mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-11-26 05:52:06 +01:00
Make StringUtils.randomString(int) use SecureRandom
This commit is contained in:
parent
f79a7d9d5f
commit
658a671cbe
6 changed files with 34 additions and 8 deletions
|
@ -18,6 +18,7 @@
|
||||||
package org.jivesoftware.smack.util;
|
package org.jivesoftware.smack.util;
|
||||||
|
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.Random;
|
import java.util.Random;
|
||||||
|
@ -174,7 +175,7 @@ public class StringUtils {
|
||||||
* @param length the desired length of the random String to return.
|
* @param length the desired length of the random String to return.
|
||||||
* @return a random String of numbers and letters of the specified length.
|
* @return a random String of numbers and letters of the specified length.
|
||||||
*/
|
*/
|
||||||
public static String randomString(int length) {
|
public static String insecureRandomString(int length) {
|
||||||
if (length < 1) {
|
if (length < 1) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
@ -186,6 +187,31 @@ public class StringUtils {
|
||||||
return new String(randBuffer);
|
return new String(randBuffer);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static final SecureRandom SECURE_RANDOM = new SecureRandom();
|
||||||
|
|
||||||
|
public static String randomString(final int length) {
|
||||||
|
if (length < 1) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
byte[] randomBytes = new byte[length];
|
||||||
|
SECURE_RANDOM.nextBytes(randomBytes);
|
||||||
|
char[] randomChars = new char[length];
|
||||||
|
for (int i = 0; i < length; i++) {
|
||||||
|
randomChars[i] = getPrintableChar(randomBytes[i]);
|
||||||
|
}
|
||||||
|
return new String(randomChars);
|
||||||
|
}
|
||||||
|
|
||||||
|
private static char getPrintableChar(byte indexByte) {
|
||||||
|
assert(numbersAndLetters.length < Byte.MAX_VALUE * 2);
|
||||||
|
|
||||||
|
// Convert indexByte as it where an unsigned byte by promoting it to int
|
||||||
|
// and masking it with 0xff. Yields results from 0 - 254.
|
||||||
|
int index = indexByte & 0xff;
|
||||||
|
return numbersAndLetters[index % numbersAndLetters.length];
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns true if CharSequence is not null and is not empty, false otherwise.
|
* Returns true if CharSequence is not null and is not empty, false otherwise.
|
||||||
* Examples:
|
* Examples:
|
||||||
|
|
|
@ -42,8 +42,8 @@ public class IntTestUtil {
|
||||||
public static UsernameAndPassword registerAccount(XMPPConnection connection)
|
public static UsernameAndPassword registerAccount(XMPPConnection connection)
|
||||||
throws NoResponseException, XMPPErrorException, NotConnectedException,
|
throws NoResponseException, XMPPErrorException, NotConnectedException,
|
||||||
InterruptedException {
|
InterruptedException {
|
||||||
return registerAccount(connection, StringUtils.randomString(12),
|
return registerAccount(connection, StringUtils.insecureRandomString(12),
|
||||||
StringUtils.randomString(12));
|
StringUtils.insecureRandomString(12));
|
||||||
}
|
}
|
||||||
|
|
||||||
public static UsernameAndPassword registerAccount(XMPPConnection connection, String username,
|
public static UsernameAndPassword registerAccount(XMPPConnection connection, String username,
|
||||||
|
|
|
@ -519,7 +519,7 @@ public class SmackIntegrationTestFramework {
|
||||||
accountUsername = USERNAME_PREFIX + '-' + middlefix + '-' +testRunResult.testRunId;
|
accountUsername = USERNAME_PREFIX + '-' + middlefix + '-' +testRunResult.testRunId;
|
||||||
}
|
}
|
||||||
if (StringUtils.isNullOrEmpty(accountPassword)) {
|
if (StringUtils.isNullOrEmpty(accountPassword)) {
|
||||||
