github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-17 17:21:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Jeremy Long
2012-09-06 22:54:16 -04:00
commit d5caab764a
68 changed files with 168507 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
src/test/java/org/codesecure/dependencycheck/data/BaseIndexTestCase.java Normal file
View File

@@ -0,0 +1,97 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import junit.framework.TestCase;
import org.codesecure.dependencycheck.utils.Settings;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public abstract class BaseIndexTestCase extends TestCase {
public BaseIndexTestCase(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
ensureIndexExists();
}
protected void ensureIndexExists() throws Exception {
String indexPath = Settings.getString("index.cpe");
java.io.File f = new File(indexPath);
if (!f.exists()) {
f.mkdirs();
FileInputStream fis = null;
ZipInputStream zin = null;
try {
File path = new File(this.getClass().getClassLoader().getResource("index.cpe.zip").getPath());
fis = new FileInputStream(path);
zin = new ZipInputStream(new BufferedInputStream(fis));
ZipEntry entry;
while ((entry = zin.getNextEntry()) != null) {
if (entry.isDirectory()) {
continue;
}
int BUFFER = 2048;
String outputName = indexPath + File.separatorChar + entry.getName();
FileOutputStream fos = null;
BufferedOutputStream dest = null;
try {
File o = new File(outputName);
// File oPath = new File(o.getParent());
// if (!oPath.exists()) {
// oPath.mkdir();
// }
o.createNewFile();
fos = new FileOutputStream(o,false);
dest = new BufferedOutputStream(fos, BUFFER);
byte data[] = new byte[BUFFER];
int count;
while ((count = zin.read(data, 0, BUFFER)) != -1) {
dest.write(data, 0, count);
}
} catch (Exception ex) {
String ignore = ex.getMessage();
} finally {
try {
dest.flush();
dest.close();
dest = null;
} catch (Throwable ex) { String ignore = ex.getMessage(); }
try {
fos.close();
fos = null;
} catch (Throwable ex) { String ignore = ex.getMessage(); }
}
}
} finally {
try {
if (zin!=null) {
zin.close();
}
zin = null;
} catch (Throwable ex) { String ignore = ex.getMessage(); }
try {
if (fis!=null) {
fis.close();
}
fis = null;
} catch (Throwable ex) { String ignore = ex.getMessage(); }
}
}
}
}

63
src/test/java/org/codesecure/dependencycheck/data/LuceneUtilsTest.java Normal file
View File

@@ -0,0 +1,63 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class LuceneUtilsTest {
public LuceneUtilsTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of appendEscapedLuceneQuery method, of class LuceneUtils.
*/
@Test
public void testAppendEscapedLuceneQuery() {
System.out.println("appendEscapedLuceneQuery");
StringBuilder buf = new StringBuilder();
CharSequence text = "test encoding + - & | ! ( ) { } [ ] ^ \" ~ * ? : \\";
String expResult = "test encoding \\+ \\- \\& \\| \\! \\( \\) \\{ \\} \\[ \\] \\^ \\\" \\~ \\* \\? \\: \\\\";
LuceneUtils.appendEscapedLuceneQuery(buf, text);
assertEquals(expResult, buf.toString());
}
/**
* Test of escapeLuceneQuery method, of class LuceneUtils.
*/
@Test
public void testEscapeLuceneQuery() {
System.out.println("escapeLuceneQuery");
CharSequence text = "test encoding + - & | ! ( ) { } [ ] ^ \" ~ * ? : \\";
String expResult = "test encoding \\+ \\- \\& \\| \\! \\( \\) \\{ \\} \\[ \\] \\^ \\\" \\~ \\* \\? \\: \\\\";
String result = LuceneUtils.escapeLuceneQuery(text);
assertEquals(expResult, result);
}
}

207
src/test/java/org/codesecure/dependencycheck/data/cpe/CPEQueryTest.java Normal file
View File

