You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by lu...@apache.org on 2010/06/06 04:07:43 UTC
svn commit: r951800 - in /myfaces:
core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/application/jsp/
core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/renderkit/html/
shared/trunk_3.0.x/core/src/main/java/org/apache/myfaces/shared/util...
Author: lu4242
Date: Sun Jun 6 02:07:42 2010
New Revision: 951800
URL: http://svn.apache.org/viewvc?rev=951800&view=rev
Log:
document web config params better and sync code
Added:
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsAES_CBCTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsBlowfish_ECBTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsDefaultTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsTripleDES_ECBTest.java
Modified:
myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/application/jsp/JspStateManagerImpl.java
myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/renderkit/html/HtmlResponseStateManager.java
myfaces/shared/trunk_3.0.x/core/src/main/java/org/apache/myfaces/shared/util/StateUtils.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/AbstractStateUtilsTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/InitVector_CBCTestCase.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyCacheTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyConfigurationTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsAES_CBCTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsBlowfish_ECBTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsDefaultTest.java
myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsTripleDES_ECBTest.java
Modified: myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/application/jsp/JspStateManagerImpl.java
URL: http://svn.apache.org/viewvc/myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/application/jsp/JspStateManagerImpl.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/application/jsp/JspStateManagerImpl.java (original)
+++ myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/application/jsp/JspStateManagerImpl.java Sun Jun 6 02:07:42 2010
@@ -236,7 +236,7 @@ public class JspStateManagerImpl
{
Integer serverStateId = getServerStateId((Object[]) responseStateManager.getState(facesContext, uiViewRoot.getViewId()));
- Object[] stateObj = (Object[]) getSerializedViewFromServletSession(facesContext, uiViewRoot.getViewId(), serverStateId);
+ Object[] stateObj = (Object[])( (serverStateId == null)? null : getSerializedViewFromServletSession(facesContext, uiViewRoot.getViewId(), serverStateId) );
if (stateObj == null)
{
log.error("No serialized view found in server session!");
@@ -310,7 +310,7 @@ public class JspStateManagerImpl
//reconstruct tree structure from ServletSession
Integer serverStateId = getServerStateId((Object[]) responseStateManager.getState(facesContext, viewId));
- Object[] stateObj = (Object[]) getSerializedViewFromServletSession(facesContext, viewId, serverStateId);
+ Object[] stateObj = (Object[])( (serverStateId == null)? null : getSerializedViewFromServletSession(facesContext, viewId, serverStateId) );
if (stateObj == null)
{
if (log.isDebugEnabled()) log.debug("Exiting restoreTreeStructure - No serialized view found in server session!");
@@ -354,7 +354,7 @@ public class JspStateManagerImpl
Integer serverStateId = getServerStateId((Object[]) responseStateManager.getState(facesContext, viewId));
- state = getSerializedViewFromServletSession(facesContext, viewId, serverStateId);
+ state = (serverStateId == null) ? null : getSerializedViewFromServletSession(facesContext, viewId, serverStateId);
}
UIViewRoot uiViewRoot = null;
Modified: myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/renderkit/html/HtmlResponseStateManager.java
URL: http://svn.apache.org/viewvc/myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/renderkit/html/HtmlResponseStateManager.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/renderkit/html/HtmlResponseStateManager.java (original)
+++ myfaces/core/branches/1.2.x/impl/src/main/java/org/apache/myfaces/renderkit/html/HtmlResponseStateManager.java Sun Jun 6 02:07:42 2010
@@ -187,6 +187,14 @@ public class HtmlResponseStateManager
Object[] savedState = (Object[]) StateUtils.reconstruct(
(String) encodedState, facesContext.getExternalContext());
+ if (savedState == null)
+ {
+ if (log.isTraceEnabled()) {
+ log.trace("No saved state");
+ }
+ return null;
+ }
+
String restoredViewId = (String) savedState[VIEWID_PARAM];
if (restoredViewId == null) {
Modified: myfaces/shared/trunk_3.0.x/core/src/main/java/org/apache/myfaces/shared/util/StateUtils.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/main/java/org/apache/myfaces/shared/util/StateUtils.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/main/java/org/apache/myfaces/shared/util/StateUtils.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/main/java/org/apache/myfaces/shared/util/StateUtils.java Sun Jun 6 02:07:42 2010
@@ -18,37 +18,41 @@
*/
package org.apache.myfaces.shared.util;
-import org.apache.myfaces.buildtools.maven2.plugin.builder.annotation.JSFWebConfigParam;
-import org.apache.myfaces.shared.util.serial.SerialFactory;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-import javax.faces.FacesException;
-import javax.faces.context.ExternalContext;
-import javax.servlet.ServletContext;
-
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
+import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
-import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.AccessController;
+import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Random;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import javax.faces.FacesException;
+import javax.faces.application.ViewExpiredException;
+import javax.faces.context.ExternalContext;
+import javax.servlet.ServletContext;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.myfaces.buildtools.maven2.plugin.builder.annotation.JSFWebConfigParam;
+import org.apache.myfaces.shared.util.serial.SerialFactory;
+
/**
- * <p>Handles encryption, serialization, compression and encoding.
