cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a.@apache.org
Subject git commit: [CXF-5614] CachedOutputStream may fail to read the encrypted data
Date Fri, 14 Mar 2014 09:58:37 GMT
Repository: cxf
Updated Branches:
  refs/heads/2.7.x-fixes 594ca4338 -> 2f54cec24


[CXF-5614] CachedOutputStream may fail to read the encrypted data


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2f54cec2
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2f54cec2
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2f54cec2

Branch: refs/heads/2.7.x-fixes
Commit: 2f54cec249928f6f7f0e1101588459b3ca29be06
Parents: 594ca43
Author: Akitoshi Yoshida <ay@apache.org>
Authored: Fri Mar 14 10:44:09 2014 +0100
Committer: Akitoshi Yoshida <ay@apache.org>
Committed: Fri Mar 14 10:56:42 2014 +0100

----------------------------------------------------------------------
 .../main/java/org/apache/cxf/io/CipherPair.java | 162 ++++++++++---------
 .../apache/cxf/io/CachedOutputStreamTest.java   |   5 +
 .../org/apache/cxf/io/CachedStreamTestBase.java |  68 ++++++++
 .../org/apache/cxf/io/CachedWriterTest.java     |   5 +
 4 files changed, 165 insertions(+), 75 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2f54cec2/api/src/main/java/org/apache/cxf/io/CipherPair.java
----------------------------------------------------------------------
diff --git a/api/src/main/java/org/apache/cxf/io/CipherPair.java b/api/src/main/java/org/apache/cxf/io/CipherPair.java
index 541d509..bf30344 100644
--- a/api/src/main/java/org/apache/cxf/io/CipherPair.java
+++ b/api/src/main/java/org/apache/cxf/io/CipherPair.java
@@ -1,75 +1,87 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.io;
-
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.SecureRandom;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.spec.IvParameterSpec;
-
-/**
- * A class to hold a pair of encryption and decryption ciphers.
- */
-public class CipherPair {
-    private String transformation;
-    private Cipher enccipher;
-    private Cipher deccipher;
-    
-    public CipherPair(String transformation) throws GeneralSecurityException {
-        this.transformation = transformation;
-        
-        int d = transformation.indexOf('/');
-        String a;
-        if (d > 0) {
-            a = transformation.substring(0, d);
-        } else {
-            a = transformation;
-        }
-        try {
-            KeyGenerator keygen = KeyGenerator.getInstance(a);
-            keygen.init(new SecureRandom());
-            Key key = keygen.generateKey();
-            enccipher = Cipher.getInstance(transformation);
-            deccipher = Cipher.getInstance(transformation);
-            enccipher.init(Cipher.ENCRYPT_MODE, key);
-            final byte[] ivp = enccipher.getIV();
-            deccipher.init(Cipher.DECRYPT_MODE, key, ivp == null ? null : new IvParameterSpec(ivp));
-        } catch (GeneralSecurityException e) {
-            enccipher = null;
-            deccipher = null;
-            throw e;
-        }
-    }
-    
-    public String getTransformation() {
-        return transformation;
-    }
-    
-    public Cipher getEncryptor() {
-        return enccipher;
-    }
-    
-    public Cipher getDecryptor() {
-        return deccipher;
-    }
-}
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.io;
+
+import java.security.GeneralSecurityException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+
+/**
+ * A class to hold a pair of encryption and decryption ciphers.
+ */
+public class CipherPair {
+    private String transformation;
+    private Key key;
+    private byte[] ivp;
+    
+    public CipherPair(String transformation) throws GeneralSecurityException {
+        this.transformation = transformation;
+        
+        int d = transformation.indexOf('/');
+        String a;
+        if (d > 0) {
+            a = transformation.substring(0, d);
+        } else {
+            a = transformation;
+        }
+        Cipher enccipher = null;
+        try {
+            KeyGenerator keygen = KeyGenerator.getInstance(a);
+            keygen.init(new SecureRandom());
+            key = keygen.generateKey();
+            enccipher = Cipher.getInstance(transformation);
+            enccipher.init(Cipher.ENCRYPT_MODE, key);
+            ivp = enccipher.getIV();
+        } catch (GeneralSecurityException e) {
+            enccipher = null;
+            throw e;
+        }
+    }
+    
+    public String getTransformation() {
+        return transformation;
+    }
+    
+    public Cipher getEncryptor() {
+        Cipher enccipher = null;
+        try {
+            enccipher = Cipher.getInstance(transformation);
+            enccipher.init(Cipher.ENCRYPT_MODE, key);
+        } catch (GeneralSecurityException e) {
+        }
+        return enccipher;
+    }
+    
+    public Cipher getDecryptor() {
+        Cipher deccipher = null;
+        try {
+            deccipher = Cipher.getInstance(transformation);
+            deccipher.init(Cipher.DECRYPT_MODE, key, ivp == null ? null : new IvParameterSpec(ivp));
+        } catch (GeneralSecurityException e) {
+        }
+        return deccipher;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2f54cec2/api/src/test/java/org/apache/cxf/io/CachedOutputStreamTest.java
----------------------------------------------------------------------
diff --git a/api/src/test/java/org/apache/cxf/io/CachedOutputStreamTest.java b/api/src/test/java/org/apache/cxf/io/CachedOutputStreamTest.java
index a0ed9ba..1df7afb 100644
--- a/api/src/test/java/org/apache/cxf/io/CachedOutputStreamTest.java
+++ b/api/src/test/java/org/apache/cxf/io/CachedOutputStreamTest.java
@@ -76,6 +76,11 @@ public class CachedOutputStreamTest extends CachedStreamTestBase {
     protected String readFromStreamObject(Object obj) throws IOException {
         return readFromStream((InputStream)obj);
     }
+
+    @Override
+    protected String readPartiallyFromStreamObject(Object cache, int len) throws IOException
{
+        return readPartiallyFromStream((InputStream)cache, len);
+    }
 }
     
    

http://git-wip-us.apache.org/repos/asf/cxf/blob/2f54cec2/api/src/test/java/org/apache/cxf/io/CachedStreamTestBase.java
----------------------------------------------------------------------
diff --git a/api/src/test/java/org/apache/cxf/io/CachedStreamTestBase.java b/api/src/test/java/org/apache/cxf/io/CachedStreamTestBase.java
index f899504..ddd5fed 100755
--- a/api/src/test/java/org/apache/cxf/io/CachedStreamTestBase.java
+++ b/api/src/test/java/org/apache/cxf/io/CachedStreamTestBase.java
@@ -42,6 +42,7 @@ public abstract class CachedStreamTestBase extends Assert {
     protected abstract File getTmpFile(String result, Object cache) throws IOException;
     protected abstract Object getInputStreamObject(Object cache) throws IOException;
     protected abstract String readFromStreamObject(Object cache) throws IOException;
+    protected abstract String readPartiallyFromStreamObject(Object cache, int len) throws
IOException;
     
     @Test
     public void testResetOut() throws IOException {
@@ -130,6 +131,37 @@ public abstract class CachedStreamTestBase extends Assert {
         assertFalse("file is not deleted", tmpfile.exists());
     }
 
+    @Test
+    public void testEncryptAndDecryptPartially() throws IOException {
+        // need a 8-bit cipher so that all bytes are flushed when the stream is flushed.
+        Object cache = createCache(4, "RC4");
+        final String text = "Hello Secret World!";
+        File tmpfile = getTmpFile(text, cache);
+        assertNotNull(tmpfile);
+
+        Object fin = getInputStreamObject(cache);
+        // read partially and keep the stream open
+        String pdectext = readPartiallyFromStreamObject(fin, 4);
+        assertTrue("text is not decoded correctly", text.startsWith(pdectext));
+
+        Object fin2 = getInputStreamObject(cache);
+
+        final String dectext = readFromStreamObject(fin2);
+        assertEquals("text is not decoded correctly", text, dectext);
+
+        // close the partially read stream
+        if (fin instanceof InputStream) {
+            ((InputStream)fin).close();
+        } else if (fin instanceof Reader) {
+            ((Reader)fin).close();
+        }
+
+        // the file is deleted when cos is closed while all the associated inputs are closed
+        assertTrue("file is deleted", tmpfile.exists());
+        close(cache);
+        assertFalse("file is not deleted", tmpfile.exists());
+    }
+
 
     @Test
     public void testUseSysProps() throws Exception {
@@ -219,6 +251,24 @@ public abstract class CachedStreamTestBase extends Assert {
         }
         return new String(buf.toByteArray(), "UTF-8");
     }
+
+    protected static String readPartiallyFromStream(InputStream is, int len) throws IOException
{
+        ByteArrayOutputStream buf = new ByteArrayOutputStream();
+        byte[] b = new byte[len];
+        int rn = 0;
+        for (;;) {
+            int n = is.read(b, 0, b.length);
+            if (n < 0) {
+                break;
+            }
+            buf.write(b, 0, n);
+            rn += n;
+            if (len <= rn) {
+                break;
+            }
+        }
+        return new String(buf.toByteArray(), "UTF-8");
+    }
  
     protected static String readFromReader(Reader is) throws IOException {
         StringBuffer buf = new StringBuffer();
@@ -237,6 +287,24 @@ public abstract class CachedStreamTestBase extends Assert {
         return buf.toString();
     }
     
+    protected static String readPartiallyFromReader(Reader is, int len) throws IOException
{
+        StringBuffer buf = new StringBuffer();
+        char[] b = new char[len];
+        int rn = 0;
+        for (;;) {
+            int n = is.read(b, 0, b.length);
+            if (n < 0) {
+                break;
+            }
+            buf.append(b, 0, n);
+            rn += n;
+            if (len <= rn) {
+                break;
+            }
+        }
+        return buf.toString();
+    }
+    
     private static String initTestData(int packetSize) {
         String temp = "abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()_+?><[]/0123456789";
         String result = new String();

http://git-wip-us.apache.org/repos/asf/cxf/blob/2f54cec2/api/src/test/java/org/apache/cxf/io/CachedWriterTest.java
----------------------------------------------------------------------
diff --git a/api/src/test/java/org/apache/cxf/io/CachedWriterTest.java b/api/src/test/java/org/apache/cxf/io/CachedWriterTest.java
index 6eeeafe..1f0bfdc 100644
--- a/api/src/test/java/org/apache/cxf/io/CachedWriterTest.java
+++ b/api/src/test/java/org/apache/cxf/io/CachedWriterTest.java
@@ -75,6 +75,11 @@ public class CachedWriterTest extends CachedStreamTestBase {
     protected String readFromStreamObject(Object obj) throws IOException {
         return readFromReader((Reader)obj);
     }
+
+    @Override
+    protected String readPartiallyFromStreamObject(Object cache, int len) throws IOException
{
+        return readPartiallyFromReader((Reader)cache, len);
+    }
 }
     
    


Mime
View raw message