code commit for BAEL-4869 (#10812)

* Code commit for "Converting String to BigDecimal in Java" - Article

* modified the assert param for comparing actual and expected values

* removed the conflict change

* Code commit for Secret Key to String and vice versa in java

* renaming the junit class name to match coding standard

* code commit for BAEL-4869

* Adding new module with Secret key to String conversion in Java [BAEL-4489]

* changed code indent by space instead of tab
This commit is contained in:
Bhabani Prasad Patel 2021-05-29 02:08:15 +05:30 committed by GitHub
parent 805e96f784
commit eefc0b2bc7
9 changed files with 292 additions and 0 deletions

View File

@ -0,0 +1,8 @@
## Core Java Security
This module contains articles about core Java Security
### Relevant Articles:
- [Secret Key and String Conversion in Java](https://www.baeldung.com/secret-key-and-string-conversion-in-java/)
- More articles: [[<-- prev]](/core-java-modules/core-java-security-2)

View File

@ -0,0 +1,53 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>core-java-security-2</artifactId>
<version>0.1.0-SNAPSHOT</version>
<name>core-java-security-2</name>
<packaging>jar</packaging>
<parent>
<groupId>com.baeldung.core-java-modules</groupId>
<artifactId>core-java-modules</artifactId>
<version>0.0.1-SNAPSHOT</version>
<relativePath>../</relativePath>
</parent>
<dependencies>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>${commons-codec.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${bouncycastle.version}</version>
</dependency>
<!-- test scoped -->
<dependency>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
<version>${assertj-core.version}</version>
<scope>test</scope>
</dependency>
<!-- https://mvnrepository.com/artifact/javax.xml.bind/jaxb-api -->
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>${jaxb-api.version}</version>
</dependency>
</dependencies>
<properties>
<!-- util -->
<bouncycastle.version>1.60</bouncycastle.version>
<commons-codec.version>1.11</commons-codec.version>
<!-- testing -->
<assertj-core.version>3.18.0</assertj-core.version>
<jaxb-api.version>2.3.1</jaxb-api.version>
</properties>
</project>

View File

@ -0,0 +1,53 @@
package com.baeldung.secretkeyandstringconversion;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Base64;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
public class ConversionClassUtil {
/* Generating Secret key */
// Generating Secret Key using KeyGenerator class with 256
public static SecretKey generateKey(int n) throws NoSuchAlgorithmException {
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(n);
SecretKey originalKey = keyGenerator.generateKey();
return originalKey;
}
// Generating Secret Key using password and salt
public static SecretKey getKeyFromPassword(String password, String salt)
throws NoSuchAlgorithmException, InvalidKeySpecException {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 65536, 256);
SecretKey originalKey = new SecretKeySpec(factory.generateSecret(spec).getEncoded(), "AES");
return originalKey;
}
/* Converting Secret key into String */
public static String convertSecretKeyToString(SecretKey secretKey) throws NoSuchAlgorithmException {
// Converting the Secret Key into byte array
byte[] rawData = secretKey.getEncoded();
// Getting String - Base64 encoded version of the Secret Key
String encodedKey = Base64.getEncoder().encodeToString(rawData);
return encodedKey;
}
/* Converting String into Secret key into */
public static SecretKey convertStringToSecretKeyto(String encodedKey) {
// Decoding the Base64 encoded string into byte array
byte[] decodedKey = Base64.getDecoder().decode(encodedKey);
// Rebuilding the Secret Key using SecretKeySpec Class
SecretKey originalKey = new SecretKeySpec(decodedKey, 0, decodedKey.length, "AES");
return originalKey;
}
}

