mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-12-24 03:27:59 +01:00
Make StringUtils.randomString(int) use SecureRandom
This commit is contained in:
parent
f79a7d9d5f
commit
658a671cbe
6 changed files with 34 additions and 8 deletions
|
@ -18,6 +18,7 @@
|
|||
package org.jivesoftware.smack.util;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.Collection;
|
||||
import java.util.Iterator;
|
||||
import java.util.Random;
|
||||
|
@ -174,7 +175,7 @@ public class StringUtils {
|
|||
* @param length the desired length of the random String to return.
|
||||
* @return a random String of numbers and letters of the specified length.
|
||||
*/
|
||||
public static String randomString(int length) {
|
||||
public static String insecureRandomString(int length) {
|
||||
if (length < 1) {
|
||||
return null;
|
||||
}
|
||||
|
@ -186,6 +187,31 @@ public class StringUtils {
|
|||
return new String(randBuffer);
|
||||
}
|
||||
|
||||
private static final SecureRandom SECURE_RANDOM = new SecureRandom();
|
||||
|
||||
public static String randomString(final int length) {
|
||||
if (length < 1) {
|
||||
return null;
|
||||
}
|
||||
|
||||
byte[] randomBytes = new byte[length];
|
||||
SECURE_RANDOM.nextBytes(randomBytes);
|
||||
char[] randomChars = new char[length];
|
||||
for (int i = 0; i < length; i++) {
|
||||
randomChars[i] = getPrintableChar(randomBytes[i]);
|
||||
}
|
||||
return new String(randomChars);
|
||||
}
|
||||
|
||||
private static char getPrintableChar(byte indexByte) {
|
||||
assert(numbersAndLetters.length < Byte.MAX_VALUE * 2);
|
||||
|
||||
// Convert indexByte as it where an unsigned byte by promoting it to int
|
||||
// and masking it with 0xff. Yields results from 0 - 254.
|
||||
int index = indexByte & 0xff;
|
||||
return numbersAndLetters[index % numbersAndLetters.length];
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if CharSequence is not null and is not empty, false otherwise.
|
||||
* Examples:
|
||||
|
|
|
@ -42,8 +42,8 @@ public class IntTestUtil {
|
|||
public static UsernameAndPassword registerAccount(XMPPConnection connection)
|
||||
throws NoResponseException, XMPPErrorException, NotConnectedException,
|
||||
InterruptedException {
|
||||
return registerAccount(connection, StringUtils.randomString(12),
|
||||
StringUtils.randomString(12));
|
||||
return registerAccount(connection, StringUtils.insecureRandomString(12),
|
||||
StringUtils.insecureRandomString(12));
|
||||
}
|
||||
|
||||
public static UsernameAndPassword registerAccount(XMPPConnection connection, String username,
|
||||
|
|
|
@ -519,7 +519,7 @@ public class SmackIntegrationTestFramework {
|
|||
accountUsername = USERNAME_PREFIX + '-' + middlefix + '-' +testRunResult.testRunId;
|
||||
}
|
||||
if (StringUtils.isNullOrEmpty(accountPassword)) {
|
||||
accountPassword = StringUtils.randomString(16);
|
||||
accountPassword = StringUtils.insecureRandomString(16);
|
||||
}
|
||||
// @formatter:off
|
||||
Builder builder = XMPPTCPConnectionConfiguration.builder()
|
||||
|
@ -584,7 +584,7 @@ public class SmackIntegrationTestFramework {
|
|||
}
|
||||
|
||||
public static final class TestRunResult {
|
||||
public final String testRunId = StringUtils.randomString(5);
|
||||
public final String testRunId = StringUtils.insecureRandomString(5);
|
||||
private final List<SuccessfulTest> successfulTests = Collections.synchronizedList(new LinkedList<SuccessfulTest>());
|
||||
private final List<FailedTest> failedIntegrationTests = Collections.synchronizedList(new LinkedList<FailedTest>());
|
||||
private final List<TestNotPossible> impossibleTestMethods = Collections.synchronizedList(new LinkedList<TestNotPossible>());
|
||||
|
|
|
@ -52,7 +52,7 @@ public class LoginIntegrationTest extends AbstractSmackLowLevelIntegrationTest {
|
|||
@SmackIntegrationTest
|
||||
public void testInvalidLogin() throws SmackException, IOException, XMPPException,
|
||||
InterruptedException, KeyManagementException, NoSuchAlgorithmException {
|
||||
final String nonExistentUserString = StringUtils.randomString(24);
|
||||
final String nonExistentUserString = StringUtils.insecureRandomString(24);
|
||||
XMPPTCPConnectionConfiguration conf = getConnectionConfiguration().setUsernameAndPassword(
|
||||
nonExistentUserString, "invalidPassword").build();
|
||||
|
||||
|
|
|
@ -43,7 +43,7 @@ public class FileTransferIntegrationTest extends AbstractSmackIntegrationTest {
|
|||
ftManagerTwo = FileTransferManager.getInstanceFor(conTwo);
|
||||
}
|
||||
|
||||
private static final byte[] dataToSend = StringUtils.randomString(1024 * 4 * 5).getBytes();
|
||||
private static final byte[] dataToSend = StringUtils.insecureRandomString(1024 * 4 * 5).getBytes();
|
||||
|
||||
@SmackIntegrationTest
|
||||
public void fileTransferTest() throws Exception {
|
||||
|
|
|
@ -39,7 +39,7 @@ import org.jxmpp.jid.parts.Resourcepart;
|
|||
|
||||
public class MultiUserChatIntegrationTest extends AbstractSmackIntegrationTest {
|
||||
|
||||
private final String randomString = StringUtils.randomString(6);
|
||||
private final String randomString = StringUtils.insecureRandomString(6);
|
||||
|
||||
private final MultiUserChatManager mucManagerOne;
|
||||
private final MultiUserChatManager mucManagerTwo;
|
||||
|
|
Loading…
Reference in a new issue