Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.derby.impl.store.raw.data
Class EncryptOrDecryptData

java.lang.Object
  extended by org.apache.derby.impl.store.raw.data.EncryptOrDecryptData
All Implemented Interfaces:
java.security.PrivilegedAction
public class EncryptOrDecryptData
extends java.lang.Object
implements java.security.PrivilegedAction

This class is used to encrypt all the containers in the data segment with a new encryption key when password/key is changed or when an existing database is reconfigured for encryption. Encryption of existing data in the data segments is done by doing the following: Find all the containers in data segment (seg0) and encrypt all of them with the new encryption key, the process for each container is: 1.Write a log record to indicate that the container is getting encrypted. 2.Read all the pages of the container through the page cache and encrypt each page with new encryption key and then write to a temporary file(n.dat) in the data segment itself. 3. Rename the current container file (c.dat) to another file (o.dat) 4. Rename the new encrypted version of the file (n.dat). 5. All the old version of the container (o.dat) files are removed after a successful checkpoint with a new key or on a rollback.

Field Summary
private  int actionCode
           
private  StorageFile actionDestStorageFile
           
private  StorageFile actionStorageFile
           
private  BaseDataFileFactory dataFactory
           
private static int STORAGE_FILE_DELETE_ACTION
           
private static int STORAGE_FILE_EXISTS_ACTION
           
private static int STORAGE_FILE_RENAME_ACTION
           
private  StorageFactory storageFactory
           
 
Constructor Summary
EncryptOrDecryptData(BaseDataFileFactory dataFactory)
           
 
Method Summary
 void decryptAllContainers(RawTransaction t)
          Finds all the all the containers stored in the data directory and decrypts them.
 void encryptAllContainers(RawTransaction t)
          Find all the all the containers stored in the data directory and encrypt them.
private  void encryptOrDecryptAllContainers(RawTransaction t, boolean doEncrypt)
          Encrypts or decrypts all containers in the database data directory.
private  void encryptOrDecryptContainer(RawTransaction t, ContainerKey ckey, boolean doEncrypt)
          Encrypts or decrypts the specified container.
private  StorageFile getFile(ContainerKey containerId, boolean old)
          Get file handle to a container file that is used to keep temporary versions of the container file.
private  StorageFile getFile(java.lang.String ctrFileName)
           
private  java.lang.String getFilePath(ContainerKey containerId, boolean old)
          Get path to a container file that is used to keep temporary versions of the container file.
private  boolean isOldContainerFile(java.lang.String fileName)
           
private  boolean privDelete(StorageFile file)
           
private  boolean privExists(StorageFile file)
           
private  boolean privRename(StorageFile fromFile, StorageFile destFile)
           
 void removeOldVersionOfContainers()
          Removes old versions of the containers after a cryptographic operation on the database.
(package private)  void restoreContainer(ContainerKey containerId)
           
 java.lang.Object run()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

dataFactory

private BaseDataFileFactory dataFactory

storageFactory

private StorageFactory storageFactory

STORAGE_FILE_EXISTS_ACTION

private static final int STORAGE_FILE_EXISTS_ACTION
See Also:
Constant Field Values

STORAGE_FILE_DELETE_ACTION

private static final int STORAGE_FILE_DELETE_ACTION
See Also:
Constant Field Values

STORAGE_FILE_RENAME_ACTION

private static final int STORAGE_FILE_RENAME_ACTION
See Also:
Constant Field Values

actionCode

private int actionCode

actionStorageFile

private StorageFile actionStorageFile

actionDestStorageFile

private StorageFile actionDestStorageFile
Constructor Detail

EncryptOrDecryptData

public EncryptOrDecryptData(BaseDataFileFactory dataFactory)
Method Detail

decryptAllContainers

public void decryptAllContainers(RawTransaction t)
                          throws StandardException
Finds all the all the containers stored in the data directory and decrypts them.

Parameters:
t - the transaction that is used for the decryption operation
Throws:
StandardException - Standard Derby error policy

encryptAllContainers

public void encryptAllContainers(RawTransaction t)
                          throws StandardException
Find all the all the containers stored in the data directory and encrypt them.

Parameters:
t - the transaction that is used for the encryption operation
Throws:
StandardException - Standard Derby error policy

encryptOrDecryptAllContainers

private void encryptOrDecryptAllContainers(RawTransaction t,
                                           boolean doEncrypt)
                                    throws StandardException
Encrypts or decrypts all containers in the database data directory.

Parameters:
t - transaction used for the cryptographic operation
doEncrypt - tells whether to encrypt or decrypt
Throws:
StandardException - Standard Derby error policy

encryptOrDecryptContainer

private void encryptOrDecryptContainer(RawTransaction t,
                                       ContainerKey ckey,
                                       boolean doEncrypt)
                                throws StandardException
Encrypts or decrypts the specified container.

Parameters:
t - transaction that used to perform the cryptographic operation
ckey - the key of the container that is being encrypted/decrypted
doEncrypt - tells whether to encrypt or decrypt
Throws:
StandardException - Standard Derby error policy

getFile

private StorageFile getFile(ContainerKey containerId,
                            boolean old)
Get file handle to a container file that is used to keep temporary versions of the container file.

getFilePath

private java.lang.String getFilePath(ContainerKey containerId,
                                     boolean old)
Get path to a container file that is used to keep temporary versions of the container file.

isOldContainerFile

private boolean isOldContainerFile(java.lang.String fileName)

getFile

private StorageFile getFile(java.lang.String ctrFileName)

restoreContainer

void restoreContainer(ContainerKey containerId)
                throws StandardException
Throws:
StandardException

removeOldVersionOfContainers

public void removeOldVersionOfContainers()
                                  throws StandardException
Removes old versions of the containers after a cryptographic operation on the database.

Throws:
StandardException

privExists

private boolean privExists(StorageFile file)

privDelete

private boolean privDelete(StorageFile file)

privRename

private boolean privRename(StorageFile fromFile,
                           StorageFile destFile)

run

public java.lang.Object run()
Specified by:
run in interface java.security.PrivilegedAction
Overview  Package   Class  Tree  Deprecated  Index  Help 
Built on Wed 2013-06-12 15:21:56+0000, from revision ???
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Apache Derby V10.10 Internals - Copyright © 2004,2013 The Apache Software Foundation. All Rights Reserved.