whitespaces

This commit is contained in:
Andreas Dangel
2018-05-21 11:56:23 +02:00
parent ac7b94aaa2
commit af250c3503
@@ -1,97 +1,88 @@
<?xml version="1.0" encoding="UTF-8"?>
<test-data xmlns="http://pmd.sourceforge.net/rule-tests"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://pmd.sourceforge.net/rule-tests http://pmd.sourceforge.net/rule-tests_1_0_0.xsd">
<test-code>
<description><![CDATA[
Hard coded inline cryptographic key, bad
]]></description>
<expected-problems>1</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
public class Foo {
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://pmd.sourceforge.net/rule-tests http://pmd.sourceforge.net/rule-tests_1_0_0.xsd">
<test-code>
<description>Hard coded inline cryptographic key, bad</description>
<expected-problems>1</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
void encrypt() {
SecretKeySpec keySpec = new SecretKeySpec("hard coded key here".getBytes("UTF-8"), "AES");
}
public class Foo {
void encrypt() {
SecretKeySpec keySpec = new SecretKeySpec("hard coded key here".getBytes("UTF-8"), "AES");
}
}
]]></code>
</test-code>
]]></code>
</test-code>
<test-code>
<description><![CDATA[
Key stored in a property, good
]]></description>
<expected-problems>0</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
public class Foo {
<test-code>
<description>Key stored in a property, good</description>
<expected-problems>0</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
void encrypt() {
SecretKeySpec keySpec = new SecretKeySpec(secureProperty.getKeyBytes(), "AES");
}
public class Foo {
void encrypt() {
SecretKeySpec keySpec = new SecretKeySpec(secureProperty.getKeyBytes(), "AES");
}
}
]]></code>
</test-code>
]]></code>
</test-code>
<test-code>
<description><![CDATA[
Hard coded in field cryptographic key, bad
]]></description>
<expected-problems>1</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
public class Foo {
static private String key = "0123456789ABCDEF";
void encrypt() {
byte[] keyData = key.getBytes("UTF-8");
SecretKeySpec keySpec = new SecretKeySpec(keyData, "AES");
}
<test-code>
<description>Hard coded in field cryptographic key, bad</description>
<expected-problems>1</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
public class Foo {
static private String key = "0123456789ABCDEF";
void encrypt() {
byte[] keyData = key.getBytes("UTF-8");
SecretKeySpec keySpec = new SecretKeySpec(keyData, "AES");
}
}
]]></code>
</test-code>
]]></code>
</test-code>
<test-code>
<description><![CDATA[
Hard coded crypto key byte[], bad
]]></description>
<expected-problems>1</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
public class Foo {
static private byte[] encryptionKey = new byte[] { 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00 };
<test-code>
<description>Hard coded crypto key byte[], bad</description>
<expected-problems>1</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
void encrypt() {
SecretKeySpec keySpec = new SecretKeySpec(encryptionKey, "AES");
}
public class Foo {
static private byte[] encryptionKey = new byte[] { 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00 };
void encrypt() {
SecretKeySpec keySpec = new SecretKeySpec(encryptionKey, "AES");
}
}
]]></code>
</test-code>
<test-code>
<description><![CDATA[
Key fetched from a property, good
]]></description>
<expected-problems>0</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
public class Foo {
]]></code>
</test-code>
void encrypt() {
byte[] computedSecretKey = SecureUtils.computeSecretKey(data.getSecretKeyAlgorithm(), data.getAccessKey(), data.getClientIp(), data.getTimeStamp(), data.getEnv());
SecretKeySpec secretKeySpec = new SecretKeySpec(computedSecretKey, data.getSecretKeyAlgorithm().getName());
}
<test-code>
<description>Key fetched from a property, good</description>
<expected-problems>0</expected-problems>
<code><![CDATA[
import javax.crypto.spec.SecretKeySpec;
public class Foo {
void encrypt() {
byte[] computedSecretKey = SecureUtils.computeSecretKey(data.getSecretKeyAlgorithm(),
data.getAccessKey(), data.getClientIp(), data.getTimeStamp(), data.getEnv());
SecretKeySpec secretKeySpec = new SecretKeySpec(computedSecretKey, data.getSecretKeyAlgorithm().getName());
}
}
]]></code>
</test-code>
]]></code>
</test-code>
</test-data>