You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by ji...@apache.org on 2023/04/18 02:30:24 UTC

[shardingsphere] branch master updated: Improve properties verification of EncryptAlgorithm (#25009)

This is an automated email from the ASF dual-hosted git repository.

jianglongtao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git


The following commit(s) were added to refs/heads/master by this push:
     new baecde129b6 Improve properties verification of EncryptAlgorithm (#25009)
baecde129b6 is described below

commit baecde129b63b83b8014b1fec80927f91a49085b
Author: hazyrain <qi...@hotmail.com>
AuthorDate: Tue Apr 18 10:30:16 2023 +0800

    Improve properties verification of EncryptAlgorithm (#25009)
    
    * Improve properties verification of EncryptAlgorithm
    
    * Improve properties verification of EncryptAlgorithm
    
    * Improve properties verification of EncryptAlgorithm
    
    * fix PR issues
---
 .../encrypt/algorithm/encrypt/AESEncryptAlgorithm.java            | 7 +++++--
 .../encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java            | 6 +++---
 .../encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java        | 5 +++++
 .../encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java        | 8 +++++++-
 4 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithm.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithm.java
index 624f032d8cd..0ae4978161e 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithm.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithm.java
@@ -17,6 +17,7 @@
 
 package org.apache.shardingsphere.encrypt.algorithm.encrypt;
 
+import com.google.common.base.Strings;
 import lombok.SneakyThrows;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.shardingsphere.encrypt.spi.EncryptAlgorithm;
@@ -50,8 +51,10 @@ public final class AESEncryptAlgorithm implements EncryptAlgorithm<Object, Strin
     }
     
     private byte[] createSecretKey(final Properties props) {
-        ShardingSpherePreconditions.checkState(props.containsKey(AES_KEY), () -> new EncryptAlgorithmInitializationException("AES", String.format("%s can not be null", AES_KEY)));
-        return Arrays.copyOf(DigestUtils.sha1(props.getProperty(AES_KEY)), 16);
+        String aesKey = props.getProperty(AES_KEY);
+        ShardingSpherePreconditions.checkState(!Strings.isNullOrEmpty(aesKey),
+                () -> new EncryptAlgorithmInitializationException(getType(), String.format("%s can not be null or empty", AES_KEY)));
+        return Arrays.copyOf(DigestUtils.sha1(aesKey), 16);
     }
     
     @SneakyThrows(GeneralSecurityException.class)
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java
index 346f5016681..3e56cf4c367 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java
@@ -20,6 +20,7 @@ package org.apache.shardingsphere.encrypt.algorithm.encrypt;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.shardingsphere.encrypt.spi.EncryptAlgorithm;
 import org.apache.shardingsphere.encrypt.exception.algorithm.EncryptAlgorithmInitializationException;
+import org.apache.shardingsphere.infra.util.exception.ShardingSpherePreconditions;
 import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
 
 import java.nio.charset.StandardCharsets;
@@ -48,9 +49,8 @@ public final class RC4EncryptAlgorithm implements EncryptAlgorithm<Object, Strin
     }
     
     private void setKey(final byte[] key) {
-        if (!(key.length >= KEY_MIN_LENGTH && key.length < SBOX_LENGTH)) {
-            throw new EncryptAlgorithmInitializationException("RC4", "Key length has to be between " + KEY_MIN_LENGTH + " and " + (SBOX_LENGTH - 1));
-        }
+        ShardingSpherePreconditions.checkState(KEY_MIN_LENGTH <= key.length && SBOX_LENGTH > key.length,
+                () -> new EncryptAlgorithmInitializationException(getType(), "Key length has to be between " + KEY_MIN_LENGTH + " and " + (SBOX_LENGTH - 1)));
         this.key = key;
     }
     
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java
index 9fd479c8a53..655d667bd1f 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java
@@ -47,6 +47,11 @@ class AESEncryptAlgorithmTest {
         assertThrows(EncryptAlgorithmInitializationException.class, () -> TypedSPILoader.getService(EncryptAlgorithm.class, "AES"));
     }
     
+    @Test
+    void assertCreateNewInstanceWithEmptyAESKey() {
+        assertThrows(EncryptAlgorithmInitializationException.class, () -> encryptAlgorithm.init(PropertiesBuilder.build(new Property("aes-key-value", ""))));
+    }
+    
     @Test
     void assertEncrypt() {
         Object actual = encryptAlgorithm.encrypt("test", mock(EncryptContext.class));
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java
index 9d42597d707..a5c1b801ff8 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java
@@ -56,11 +56,17 @@ class RC4EncryptAlgorithmTest {
     }
     
     @Test
-    void assertKeyIsToLong() {
+    void assertKeyIsTooLong() {
         assertThrows(EncryptAlgorithmInitializationException.class,
                 () -> encryptAlgorithm.init(PropertiesBuilder.build(new Property("rc4-key-value", IntStream.range(0, 100).mapToObj(each -> "test").collect(Collectors.joining())))));
     }
     
+    @Test
+    void assertKeyIsTooShort() {
+        assertThrows(EncryptAlgorithmInitializationException.class,
+                () -> encryptAlgorithm.init(PropertiesBuilder.build(new Property("rc4-key-value", "test"))));
+    }
+    
     @Test
     void assertDecode() {
         assertThat(encryptAlgorithm.decrypt("4Tn7lQ==", mock(EncryptContext.class)).toString(), is("test"));