Skip to content

Commit bf44408

Browse files
n1ckl0sk0rtgen1ckl0sk0rtge
authored
fix pbe keylength interpretation; update tests (#233)
Signed-off-by: Nicklas Körtge <nicklas.koertge1@ibm.com>
1 parent 66787c0 commit bf44408

File tree

3 files changed

+6
-5
lines changed

3 files changed

+6
-5
lines changed

java/src/main/java/com/ibm/plugin/rules/detection/jca/keyspec/JcaPBEKeySpec.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222
import static com.ibm.plugin.rules.detection.TypeShortcuts.BYTE_ARRAY_TYPE;
2323
import static com.ibm.plugin.rules.detection.TypeShortcuts.CHAR_ARRAY_TYPE;
2424

25+
import com.ibm.engine.model.Size;
2526
import com.ibm.engine.model.context.KeyContext;
2627
import com.ibm.engine.model.context.SecretKeyContext;
2728
import com.ibm.engine.model.factory.KeySizeFactory;
@@ -72,7 +73,7 @@ public final class JcaPBEKeySpec {
7273
.shouldBeDetectedAs(new SaltSizeFactory<>())
7374
.withMethodParameter("int")
7475
.withMethodParameter("int")
75-
.shouldBeDetectedAs(new KeySizeFactory<>())
76+
.shouldBeDetectedAs(new KeySizeFactory<>(Size.UnitType.BIT))
7677
.buildForContext(new SecretKeyContext(KeyContext.Kind.PBE))
7778
.inBundle(() -> "Jca")
7879
.withoutDependingDetectionRules();

java/src/test/java/com/ibm/plugin/rules/detection/jca/algorithmspec/JcaGCMParameterSpecTest.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,7 @@ public void asserts(
110110

111111
IValue<Tree> value2_1_1 = store_1_1.getDetectionValues().get(2);
112112
assertThat(value2_1_1).isInstanceOf(KeySize.class);
113-
assertThat(value2_1_1.asString()).isEqualTo("2048");
113+
assertThat(value2_1_1.asString()).isEqualTo("256");
114114

115115
/*
116116
* Translation
@@ -200,7 +200,7 @@ public void asserts(
200200
INode keyLengthNode = secretKeyNode.getChildren().get(KeyLength.class);
201201
assertThat(keyLengthNode).isNotNull();
202202
assertThat(keyLengthNode.getChildren()).isEmpty();
203-
assertThat(keyLengthNode.asString()).isEqualTo("2048");
203+
assertThat(keyLengthNode.asString()).isEqualTo("256");
204204
} else if (findingId == 1) {
205205
/*
206206
* Detection Store

java/src/test/java/com/ibm/plugin/rules/detection/jca/keyspec/JcaPBEKeySpecTest.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ public void asserts(
9090
.anyMatch(
9191
v -> {
9292
if (v instanceof KeySize<Tree>) {
93-
return v.asString().equals("1024");
93+
return v.asString().equals("128");
9494
} else if (v instanceof SaltSize<Tree>) {
9595
return v.asString().equals("192");
9696
} else if (v instanceof PasswordSize<Tree>) {
@@ -114,7 +114,7 @@ public void asserts(
114114
INode keyLengthNode = secretKeyNode.getChildren().get(KeyLength.class);
115115
assertThat(keyLengthNode).isNotNull();
116116
assertThat(keyLengthNode.getChildren()).isEmpty();
117-
assertThat(keyLengthNode.asString()).isEqualTo("1024");
117+
assertThat(keyLengthNode.asString()).isEqualTo("128");
118118

119119
// PasswordBasedKeyDerivationFunction under SecretKey
120120
INode passwordBasedKeyDerivationFunctionNode =

0 commit comments

Comments
 (0)