Skip to content

Commit cb50226

Browse files
ic0nsic0ns
authored
Merge pull request #446 from tls-attacker/json_tests_jodatime_fix
Added JSON Serialization Tests and improved API
2 parents 29922b9 + 2114ad9 commit cb50226

File tree

2 files changed

+151
-1
lines changed

2 files changed

+151
-1
lines changed

TLS-Server-Scanner/src/main/java/de/rub/nds/tlsscanner/serverscanner/report/ServerReportSerializer.java

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,9 @@
1313
import com.fasterxml.jackson.databind.ObjectMapper;
1414
import com.fasterxml.jackson.databind.SerializationFeature;
1515
import java.io.File;
16+
import java.io.FileOutputStream;
1617
import java.io.IOException;
18+
import java.io.OutputStream;
1719
import java.math.BigDecimal;
1820
import org.apache.logging.log4j.LogManager;
1921
import org.apache.logging.log4j.Logger;
@@ -27,6 +29,17 @@ private ServerReportSerializer() {
2729
}
2830

2931
public static void serialize(File outputFile, ServerReport scanReport) {
32+
try {
33+
if (!outputFile.exists()) {
34+
outputFile.createNewFile();
35+
}
36+
serialize(new FileOutputStream(outputFile), scanReport);
37+
} catch (IOException ex) {
38+
LOGGER.error("Could not write report to file", ex);
39+
}
40+
}
41+
42+
public static void serialize(OutputStream stream, ServerReport scanReport) {
3043
try {
3144
ObjectMapper mapper = new ObjectMapper();
3245
for (Module modules : ServerReport.getSerializerModules()) {
@@ -35,7 +48,7 @@ public static void serialize(File outputFile, ServerReport scanReport) {
3548
mapper.configure(SerializationFeature.FAIL_ON_EMPTY_BEANS, false);
3649
mapper.configOverride(BigDecimal.class)
3750
.setFormat(JsonFormat.Value.forShape(JsonFormat.Shape.STRING));
38-
mapper.writeValue(outputFile, scanReport);
51+
mapper.writeValue(stream, scanReport);
3952
} catch (IOException ex) {
4053
LOGGER.error(ex);
4154
}

TLS-Server-Scanner/src/test/java/de/rub/nds/tlsscanner/serverscanner/report/ServerReportSerializerTest.java

