View Javadoc

1   /*
2    * Copyright 2004-2006 The Apache Software Foundation.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  
18  package org.apache.myfaces.shared.util;
19  
20  import junit.framework.Test;
21  import org.apache.myfaces.test.base.AbstractJsfTestCase;
22  
23  import javax.faces.FacesException;
24  
25  public class InitVector_CBCTestCase extends AbstractJsfTestCase {
26  
27      public InitVector_CBCTestCase(String name) {
28          super(name);
29      }
30      
31      // No longer necessary using junit 4 to run tests
32      //public static Test suite() {
33      //    return null; // keep this method or maven won't run it
34      //}    
35  
36      public void setUp() throws Exception{
37      
38          super.setUp();
39          
40          servletContext.addInitParameter(StateUtils.INIT_SECRET, "shouldn't matter");
41          servletContext.addInitParameter(StateUtils.INIT_ALGORITHM, "shouldn't matter either");
42          servletContext.addInitParameter(StateUtils.INIT_ALGORITHM_PARAM, "CBC/PKCS5Padding");
43          servletContext.addInitParameter(StateUtils.INIT_SECRET_KEY_CACHE, "false");
44          servletContext.addInitParameter(StateUtils.INIT_MAC_SECRET, "shouldn't matter");
45          // DO NOT UNCOMMENT THIS ! we are simulating a bad conf
46          //servletContext.addInitParameter(org.apache.myfaces.shared.util.StateUtils.INIT_ALGORITHM_IV, BASE64_KEY_SIZE_16);        
47          
48      }
49  
50      public void testDecryption() {
51          
52          byte[] sensitiveBytes = "bound to fail".getBytes();
53          
54          try{
55              
56              StateUtils.decrypt(sensitiveBytes, externalContext);
57              
58              fail("MyFaces should throw a meaningful " +
59                      "exception when users opt for CBC mode " +
60                      "encryption w/out an initialization vector.");
61              
62          }catch(FacesException fe){
63          }
64          
65      }
66      
67      public void testEncryption() {
68          
69          byte[] sensitiveBytes = "bound to fail".getBytes();
70          
71          try{
72              
73              StateUtils.encrypt(sensitiveBytes, externalContext);
74              
75              fail("MyFaces should throw a meaningful " +
76                      "exception when users opt for CBC mode " +
77                      "encryption w/out an initialization vector.");
78              
79          }catch(FacesException fe){
80          }
81          
82      }
83      
84  }