@@ -0,0 +1,207 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.cpe;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.queryParser.ParseException;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import org.codesecure.dependencycheck.scanner.Dependency;
import org.codesecure.dependencycheck.scanner.JarAnalyzer;
import org.junit.Test;
/**
*
* @author jeremy
*/
public class CPEQueryTest extends BaseIndexTestCase {
public CPEQueryTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of locate method, of class CPEQuery.
* @throws Exception is thrown when an exception occurs.
*/
@Test
public void testLocate() throws Exception {
System.out.println("locate");
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
CPEQuery instance = new CPEQuery();
instance.open();
String expResult = "cpe:/a:apache:struts:2.1.2";
List<Entry> result = instance.searchCPE(vendor, product, version);
assertEquals(expResult, result.get(0).getName());
//TODO - yeah, not a very good test as the results are the same with or without weighting...
List<String> productWeightings = new ArrayList<String>(1);
productWeightings.add("struts2");
List<String> vendorWeightings = new ArrayList<String>(1);
vendorWeightings.add("apache");
result = instance.searchCPE(vendor, product, version,productWeightings,vendorWeightings);
assertEquals(expResult, result.get(0).getName());
vendor = "apache software foundation";
product = "struts 2 core";
version = "2.3.1.2";
//yes, this isn't right. we verify this with another method later
expResult = "cpe:/a:apache:struts";
result = instance.searchCPE(vendor, product, version);
boolean startsWith = result.get(0).getName().startsWith(expResult);
assertTrue("CPE does not begin with apache struts",startsWith);
instance.close();
}
/**
* Tests of buildSearch of class CPEQuery.
* @throws IOException is thrown when an IO Exception occurs.
* @throws CorruptIndexException is thrown when the index is corrupt.
* @throws ParseException is thrown when a parse exception occurs
*/
@Test
public void testBuildSearch() throws IOException, CorruptIndexException, ParseException {
System.out.println("buildSearch");
List<String> productWeightings = new ArrayList<String>(1);
productWeightings.add("struts2");
List<String> vendorWeightings = new ArrayList<String>(1);
vendorWeightings.add("apache");
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
CPEQuery instance = new CPEQuery();
String queryText = instance.buildSearch(vendor, product, version, null, null);
String expResult = " product:( struts 2 core ) vendor:( apache software foundation ) version:(2.1.2)";
assertTrue(expResult.equals(queryText));
queryText = instance.buildSearch(vendor, product, version, null, productWeightings);
expResult = " product:( struts^5 struts2^5 2 core ) vendor:( apache software foundation ) version:(2.1.2^0.2 )";
assertTrue(expResult.equals(queryText));
queryText = instance.buildSearch(vendor, product, version,vendorWeightings,null);
expResult = " product:( struts 2 core ) vendor:( apache^5 software foundation ) version:(2.1.2^0.2 )";
assertTrue(expResult.equals(queryText));
queryText = instance.buildSearch(vendor, product, version, vendorWeightings, productWeightings);
expResult = " product:( struts^5 struts2^5 2 core ) vendor:( apache^5 software foundation ) version:(2.1.2^0.2 )";
assertTrue(expResult.equals(queryText));
}
/**
* Test of open method, of class CPEQuery.
* @throws Exception is thrown when an exception occurs
*/
@Test
public void testOpen() throws Exception {
System.out.println("open");
CPEQuery instance = new CPEQuery();
assertFalse(instance.isOpen());
instance.open();
assertTrue(instance.isOpen());
instance.close();
assertFalse(instance.isOpen());
}
/**
* Test of determineCPE method, of class CPEQuery.
* @throws Exception is thrown when an exception occurs
*/
@Test
public void testDetermineCPE() throws Exception {
System.out.println("determineCPE");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
JarAnalyzer jarAnalyzer = new JarAnalyzer();
Dependency depends = jarAnalyzer.insepct(file);
CPEQuery instance = new CPEQuery();
instance.open();
String expResult = "cpe:/a:apache:struts:2.1.2";
instance.determineCPE(depends);
instance.close();
assertTrue(depends.getCPEs().contains(expResult));
assertTrue(depends.getCPEs().size()==1);
}
/**
* Test of searchCPE method, of class CPEQuery.
* @throws Exception is thrown when an exception occurs
*/
@Test
public void testSearchCPE_3args() throws Exception {
System.out.println("searchCPE - 3 args");
System.out.println("searchCPE");
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
CPEQuery instance = new CPEQuery();
instance.open();
String expResult = "cpe:/a:apache:struts:2.1.2";
List<Entry> result = instance.searchCPE(vendor, product, version);
assertEquals(expResult, result.get(0).getName());
vendor = "apache software foundation";
product = "struts 2 core";
version = "2.3.1.2";
expResult = "cpe:/a:apache:struts";
result = instance.searchCPE(vendor, product, version);
boolean startsWith = result.get(0).getName().startsWith(expResult);
assertTrue("CPE Does not start with apache struts.", startsWith);
instance.close();
}
/**
* Test of searchCPE method, of class CPEQuery.
* @throws Exception is thrown when an exception occurs
*/
@Test
public void testSearchCPE_5args() throws Exception {
System.out.println("searchCPE - 5 args");
String vendor = "apache software foundation";
String product = "struts 2 core";
String version = "2.1.2";
String expResult = "cpe:/a:apache:struts:2.1.2";
CPEQuery instance = new CPEQuery();
instance.open();
//TODO - yeah, not a very good test as the results are the same with or without weighting...
List<String> productWeightings = new ArrayList<String>(1);
productWeightings.add("struts2");
List<String> vendorWeightings = new ArrayList<String>(1);
vendorWeightings.add("apache");
List<Entry> result = instance.searchCPE(vendor, product, version,productWeightings,vendorWeightings);
assertEquals(expResult, result.get(0).getName());
instance.close();
}
}