- *
+ * <p>This Class exposes a handful of methods related to encryption,
+ * compression and serialization.</p>
+ *
* <ul>
* <li>ISO-8859-1 is the character set used.</li>
* <li>GZIP is used for all compression/decompression.</li>
@@ -56,6 +60,7 @@ import java.util.zip.GZIPOutputStream;
* <li>DES is the default encryption algorithm</li>
* <li>ECB is the default mode</li>
* <li>PKCS5Padding is the default padding</li>
+ * <li>HmacSHA1 is the default MAC algorithm</li>
* <li>The default algorithm can be overridden using the
* <i>org.apache.myfaces.ALGORITHM</i> parameter</li>
* <li>The default mode and padding can be overridden using the
@@ -63,6 +68,8 @@ import java.util.zip.GZIPOutputStream;
* <li>This class has not been tested with modes other than ECB and CBC</li>
* <li>An initialization vector can be specified via the
* <i>org.apache.myfaces.ALGORITHM.IV</i> parameter</li>
+ * <li>The default MAC algorithm can be overridden using the
+ * <i>org.apache.myfaces.MAC_ALGORITHM</i> parameter</li>
* </ul>
*
* <p>The secret is interpretted as base 64 encoded. In other
@@ -81,7 +88,6 @@ import java.util.zip.GZIPOutputStream;
* @author Dennis C. Byrne
* @see org.apache.myfaces.webapp.StartupServletContextListener
*/
-
public final class StateUtils {
private static final Log log = LogFactory.getLog(StateUtils.class);
@@ -93,34 +99,82 @@ public final class StateUtils {
public static final String INIT_PREFIX = "org.apache.myfaces.";
- @JSFWebConfigParam(name="org.apache.myfaces.USE_ENCRYPTION",since="1.1")
+ /**
+ * Indicate if the view state is encrypted or not. By default, encryption is enabled.
+ */
+ @JSFWebConfigParam(name="org.apache.myfaces.USE_ENCRYPTION",since="1.1",defaultValue="true",expectedValues="true,false")
public static final String USE_ENCRYPTION = INIT_PREFIX + "USE_ENCRYPTION";
/**
- * Used for encrypting view state. Only relevant for client side
- * state saving. See MyFaces wiki/web site documentation for instructions
- * on how to configure an application for different encryption strengths.
+ * Defines the secret (Base64 encoded) used to initialize the secret key
+ * for encryption algorithm. See MyFaces wiki/web site documentation
+ * for instructions on how to configure an application for
+ * different encryption strengths.
*/
@JSFWebConfigParam(name="org.apache.myfaces.SECRET",since="1.1")
public static final String INIT_SECRET = INIT_PREFIX + "SECRET";
- @JSFWebConfigParam(name="org.apache.myfaces.ALGORITHM",since="1.1")
+ /**
+ * Indicate the encryption algorithm used for encrypt the view state.
+ */
+ @JSFWebConfigParam(name="org.apache.myfaces.ALGORITHM",since="1.1",defaultValue="DES")
public static final String INIT_ALGORITHM = INIT_PREFIX + "ALGORITHM";
-
+
+ /**
+ * If is set to "false", the secret key used for encryption algorithm is not cached. This is used
+ * when the returned SecretKey for encryption algorithm is not thread safe.
+ */
@JSFWebConfigParam(name="org.apache.myfaces.SECRET.CACHE",since="1.1")
public static final String INIT_SECRET_KEY_CACHE = INIT_SECRET + ".CACHE";
+ /**
+ * Defines the initialization vector (Base64 encoded) used for the encryption algorithm
+ */
@JSFWebConfigParam(name="org.apache.myfaces.ALGORITHM.IV",since="1.1")
public static final String INIT_ALGORITHM_IV = INIT_ALGORITHM + ".IV";
- @JSFWebConfigParam(name="org.apache.myfaces.ALGORITHM.PARAMETERS",since="1.1")
+ /**
+ * Defines the default mode and padding used for the encryption algorithm
+ */
+ @JSFWebConfigParam(name="org.apache.myfaces.ALGORITHM.PARAMETERS",since="1.1",defaultValue="ECB/PKCS5Padding")
public static final String INIT_ALGORITHM_PARAM = INIT_ALGORITHM + ".PARAMETERS";
+ /**
+ * Defines the factory class name using for serialize/deserialize the view state returned
+ * by state manager into a byte array. The expected class must implement
+ * org.apache.myfaces.shared.util.serial.SerialFactory interface.
+ */
@JSFWebConfigParam(name="org.apache.myfaces.SERIAL_FACTORY", since="1.1")
public static final String SERIAL_FACTORY = INIT_PREFIX + "SERIAL_FACTORY";
- @JSFWebConfigParam(name="org.apache.myfaces.COMPRESS_STATE_IN_CLIENT",since="1.1")
- private static final String COMPRESS_STATE_IN_CLIENT = INIT_PREFIX + "COMPRESS_STATE_IN_CLIENT";
+ /**
+ * Indicate if the view state should be compressed before encrypted(optional) and encoded
+ */
+ @JSFWebConfigParam(name="org.apache.myfaces.COMPRESS_STATE_IN_CLIENT",since="1.1",defaultValue="false",expectedValues="true,false")
+ public static final String COMPRESS_STATE_IN_CLIENT = INIT_PREFIX + "COMPRESS_STATE_IN_CLIENT";
+
+ public static final String DEFAULT_MAC_ALGORITHM = "HmacSHA1";
+
+ /**
+ * Indicate the algorithm used to calculate the Message Authentication Code that is
+ * added to the view state.
