This is an automated email from the ASF dual-hosted git repository. jamesnetherton pushed a commit to branch 3.8.x in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
commit a515d82ae6962597cdf4dfaca40730b722594841 Author: James Netherton <jamesnether...@gmail.com> AuthorDate: Thu Feb 22 11:28:19 2024 +0000 Add JUnit conditions for FIPS mode --- .../camel/quarkus/test/EnabledIfFipsMode.java | 43 ++++++++++++++++ .../quarkus/test/EnabledIfFipsModeCondition.java | 58 ++++++++++++++++++++++ 2 files changed, 101 insertions(+) diff --git a/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsMode.java b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsMode.java new file mode 100644 index 0000000000..a916580a92 --- /dev/null +++ b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsMode.java @@ -0,0 +1,43 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.test; + +import java.lang.annotation.Documented; +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +import org.junit.jupiter.api.extension.ExtendWith; + +/** + * Advertises that a test should be enabled if the JDK has FIPS enabled security providers present. + */ +@Target({ ElementType.TYPE, ElementType.METHOD }) +@Retention(RetentionPolicy.RUNTIME) +@Documented +@ExtendWith(EnabledIfFipsModeCondition.class) +public @interface EnabledIfFipsMode { + /** + * The list of FIPS security provider names to match against for enabling the test. + * If no providers are specified, the default behaviour is to try to match any provider that has + * FIPS in its name. + * + * @return The list of security provider names. + */ + String[] providers() default {}; +} diff --git a/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java new file mode 100644 index 0000000000..34b8ddb7f7 --- /dev/null +++ b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java @@ -0,0 +1,58 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.test; + +import java.security.Provider; +import java.security.Security; +import java.util.List; + +import org.junit.jupiter.api.extension.ConditionEvaluationResult; +import org.junit.jupiter.api.extension.ExecutionCondition; +import org.junit.jupiter.api.extension.ExtensionContext; + +import static org.junit.jupiter.api.extension.ConditionEvaluationResult.disabled; +import static org.junit.jupiter.api.extension.ConditionEvaluationResult.enabled; +import static org.junit.platform.commons.util.AnnotationUtils.findAnnotation; + +public class EnabledIfFipsModeCondition implements ExecutionCondition { + private static final ConditionEvaluationResult ENABLED_BY_DEFAULT = enabled("@EnabledIfFipsMode is not present"); + + @Override + public ConditionEvaluationResult evaluateExecutionCondition(ExtensionContext context) { + return findAnnotation(context.getElement(), EnabledIfFipsMode.class).map(this::map).orElse(ENABLED_BY_DEFAULT); + } + + private ConditionEvaluationResult map(EnabledIfFipsMode annotation) { + List<String> providersToMatch = List.of(annotation.providers()); + Provider[] jdkProviders = Security.getProviders(); + int matchCount = 0; + + for (Provider provider : jdkProviders) { + if (providersToMatch.isEmpty() && provider.getName().toLowerCase().contains("fips")) { + return enabled("Detected FIPS security provider " + provider.getName()); + } else if (providersToMatch.contains(provider.getName())) { + matchCount++; + } + } + + if (!providersToMatch.isEmpty() && matchCount == providersToMatch.size()) { + return enabled("Detected FIPS security providers"); + } + + return disabled("No FIPS security providers were detected"); + } +}