48
src/test/java/org/codesecure/dependencycheck/data/cpe/EntryTest.java Normal file
View File

@@ -0,0 +1,48 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.cpe;
import org.codesecure.dependencycheck.data.cpe.Entry;
import junit.framework.TestCase;
/**
*
* @author Jeremy Long
*/
public class EntryTest extends TestCase {
public EntryTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of setName method, of class Entry.
* @throws Exception is thrown when an exception occurs.
*/
public void testSetName() throws Exception {
System.out.println("setName");
String name = "cpe:/a:apache:struts:1.1:rc2";
Entry instance = new Entry();
instance.setName(name);
assertEquals(name,instance.getName());
assertEquals("apache", instance.getVendor());
assertEquals("struts", instance.getProduct());
assertEquals("1.1", instance.getVersion());
assertEquals("rc2", instance.getRevision());
}
}

33
src/test/java/org/codesecure/dependencycheck/data/cpe/IndexTestCase.java Normal file
View File

@@ -0,0 +1,33 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.cpe;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
/**
*
* @author jeremy
*/
public class IndexTestCase extends BaseIndexTestCase {
public IndexTestCase(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
public void testIgnoreThisClass() throws Exception {
assertTrue(true);
}
}

47
src/test/java/org/codesecure/dependencycheck/data/cpe/xml/ImporterTest.java Normal file
View File

@@ -0,0 +1,47 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.cpe.xml;
import java.io.File;
import junit.framework.TestCase;
import org.codesecure.dependencycheck.data.cpe.xml.Importer;
import org.xml.sax.Attributes;
/**
*
* @author jeremy
*/
public class ImporterTest extends TestCase {
public ImporterTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of all methods within class CPEHandler.
* @throws Exception is thrown when an excpetion occurs.
*/
public void testHandler() throws Exception {
System.out.println("importXML");
File path = new File(this.getClass().getClassLoader().getResource("official-cpe-dictionary_v2.2.xml").getPath());
Importer.importXML(path.getCanonicalPath());
}
}

112
src/test/java/org/codesecure/dependencycheck/reporting/ReportGeneratorTest.java Normal file
View File

