You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by pv...@apache.org on 2021/10/26 07:59:17 UTC
[nifi] branch main updated: NIFI-9332 Corrected SecureHasher
conditional test methods
This is an automated email from the ASF dual-hosted git repository.
pvillard pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new a9af5d3 NIFI-9332 Corrected SecureHasher conditional test methods
a9af5d3 is described below
commit a9af5d34651318f938a12461cb5524bca17cb750
Author: exceptionfactory <ex...@apache.org>
AuthorDate: Mon Oct 25 22:12:15 2021 -0500
NIFI-9332 Corrected SecureHasher conditional test methods
- Removed GroovyTestCase super class
- Replaced shouldFail() with assertThrows()
Signed-off-by: Pierre Villard <pi...@gmail.com>
This closes #5481.
---
.../util/crypto/Argon2SecureHasherTest.groovy | 34 ++++-------------
.../util/crypto/BcryptSecureHasherTest.groovy | 30 ++++-----------
.../NiFiLegacyCipherProviderGroovyTest.groovy | 5 +--
.../util/crypto/PBKDF2SecureHasherTest.groovy | 43 +++-------------------
.../util/crypto/ScryptSecureHasherTest.groovy | 43 +++-------------------
5 files changed, 28 insertions(+), 127 deletions(-)
diff --git a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/Argon2SecureHasherTest.groovy b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/Argon2SecureHasherTest.groovy
index 05ee9fb..81d5cca 100644
--- a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/Argon2SecureHasherTest.groovy
+++ b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/Argon2SecureHasherTest.groovy
@@ -19,7 +19,6 @@ package org.apache.nifi.security.util.crypto
import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.util.encoders.Hex
import org.junit.jupiter.api.BeforeAll
-import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
import org.slf4j.Logger
@@ -28,7 +27,9 @@ import org.slf4j.LoggerFactory
import java.nio.charset.StandardCharsets
import java.security.Security
-class Argon2SecureHasherTest extends GroovyTestCase {
+import static org.junit.jupiter.api.Assertions.assertThrows
+
+class Argon2SecureHasherTest {
private static final Logger logger = LoggerFactory.getLogger(Argon2SecureHasherTest.class)
@BeforeAll
@@ -40,10 +41,6 @@ class Argon2SecureHasherTest extends GroovyTestCase {
}
}
- private static byte[] decodeHex(String hex) {
- Hex.decode(hex?.replaceAll("[^0-9a-fA-F]", ""))
- }
-
@Test
void testShouldBeDeterministicWithStaticSalt() {
// Arrange
@@ -179,27 +176,12 @@ class Argon2SecureHasherTest extends GroovyTestCase {
final byte[] STATIC_SALT = "bad_sal".bytes
// Act
- def initializeMsg = shouldFail(IllegalArgumentException) {
- Argon2SecureHasher invalidSaltLengthHasher = new Argon2SecureHasher(hashLength, memory, parallelism, iterations, 7)
- }
- logger.expected(initializeMsg)
-
- def arbitrarySaltRawMsg = shouldFail {
- byte[] arbitrarySaltRaw = secureHasher.hashRaw(inputBytes, STATIC_SALT)
- }
+ assertThrows(IllegalArgumentException.class, { ->
+ new Argon2SecureHasher(hashLength, memory, parallelism, iterations, 7) })
- def arbitrarySaltHexMsg = shouldFail {
- byte[] arbitrarySaltHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
- }
-
- def arbitrarySaltBase64Msg = shouldFail {
- byte[] arbitraySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
- }
-
- def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
-
- // Assert
- assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
+ assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
}
@Test
diff --git a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/BcryptSecureHasherTest.groovy b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/BcryptSecureHasherTest.groovy
index 30dbb72..bd7dbd6 100644
--- a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/BcryptSecureHasherTest.groovy
+++ b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/BcryptSecureHasherTest.groovy
@@ -19,7 +19,6 @@ package org.apache.nifi.security.util.crypto
import at.favre.lib.crypto.bcrypt.Radix64Encoder
import org.bouncycastle.util.encoders.Hex
import org.junit.jupiter.api.BeforeAll
-import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
import org.slf4j.Logger
@@ -27,7 +26,9 @@ import org.slf4j.LoggerFactory
import java.nio.charset.StandardCharsets
-class BcryptSecureHasherTest extends GroovyTestCase {
+import static org.junit.jupiter.api.Assertions.assertThrows
+
+class BcryptSecureHasherTest {
private static final Logger logger = LoggerFactory.getLogger(BcryptSecureHasher)
@BeforeAll
@@ -160,28 +161,11 @@ class BcryptSecureHasherTest extends GroovyTestCase {
BcryptSecureHasher secureHasher = new BcryptSecureHasher(cost, 16)
final byte[] STATIC_SALT = "bad_sal".bytes
- // Act
- def initializationMsg = shouldFail(IllegalArgumentException) {
- BcryptSecureHasher invalidSaltLengthHasher = new BcryptSecureHasher(cost, 7)
- }
- logger.expected(initializationMsg)
-
- def arbitrarySaltRawMsg = shouldFail {
- byte[] arbitrarySaltHash = secureHasher.hashRaw(inputBytes, STATIC_SALT)
- }
+ assertThrows(IllegalArgumentException.class, { -> new BcryptSecureHasher(cost, 7) })
- def arbitrarySaltHexMsg = shouldFail {
- byte[] arbitrarySaltHashHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
- }
-
- def arbitrarySaltBase64Msg = shouldFail {
- byte[] arbitrarySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
- }
-
- def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
-
- // Assert
- assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
+ assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
}
@Test
diff --git a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/NiFiLegacyCipherProviderGroovyTest.groovy b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/NiFiLegacyCipherProviderGroovyTest.groovy
