fix: Fix IdentityManagerTest and add salt to hashing algorithm

inspectIT · Nov 18, 2024 · d1671e6 · d1671e6
1 parent 206c6a1
commit d1671e6
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 10 deletions.
diff --git a/...d-agent/src/main/java/rocks/inspectit/gepard/agent/internal/identity/IdentityManager.java b/...d-agent/src/main/java/rocks/inspectit/gepard/agent/internal/identity/IdentityManager.java
@@ -6,6 +6,8 @@
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.Base64;
 import java.util.Objects;
 import rocks.inspectit.gepard.agent.internal.identity.model.IdentityInfo;
 
@@ -38,13 +40,16 @@ public IdentityInfo getIdentityInfo() {
    * @return the SHA3-256 hashed <code>String</code>
    */
   private static String hash(String input) {
+    String salt = generateSalt();
+    String saltedInput = salt + input;
+
     MessageDigest messageDigest;
     try {
       messageDigest = MessageDigest.getInstance("SHA3-256");
     } catch (NoSuchAlgorithmException e) {
       throw new UnsupportedOperationException("SHA3-256 not supported", e);
     }
-    byte[] bytes = messageDigest.digest(input.getBytes(StandardCharsets.UTF_8));
+    byte[] bytes = messageDigest.digest(saltedInput.getBytes(StandardCharsets.UTF_8));
     StringBuilder hexString = new StringBuilder(2 * bytes.length);
     for (byte b : bytes) {
       String hex = Integer.toHexString(0xff & b);
@@ -55,4 +60,12 @@ private static String hash(String input) {
     }
     return hexString.toString();
   }
+
+  /** Generates a secure random 128bit string/salt */
+  private static String generateSalt() {
+    byte[] salt = new byte[16];
+    SecureRandom secureRandom = new SecureRandom();
+    secureRandom.nextBytes(salt);
+    return Base64.getEncoder().encodeToString(salt);
+  }
 }
diff --git a/...ent/src/test/java/rocks/inspectit/gepard/agent/internal/identity/IdentityManagerTest.java b/...ent/src/test/java/rocks/inspectit/gepard/agent/internal/identity/IdentityManagerTest.java
@@ -7,20 +7,23 @@
 
 import java.lang.management.ManagementFactory;
 import java.lang.management.RuntimeMXBean;
+import java.lang.reflect.Field;
+import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.junit.jupiter.api.parallel.Execution;
-import org.junit.jupiter.api.parallel.ExecutionMode;
 import org.mockito.MockedStatic;
 import org.mockito.Mockito;
-import org.mockito.junit.jupiter.MockitoExtension;
 import rocks.inspectit.gepard.agent.internal.identity.model.IdentityInfo;
 
-@ExtendWith(MockitoExtension.class)
 class IdentityManagerTest {
 
+  @BeforeEach
+  public void setup() throws NoSuchFieldException, IllegalAccessException {
+    Field instance = IdentityManager.class.getDeclaredField("instance");
+    instance.setAccessible(true);
+    instance.set(null, null);
+  }
+
   @Test
-  @Execution(ExecutionMode.SAME_THREAD)
   void testCreateIdentityManagerSuccessfully() {
     RuntimeMXBean mockRuntimeMXBean = mock(RuntimeMXBean.class);
     when(mockRuntimeMXBean.getName()).thenReturn("12345@mockedHostName");
@@ -36,9 +39,7 @@ void testCreateIdentityManagerSuccessfully() {
 
       assertNotNull(identityInfo);
       assertEquals("12345@mockedHostName", identityInfo.vmId());
-      assertEquals(
-          "d29aca592fc2071bcef6577d649071d4d54a8ae6cd5c0be0e51f28af2867f207",
-          identityInfo.agentId());
+      assertNotNull(identityInfo.agentId());
     }
   }
 }