public class CryptoCrashRecoveryTest extends BaseJDBCTestCase
Debug flags are used to simulate crashes during the encryption of an un-encrypted database, re-encryption of an encrypted database with new password/key, and decryption of an encrypted database.
Unlike the other recovery tests which do a setup and recovery as different tests, crash/recovery for cryptographic operations can be simulated in one test itself because the cryptographic operation is performed at boot time. When debug flags are set the database boot itself fails. To test the recovery, it is just a matter of clearing up the debug flag and rebooting the database.
In non-debug mode (compiled as "insane") this test does nothing.
Modifier and Type | Field and Description |
---|---|
private static java.lang.String |
NEW_KEY |
private static java.lang.String |
NEW_PASSWORD |
private static java.lang.String |
OLD_KEY |
private static java.lang.String |
OLD_PASSWORD |
private static int |
OP_DECRYPT |
private static int |
OP_ENCRYPT |
private static int |
OP_REENCRYPT |
private static java.lang.String |
TEST_REENCRYPT_CRASH_AFTER_CHECKPOINT |
private static java.lang.String |
TEST_REENCRYPT_CRASH_AFTER_COMMT |
private static java.lang.String |
TEST_REENCRYPT_CRASH_AFTER_RECOVERY_UNDO_LOGFILE_DELETE |
private static java.lang.String |
TEST_REENCRYPT_CRASH_AFTER_RECOVERY_UNDO_REVERTING_KEY |
private static java.lang.String |
TEST_REENCRYPT_CRASH_AFTER_SWITCH_TO_NEWKEY |
private static java.lang.String |
TEST_REENCRYPT_CRASH_BEFORE_COMMT |
private static java.lang.String |
TEST_REENCRYPT_CRASH_BEFORE_RECOVERY_FINAL_CLEANUP |
private static java.lang.String |
TEST_TABLE_NAME
Table name used by the test.
|
private static boolean |
USE_ENC_KEY |
private static boolean |
USE_ENC_PWD |
DEFAULT_DB_DIR, DERBY_LOG, ERRORSTACKTRACEFILE
Constructor and Description |
---|
CryptoCrashRecoveryTest(java.lang.String name) |
Modifier and Type | Method and Description |
---|---|
private java.sql.Connection |
bootDatabase(javax.sql.DataSource ds,
boolean useEncPwd,
java.lang.Boolean useNewCredential)
Boots the database.
|
private void |
clearDebugFlag(java.lang.String debugFlag) |
private void |
crash(javax.sql.DataSource ds,
int operation,
boolean useEncPwd,
java.lang.String debugFlag)
Crashes the engine at the point specified by the debug flag while
performing the requested operation.
|
private void |
crashInRecovery(javax.sql.DataSource ds,
boolean useEncPwd,
java.lang.Boolean useNewCredential,
java.lang.String debugFlag)
Crashes the engine in recovery of the given database at the point
specified by the debug flag.
|
private java.sql.Connection |
createDatabase(javax.sql.DataSource ds)
Creates an un-encrypted database.
|
private java.sql.Connection |
createEncryptedDatabase(javax.sql.DataSource ds,
boolean useEncPwd)
Creates an encrypted database.
|
private void |
createTable(java.sql.Connection con,
java.lang.String tableName)
Creates the table that is used by this test.
|
private static java.lang.String |
db(javax.sql.DataSource ds)
Extracts the database name from the data source.
|
private java.sql.Connection |
decryptDatabase(javax.sql.DataSource ds,
boolean useEncPwd)
Decrypts an encrypted database.
|
private java.sql.Connection |
encryptDatabase(javax.sql.DataSource ds,
boolean useEncPwd)
Encrypts an un-encrypted database.
|
private int |
findMaxId(java.sql.Connection con,
java.lang.String tableName)
Returns the highest id in the given table.
|
private void |
insert(java.sql.Connection con,
java.lang.String tableName,
int rowCount)
Inserts rows into the specified table.
|
private void |
recover(javax.sql.DataSource ds,
boolean useEncKey,
java.lang.Boolean useNewCredential) |
private java.sql.Connection |
reEncryptDatabase(javax.sql.DataSource ds,
boolean useEncPwd)
Re-encrypts the database.
|
private void |
runConsistencyChecker(java.sql.Connection con,
java.lang.String tableName)
Runs some consistency checks on the specified table.
|
private void |
runCrashRecoveryTestCases(javax.sql.DataSource ds,
int operation,
boolean useEncPwd)
Runs crash recovery test scenarios for the given cryptographic operation
using the debug flags.