index 47d6fa2..525a4fa 100644
--- a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/NiFiLegacyCipherProviderGroovyTest.groovy
+++ b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/NiFiLegacyCipherProviderGroovyTest.groovy
@@ -32,9 +32,6 @@ import javax.crypto.spec.PBEKeySpec
import javax.crypto.spec.PBEParameterSpec
import java.security.Security
-import static org.junit.Assert.fail
-import static org.junit.jupiter.api.Assumptions.assumeTrue
-
class NiFiLegacyCipherProviderGroovyTest {
private static final Logger logger = LoggerFactory.getLogger(NiFiLegacyCipherProviderGroovyTest.class)
@@ -66,7 +63,7 @@ class NiFiLegacyCipherProviderGroovyTest {
return cipher
} catch (Exception e) {
logger.error("Error generating legacy cipher", e)
- fail(e.getMessage())
+ throw new RuntimeException(e)
}
return null
diff --git a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/PBKDF2SecureHasherTest.groovy b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/PBKDF2SecureHasherTest.groovy
index 8613d8b..937e9bb 100644
--- a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/PBKDF2SecureHasherTest.groovy
+++ b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/PBKDF2SecureHasherTest.groovy
@@ -16,29 +16,15 @@
*/
package org.apache.nifi.security.util.crypto
-import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.util.encoders.Hex
-import org.junit.jupiter.api.BeforeAll
-import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
-import org.slf4j.Logger
-import org.slf4j.LoggerFactory
import java.nio.charset.StandardCharsets
-import java.security.Security
-class PBKDF2SecureHasherTest extends GroovyTestCase {
- private static final Logger logger = LoggerFactory.getLogger(PBKDF2SecureHasherTest)
+import static org.junit.jupiter.api.Assertions.assertThrows
- @BeforeAll
- static void setupOnce() throws Exception {
- Security.addProvider(new BouncyCastleProvider())
-
- logger.metaClass.methodMissing = { String name, args ->
- logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}")
- }
- }
+class PBKDF2SecureHasherTest {
@Test
void testShouldBeDeterministicWithStaticSalt() {
@@ -164,27 +150,10 @@ class PBKDF2SecureHasherTest extends GroovyTestCase {
PBKDF2SecureHasher secureHasher = new PBKDF2SecureHasher(prf, cost, saltLength, dkLength)
byte[] STATIC_SALT = "bad_sal".bytes
- // Act
- def initializeMsg = shouldFail(IllegalArgumentException) {
- PBKDF2SecureHasher invalidSaltLengthHasher = new PBKDF2SecureHasher(prf, cost, 7, dkLength)
- }
-
- def arbitrarySaltRawMsg = shouldFail {
- byte[] arbitrarySaltRaw = secureHasher.hashRaw(inputBytes, STATIC_SALT)
- }
-
- def arbitrarySaltHexMsg = shouldFail {
- byte[] arbitrarySaltHex = secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
- }
-
- def arbitrarySaltBase64Msg = shouldFail {
- byte[] arbitrarySaltBase64 = secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
- }
-
- def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltBase64Msg]
-
- // Assert
- assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
+ assertThrows(IllegalArgumentException.class, { -> new PBKDF2SecureHasher(prf, cost, 7, dkLength) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
}
@Test
diff --git a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/ScryptSecureHasherTest.groovy b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/ScryptSecureHasherTest.groovy
index 963fcae..2beae0d 100644
--- a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/ScryptSecureHasherTest.groovy
+++ b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/crypto/ScryptSecureHasherTest.groovy
@@ -16,29 +16,15 @@
*/
package org.apache.nifi.security.util.crypto
-import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.util.encoders.Hex
-import org.junit.jupiter.api.BeforeAll
-import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.condition.EnabledIfSystemProperty
-import org.slf4j.Logger
-import org.slf4j.LoggerFactory
import java.nio.charset.StandardCharsets
-import java.security.Security
-class ScryptSecureHasherTest extends GroovyTestCase {
- private static final Logger logger = LoggerFactory.getLogger(ScryptSecureHasherTest)
+import static org.junit.jupiter.api.Assertions.assertThrows
- @BeforeAll
- static void setupOnce() throws Exception {
- Security.addProvider(new BouncyCastleProvider())
-
- logger.metaClass.methodMissing = { String name, args ->
- logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}")
- }
- }
+class ScryptSecureHasherTest {
@Test
void testShouldBeDeterministicWithStaticSalt() {
@@ -167,27 +153,10 @@ class ScryptSecureHasherTest extends GroovyTestCase {
ScryptSecureHasher secureHasher = new ScryptSecureHasher(n, r, p, dkLength, 16)
final byte[] STATIC_SALT = "bad_sal".bytes
- // Act
- shouldFail(IllegalArgumentException) {
- new ScryptSecureHasher(n, r, p, dkLength, 7)
- }
-
- def arbitrarySaltRawMsg = shouldFail {
- secureHasher.hashRaw(inputBytes, STATIC_SALT)
- }
-
- def arbitrarySaltHexMsg = shouldFail {
- secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
- }
-
- def arbitrarySaltB64Msg = shouldFail {
- secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8))
- }
-
- def results = [arbitrarySaltRawMsg, arbitrarySaltHexMsg, arbitrarySaltB64Msg]
-
- // Assert
- assert results.every { it =~ /The salt length \(7 bytes\) is invalid/ }
+ assertThrows(IllegalArgumentException.class, { -> new ScryptSecureHasher(n, r, p, dkLength, 7) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashRaw(inputBytes, STATIC_SALT) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashHex(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
+ assertThrows(RuntimeException.class, { -> secureHasher.hashBase64(input, new String(STATIC_SALT, StandardCharsets.UTF_8)) })
}
@Test