@@ -0,0 +1,112 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.reporting;
import org.codesecure.dependencycheck.scanner.Evidence;
import java.util.List;
import java.util.ArrayList;
import java.io.File;
import org.codesecure.dependencycheck.scanner.Dependency;
import java.util.HashMap;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import java.util.Map;
import org.codesecure.dependencycheck.scanner.Evidence.Confidence;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class ReportGeneratorTest extends BaseIndexTestCase {
public ReportGeneratorTest(String testName) {
super(testName);
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
@Override
public void setUp() {
}
@After
@Override
public void tearDown() {
}
/**
* Test of generateReport method, of class ReportGenerator.
* @throws Exception is thrown when an exception occurs.
*/
@Test
public void testGenerateReport() throws Exception {
System.out.println("generateReport");
String templateName = "HtmlReport";
File f = new File("target/test-reports");
if (!f.exists()) {
f.mkdir();
}
String writeTo = "target/test-reports/Report.html";
Map<String, Object> properties = new HashMap<String, Object>();
Dependency d = new Dependency();
d.setFileName("FileName.jar");
d.setFilePath("lib/FileName.jar");
d.addCPEentry("cpe://a:/some:cpe:1.0");
List<Dependency> dependencies = new ArrayList<Dependency>();
d.getTitleEvidence().addEvidence("jar","filename","<test>test", Confidence.HIGH);
d.getTitleEvidence().addEvidence("manifest","vendor","<test>test", Confidence.HIGH);
for (Evidence e : d.getTitleEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d);
Dependency d2 = new Dependency();
d2.setFileName("Another.jar");
d2.setFilePath("lib/Another.jar");
d2.addCPEentry("cpe://a:/another:cpe:1.0");
d2.addCPEentry("cpe://a:/another:cpe:1.1");
d2.addCPEentry("cpe://a:/another:cpe:1.2");
d2.getTitleEvidence().addEvidence("jar","filename","another.jar", Confidence.HIGH);
d2.getTitleEvidence().addEvidence("manifest","vendor","Company A", Confidence.MEDIUM);
for (Evidence e : d2.getTitleEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d2);
Dependency d3 = new Dependency();
d3.setFileName("Third.jar");
d3.setFilePath("lib/Third.jar");
d3.getTitleEvidence().addEvidence("jar","filename","third.jar", Confidence.HIGH);
for (Evidence e : d3.getTitleEvidence().iterator(Confidence.HIGH)) {
String t = e.getValue();
}
dependencies.add(d3);
properties.put("dependencies",dependencies);
ReportGenerator instance = new ReportGenerator();
instance.generateReport(templateName, writeTo, properties);
//TODO add an assertion here...
//assertTrue("need to add a real check here", false);
}
}

64
src/test/java/org/codesecure/dependencycheck/scanner/DependencyTest.java Normal file
View File

@@ -0,0 +1,64 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.scanner;
import java.util.List;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class DependencyTest {
public DependencyTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of containsUsedString method, of class Dependency.
*/
@Test
public void testContainsUsedString() {
System.out.println("containsUsedString");
String str = "apache";
String str2 = "codesecure";
Dependency instance = new Dependency();
instance.vendorEvidence.addEvidence("manifest", "something", "apache", Evidence.Confidence.HIGH);
instance.vendorEvidence.addEvidence("manifest", "something", "codesecure", Evidence.Confidence.MEDIUM);
assertFalse(instance.containsUsedString(str));
assertFalse(instance.containsUsedString(str2));
for (Evidence i : instance.vendorEvidence.iterator(Evidence.Confidence.HIGH)) {
String readValue = i.getValue();
}
assertTrue(instance.containsUsedString(str));
assertFalse(instance.containsUsedString(str2));
for (Evidence i : instance.vendorEvidence.iterator(Evidence.Confidence.MEDIUM)) {
String readValue = i.getValue();
}
assertTrue(instance.containsUsedString(str));
assertTrue(instance.containsUsedString(str2));
}
}

