1+ package org .owasp .esapi .util ;
2+
3+ import static org .junit .Assert .*;
4+
5+ import javax .crypto .Cipher ;
6+
7+ import org .junit .After ;
8+ import org .junit .Before ;
9+ import org .junit .BeforeClass ;
10+ import org .junit .Test ;
11+ import org .owasp .esapi .ESAPI ;
12+ import org .owasp .esapi .codecs .Hex ;
13+
14+ /** JUnit test to test CipherSpec class. */
15+ public class CipherSpecTest {
16+
17+ private Cipher dfltAESCipher = null ;
18+ private Cipher dfltECBCipher = null ; // will be "AES/ECB/NoPadding";
19+ private Cipher dfltOtherCipher = null ;
20+ private CipherSpec cipherSpec = null ;
21+ private static byte [] myIV = null ;
22+
23+ @ BeforeClass public static void setUpBeforeClass () {
24+ // This will throw ConfigurationException if IV type is not set to
25+ // 'fixed', which it's not. (We have it set to 'random'.)
26+ // myIV = Hex.decode( ESAPI.securityConfiguration().getFixedIV() );
27+
28+ myIV = Hex .decode ( "0x000102030405060708090a0b0c0d0e0f" );
29+
30+ }
31+
32+ @ Before public void setUp () throws Exception {
33+ dfltAESCipher = Cipher .getInstance ("AES" );
34+ dfltECBCipher = Cipher .getInstance ("AES/ECB/NoPadding" );
35+ dfltOtherCipher = Cipher .getInstance ("Blowfish/OFB8/PKCS5Padding" );
36+
37+ assertTrue ( dfltAESCipher != null );
38+ assertTrue ( dfltECBCipher != null );
39+ assertTrue ( dfltOtherCipher != null );
40+
41+ cipherSpec = new CipherSpec (dfltOtherCipher );
42+ assertTrue ( cipherSpec != null );
43+ }
44+
45+ @ After public void tearDown () throws Exception {
46+ // none
47+ }
48+
49+ /** Test CipherSpec(String cipherXform, int keySize, int blockSize, final byte[] iv) */
50+ @ Test public void testCipherSpecStringIntIntByteArray () {
51+
52+ cipherSpec = new CipherSpec ( "AES/CBC/NoPadding" , 128 , 8 , myIV );
53+ assertTrue ( cipherSpec != null );
54+ cipherSpec = null ;
55+ try {
56+ // Invalid cipher xform -- empty
57+ cipherSpec = new CipherSpec ( "" , 128 , 8 , myIV );
58+ } catch ( Throwable t ) {
59+ assertTrue ( cipherSpec == null );
60+ }
61+ try {
62+ // Invalid cipher xform -- missing padding scheme
63+ cipherSpec = new CipherSpec ("AES/CBC" , 128 , 8 , myIV );
64+ } catch ( Throwable t ) {
65+ assertTrue ( cipherSpec == null );
66+ }
67+
68+ }
69+
70+ /** CipherSpec(final Cipher cipher, int keySize) */
71+ @ Test public void testCipherSpecCipherInt () {
72+ cipherSpec = new CipherSpec (dfltOtherCipher , 112 );
73+ assertTrue ( cipherSpec != null );
74+ assertTrue ( cipherSpec .getCipherAlgorithm ().equals ("Blowfish" ));
75+ assertTrue ( cipherSpec .getCipherMode ().equals ("OFB8" ));
76+
77+ cipherSpec = new CipherSpec (dfltAESCipher , 256 );
78+ assertTrue ( cipherSpec != null );
79+ assertTrue ( cipherSpec .getCipherAlgorithm ().equals ("AES" ));
80+ assertTrue ( cipherSpec .getCipherMode ().equals ("ECB" ) );
81+ assertTrue ( cipherSpec .getPaddingScheme ().equals ("NoPadding" ) );
82+ }
83+
84+ /** Test CipherSpec(final byte[] iv) */
85+ @ Test public void testCipherSpecByteArray () {
86+ cipherSpec = new CipherSpec (myIV );
87+ assertTrue ( cipherSpec .getKeySize () ==
88+ ESAPI .securityConfiguration ().getEncryptionKeyLength () );
89+ assertTrue ( cipherSpec .getCipherTransformation ().equals (
90+ ESAPI .securityConfiguration ().getCipherTransformation () ) );
91+ }
92+
93+ /** Test CipherSpec() */
94+ @ Test public void testCipherSpec () {
95+ cipherSpec = new CipherSpec ( dfltECBCipher );
96+ assertTrue ( cipherSpec .getCipherTransformation ().equals ("AES/ECB/NoPadding" ) );
97+ assertTrue ( cipherSpec .getIV () == null );
98+
99+ cipherSpec = new CipherSpec (dfltOtherCipher );
100+ assertTrue ( cipherSpec .getCipherMode ().equals ("OFB8" ) );
101+ }
102+
103+ /** Test setCipherTransformation(String cipherXform) */
104+ @ Test public void testSetCipherTransformation () {
105+ cipherSpec = new CipherSpec ();
106+ cipherSpec .setCipherTransformation ("AlgName/Mode/Padding" );
107+ cipherSpec .getCipherAlgorithm ().equals ("AlgName/Mode/Padding" );
108+
109+ try {
110+ // Don't use null here as compiling JUnit tests disables assertion
111+ // checking so we get a NullPointerException here instead.