+ */
+ @JSFWebConfigParam(name="org.apache.myfaces.MAC_ALGORITHM",defaultValue="HmacSHA1")
+ public static final String INIT_MAC_ALGORITHM = "org.apache.myfaces.MAC_ALGORITHM";
+
+ /**
+ * Define the initialization code that are used to initialize the secret key used
+ * on the Message Authentication Code algorithm
+ */
+ @JSFWebConfigParam(name="org.apache.myfaces.MAC_SECRET")
+ public static final String INIT_MAC_SECRET = "org.apache.myfaces.MAC_SECRET";
+
+ /**
+ * If is set to "false", the secret key used for MAC algorithm is not cached. This is used
+ * when the returned SecretKey for mac algorithm is not thread safe.
+ */
+ @JSFWebConfigParam(name="org.apache.myfaces.MAC_SECRET.CACHE")
+ public static final String INIT_MAC_SECRET_KEY_CACHE = "org.apache.myfaces.MAC_SECRET.CACHE";
/** Utility class, do not instatiate */
private StateUtils()
@@ -131,8 +185,18 @@ public final class StateUtils {
private static void testConfiguration(ExternalContext ctx){
String algorithmParams = ctx.getInitParameter(INIT_ALGORITHM_PARAM);
+
+ if (algorithmParams == null)
+ {
+ algorithmParams = ctx.getInitParameter(INIT_ALGORITHM_PARAM.toLowerCase());
+ }
String iv = ctx.getInitParameter(INIT_ALGORITHM_IV);
+ if (iv == null)
+ {
+ iv = ctx.getInitParameter(INIT_ALGORITHM_IV.toLowerCase());
+ }
+
if (algorithmParams != null && algorithmParams.startsWith("CBC") )
{
if(iv == null)
@@ -141,7 +205,7 @@ public final class StateUtils {
" but no initialization vector has been set " +
" with " + INIT_ALGORITHM_IV);
}
-
+
}
public static boolean enableCompression(ExternalContext ctx)
@@ -220,7 +284,53 @@ public final class StateUtils {
public static byte[] encrypt(byte[] insecure, ExternalContext ctx)
{
- return symmetric(insecure, ctx, Cipher.ENCRYPT_MODE);
+
+ if (ctx == null)
+ throw new NullPointerException("ExternalContext ctx");
+
+ testConfiguration(ctx);
+
+ SecretKey secretKey = (SecretKey) getSecret(ctx);
+ String algorithm = findAlgorithm(ctx);
+ String algorithmParams = findAlgorithmParams(ctx);
+ byte[] iv = findInitializationVector(ctx);
+
+ SecretKey macSecretKey = (SecretKey) getMacSecret(ctx);
+ String macAlgorithm = findMacAlgorithm(ctx);
+
+ try
+ {
+ // keep local to avoid threading issue
+ Mac mac = Mac.getInstance(macAlgorithm);
+ mac.init(macSecretKey);
+ Cipher cipher = Cipher.getInstance(algorithm + "/" + algorithmParams);
+ if (iv != null)
+ {
+ IvParameterSpec ivSpec = new IvParameterSpec(iv);
+ cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivSpec);
+ }
+ else
+ {
+ cipher.init(Cipher.ENCRYPT_MODE, secretKey);
+ }
+ if (log.isDebugEnabled())
+ {
+ log.debug("encrypting w/ " + algorithm + "/" + algorithmParams);
+ }
+
+ //EtM Composition Approach
+ int macLenght = mac.getMacLength();
+ byte[] secure = new byte[cipher.getOutputSize(insecure.length)+ macLenght];
+ int secureCount = cipher.doFinal(insecure,0,insecure.length,secure);
+ mac.update(secure, 0, secureCount);
+ mac.doFinal(secure, secureCount);
+
+ return secure;
+ }
+ catch (Exception e)
+ {
+ throw new FacesException(e);
+ }
}
public static final byte[] compress(byte[] bytes)
@@ -252,11 +362,14 @@ public final class StateUtils {
/**
* This fires during the Restore View phase, restoring state.
