Re: [jira] Updated: (DERBY-1373) Encrypted databases cannot be booted using the jar subprotocol (and possibly also using http/https/classpath)

Sun, 16 Jul 2006 14:58:54 -0700 

Sunitha Kambhampati (JIRA) wrote:

     [ http://issues.apache.org/jira/browse/DERBY-1373?page=all ]

Sunitha Kambhampati updated DERBY-1373:
---------------------------------------

    Attachment: derby1373.diff.txt
                derby1373.stat.txt

Mathias wrote:
"I had a look to the suggestion Suresh made.This is a change I do not have time to 
implement as it would mean revalidate all other cases which are currently working. "

So I followed up on Suresh's suggestion and am attaching a patch 
'derby1373.diff.txt' and 'derby1373.stat.txt' for review.

This patch makes the following changes:
1) Instead of using RandomAccessFile, the verifyKey.dat is read as a InputStream. 2) Add a new test (encryptionKey_jar.sql) for booting encrypted database using encryptionKey via classpath, and jar subprotocol. Please note, as already mentioned in an earlier comment - There are existing test (encryptionKey.sql) that test cases for encryptionKey. 

The test will fail without the code change, and will pass with  the code 
changes.

svn stat
M      java\engine\org\apache\derby\impl\services\jce\JCECipherFactory.java
M      
java\testing\org\apache\derbyTesting\functionTests\tests\store\copyfiles.ant
A      
java\testing\org\apache\derbyTesting\functionTests\tests\store\encryptionKey_jar.sql
A      
java\testing\org\apache\derbyTesting\functionTests\tests\store\encryptionKey_jar_app.properties
A      
java\testing\org\apache\derbyTesting\functionTests\master\encryptionKey_jar.out
M      
java\testing\org\apache\derbyTesting\functionTests\suites\encryptionAll.runall

I ran derbyall on ibm142 on linux ok. I made one small change to a comment in 
the test after that. I have run the test again and it passed ok.
Can someone please review this patch. 
Thanks to Mathias for finding the problem, reporting it, providing a fix and 
for the good discussion that followed on this issue.  If you have the time, it 
would be nice if you can verify if this works for you.


Hi,
I'm really sorry for not being more active on this issue lately, I've been kept busy by other (more urgent) stuff.
I'll try to test the provided patch on our setup, it should be rather simple to do. 

I'll keep you updated on the results.
Thank you very much for your work, and once again sorry for not helping out much. 

Regards,

Mathias.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to