accountPassword = StringUtils.randomString(16);
|
accountPassword = StringUtils.insecureRandomString(16);
|
||||||
}
|
}
|
||||||
// @formatter:off
|
// @formatter:off
|
||||||
Builder builder = XMPPTCPConnectionConfiguration.builder()
|
Builder builder = XMPPTCPConnectionConfiguration.builder()
|
||||||
|
@ -584,7 +584,7 @@ public class SmackIntegrationTestFramework {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static final class TestRunResult {
|
public static final class TestRunResult {
|
||||||
public final String testRunId = StringUtils.randomString(5);
|
public final String testRunId = StringUtils.insecureRandomString(5);
|
||||||
private final List<SuccessfulTest> successfulTests = Collections.synchronizedList(new LinkedList<SuccessfulTest>());
|
private final List<SuccessfulTest> successfulTests = Collections.synchronizedList(new LinkedList<SuccessfulTest>());
|
||||||
private final List<FailedTest> failedIntegrationTests = Collections.synchronizedList(new LinkedList<FailedTest>());
|
private final List<FailedTest> failedIntegrationTests = Collections.synchronizedList(new LinkedList<FailedTest>());
|
||||||
private final List<TestNotPossible> impossibleTestMethods = Collections.synchronizedList(new LinkedList<TestNotPossible>());
|
private final List<TestNotPossible> impossibleTestMethods = Collections.synchronizedList(new LinkedList<TestNotPossible>());
|
||||||
|
|
|
@ -52,7 +52,7 @@ public class LoginIntegrationTest extends AbstractSmackLowLevelIntegrationTest {
|
||||||
@SmackIntegrationTest
|
@SmackIntegrationTest
|
||||||
public void testInvalidLogin() throws SmackException, IOException, XMPPException,
|
public void testInvalidLogin() throws SmackException, IOException, XMPPException,
|
||||||
InterruptedException, KeyManagementException, NoSuchAlgorithmException {
|
InterruptedException, KeyManagementException, NoSuchAlgorithmException {
|
||||||
final String nonExistentUserString = StringUtils.randomString(24);
|
final String nonExistentUserString = StringUtils.insecureRandomString(24);
|
||||||
XMPPTCPConnectionConfiguration conf = getConnectionConfiguration().setUsernameAndPassword(
|
XMPPTCPConnectionConfiguration conf = getConnectionConfiguration().setUsernameAndPassword(
|
||||||
nonExistentUserString, "invalidPassword").build();
|
nonExistentUserString, "invalidPassword").build();
|
||||||
|
|
||||||
|
|
|
@ -43,7 +43,7 @@ public class FileTransferIntegrationTest extends AbstractSmackIntegrationTest {
|
||||||
ftManagerTwo = FileTransferManager.getInstanceFor(conTwo);
|
ftManagerTwo = FileTransferManager.getInstanceFor(conTwo);
|
||||||
}
|
}
|
||||||
|
|
||||||
private static final byte[] dataToSend = StringUtils.randomString(1024 * 4 * 5).getBytes();
|
private static final byte[] dataToSend = StringUtils.insecureRandomString(1024 * 4 * 5).getBytes();
|
||||||
|
|
||||||
@SmackIntegrationTest
|
@SmackIntegrationTest
|
||||||
public void fileTransferTest() throws Exception {
|
public void fileTransferTest() throws Exception {
|
||||||
|
|
|
@ -39,7 +39,7 @@ import org.jxmpp.jid.parts.Resourcepart;
|
||||||
|
|
||||||
public class MultiUserChatIntegrationTest extends AbstractSmackIntegrationTest {
|
public class MultiUserChatIntegrationTest extends AbstractSmackIntegrationTest {
|
||||||
|
|
||||||
private final String randomString = StringUtils.randomString(6);
|
private final String randomString = StringUtils.insecureRandomString(6);
|
||||||
|
|
||||||
private final MultiUserChatManager mucManagerOne;
|
private final MultiUserChatManager mucManagerOne;
|
||||||
private final MultiUserChatManager mucManagerTwo;
|
private final MultiUserChatManager mucManagerTwo;
|
||||||
|
|
Loading…
Reference in a new issue