NIFI-9332 Corrected SecureHasher conditional test methods

- Removed GroovyTestCase super class
- Replaced shouldFail() with assertThrows()

Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>

This closes #5481.
This commit is contained in:
exceptionfactory 2021-10-25 22:12:15 -05:00 committed by Pierre Villard
parent 7b2f364cf5
commit a9af5d3465
No known key found for this signature in database
GPG Key ID: F92A93B30C07C6D5
5 changed files with 28 additions and 127 deletions

View File

@ -19,7 +19,6 @@ package org.apache.nifi.security.util.crypto
import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.util.encoders.Hex
import org.junit.jupiter.api.BeforeAll
import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
import org.slf4j.Logger
@ -28,7 +27,9 @@ import org.slf4j.LoggerFactory
import java.nio.charset.StandardCharsets
import java.security.Security
class Argon2SecureHasherTest extends GroovyTestCase {
import static org.junit.jupiter.api.Assertions.assertThrows
class Argon2SecureHasherTest {
private static final Logger logger = LoggerFactory.getLogger(Argon2SecureHasherTest.class)
@BeforeAll
@ -40,10 +41,6 @@ class Argon2SecureHasherTest extends GroovyTestCase {
}
}
private static byte[] decodeHex(String hex) {
Hex.decode(hex?.replaceAll("[^0-9a-fA-F]", ""))
}
@Test
void testShouldBeDeterministicWithStaticSalt() {
// Arrange
@ -179,27 +176,12 @@ class Argon2SecureHasherTest extends GroovyTestCase {
final byte[] STATIC_SALT = "bad_sal".bytes
// Act
def initializeMsg = shouldFail(IllegalArgumentException) {
Argon2SecureHasher invalidSaltLengthHasher = new Argon2SecureHasher(hashLength, memory, parallelism, iterations, 7)
}
logger.expected(initializeMsg)
assertThrows(IllegalArgumentException.class, { ->
new Argon2SecureHasher(hashLength, memory, parallelism, iterations, 7) })
def arbitrarySaltRawMsg = shouldFail {
byte[] arbitrarySaltRaw = secureHasher.hashRaw(inputBytes, STATIC_SALT)
}
def arbitrarySaltHexMsg = shouldFail {
byte[] arbitrarySaltHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
}
def arbitrarySaltBase64Msg = shouldFail {
byte[] arbitraySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
}
def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
// Assert
assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
}
@Test

View File

@ -19,7 +19,6 @@ package org.apache.nifi.security.util.crypto
import at.favre.lib.crypto.bcrypt.Radix64Encoder
import org.bouncycastle.util.encoders.Hex
import org.junit.jupiter.api.BeforeAll
import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
import org.slf4j.Logger
@ -27,7 +26,9 @@ import org.slf4j.LoggerFactory
import java.nio.charset.StandardCharsets
class BcryptSecureHasherTest extends GroovyTestCase {
import static org.junit.jupiter.api.Assertions.assertThrows
class BcryptSecureHasherTest {
private static final Logger logger = LoggerFactory.getLogger(BcryptSecureHasher)
@BeforeAll
@ -160,28 +161,11 @@ class BcryptSecureHasherTest extends GroovyTestCase {
BcryptSecureHasher secureHasher = new BcryptSecureHasher(cost, 16)
final byte[] STATIC_SALT = "bad_sal".bytes
// Act
def initializationMsg = shouldFail(IllegalArgumentException) {
BcryptSecureHasher invalidSaltLengthHasher = new BcryptSecureHasher(cost, 7)
}
logger.expected(initializationMsg)
assertThrows(IllegalArgumentException.class, { -> new BcryptSecureHasher(cost, 7) })
def arbitrarySaltRawMsg = shouldFail {
byte[] arbitrarySaltHash = secureHasher.hashRaw(inputBytes, STATIC_SALT)
}
def arbitrarySaltHexMsg = shouldFail {
byte[] arbitrarySaltHashHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
}
def arbitrarySaltBase64Msg = shouldFail {
byte[] arbitrarySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
}
def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
// Assert
assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
}
@Test

