From 8e2cd14798c949ef67550ed598aab87c0eeb2532 Mon Sep 17 00:00:00 2001
From: Madison Caldwell <madison.caldwell@elastic.co>
Date: Thu, 16 Jul 2020 20:58:26 -0400
Subject: [PATCH] Add tests for stable hashes

---
 .../endpoint/lib/artifacts/lists.test.ts      | 94 ++++++++++++++++++-
 .../server/endpoint/lib/artifacts/lists.ts    |  1 -
 2 files changed, 93 insertions(+), 2 deletions(-)

diff --git a/x-pack/plugins/security_solution/server/endpoint/lib/artifacts/lists.test.ts b/x-pack/plugins/security_solution/server/endpoint/lib/artifacts/lists.test.ts
index 1a19306b2fd60..d3d073efa73c1 100644
--- a/x-pack/plugins/security_solution/server/endpoint/lib/artifacts/lists.test.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/lib/artifacts/lists.test.ts
@@ -9,7 +9,8 @@ import { listMock } from '../../../../../lists/server/mocks';
 import { getFoundExceptionListItemSchemaMock } from '../../../../../lists/common/schemas/response/found_exception_list_item_schema.mock';
 import { getExceptionListItemSchemaMock } from '../../../../../lists/common/schemas/response/exception_list_item_schema.mock';
 import { EntriesArray, EntryList } from '../../../../../lists/common/schemas/types/entries';
-import { getFullEndpointExceptionList } from './lists';
+import { buildArtifact, getFullEndpointExceptionList } from './lists';
+import { TranslatedEntry, TranslatedExceptionListItem } from '../../schemas/artifacts';
 
 describe('buildEventTypeSignal', () => {
   let mockExceptionClient: ExceptionListClient;
@@ -340,4 +341,95 @@ describe('buildEventTypeSignal', () => {
     const resp = await getFullEndpointExceptionList(mockExceptionClient, 'linux', 'v1');
     expect(resp.entries.length).toEqual(0);
   });
+
+  test('it should return a stable hash regardless of order of entries', async () => {
+    const translatedEntries: TranslatedEntry[] = [
+      {
+        entries: [
+          {
+            field: 'some.nested.field',
+            operator: 'included',
+            type: 'exact_cased',
+            value: 'some value',
+          },
+        ],
+        field: 'some.parentField',
+        type: 'nested',
+      },
+      {
+        field: 'nested.field',
+        operator: 'included',
+        type: 'exact_cased',
+        value: 'some value',
+      },
+    ];
+    const translatedEntriesReversed = translatedEntries.reverse();
+
+    const translatedExceptionList = {
+      entries: [
+        {
+          type: 'simple',
+          entries: translatedEntries,
+        },
+      ],
+    };
+
+    const translatedExceptionListReversed = {
+      entries: [
+        {
+          type: 'simple',
+          entries: translatedEntriesReversed,
+        },
+      ],
+    };
+
+    const artifact1 = await buildArtifact(translatedExceptionList, 'linux', 'v1');
+    const artifact2 = await buildArtifact(translatedExceptionListReversed, 'linux', 'v1');
+    expect(artifact1.decodedSha256).toEqual(artifact2.decodedSha256);
+  });
+
+  test('it should return a stable hash regardless of order of items', async () => {
+    const translatedItems: TranslatedExceptionListItem[] = [
+      {
+        type: 'simple',
+        entries: [
+          {
+            entries: [
+              {
+                field: 'some.nested.field',
+                operator: 'included',
+                type: 'exact_cased',
+                value: 'some value',
+              },
+            ],
+            field: 'some.parentField',
+            type: 'nested',
+          },
+        ],
+      },
+      {
+        type: 'simple',
+        entries: [
+          {
+            field: 'nested.field',
+            operator: 'included',
+            type: 'exact_cased',
+            value: 'some value',
+          },
+        ],
+      },
+    ];
+
+    const translatedExceptionList = {
+      entries: translatedItems,
+    };
+
+    const translatedExceptionListReversed = {
+      entries: translatedItems.reverse(),
+    };
+
+    const artifact1 = await buildArtifact(translatedExceptionList, 'linux', 'v1');
+    const artifact2 = await buildArtifact(translatedExceptionListReversed, 'linux', 'v1');
+    expect(artifact1.decodedSha256).toEqual(artifact2.decodedSha256);
+  });
 });
diff --git a/x-pack/plugins/security_solution/server/endpoint/lib/artifacts/lists.ts b/x-pack/plugins/security_solution/server/endpoint/lib/artifacts/lists.ts
index 2d1023eed04ed..760e247221a14 100644
--- a/x-pack/plugins/security_solution/server/endpoint/lib/artifacts/lists.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/lib/artifacts/lists.ts
@@ -124,7 +124,6 @@ export function translateToEndpointExceptions(
   if (schemaVersion === 'v1') {
     exc.data.forEach((entry) => {
       const translatedItem = translateItem(schemaVersion, entry);
-      // TODO: is JSON.stringify deterministic?
       const entryHash = createHash('sha256').update(JSON.stringify(translatedItem)).digest('hex');
       if (!entrySet.has(entryHash)) {
         entriesFiltered.push(translatedItem);