|
private void |
setDebugFlag(java.lang.String debugFlag) |
static junit.framework.Test |
suite() |
void |
testDecryptionWithBootPassword() |
void |
testDecryptionWithEncryptionKey() |
void |
testEncryptionWithBootPassword() |
void |
testEncryptionWithEncryptionKey() |
void |
testReEncryptionWithBootPassword() |
void |
testReEncryptionWithEncryptionKey() |
private void |
verifyBootException(java.sql.SQLException sqle,
java.lang.String debugFlag)
Verifies that database boot failed because of the right reasons.
|
private void |
verifyContents(java.sql.Connection con,
java.lang.String tableName)
Verifies the rows in the given table.
|
assertCallError, assertCheckTable, assertCommitError, assertCompileError, assertEquals, assertEquals, assertEquals, assertEquivalentDataType, assertErrorCode, assertGetIntError, assertNextError, assertPreparedStatementError, assertResults, assertResults, assertSQLExceptionEquals, assertSQLState, assertSQLState, assertStatementError, assertStatementError, assertStatementError, assertStatementError, assertStatementErrorUnordered, assertTableRowCount, assertUpdateCount, assertUpdateCount, assertWarning, chattyPrepare, chattyPrepareCall, checkAllConsistency, checkEstimatedRowCount, closeStatement, commit, createStatement, createStatement, createStatement, dropTable, dropTable, dropView, dropView, dumpRs, dumpRs, emptyStatementCache, executeQuery, expectCompilationError, expectCompilationError, expectExecutionError, getClientTransactionID, getConnection, getDatabaseProperty, getLastSQLException, goodStatement, goodUpdate, initializeConnection, openConnection, openDefaultConnection, openDefaultConnection, openDefaultConnection, openUserConnection, prepareCall, prepareCall, prepareCall, prepareStatement, prepareStatement, prepareStatement, prepareStatement, prepareStatement, prepareStatement, rollback, runBare, runBareOverridable, runScript, runScript, runSQLCommands, setAutoCommit, tearDown, usingDB2Client, usingDerbyNetClient, usingEmbedded
alarm, assertDirectoryDeleted, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertExecJavaCmdAsExpected, assertLaunchedJUnitTestMethod, assertLaunchedJUnitTestMethod, assertSameNullness, assertSecurityManager, assertThrowableEquals, currentDirectory, execJavaCmd, execJavaCmd, execJavaCmd, fail, getClassVersionMajor, getEmmaJar, getFailureFolder, getFilesWith, getJavaExecutableName, getSystemProperty, getTestConfiguration, getTestResource, hasInterruptibleIO, isCVM, isIBMJVM, isJ9Platform, isJava5, isJava7, isPhoneME, isPlatform, isSunJVM, isWindowsPlatform, newAssertionFailedError, openTestResource, println, printStackTrace, readProcessOutput, removeDirectory, removeDirectory, removeFiles, removeSystemProperty, runsWithEmma, runsWithJaCoCo, setSystemErr, setSystemOut, setSystemProperty, sleep, sleepAtLeastOneTick, traceit, vmAtLeast
assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertTrue, assertTrue, countTestCases, createResult, fail, fail, failNotEquals, failNotSame, failSame, format, getName, run, run, runTest, setName, setUp, toString
private static boolean USE_ENC_PWD
private static boolean USE_ENC_KEY
private static final int OP_ENCRYPT
private static final int OP_DECRYPT
private static final int OP_REENCRYPT
private static final java.lang.String TEST_TABLE_NAME
private static final java.lang.String OLD_PASSWORD
private static final java.lang.String NEW_PASSWORD
private static final java.lang.String OLD_KEY
private static final java.lang.String NEW_KEY
private static final java.lang.String TEST_REENCRYPT_CRASH_BEFORE_COMMT
private static final java.lang.String TEST_REENCRYPT_CRASH_AFTER_COMMT
private static final java.lang.String TEST_REENCRYPT_CRASH_AFTER_SWITCH_TO_NEWKEY
private static final java.lang.String TEST_REENCRYPT_CRASH_AFTER_CHECKPOINT
private static final java.lang.String TEST_REENCRYPT_CRASH_AFTER_RECOVERY_UNDO_LOGFILE_DELETE
private static final java.lang.String TEST_REENCRYPT_CRASH_AFTER_RECOVERY_UNDO_REVERTING_KEY
private static final java.lang.String TEST_REENCRYPT_CRASH_BEFORE_RECOVERY_FINAL_CLEANUP
public static junit.framework.Test suite()
public void testDecryptionWithBootPassword() throws java.lang.Exception
java.lang.Exception
public void testDecryptionWithEncryptionKey() throws java.lang.Exception
java.lang.Exception
public void testEncryptionWithBootPassword() throws java.lang.Exception
java.lang.Exception
public void testEncryptionWithEncryptionKey() throws java.lang.Exception
java.lang.Exception
