From e7c9eb8aa25c11258fdca627d15b221dde122860 Mon Sep 17 00:00:00 2001
From: enriozuni <enriozuni@hotmail.com>
Date: Mon, 8 Jul 2019 16:30:41 +0200
Subject: [PATCH] Made changed so the default ruleset is chosen when provider
 is passed through operators and is of type String

---
 .../providerdetection/ProviderDetection.java  | 32 +++++++++++--------
 .../ProviderDetectionTests.java               | 30 +++++++++++++----
 2 files changed, 43 insertions(+), 19 deletions(-)

diff --git a/CryptoAnalysis/src/main/java/crypto/providerdetection/ProviderDetection.java b/CryptoAnalysis/src/main/java/crypto/providerdetection/ProviderDetection.java
index a8370f3c5..334099bfb 100644
--- a/CryptoAnalysis/src/main/java/crypto/providerdetection/ProviderDetection.java
+++ b/CryptoAnalysis/src/main/java/crypto/providerdetection/ProviderDetection.java
@@ -220,10 +220,12 @@ else if (providerType.matches("java.lang.String")) {
 										this.provider = getProviderWhenTypeString(providerValue, body);
 										rulesDirectory = defaultRulesDirectory;
 										
-										checkIfStmt(providerValue, body);
-										checkSwitchStmt(providerValue, body);
+										// Gets the boolean value of whether the provider is passed
+										// using IF-ELSE, SWITCH statements or TERNARY operators
+										boolean ifStmt = checkIfStmt(providerValue, body);
+										boolean switchStmt = checkSwitchStmt(providerValue, body);
 										
-										if((this.provider != null) && (ruleExists(provider, declaringClassName))) {
+										if((!ifStmt) && (!switchStmt) && (ruleExists(provider, declaringClassName))) {
 											rulesDirectory = defaultRulesDirectory+File.separator+provider;
 											
 											rules = chooseRules(rules, provider, declaringClassName);
@@ -320,12 +322,12 @@ public SeedFactory<NoWeight> getSeedFactory() {
 			}
 		}
 		else if (map.size() > 1) {
-			LOGGER.info("The provider parameter must be passed directly to the"
+			LOGGER.error("The provider parameter must be passed directly to the"
 					+ " getInstance() method call, and not through IF-ELSE, SWITCH statements or"
 					+ " TERNARY operators.");
 		}
 		else {
-			LOGGER.info("Error occured to detect provider in the Provider Detection"
+			LOGGER.error("Error occured to detect provider in the Provider Detection"
 					+ " analysis.");
 		}
 		return provider;
@@ -359,7 +361,8 @@ private String getProviderWhenTypeString(Value providerValue, Body body) {
 	 * This method checks if the provider detected has only one allocation site
 	 * and it is not flowing through IF-ELSE statements or TERNARY operators, because
 	 * otherwise the provider can not be correctly detected through the use of
-	 * static analysis
+	 * static analysis. In case it has more than one allocation site, this method 
+	 * return true.
 	 * 
 	 * @param providerValue
 	 *            
@@ -367,26 +370,28 @@ private String getProviderWhenTypeString(Value providerValue, Body body) {
 	 *            - i.e. the ActiveBody
 	 *            
 	 */
-	private void checkIfStmt(Value providerValue, Body body) {
+	private boolean checkIfStmt(Value providerValue, Body body) {
 		String value = providerValue.toString();
 		for(Unit unit : body.getUnits()) {
 			if(unit instanceof JIfStmt) {
 				JIfStmt ifStatement = (JIfStmt) unit;
 				if(ifStatement.toString().contains(value)) {
-					LOGGER.info("The provider parameter must be passed directly to the"
+					LOGGER.error("The provider parameter must be passed directly to the"
 							+ " getInstance() method call, and not through IF-ELSE statements or"
 							+ " TERNARY operators.");
+					return true;
 				}
 			}
 		}
-		return;
+		return false;
 	}
 	
 	
 	/**
 	 * This method checks if the provider detected has only one allocation site
 	 * and it is not flowing through SWITCH statements, because otherwise the 
-	 * provider can not be correctly detected through the use of static analysis
+	 * provider can not be correctly detected through the use of static analysis.
+	 * In case it has more than one allocation site, this method return true.
 	 * 
 	 * @param providerValue
 	 *            
@@ -394,18 +399,19 @@ private void checkIfStmt(Value providerValue, Body body) {
 	 *            - i.e. the ActiveBody
 	 *            
 	 */
-	private void checkSwitchStmt(Value providerValue, Body body) {
+	private boolean checkSwitchStmt(Value providerValue, Body body) {
 		String value = providerValue.toString();
 		for(Unit unit : body.getUnits()) {
 			if(unit instanceof TableSwitchStmt) {
 				TableSwitchStmt switchStatement = (TableSwitchStmt) unit;
 				if(switchStatement.toString().contains(value)) {
-					LOGGER.info("The provider parameter must be passed directly to the"
+					LOGGER.error("The provider parameter must be passed directly to the"
 							+ " getInstance() method call, and not through SWITCH statements.");
+					return true;
 				}
 			}
 		}
-		return;
+		return false;
 	}
 	
