Wednesday, September 21, 2011

A little excursion into JCE

I had an occasion to explore a bit of Java that I've never dealt with before: the Java Cryptography Extensions (as of Java 1.4 these are part of the Java distribution). The problem at hand required being able to encrypt a string using the Rijndael algorithm (AES).

Being a good TDDer, what do I do first? What is the test that will pass quickly and yet move me toward my ultimate goal?

I figure if I get back my original text by deciphering the encoded text I'll show that I can successfully encrypt (the original goal). It goes a bit beyond the original goal of just being able to encrypt a string successfully, but I will also have the means of verifying correctness.

So, what is a simple expression of this intent?

OK. If I can really pass that test I'll think I have the basics of using the Java Cryptography stuff down.
Right now this doesn't compile because there is no encrypt function (as well as no decrypt function, but IntelliJ is only telling me about the first error at the moment).

Now, notice that I don't have any real classes or objects, just functions. Why would I do that? I'm hoping that by following the principles articulated in this posting: TDD as if you meant it I'll arrive at the simplest solution that meets my needs.

Here is the simplest test that compiles:
But it doesn't run at this point:

Expected :Original Plaintext
Actual   :null
So, what is the simplest thing that could possibly work (DTSTTCPW)

Voila! We've got a green bar in just a few minutes and...
Wait a minute! There isn't any encryption going on there! How can you claim it works?

OK, I'm fudging a bit. I've got the structure of my test and it seems sound. If I can make it pass with real encryption occurring I'll be satisfied that I'm on the right track. Normally at this point I would write a different test to cause the real solution to start taking shape. However, I don't know how the Java Cryptography stuff fits together. That is what I'm trying to understand. In effect I'm writing a learning test. At the end of the process I'll have a working example that is supported by tests so I understand how it works and how I arrived at that point. More to come.

No comments:

Post a Comment