Skip to content

Commit

Permalink
fully cleans Java reorganizers
Browse files Browse the repository at this point in the history 
Signed-off-by: Hugo Queinnec <[email protected]>
  • Loading branch information
@hugoqnc
hugoqnc committed Sep 18, 2024
1 parent fe25014 commit 325786c
Show file tree
Hide file tree
Showing 14 changed files with 66 additions and 251 deletions.
22 changes: 12 additions & 10 deletions java/src/main/java/com/ibm/plugin/translation/reorganizer/JavaReorganizerRules.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@
import com.ibm.mapper.reorganizer.rules.MacReorganizer;
import com.ibm.mapper.reorganizer.rules.SignatureReorganizer;
import java.util.List;
import java.util.stream.Stream;
import javax.annotation.Nonnull;

public final class JavaReorganizerRules {
Expand All @@ -37,14 +36,17 @@ private JavaReorganizerRules() {

@Nonnull
public static List<IReorganizerRule> rules() {
return Stream.of(
AeadBlockCipherReorganizer.rules().stream(),
AsymmetricBlockCipherReorganizer.rules().stream(),
BlockCipherReorganizer.rules().stream(),
CipherParameterReorganizer.rules().stream(),
MacReorganizer.rules().stream(),
Stream.of(SignatureReorganizer.MERGE_SIGNATURE_UNKNOWN_PARENT_AND_CHILD))
.flatMap(i -> i)
.toList();
return List.of(
AeadBlockCipherReorganizer.MERGE_AE_PARENT_AND_CHILD,
AeadBlockCipherReorganizer.MOVE_TAG_LENGTH_UNDER_MAC,
AsymmetricBlockCipherReorganizer.INVERT_DIGEST_AND_ITS_SIZE,
AsymmetricBlockCipherReorganizer.MERGE_PKE_PARENT_AND_CHILD,
BlockCipherReorganizer.MERGE_BLOCK_CIPHER_PARENT_AND_CHILD,
CipherParameterReorganizer.MOVE_KEY_LENGTH_UNDER_TAG_LENGTH_UP,
CipherParameterReorganizer.MOVE_NODES_UNDER_DECRYPT_UP,
CipherParameterReorganizer.MOVE_NODES_UNDER_ENCRYPT_UP,
MacReorganizer.MERGE_UNKNOWN_MAC_PARENT_AND_CIPHER_CHILD,
MacReorganizer.MOVE_SOME_MAC_CHILDREN_UNDER_BLOCKCIPHER,
SignatureReorganizer.MERGE_UNKNOWN_SIGNATURE_PARENT_AND_CHILD);
}
}
2 changes: 1 addition & 1 deletion .../plugin/rules/detection/bc/asymmetricblockcipher/BcBufferedAsymmetricBlockCipherTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ public void asserts(
INode pkeNode = nodes.get(0);
assertThat(pkeNode.getKind()).isEqualTo(PublicKeyEncryption.class);
assertThat(pkeNode.getChildren()).hasSize(4);
assertThat(pkeNode.asString()).isEqualTo("RSA");
assertThat(pkeNode.asString()).isEqualTo("RSA-OAEP");

// Encrypt under PublicKeyEncryption
INode encryptNode = pkeNode.getChildren().get(Encrypt.class);
Expand Down
3 changes: 1 addition & 2 deletions ...test/java/com/ibm/plugin/rules/detection/bc/asymmetricblockcipher/BcOAEPEncodingTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@
import com.ibm.plugin.rules.detection.bc.BouncyCastleJars;
import java.util.List;
import org.jetbrains.annotations.NotNull;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test;
import org.sonar.java.checks.verifier.CheckVerifier;
import org.sonar.plugins.java.api.JavaCheck;
Expand All @@ -34,7 +33,7 @@
import org.sonar.plugins.java.api.tree.Tree;

class BcOAEPEncodingTest extends TestBase {
@Disabled("Fix duplicate digest detections before enabling and writing asserts")
// @Disabled("Fix duplicate digest detections before enabling and writing asserts")
@Test
void test() {
CheckVerifier.newVerifier()
Expand Down
4 changes: 2 additions & 2 deletions java/src/test/java/com/ibm/plugin/rules/detection/bc/blockcipher/BcCBCBlockCipherTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,8 +110,8 @@ public void asserts(
// BlockCipher
INode blockCipherNode1 = nodes.get(0);
assertThat(blockCipherNode1.getKind()).isEqualTo(BlockCipher.class);
assertThat(blockCipherNode1.getChildren()).hasSize(3);
assertThat(blockCipherNode1.asString()).isEqualTo("AES");
assertThat(blockCipherNode1.getChildren()).hasSize(4);
assertThat(blockCipherNode1.asString()).isEqualTo("AES-CBC");

// Decrypt under BlockCipher
INode decryptNode =
Expand Down
4 changes: 2 additions & 2 deletions ...test/java/com/ibm/plugin/rules/detection/bc/bufferedblockcipher/BcCTSBlockCipherTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,8 +100,8 @@ public void asserts(
// BlockCipher
INode blockCipherNode = nodes.get(0);
assertThat(blockCipherNode.getKind()).isEqualTo(BlockCipher.class);
assertThat(blockCipherNode.getChildren()).hasSize(3);
assertThat(blockCipherNode.asString()).isEqualTo("AES");
assertThat(blockCipherNode.getChildren()).hasSize(4);
assertThat(blockCipherNode.asString()).isEqualTo("AES-CTS");

// Mode under BlockCipher
INode modeNode = blockCipherNode.getChildren().get(Mode.class);
Expand Down
2 changes: 1 addition & 1 deletion ...m/ibm/plugin/rules/detection/bc/bufferedblockcipher/BcDefaultBufferedBlockCipherTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ public void asserts(
// BlockCipher
INode blockCipherNode = nodes.get(0);
assertThat(blockCipherNode.getKind()).isEqualTo(BlockCipher.class);
assertThat(blockCipherNode.getChildren()).hasSize(2);
assertThat(blockCipherNode.getChildren()).hasSize(3);
assertThat(blockCipherNode.asString()).isEqualTo("AES");

// Encrypt under BlockCipher
Expand Down
4 changes: 2 additions & 2 deletions .../java/com/ibm/plugin/rules/detection/bc/bufferedblockcipher/BcNISTCTSBlockCipherTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,8 +101,8 @@ public void asserts(
// BlockCipher
INode blockCipherNode = nodes.get(0);
assertThat(blockCipherNode.getKind()).isEqualTo(BlockCipher.class);
assertThat(blockCipherNode.getChildren()).hasSize(3);
assertThat(blockCipherNode.asString()).isEqualTo("AES");
assertThat(blockCipherNode.getChildren()).hasSize(4);
assertThat(blockCipherNode.asString()).isEqualTo("AES-CTS");

// Encrypt under BlockCipher
INode encryptNode = blockCipherNode.getChildren().get(Encrypt.class);
Expand Down
8 changes: 8 additions & 0 deletions mapper/src/main/java/com/ibm/mapper/reorganizer/UsualPerformActions.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,14 @@ private UsualPerformActions() {
return roots;
};

/**
* When there is a parent node and a child node of the same {@code kind}, this action will merge
* both. In detail, it will put all the children nodes of the parent as children of the child
* node, and will replace the parent node by the child node in the tree of nodes.
*
* @param kind - The kind of the parent and child nodes
* @return A reorganization action (a {@code Function3})
*/
@Nonnull
public static final IFunctionPerformReorganization performMergeParentAndChildOfSameKind(
Class<? extends IPrimitive> kind) {
Expand Down
11 changes: 2 additions & 9 deletions mapper/src/main/java/com/ibm/mapper/reorganizer/rules/AeadBlockCipherReorganizer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@
import com.ibm.mapper.reorganizer.builder.ReorganizerRuleBuilder;
import java.util.List;
import javax.annotation.Nonnull;
import org.jetbrains.annotations.Unmodifiable;

public final class AeadBlockCipherReorganizer {

Expand All @@ -36,7 +35,7 @@ private AeadBlockCipherReorganizer() {
}

@Nonnull
private static final IReorganizerRule MERGE_AE_PARENT_AND_CHILD =
public static final IReorganizerRule MERGE_AE_PARENT_AND_CHILD =
new ReorganizerRuleBuilder()
.createReorganizerRule()
.forNodeKind(AuthenticatedEncryption.class)
Expand All @@ -51,7 +50,7 @@ private AeadBlockCipherReorganizer() {
AuthenticatedEncryption.class));

@Nonnull
private static final IReorganizerRule MOVE_TAG_LENGTH_UNDER_MAC =
public static final IReorganizerRule MOVE_TAG_LENGTH_UNDER_MAC =
new ReorganizerRuleBuilder()
.createReorganizerRule()
.forNodeKind(AuthenticatedEncryption.class)
Expand All @@ -75,10 +74,4 @@ private AeadBlockCipherReorganizer() {
node.removeChildOfType(TagLength.class);
return roots;
});

@Unmodifiable
@Nonnull
public static List<IReorganizerRule> rules() {
return List.of(MERGE_AE_PARENT_AND_CHILD, MOVE_TAG_LENGTH_UNDER_MAC);
}
}
89 changes: 12 additions & 77 deletions mapper/src/main/java/com/ibm/mapper/reorganizer/rules/AsymmetricBlockCipherReorganizer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,19 +20,15 @@
package com.ibm.mapper.reorganizer.rules;

import com.ibm.mapper.ITranslator;
import com.ibm.mapper.model.BlockCipher;
import com.ibm.mapper.model.DigestSize;
import com.ibm.mapper.model.INode;
import com.ibm.mapper.model.MessageDigest;
import com.ibm.mapper.model.PublicKeyEncryption;
import com.ibm.mapper.model.padding.OAEP;
import com.ibm.mapper.reorganizer.IReorganizerRule;
import com.ibm.mapper.reorganizer.UsualPerformActions;
import com.ibm.mapper.reorganizer.builder.ReorganizerRuleBuilder;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.annotation.Nonnull;
import org.jetbrains.annotations.Unmodifiable;

public final class AsymmetricBlockCipherReorganizer {

Expand All @@ -41,7 +37,7 @@ private AsymmetricBlockCipherReorganizer() {
}

@Nonnull
private static final IReorganizerRule MERGE_PKE =
public static final IReorganizerRule MERGE_PKE_PARENT_AND_CHILD =
new ReorganizerRuleBuilder()
.createReorganizerRule()
.forNodeKind(PublicKeyEncryption.class)
Expand All @@ -53,39 +49,11 @@ private AsymmetricBlockCipherReorganizer() {
.forNodeKind(PublicKeyEncryption.class)
.noAction()))
.perform(
(node, parent, roots) -> {
INode newPke =
node.getChildren()
.get(PublicKeyEncryption.class)
.deepCopy();

for (Map.Entry<Class<? extends INode>, INode> childKeyValue :
node.getChildren().entrySet()) {
if (!childKeyValue.getKey().equals(PublicKeyEncryption.class)) {
newPke.put(childKeyValue.getValue());
}
}

if (parent == null) {
// `node` is a root node
// Create a copy of the roots list
List<INode> rootsCopy = new ArrayList<>(roots);
for (int i = 0; i < rootsCopy.size(); i++) {
if (rootsCopy.get(i).equals(node)) {
rootsCopy.set(i, newPke);
break;
}
}
return rootsCopy;
} else {
// Replace the previous PublicKeyEncryption node
parent.put(newPke);
return roots;
}
});
UsualPerformActions.performMergeParentAndChildOfSameKind(
PublicKeyEncryption.class));

@Nonnull
private static final IReorganizerRule INVERT_DIGEST_AND_ITS_SIZE =
public static final IReorganizerRule INVERT_DIGEST_AND_ITS_SIZE =
new ReorganizerRuleBuilder()
.createReorganizerRule()
.forNodeKind(DigestSize.class)
Expand All @@ -96,57 +64,24 @@ private AsymmetricBlockCipherReorganizer() {
.forNodeKind(MessageDigest.class)
.noAction()))
.perform(
(node, parent, roots) -> {
(digestSizeNode, parent, roots) -> {
if (parent == null) {
// Do nothing
return roots;
}

INode messageDigestChild =
node.getChildren().get(MessageDigest.class).deepCopy();
digestSizeNode.getChildren().get(MessageDigest.class);

/* Append the DigestSize (without its DigestSize) child to the new DigestSize */
INode digestSize = node.deepCopy();
digestSize.removeChildOfType(MessageDigest.class);
messageDigestChild.put(digestSize);
digestSizeNode.removeChildOfType(MessageDigest.class);
messageDigestChild.put(digestSizeNode);

// Remove the DigestSize from the parent
parent.removeChildOfType(DigestSize.class);

// Append the MessageDigest to the parent
parent.put(messageDigestChild);
return roots;
});

@Nonnull
private static final IReorganizerRule MOVE_HASH_UNDER_OAEP =
new ReorganizerRuleBuilder()
.createReorganizerRule()
.forNodeKind(BlockCipher.class)
.includingChildren(
List.of(
new ReorganizerRuleBuilder()
.createReorganizerRule()
.forNodeKind(OAEP.class)
.noAction(),
new ReorganizerRuleBuilder()
.createReorganizerRule()
.forNodeKind(MessageDigest.class)
.noAction()))
.perform(
(node, parent, roots) -> {
INode oaepChild = node.getChildren().get(OAEP.class);
INode messageDigestChild =
node.getChildren().get(MessageDigest.class).deepCopy();

// Add the message digest under the OAEP node
oaepChild.put(messageDigestChild);
// Remove the message digest from the BlockCipher's children
node.removeChildOfType(MessageDigest.class);

return roots;
});

@Unmodifiable
@Nonnull
public static List<IReorganizerRule> rules() {
return List.of(MERGE_PKE, INVERT_DIGEST_AND_ITS_SIZE, MOVE_HASH_UNDER_OAEP);
}
}
48 changes: 4 additions & 44 deletions mapper/src/main/java/com/ibm/mapper/reorganizer/rules/BlockCipherReorganizer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,24 +19,19 @@
*/
package com.ibm.mapper.reorganizer.rules;

import com.ibm.mapper.model.Algorithm;
import com.ibm.mapper.model.BlockCipher;
import com.ibm.mapper.model.INode;
import com.ibm.mapper.reorganizer.IReorganizerRule;
import com.ibm.mapper.reorganizer.UsualPerformActions;
import com.ibm.mapper.reorganizer.builder.ReorganizerRuleBuilder;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.annotation.Nonnull;
import org.jetbrains.annotations.Unmodifiable;

public final class BlockCipherReorganizer {

private BlockCipherReorganizer() {
// private
}

private static final IReorganizerRule MERGE_BLOCK_CIPHER_PARENT_AND_CHILD =
public static final IReorganizerRule MERGE_BLOCK_CIPHER_PARENT_AND_CHILD =
new ReorganizerRuleBuilder()
.createReorganizerRule()
.forNodeKind(BlockCipher.class)
Expand All @@ -47,41 +42,6 @@ private BlockCipherReorganizer() {
.forNodeKind(BlockCipher.class)
.noAction()))
.perform(
(node, parent, roots) -> {
Algorithm newBlockCipher =
(Algorithm)
node.getChildren()
.get(BlockCipher.class)
.deepCopy();

for (Map.Entry<Class<? extends INode>, INode> childKeyValue :
node.getChildren().entrySet()) {
if (!childKeyValue.getKey().equals(BlockCipher.class)) {
newBlockCipher.put(childKeyValue.getValue());
}
}

if (parent == null) {
// `node` is a root node
// Create a copy of the roots list
List<INode> rootsCopy = new ArrayList<>(roots);
for (int i = 0; i < rootsCopy.size(); i++) {
if (rootsCopy.get(i).equals(node)) {
rootsCopy.set(i, newBlockCipher);
break;
}
}
return rootsCopy;
} else {
// Replace the previous BlockCipher node
parent.put(newBlockCipher);
return roots;
}
});

@Unmodifiable
@Nonnull
public static List<IReorganizerRule> rules() {
return List.of(MERGE_BLOCK_CIPHER_PARENT_AND_CHILD);
}
UsualPerformActions.performMergeParentAndChildOfSameKind(
BlockCipher.class));
}
Loading

0 comments on commit 325786c

Please sign in to comment.