55
src/test/java/org/codesecure/dependencycheck/scanner/JarAnalyzerTest.java Normal file
View File

@@ -0,0 +1,55 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.scanner;
import java.io.File;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class JarAnalyzerTest {
public JarAnalyzerTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of insepct method, of class JarAnalyzer.
* @throws Exception is thrown when an excpetion occurs.
*/
@Test
public void testInsepct() throws Exception {
System.out.println("insepct");
File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
JarAnalyzer instance = new JarAnalyzer();
Dependency result = instance.insepct(file);
assertEquals("C30B57142E1CCBC1EFD5CD15F307358F", result.getMd5sum());
assertEquals("89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B", result.getSha1sum());
assertTrue(result.getVendorEvidence().toString().toLowerCase().contains("apache"));
assertTrue(result.getVendorEvidence().getWeighting().contains("apache"));
}
}

71
src/test/java/org/codesecure/dependencycheck/scanner/ScannerTest.java Normal file
View File

@@ -0,0 +1,71 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.scanner;
import org.codesecure.dependencycheck.data.cpe.CPEQuery;
import java.io.IOException;
import org.codesecure.dependencycheck.data.BaseIndexTestCase;
import java.io.File;
import java.util.List;
import java.util.Map;
import org.codesecure.dependencycheck.reporting.ReportGenerator;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class ScannerTest extends BaseIndexTestCase{
public ScannerTest(String testName) {
super(testName);
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of scan method, of class Scanner.
* @throws Exception is thrown when an exception occurs.
*/
@Test
public void testScan() throws Exception {
System.out.println("scan");
String path = "./src/test/resources";
Scanner instance = new Scanner();
instance.scan(path);
assertTrue(instance.getDependencies().size()>0);
// CPEQuery query = new CPEQuery();
// query.open();
// List<Dependency> dependencies = instance.getDependencies();
// for (Dependency d : dependencies) {
// query.determineCPE(d);
// }
// query.close();
// ReportGenerator rg = new ReportGenerator();
// rg.generateReports("./target/", "DependencyCheck", instance.getDependencies());
}
}

132
src/test/java/org/codesecure/dependencycheck/utils/ChecksumTest.java Normal file
View File

@@ -0,0 +1,132 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.utils;
import java.io.File;
import java.io.FileNotFoundException;
import java.security.NoSuchAlgorithmException;
import junit.framework.TestCase;
import org.junit.Test;
/**
*
* @author jeremy
*/
public class ChecksumTest extends TestCase {
public ChecksumTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of getChecksum method, of class Checksum.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testGetChecksum() throws Exception {
System.out.println("getChecksum (md5)");
String algorithm = "MD5";
File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
byte[] expResult = {-16, -111, 92, 95, 70, -72, -49, -94, -125, -27, -83, 103, -96, -101, 55, -109};
byte[] result = Checksum.getChecksum(algorithm, file);
boolean arraysAreEqual = true;
if (expResult.length == result.length) {
for (int i = 0; arraysAreEqual && i < result.length; i++) {
arraysAreEqual = result[i] == expResult[i];
}
} else {
fail("Checksum results do not match expected results.");
}
assertTrue(arraysAreEqual);
}
/**
* Test of getChecksum method, of class Checksum. This checks that an
* excpetion is thrown when an invalid path is specified.
*
* @throws Exception is thrown when an exception occurs.
*/
@Test
public void testGetChecksum_FileNotFound() throws Exception {
System.out.println("getChecksum (invalid path)");
String algorithm = "MD5";
File file = new File("not a valid file");
boolean exceptionThrown = false;
try {
byte[] result = Checksum.getChecksum(algorithm, file);
} catch (FileNotFoundException ex) {
exceptionThrown = true;
}
assertTrue(exceptionThrown);
}
/**
* Test of getChecksum method, of class Checksum. This checks that an
* exception is thrown when an invalid algorithm is specified.
*
* @throws Exception is thrown when an exception occurs.
*/
@Test
public void testGetChecksum_NoSuchAlgorithm() throws Exception {
System.out.println("getChecksum (invalid algorithm)");
String algorithm = "some unknown algorithm";
File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
boolean exceptionThrown = false;
try {
byte[] result = Checksum.getChecksum(algorithm, file);
} catch (NoSuchAlgorithmException ex) {
exceptionThrown = true;
}
assertTrue(exceptionThrown);
}
/**
* Test of getMD5Checksum method, of class Checksum.
* @throws Exception is thrown when an exception occurs.
*/
@Test
public void testGetMD5Checksum() throws Exception {
System.out.println("getMD5Checksum");
File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
String expResult = "F0915C5F46B8CFA283E5AD67A09B3793";
String result = Checksum.getMD5Checksum(file);
assertEquals(expResult, result);
}
/**
* Test of getSHA1Checksum method, of class Checksum.
* @throws Exception is thrown when an exception occurs.
*/
@Test
public void testGetSHA1Checksum() throws Exception {
System.out.println("getSHA1Checksum");
File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
String expResult = "B8A9FF28B21BCB1D0B50E24A5243D8B51766851A";
String result = Checksum.getSHA1Checksum(file);
assertEquals(expResult, result);
}
/**
* Test of getHex method, of class Checksum.
*/
@Test
public void testGetHex() {
System.out.println("getHex");
byte[] raw = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
String expResult = "000102030405060708090A0B0C0D0E0F10";
String result = Checksum.getHex(raw);
assertEquals(expResult, result);
}
}

