You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by ji...@apache.org on 2023/04/18 02:30:24 UTC
[shardingsphere] branch master updated: Improve properties verification of EncryptAlgorithm (#25009)
This is an automated email from the ASF dual-hosted git repository.
jianglongtao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new baecde129b6 Improve properties verification of EncryptAlgorithm (#25009)
baecde129b6 is described below
commit baecde129b63b83b8014b1fec80927f91a49085b
Author: hazyrain <qi...@hotmail.com>
AuthorDate: Tue Apr 18 10:30:16 2023 +0800
Improve properties verification of EncryptAlgorithm (#25009)
* Improve properties verification of EncryptAlgorithm
* Improve properties verification of EncryptAlgorithm
* Improve properties verification of EncryptAlgorithm
* fix PR issues
---
.../encrypt/algorithm/encrypt/AESEncryptAlgorithm.java | 7 +++++--
.../encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java | 6 +++---
.../encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java | 5 +++++
.../encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java | 8 +++++++-
4 files changed, 20 insertions(+), 6 deletions(-)
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithm.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithm.java
index 624f032d8cd..0ae4978161e 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithm.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithm.java
@@ -17,6 +17,7 @@
package org.apache.shardingsphere.encrypt.algorithm.encrypt;
+import com.google.common.base.Strings;
import lombok.SneakyThrows;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.shardingsphere.encrypt.spi.EncryptAlgorithm;
@@ -50,8 +51,10 @@ public final class AESEncryptAlgorithm implements EncryptAlgorithm<Object, Strin
}
private byte[] createSecretKey(final Properties props) {
- ShardingSpherePreconditions.checkState(props.containsKey(AES_KEY), () -> new EncryptAlgorithmInitializationException("AES", String.format("%s can not be null", AES_KEY)));
- return Arrays.copyOf(DigestUtils.sha1(props.getProperty(AES_KEY)), 16);
+ String aesKey = props.getProperty(AES_KEY);
+ ShardingSpherePreconditions.checkState(!Strings.isNullOrEmpty(aesKey),
+ () -> new EncryptAlgorithmInitializationException(getType(), String.format("%s can not be null or empty", AES_KEY)));
+ return Arrays.copyOf(DigestUtils.sha1(aesKey), 16);
}
@SneakyThrows(GeneralSecurityException.class)
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java
index 346f5016681..3e56cf4c367 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithm.java
@@ -20,6 +20,7 @@ package org.apache.shardingsphere.encrypt.algorithm.encrypt;
import org.apache.commons.codec.binary.Base64;
import org.apache.shardingsphere.encrypt.spi.EncryptAlgorithm;
import org.apache.shardingsphere.encrypt.exception.algorithm.EncryptAlgorithmInitializationException;
+import org.apache.shardingsphere.infra.util.exception.ShardingSpherePreconditions;
import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
import java.nio.charset.StandardCharsets;
@@ -48,9 +49,8 @@ public final class RC4EncryptAlgorithm implements EncryptAlgorithm<Object, Strin
}
private void setKey(final byte[] key) {
- if (!(key.length >= KEY_MIN_LENGTH && key.length < SBOX_LENGTH)) {
- throw new EncryptAlgorithmInitializationException("RC4", "Key length has to be between " + KEY_MIN_LENGTH + " and " + (SBOX_LENGTH - 1));
- }
+ ShardingSpherePreconditions.checkState(KEY_MIN_LENGTH <= key.length && SBOX_LENGTH > key.length,
+ () -> new EncryptAlgorithmInitializationException(getType(), "Key length has to be between " + KEY_MIN_LENGTH + " and " + (SBOX_LENGTH - 1)));
this.key = key;
}
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java
index 9fd479c8a53..655d667bd1f 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/AESEncryptAlgorithmTest.java
@@ -47,6 +47,11 @@ class AESEncryptAlgorithmTest {
assertThrows(EncryptAlgorithmInitializationException.class, () -> TypedSPILoader.getService(EncryptAlgorithm.class, "AES"));
}
+ @Test
+ void assertCreateNewInstanceWithEmptyAESKey() {
+ assertThrows(EncryptAlgorithmInitializationException.class, () -> encryptAlgorithm.init(PropertiesBuilder.build(new Property("aes-key-value", ""))));
+ }
+
@Test
void assertEncrypt() {
Object actual = encryptAlgorithm.encrypt("test", mock(EncryptContext.class));
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java
index 9d42597d707..a5c1b801ff8 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/algorithm/encrypt/RC4EncryptAlgorithmTest.java
@@ -56,11 +56,17 @@ class RC4EncryptAlgorithmTest {
}
@Test
- void assertKeyIsToLong() {
+ void assertKeyIsTooLong() {
assertThrows(EncryptAlgorithmInitializationException.class,
() -> encryptAlgorithm.init(PropertiesBuilder.build(new Property("rc4-key-value", IntStream.range(0, 100).mapToObj(each -> "test").collect(Collectors.joining())))));
}
+ @Test
+ void assertKeyIsTooShort() {
+ assertThrows(EncryptAlgorithmInitializationException.class,
+ () -> encryptAlgorithm.init(PropertiesBuilder.build(new Property("rc4-key-value", "test"))));
+ }
+
@Test
void assertDecode() {
assertThat(encryptAlgorithm.decrypt("4Tn7lQ==", mock(EncryptContext.class)).toString(), is("test"));