Scott changes.

NationalSecurityAgency · Sep 19, 2023 · 4f7a4c1 · 4f7a4c1
1 parent 0a26a76
commit 4f7a4c1
Show file tree

Hide file tree

Showing 2 changed files with 68 additions and 9 deletions.
diff --git a/src/main/java/emissary/core/SafeUsageChecker.java b/src/main/java/emissary/core/SafeUsageChecker.java
@@ -22,21 +22,22 @@
 public class SafeUsageChecker {
     protected static final Logger LOGGER = LoggerFactory.getLogger(SafeUsageChecker.class);
 
-    public static final boolean ENABLED;
+    public static final String ENABLED_KEY = "ENABLED";
+    public static final boolean ENABLED_FROM_CONFIGURATION;
     public static final String UNSAFE_MODIFICATION_DETECTED = "Detected unsafe changes to IBDO byte array contents";
 
     static {
-        boolean enabled = false;
+        boolean enabledFromConfiguration = false;
 
         try {
             Configurator configurator = ConfigUtil.getConfigInfo(SafeUsageChecker.class);
 
-            enabled = configurator.findBooleanEntry("ENABLED", enabled);
+            enabledFromConfiguration = configurator.findBooleanEntry(ENABLED_KEY, enabledFromConfiguration);
         } catch (IOException e) {
-            LOGGER.info("Could not get configuration!", e);
+            LOGGER.warn("Could not get configuration!", e);
         }
 
-        ENABLED = enabled;
+        ENABLED_FROM_CONFIGURATION = enabledFromConfiguration;
     }
 
     /**
@@ -45,12 +46,21 @@ public class SafeUsageChecker {
      * changes back to the IBDO
      */
     private final Map<byte[], String> cache = new HashMap<>();
+    public final boolean enabled;
+
+    public SafeUsageChecker() {
+        enabled = ENABLED_FROM_CONFIGURATION;
+    }
+
+    public SafeUsageChecker(Configurator configurator) {
+        enabled = configurator.findBooleanEntry(ENABLED_KEY, ENABLED_FROM_CONFIGURATION);
+    }
 
     /**
      * Resets the snapshot cache
      */
     public void reset() {
-        if (ENABLED) {
+        if (enabled) {
             cache.clear();
         }
     }
@@ -61,7 +71,7 @@ public void reset() {
      * @param bytes byte[] for which a snapshot should be captured
      */
     public void recordSnapshot(final byte[] bytes) {
-        if (ENABLED) {
+        if (enabled) {
             cache.put(bytes, ByteUtil.sha256Bytes(bytes));
         }
     }
@@ -73,7 +83,7 @@ public void recordSnapshot(final byte[] bytes) {
      * @param bytes byte[] for which a snapshot should be captured
      */
     public void resetCacheThenRecordSnapshot(final byte[] bytes) {
-        if (ENABLED) {
+        if (enabled) {
             reset();
             recordSnapshot(bytes);
         }
@@ -85,7 +95,7 @@ public void resetCacheThenRecordSnapshot(final byte[] bytes) {
      * @return boolean indication of unsafe changes
      */
     public boolean checkForUnsafeDataChanges() {
-        if (ENABLED) {
+        if (enabled) {
             boolean isUnsafe = cache.entrySet().stream().anyMatch(e -> !ByteUtil.sha256Bytes(e.getKey()).equals(e.getValue()));
             if (isUnsafe) {
                 LOGGER.warn(UNSAFE_MODIFICATION_DETECTED);

diff --git a/src/test/java/emissary/core/SafeUsageCheckerTest.java b/src/test/java/emissary/core/SafeUsageCheckerTest.java
@@ -0,0 +1,49 @@
+package emissary.core;
+
+import emissary.config.ServiceConfigGuide;
+import emissary.test.core.junit5.UnitTest;
+
+import org.junit.jupiter.api.Test;
+
+import java.util.Arrays;
+
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+public class SafeUsageCheckerTest extends UnitTest {
+    @Test
+    void testDifferentConfigs() {
+        assertTrue(SafeUsageChecker.ENABLED_FROM_CONFIGURATION, "Enabled from config file should be false");
+
+        final ServiceConfigGuide scg = new ServiceConfigGuide();
+
+        scg.addEntry(SafeUsageChecker.ENABLED_KEY, Boolean.toString(false));
+
+        assertFalse(new SafeUsageChecker(scg).enabled, "Enabled should be false!");
+
+        scg.removeAllEntries(SafeUsageChecker.ENABLED_KEY);
+        scg.addEntry(SafeUsageChecker.ENABLED_KEY, Boolean.toString(true));
+
+        assertTrue(new SafeUsageChecker(scg).enabled, "Enabled should be true!");
+    }
+
+    @Test
+    void testDisabled() {
+        final ServiceConfigGuide scg = new ServiceConfigGuide();
+
+        scg.addEntry(SafeUsageChecker.ENABLED_KEY, Boolean.toString(false));
+
+        final SafeUsageChecker suc = new SafeUsageChecker(scg);
+        final byte[] bytes0 = new byte[10];
+        final byte[] bytes1 = new byte[10];
+
+        suc.reset();
+        suc.resetCacheThenRecordSnapshot(bytes0);
+        suc.recordSnapshot(bytes1);
+
+        Arrays.fill(bytes0, (byte) 10);
+        Arrays.fill(bytes1, (byte) 20);
+
+        assertFalse(suc.checkForUnsafeDataChanges(), "Disabled SafeUsageChecker should return false!");
+    }
+}