TechQA.

No exception thrown from Base32 after commons-codec upgrade

204 views Asked by At

I have a TOTP Authenticator project which generates a six-digit one-time password using TOTP (RFC 6238). Internally it uses Base32 class from Apache Commons Codec:

Base32 base32 = new Base32();

Following the commons-codec upgrade 1.14 -> 1.15, a unit test started to fail:

@Test
void testInvalidBase32Value() {
  String secretKey = "AHXQ2W5P6AGKYVK";

  Executable when = () -> generator.generateOtp(secretKey);

  assertThrows(IllegalArgumentException.class, when);
}

org.opentest4j.AssertionFailedError: Expected java.lang.IllegalArgumentException to be thrown, but nothing was thrown.

How do I fix the test?

java totp apache-commons-codec
Original Q&A
1

There are 1 answers

0
Boris On BEST ANSWER

According to the Apache Commons Codec 1.15 release notes, the default decoding policy has been changed:

Base32/Base64/BCodec: Added strict decoding property to control handling of trailing bits. Default lenient mode discards them without error. Strict mode raise an exception.

The new default decoding policy is defined in BaseNCodec.java:

protected static final CodecPolicy DECODING_POLICY_DEFAULT = CodecPolicy.LENIENT;

To fix the unit test, set the decoding policy to CodecPolicy.STRICT in generateOtp():

Base32 base32 = new Base32();
->
Base32 base32 = new Base32(0, null, false, PAD_DEFAULT, CodecPolicy.STRICT);

Now data that causes a codec to fail should throw an exception.

Related Questions in JAVA

Related Questions in TOTP

Related Questions in APACHE-COMMONS-CODEC

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions