ACS-2242 Attempt to fix Initialization of SecureRandom in EncryptionTest (#872)

* ACS-2242 Initializing SecureRandom only once. * ACS-2242 adjust requested changes.
2025-07-24 17:32:48 +00:00 · 2022-01-05 11:55:01 +01:00
parent 94a1c7a692
commit ae2fb449cc
1 changed files with 26 additions and 31 deletions
--- a/repository/src/test/java/org/alfresco/encryption/EncryptionTests.java
+++ b/repository/src/test/java/org/alfresco/encryption/EncryptionTests.java
@@ -66,6 +66,7 @@ import org.springframework.context.ApplicationContext;
 public class EncryptionTests extends TestCase
 {
 	private static final String TEST_MODEL = "org/alfresco/encryption/reencryption_model.xml";
+	private static final SecureRandom SECURE_RANDOM = getSecureRandomInstance();

 	private static int NUM_PROPERTIES = 500;
    private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
@@ -148,6 +149,18 @@ public class EncryptionTests extends TestCase
        bootstrap.setTenantService(tenantService);
        bootstrap.bootstrap();
 	}
+
+	private static SecureRandom getSecureRandomInstance(){
+		try
+		{
+			SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+			random.setSeed(System.nanoTime());
+			return random;
+		} catch (NoSuchAlgorithmException e)
+		{
+			throw new AlfrescoRuntimeException(e.getMessage());
+		}
+	}
 	
 	protected KeyProvider getKeyProvider(KeyStoreParameters keyStoreParameters)
 	{
@@ -195,12 +208,10 @@ public class EncryptionTests extends TestCase
 		}
 	}

-	public byte[] generateKeyData() throws NoSuchAlgorithmException
+	public byte[] generateKeyData()
 	{
-		SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
-		random.setSeed(System.currentTimeMillis());
-		byte bytes[] = new byte[DESedeKeySpec.DES_EDE_KEY_LEN];
-		random.nextBytes(bytes);
+		byte[] bytes = new byte[DESedeKeySpec.DES_EDE_KEY_LEN];
+		SECURE_RANDOM.nextBytes(bytes);
 		return bytes;
 	}

@@ -208,8 +219,7 @@ public class EncryptionTests extends TestCase
 	{
 		DESedeKeySpec keySpec = new DESedeKeySpec(generateKeyData());
 		SecretKeyFactory kf = SecretKeyFactory.getInstance(keyAlgorithm);
-    	SecretKey secretKey = kf.generateSecret(keySpec);
-    	return secretKey;		
+		return kf.generateSecret(keySpec);
 	}

 	public void testReEncrypt()
@@ -285,18 +295,11 @@ public class EncryptionTests extends TestCase
 		String test = "hello world";
 		final KeyMap keys = new KeyMap();
 		byte[] decrypted = null;
-		String test1 = null;
+		String testDecrypted = null;
 		
 		secretKey1 = generateSecretKey("DESede");
 		keys.setKey("test", secretKey1);
-		KeyProvider keyProvider = new KeyProvider()
-		{
-			@Override
-			public Key getKey(String keyAlias)
-			{
-				return keys.getCachedKey(keyAlias).getKey();
-			}
-		};
+		KeyProvider keyProvider = keyAlias -> keys.getCachedKey(keyAlias).getKey();

 		encryptor = new DefaultEncryptor();
 		encryptor.setCipherAlgorithm("DESede/CBC/PKCS5Padding");
@@ -306,9 +309,9 @@ public class EncryptionTests extends TestCase
 		pair = encryptor.encrypt("test", null, test.getBytes("UTF-8"));

 		decrypted = encryptor.decrypt("test", pair.getSecond(), pair.getFirst());
-		test1 = new String(decrypted, "UTF-8");
+		testDecrypted = new String(decrypted, "UTF-8");
 		
-		assertEquals("Expected encrypt,decrypt to end up with the original value", test, test1);
+		assertEquals("Expected encrypt,decrypt to end up with the original value", test, testDecrypted);
 		System.out.println("1:" + new String(decrypted, "UTF-8"));
 		
 		secretKey2 = generateSecretKey("DESede");
@@ -320,7 +323,7 @@ public class EncryptionTests extends TestCase
 		try
 		{
 			decrypted = encryptor.decrypt("test", pair.getSecond(), pair.getFirst());
-			test1 = new String(decrypted, "UTF-8");
+			fail("Decryption should have failed");
 		}
 		catch(AlfrescoRuntimeException e)
 		{
@@ -338,7 +341,6 @@ public class EncryptionTests extends TestCase
 		testChangeKeysImpl(true);
 	}

-	@Category(FrequentlyFailingTests.class) // ACS-2242
 	public void testFailedEncryptionWithCachedCiphers() throws Throwable
 	{
 		Pair<byte[], AlgorithmParameters> pair = null;
@@ -348,18 +350,11 @@ public class EncryptionTests extends TestCase
 		String test = "hello world";
 		final KeyMap keys = new KeyMap();
 		byte[] decrypted = null;
-		String test1 = null;
+		String testDecrypted = null;
 		
 		secretKey1 = generateSecretKey("DESede");
 		keys.setKey("test", secretKey1);
-		KeyProvider keyProvider = new KeyProvider()
-		{
-			@Override
-			public Key getKey(String keyAlias)
-			{
-				return keys.getCachedKey(keyAlias).getKey();
-			}
-		};
+		KeyProvider keyProvider = keyAlias -> keys.getCachedKey(keyAlias).getKey();

 		encryptor = new DefaultEncryptor();
 		encryptor.setCipherAlgorithm("DESede/CBC/PKCS5Padding");
@@ -377,7 +372,6 @@ public class EncryptionTests extends TestCase
 		try
 		{
 			decrypted = encryptor.decrypt("test", pair.getSecond(), pair.getFirst());
-			test1 = new String(decrypted, "UTF-8");
 			fail("Decryption should have failed");
 		}
 		catch(AlfrescoRuntimeException e)
@@ -389,7 +383,8 @@ public class EncryptionTests extends TestCase
 		try
 		{
 			decrypted = encryptor.decrypt("test", pair.getSecond(), pair.getFirst());
-			test1 = new String(decrypted, "UTF-8");
+			testDecrypted = new String(decrypted, "UTF-8");
+			assertEquals(test, testDecrypted);
 		}
 		catch(AlfrescoRuntimeException e)
 		{