diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/RandomGeneratedInputStream.java b/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/RandomGeneratedInputStream.java index bbf697dd7c..6bdf3334c3 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/RandomGeneratedInputStream.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/RandomGeneratedInputStream.java @@ -14,12 +14,9 @@ import java.security.SecureRandom; import java.util.Random; -/** - * - */ -public class RandomGeneratedInputStream extends InputStream { +import org.eclipse.hawkbit.repository.test.util.TestdataFactory; - private final Random random = new SecureRandom(); +public class RandomGeneratedInputStream extends InputStream { /** Target size of the stream. */ private final long size; @@ -42,7 +39,6 @@ public int read() throws IOException { index++; - return random.nextInt(255); + return TestdataFactory.SECURE_RND.nextInt(255); } - -} +} \ No newline at end of file diff --git a/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TargetTestData.java b/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TargetTestData.java index 5a4a23d0e8..56c9a5e73f 100644 --- a/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TargetTestData.java +++ b/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TargetTestData.java @@ -9,8 +9,7 @@ */ package org.eclipse.hawkbit.repository.test.util; -import java.security.SecureRandom; -import java.util.Random; +import static org.eclipse.hawkbit.repository.test.util.TestdataFactory.SECURE_RND; import lombok.NoArgsConstructor; import org.eclipse.hawkbit.repository.model.Target; @@ -24,20 +23,19 @@ public class TargetTestData { public static final String ATTRIBUTE_VALUE_VALID; static { - final Random rand = new SecureRandom(); - ATTRIBUTE_KEY_TOO_LONG = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_MAX_KEY_SIZE + 1, rand); - ATTRIBUTE_KEY_VALID = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_MAX_KEY_SIZE, rand); - ATTRIBUTE_VALUE_TOO_LONG = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_MAX_VALUE_SIZE + 1, rand); - ATTRIBUTE_VALUE_VALID = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_MAX_VALUE_SIZE, rand); + ATTRIBUTE_KEY_TOO_LONG = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_MAX_KEY_SIZE + 1); + ATTRIBUTE_KEY_VALID = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_MAX_KEY_SIZE); + ATTRIBUTE_VALUE_TOO_LONG = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_MAX_VALUE_SIZE + 1); + ATTRIBUTE_VALUE_VALID = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_MAX_VALUE_SIZE); } - private static String generateRandomStringWithLength(final int length, final Random rand) { + private static String generateRandomStringWithLength(final int length) { final StringBuilder randomStringBuilder = new StringBuilder(length); final int lowercaseACode = 97; final int lowercaseZCode = 122; for (int i = 0; i < length; i++) { - final char randomCharacter = (char) (rand.nextInt(lowercaseZCode - lowercaseACode + 1) + lowercaseACode); + final char randomCharacter = (char) (SECURE_RND.nextInt(lowercaseZCode - lowercaseACode + 1) + lowercaseACode); randomStringBuilder.append(randomCharacter); } return randomStringBuilder.toString(); diff --git a/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TestdataFactory.java b/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TestdataFactory.java index a5347ae456..4eb71048d0 100644 --- a/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TestdataFactory.java +++ b/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TestdataFactory.java @@ -93,6 +93,7 @@ public class TestdataFactory { @SuppressWarnings("java:S2245") // used for tests only, no need of secure random public static final Random RND = new Random(); + public static final SecureRandom SECURE_RND = new SecureRandom(); public static final String VISIBLE_SM_MD_KEY = "visibleMetdataKey"; public static final String VISIBLE_SM_MD_VALUE = "visibleMetdataValue"; @@ -309,7 +310,7 @@ public DistributionSet createDistributionSet(final String prefix, final String v SoftwareModuleManagement.Create.builder() .type(findOrCreateSoftwareModuleType(SM_TYPE_APP, Integer.MAX_VALUE)) .name(prefix + SM_TYPE_APP) - .version(version + "." + new SecureRandom().nextInt(100)) + .version(version + "." + SECURE_RND.nextInt(100)) .description(randomDescriptionLong()) .vendor(prefix + " vendor Limited, California") .build()); @@ -317,14 +318,14 @@ public DistributionSet createDistributionSet(final String prefix, final String v .create(SoftwareModuleManagement.Create.builder() .type(findOrCreateSoftwareModuleType(SM_TYPE_RT)) .name(prefix + "app runtime") - .version(version + "." + new SecureRandom().nextInt(100)) + .version(version + "." + SECURE_RND.nextInt(100)) .description(randomDescriptionLong()).vendor(prefix + " vendor GmbH, Stuttgart, Germany") .build()); final SoftwareModule osMod = softwareModuleManagement .create(SoftwareModuleManagement.Create.builder() .type(findOrCreateSoftwareModuleType(SM_TYPE_OS)) .name(prefix + " Firmware") - .version(version + "." + new