SEC-373: Add byte array encryption/decryption support.

2025-06-26 22:02:41 +00:00 · 2006-10-07 09:45:51 +00:00 · 2006-10-07 09:45:51 +00:00 · c292826475
commit c292826475
parent 59572e2168
2 changed files with 59 additions and 22 deletions
--- a/core/src/main/java/org/acegisecurity/util/EncryptionUtils.java
+++ b/core/src/main/java/org/acegisecurity/util/EncryptionUtils.java
@ -106,6 +106,19 @@ public class EncryptionUtils {
 		return byteArrayToString(Base64.encodeBase64(cipherText));
 	}
 	/**
 	 * Encrypts the inputBytes using the key.
 	 * 
 	 * @param key at least 24 character long key (required)
 	 * @param inputBytes the bytes to encrypt (required)
 	 * @return the encrypted version of the inputBytes
 	 * @throws EncryptionException in the event of an encryption failure
 	 */
 	public static byte[] encrypt(String key, byte[] inputBytes) throws EncryptionException {
 		isValidKey(key);
 		return Base64.encodeBase64(cipher(key, inputBytes, Cipher.ENCRYPT_MODE));
 	}
 	/**
 	 * Decrypts the inputString using the key.
 	 * 
@ -120,6 +133,19 @@ public class EncryptionUtils {
 		return byteArrayToString(cipherText);
 	}
 	/**
 	 * Decrypts the inputBytes using the key.
 	 * 
 	 * @param key the key used to originally encrypt the string (required)
 	 * @param inputBytes the encrypted bytes (required)
 	 * @return the decrypted version of inputBytes
 	 * @throws EncryptionException in the event of an encryption failure
 	 */
 	public static byte[] decrypt(String key, byte[] inputBytes) throws EncryptionException {
 		Assert.hasText(key, "A key is required to attempt decryption");
 		return cipher(key, Base64.decodeBase64(inputBytes), Cipher.DECRYPT_MODE);
 	}
 	private static void isValidKey(String key) {
 		Assert.hasText(key, "A key to perform the encryption is required");
 		Validate.isTrue(key.length() >= 24, "Key must be at least 24 characters long");
--- a/core/src/test/java/org/acegisecurity/util/EncryptionUtilsTests.java
+++ b/core/src/test/java/org/acegisecurity/util/EncryptionUtilsTests.java
@ -35,6 +35,11 @@ public class EncryptionUtilsTests extends TestCase {
 		assertEquals("3YIE8sIbaEoqGZZrHamFGQ==", encryptedString);
 	}
 	public void testEncryptByteArrayUsingDESEde() {
 		final byte[] encryptedArray = EncryptionUtils.encrypt(ENCRYPTION_KEY, EncryptionUtils.stringToByteArray(STRING_TO_ENCRYPT));
 		assertEquals("3YIE8sIbaEoqGZZrHamFGQ==", EncryptionUtils.byteArrayToString(encryptedArray));
 	}
 	public void testEncryptionKeyCanContainLetters() throws EncryptionException {
 		final String encryptedString = EncryptionUtils.encrypt("ASDF asdf 1234 8983 jklasdf J2Jaf8", STRING_TO_ENCRYPT);
 		assertEquals("v4+DQoClx6qm5tJwBcRrkw==", encryptedString);
@ -46,56 +51,62 @@ public class EncryptionUtilsTests extends TestCase {
 		assertEquals(STRING_TO_ENCRYPT, decryptedString);
 	}
-	public void testCantEncryptWithNullEncryptionKey() throws EncryptionException {
+	public void testDecryptByteArrayUsingDESEde() {
 		final byte[] encrypted = EncryptionUtils.stringToByteArray("3YIE8sIbaEoqGZZrHamFGQ==");
 		final byte[] decrypted = EncryptionUtils.decrypt(ENCRYPTION_KEY, encrypted);
 		assertEquals(STRING_TO_ENCRYPT, EncryptionUtils.byteArrayToString(decrypted));
 	}
 	public void testFailEncryptWithNullEncryptionKey() {
 		try {
-			EncryptionUtils.encrypt(null, "");
+			EncryptionUtils.encrypt(null, STRING_TO_ENCRYPT);
-			fail("Should have thrown IAE");
+			fail();
-		} catch (final IllegalArgumentException e) {
+		} catch (IllegalArgumentException e) {
 			assertTrue(true);
 		}
 	}
-	public void testCantEncryptWithEmptyEncryptionKey() throws EncryptionException {
+	public void testFailEncryptWithEmptyEncryptionKey() {
 		try {
-			EncryptionUtils.encrypt("", "");
+			EncryptionUtils.encrypt("", STRING_TO_ENCRYPT);
-			fail("Should have thrown IAE");
+			fail();
-		} catch (final IllegalArgumentException e) {
+		} catch (IllegalArgumentException e) {
 			assertTrue(true);
 		}
 	}
-	public void testCantEncryptWithShortEncryptionKey() throws EncryptionException {
+	public void teastFailEncryptWithShortEncryptionKey() {
 		try {
-			EncryptionUtils.encrypt("01234567890123456789012", "");
+			EncryptionUtils.encrypt("01234567890123456789012", STRING_TO_ENCRYPT);
-			fail("Should have thrown IAE");
+			fail();
-		} catch (final IllegalArgumentException e) {
+		} catch (IllegalArgumentException e) {
 			assertTrue(true);
 		}
 	}
-	public void testCantDecryptWithEmptyString() throws EncryptionException {
+	public void testFailDecryptWithEmptyString() {
 		try {
 			EncryptionUtils.decrypt(ENCRYPTION_KEY, "");
-			fail("Should have thrown IAE");
+			fail();
-		} catch (final IllegalArgumentException e) {
+		} catch (IllegalArgumentException e) {
 			assertTrue(true);
 		}
 	}
-	public void testCantEncryptWithEmptyString() throws EncryptionException {
+	public void testFailEncryptWithEmptyString() {
 		try {
 			EncryptionUtils.encrypt(ENCRYPTION_KEY, "");
-			fail("Should have thrown IAE");
+			fail();
-		} catch (final IllegalArgumentException e) {
+		} catch (IllegalArgumentException e) {
 			assertTrue(true);
 		}
 	}
-	public void testCantEncryptWithNullString() throws EncryptionException {
+	public void testFailEncryptWithNullString() {
 		try {
-			EncryptionUtils.encrypt(ENCRYPTION_KEY, null);
+			EncryptionUtils.encrypt(ENCRYPTION_KEY, (String) null);
-			fail("Should have thrown IAE");
+			fail();
-		} catch (final IllegalArgumentException e) {
+		} catch (IllegalArgumentException e) {
 			assertTrue(true);
 		}
 	}