Importance of naming standards and unit tests

I seem to have a continuing need to be able to use encryption across different .NET platforms, but the built-in routines are only in the core .NET library. I did some digging and it turns out there is a pure C# implementation of pretty much every encryption algorithm, and the license is very generous in that you can use, modify, sell, etc the code – so long as you include their copyright and legal notice. Fair enough.

So, I started digging in. Well, what I found was not… ideal. It’s directory after directory of cryptic names:

mx3223F

Some of which I know. Then, in the code, there are things like this:

mx331AB

The good news is all of the standard encryption are written in C#. The bad news is, it’s spread out over dozens of directories with terrible naming standards and many of the coding styles of C and C++.

The first lesson for me, which I’ve said to myself over-and-over was “Man, this is why naming standards are so important”. For example, what do you think these two methods do?

mx310B7

What are u, v, and w? Here is an example that jammed me up, what do you think this does?

mx38211

It was clearing doing some bit-shifting – and it looks like these two methods are overloads for each other yet there are TWO distinct implementations, which is a big no-no. It turns out that these swap the order of the bytes. “BE” stands for Big Endian (as opposed to Little Endian). So, I refactored this into:

mx329C1

Hopefully, a little more readable. What a difference names make. Well, at least to me.

Meanwhile – as it turns out, it seems like this code is written this way because it’s a direct implementation of the algorithms from the textbook on this matter:

Handbook of Applied Cryptography (Discrete Mathematics and its Applications)

And in that book, these algorithms are defined like this:

mx3A116

So, this seems like a case where someone who understands this kind of math – simply isn’t as strong in writing readable .NET code!

I wanted to try to make this usable; turn this into a usable API that a .NET developer could easily consume. More importantly, I wanted to write/adapt/convert/refactor this code into a Portable Class Library. That way, we’d finally have encryption functionality on all .NET platforms including Windows Phone, Windows Store, Mono, etc. How do you approach this? Lots of clean-up, argument validation, refactoring and… UNIT TESTS!!

This project, despite being enormous in size (2,840 files), it doesn’t have any unit tests. Well, none that I found yet, there are also 959 directories!! So, I created the skeleton of my C# Portable Class Library project and unit test project and started copying code. I’d copy enough enough to get it working, write a unit test, then refactor.

I started with some simple message digest functions. For example on the wikipedia page for the MD5 and SHA1 hashing algorithm, they have examples of known-good hashing outputs. For example, if you input “The quick brown fox jumped over the lazy dog”, you should get an MD5 hash of “9e107d9d372bb6826bd81d3542a419d6”. If you don’t, something is broken within your algorithm. So, I used the 3 known-good values as my starting place for unit tests, for each algorithm.

That was, and continues to be the plan. I took the core algorithm and started to clean it up – continuously checking my unit tests to make sure I didn’t break anything. As I would clean up the API, I’d clean up my unit tests. Now, I have something like this for an MD5 unit test:

using (MD5MessageDigest instance = new MD5MessageDigest())
{
    String inputText = "The quick brown fox jumps over the lazy dog";
    Encoding encoding = new UTF8Encoding();

    String expected = "9e107d9d372bb6826bd81d3542a419d6";
    String actual = String.Empty;

    actual = instance.ComputeHash(inputText, encoding);

    Assert.AreEqual(expected, actual);
}

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

I commented to co-worker, base-jumper, and F# fanatic Jamie Dixon – how in the world would you do this without unit testing? I mean, how was this code even written without unit tests?

This really underscores, to me, the power and usefulness of unit tests especially if you are writing an API that will be used in other applications. It’s just… uncivilized, to not use unit tests and to not test your code thoroughly every time you build the solution! I just thought I’d share my experience.

Posted in Best-practices, Organization will set you free, Security, Uncategorized
One comment on “Importance of naming standards and unit tests
  1. […] Importance of naming standards and unit tests […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Archives
Categories

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 5 other followers

%d bloggers like this: