mirror of https://github.com/apache/nifi.git
NIFI-9332 Corrected SecureHasher conditional test methods
- Removed GroovyTestCase super class - Replaced shouldFail() with assertThrows() Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com> This closes #5481.
This commit is contained in:
parent
7b2f364cf5
commit
a9af5d3465
|
@ -19,7 +19,6 @@ package org.apache.nifi.security.util.crypto
|
|||
import org.bouncycastle.jce.provider.BouncyCastleProvider
|
||||
import org.bouncycastle.util.encoders.Hex
|
||||
import org.junit.jupiter.api.BeforeAll
|
||||
import org.junit.jupiter.api.Disabled
|
||||
import org.junit.jupiter.api.Test
|
||||
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
|
||||
import org.slf4j.Logger
|
||||
|
@ -28,7 +27,9 @@ import org.slf4j.LoggerFactory
|
|||
import java.nio.charset.StandardCharsets
|
||||
import java.security.Security
|
||||
|
||||
class Argon2SecureHasherTest extends GroovyTestCase {
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows
|
||||
|
||||
class Argon2SecureHasherTest {
|
||||
private static final Logger logger = LoggerFactory.getLogger(Argon2SecureHasherTest.class)
|
||||
|
||||
@BeforeAll
|
||||
|
@ -40,10 +41,6 @@ class Argon2SecureHasherTest extends GroovyTestCase {
|
|||
}
|
||||
}
|
||||
|
||||
private static byte[] decodeHex(String hex) {
|
||||
Hex.decode(hex?.replaceAll("[^0-9a-fA-F]", ""))
|
||||
}
|
||||
|
||||
@Test
|
||||
void testShouldBeDeterministicWithStaticSalt() {
|
||||
// Arrange
|
||||
|
@ -179,27 +176,12 @@ class Argon2SecureHasherTest extends GroovyTestCase {
|
|||
final byte[] STATIC_SALT = "bad_sal".bytes
|
||||
|
||||
// Act
|
||||
def initializeMsg = shouldFail(IllegalArgumentException) {
|
||||
Argon2SecureHasher invalidSaltLengthHasher = new Argon2SecureHasher(hashLength, memory, parallelism, iterations, 7)
|
||||
}
|
||||
logger.expected(initializeMsg)
|
||||
assertThrows(IllegalArgumentException.class, { ->
|
||||
new Argon2SecureHasher(hashLength, memory, parallelism, iterations, 7) })
|
||||
|
||||
def arbitrarySaltRawMsg = shouldFail {
|
||||
byte[] arbitrarySaltRaw = secureHasher.hashRaw(inputBytes, STATIC_SALT)
|
||||
}
|
||||
|
||||
def arbitrarySaltHexMsg = shouldFail {
|
||||
byte[] arbitrarySaltHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
|
||||
}
|
||||
|
||||
def arbitrarySaltBase64Msg = shouldFail {
|
||||
byte[] arbitraySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
|
||||
}
|
||||
|
||||
def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
|
||||
|
||||
// Assert
|
||||
assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -19,7 +19,6 @@ package org.apache.nifi.security.util.crypto
|
|||
import at.favre.lib.crypto.bcrypt.Radix64Encoder
|
||||
import org.bouncycastle.util.encoders.Hex
|
||||
import org.junit.jupiter.api.BeforeAll
|
||||
import org.junit.jupiter.api.Disabled
|
||||
import org.junit.jupiter.api.Test
|
||||
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
|
||||
import org.slf4j.Logger
|
||||
|
@ -27,7 +26,9 @@ import org.slf4j.LoggerFactory
|
|||
|
||||
import java.nio.charset.StandardCharsets
|
||||
|
||||
class BcryptSecureHasherTest extends GroovyTestCase {
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows
|
||||
|
||||
class BcryptSecureHasherTest {
|
||||
private static final Logger logger = LoggerFactory.getLogger(BcryptSecureHasher)
|
||||
|
||||
@BeforeAll
|
||||
|
@ -160,28 +161,11 @@ class BcryptSecureHasherTest extends GroovyTestCase {
|
|||
BcryptSecureHasher secureHasher = new BcryptSecureHasher(cost, 16)
|
||||
final byte[] STATIC_SALT = "bad_sal".bytes
|
||||
|
||||
// Act
|
||||
def initializationMsg = shouldFail(IllegalArgumentException) {
|
||||
BcryptSecureHasher invalidSaltLengthHasher = new BcryptSecureHasher(cost, 7)
|
||||
}
|
||||
logger.expected(initializationMsg)
|
||||
assertThrows(IllegalArgumentException.class, { -> new BcryptSecureHasher(cost, 7) })
|
||||
|
||||
def arbitrarySaltRawMsg = shouldFail {
|
||||
byte[] arbitrarySaltHash = secureHasher.hashRaw(inputBytes, STATIC_SALT)
|
||||
}
|
||||
|
||||
def arbitrarySaltHexMsg = shouldFail {
|
||||
byte[] arbitrarySaltHashHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
|
||||
}
|
||||
|
||||
def arbitrarySaltBase64Msg = shouldFail {
|
||||
byte[] arbitrarySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
|
||||
}
|
||||
|
||||
def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
|
||||
|
||||
// Assert
|
||||
assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -32,9 +32,6 @@ import javax.crypto.spec.PBEKeySpec
|
|||
import javax.crypto.spec.PBEParameterSpec
|
||||
import java.security.Security
|
||||
|
||||
import static org.junit.Assert.fail
|
||||
import static org.junit.jupiter.api.Assumptions.assumeTrue
|
||||
|
||||
class NiFiLegacyCipherProviderGroovyTest {
|
||||
private static final Logger logger = LoggerFactory.getLogger(NiFiLegacyCipherProviderGroovyTest.class)
|
||||
