ij> -- -- Licensed to the Apache Software Foundation (ASF) under one or more -- contributor license agreements. See the NOTICE file distributed with -- this work for additional information regarding copyright ownership. -- The ASF licenses this file to You under the Apache License, Version 2.0 -- (the "License"); you may not use this file except in compliance with -- the License. You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 -- -- Unless required by applicable law or agreed to in writing, software -- distributed under the License is distributed on an "AS IS" BASIS, -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -- See the License for the specific language governing permissions and -- limitations under the License. -- -- This script tests configuring an un-enctypted database for encryption and -- reencryption of an encrypted database with new enryption key/password. disconnect; ij> ---test configure the database for encrypion with encryption key. connect 'wombat_key;create=true'; ij> create table t1(a int ) ; 0 rows inserted/updated/deleted ij> insert into t1 values(1) ; 1 row inserted/updated/deleted ij> insert into t1 values(2) ; 1 row inserted/updated/deleted ij> insert into t1 values(3) ; 1 row inserted/updated/deleted ij> insert into t1 values(4) ; 1 row inserted/updated/deleted ij> insert into t1 values(5) ; 1 row inserted/updated/deleted ij> disconnect; ij> connect 'wombat_key;shutdown=true'; ERROR 08006: Database 'wombat_key' shutdown. ij> -- configure the database for encrypion with external encryption key. connect 'jdbc:derby:wombat_key;dataEncryption=true;encryptionKey=6162636465666768'; ij> select * from t1; A ----------- 1 2 3 4 5 ij> insert into t1 values(6); 1 row inserted/updated/deleted ij> insert into t1 values(7); 1 row inserted/updated/deleted ij> disconnect; ij> connect 'wombat_key;shutdown=true'; ERROR 08006: Database 'wombat_key' shutdown. ij> connect 'jdbc:derby:wombat_key;encryptionKey=6162636465666768'; ij> select * from t1 ; A ----------- 1 2 3 4 5 6 7 ij> disconnect; ij> connect 'wombat_key;shutdown=true'; ERROR 08006: Database 'wombat_key' shutdown. ij> --- reencrypt the database with a different encryption key connect 'jdbc:derby:wombat_key;encryptionKey=6162636465666768;newEncryptionKey=5666768616263646'; ij> select * from t1; A ----------- 1 2 3 4 5 6 7 ij> insert into t1 values(7); 1 row inserted/updated/deleted ij> insert into t1 values(8); 1 row inserted/updated/deleted ij> disconnect; ij> connect 'wombat_key;shutdown=true'; ERROR 08006: Database 'wombat_key' shutdown. ij> --- boot the database with the new encyrption key. connect 'jdbc:derby:wombat_key;encryptionKey=5666768616263646'; ij> select * from t1; A ----------- 1 2 3 4 5 6 7 7 8 ij> insert into t1 values(9); 1 row inserted/updated/deleted ij> insert into t1 values(10); 1 row inserted/updated/deleted ij> disconnect; ij> connect 'wombat_key;shutdown=true'; ERROR 08006: Database 'wombat_key' shutdown. ij> --- attempt to boot with the old encrytion key, it should fail. connect 'jdbc:derby:wombat_key;encryptionKey=6162636465666768'; ERROR XJ040: Failed to start database 'wombat_key' with class loader XXXX, see the next exception for details. ERROR XBCXK: The given encryption key does not match the encryption key used when creating the database. Please ensure that you are using the correct encryption key and try again. ij> -- test confugring the database for encrypion with a boot password. connect 'wombat_pwd;create=true'; ij> create table t2(a int ) ; 0 rows inserted/updated/deleted ij> insert into t2 values(1) ; 1 row inserted/updated/deleted ij> insert into t2 values(2) ; 1 row inserted/updated/deleted ij> insert into t2 values(3) ; 1 row inserted/updated/deleted ij> insert into t2 values(4) ; 1 row inserted/updated/deleted ij> insert into t2 values(5) ; 1 row inserted/updated/deleted ij> disconnect; ij> connect 'wombat_pwd;shutdown=true'; ERROR 08006: Database 'wombat_pwd' shutdown. ij> ---configure the database for encrypion with a boot password. connect 'jdbc:derby:wombat_pwd;dataEncryption=true;bootPassword=xyz1234abc'; ij> select * from t2; A ----------- 1 2 3 4 5 ij> insert into t2 values(6); 1 row inserted/updated/deleted ij> insert into t2 values(7); 1 row inserted/updated/deleted ij> disconnect; ij> connect 'wombat_pwd;shutdown=true'; ERROR 08006: Database 'wombat_pwd' shutdown. ij> connect 'jdbc:derby:wombat_pwd;bootPassword=xyz1234abc'; ij> select * from t2 ; A ----------- 1 2 3 4 5 6 7 ij> disconnect; ij> connect 'wombat_pwd;shutdown=true'; ERROR 08006: Database 'wombat_pwd' shutdown. ij> --- reconfigure the database with a different password. connect 'jdbc:derby:wombat_pwd;bootPassword=xyz1234abc;newBootPassword=new1234xyz'; ij> select * from t2 ; A ----------- 1 2 3 4 5 6 7 ij> insert into t2 values(8); 1 row inserted/updated/deleted ij> insert into t2 values(9); 1 row inserted/updated/deleted ij> insert into t2 values(10); 1 row inserted/updated/deleted ij> disconnect; ij> connect 'wombat_pwd;shutdown=true'; ERROR 08006: Database 'wombat_pwd' shutdown. ij> -- boot the database with the new password. connect 'jdbc:derby:wombat_pwd;bootPassword=new1234xyz'; ij> select * from t2 ; A ----------- 1 2 3 4 5 6 7 8 9 10 ij> disconnect; ij> connect 'wombat_pwd;shutdown=true'; ERROR 08006: Database 'wombat_pwd' shutdown. ij> -- attempt to boot the database with the old password, it should fail. connect 'jdbc:derby:wombat_pwd;bootPassword=xyz1234abc'; ERROR XJ040: Failed to start database 'wombat_pwd' with class loader XXXX, see the next exception for details. ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password. ij>