public class DecryptDatabaseTest extends BaseJDBCTestCase
NOTE: Care must be taken to shut down a database before testing the various connection attributes that apply to cryptographic operations, as they are typically ignored if the database has already been booted.
Modifier and Type | Field and Description |
---|---|
private static java.lang.String |
ALREADY_BOOTED |
private static java.lang.String |
BOOTPW |
private static java.lang.String |
encryptionAlgorithm
Current encryption algorithm, used when re-encrypting during set up.
|
private static java.lang.String |
TABLE |
DEFAULT_DB_DIR, DERBY_LOG, ERRORSTACKTRACEFILE
Constructor and Description |
---|
DecryptDatabaseTest(java.lang.String name) |
Modifier and Type | Method and Description |
---|---|
private java.sql.Connection |
connect(boolean decrypt,
java.lang.String bootPassword,
java.lang.String otherAttrs)
Attempts to connect to the default database with the specified
attributes.
|
private void |
populateDatabase(boolean init,
int rows)
Populates the database (simple one-column table).
|
private void |
saveEncryptionAlgorithm()
Stashes away the encryption algorithm such that we can re-encrypt.
|
void |
setUp()
Makes sure that the database is encrypted.
|
static junit.framework.Test |
suite() |
void |
testConflictingConnectionAttributes()
Tests that conflicting connection attributes are detected and flagged.
|
void |
testDecryptDatabase()
Tests that the encrypted database can be decrypted.
|
void |
testDecryptDatabaseNegative()
Tests that the encrypted database cannot be decrypted without the
boot password.
|
void |
testDecryptOnBootedDatabase()
Tests that trying to decrypt an already booted database doesn't actually
decrypt the database.
|
void |
testDecryptUnEncryptedDatabase()
Tests that asking to decrypt an un-encrypted doesn't fail.
|
private void |
vetChangeWarning(java.sql.Connection conn) |
private static junit.framework.Test |
wrapTest()
Wraps the default set of tests in the default encryption setup.
|
private static junit.framework.Test |
wrapTest(java.lang.String encryptionMethod)
Wraps the default set of tests in the specified encryption setup.
|
assertCallError, assertCheckTable, assertCommitError, assertCompileError, assertEquals, assertEquals, assertEquals, assertEquivalentDataType, assertErrorCode, assertGetIntError, assertNextError, assertPreparedStatementError, assertResults, assertResults, assertSQLExceptionEquals, assertSQLState, assertSQLState, assertStatementError, assertStatementError, assertStatementError, assertStatementError, assertStatementErrorUnordered, assertTableRowCount, assertUpdateCount, assertUpdateCount, assertWarning, chattyPrepare, chattyPrepareCall, checkAllConsistency, checkEstimatedRowCount, closeStatement, commit, createStatement, createStatement, createStatement, dropTable, dropTable, dropView, dropView, dumpRs, dumpRs, emptyStatementCache, executeQuery, expectCompilationError, expectCompilationError, expectExecutionError, getClientTransactionID, getConnection, getDatabaseProperty, getLastSQLException, goodStatement, goodUpdate, initializeConnection, openConnection, openDefaultConnection, openDefaultConnection, openDefaultConnection, openUserConnection, prepareCall, prepareCall, prepareCall, prepareStatement, prepareStatement, prepareStatement, prepareStatement, prepareStatement, prepareStatement, rollback, runBare, runBareOverridable, runScript, runScript, runSQLCommands, setAutoCommit, tearDown, usingDB2Client, usingDerbyNetClient, usingEmbedded
alarm, assertDirectoryDeleted, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertExecJavaCmdAsExpected, assertLaunchedJUnitTestMethod, assertLaunchedJUnitTestMethod, assertSameNullness, assertSecurityManager, assertThrowableEquals, currentDirectory, execJavaCmd, execJavaCmd, execJavaCmd, fail, getClassVersionMajor, getEmmaJar, getFailureFolder, getFilesWith, getJavaExecutableName, getSystemProperty, getTestConfiguration, getTestResource, hasInterruptibleIO, isCVM, isIBMJVM, isJ9Platform, isJava5, isJava7, isPhoneME, isPlatform, isSunJVM, isWindowsPlatform, newAssertionFailedError, openTestResource, println, printStackTrace, readProcessOutput, removeDirectory, removeDirectory, removeFiles, removeSystemProperty, runsWithEmma, runsWithJaCoCo, setSystemErr, setSystemOut, setSystemProperty, sleep, sleepAtLeastOneTick, traceit, vmAtLeast
assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertTrue, assertTrue, countTestCases, createResult, fail, fail, failNotEquals, failNotSame, failSame, format, getName, run, run, runTest, setName, toString
private static final java.lang.String TABLE
private static final java.lang.String BOOTPW
private static final java.lang.String ALREADY_BOOTED
private static java.lang.String encryptionAlgorithm
public void setUp() throws java.lang.Exception
setUp
in class junit.framework.TestCase
java.lang.Exception
private void saveEncryptionAlgorithm() throws java.sql.SQLException
java.sql.SQLException
public void testDecryptDatabaseNegative() throws java.sql.SQLException
java.sql.SQLException
public void testDecryptDatabase() throws java.sql.SQLException
This is tested by first populating an encrypted database, and then accessing the data in the end by booting the database without a boot password. We verify that connection attempts with incorrect or missing boot passwords before decryption fail.
java.sql.SQLException
public void testDecryptOnBootedDatabase() throws java.sql.SQLException
The internal code isn't set up to deal with decryption/encryption while other activities take place concurrently, so crypto operations are only performed when booting a database.
java.sql.SQLException
private void vetChangeWarning(java.sql.Connection conn) throws java.sql.SQLException
java.sql.SQLException
public void testDecryptUnEncryptedDatabase() throws java.sql.SQLException
java.sql.SQLException
public void testConflictingConnectionAttributes() throws java.sql.SQLException
java.sql.SQLException
private java.sql.Connection connect(boolean decrypt, java.lang.String bootPassword, java.lang.String otherAttrs) throws java.sql.SQLException
decrypt
- whether or not to request database decryptionbootPassword
- boot password, may be null
otherAttrs
- additional boot attributesjava.sql.SQLException
- if the connection cannot be establishedprivate void populateDatabase(boolean init, int rows) throws java.sql.SQLException
init
- if true
the table will be created or reset (the
identity column will also be reset)rows
- number of rows to insertjava.sql.SQLException
public static junit.framework.Test suite()
private static junit.framework.Test wrapTest()
private static junit.framework.Test wrapTest(java.lang.String encryptionMethod)
encryptionMethod
- encryption specification, for instance
"AES/OFB/NoPadding"Apache Derby V10.13 Internals - Copyright © 2004,2016 The Apache Software Foundation. All Rights Reserved.