*/
-
- public static final Object reconstruct(String string, ExternalContext ctx){
+ public static final Object reconstruct(String string, ExternalContext ctx)
+ {
byte[] bytes;
try
{
+ if(log.isDebugEnabled())
+ log.debug("Processing state : "+string);
+
bytes = string.getBytes(ZIP_CHARSET);
bytes = decode(bytes);
if(isSecure(ctx))
@@ -265,9 +378,13 @@ public final class StateUtils {
bytes = decompress(bytes);
return getAsObject(bytes, ctx);
}
- catch (UnsupportedEncodingException e)
+ catch (Throwable e)
{
- throw new FacesException(e);
+ if (log.isErrorEnabled())
+ {
+ log.error("View State cannot be reconstructed", e);
+ }
+ return null;
}
}
@@ -311,7 +428,65 @@ public final class StateUtils {
public static byte[] decrypt(byte[] secure, ExternalContext ctx)
{
- return symmetric(secure, ctx, Cipher.DECRYPT_MODE);
+ if (ctx == null)
+ throw new NullPointerException("ExternalContext ctx");
+
+ testConfiguration(ctx);
+
+ SecretKey secretKey = (SecretKey) getSecret(ctx);
+ String algorithm = findAlgorithm(ctx);
+ String algorithmParams = findAlgorithmParams(ctx);
+ byte[] iv = findInitializationVector(ctx);
+
+ SecretKey macSecretKey = (SecretKey) getMacSecret(ctx);
+ String macAlgorithm = findMacAlgorithm(ctx);
+
+ try
+ {
+ // keep local to avoid threading issue
+ Mac mac = Mac.getInstance(macAlgorithm);
+ mac.init(macSecretKey);
+ Cipher cipher = Cipher.getInstance(algorithm + "/"
+ + algorithmParams);
+ if (iv != null)
+ {
+ IvParameterSpec ivSpec = new IvParameterSpec(iv);
+ cipher.init(Cipher.DECRYPT_MODE, secretKey, ivSpec);
+ }
+ else
+ {
+ cipher.init(Cipher.DECRYPT_MODE, secretKey);
+ }
+ if (log.isDebugEnabled())
+ {
+ log.debug("decrypting w/ " + algorithm + "/" + algorithmParams);
+ }
+
+ //EtM Composition Approach
+ int macLenght = mac.getMacLength();
+ mac.update(secure, 0, secure.length-macLenght);
+ byte[] signedDigestHash = mac.doFinal();
+
+ boolean isMacEqual = true;
+ for (int i = 0; i < signedDigestHash.length; i++)
+ {
+ if (signedDigestHash[i] != secure[secure.length-macLenght+i])
+ {
+ isMacEqual = false;
+ break;
+ }
+ }
+ if (!isMacEqual)
+ {
+ throw new ViewExpiredException();
+ }
+
+ return cipher.doFinal(secure, 0, secure.length-macLenght);
+ }
+ catch (Exception e)
+ {
+ throw new FacesException(e);
+ }
}
/**
@@ -430,96 +605,27 @@ public final class StateUtils {
}
/**
- * Utility method for generating base 63 encoded strings.
+ * Utility method for generating base 64 encoded strings.
*
* @param args
* @throws UnsupportedEncodingException
*/
-
public static void main (String[] args) throws UnsupportedEncodingException
{
byte[] bytes = encode(args[0].getBytes(ZIP_CHARSET));
System.out.println(new String(bytes, ZIP_CHARSET));
}
-
- private static byte[] symmetric(byte[] data, SecretKey secretKey,
- String algorithm, String algorithmParams, byte[] iv, int mode){
-
- try
- {
- // keep local to avoid threading issue
- Cipher cipher = Cipher.getInstance(algorithm + "/"
- + algorithmParams);
- if (iv != null)
- {
- IvParameterSpec ivSpec = new IvParameterSpec(iv);
- cipher.init(mode, secretKey, ivSpec);
- }
- else
- {
- cipher.init(mode, secretKey);
- }
-
- if (log.isDebugEnabled())
- {
-
- String action = mode == Cipher.ENCRYPT_MODE ? "encrypting"
- : "decrypting";
-
- log.debug(action + " w/ " + algorithm + "/" + algorithmParams);
- }
-
- return cipher.doFinal(data);
- }
- catch (Exception e)
- {
- throw new FacesException(e);
- }
-
- }
-
- /**
- * Pulls configuration data from the context and performs symmetric encryption
- * or decryption. If a SecretKey is not located in an application scope level
- * cache, it is created.
- *
- * @param data
- * @param ctx
- * @param mode
- * @return
- */
-
- private static byte[] symmetric(byte[] data, ExternalContext ctx, int mode)
- {
-
- if (ctx == null)
- throw new NullPointerException("ExternalContext ctx");
-
- testConfiguration(ctx);
-
- String _algorithm = findAlgorithm(ctx);
- String _algorithmParams = findAlgorithmParams(ctx);
- byte[] iv = findInitializationVector(ctx);
-
- Object object = ctx.getApplicationMap().get(INIT_SECRET_KEY_CACHE);
-
- if( object == null )
- throw new NullPointerException("Could not find SecretKey in application scope using key '"
- + INIT_SECRET_KEY_CACHE + "'");
-
- if( ! ( object instanceof SecretKey ) )
- throw new ClassCastException("Did not find an instance of SecretKey "
- + "in application scope using the key '" + INIT_SECRET_KEY_CACHE + "'");
-
- return symmetric(data, (SecretKey)object, _algorithm, _algorithmParams, iv, mode);
-
- }
private static byte[] findInitializationVector(ExternalContext ctx) {
byte[] iv = null;
String _iv = ctx.getInitParameter(INIT_ALGORITHM_IV);
+ if(_iv == null)
+ {
+ _iv = ctx.getInitParameter(INIT_ALGORITHM_IV.toLowerCase());
+ }
+
if (_iv != null)
iv = new Base64().decode(_iv.getBytes());
@@ -532,6 +638,11 @@ public final class StateUtils {
