CryptoAnalysis
CryptoAnalysis copied to clipboard
CROSSINGTUD
Only immediate assertions work in usage pattern tests
For a generated predicate, its corresponding assertion in the usage pattern test is expected to be immediately after the statement (that has the object for which predicate is generated). Is it a correct behaviour? The predicate gets negated even though there are not statements explicitly negating it. An example of a negating statement would be clearPassword() from PBEKeySpec rule
In the sample test case below, the first hasEnsuredPredicate assertion on key passes, but fails for the second assertion of same type.
@Test
public void keyStoreInvalidTest10() throws NoSuchAlgorithmException, UnrecoverableKeyException, IOException,
KeyStoreException, CertificateException {
char[] passwordKey = null;
String alias = null;
Entry entry = null;
InputStream fileinput = null;
String keyStoreAlgorithm = null;
String aliasSet = null;
ProtectionParameter protParamSet = null;
char[] passwordIn = null;
LoadStoreParameter paramStore = null;
KeyStore keyStore0 = KeyStore.getInstance(keyStoreAlgorithm);
keyStore0.load(fileinput, passwordIn);
Key key = keyStore0.getKey(alias, passwordKey);
Assertions.hasEnsuredPredicate(key); // PASSES
keyStore0.setEntry(aliasSet, entry, protParamSet);
keyStore0.store(paramStore);
Assertions.hasEnsuredPredicate(key); // FAILS
Assertions.mustBeInAcceptingState(keyStore0);
}
For a conditional predicate, its corresponding assertion in the usage pattern test is expected to be immediately after the statement (that has the object for which predicate is generated).
@Test
public void secureRandomValidTest11() throws NoSuchAlgorithmException {
long lSeed = 0;
SecureRandom secureRandom0 = SecureRandom.getInstance("SHA1PRNG");
Assertions.hasEnsuredPredicate(secureRandom0); // PASSES
secureRandom0.setSeed(lSeed);
Assertions.hasEnsuredPredicate(secureRandom0); // FAILS
Assertions.mustBeInAcceptingState(secureRandom0);
}