SecureRandom().nextInt(100)) + .version(version + "." + SECURE_RND.nextInt(100)) .description(randomDescriptionLong()).vendor(prefix + " vendor Limited Inc, California") .build()); diff --git a/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/HawkbitClient.java b/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/HawkbitClient.java index 6ec41feda8..2cfea57124 100644 --- a/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/HawkbitClient.java +++ b/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/HawkbitClient.java @@ -20,7 +20,8 @@ import java.lang.reflect.ParameterizedType; import java.lang.reflect.Proxy; import java.net.HttpURLConnection; -import java.net.URL; +import java.net.URI; +import java.net.URISyntaxException; import java.nio.charset.StandardCharsets; import java.security.KeyManagementException; import java.security.KeyStore; @@ -263,7 +264,7 @@ private T proxy(final Class serviceType, final T service, final Tenant te private Object callMultipartFormDataRequest( final Method method, final Object[] args, final Tenant tenant, final Controller controller, - final Class[] parameterTypes, final ObjectMapper objectMapper) throws IOException { + final Class[] parameterTypes, final ObjectMapper objectMapper) throws URISyntaxException, IOException { final PostMapping postMapping = method.getAnnotation(PostMapping.class); final Annotation[][] parametersAnnotations = method.getParameterAnnotations(); // build path - replace @PathVariables @@ -275,8 +276,8 @@ private Object callMultipartFormDataRequest( } } - final HttpURLConnection conn = (HttpURLConnection) new URL( - (controller == null ? hawkBitServer.getMgmtUrl() : hawkBitServer.getDdiUrl()) + path).openConnection(); + final HttpURLConnection conn = (HttpURLConnection) new URI( + (controller == null ? hawkBitServer.getMgmtUrl() : hawkBitServer.getDdiUrl()) + path).toURL().openConnection(); conn.setRequestMethod("POST"); // deal with authentication - only from headers1 @@ -407,15 +408,6 @@ private static T getAnnotation(final Class annotationC return null; } - private static final String KEYSTORE_PASSWORD; - - static { - final Random random = new SecureRandom(); - final byte[] bytes = new byte[16]; - random.nextBytes(bytes); - KEYSTORE_PASSWORD = Base64.getEncoder().encodeToString(bytes); - } - private static final Map HTTP_CLIENTS = new HashMap<>(); private static HttpClient httpClient(final HttpClientKey key) { @@ -430,7 +422,7 @@ private static HttpClient httpClient(final HttpClientKey key) { try { builder.setConnectionManager( PoolingHttpClientConnectionManagerBuilder.create() - .setTlsSocketStrategy(getTlsSocketStragegy(key.getClientCertificate(), key.getServerCertificates())) + .setTlsSocketStrategy(getTlsSocketStrategy(key.getClientCertificate(), key.getServerCertificates())) .build()); } catch (final RuntimeException e) { throw e; @@ -448,12 +440,17 @@ private static HttpClient httpClient(final HttpClientKey key) { } } - private static TlsSocketStrategy getTlsSocketStragegy(final Certificate clientCertificate, final X509Certificate[] serverCertificates) + private static final Random SECURE_RND = new SecureRandom(); + + private static TlsSocketStrategy getTlsSocketStrategy(final Certificate clientCertificate, final X509Certificate[] serverCertificates) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, CertificateException, IOException { final SSLContextBuilder sslContextBuilder = SSLContextBuilder.create(); if (clientCertificate != null) { - sslContextBuilder.loadKeyMaterial(clientCertificate.toKeyStore(KEYSTORE_PASSWORD), KEYSTORE_PASSWORD.toCharArray()); + final byte[] bytes = new byte[16]; + SECURE_RND.nextBytes(bytes); + final String keystorePassword = Base64.getEncoder().encodeToString(bytes); + sslContextBuilder.loadKeyMaterial(clientCertificate.toKeyStore(keystorePassword), keystorePassword.toCharArray()); } if (serverCertificates == null) { // trust all diff --git a/hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java b/hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java index 28f96dc634..da78664fb4 100644 --- a/hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java +++ b/hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java @@ -44,7 +44,7 @@ public class AuthenticationSetupHelper { private static final String AUTHENTICATION_MODE_HEADER_ENABLED = "authentication.header.enabled"; private static final String AUTHENTICATION_MODE_HEADER_AUTHORITY_NAME = "authentication.header.authority"; - private static final Random RND = new SecureRandom(); + private static final Random SECURE_RND = new SecureRandom(); @NonNull private final Tenant tenant; @@ -53,7 +53,7 @@ public class AuthenticationSetupHelper { public static String randomToken() { final byte[] rnd = new byte[24]; - RND.nextBytes(rnd); + SECURE_RND.nextBytes(rnd); return Base64.getEncoder().encodeToString(rnd); } diff --git a/hawkbit-sdk/pom.xml b/hawkbit-sdk/pom.xml index f95adbb3c3..da19069b03 100644 --- a/hawkbit-sdk/pom.xml +++ b/hawkbit-sdk/pom.xml @@ -24,7 +24,7 @@ hawkBit :: SDK :: Parent - 4.3.0 + 4.3.1 13.6 1.83 ${java.client.version}