@@ -59,25 +59,24 @@ public class RecordEncryptionTest extends TestHelper
5959 private static final int SALT_ITERATIONS = 65536 ;
6060 private static final int KEY_LENGTH = 256 ;
6161 private static final SecureRandom SECURE_RANDOM = new SecureRandom ();
62- private SecretKey key ;
63- private IvParameterSpec ivParameterSpec ;
62+ private SecretKey key ;
6463 private final AtomicInteger creates = new AtomicInteger ();
6564 private final AtomicInteger reads = new AtomicInteger ();
6665 private final AtomicInteger updates = new AtomicInteger ();
6766
6867 @ Override
6968 public void beginTest () {
69+ creates .set (0 );
70+ reads .set (0 );
71+ updates .set (0 );
72+
7073 final VertexType backAccount = database .getSchema ().createVertexType ("BackAccount" );
7174 backAccount .getEvents ().registerListener ((BeforeRecordCreateListener ) this );
7275 backAccount .getEvents ().registerListener ((AfterRecordReadListener ) this );
7376 backAccount .getEvents ().registerListener ((BeforeRecordUpdateListener ) this );
7477
7578 try {
7679 key = getKeyFromPassword (password , "salt" );
77- // Generate IV once during initialization
78- byte [] iv = new byte [16 ];
79- SECURE_RANDOM .nextBytes (iv );
80- ivParameterSpec = new IvParameterSpec (iv );
8180 } catch (Exception e ) {
8281 throw new SecurityException (e );
8382 }
@@ -99,22 +98,24 @@ void encryption() {
9998 assertThat (v1 .getString ("secret" )).isEqualTo ("Nobody must know John and Zuck are brothers" );
10099 });
101100
102- assertThat (reads .get ()).isEqualTo (1 );
101+ assertThat (reads .get ()).isGreaterThanOrEqualTo (1 );
102+ final int readsAfterFirstRead = reads .get ();
103103
104104 database .transaction (() -> {
105105 final MutableVertex v1 = database .iterateType ("BackAccount" , true ).next ().asVertex ().modify ();
106106 v1 .set ("secret" , "Tool late, everybody knows it" ).save ();
107107 });
108108
109109 assertThat (updates .get ()).isEqualTo (1 );
110- assertThat (reads .get ()).isEqualTo (2 );
110+ assertThat (reads .get ()).isGreaterThan (readsAfterFirstRead );
111+ final int readsAfterUpdate = reads .get ();
111112
112113 database .transaction (() -> {
113114 final Vertex v1 = database .iterateType ("BackAccount" , true ).next ().asVertex ();
114115 assertThat (v1 .getString ("secret" )).isEqualTo ("Tool late, everybody knows it" );
115116 });
116117
117- assertThat (reads .get ()).isEqualTo ( 3 );
118+ assertThat (reads .get ()).isGreaterThan ( readsAfterUpdate );
118119 }
119120
120121 @ Override
@@ -136,9 +137,12 @@ public boolean onBeforeCreate(Record record) {
136137 creates .incrementAndGet ();
137138 final MutableVertex doc = record .asVertex ().modify ();
138139 try {
139- String encrypted = encrypt (ALGORITHM , doc .getString ("secret" ), key , ivParameterSpec );
140+ byte [] iv = new byte [16 ];
141+ SECURE_RANDOM .nextBytes (iv );
142+ IvParameterSpec ivSpec = new IvParameterSpec (iv );
143+ String encrypted = encrypt (ALGORITHM , doc .getString ("secret" ), key , ivSpec );
140144 doc .set ("secret" , encrypted );
141- doc .set ("iv" , Base64 .getEncoder ().encodeToString (ivParameterSpec . getIV () ));
145+ doc .set ("iv" , Base64 .getEncoder ().encodeToString (iv ));
142146 } catch (Exception e ) {
143147 throw new SecurityException (e );
144148 }
@@ -150,9 +154,12 @@ public boolean onBeforeUpdate(Record record) {
150154 updates .incrementAndGet ();
151155 final MutableVertex doc = record .asVertex ().modify ();
152156 try {
153- String encrypted = encrypt (ALGORITHM , doc .getString ("secret" ), key , ivParameterSpec );
157+ byte [] iv = new byte [16 ];
158+ SECURE_RANDOM .nextBytes (iv );
159+ IvParameterSpec ivSpec = new IvParameterSpec (iv );
160+ String encrypted = encrypt (ALGORITHM , doc .getString ("secret" ), key , ivSpec );
154161 doc .set ("secret" , encrypted );
155- doc .set ("iv" , Base64 .getEncoder ().encodeToString (ivParameterSpec . getIV () ));
162+ doc .set ("iv" , Base64 .getEncoder ().encodeToString (iv ));
156163 } catch (Exception e ) {
157164 throw new SecurityException (e );
158165 }
0 commit comments