Merge branch 'master' of https://github.com/kwwall/esapi-java-legacy

davewichers · davewichers · commit aec5c6aa0902 · 2019-04-14T00:06:43.000-04:00
diff --git a/src/test/java/org/owasp/esapi/reference/crypto/EncryptorTest.java b/src/test/java/org/owasp/esapi/reference/crypto/EncryptorTest.java
@@ -238,10 +238,10 @@ public void testNewEncryptDecrypt() {
      *         strength crypto is not available for this Java VM.
      */
     private String runNewEncryptDecryptTestCase(String cipherXform, int keySize, byte[] plaintextBytes) {
-    	System.out.println("New encrypt / decrypt: " + cipherXform);
+    	System.err.println("New encrypt / decrypt: " + cipherXform + "; requested key size: " + keySize + " bits.");
     	
     	if ( keySize > 128 && !unlimitedStrengthJurisdictionPolicyInstalled ) {
-    	    System.out.println("Skipping test for cipher transformation " +
+    	    System.err.println("Skipping test for cipher transformation " +
     	                       cipherXform + " with key size of " + keySize +
     	                       " bits because this requires JCE Unlimited Strength" +
     	                       " Jurisdiction Policy files to be installed and they" +
@@ -254,16 +254,21 @@ private String runNewEncryptDecryptTestCase(String cipherXform, int keySize, byt
 			SecretKey skey = CryptoHelper.generateSecretKey(cipherXform, keySize);	
 			assertTrue( skey.getAlgorithm().equals(cipherXform.split("/")[0]) );
 			String cipherAlg = cipherXform.split("/")[0];
+
+            System.err.println("Key size of generated encoded key: " + skey.getEncoded().length * 8 + " bits.");
 			
 			// Adjust key size for DES and DESede specific oddities.
 			// NOTE: Key size that encrypt() method is using is 192 bits!!!
     		//        which is 3 times 64 bits, but DES key size is only 56 bits.
     		// See 'IMPORTANT NOTE', in JavaEncryptor, near line 376. It's a "feature"!!!
 			if ( cipherAlg.equals( "DESede" ) ) {
+                System.err.println("Adjusting requested key size of " + keySize + " bits to 192 bits for DESede");
 				keySize = 192;
 			} else if ( cipherAlg.equals( "DES" ) ) {
+                System.err.println("Adjusting requested key size of " + keySize + " bits to 64 bits for DES");
 				keySize = 64;
 			} // Else... use specified keySize.
+
             assertTrue(cipherXform + ": encoded key size of " + skey.getEncoded().length + " shorter than requested key size of: " + (keySize / 8),
             		skey.getEncoded().length >= (keySize / 8) );
 
@@ -273,7 +278,7 @@ private String runNewEncryptDecryptTestCase(String cipherXform, int keySize, byt
 	    	@SuppressWarnings("deprecation")
 			String oldCipherXform = ESAPI.securityConfiguration().setCipherTransformation(cipherXform);
 	    	if ( ! cipherXform.equals(oldCipherXform) ) {
-	    		System.out.println("Cipher xform changed from \"" + oldCipherXform + "\" to \"" + cipherXform + "\"");
+	    		System.err.println("Cipher xform changed from \"" + oldCipherXform + "\" to \"" + cipherXform + "\"");
 	    	}
 	    	
 	    	// Get an Encryptor instance with the specified, possibly new, cipher transformation.
@@ -283,12 +288,12 @@ private String runNewEncryptDecryptTestCase(String cipherXform, int keySize, byt
 	    	
 	    	// Do the encryption with the new encrypt() method and get back the CipherText.
 	    	CipherText ciphertext = instance.encrypt(skey, plaintext);	// The new encrypt() method.
-	    	System.out.println("DEBUG: Encrypt(): CipherText object is -- " + ciphertext);
+	    	System.err.println("DEBUG: Encrypt(): CipherText object is -- " + ciphertext);
 	    	assertNotNull( ciphertext );
-//	    	System.out.println("DEBUG: After encryption: base64-encoded IV+ciphertext: " + ciphertext.getEncodedIVCipherText());
-//	    	System.out.println("\t\tOr... " + ESAPI.encoder().decodeFromBase64(ciphertext.getEncodedIVCipherText()) );
-//	    	System.out.println("DEBUG: After encryption: base64-encoded raw ciphertext: " + ciphertext.getBase64EncodedRawCipherText());
-//	    	System.out.println("\t\tOr... " + ESAPI.encoder().decodeFromBase64(ciphertext.getBase64EncodedRawCipherText()) );
+//	    	System.err.println("DEBUG: After encryption: base64-encoded IV+ciphertext: " + ciphertext.getEncodedIVCipherText());
+//	    	System.err.println("\t\tOr... " + ESAPI.encoder().decodeFromBase64(ciphertext.getEncodedIVCipherText()) );
+//	    	System.err.println("DEBUG: After encryption: base64-encoded raw ciphertext: " + ciphertext.getBase64EncodedRawCipherText());
+//	    	System.err.println("\t\tOr... " + ESAPI.encoder().decodeFromBase64(ciphertext.getBase64EncodedRawCipherText()) );
 
 	    	// If we are supposed to have overwritten the plaintext, check this to see
 	    	// if origPlainText was indeed overwritten.