if (algorithmParams == null)
{
+ algorithmParams = ctx.getInitParameter(INIT_ALGORITHM_PARAM.toLowerCase());
+ }
+
+ if (algorithmParams == null)
+ {
algorithmParams = DEFAULT_ALGORITHM_PARAMS;
}
@@ -545,14 +656,26 @@ public final class StateUtils {
private static String findAlgorithm(ExternalContext ctx) {
- return findAlgorithm( ctx.getInitParameter(INIT_ALGORITHM) );
+ String algorithm = ctx.getInitParameter(INIT_ALGORITHM);
+
+ if (algorithm == null)
+ {
+ algorithm = ctx.getInitParameter(INIT_ALGORITHM.toLowerCase());
+ }
+ return findAlgorithm( algorithm );
}
private static String findAlgorithm(ServletContext ctx) {
+
+ String algorithm = ctx.getInitParameter(INIT_ALGORITHM);
- return findAlgorithm( ctx.getInitParameter(INIT_ALGORITHM) );
-
+ if (algorithm == null)
+ {
+ algorithm = ctx.getInitParameter(INIT_ALGORITHM.toLowerCase());
+ }
+
+ return findAlgorithm( algorithm );
}
private static String findAlgorithm(String initParam) {
@@ -588,31 +711,285 @@ public final class StateUtils {
if (log.isDebugEnabled())
log.debug("Storing SecretKey @ " + INIT_SECRET_KEY_CACHE);
+
+ // Create and store SecretKey on application scope
+ String cache = ctx.getInitParameter(INIT_SECRET_KEY_CACHE);
- // you want to create this as few times as possible
- ctx.setAttribute(INIT_SECRET_KEY_CACHE, new SecretKeySpec(findSecret(ctx), findAlgorithm(ctx)));
+ if(cache == null)
+ {
+ cache = ctx.getInitParameter(INIT_SECRET_KEY_CACHE.toLowerCase());
+ }
+ if (!"false".equals(cache))
+ {
+ String algorithm = findAlgorithm(ctx);
+ // you want to create this as few times as possible
+ ctx.setAttribute(INIT_SECRET_KEY_CACHE, new SecretKeySpec(findSecret(ctx, algorithm), algorithm));
+ }
+
+ if (log.isDebugEnabled())
+ log.debug("Storing SecretKey @ " + INIT_MAC_SECRET_KEY_CACHE);
+
+ String macCache = ctx.getInitParameter(INIT_MAC_SECRET_KEY_CACHE);
+
+ if(macCache == null)
+ {
+ macCache = ctx.getInitParameter(INIT_MAC_SECRET_KEY_CACHE.toLowerCase());
+ }
+
+ if (!"false".equals(macCache))
+ {
+ String macAlgorithm = findMacAlgorithm(ctx);
+ // init mac secret and algorithm
+ ctx.setAttribute(INIT_MAC_SECRET_KEY_CACHE, new SecretKeySpec(findMacSecret(ctx, macAlgorithm), macAlgorithm));
+ }
}
+
+ private static SecretKey getSecret(ExternalContext ctx)
+ {
+ Object secretKey = (SecretKey) ctx.getApplicationMap().get(INIT_SECRET_KEY_CACHE);
+
+ if (secretKey == null)
+ {
+ String cache = ctx.getInitParameter(INIT_SECRET_KEY_CACHE);
+
+ if(cache == null)
+ {
+ cache = ctx.getInitParameter(INIT_SECRET_KEY_CACHE.toLowerCase());
+ }
+
+ if ("false".equals(cache))
+ {
+ // No cache is used. This option is activated
+ String secret = ctx.getInitParameter(INIT_SECRET);
+
+ if (secret == null)
+ {
+ secret = ctx.getInitParameter(INIT_SECRET.toLowerCase());
+ }
- private static byte[] findSecret(ServletContext ctx) {
- String _secret = ctx.getInitParameter(INIT_SECRET);
+ if (secret == null)
+ {
+ throw new NullPointerException("Could not find secret using key '" + INIT_SECRET + "'");
+ }
+
+ String algorithm = findAlgorithm(ctx);
+
+ secretKey = new SecretKeySpec(findSecret(ctx, algorithm), algorithm);
+ }
+ else
+ {
+ throw new NullPointerException("Could not find SecretKey in application scope using key '"
+ + INIT_SECRET_KEY_CACHE + "'");
+ }
+ }
+
+ if( ! ( secretKey instanceof SecretKey ) )
+ throw new ClassCastException("Did not find an instance of SecretKey "
+ + "in application scope using the key '" + INIT_SECRET_KEY_CACHE + "'");
+
+
+ return (SecretKey) secretKey;
+ }
+
+ private static byte[] findSecret(ExternalContext ctx, String algorithm)
+ {
+ String secret = ctx.getInitParameter(INIT_SECRET);
+
+ if (secret == null)
+ {
+ secret = ctx.getInitParameter(INIT_SECRET.toLowerCase());
+ }
+
+ return findSecret(secret, algorithm);
+ }
+
+ private static byte[] findSecret(ServletContext ctx, String algorithm)
+ {
+ String secret = ctx.getInitParameter(INIT_SECRET);
+
+ if (secret == null)
+ {
+ secret = ctx.getInitParameter(INIT_SECRET.toLowerCase());
+ }
+
+ return findSecret(secret, algorithm);
+ }
+
+ private static byte[] findSecret(String secret, String algorithm) {
byte[] bytes = null;
- if(_secret == null)
+ if(secret == null)
{
- int length = 8;
- bytes = new byte[length];
- new Random().nextBytes(bytes);
-
- if(log.isDebugEnabled())
- log.debug("generated random password of length " + length);
+ try
+ {
+ KeyGenerator kg = KeyGenerator.getInstance(algorithm);
+ bytes = kg.generateKey().getEncoded();
+
+ if(log.isDebugEnabled())
+ log.debug("generated random password of length " + bytes.length);
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ // Generate random password length 8,
+ int length = 8;
+ bytes = new byte[length];
+ new Random().nextBytes(bytes);
+
+ if(log.isDebugEnabled())
+ log.debug("generated random password of length " + length);
+ }
}
else
{
- bytes = new Base64().decode(_secret.getBytes());
