set up NoUtil to use a env secret key

src/nodash/core/NoAdapter.java

@@ -3,7 +3,7 @@ package nodash.core;
 import java.security.PublicKey;
 import java.util.Collection;
 
-import nodash.core.exceptions.NoAdapterException;
+import nodash.exceptions.NoAdapterException;
 import nodash.exceptions.NoUserAlreadyOnlineException;
 import nodash.exceptions.NoUserNotValidException;
 import nodash.models.NoByteSet;

src/nodash/core/NoCore.java

@@ -17,7 +17,7 @@
 
 package nodash.core;
 
-import nodash.core.exceptions.NoAdapterException;
+import nodash.exceptions.NoAdapterException;
 import nodash.exceptions.NoByteSetBadDecryptionException;
 import nodash.exceptions.NoDashFatalException;
 import nodash.exceptions.NoSessionAlreadyAwaitingConfirmationException;

src/nodash/core/NoDefaultAdapter.java

@@ -18,7 +18,7 @@ import javax.crypto.IllegalBlockSizeException;
 
 import org.apache.commons.codec.binary.Base64;
 
-import nodash.core.exceptions.NoAdapterException;
+import nodash.exceptions.NoAdapterException;
 import nodash.exceptions.NoDashFatalException;
 import nodash.exceptions.NoUserAlreadyOnlineException;
 import nodash.exceptions.NoUserNotValidException;

src/nodash/core/NoUtil.java

@@ -28,15 +28,19 @@ import java.security.spec.KeySpec;
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
 import javax.crypto.spec.SecretKeySpec;
 
+import org.apache.commons.codec.binary.Base64;
+
 import nodash.exceptions.NoDashFatalException;
 
 public final class NoUtil {
+  public static final SecretKey SECRET_KEY = setupSecretKey();
   public static final String CIPHER_TYPE = "AES/ECB/PKCS5PADDING";
   public static final String CIPHER_KEY_SPEC = "AES";
   public static final String DIGEST_TYPE = "SHA-512";
@@ -49,6 +53,17 @@ public final class NoUtil {
   public static final int AES_STRENGTH = 256;
   public static final byte BLANK_BYTE = 'A';
 
+  private static SecretKey setupSecretKey() {
+    System.out.println(System.getenv());
+    String secretEnv = System.getenv("NODASH_SECRET");
+    if (secretEnv == null) {
+      throw new RuntimeException("Can't find NODASH_SECRET.");
+    } else {
+      byte[] encoded= Base64.decodeBase64(secretEnv);
+      return new SecretKeySpec(encoded, 0, encoded.length, NoUtil.CIPHER_KEY_SPEC);
+    }
+  }
+
   public static char[] bytesToChars(byte[] array) {
     char[] result = new char[array.length];
     for (int x = 0; x < array.length; x++) {
@@ -84,7 +99,7 @@ public final class NoUtil {
     } catch (NoSuchAlgorithmException e) {
       throw new NoDashFatalException("Value for PBE_TYPE is not valid.", e);
     }
-    KeySpec spec = new PBEKeySpec(password, NoCore.config.getSecretKey().getEncoded(), 65536, 256);
+    KeySpec spec = new PBEKeySpec(password, SECRET_KEY.getEncoded(), 65536, 256);
     SecretKey key;
     try {
       key = skf.generateSecret(spec);
@@ -145,7 +160,7 @@ public final class NoUtil {
   }
 
   public static byte[] encrypt(byte[] data) {
-    return NoUtil.encrypt(data, NoCore.config.getSecretKey().getEncoded());
+    return NoUtil.encrypt(data, SECRET_KEY.getEncoded());
   }
 
   public static byte[] decrypt(byte[] data, byte[] key) throws IllegalBlockSizeException,
@@ -169,7 +184,7 @@ public final class NoUtil {
   }
 
   public static byte[] decrypt(byte[] data) throws IllegalBlockSizeException, BadPaddingException {
-    return NoUtil.decrypt(data, NoCore.config.getSecretKey().getEncoded());
+    return NoUtil.decrypt(data, SECRET_KEY.getEncoded());
   }
 
   public static byte[] encryptRsa(byte[] data, PublicKey publicKey) {

src/nodash/exceptions/NoAdapterException.java

@@ -1,6 +1,5 @@
-package nodash.core.exceptions;
+package nodash.exceptions;
 
