- Case 4: use invalid key when trying to create
+-- key length not even
+-- key contains invalid character(s)
--
------------------------------------------------------------------------------------
-- case1: give external encryptionKey instead of bootpassword
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
create table t1(i1 int);
insert into t1 values(1);
@@ -27,7 +30,7 @@
-- case 1.1 - right key
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
select * from t1;
connect 'jdbc:derby:encdbcbc_key;shutdown=true';
@@ -35,13 +38,13 @@
-- connect with encryptionKey and keylength ( will ignore the keylength value)
-- wrong length
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=616364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6163646566676868';
-- wrong key
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=68626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6862636465666768';
select * from t1;
-- correct key
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
select * from t1;
-- case 2 backup
@@ -50,27 +53,27 @@
-- connect to original db after backup
-connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
select * from t1;
-- case 3 :create db from backup using correct key
-connect 'jdbc:derby:encdbcbc_key2;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key2;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
select * from t1;
connect 'jdbc:derby:encdbcbc_key2;shutdown=true';
-- create db from backup using wrong key
-connect 'jdbc:derby:encdbcbc_key3;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61226364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_key3;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6122636465666768';
select * from t1;
connect 'jdbc:derby:encdbcbc_key3;shutdown=true';
-- create db from backup using correct key
-connect 'jdbc:derby:encdbcbc_12;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdbcbc_12;createFrom=extinout/bkup1/encdbcbc_key;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
select * from t1;
connect 'jdbc:derby:encdbcbc_key12;shutdown=true';
-connect 'jdbc:derby:encdb;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdb;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
create table t1(i1 int ,c2 char(20));
insert into t1 values(1,'a');
select * from t1;
@@ -80,6 +83,14 @@
connect 'jdbc:derby:encdb;shutdown=true';
disconnect;
-connect 'jdbc:derby:encdb;restoreFrom=extinout/mybackup2/encdb;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667686961626364656568';
+connect 'jdbc:derby:encdb;restoreFrom=extinout/mybackup2/encdb;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=6162636465666768';
select * from t1;
disconnect;
+
+-- case 4 : invalid keys
+-- key length not even
+connect 'jdbc:derby:encddbdb_invkey;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=123456789';
+
+-- key contains illegal character(s)
+connect 'jdbc:derby:encddbdb_invkey;create=true;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;encryptionKey=61626364656667XY';
+