diff options
3 files changed, 81 insertions, 58 deletions
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java index 31e5069b..10136272 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java @@ -71,12 +71,19 @@ public class FileGetter { if(CredDAO.CERT_SHA256_RSA == type) { return; } + byte ba[]; CredDAO.Data cdd = new CredDAO.Data(); cdd.id=row.get(0); cdd.type = type; try { cdd.expires = sdf.parse(row.get(2)); - cdd.cred = ByteBuffer.wrap(Hash.fromHex(row.get(3))); + // Note: Note sure this can be null, but throwing was + // part of original "fromHex" method. Remove if you can + // prove ba will never be null J - May 19,2020 + if((ba=Hash.fromHex(row.get(3)))==null) { + throw new CadiException("Invalid Cred"); + } + cdd.cred = ByteBuffer.wrap(ba); cdd.notes= row.get(4); cdd.ns = row.get(5); cdd.other = Integer.parseInt(row.get(6)); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java index 26c33c84..3827aed0 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java @@ -25,6 +25,12 @@ import java.nio.ByteBuffer; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +/** + * + * + * @author Jonathan + * + */ public class Hash { private static char hexDigit[] = "0123456789abcdef".toCharArray(); @@ -149,6 +155,10 @@ public class Hash { return compare; } + /** + * @param ba + * @return + */ public static String toHexNo0x(byte[] ba) { StringBuilder sb = new StringBuilder(); for (byte b : ba) { @@ -158,6 +168,10 @@ public class Hash { return sb.toString(); } + /** + * @param ba + * @return + */ public static String toHex(byte[] ba) { StringBuilder sb = new StringBuilder("0x"); for (byte b : ba) { @@ -177,14 +191,17 @@ public class Hash { } - public static byte[] fromHex(String s) throws CadiException{ - if (!s.startsWith("0x")) { - throw new CadiException("HexString must start with \"0x\""); - } - boolean high = true; - int c; + public static byte[] fromHex(String s) { + if(!s.startsWith("0x")) { + return fromHexNo0x(s); + } byte b; - byte[] ba = new byte[(s.length()-2)/2]; + int c; + byte[] ba; + int extra = s.length()%2; // odd requires extra + ba = new byte[(s.length()-2)/2 + extra]; + boolean high = extra==0; + int idx; for (int i=2;i<s.length();++i) { c = s.charAt(i); @@ -195,9 +212,9 @@ public class Hash { } else if (c>=0x41 && c<=0x46) { b=(byte)(c-0x37); } else { - throw new CadiException("Invalid char '" + c + "' in HexString"); + return null; } - idx = (i-2)/2; + idx = (i-2+extra)/2; if (high) { ba[idx]=(byte)(b<<4); high = false; @@ -208,7 +225,7 @@ public class Hash { } return ba; } - + /** * Does not expect to start with "0x" * if Any Character doesn't match, it returns null; @@ -217,23 +234,16 @@ public class Hash { * @return */ public static byte[] fromHexNo0x(String s) { - int c; byte b; + int c; byte[] ba; - boolean high; - int start; - if (s.length()%2==0) { - ba = new byte[s.length()/2]; - high=true; - start=0; - } else { - ba = new byte[(s.length()/2)+1]; - high = false; - start=1; - } + int extra = s.length()%2; // odd requires extra byte to store + ba = new byte[(s.length())/2 + extra]; + boolean high = extra==0; + int idx; - for (int i=start;i<s.length();++i) { - c = s.charAt((i-start)); + for (int i=0;i<s.length();++i) { + c = s.charAt(i); if (c>=0x30 && c<=0x39) { b=(byte)(c-0x30); } else if (c>=0x61 && c<=0x66) { @@ -243,7 +253,7 @@ public class Hash { } else { return null; } - idx = i/2; + idx = (i+extra)/2; if (high) { ba[idx]=(byte)(b<<4); high = false; @@ -254,5 +264,4 @@ public class Hash { } return ba; } - } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java index 05abc7ed..0395830e 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java @@ -22,15 +22,17 @@ package org.onap.aaf.cadi.test; -import org.junit.Test; -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.Hash; - -import static org.junit.Assert.*; +import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.CoreMatchers.not; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.assertTrue; import org.junit.BeforeClass; - -import static org.hamcrest.CoreMatchers.*; +import org.junit.Test; +import org.onap.aaf.cadi.Hash; public class JU_Hash { // Some common test vectors @@ -63,7 +65,7 @@ public class JU_Hash { private String numbersDec = "1234567890"; private String numbersHex = "0x31323334353637383930"; private String numbersHexNo0x = "31323334353637383930"; - + @SuppressWarnings("unused") @BeforeClass public static void getCoverage() { @@ -179,22 +181,11 @@ public class JU_Hash { assertEquals(lowersDec, new String(Hash.fromHex(lowersHex))); assertEquals(numbersDec, new String(Hash.fromHex(numbersHex))); - try { - // This string doesn't begin with "0x" - Hash.fromHex("0X65"); - fail("Should have thrown CadiException"); - } catch (CadiException e) { - assertEquals("HexString must start with \"0x\"", e.getMessage()); - } + // This string doesn't begin with "0x" + assertNull(Hash.fromHex("0X65")); - try { // This string has invalid hex characters - Hash.fromHex("0xQ"); - fail("Should have thrown CadiException"); - } catch (CadiException e) { - // 81 is dec(Q) - assertEquals("Invalid char '81' in HexString", e.getMessage()); - } + assertNull(Hash.fromHex("0xQ")); } @Test @@ -203,16 +194,32 @@ public class JU_Hash { assertEquals(lowersDec, new String(Hash.fromHexNo0x(lowersHexNo0x1))); assertEquals(uppersDec, new String(Hash.fromHexNo0x(uppersHexNo0x2))); assertEquals(lowersDec, new String(Hash.fromHexNo0x(lowersHexNo0x2))); - assertEquals(numbersDec, new String(Hash.fromHexNo0x(numbersHexNo0x))); byte[] output = Hash.fromHexNo0x("ABC"); - assertEquals(new String(new byte[] {(byte)0x0A, (byte)0xB0}), new String(output)); + assertEquals(new String(new byte[] {(byte)0x0A, (byte)0xBC}), new String(output)); assertNull(Hash.fromHexNo0x("~~")); } -// -// @Test -// public void aaf_941() throws Exception { -// // User notes: From reported error "aaf" not coded right -// -// -// } + + @Test + public void aaf_941() throws Exception { + // User notes: From reported error "aaf" not coded right for odd digits + // Note: In the original concept, this isn't a valid Hex digit. It has to do with whether to assume an initial + // char of "0" if left out. + + String sample = "aaf"; + byte[] bytes = Hash.fromHexNo0x(sample); + String back = Hash.toHexNo0x(bytes); + // Note: We don't presume to know that someone left off leading 0 on start. + assertEquals("0aaf", back); + + sample = "0x0aaf"; + bytes = Hash.fromHex(sample); + back = Hash.toHex(bytes); + assertEquals(sample, back); + + // Assumed leading zero. Note, we ALWAYS translate back with leading zero. + bytes = Hash.fromHex("0xaaf"); + back = Hash.toHex(bytes); + assertEquals(sample, back); + + } } |