[GitHub] [nifi] exceptionfactory commented on a change in pull request #4572: NIFI-7777 Added Password property to UnpackContent for decrypting Zip archives

Tue, 06 Oct 2020 16:48:13 -0700 


exceptionfactory commented on a change in pull request #4572:
URL: https://github.com/apache/nifi/pull/4572#discussion_r500657362



##########
File path: 
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/TestUnpackContent.java
##########
@@ -221,6 +226,32 @@ public void testInvalidZip() throws IOException {
         }
     }
 
+    @Test
+    public void testZipEncryptionZipStandard() throws IOException {
+        runZipEncryptionMethod(EncryptionMethod.ZIP_STANDARD);
+    }
+
+    @Test
+    public void testZipEncryptionAes() throws IOException {
+        runZipEncryptionMethod(EncryptionMethod.AES);
+    }
+
+    @Test
+    public void testZipEncryptionNoPasswordConfigured() throws IOException {
+        final TestRunner runner = TestRunners.newTestRunner(new 
UnpackContent());
+        runner.setProperty(UnpackContent.PACKAGING_FORMAT, 
UnpackContent.PackageFormat.ZIP_FORMAT.toString());
+
+        final String password = String.class.getSimpleName();
+        final char[] streamPassword = password.toCharArray();
+        final String contents = TestRunner.class.getCanonicalName();
+
+        final byte[] zipEncrypted = createZipEncrypted(EncryptionMethod.AES, 
streamPassword, contents);

Review comment:
       Thanks for the additional feedback.  The EncryptionMethod enum lists 
only supported algorithms, so testing a different type of encrypted zip file 
would require creating an example from another program.  Creating an encrypted 
Zip file with a trial version of PKWARE SecureZIP using the 3DES option results 
in the ZipInputStream throwing a ZipException with the following message:
   
   "Reached end of entry, but crc verification failed for testing"
   
   Unfortunately this doesn't provide any particular indication that the Zip 
entry was encrypted using some other unsupported algorithm.  The end result is 
that the file is routed to failure, just as with any other ZipException.
   
   Implementing this unit test would require checking in an encrypted binary 
created with PKWARE SecureZIP.  Since the exception handling follows the same 
path as a missing or incorrect password, do you still want this test case 
included?




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to