 	
diff --git a/CryptoAnalysis/src/test/java/tests/providerdetection/ProviderDetectionTests.java b/CryptoAnalysis/src/test/java/tests/providerdetection/ProviderDetectionTests.java
index 4ae80dd5a..4a6c9564d 100644
--- a/CryptoAnalysis/src/test/java/tests/providerdetection/ProviderDetectionTests.java
+++ b/CryptoAnalysis/src/test/java/tests/providerdetection/ProviderDetectionTests.java
@@ -178,7 +178,7 @@ public void providerDetectionTest12() {
 		assertEquals(true, rulesDirectory.endsWith("JavaCryptographicArchitecture"));
 	}
 	
-	// Checks if RuntimeException is thrown when provider of type `java.security.Provider`
+	// Checks if the default ruleset is chosen when provider of type `java.security.Provider`
 	// flows through TERNARY operators
 	@Test
 	public void providerDetectionTest13() {
@@ -187,9 +187,12 @@ public void providerDetectionTest13() {
 		String mainClass = "tests.providerdetection.ProviderDetectionExample9"; 
 		providerDetection.setupSoot(sootClassPath, mainClass);
 		providerDetection.analyze();
+		
+		String rulesDirectory = providerDetection.getRulesDirectory();
+		assertEquals(true, rulesDirectory.endsWith("JavaCryptographicArchitecture"));
 	}
 	
-	// Checks if RuntimeException is thrown when provider of type `java.security.Provider`
+	// Checks if the default ruleset is chosen when provider of type `java.security.Provider`
 	// flows through IF-ELSE statements
 	@Test
 	public void providerDetectionTest14() {
@@ -198,9 +201,12 @@ public void providerDetectionTest14() {
 		String mainClass = "tests.providerdetection.ProviderDetectionExample10"; 
 		providerDetection.setupSoot(sootClassPath, mainClass);
 		providerDetection.analyze();
+		
+		String rulesDirectory = providerDetection.getRulesDirectory();
+		assertEquals(true, rulesDirectory.endsWith("JavaCryptographicArchitecture"));
 	}
 	
-	// Checks if RuntimeException is thrown when provider of type `java.security.Provider`
+	// Checks if the default ruleset is chosen when provider of type `java.security.Provider`
 	// flows through SWITCH statements
 	@Test
 	public void providerDetectionTest15() {
@@ -209,9 +215,12 @@ public void providerDetectionTest15() {
 		String mainClass = "tests.providerdetection.ProviderDetectionExample11"; 
 		providerDetection.setupSoot(sootClassPath, mainClass);
 		providerDetection.analyze();
+		
+		String rulesDirectory = providerDetection.getRulesDirectory();
+		assertEquals(true, rulesDirectory.endsWith("JavaCryptographicArchitecture"));
 	}
 	
-	// Checks if RuntimeException is thrown when provider of type `java.lang.String`
+	// Checks if the default ruleset is chosen when provider of type `java.lang.String`
 	// flows through TERNARY operators
 	@Test
 	public void providerDetectionTest16() {
@@ -220,9 +229,12 @@ public void providerDetectionTest16() {
 		String mainClass = "tests.providerdetection.ProviderDetectionExample12"; 
 		providerDetection.setupSoot(sootClassPath, mainClass);
 		providerDetection.analyze();
+		
+		String rulesDirectory = providerDetection.getRulesDirectory();
+		assertEquals(true, rulesDirectory.endsWith("JavaCryptographicArchitecture"));
 	}
 	
-	// Checks if RuntimeException is thrown when provider of type `java.lang.String`
+	// Checks if the default ruleset is chosen when provider of type `java.lang.String`
 	// flows through IF-ELSE statements
 	@Test
 	public void providerDetectionTest17() {
@@ -231,9 +243,12 @@ public void providerDetectionTest17() {
 		String mainClass = "tests.providerdetection.ProviderDetectionExample13"; 
 		providerDetection.setupSoot(sootClassPath, mainClass);
 		providerDetection.analyze();
+		
+		String rulesDirectory = providerDetection.getRulesDirectory();
+		assertEquals(true, rulesDirectory.endsWith("JavaCryptographicArchitecture"));
 	}
 	
-	// Checks if RuntimeException is thrown when provider of type `java.lang.String`
+	// Checks if the default ruleset is chosen when provider of type `java.lang.String`
 	// flows through SWITCH statements
 	@Test
 	public void providerDetectionTest18() {
@@ -242,6 +257,9 @@ public void providerDetectionTest18() {
 		String mainClass = "tests.providerdetection.ProviderDetectionExample14"; 
 		providerDetection.setupSoot(sootClassPath, mainClass);
 		providerDetection.analyze();
+		
+		String rulesDirectory = providerDetection.getRulesDirectory();
+		assertEquals(true, rulesDirectory.endsWith("JavaCryptographicArchitecture"));
 	}
 	
 }