349
src/test/java/org/codesecure/dependencycheck/utils/CliParserTest.java Normal file
View File

@@ -0,0 +1,349 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.utils;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.PrintStream;
import junit.framework.TestCase;
import org.apache.commons.cli.ParseException;
import org.junit.Test;
/**
*
* @author jeremy
*/
public class CliParserTest extends TestCase {
public CliParserTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of parse method, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse() throws Exception {
System.out.println("parse");
String[] args = {};
PrintStream out = System.out;
ByteArrayOutputStream baos = new ByteArrayOutputStream();
System.setOut(new PrintStream(baos));
CliParser instance = new CliParser();
instance.parse(args);
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with help arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_help() throws Exception {
System.out.println("parse -help");
String[] args = {"-help"};
PrintStream out = System.out;
CliParser instance = new CliParser();
instance.parse(args);
assertFalse(instance.isGetVersion());
assertTrue(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with version arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_version() throws Exception {
System.out.println("parse -ver");
String[] args = {"-version"};
CliParser instance = new CliParser();
instance.parse(args);
assertTrue(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar and cpe args, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_scan_cpe() throws Exception {
System.out.println("parse -cpe file -scan file");
String[] args = {"-scan", "file", "-cpe", "file"};
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (ParseException ex) {
assertTrue(ex.getMessage().contains("an option from this group has already been selected"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar and cpe args, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_unknown() throws Exception {
System.out.println("parse -unknown");
String[] args = {"-unknown"};
PrintStream out = System.out;
PrintStream err = System.err;
ByteArrayOutputStream baos_out = new ByteArrayOutputStream();
ByteArrayOutputStream baos_err = new ByteArrayOutputStream();
System.setOut(new PrintStream(baos_out));
System.setErr(new PrintStream(baos_err));
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (ParseException ex) {
assertTrue(ex.getMessage().contains("Unrecognized option"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with scan arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_scan() throws Exception {
System.out.println("parse -scan");
String[] args = {"-scan"};
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (ParseException ex) {
assertTrue(ex.getMessage().contains("Missing argument"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_scan_unknownFile() throws Exception {
System.out.println("parse -scan jar.that.does.not.exist");
String[] args = {"-scan", "jar.that.does.not.exist", "-app", "test"};
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (FileNotFoundException ex) {
assertTrue(ex.getMessage().contains("Invalid file argument"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_scan_withFileExists() throws Exception {
System.out.println("parse -scan checkSumTest.file");
File path = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
String[] args = {"-scan", path.getCanonicalPath(), "-out", "./", "-app", "test"};
CliParser instance = new CliParser();
instance.parse(args);
assertEquals(path.getCanonicalPath(), instance.getScanFiles()[0]);
