A Simple Shell Script to Check the Trap of Case-Insensitive String

In the post of "The Trap of Case-Insensitive String", it is talked about the locale sensitive of String.toUpperCase() or String.toLowerCase(). I wrote a very simple KSH script to check the potential problems in Java source code. The script may be useful to facilitate the checking of the trap.

#!/bin/ksh

set -A KEYWORDS
KEYWORDS[0]="toLowerCase\(\)|toUpperCase\(\)"
typeset -i keywords_number=1

# KEYWORDS[0]="toLowerCase\(\).hashCode\(\)"
# KEYWORDS[1]="toUpperCase\(\).hashCode\(\)"
# KEYWORDS[2]="toLowerCase\(\).equals\("
# KEYWORDS[3]="toUpperCase\(\).equals\("
# typeset -i keywords_number=4

EXCLUDE_LINES="\/\/| \* "   # inaccurate filter

typeset -i keywords_i=0
while [ ${keywords_i} -lt ${keywords_number} ]; do
    echo
    echo Running "Checking operatoin ${KEYWORDS[${keywords_i}]} ..."

    find ./ -name "*.java" |xargs egrep "${KEYWORDS[${keywords_i}]}" \
        |egrep -v "${EXCLUDE_LINES}"

    echo "    ... DONE with the checking of ${KEYWORDS[${keywords_i}]}"
    echo

    ((keywords_i=keywords_i+1))
done

Please check the output to make sure there is no potential issues with String.toUpperCase() or String.toLowerCase().

Enjoy it!

Popular posts from this blog

Java™ SE 7 Release Security Enhancements - Weak Cryptography Control

Weak cryptographic algorithms can now be disabled in Java SE 7 release. The MD2 Message-Digest Algorithm was disabled by default in Sun PKIX provider and SunJSSE provider.

The MD2 algorithm is a cryptographic hash function developed by Ronald Rivest in 1989, and was published in 1992 as an Informational RFC (RFC 1319).; RFC 6149 moves RFC 1319/MD2 to historic status, "Since its publication, MD2 has been shown to not be collision-free, albeit successful collision attacks for properly implemented MD2 are not that damaging. Successful pre-image and second pre-image attacks against MD2 have been shown."

Although MD2 is no longer considered secure, it remains in use in public key infrastructures as part of certificates generated with MD2 and RSA. An a countermeasure of the vulnerability, Java SE has disabled MD2 algorithm in certification path building and validation.

You may wonder, Java SE has disabled MD2 algorithm in certification path building and validation in the latest…
Read more

JSSE Oracle Provider Preference of TLS Cipher Suites

Perference OrderValueDescription10xC0,0x24TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA38420xC0,0x28TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA38430x00,0x3DTLS_RSA_WITH_AES_256_CBC_SHA25640xC0,0x26TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA38450xC0,0x2ATLS_ECDH_RSA_WITH_AES_256_CBC_SHA38460x00,0x6BTLS_DHE_RSA_WITH_AES_256_CBC_SHA25670x00,0x6ATLS_DHE_DSS_WITH_AES_256_CBC_SHA25680xC0,0x0ATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA90xC0,0x14TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA100x00,0x35TLS_RSA_WITH_AES_256_CBC_SHA110xC0,0x05TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA120xC0,0x0FTLS_ECDH_RSA_WITH_AES_256_CBC_SHA130x00,0x39TLS_DHE_RSA_WITH_AES_256_CBC_SHA140x00,0x38TLS_DHE_DSS_WITH_AES_256_CBC_SHA150xC0,0x23TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256160xC0,0x27TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256170x00,0x3CTLS_RSA_WITH_AES_128_CBC_SHA256180xC0,0x25TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256190xC0,0x29TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256200x00,0x67TLS_DHE_RSA_WITH_AES_128_CBC_SHA256210x00,0x40TLS_DHE_DSS_WITH_AES_128_CBC_SHA256220xC0,0x09TL…
Read more

JEP 114: TLS SNI Extension - Virtual Servers Dispatcher

Image
The implementation of JEP 114 (TLS Server Name Indication (SNI) Extension) had integrated into JDK 8 at October, 2012. In the previous blog entries, we talked about the behavior changes in JSSE, and a few typical user cases. Let's look at a special user case, how to design a virtual server dispatcher in Java. Please refer to javax.net.ssl package of JDK 8 APIs for the detailed specification.


Prepare the ClientHello Parser
Applications need to implementation their own APIs to parser the client hello message from a plaintext socket. Suppose that an application design the following API to do the work, SSLCapabilities and SSLExplorer.
SSLCapabilities is defined to show the SSL/TLS security capabilities during handshaking, SSLCapabilities can be retrieved by exploring the network data of an SSL/TLS connection via SSLExplorer.explore(ByteBuffer).

/** * Encapsulates the security capabilities * of an SSL/TLS connection. * * The security capabilities are the list * ciphersuites to be…
Read more