View File

@ -0,0 +1,44 @@
package com.baeldung.secretkeyandstringconversion;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.SecretKey;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
public class ConversionClassUtilUnitTest {
@Test
void givenPasswordAndSalt_whenCreateSecreKeyCheckConversion_thenSuccess()
throws NoSuchAlgorithmException, InvalidKeySpecException {
// given
String password = "Baeldung@2021";
String salt = "@$#baelDunG@#^$*";
// when
SecretKey encodedKey = ConversionClassUtil.getKeyFromPassword(password, salt);
String encodedString = ConversionClassUtil.convertSecretKeyToString(encodedKey);
SecretKey decodeKey = ConversionClassUtil.convertStringToSecretKeyto(encodedString);
// then
Assertions.assertEquals(encodedKey, decodeKey);
}
@Test
void givenSize_whenCreateSecreKeyCheckConversion_thenSuccess()
throws NoSuchAlgorithmException, InvalidKeySpecException {
// given
int size = 256;
// when
SecretKey encodedKey = ConversionClassUtil.generateKey(size);
String encodedString = ConversionClassUtil.convertSecretKeyToString(encodedKey);
SecretKey decodeKey = ConversionClassUtil.convertStringToSecretKeyto(encodedString);
// then
Assertions.assertEquals(encodedKey, decodeKey);
}
}

View File

@ -0,0 +1,15 @@
package com.baeldung.sampleapp.config;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
@ComponentScan({ "com.baeldung.sampleapp.web" })
public class MaxHTTPHeaderSizeConfig implements WebMvcConfigurer {
public MaxHTTPHeaderSizeConfig() {
super();
}
}

View File

@ -0,0 +1,17 @@
package com.baeldung.sampleapp.web.controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping(value = "/request-header-test")
public class MaxHttpHeaderSizeController {
@GetMapping
public boolean testMaxHTTPHeaderSize(@RequestHeader(value = "token") String token) {
return true;
}
}

View File

@ -0,0 +1,48 @@
package com.baeldung.web.controller;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import com.baeldung.sampleapp.config.WebConfig;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes = WebConfig.class)
@WebAppConfiguration
public class MaxHttpHeaderSizeControllerIntegrationTest {
private MockMvc mockMvc;
@Autowired
private WebApplicationContext webApplicationContext;
@Before
public void setUp() {
mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).build();
}
@Test
public void givenTokenWithLessThan8KBLegth_whenSendGetRequest_thenReturnsOK() throws Exception {
mockMvc.perform(get("/request-header-test").contentType(MediaType.APPLICATION_JSON_VALUE)
.with(httpBasic("user", "password")).header("token", "token")).andExpect(status().isOk());
}
@Test
public void givenTokenIsMissingInHeade_whenSendGetRequest_thenThrowsBadRequest() throws Exception {
mockMvc.perform(get("/request-header-test").contentType(MediaType.APPLICATION_JSON_VALUE)
.with(httpBasic("user", "password"))).andExpect(status().isBadRequest());
}
}

View File

@ -0,0 +1,53 @@
package com.baeldung.web.controller;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.support.AnnotationConfigContextLoader;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
import com.baeldung.sampleapp.config.MaxHTTPHeaderSizeConfig;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes = { MaxHTTPHeaderSizeConfig.class }, loader = AnnotationConfigContextLoader.class)
@ActiveProfiles("test")
// Start MaxHttpHeaderSizeController Spring Boot App(MainApplication) first
public class MaxHttpHeaderSizeControllerLiveTest {
@Test(expected = HttpClientErrorException.class)
public void givenTokenWithGreaterThan8KBLegth_whenSendGetRequest_thenThrowsBadRequest() throws Exception {
final String url = "http://localhost:8080/request-header-test";
HttpHeaders headers = new HttpHeaders();
headers.set("token", readRandomStringFromFile());
HttpEntity entity = new HttpEntity(headers);
final ResponseEntity<String> response = new RestTemplate().exchange(url, HttpMethod.GET, entity, String.class);
}
static String readRandomStringFromFile() throws IOException {
BufferedReader reader = new BufferedReader(new FileReader("src/test/resources/randomSringForheader.txt"));
StringBuilder stringBuilder = new StringBuilder();
String line = null;
String ls = System.getProperty("line.separator");
while ((line = reader.readLine()) != null) {
stringBuilder.append(line);
stringBuilder.append(ls);
}
stringBuilder.deleteCharAt(stringBuilder.length() - 1);
reader.close();
String content = stringBuilder.toString();
return content;
}
}

File diff suppressed because one or more lines are too long