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertTrue(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with cpe arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_cpe() throws Exception {
System.out.println("parse -cpe");
String[] args = {"-cpe"};
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (ParseException ex) {
assertTrue(ex.getMessage().contains("Missing argument"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_cpe_unknownFile() throws Exception {
System.out.println("parse -cpe cpe.that.does.not.exist");
String[] args = {"-cpe", "cpe.that.does.not.exist"};
CliParser instance = new CliParser();
try {
instance.parse(args);
} catch (FileNotFoundException ex) {
assertTrue(ex.getMessage().contains("Invalid file argument"));
}
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertFalse(instance.isLoadCPE());
}
/**
* Test of parse method with jar arg, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_cpe_withFileExists() throws Exception {
System.out.println("parse -cpe checkSumTest.file");
File path = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
String[] args = {"-cpe", path.getCanonicalPath()};
CliParser instance = new CliParser();
instance.parse(args);
assertEquals(path.getCanonicalPath(), instance.getCpeFile());
assertFalse(instance.isGetVersion());
assertFalse(instance.isGetHelp());
assertFalse(instance.isRunScan());
assertTrue(instance.isLoadCPE());
}
/**
* Test of printVersionInfo, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_printVersionInfo() throws Exception {
System.out.println("printVersionInfo");
PrintStream out = System.out;
ByteArrayOutputStream baos = new ByteArrayOutputStream();
System.setOut(new PrintStream(baos));
CliParser instance = new CliParser();
instance.printVersionInfo();
try {
baos.flush();
String text = (new String(baos.toByteArray())).toLowerCase();
String[] lines = text.split(System.getProperty("line.separator"));
assertEquals(1, lines.length);
assertTrue(text.contains("version"));
assertTrue(!text.contains("unknown"));
} catch (IOException ex) {
System.setOut(out);
fail("CliParser.printVersionInfo did not write anything to system.out.");
} finally {
System.setOut(out);
}
}
/**
* Test of printHelp, of class CliParser.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testParse_printHelp() throws Exception {
System.out.println("printHelp");
PrintStream out = System.out;
ByteArrayOutputStream baos = new ByteArrayOutputStream();
System.setOut(new PrintStream(baos));
CliParser instance = new CliParser();
instance.printHelp();
try {
baos.flush();
String text = (new String(baos.toByteArray()));
String[] lines = text.split(System.getProperty("line.separator"));
assertEquals("usage: DependencyCheck [-a <name>] [-c <file> | -s <path>] [-h] [-o", lines[0]);
assertEquals(" <folder>] [-v]", lines[1]);
assertEquals(8, lines.length);
} catch (IOException ex) {
System.setOut(out);
fail("CliParser.printVersionInfo did not write anything to system.out.");
} finally {
System.setOut(out);
}
}
}

50
src/test/java/org/codesecure/dependencycheck/utils/DownloaderTest.java Normal file
View File

@@ -0,0 +1,50 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.utils;
import java.net.URL;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class DownloaderTest {
public DownloaderTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of fetchFile method, of class Downloader.
* @throws Exception thrown when an excpetion occurs.
*/
@Test
public void testFetchFile_URL_String() throws Exception {
System.out.println("fetchFile");
URL url = new URL(Settings.getString(Settings.KEYS.CPE_URL));
String outputPath = "target\\downloaded_cpe.xml";
Downloader.fetchFile(url, outputPath);
}
}

82
src/test/java/org/codesecure/dependencycheck/utils/FilterTest.java Normal file
View File