112+ cipherSpec .setCipherTransformation ("" ); // Throws AssertionError
113+ } catch (AssertionError e ) {
114+ assertTrue (true ); // Doesn't work w/ @Test(expected=AssertionError.class)
115+ }
116+ }
117+
118+ /** Test getCipherTransformation() */
119+ @ Test public void testGetCipherTransformation () {
120+ assertTrue ( (new CipherSpec ()).getCipherTransformation ().equals ("AES/CBC/PKCS5Padding" ) );
121+ }
122+
123+ /** Test setKeySize() */
124+ @ Test public void testSetKeySize () {
125+ assertTrue ( (new CipherSpec ()).setKeySize (56 ).getKeySize () == 56 );
126+ }
127+
128+ /** Test getKeySize() */
129+ @ Test public void testGetKeySize () {
130+ assertTrue ( (new CipherSpec ()).getKeySize () ==
131+ ESAPI .securityConfiguration ().getEncryptionKeyLength () );
132+ }
133+
134+ /** Test setBlockSize() */
135+ @ Test public void testSetBlockSize () {
136+ try {
137+ cipherSpec .setBlockSize (0 ); // Throws AssertionError
138+ } catch (AssertionError e ) {
139+ assertTrue (true ); // Doesn't work w/ @Test(expected=AssertionError.class)
140+ }
141+ try {
142+ cipherSpec .setBlockSize (-1 ); // Throws AssertionError
143+ } catch (AssertionError e ) {
144+ assertTrue (true ); // Doesn't work w/ @Test(expected=AssertionError.class)
145+ }
146+ assertTrue ( cipherSpec .setBlockSize (4 ).getBlockSize () == 4 );
147+ }
148+
149+ /** Test getBlockSize() */
150+ @ Test public void testGetBlockSize () {
151+ assertTrue ( cipherSpec .getBlockSize () == 8 );
152+ }
153+
154+ /** Test getCipherAlgorithm() */
155+ @ Test public void testGetCipherAlgorithm () {
156+ assertTrue ( cipherSpec .getCipherAlgorithm ().equals ("Blowfish" ) );
157+ }
158+
159+ /** Test getCipherMode */
160+ @ Test public void testGetCipherMode () {
161+ assertTrue ( cipherSpec .getCipherMode ().equals ("OFB8" ) );
162+ }
163+
164+ /** Test getPaddingScheme() */
165+ @ Test public void testGetPaddingScheme () {
166+ assertTrue ( cipherSpec .getPaddingScheme ().equals ("PKCS5Padding" ) );
167+ }
168+
169+ /** Test setIV() */
170+ @ Test public void testSetIV () {
171+ try {
172+ // Test that ECB mode allows a null IV
173+ cipherSpec = new CipherSpec (dfltECBCipher );
174+ cipherSpec .setIV (null );
175+ assertTrue (true );
176+ } catch ( AssertionError e ) {
177+ assertFalse ("Test failed; unexpected exception" , false );
178+ }
179+ try {
180+ // Test that CBC mode does allows a null IV
181+ cipherSpec = new CipherSpec (dfltAESCipher );
182+ cipherSpec .setIV (null );
183+ assertFalse ("Test failed; Expected exception not thrown" , false );
184+ } catch ( AssertionError e ) {
185+ assertTrue (true );
186+ }
187+ }
188+
189+ /** Test requiresIV() */
190+ @ Test public void testRequiresIV () {
191+ assertTrue ( (new CipherSpec (dfltECBCipher )).requiresIV () == false );
192+ cipherSpec = new CipherSpec (dfltAESCipher );
193+ assertTrue ( cipherSpec .getCipherMode ().equals ("ECB" ) );
194+ assertTrue ( cipherSpec .requiresIV () == false );
195+ assertTrue ( new CipherSpec (dfltOtherCipher ).requiresIV () );
196+ }
197+ }
0 commit comments