|
||||
|
@ -66,7 +63,7 @@ class NiFiLegacyCipherProviderGroovyTest {
|
|||
return cipher
|
||||
} catch (Exception e) {
|
||||
logger.error("Error generating legacy cipher", e)
|
||||
fail(e.getMessage())
|
||||
throw new RuntimeException(e)
|
||||
}
|
||||
|
||||
return null
|
||||
|
|
|
@ -16,29 +16,15 @@
|
|||
*/
|
||||
package org.apache.nifi.security.util.crypto
|
||||
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider
|
||||
import org.bouncycastle.util.encoders.Hex
|
||||
import org.junit.jupiter.api.BeforeAll
|
||||
import org.junit.jupiter.api.Disabled
|
||||
import org.junit.jupiter.api.Test
|
||||
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
|
||||
import org.slf4j.Logger
|
||||
import org.slf4j.LoggerFactory
|
||||
|
||||
import java.nio.charset.StandardCharsets
|
||||
import java.security.Security
|
||||
|
||||
class PBKDF2SecureHasherTest extends GroovyTestCase {
|
||||
private static final Logger logger = LoggerFactory.getLogger(PBKDF2SecureHasherTest)
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows
|
||||
|
||||
@BeforeAll
|
||||
static void setupOnce() throws Exception {
|
||||
Security.addProvider(new BouncyCastleProvider())
|
||||
|
||||
logger.metaClass.methodMissing = { String name, args ->
|
||||
logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}")
|
||||
}
|
||||
}
|
||||
class PBKDF2SecureHasherTest {
|
||||
|
||||
@Test
|
||||
void testShouldBeDeterministicWithStaticSalt() {
|
||||
|
@ -164,27 +150,10 @@ class PBKDF2SecureHasherTest extends GroovyTestCase {
|
|||
PBKDF2SecureHasher secureHasher = new PBKDF2SecureHasher(prf, cost, saltLength, dkLength)
|
||||
byte[] STATIC_SALT = "bad_sal".bytes
|
||||
|
||||
// Act
|
||||
def initializeMsg = shouldFail(IllegalArgumentException) {
|
||||
PBKDF2SecureHasher invalidSaltLengthHasher = new PBKDF2SecureHasher(prf, cost, 7, dkLength)
|
||||
}
|
||||
|
||||
def arbitrarySaltRawMsg = shouldFail {
|
||||
byte[] arbitrarySaltRaw = secureHasher.hashRaw(inputBytes, STATIC_SALT)
|
||||
}
|
||||
|
||||
def arbitrarySaltHexMsg = shouldFail {
|
||||
byte[] arbitrarySaltHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
|
||||
}
|
||||
|
||||
def arbitrarySaltBase64Msg = shouldFail {
|
||||
byte[] arbitrarySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
|
||||
}
|
||||
|
||||
def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
|
||||
|
||||
// Assert
|
||||
assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
|
||||
assertThrows(IllegalArgumentException.class, { -> new PBKDF2SecureHasher(prf, cost, 7, dkLength) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -16,29 +16,15 @@
|
|||
*/
|
||||
package org.apache.nifi.security.util.crypto
|
||||
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider
|
||||
import org.bouncycastle.util.encoders.Hex
|
||||
import org.junit.jupiter.api.BeforeAll
|
||||
import org.junit.jupiter.api.Disabled
|
||||
import org.junit.jupiter.api.Test
|
||||
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
|
||||
import org.slf4j.Logger
|
||||
import org.slf4j.LoggerFactory
|
||||
|
||||
import java.nio.charset.StandardCharsets
|
||||
import java.security.Security
|
||||
|
||||
class ScryptSecureHasherTest extends GroovyTestCase {
|
||||
private static final Logger logger = LoggerFactory.getLogger(ScryptSecureHasherTest)
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows
|
||||
|
||||
@BeforeAll
|
||||
static void setupOnce() throws Exception {
|
||||
Security.addProvider(new BouncyCastleProvider())
|
||||
|
||||
logger.metaClass.methodMissing = { String name, args ->
|
||||
logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}")
|
||||
}
|
||||
}
|
||||
class ScryptSecureHasherTest {
|
||||
|
||||
@Test
|
||||
void testShouldBeDeterministicWithStaticSalt() {
|
||||
|
@ -167,27 +153,10 @@ class ScryptSecureHasherTest extends GroovyTestCase {
|
|||
ScryptSecureHasher secureHasher = new ScryptSecureHasher(n, r, p, dkLength, 16)
|
||||
final byte[] STATIC_SALT = "bad_sal".bytes
|
||||
|
||||
// Act
|
||||
shouldFail(IllegalArgumentException) {
|
||||
new ScryptSecureHasher(n, r, p, dkLength, 7)
|
||||
}
|
||||
|
||||
def arbitrarySaltRawMsg = shouldFail {
|
||||
secureHasher.hashRaw(inputBytes, STATIC_SALT)
|
||||
}
|
||||
|
||||
def arbitrarySaltHexMsg = shouldFail {
|
||||
secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
|
||||
}
|
||||
|
||||
def arbitrarySaltB64Msg = shouldFail {
|
||||
secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
|
||||
}
|
||||
|
||||
def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltB64Msg]
|
||||
|
||||
// Assert
|
||||
assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
|
||||
assertThrows(IllegalArgumentException.class, { -> new ScryptSecureHasher(n, r, p, dkLength, 7) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
|
||||
assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
Loading…
Reference in New Issue