1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.apache.myfaces.shared.util;
17
18
19
20
21
22
23 import org.apache.myfaces.shared.util.serial.DefaultSerialFactory;
24 import org.apache.myfaces.test.base.AbstractJsfTestCase;
25
26 import java.io.Serializable;
27 import java.util.Arrays;
28
29 public abstract class AbstractStateUtilsTest extends AbstractJsfTestCase implements Serializable
30 {
31 public AbstractStateUtilsTest(String name) {
32 super(name);
33 }
34
35
36 protected String sensitiveString;
37 private static final String TEST_DATA = "This is the test data.";
38
39 public static final String BASE64_KEY_SIZE_8 = "NzY1NDMyMTA=";
40
41 public static final String BASE64_KEY_SIZE_16 = "NzY1NDMyMTA3NjU0MzIxMA==";
42
43 public static final String BASE64_KEY_SIZE_24 = "MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIz";
44
45
46 public void setUp() throws Exception
47 {
48 super.setUp();
49 sensitiveString = "this is my secret";
50 externalContext.getApplicationMap().put(StateUtils.SERIAL_FACTORY, new DefaultSerialFactory());
51 }
52
53 public void tearDown() throws Exception
54 {
55 super.tearDown();
56 sensitiveString = null;
57 }
58
59
60
61
62
63 public void testConstructionString()
64 {
65 String constructed = StateUtils.construct(sensitiveString, externalContext);
66 Object object = StateUtils.reconstruct(constructed, externalContext);
67 assertTrue(object instanceof String);
68 String string = (String) object;
69 assertEquals(string, sensitiveString);
70 }
71
72
73
74
75
76
77 public void testConstruction()
78 {
79 String constructed = StateUtils.construct(TEST_DATA, externalContext);
80 Object object = org.apache.myfaces.shared.util.StateUtils.reconstruct(constructed, externalContext);
81 assertTrue(TEST_DATA.equals(object));
82 }
83
84 public void testSerialization()
85 {
86 byte[] bytes = StateUtils.getAsByteArray(TEST_DATA, externalContext);
87 Object object = StateUtils.getAsObject(bytes, externalContext);
88 assertTrue(TEST_DATA.equals(object));
89 }
90
91 public void testCryptography()
92 {
93 byte[] sensitiveBytes = sensitiveString.getBytes();
94 byte[] secure = StateUtils.encrypt(sensitiveBytes, externalContext);
95 byte[] insecure = StateUtils.decrypt(secure, externalContext);
96 secure = StateUtils.encrypt(insecure, externalContext);
97 insecure = StateUtils.decrypt(secure, externalContext);
98 assertTrue(Arrays.equals(insecure, sensitiveBytes));
99 }
100
101 public void testCompression()
102 {
103 int size = 2049;
104 byte[] orginalBytes = new byte[size];
105 byte[] lessBytes = StateUtils.compress(orginalBytes);
106 assertTrue(lessBytes.length < orginalBytes.length);
107 byte[] moreBytes = StateUtils.decompress(lessBytes);
108 assertTrue(moreBytes.length > lessBytes.length);
109 assertTrue(Arrays.equals(moreBytes, orginalBytes));
110 }
111
112 public void testEncoding()
113 {
114 byte[] orginalBytes = sensitiveString.getBytes();
115 byte[] encoded = StateUtils.encode(orginalBytes);
116 byte[] decoded = StateUtils.decode(encoded);
117 assertTrue(Arrays.equals(decoded, orginalBytes));
118 }
119
120
121
122
123
124 public void testConstructionNegative()
125 {
126 String constructed = StateUtils.construct(TEST_DATA, externalContext);
127 constructed = constructed.substring(1, constructed.length());
128 try
129 {
130 Object object = StateUtils.reconstruct(constructed, externalContext);
131 assertFalse(TEST_DATA.equals(object));
132 }
133 catch (Exception e)
134 {
135
136 }
137 }
138
139
140
141
142
143 public void testSerializationNegative()
144 {
145 byte[] bytes = StateUtils.getAsByteArray(TEST_DATA, externalContext);
146 bytes[1] = (byte) 3;
147 try
148 {
149 Object object = StateUtils.getAsObject(bytes, externalContext);
150 assertFalse(TEST_DATA.equals(object));
151 }
152 catch (Exception e)
153 {
154
155 }
156
157 }
158
159
160
161
162
163 public void testCryptographyNegative()
164 {
165 byte[] sensitiveBytes = sensitiveString.getBytes();
166 byte[] secure = StateUtils.encrypt(sensitiveBytes, externalContext);
167
168 secure[secure.length-5] = (byte) 1;
169 try
170 {
171 byte[] insecure = StateUtils.decrypt(secure, externalContext);
172 assertFalse(Arrays.equals(insecure, sensitiveBytes));
173 }
174 catch (Exception e)
175 {
176
177 }
178 }
179
180
181
182
183
184 public void testCompressionNegative()
185 {
186 int size = 2049;
187 byte[] orginalBytes = new byte[size];
188 byte[] lessBytes = StateUtils.compress(orginalBytes);
189 lessBytes[1] = (byte) 3;
190 try
191 {
192 byte[] moreBytes = StateUtils.decompress(lessBytes);
193 assertFalse(Arrays.equals(moreBytes, orginalBytes));
194 }
195 catch (Exception e)
196 {
197
198 }
199 }
200
201
202
203
204
205 public void testEncodingNegative()
206 {
207 byte[] orginalBytes = sensitiveString.getBytes();
208 byte[] encoded = StateUtils.encode(orginalBytes);
209 encoded[1] = (byte) 9;
210 try
211 {
212 byte[] decoded = StateUtils.decode(encoded);
213 assertFalse(Arrays.equals(decoded, orginalBytes));
214 }
215 catch (Exception e)
216 {
217
218 }
219 }
220
221
222 }
223