MYFACES-3477 refactored
diff --git a/impl/src/main/java/org/apache/myfaces/application/viewstate/StateUtils.java b/impl/src/main/java/org/apache/myfaces/application/viewstate/StateUtils.java
index 91406fa..b40be1a 100644
--- a/impl/src/main/java/org/apache/myfaces/application/viewstate/StateUtils.java
+++ b/impl/src/main/java/org/apache/myfaces/application/viewstate/StateUtils.java
@@ -202,6 +202,43 @@
}
}
+ public static Cipher createCipher(ExternalContext externalContext, int mode) throws Exception
+ {
+ SecretKey secretKey = (SecretKey) getSecret(externalContext);
+ String algorithm = findAlgorithm(externalContext);
+ String algorithmParams = findAlgorithmParams(externalContext);
+ byte[] iv = findInitializationVector(externalContext);
+
+ Cipher cipher = Cipher.getInstance(algorithm + '/' + algorithmParams);
+ if (iv != null)
+ {
+ IvParameterSpec ivSpec = new IvParameterSpec(iv);
+ cipher.init(mode, secretKey, ivSpec);
+ }
+ else
+ {
+ cipher.init(mode, secretKey);
+ }
+
+ if (log.isLoggable(Level.FINE))
+ {
+ log.fine("de/encrypting with " + algorithm + '/' + algorithmParams);
+ }
+
+ return cipher;
+ }
+
+ public static Mac createMac(ExternalContext externalContext) throws Exception
+ {
+ SecretKey macSecretKey = (SecretKey) getMacSecret(externalContext);
+ String macAlgorithm = findMacAlgorithm(externalContext);
+
+ Mac mac = Mac.getInstance(macAlgorithm);
+ mac.init(macSecretKey);
+
+ return mac;
+ }
+
public static boolean enableCompression(ExternalContext externalContext)
{
Assert.notNull(externalContext, "externalContext");
@@ -280,35 +317,12 @@
Assert.notNull(externalContext, "externalContext");
testConfiguration(externalContext);
-
- SecretKey secretKey = (SecretKey) getSecret(externalContext);
- String algorithm = findAlgorithm(externalContext);
- String algorithmParams = findAlgorithmParams(externalContext);
- byte[] iv = findInitializationVector(externalContext);
-
- SecretKey macSecretKey = (SecretKey) getMacSecret(externalContext);
- String macAlgorithm = findMacAlgorithm(externalContext);
-
+
try
{
- // keep local to avoid threading issue
- Mac mac = Mac.getInstance(macAlgorithm);
- mac.init(macSecretKey);
- Cipher cipher = Cipher.getInstance(algorithm + '/' + algorithmParams);
- if (iv != null)
- {
- IvParameterSpec ivSpec = new IvParameterSpec(iv);
- cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivSpec);
- }
- else
- {
- cipher.init(Cipher.ENCRYPT_MODE, secretKey);
- }
- if (log.isLoggable(Level.FINE))
- {
- log.fine("encrypting w/ " + algorithm + '/' + algorithmParams);
- }
-
+ Mac mac = createMac(externalContext);
+ Cipher cipher = createCipher(externalContext, Cipher.ENCRYPT_MODE);
+
//EtM Composition Approach
int macLenght = mac.getMacLength();
byte[] secure = new byte[cipher.getOutputSize(insecure.length)+ macLenght];
@@ -428,34 +442,11 @@
Assert.notNull(externalContext, "externalContext");
testConfiguration(externalContext);
-
- SecretKey secretKey = (SecretKey) getSecret(externalContext);
- String algorithm = findAlgorithm(externalContext);
- String algorithmParams = findAlgorithmParams(externalContext);
- byte[] iv = findInitializationVector(externalContext);
-
- SecretKey macSecretKey = (SecretKey) getMacSecret(externalContext);
- String macAlgorithm = findMacAlgorithm(externalContext);
try
{
- // keep local to avoid threading issue
- Mac mac = Mac.getInstance(macAlgorithm);
- mac.init(macSecretKey);
- Cipher cipher = Cipher.getInstance(algorithm + '/' + algorithmParams);
- if (iv != null)
- {
- IvParameterSpec ivSpec = new IvParameterSpec(iv);
- cipher.init(Cipher.DECRYPT_MODE, secretKey, ivSpec);
- }
- else
- {
- cipher.init(Cipher.DECRYPT_MODE, secretKey);
- }
- if (log.isLoggable(Level.FINE))
- {
- log.fine("decrypting w/ " + algorithm + '/' + algorithmParams);
- }
+ Mac mac = createMac(externalContext);
+ Cipher cipher = createCipher(externalContext, Cipher.DECRYPT_MODE);
//EtM Composition Approach
int macLenght = mac.getMacLength();
diff --git a/impl/src/test/java/org/apache/myfaces/application/viewstate/SecretKeyConfigurationTest.java b/impl/src/test/java/org/apache/myfaces/application/viewstate/SecretKeyConfigurationTest.java
index 9490884..ac5d8a0 100644
--- a/impl/src/test/java/org/apache/myfaces/application/viewstate/SecretKeyConfigurationTest.java
+++ b/impl/src/test/java/org/apache/myfaces/application/viewstate/SecretKeyConfigurationTest.java
@@ -17,22 +17,17 @@
package org.apache.myfaces.application.viewstate;
-import org.apache.myfaces.application.viewstate.StateUtils;
import org.apache.myfaces.test.base.AbstractJsfTestCase;
+import org.junit.Test;
public class SecretKeyConfigurationTest extends AbstractJsfTestCase
{
-
public SecretKeyConfigurationTest(String name)
{
super(name);
}
-
- // No longer necessary using junit 4 to run tests
- //public static Test suite() {
- // return null; // keep this method or maven won't run it
- //}
-
+
+ @Override
public void setUp() throws Exception
{
super.setUp();
@@ -41,17 +36,19 @@
}
+ @Test
public void testMissingSecretKeyEncrypt(){
try{
StateUtils.encrypt("serialized objects".getBytes(), externalContext);
fail("An exception should be thrown if there" +
" is no SecretKey in application scope and cacheing is enabled ");
- }catch(NullPointerException e){
+ }catch(Exception e){
}
}
+ @Test
public void testNonSecretKeyEncrypt(){
servletContext.setAttribute(StateUtils.INIT_SECRET_KEY_CACHE, new Integer(8));
@@ -61,25 +58,31 @@
StateUtils.encrypt("serialized objects".getBytes(), externalContext);
fail("An exception should be thrown if there" +
" is no SecretKey in application scope and cacheing is enabled ");
- }catch(ClassCastException cce){
+ }catch(Exception cce){
}
}
+ @Test
public void testMissingSecretKeyDecrypt(){
boolean npeThrown = false;
try{
StateUtils.decrypt("serialized objects".getBytes(), externalContext);
- }catch(NullPointerException e){
- npeThrown = true;
+ }
+ catch(Exception e){
+ if (e.getCause() instanceof NullPointerException)
+ {
+ npeThrown = true;
+ }
}
assertTrue("An exception should be thrown if there" +
" is no SecretKey in application scope and cacheing is enabled ", npeThrown);
}
+ @Test
public void testNonSecretKeyDecrypt(){
servletContext.setAttribute(StateUtils.INIT_SECRET_KEY_CACHE, new Integer(8));
@@ -89,7 +92,7 @@
StateUtils.decrypt("serialized objects".getBytes(), externalContext);
fail("An exception should be thrown if there" +
" is no SecretKey in application scope and cacheing is enabled ");
- }catch(ClassCastException cce){
+ }catch(Exception cce){
}
}