Re: [tomcat] branch 8.5.x updated: Fix failures on Java 7 where SHA_512_256 is not available

Christopher Schultz Wed, 19 Apr 2023 06:17:25 -0700

Mark,

On 4/19/23 07:04, ma...@apache.org wrote:

This is an automated email from the ASF dual-hosted git repository.


markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
      new 47c92c5fa7 Fix failures on Java 7 where SHA_512_256 is not available
47c92c5fa7 is described below

commit 47c92c5fa70976eb9546b002a83b3932c3e680ab
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Apr 19 12:03:55 2023 +0100

     Fix failures on Java 7 where SHA_512_256 is not available


Any reason not to just do this with all of the various algorithms?

Also, I didn't check, but do we explicitly clear-out the "disabledalgorithms" when running tests, to ensure we test everything and don'tcause any failures due to certain algorithms (e.g. MD5 vvia TLS) beingdisabled?


-chris

---
  .../TestDigestAuthenticatorAlgorithms.java         | 46 ++++++++++++++++------
  1 file changed, 34 insertions(+), 12 deletions(-)

diff --git 
a/test/org/apache/catalina/authenticator/TestDigestAuthenticatorAlgorithms.java 
b/test/org/apache/catalina/authenticator/TestDigestAuthenticatorAlgorithms.java
index 66e51187b5..99a1b83675 100644
--- 
a/test/org/apache/catalina/authenticator/TestDigestAuthenticatorAlgorithms.java
+++ 
b/test/org/apache/catalina/authenticator/TestDigestAuthenticatorAlgorithms.java
@@ -16,6 +16,8 @@
   */
  package org.apache.catalina.authenticator;

+import java.security.MessageDigest;

+import java.security.NoSuchAlgorithmException;
  import java.util.ArrayList;
  import java.util.Arrays;
  import java.util.Collection;
@@ -57,25 +59,42 @@ public class TestDigestAuthenticatorAlgorithms extends 
TomcatBaseTest {
      private static String REALM_NAME = "TestRealm";
      private static String CNONCE = "cnonce";

+ private static final boolean HAS_SHA_512_256;

+
      private static final List<List<AuthDigest>> ALGORITHM_PERMUTATIONS = new 
ArrayList<>();
      static {
+        boolean digestSupported = false;
+        try {
+            MessageDigest.getInstance(AuthDigest.SHA_512_256.getJavaName());
+            digestSupported = true;
+        } catch (NoSuchAlgorithmException nsae) {
+            // Ignore
+        }
+        HAS_SHA_512_256 = digestSupported;
+
          ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.MD5));
          ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.MD5, 
AuthDigest.SHA_256));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.MD5, 
AuthDigest.SHA_256, AuthDigest.SHA_512_256));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.MD5, 
AuthDigest.SHA_512_256));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.MD5, 
AuthDigest.SHA_512_256, AuthDigest.SHA_256));
+        if (HAS_SHA_512_256) {
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.MD5, 
AuthDigest.SHA_256, AuthDigest.SHA_512_256));
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.MD5, 
AuthDigest.SHA_512_256));
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.MD5, 
AuthDigest.SHA_512_256, AuthDigest.SHA_256));
+        }

ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_256));

          ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_256, 
AuthDigest.MD5));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_256, 
AuthDigest.MD5, AuthDigest.SHA_512_256));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_256, 
AuthDigest.SHA_512_256));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_256, 
AuthDigest.SHA_512_256, AuthDigest.MD5));
-
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256, 
AuthDigest.MD5));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256, 
AuthDigest.MD5, AuthDigest.SHA_256));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256, 
AuthDigest.SHA_256));
-        ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256, 
AuthDigest.SHA_256, AuthDigest.MD5));
+        if (HAS_SHA_512_256) {
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_256, 
AuthDigest.MD5, AuthDigest.SHA_512_256));
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_256, 
AuthDigest.SHA_512_256));
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_256, 
AuthDigest.SHA_512_256, AuthDigest.MD5));
+        }
+
+        if (HAS_SHA_512_256) {
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256));
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256, 
AuthDigest.MD5));
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256, 
AuthDigest.MD5, AuthDigest.SHA_256));
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256, 
AuthDigest.SHA_256));
+            ALGORITHM_PERMUTATIONS.add(Arrays.asList(AuthDigest.SHA_512_256, 
AuthDigest.SHA_256, AuthDigest.MD5));
+        }
      }

@Parameterized.Parameters(name = "{index}: Algorithms[{0}], Algorithm[{1}], PwdDigest[{2}], AuthExpected[{3}]")

@@ -90,6 +109,9 @@ public class TestDigestAuthenticatorAlgorithms extends 
TomcatBaseTest {
                      }
                      , algorithms);
              for (AuthDigest algorithm : AuthDigest.values()) {
+                if (algorithm.equals(AuthDigest.SHA_512_256) && 
!HAS_SHA_512_256) {
+                    continue;
+                }
                  boolean authExpected = 
algorithmPermutation.contains(algorithm);
                  for (Boolean digestPassword : booleans) {
                      String user;


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [tomcat] branch 8.5.x updated: Fix failures on Java 7 where SHA_512_256 is not available

Reply via email to