@@ -0,0 +1,82 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.utils;
import java.util.List;
import java.util.ArrayList;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class FilterTest {
public FilterTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of passes method, of class Filter.
*/
@Test
public void testPasses() {
System.out.println("passes");
String keep = "keep";
String fail = "fail";
assertTrue("String contained keep - but passes returned false.", TEST_FILTER.passes(keep));
assertFalse("String contained fail - but passes returned true.", TEST_FILTER.passes(fail));
}
/**
* Test of filter method, of class Filter.
*/
@Test
public void testFilter_Iterable() {
System.out.println("filter");
List<String> testData = new ArrayList<String>();
testData.add("keep");
testData.add("remove");
testData.add("keep");
List<String> expResults = new ArrayList<String>();
expResults.add("keep");
expResults.add("keep");
List<String> actResults = new ArrayList<String>();
for (String s : TEST_FILTER.filter(testData)) {
actResults.add(s);
}
assertArrayEquals(expResults.toArray(), actResults.toArray());
}
private static final Filter<String> TEST_FILTER =
new Filter<String>() {
public boolean passes(String str) {
return str.contains("keep");
}
};
}

41
src/test/java/org/codesecure/dependencycheck/utils/SettingsTest.java Normal file
View File

@@ -0,0 +1,41 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.utils;
import junit.framework.TestCase;
import org.junit.Test;
/**
*
* @author jeremy
*/
public class SettingsTest extends TestCase {
public SettingsTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of getString method, of class Settings.
*/
@Test
public void testGetString() {
System.out.println("getString");
String key = Settings.KEYS.CPE_INDEX;
String expResult = "target/store/cpe";
String result = Settings.getString(key);
assertTrue(result.endsWith(expResult));
}
}

47
src/test/java/org/codesecure/dependencycheck/xml/CPEEntryTest.java Normal file
View File

@@ -0,0 +1,47 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.cpe.xml;
import org.codesecure.dependencycheck.data.cpe.Entry;
import junit.framework.TestCase;
/**
*
* @author Jeremy Long
*/
public class CPEEntryTest extends TestCase {
public CPEEntryTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of setName method, of class Entry.
*/
public void testSetName() throws Exception {
System.out.println("setName");
String name = "cpe:/a:apache:struts:1.1:rc2";
Entry instance = new Entry();
instance.setName(name);
assertEquals(name,instance.getName());
assertEquals("apache", instance.getVendor());
assertEquals("struts", instance.getProduct());
assertEquals("1.1", instance.getVersion());
assertEquals("rc2", instance.getRevision());
}
}

47
src/test/java/org/codesecure/dependencycheck/xml/CPEHandlerTest.java Normal file
View File

@@ -0,0 +1,47 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.cpe.xml;
import java.io.File;
import junit.framework.TestCase;
import org.codesecure.dependencycheck.data.cpe.xml.Importer;
import org.xml.sax.Attributes;
/**
*
* @author jeremy
*/
public class CPEHandlerTest extends TestCase {
public CPEHandlerTest(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
}
@Override
protected void tearDown() throws Exception {
super.tearDown();
}
/**
* Test of all methods within class CPEHandler.
*/
public void testHandler() throws Exception {
System.out.println("CPEHandler");
File path = new File(this.getClass().getClassLoader().getResource("official-cpe-dictionary_v2.2.xml").getPath());
Importer.importXML(path.getCanonicalPath());
}
}

1
src/test/resources/checkSumTest.file Normal file
View File

@@ -0,0 +1 @@
this is a test file used to check the checksums.

BIN
src/test/resources/commons-cli-1.2.jar Normal file
View File

Binary file not shown.

BIN
src/test/resources/jetty-6.1.0.jar Normal file
View File

Binary file not shown.

160343
src/test/resources/official-cpe-dictionary_v2.2.xml Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
src/test/resources/org.mortbay.jetty.jar Normal file
View File

Binary file not shown.

BIN
src/test/resources/org.mortbay.jmx.jar Normal file
View File

Binary file not shown.

BIN
src/test/resources/struts2-core-2.1.2.jar Normal file
View File

Binary file not shown.