+ bytes = new Base64().decode(secret.getBytes());
}
return bytes;
}
+ private static String findMacAlgorithm(ExternalContext ctx) {
+
+ String algorithm = ctx.getInitParameter(INIT_MAC_ALGORITHM);
+
+ if (algorithm == null)
+ {
+ algorithm = ctx.getInitParameter(INIT_MAC_ALGORITHM.toLowerCase());
+ }
+
+ return findMacAlgorithm( algorithm );
+
+ }
+
+ private static String findMacAlgorithm(ServletContext ctx) {
+
+ String algorithm = ctx.getInitParameter(INIT_MAC_ALGORITHM);
+
+ if (algorithm == null)
+ {
+ algorithm = ctx.getInitParameter(INIT_MAC_ALGORITHM.toLowerCase());
+ }
+
+ return findMacAlgorithm( algorithm );
+
+ }
+
+ private static String findMacAlgorithm(String initParam) {
+
+ if (initParam == null)
+ {
+ initParam = DEFAULT_MAC_ALGORITHM;
+ }
+
+ if (log.isDebugEnabled())
+ {
+ log.debug("Using algorithm " + initParam);
+ }
+
+ return initParam;
+
+ }
+
+ private static SecretKey getMacSecret(ExternalContext ctx)
+ {
+ Object secretKey = (SecretKey) ctx.getApplicationMap().get(INIT_MAC_SECRET_KEY_CACHE);
+
+ if (secretKey == null)
+ {
+ String cache = ctx.getInitParameter(INIT_MAC_SECRET_KEY_CACHE);
+
+ if(cache == null)
+ {
+ cache = ctx.getInitParameter(INIT_MAC_SECRET_KEY_CACHE.toLowerCase());
+ }
+
+ if ("false".equals(cache))
+ {
+ // No cache is used. This option is activated
+ String secret = ctx.getInitParameter(INIT_MAC_SECRET);
+
+ if (secret == null)
+ {
+ secret = ctx.getInitParameter(INIT_MAC_SECRET.toLowerCase());
+ }
+
+ if (secret == null)
+ {
+ throw new NullPointerException("Could not find secret using key '" + INIT_MAC_SECRET + "'");
+ }
+
+ String macAlgorithm = findMacAlgorithm(ctx);
+
+ secretKey = new SecretKeySpec(findMacSecret(ctx, macAlgorithm), macAlgorithm);
+ }
+ else
+ {
+ throw new NullPointerException("Could not find SecretKey in application scope using key '"
+ + INIT_MAC_SECRET_KEY_CACHE + "'");
+ }
+ }
+
+ if( ! ( secretKey instanceof SecretKey ) )
+ throw new ClassCastException("Did not find an instance of SecretKey "
+ + "in application scope using the key '" + INIT_MAC_SECRET_KEY_CACHE + "'");
+
+
+ return (SecretKey) secretKey;
+ }
+
+ private static byte[] findMacSecret(ExternalContext ctx, String algorithm)
+ {
+ String secret = ctx.getInitParameter(INIT_MAC_SECRET);
+
+ if (secret == null)
+ {
+ secret = ctx.getInitParameter(INIT_MAC_SECRET.toLowerCase());
+ }
+
+ return findMacSecret(secret, algorithm);
+ }
+
+ private static byte[] findMacSecret(ServletContext ctx, String algorithm)
+ {
+ String secret = ctx.getInitParameter(INIT_MAC_SECRET);
+
+ if (secret == null)
+ {
+ secret = ctx.getInitParameter(INIT_MAC_SECRET.toLowerCase());
+ }
+
+ return findMacSecret(secret, algorithm);
+ }
+
+ private static byte[] findMacSecret(String secret, String algorithm) {
+ byte[] bytes = null;
+
+ if(secret == null)
+ {
+ try
+ {
+ KeyGenerator kg = KeyGenerator.getInstance(algorithm);
+ bytes = kg.generateKey().getEncoded();
+
+ if(log.isDebugEnabled())
+ log.debug("generated random mac password of length " + bytes.length);
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ // Generate random password length 8,
+ int length = 8;
+ bytes = new byte[length];
+ new Random().nextBytes(bytes);
+
+ if(log.isDebugEnabled())
+ log.debug("generated random mac password of length " + length);
+ }
+ }
+ else
+ {
+ bytes = new Base64().decode(secret.getBytes());
+ }
+
+ return bytes;
+ }
}
Modified: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/AbstractStateUtilsTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/AbstractStateUtilsTest.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/AbstractStateUtilsTest.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/AbstractStateUtilsTest.java Sun Jun 6 02:07:42 2010
@@ -166,7 +166,8 @@ public abstract class AbstractStateUtils
{
byte[] sensitiveBytes = sensitiveString.getBytes();
byte[] secure = StateUtils.encrypt(sensitiveBytes, externalContext);
- secure[3] = (byte) 1;
+
+ secure[secure.length-5] = (byte) 1;
try
{
byte[] insecure = StateUtils.decrypt(secure, externalContext);
Added: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsAES_CBCTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsAES_CBCTest.java?rev=951800&view=auto
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsAES_CBCTest.java (added)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsAES_CBCTest.java Sun Jun 6 02:07:42 2010
@@ -0,0 +1,63 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.myfaces.shared.util;
+
+import junit.framework.Test;
+
+/**
+ * <p>This TestCase uses the Advanced Encryption Standard with
+ * Cipher Block Chaining mode and PKCS5 padding.</p>
+ * <p/>
+ * <p/>
+ * If you are getting a SecurityException complaining about keysize,
+ * you most likely need to get the unlimited strength jurisdiction
+ * policy files from a place like http://java.sun.com/j2se/1.4.2/download.html .
