We can truly check modern format

Author: cstamas

src/main/java/org/codehaus/plexus/components/secdispatcher/SecDispatcher.java

@@ -64,18 +64,21 @@ public interface SecDispatcher {
     String decrypt(String str) throws SecDispatcherException, IOException;
 
     /**
-     * Returns {@code true} if passed in string is POSSIBLY encrypted string. Forms of encrypted strings are:
-     * <ul>
-     *     <li>Legacy: {jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}</li>
-     *     <li>Current: {[name=master,cipher=AES/GCM/NoPadding,version=4.0]vvq66pZ7rkvzSPStGTI9q4QDnsmuDwo+LtjraRel2b0XpcGJFdXcYAHAS75HUA6GLpcVtEkmyQ==}</li>
-     * </ul>
+     * Returns {@code true} if passed in string adheres to "encrypted string" format (current or legacy).
+     *
+     * @since 4.0.1
+     */
+    default boolean isAnyEncryptedString(String str) {
+        return isEncryptedString(str) || isLegacyEncryptedString(str);
+    }
+
+    /**
+     * Returns {@code true} if passed in string adheres "encrypted string" format.
      */
     boolean isEncryptedString(String str);
 
     /**
-     * Returns {@code true} if method {@link #isEncryptedString(String)} returns {@code true} with passed in string, and
-     * there are no attributes detected. In other words, returns {@code true} if passed in string contains
-     * "legacy" (Maven3 kind) password.
+     * Returns {@code true} if passed in string adheres to "legacy encrypted string" format.
      */
     boolean isLegacyEncryptedString(String str);
 

src/main/java/org/codehaus/plexus/components/secdispatcher/internal/DefaultSecDispatcher.java

@@ -145,21 +145,43 @@ public String decrypt(String str) throws SecDispatcherException, IOException {
         return dispatcher.decrypt(strip(bare), attr, prepareDispatcherConfig(name));
     }
 
+    /**
+     * <ul>
+     *     <li>Current: {[name=master,cipher=AES/GCM/NoPadding,version=4.0]vvq66pZ7rkvzSPStGTI9q4QDnsmuDwo+LtjraRel2b0XpcGJFdXcYAHAS75HUA6GLpcVtEkmyQ==}</li>
+     * </ul>
+     */
     @Override
     public boolean isEncryptedString(String str) {
-        return str != null
+        boolean looksLike = str != null
                 && !str.isBlank()
                 && str.startsWith(SHIELD_BEGIN)
                 && str.endsWith(SHIELD_END)
                 && !unDecorate(str).contains(SHIELD_BEGIN)
                 && !unDecorate(str).contains(SHIELD_END);
+        if (looksLike) {
+            Map<String, String> attributes = stripAttributes(unDecorate(str));
+            return attributes.containsKey(DISPATCHER_NAME_ATTR) && attributes.containsKey(DISPATCHER_VERSION_ATTR);
+        }
+        return false;
     }
 
+    /**
+     * <ul>
+     *     <li>Legacy: {jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}</li>
+     * </ul>
+     */
     @Override
     public boolean isLegacyEncryptedString(String str) {
-        if (!isEncryptedString(str)) return false;
-        Map<String, String> attr = requireNonNull(stripAttributes(unDecorate(str)));
-        return !attr.containsKey(DISPATCHER_NAME_ATTR);
+        boolean looksLike = str != null
+                && !str.isBlank()
+                && str.startsWith(SHIELD_BEGIN)
+                && str.endsWith(SHIELD_END)
+                && !unDecorate(str).contains(SHIELD_BEGIN)
+                && !unDecorate(str).contains(SHIELD_END);
+        if (looksLike) {
+            return stripAttributes(unDecorate(str)).isEmpty();
+        }
+        return false;
     }
 
     @Override

src/test/java/org/codehaus/plexus/components/secdispatcher/internal/DefaultSecDispatcherTest.java

@@ -114,28 +114,29 @@ void validate() throws Exception {
     @Test
     void detection() {
         SecDispatcher secDispatcher = construct();
-        assertFalse(secDispatcher.isEncryptedString(null));
-        assertFalse(secDispatcher.isEncryptedString(""));
-        assertFalse(secDispatcher.isEncryptedString("foo"));
+        assertFalse(secDispatcher.isAnyEncryptedString(null));
+        assertFalse(secDispatcher.isAnyEncryptedString(""));
+        assertFalse(secDispatcher.isAnyEncryptedString("foo"));
 
-        assertTrue(secDispatcher.isEncryptedString("{foo}"));
+        assertFalse(secDispatcher.isEncryptedString("{foo}"));
         assertTrue(secDispatcher.isLegacyEncryptedString("{foo}"));
 
-        assertTrue(secDispatcher.isEncryptedString("{12345678901234567890123456789012345678901234567890}"));
+        assertFalse(secDispatcher.isEncryptedString("{12345678901234567890123456789012345678901234567890}"));
         assertTrue(secDispatcher.isLegacyEncryptedString("{12345678901234567890123456789012345678901234567890}"));
 
+        // contains {} in the middle
         assertFalse(secDispatcher.isEncryptedString("{KDvsYOFLlX{}gH4LU8tvpzAGg5otiosZXvfdQq0yO86LU=}"));
         assertFalse(secDispatcher.isLegacyEncryptedString("{KDvsYOFLlX{}gH4LU8tvpzAGg5otiosZXvfdQq0yO86LU=}"));
 
-        assertTrue(secDispatcher.isEncryptedString("{KDvsYOFLlXgH4LU8tvpzAGg5otiosZXvfdQq0yO86LU=}"));
+        assertFalse(secDispatcher.isEncryptedString("{KDvsYOFLlXgH4LU8tvpzAGg5otiosZXvfdQq0yO86LU=}"));
         assertTrue(secDispatcher.isLegacyEncryptedString("{KDvsYOFLlXgH4LU8tvpzAGg5otiosZXvfdQq0yO86LU=}"));
 
         assertTrue(
                 secDispatcher.isEncryptedString(
-                        "{[name=master,cipher=AES/GCM/NoPadding,a=b]vvq66pZ7rkvzSPStGTI9q4QDnsmuDwo+LtjraRel2b0XpcGJFdXcYAHAS75HUA6GLpcVtEkmyQ==}"));
+                        "{[name=master,cipher=AES/GCM/NoPadding,version=4.0,a=b]vvq66pZ7rkvzSPStGTI9q4QDnsmuDwo+LtjraRel2b0XpcGJFdXcYAHAS75HUA6GLpcVtEkmyQ==}"));
         assertFalse(
                 secDispatcher.isLegacyEncryptedString(
-                        "{[name=master,cipher=AES/GCM/NoPadding,a=b]vvq66pZ7rkvzSPStGTI9q4QDnsmuDwo+LtjraRel2b0XpcGJFdXcYAHAS75HUA6GLpcVtEkmyQ==}"));
+                        "{[name=master,cipher=AES/GCM/NoPadding,version=4.0,a=b]vvq66pZ7rkvzSPStGTI9q4QDnsmuDwo+LtjraRel2b0XpcGJFdXcYAHAS75HUA6GLpcVtEkmyQ==}"));
     }
 
     protected void roundtrip() throws Exception {