DERBY-4483: Provide a way to change the hash algorithm used by BUILTI…

…N authentication

Make fresh databases use the new authentication scheme with SHA-256 by default.


git-svn-id: https://svn.apache.org/repos/asf/db/derby/code/trunk@927368 13f79535-47bb-0310-9956-ffa450edef68

java/engine/org/apache/derby/iapi/reference/Property.java

@@ -718,6 +718,13 @@ release. New databases and existing databases (in Derby 10.2) still use legacy
     public static final String AUTHENTICATION_BUILTIN_ALGORITHM =
             "derby.authentication.builtin.algorithm";
 
+    /**
+     * Default value for derby.authentication.builtin.algorithm when creating
+     * a new database.
+     */
+    public static final String AUTHENTICATION_BUILTIN_ALGORITHM_DEFAULT =
+            "SHA-256";
+
 	/*
 	** Log
 	*/

java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java

@@ -761,6 +761,13 @@ public void boot(boolean create, Properties startParams)
 					bootingTC.setProperty(Property.SQL_AUTHORIZATION_PROPERTY,"true",true);
 					usesSqlAuthorization=true;
 				}
+
+                // Set default hash algorithm used to protect passwords stored
+                // in the database for BUILTIN authentication.
+                bootingTC.setProperty(
+                        Property.AUTHENTICATION_BUILTIN_ALGORITHM,
+                        Property.AUTHENTICATION_BUILTIN_ALGORITHM_DEFAULT,
+                        false);
 			} else {
 				// Get the ids for non-core tables
 				loadDictionaryTables(bootingTC, ddg, startParams);

java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/NSSecurityMechanismTest.java

@@ -1106,7 +1106,9 @@ private void assertDerby1080Fixed(String expectedValue)
      *
      * We want to test a combination of USRSSBPWD with BUILTIN as password
      * substitute is only supported with NONE or BUILTIN Derby authentication
-     * scheme right now (DERBY-528).
+     * scheme right now (DERBY-528). Also, it doesn't work if passwords are
+     * hashed with the configurable hash authentication scheme (DERBY-4483)
+     * before they are stored in the database, so we'll need to disable that.
      * 
      * @throws Exception if there an unexpected error
      */
@@ -1122,6 +1124,12 @@ private void assertUSRSSBPWD_with_BUILTIN(String[] expectedValues)
         CallableStatement cs = conn.prepareCall(
             "CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(?, ?)");
 
+        // First, disable the configurable hash authentication scheme so that
+        // passwords are stored using the old hash algorithm.
+        cs.setString(1, "derby.authentication.builtin.algorithm");
+        cs.setString(2, null);
+        cs.execute();
+
         cs.setString(1, "derby.user.neelima");
         cs.setString(2, "lee");
         cs.execute();

java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java

@@ -116,6 +116,9 @@ public static Test baseSuite(String name) {
         test = new AuthenticationTest("testSystemShutdown");
         setBaseProps(suite, test);
 
+        test = new AuthenticationTest("testDefaultHashAlgorithm");
+        setBaseProps(suite, test);
+
         // The test cases below test the configurable hash authentication
         // mechanism added in DERBY-4483. Set the property that specifies the
         // hash algorithm to some valid value for these tests. Not all tests
@@ -1097,6 +1100,15 @@ public void testSystemShutdown() throws SQLException
         openDefaultConnection("system", "admin").close(); // just so teardown works.
     }
 
+    /**
+     * DERBY-4483: Test that the database by default has the configurable
+     * hash authentication scheme enabled.
+     */
+    public void testDefaultHashAlgorithm() throws SQLException {
+        // SHA-256 should be the default hash algorithm now
+        assertEquals("SHA-256", getDatabaseProperty(BUILTIN_ALGO_PROP));
+    }
+
     /**
      * DERBY-4483: Test that setting the property
      * {@code derby.authentication.builtin.algorithm} changes which hash

java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_6.java

@@ -70,7 +70,10 @@ public class Changes10_6 extends UpgradeChange {
 
     private static final   String CREATE_TYPE_DDL = "create type fooType external name 'mypackage.foo' language java\n";
     private static final   String DROP_TYPE_DDL = "drop type fooType restrict\n";
-
+
+    private static final String HASH_ALGORITHM_PROPERTY =
+            "derby.authentication.builtin.algorithm";
+
     public Changes10_6(String name) {
         super(name);
     }
@@ -320,6 +323,18 @@ private int getMaximumWidth( Object typeDescriptor )
         return ((Integer) meth.invoke( typeDescriptor, null )).intValue();
     }
 
+    /**
+     * Verify that we don't enable the configurable hash authentication
+     * scheme when we upgrade a database. See DERBY-4483.
+     */
+    public void testBuiltinAuthenticationHashNotChangedOnUpgrade()
+            throws SQLException {
+        // We enable the configurable hash authentication scheme by setting
+        // a property, so check that it's NULL in all phases to verify that
+        // it's not enabled on upgrade.
+        assertNull(getDatabaseProperty(HASH_ALGORITHM_PROPERTY));
+    }
+
     /**
      * Make sure builtin authentication only uses the new configurable hash
      * scheme in hard-upgraded databases. See DERBY-4483.
@@ -418,7 +433,7 @@ private void setPasswords(CallableStatement cs) throws SQLException {
         for (int i = 0; i < USERS.length; i++) {
             // Use the specified algorithm, if possible. (Will be ignored if
             // the data dictionary doesn't support the new scheme.)
-            cs.setString(1, "derby.authentication.builtin.algorithm");
+            cs.setString(1, HASH_ALGORITHM_PROPERTY);
             cs.setString(2, USERS[i][2]);
             cs.execute();
             // Set the password.