+ * </p>
+ *
+ * @see pom.xml <excludes>
+ * @author Dennis C. Byrne
+ */
+
+public class CachedStateUtilsAES_CBCTest extends AbstractStateUtilsTest
+{
+
+ public CachedStateUtilsAES_CBCTest(String name)
+ {
+ super(name);
+ }
+
+ public static Test suite() {
+ return null; // keep this method or maven won't run it
+ }
+
+ public void setUp() throws Exception
+ {
+ super.setUp();
+
+ servletContext.addInitParameter(StateUtils.INIT_SECRET, BASE64_KEY_SIZE_24);
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, "AES");
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, "CBC/PKCS5Padding");
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_IV, BASE64_KEY_SIZE_16);
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, BASE64_KEY_SIZE_8);
+ StateUtils.initSecret(servletContext);
+ }
+
+}
Added: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsBlowfish_ECBTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsBlowfish_ECBTest.java?rev=951800&view=auto
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsBlowfish_ECBTest.java (added)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsBlowfish_ECBTest.java Sun Jun 6 02:07:42 2010
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.myfaces.shared.util;
+
+import junit.framework.Test;
+
+/**
+ * @author Dennis C. Byrne
+ */
+
+public class CachedStateUtilsBlowfish_ECBTest extends AbstractStateUtilsTest
+{
+
+ public CachedStateUtilsBlowfish_ECBTest(String name)
+ {
+ super(name);
+ }
+
+ public static Test suite() {
+ return null; // keep this method or maven won't run it
+ }
+
+ public void setUp() throws Exception
+ {
+ super.setUp();
+
+ servletContext.addInitParameter(StateUtils.INIT_SECRET, BASE64_KEY_SIZE_16);
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, "Blowfish");
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, "ECB/PKCS5Padding");
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, BASE64_KEY_SIZE_8);
+ StateUtils.initSecret(servletContext);
+
+ }
+
+}
Added: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsDefaultTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsDefaultTest.java?rev=951800&view=auto
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsDefaultTest.java (added)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsDefaultTest.java Sun Jun 6 02:07:42 2010
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.myfaces.shared.util;
+
+import junit.framework.Test;
+
+/**
+ * @author Dennis C. Byrne
+ */
+
+public class CachedStateUtilsDefaultTest extends AbstractStateUtilsTest
+{
+
+ public CachedStateUtilsDefaultTest(String name)
+ {
+ super(name);
+ }
+
+ public static Test suite() {
+ return null; // keep this method or maven won't run it
+ }
+
+ public void setUp() throws Exception
+ {
+ super.setUp();
+
+ servletContext.addInitParameter(StateUtils.INIT_SECRET, BASE64_KEY_SIZE_8);
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, StateUtils.DEFAULT_ALGORITHM);
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, StateUtils.DEFAULT_ALGORITHM_PARAMS);
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, BASE64_KEY_SIZE_8);
+ StateUtils.initSecret(servletContext);
+
+ }
+
+}
Added: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsTripleDES_ECBTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsTripleDES_ECBTest.java?rev=951800&view=auto
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsTripleDES_ECBTest.java (added)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/CachedStateUtilsTripleDES_ECBTest.java Sun Jun 6 02:07:42 2010
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.myfaces.shared.util;
+
+import junit.framework.Test;
+
+/**
+ * @author Dennis C. Byrne
+ */
+
+public class CachedStateUtilsTripleDES_ECBTest extends AbstractStateUtilsTest
+{
+
+ public CachedStateUtilsTripleDES_ECBTest(String name)
+ {
+ super(name);
+ }
+
+ public static Test suite() {
+ return null; // keep this method or maven won't run it
+ }
+
+ public void setUp() throws Exception
+ {
+ super.setUp();
+
+ servletContext.addInitParameter(StateUtils.INIT_SECRET, BASE64_KEY_SIZE_24);
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, "DESede");
+ servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, "ECB/PKCS5Padding");
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, BASE64_KEY_SIZE_8);
+ StateUtils.initSecret(servletContext);
+
+ }
+}
Modified: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/InitVector_CBCTestCase.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/InitVector_CBCTestCase.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/InitVector_CBCTestCase.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/InitVector_CBCTestCase.java Sun Jun 6 02:07:42 2010
@@ -44,6 +44,7 @@ public class InitVector_CBCTestCase exte
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, "shouldn't matter either");
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, "CBC/PKCS5Padding");
servletContext.addInitParameter(StateUtils.INIT_SECRET_KEY_CACHE, "false");
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, "shouldn't matter");
// DO NOT UNCOMMENT THIS ! we are simulating a bad conf
//servletContext.addInitParameter(org.apache.myfaces.shared.util.StateUtils.INIT_ALGORITHM_IV, BASE64_KEY_SIZE_16);
