Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to 'bundles/org.eclipse.equinox.security.tests/src/org/eclipse/equinox/internal/security/tests/storage/DetectPBECiphersTest.java')
-rw-r--r--bundles/org.eclipse.equinox.security.tests/src/org/eclipse/equinox/internal/security/tests/storage/DetectPBECiphersTest.java67
1 files changed, 67 insertions, 0 deletions
diff --git a/bundles/org.eclipse.equinox.security.tests/src/org/eclipse/equinox/internal/security/tests/storage/DetectPBECiphersTest.java b/bundles/org.eclipse.equinox.security.tests/src/org/eclipse/equinox/internal/security/tests/storage/DetectPBECiphersTest.java
new file mode 100644
index 000000000..a0a3bfa6e
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.tests/src/org/eclipse/equinox/internal/security/tests/storage/DetectPBECiphersTest.java
@@ -0,0 +1,67 @@
+/*******************************************************************************
+ * Copyright (c) 2018 Inno-Tec Innovative Technologies GmbH.
+ *
+ * This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License 2.0
+ * which accompanies this distribution, and is available at
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ * Inno-Tec (Juergen Bogdahn) - Fix for Bug 388055
+ *
+ *******************************************************************************/
+package org.eclipse.equinox.internal.security.tests.storage;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.security.Provider;
+import java.security.Security;
+import java.util.*;
+import org.eclipse.equinox.internal.security.storage.JavaEncryption;
+import org.junit.Test;
+
+/**
+ * In this test the number of PBE ciphers in the VM are determined and compared
+ * to the available ciphers in the secure storage implementation.
+ *
+ * This test is only interested in PBE Ciphers for the secure storage.
+ *
+ * !IMPORTANT! It can only pass if crypto.policy is set to 'unlimited' !IMPORTANT!
+ *
+ * The test "rebuilds" the logic of searching for keyFactories and matching PBE ciphers.
+ * For these ciphers the "roundtrip" has to be successful, otherwise the SecureStorage
+ * implementation does not use the cipher correctly and it cannot be used.
+ */
+public class DetectPBECiphersTest {
+
+ @SuppressWarnings("rawtypes")
+ @Test
+ public void testPBEDetect() {
+ int cipherJVMCount = 0;
+ Set<String> keyFactories = new HashSet<>();
+ Provider[] providers = Security.getProviders();
+ for (Provider p : providers) { //find all key factories
+ for (Provider.Service service : p.getServices()) {
+ if (service.getType().equals("SecretKeyFactory") && service.getAlgorithm().indexOf(' ') == -1) {// skips properties like "[Cipher.ABC SupportedPaddings]")
+ keyFactories.add(service.getAlgorithm());
+ }
+ }
+ }
+ for (Provider p : providers) { //find all ciphers matching a key factory and start with PBE
+ for (Provider.Service service : p.getServices()) {
+ if (service.getType().equals("Cipher") && service.getAlgorithm().startsWith("PBE") && keyFactories.contains(service.getAlgorithm())) {
+ cipherJVMCount++;
+ }
+ }
+ }
+
+ JavaEncryption encryption = new JavaEncryption();
+ HashMap detectedCiphers = encryption.detect();
+
+ assertTrue(detectedCiphers.size() > 0);
+ assertEquals(cipherJVMCount, detectedCiphers.size());
+ }
+}

Back to the top