public void testReEncryptionWithBootPassword() throws java.lang.Exception
java.lang.Exception
public void testReEncryptionWithEncryptionKey() throws java.lang.Exception
java.lang.Exception
private void runCrashRecoveryTestCases(javax.sql.DataSource ds, int operation, boolean useEncPwd) throws java.sql.SQLException
ds
- data sourceoperation
- the cryptographic operation to performuseEncPwd
- whether to use encryption key or boot password (see
USE_ENC_KEY and USE_ENC_PWD)java.sql.SQLException
private void crash(javax.sql.DataSource ds, int operation, boolean useEncPwd, java.lang.String debugFlag)
ds
- databaseoperation
- cryptographic operation to performuseEncPwd
- whether to use boot password or encryption keydebugFlag
- debug flag to enable to make the engine crashprivate void crashInRecovery(javax.sql.DataSource ds, boolean useEncPwd, java.lang.Boolean useNewCredential, java.lang.String debugFlag) throws java.sql.SQLException
ds
- databaseuseEncPwd
- whether to use boot password or encryption keyuseNewCredential
- tri-state telling whether to use the old, the
new, or no credential when booting the databasedebugFlag
- debug flag to enable to make the engine crashjava.sql.SQLException
private void recover(javax.sql.DataSource ds, boolean useEncKey, java.lang.Boolean useNewCredential) throws java.sql.SQLException
java.sql.SQLException
private void setDebugFlag(java.lang.String debugFlag)
private void clearDebugFlag(java.lang.String debugFlag)
private void verifyBootException(java.sql.SQLException sqle, java.lang.String debugFlag)
sqle
- the exception thrown whendebugFlag
- the debug flag that was set before bootingjunit.framework.AssertionFailedError
- if the boot failure is
deemed invalidprivate void createTable(java.sql.Connection con, java.lang.String tableName) throws java.sql.SQLException
con
- connection to the databasetableName
- name of the table to createjava.sql.SQLException
- if any database exception occurs.private void runConsistencyChecker(java.sql.Connection con, java.lang.String tableName) throws java.sql.SQLException
con
- connection to the databasetableName
- target tablejava.sql.SQLException
- if any database exception occursprivate void insert(java.sql.Connection con, java.lang.String tableName, int rowCount) throws java.sql.SQLException
con
- connection to the databasetableName
- target tablerowCount
- number of rows to insertjava.sql.SQLException
- if any database exception occursprivate int findMaxId(java.sql.Connection con, java.lang.String tableName) throws java.sql.SQLException
con
- connection to the database.tableName
- name of the tablejava.sql.SQLException
- if any database exception occurs.private void verifyContents(java.sql.Connection con, java.lang.String tableName) throws java.sql.SQLException
con
- connection to the databasetableName
- table to select fromjava.sql.SQLException
- if any database exception occursprivate java.sql.Connection createEncryptedDatabase(javax.sql.DataSource ds, boolean useEncPwd) throws java.sql.SQLException
ds
- databaseuseEncPwd
- whether to use boot password or encryption keyjava.sql.SQLException
private java.sql.Connection createDatabase(javax.sql.DataSource ds) throws java.sql.SQLException
ds
- databasejava.sql.SQLException
private java.sql.Connection reEncryptDatabase(javax.sql.DataSource ds, boolean useEncPwd) throws java.sql.SQLException
ds
- databaseuseEncPwd
- whether to use boot password or encryption keyjava.sql.SQLException
- if any database exception occursprivate java.sql.Connection encryptDatabase(javax.sql.DataSource ds, boolean useEncPwd) throws java.sql.SQLException
ds
- databaseuseEncPwd
- whether to use boot password or encryption keyjava.sql.SQLException
- if any database exception occurs.private java.sql.Connection decryptDatabase(javax.sql.DataSource ds, boolean useEncPwd) throws java.sql.SQLException
ds
- databaseuseEncPwd
- whether to use boot password or encryption keyjava.sql.SQLException
- if any database exception occursprivate java.sql.Connection bootDatabase(javax.sql.DataSource ds, boolean useEncPwd, java.lang.Boolean useNewCredential) throws java.sql.SQLException
ds
- databaseuseEncPwd
- whether to use boot password or encryption keyuseNewCredential
- tri-state telling whether to use the old, the
new, or no credential when booting the databasejava.sql.SQLException
- if any database exception occurs.private static java.lang.String db(javax.sql.DataSource ds)
Apache Derby V10.13 Internals - Copyright © 2004,2016 The Apache Software Foundation. All Rights Reserved.