View File

@ -32,9 +32,6 @@ import javax.crypto.spec.PBEKeySpec
import javax.crypto.spec.PBEParameterSpec
import java.security.Security
import static org.junit.Assert.fail
import static org.junit.jupiter.api.Assumptions.assumeTrue
class NiFiLegacyCipherProviderGroovyTest {
private static final Logger logger = LoggerFactory.getLogger(NiFiLegacyCipherProviderGroovyTest.class)
@ -66,7 +63,7 @@ class NiFiLegacyCipherProviderGroovyTest {
return cipher
} catch (Exception e) {
logger.error("Error generating legacy cipher", e)
fail(e.getMessage())
throw new RuntimeException(e)
}
return null

View File

@ -16,29 +16,15 @@
*/
package org.apache.nifi.security.util.crypto
import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.util.encoders.Hex
import org.junit.jupiter.api.BeforeAll
import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import java.nio.charset.StandardCharsets
import java.security.Security
class PBKDF2SecureHasherTest extends GroovyTestCase {
private static final Logger logger = LoggerFactory.getLogger(PBKDF2SecureHasherTest)
import static org.junit.jupiter.api.Assertions.assertThrows
@BeforeAll
static void setupOnce() throws Exception {
Security.addProvider(new BouncyCastleProvider())
logger.metaClass.methodMissing = { String name, args ->
logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}")
}
}
class PBKDF2SecureHasherTest {
@Test
void testShouldBeDeterministicWithStaticSalt() {
@ -164,27 +150,10 @@ class PBKDF2SecureHasherTest extends GroovyTestCase {
PBKDF2SecureHasher secureHasher = new PBKDF2SecureHasher(prf, cost, saltLength, dkLength)
byte[] STATIC_SALT = "bad_sal".bytes
// Act
def initializeMsg = shouldFail(IllegalArgumentException) {
PBKDF2SecureHasher invalidSaltLengthHasher = new PBKDF2SecureHasher(prf, cost, 7, dkLength)
}
def arbitrarySaltRawMsg = shouldFail {
byte[] arbitrarySaltRaw = secureHasher.hashRaw(inputBytes, STATIC_SALT)
}
def arbitrarySaltHexMsg = shouldFail {
byte[] arbitrarySaltHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
}
def arbitrarySaltBase64Msg = shouldFail {
byte[] arbitrarySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
}
def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
// Assert
assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
assertThrows(IllegalArgumentException.class, { -> new PBKDF2SecureHasher(prf, cost, 7, dkLength) })
assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
}
@Test

View File

@ -16,29 +16,15 @@
*/
package org.apache.nifi.security.util.crypto
import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.util.encoders.Hex
import org.junit.jupiter.api.BeforeAll
import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import java.nio.charset.StandardCharsets
import java.security.Security
class ScryptSecureHasherTest extends GroovyTestCase {
private static final Logger logger = LoggerFactory.getLogger(ScryptSecureHasherTest)
import static org.junit.jupiter.api.Assertions.assertThrows
@BeforeAll
static void setupOnce() throws Exception {
Security.addProvider(new BouncyCastleProvider())
logger.metaClass.methodMissing = { String name, args ->
logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}")
}
}
class ScryptSecureHasherTest {
@Test
void testShouldBeDeterministicWithStaticSalt() {
@ -167,27 +153,10 @@ class ScryptSecureHasherTest extends GroovyTestCase {
ScryptSecureHasher secureHasher = new ScryptSecureHasher(n, r, p, dkLength, 16)
final byte[] STATIC_SALT = "bad_sal".bytes
// Act
shouldFail(IllegalArgumentException) {
new ScryptSecureHasher(n, r, p, dkLength, 7)
}
def arbitrarySaltRawMsg = shouldFail {
secureHasher.hashRaw(inputBytes, STATIC_SALT)
}
def arbitrarySaltHexMsg = shouldFail {
secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
}
def arbitrarySaltB64Msg = shouldFail {
secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
}
def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltB64Msg]
// Assert
assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
assertThrows(IllegalArgumentException.class, { -> new ScryptSecureHasher(n, r, p, dkLength, 7) })
assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
}
@Test