Lines changed: 137 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,137 @@
1+
/*
2+
* TLS-Scanner - A TLS configuration and analysis tool based on TLS-Attacker
3+
*
4+
* Copyright 2017-2023 Ruhr University Bochum, Paderborn University, Technology Innovation Institute, and Hackmanit GmbH
5+
*
6+
* Licensed under Apache License, Version 2.0
7+
* http://www.apache.org/licenses/LICENSE-2.0.txt
8+
*/
9+
package de.rub.nds.tlsscanner.serverscanner.report;
10+
11+
import de.rub.nds.protocol.constants.HashAlgorithm;
12+
import de.rub.nds.protocol.constants.SignatureAlgorithm;
13+
import de.rub.nds.protocol.crypto.key.RsaPublicKey;
14+
import de.rub.nds.scanner.core.guideline.GuidelineAdherence;
15+
import de.rub.nds.scanner.core.guideline.GuidelineCheckResult;
16+
import de.rub.nds.scanner.core.guideline.GuidelineReport;
17+
import de.rub.nds.scanner.core.passive.ExtractedValueContainer;
18+
import de.rub.nds.scanner.core.passive.TrackableValue;
19+
import de.rub.nds.scanner.core.probe.result.ListResult;
20+
import de.rub.nds.scanner.core.probe.result.TestResults;
21+
import de.rub.nds.scanner.core.report.PerformanceData;
22+
import de.rub.nds.scanner.core.report.rating.PropertyResultRatingInfluencer;
23+
import de.rub.nds.scanner.core.report.rating.ScoreReport;
24+
import de.rub.nds.tlsscanner.core.constants.TlsAnalyzedProperty;
25+
import de.rub.nds.tlsscanner.core.constants.TlsProbeType;
26+
import de.rub.nds.tlsscanner.core.probe.certificate.CertificateChainReport;
27+
import de.rub.nds.tlsscanner.core.probe.certificate.CertificateReport;
28+
import de.rub.nds.tlsscanner.serverscanner.probe.CertificateProbe;
29+
import de.rub.nds.tlsscanner.serverscanner.probe.CipherSuiteOrderProbe;
30+
import de.rub.nds.x509attacker.constants.KeyUsage;
31+
import de.rub.nds.x509attacker.constants.X509ExtensionType;
32+
import de.rub.nds.x509attacker.constants.X509NamedCurve;
33+
import de.rub.nds.x509attacker.constants.X509SignatureAlgorithm;
34+
import de.rub.nds.x509attacker.constants.X509Version;
35+
import de.rub.nds.x509attacker.x509.X509CertificateChain;
36+
import java.io.ByteArrayOutputStream;
37+
import java.math.BigInteger;
38+
import java.util.HashMap;
39+
import java.util.LinkedList;
40+
import java.util.List;
41+
import java.util.Set;
42+
import org.joda.time.DateTime;
43+
import org.joda.time.Duration;
44+
import org.junit.jupiter.api.Test;
45+
46+
public class ServerReportSerializerTest {
47+
48+
@Test
49+
void testSerializeEmpty() {
50+
ServerReport report = new ServerReport();
51+
ServerReportSerializer.serialize(new ByteArrayOutputStream(), report);
52+
// This should not throw an exception
53+
}
54+
55+
@Test
56+
void testSerializeFullReport() {
57+
ScoreReport scoreReport = new ScoreReport(5, new HashMap<>());
58+
scoreReport
59+
.getInfluencers()
60+
.put(
61+
TlsAnalyzedProperty.ACCEPTS_EMPTY_COOKIE,
62+
new PropertyResultRatingInfluencer(TestResults.CANNOT_BE_TESTED, 10));
63+
64+
List<GuidelineCheckResult> checkResultList = new LinkedList<>();
65+
checkResultList.add(new GuidelineCheckResult("some checke", GuidelineAdherence.ADHERED));
66+
GuidelineReport guidelineReport =
67+
new GuidelineReport("guideline", "here is a link", checkResultList);
68+
69+
CertificateReport certReport = new CertificateReport();
70+
certReport.setAlternativeNames(List.of("value1"));
71+
certReport.setCertificateTransparency(true);
72+
certReport.setCrlSupported(true);
73+
certReport.setCustomTrustAnchor(true);
74+
certReport.setDnsCAA(true);
75+
certReport.setExtendedKeyUsagePresent(true);
76+
certReport.setExtendedKeyUsageServerAuth(true);
77+
certReport.setExtendedValidation(true);
78+
certReport.setHashAlgorithm(HashAlgorithm.GOST_R3411_12);
79+
certReport.setIssuer("test");
80+
certReport.setKeyUsageSet(Set.of(KeyUsage.CRL_SIGN));
81+
certReport.setLeafCertificate(true);
82+
certReport.setNamedCurve(X509NamedCurve.BRAINPOOLP160R1);
83+
certReport.setNotAfter(new DateTime(12345));
84+
certReport.setNotBefore(new DateTime(DateTime.now().getMillis() - 1000));
85+
certReport.setOriginalFullDuration(Duration.standardDays(4));
86+
certReport.setOcspMustStaple(true);
87+
certReport.setOcspSupported(false);
88+
certReport.setPublicKey(new RsaPublicKey(BigInteger.ONE, BigInteger.TEN));
89+
certReport.setRemainingDuration(Duration.millis(100));
90+
certReport.setRevoked(false);
91+
certReport.setRocaVulnerable(false);
92+
certReport.setSelfSigned(true);
93+
certReport.setSha256Fingerprint(new byte[] {1, 2, 3});
94+
certReport.setSha256Pin("thisisthepin");
95+
certReport.setSignatureAlgorithm(SignatureAlgorithm.ED448);
96+
certReport.setSignatureAndHashAlgorithmOid(X509SignatureAlgorithm.DSA_WITH_SHA1.getOid());
97+
certReport.setSubject("hello");
98+
certReport.setSupportedExtensionTypes(
99+
List.of(
100+
X509ExtensionType.AUTHORITY_INFORMATION_ACCESS,
101+
X509ExtensionType.BASIC_CONSTRAINTS));
102+
certReport.setTrustAnchor(true);
103+
certReport.setTrusted(true);
104+
certReport.setVersion(X509Version.V2);
105+
certReport.setWeakDebianKey(true);
106+
certReport.setX509SignatureAlgorithm(X509SignatureAlgorithm.ECDSA_WITH_SHA384);
107+
108+
CertificateChainReport chainReport =
109+
new CertificateChainReport(new X509CertificateChain(), "test");
110+
111+
ServerReport report = new ServerReport();
112+
report.setConfigProfileIdentifier("something");
113+
report.setScanEndTime(1000);
114+
report.setScanStartTime(0);
115+
report.setConfigProfileIdentifierTls13("some identifier");
116+
report.setIsHandshaking(true);
117+
report.setPerformedConnections(10);
118+
report.setScore(5);
119+
report.setScoreReport(scoreReport);
120+
report.setServerIsAlive(true);
121+
report.setSpeaksProtocol(true);
122+
report.addGuidelineReport(guidelineReport);
123+
report.markProbeAsExecuted(new CertificateProbe(null, null));
124+
report.markProbeAsUnexecuted(new CipherSuiteOrderProbe(null, null));
125+
report.recordProbePerformance(new PerformanceData(TlsProbeType.ALPN, 0, 10));
126+
report.putExtractedValueContainer(
127+
new TrackableValue() {}, new ExtractedValueContainer<>(new TrackableValue() {}));
128+
report.putResult(
129+
TlsAnalyzedProperty.ACCEPTS_EMPTY_COOKIE,
130+
new ListResult<>(TlsAnalyzedProperty.CERTIFICATE_CHAINS, List.of(chainReport)));
131+
report.putResult(
132+
TlsAnalyzedProperty.CERTIFICATE_CHAINS,
133+
new ListResult<>(TlsAnalyzedProperty.CERTIFICATE_CHAINS, List.of(certReport)));
134+
ServerReportSerializer.serialize(new ByteArrayOutputStream(), report);
135+
// This should not throw an exception
136+
}
137+
}

0 commit comments

Comments
 (0)