Merge pull request #4010 from MaxMcAdam/fix-unit-tests

Issue #4009 - Fix unit tests
open-horizon · Feb 28, 2024 · 5fa5247 · 5fa5247
2 parents 275ea89 + 987833c
commit 5fa5247
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 9 deletions.
diff --git a/agreementbot/secret_updater_test.go b/agreementbot/secret_updater_test.go
@@ -18,11 +18,11 @@ func Test_SUM_Queue(t *testing.T) {
 	pn = append(pn, "p2")
 	pn = append(pn, "p3")
 
-	su1 := events.NewSecretUpdate("org1", "mysecret1", 100, pn, []string{})
+	su1 := events.NewSecretUpdate("org1", "mysecret1", 100, pn, []string{}, "")
 
 	pn[1] = "p4"
 
-	su2 := events.NewSecretUpdate("org1", "mysecret2", 100, pn, []string{})
+	su2 := events.NewSecretUpdate("org1", "mysecret2", 100, pn, []string{}, "")
 
 	sus := events.NewSecretUpdates()
 	sus.AddSecretUpdate(su1)

diff --git a/events/secret_events_test.go b/events/secret_events_test.go
@@ -18,11 +18,11 @@ func Test_Construction(t *testing.T) {
 	pn = append(pn, "p2")
 	pn = append(pn, "p3")
 
-	su1 := NewSecretUpdate("org1", "mysecret1", 100, pn, []string{})
+	su1 := NewSecretUpdate("org1", "mysecret1", 100, pn, []string{}, "")
 
 	pn[1] = "p4"
 
-	su2 := NewSecretUpdate("org1", "mysecret2", 100, pn, []string{})
+	su2 := NewSecretUpdate("org1", "mysecret2", 100, pn, []string{}, "")
 
 	assert.True(t, su1.PolicyNames[1] == "p2", "The second element of policy names in su1 should have the value 'p2'")
 	assert.True(t, su2.PolicyNames[1] == "p4", "The second element of policy names in su2 should have the value 'p4'")

diff --git a/policy/workload.go b/policy/workload.go
@@ -153,6 +153,15 @@ func (wl Workload) IsSame(compare Workload) bool {
 
 }
 
+// bcrypt limits passwords to 72 bytes. Older versions silently truncated the end of longer passwords, this behaviour has changed to error out on long passwords.
+// this function is to mimic the older behaviour to prevent an unexpected error
+func GenerateFromPassword(password []byte, cost int) ([]byte, error) {
+	if len(password) > 72 {
+		return bcrypt.GenerateFromPassword(password[:72], cost)
+	}
+	return bcrypt.GenerateFromPassword(password, cost)
+}
+
 func (w *Workload) Obscure(agreementId string, defaultPW string) error {
 
 	if w.WorkloadPassword == "" && defaultPW == "" {
@@ -166,7 +175,7 @@ func (w *Workload) Obscure(agreementId string, defaultPW string) error {
 	}
 
 	// Convert the workload password into a hash by first concatenating the agreement id onto the end of the password
-	if hash, err := bcrypt.GenerateFromPassword([]byte(wpw+agreementId), bcrypt.DefaultCost); err != nil {
+	if hash, err := GenerateFromPassword([]byte(wpw+agreementId), bcrypt.DefaultCost); err != nil {
 		return err
 	} else {
 		w.WorkloadPassword = string(hash)

diff --git a/policy/workload_test.go b/policy/workload_test.go
@@ -45,9 +45,9 @@ func Test_workload_pw_hash(t *testing.T) {
 	for i := 0; i < 10; i++ {
 		password := rpw(random)
 		// Perform the hash twice
-		if hash1, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost); err != nil {
+		if hash1, err := GenerateFromPassword([]byte(password), bcrypt.DefaultCost); err != nil {
 			t.Error(err)
-		} else if hash2, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost); err != nil {
+		} else if hash2, err := GenerateFromPassword([]byte(password), bcrypt.DefaultCost); err != nil {
 			t.Error(err)
 		} else if bytes.Compare(hash1, hash2) == 0 {
 			t.Errorf("2 calls to generate hash for %v result in equivalent hashes %v, but should not", password, hash1)
@@ -78,7 +78,7 @@ func Test_workload_pw_hash(t *testing.T) {
 //     hash := "$2a$10$kThocDiwbcdWWTxyiRd8A.YvmpWEncI9ip6vePTPTCFr2qPdw6pQm"
 
 //     // Perform the hash twice
-//     if hash1, err := bcrypt.GenerateFromPassword([]byte(password+agid), bcrypt.DefaultCost); err != nil {
+//     if hash1, err := GenerateFromPassword([]byte(password+agid), bcrypt.DefaultCost); err != nil {
 //         t.Error(err)
 //     } else if err := bcrypt.CompareHashAndPassword(hash1, []byte(password+agid)); err != nil {
 //         t.Error(err)
@@ -92,7 +92,7 @@ func Test_workload_pw_hash_error(t *testing.T) {
 
 	pw := "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
 
-	if hash1, err := bcrypt.GenerateFromPassword([]byte(pw), bcrypt.DefaultCost); err != nil {
+	if hash1, err := GenerateFromPassword([]byte(pw), bcrypt.DefaultCost); err != nil {
 		t.Error(err)
 	} else if len(hash1) == 0 {
 		t.Errorf("bcrypt returned zero length hash\n")