Modified: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyCacheTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyCacheTest.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyCacheTest.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyCacheTest.java Sun Jun 6 02:07:42 2010
@@ -44,7 +44,7 @@ public class SecretKeyCacheTest extends
servletContext.addInitParameter(StateUtils.INIT_SECRET,
AbstractStateUtilsTest.BASE64_KEY_SIZE_8);
-
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, AbstractStateUtilsTest.BASE64_KEY_SIZE_8);
}
public void testDefaultAlgorithmUse(){
@@ -59,6 +59,18 @@ public class SecretKeyCacheTest extends
}
+ public void testInitFacesWithoutCache(){
+
+ servletContext.addInitParameter(StateUtils.INIT_SECRET_KEY_CACHE, "false");
+
+ StateUtils.initSecret(servletContext);
+
+ Object object = servletContext.getAttribute(StateUtils.INIT_SECRET_KEY_CACHE);
+
+ assertNull("Making sure StateUtils.initSecret does not create a SecretKey", object);
+
+ }
+
public void testInitFacesWithCache(){
StateUtils.initSecret(servletContext);
Modified: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyConfigurationTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyConfigurationTest.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyConfigurationTest.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/SecretKeyConfigurationTest.java Sun Jun 6 02:07:42 2010
@@ -40,6 +40,7 @@ public class SecretKeyConfigurationTest
{
super.setUp();
servletContext.addInitParameter(StateUtils.INIT_SECRET, "shouldn't matter");
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, AbstractStateUtilsTest.BASE64_KEY_SIZE_8);
}
Modified: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsAES_CBCTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsAES_CBCTest.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsAES_CBCTest.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsAES_CBCTest.java Sun Jun 6 02:07:42 2010
@@ -50,6 +50,8 @@ public class StateUtilsAES_CBCTest exten
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, "AES");
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, "CBC/PKCS5Padding");
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_IV, BASE64_KEY_SIZE_16);
+ servletContext.addInitParameter(StateUtils.INIT_SECRET_KEY_CACHE, "false");
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, AbstractStateUtilsTest.BASE64_KEY_SIZE_8);
StateUtils.initSecret(servletContext);// should do nothing
}
Modified: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsBlowfish_ECBTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsBlowfish_ECBTest.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsBlowfish_ECBTest.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsBlowfish_ECBTest.java Sun Jun 6 02:07:42 2010
@@ -48,6 +48,8 @@ public class StateUtilsBlowfish_ECBTest
servletContext.addInitParameter(StateUtils.INIT_SECRET, BASE64_KEY_SIZE_16);
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, "Blowfish");
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, "ECB/PKCS5Padding");
+ servletContext.addInitParameter(StateUtils.INIT_SECRET_KEY_CACHE, "false");
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, AbstractStateUtilsTest.BASE64_KEY_SIZE_8);
StateUtils.initSecret(servletContext);// should do nothing
}
Modified: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsDefaultTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsDefaultTest.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsDefaultTest.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsDefaultTest.java Sun Jun 6 02:07:42 2010
@@ -42,6 +42,8 @@ public class StateUtilsDefaultTest exten
servletContext.addInitParameter(StateUtils.INIT_SECRET, BASE64_KEY_SIZE_8);
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, StateUtils.DEFAULT_ALGORITHM);
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, StateUtils.DEFAULT_ALGORITHM_PARAMS);
+ servletContext.addInitParameter(StateUtils.INIT_SECRET_KEY_CACHE, "false");
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, AbstractStateUtilsTest.BASE64_KEY_SIZE_8);
StateUtils.initSecret(servletContext);// should do nothing
}
Modified: myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsTripleDES_ECBTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsTripleDES_ECBTest.java?rev=951800&r1=951799&r2=951800&view=diff
==============================================================================
--- myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsTripleDES_ECBTest.java (original)
+++ myfaces/shared/trunk_3.0.x/core/src/test/java/org/apache/myfaces/shared/util/StateUtilsTripleDES_ECBTest.java Sun Jun 6 02:07:42 2010
@@ -48,6 +48,8 @@ public class StateUtilsTripleDES_ECBTest
servletContext.addInitParameter(StateUtils.INIT_SECRET, BASE64_KEY_SIZE_24);
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, "DESede");
servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, "ECB/PKCS5Padding");
+ servletContext.addInitParameter(StateUtils.INIT_SECRET_KEY_CACHE, "false");
+ servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, AbstractStateUtilsTest.BASE64_KEY_SIZE_8);
StateUtils.initSecret(servletContext); // should do nothing
}