-import nodash.exceptions.NoDashException;
 
 public class NoAdapterException extends NoDashException {
   

src/nodash/test/NoCoreTest.java

@@ -8,6 +8,7 @@ import nodash.core.NoAdapter;
 import nodash.core.NoCore;
 import nodash.core.NoDefaultAdapter;
 import nodash.core.NoRegister;
+import nodash.exceptions.NoAdapterException;
 import nodash.exceptions.NoDashSessionBadUuidException;
 import nodash.exceptions.NoSessionAlreadyAwaitingConfirmationException;
 import nodash.exceptions.NoSessionConfirmedException;
@@ -23,12 +24,6 @@ import org.junit.Test;
 
 public class NoCoreTest {
 
-  @Test
-  public void testLogin() {
-    NoCore core = new NoCore(new NoDefaultAdapter());
-    fail("Not yet implemented");
-  }
-
   @Test
   public void testRegister() {
     NoCore core = new NoCore(new NoDefaultAdapter());
@@ -70,7 +65,7 @@ public class NoCoreTest {
   @Test
   public void testSaveAndConfirm() throws NoSessionExpiredException, NoSessionConfirmedException,
       NoSessionNotAwaitingConfirmationException, NoUserNotValidException,
-      NoDashSessionBadUuidException, NoUserAlreadyOnlineException, NoSessionNotChangedException, NoSessionAlreadyAwaitingConfirmationException {
+      NoDashSessionBadUuidException, NoUserAlreadyOnlineException, NoSessionNotChangedException, NoSessionAlreadyAwaitingConfirmationException, NoAdapterException {
     NoAdapter adapter = new NoDefaultAdapter();
     NoCore core = new NoCore(adapter);
 
@@ -79,7 +74,7 @@ public class NoCoreTest {
     byte[] newUserFile = Arrays.copyOf(registration.data, registration.data.length);
     core.confirm(registration.cookie, "password".toCharArray(), newUserFile);
     byte[] newUserHash = newUser.createHash();
-    assertTrue(adapter.checkHash(newUserHash));
+    adapter.checkHash(newUserHash);
     
     NoUser newUserBadPass = new NoUser();
     registration = core.register(newUserBadPass, "password".toCharArray());
@@ -109,15 +104,20 @@ public class NoCoreTest {
     assertNotNull(adapter.getNoSession(oldUserCookie));
     oldUser.createFile("password".toCharArray()); // Touch the randomizer
     
-    NoUser oldUserRevisited = core.getUser(oldUserCookie);
+    NoUser oldUserRevisited = core.getNoUser(oldUserCookie);
     byte[] currentHash = oldUserRevisited.createHash();
     oldUserRevisited.createFile("password".toCharArray());
     byte[] oldCreatedFile = core.save(oldUserCookie, "new-password".toCharArray());
     byte[] oldUserHash = oldUserRevisited.createHash();
     core.confirm(oldUserCookie, "new-password".toCharArray(), oldCreatedFile);
     assertFalse(adapter.containsNoSession(oldUserCookie));
-    assertTrue(adapter.checkHash(oldUserHash));
-    assertFalse(adapter.checkHash(currentHash));
+    adapter.checkHash(oldUserHash);
+    try {
+      adapter.checkHash(currentHash);
+      fail("Did not fail on checkhash.");
+    } catch (NoUserNotValidException e) {
+      // Correct, do nothing
+    }
   }
 
 

src/nodash/test/NoSessionTest.java

@@ -11,11 +11,6 @@ import org.junit.Test;
 
 public class NoSessionTest {
 
-  @Before
-  public void setup() {
-    NoCore.setup();
-  }
-
   @Test
   public void testNoSession() throws NoSessionConfirmedException, NoSessionExpiredException {
     NoSession session = new NoSession();

src/nodash/test/NoUserTest.java

@@ -17,11 +17,6 @@ import org.junit.Test;
 
 public class NoUserTest {
   
-  @Before
-  public void setup() {
-    NoCore.setup();
-  }
-
   @Test
   public void testNoUser() {
     NoUser user = new NoUser();

src/nodash/test/NoUtilTest.java

@@ -23,11 +23,6 @@ import org.junit.Test;
 
 public class NoUtilTest {
   
-  @Before
-  public void setup() throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException {
-    NoCore.setup();
-  }
-  
   @Test
   public void testAllowedKeySize() throws NoSuchAlgorithmException {
     if (Cipher.getMaxAllowedKeyLength(NoUtil.CIPHER_KEY_SPEC) < NoUtil.AES_STRENGTH) {