SONARJAVA-1212 Handle properties

Wohops · Wohops · commit 8699907812bb · 2015-08-19T18:19:58.000+02:00
diff --git a/java-checks/src/main/java/org/sonar/java/checks/DeprecatedHashAlgorithmCheck.java b/java-checks/src/main/java/org/sonar/java/checks/DeprecatedHashAlgorithmCheck.java
@@ -25,6 +25,7 @@
 import org.sonar.api.server.rule.RulesDefinition;
 import org.sonar.check.Priority;
 import org.sonar.check.Rule;
+import org.sonar.java.checks.helpers.JavaPropertiesHelper;
 import org.sonar.java.checks.methods.AbstractMethodDetection;
 import org.sonar.java.checks.methods.MethodMatcher;
 import org.sonar.java.checks.methods.TypeCriteria;
@@ -123,8 +124,13 @@ private static String methodName(MethodInvocationTree mit) {
   }
 
   private static String algorithm(ExpressionTree invocationArgument) {
-    if (invocationArgument.is(Tree.Kind.STRING_LITERAL)) {
-      String algo = LiteralUtils.trimQuotes(((LiteralTree) invocationArgument).value());
+    ExpressionTree expectedAlgorithm = invocationArgument;
+    ExpressionTree defaultPropertyValue = JavaPropertiesHelper.retrievedPropertyDefaultValue(invocationArgument);
+    if (defaultPropertyValue != null) {
+      expectedAlgorithm = defaultPropertyValue;
+    }
+    if (expectedAlgorithm.is(Tree.Kind.STRING_LITERAL)) {
+      String algo = LiteralUtils.trimQuotes(((LiteralTree) expectedAlgorithm).value());
       return algo.replaceAll("-", "");
     }
     return null;
diff --git a/java-checks/src/test/files/checks/DeprecatedHashAlgorithmCheck.java b/java-checks/src/test/files/checks/DeprecatedHashAlgorithmCheck.java
@@ -1,10 +1,12 @@
 import java.security.MessageDigest;
 import java.security.Provider;
+import java.util.Properties;
+
 import org.apache.commons.codec.digest.DigestUtils;
 import static org.apache.commons.codec.digest.DigestUtils.md5Hex;
 
 class A {
-  void myMethod(String algorithm, Provider provider) {
+  void myMethod(String algorithm, Provider provider, Properties props) {
     MessageDigest md = null;
     md = MessageDigest.getInstance("MD5"); // Noncompliant {{Use a stronger encryption algorithm than MD5.}}
     md = MessageDigest.getInstance("SHA-1"); // Noncompliant {{Use a stronger encryption algorithm than SHA-1.}}
@@ -33,6 +35,17 @@ void myMethod(String algorithm, Provider provider) {
     md = MessageDigest.getInstance("MD5", provider); // Noncompliant
     md = MessageDigest.getInstance("SHA1", "provider"); // Noncompliant
     md = MessageDigest.getInstance("sha-1", "provider"); // Noncompliant
+    
+    String myAlgo = props.getProperty("myCoolAlgo", "SHA1");
+    
+    md = MessageDigest.getInstance(myAlgo, provider); // Noncompliant
+    md = MessageDigest.getInstance(getAlgo(), provider);
+    md = DigestUtils.getDigest(props.getProperty("mySuperOtherAlgo", "SHA-1")); // Noncompliant
+    md = DigestUtils.getDigest(props.getProperty("mySuperOtherAlgo"));
+  }
+  
+  private String getAlgo() {
+    return null;
   }
   
 }
