Use the JDK-provided Base64 encoder/decoder.

This commit is contained in:
Jon Chambers 2021-04-23 15:26:27 -04:00 committed by Jon Chambers
parent 0e8d4f9a61
commit 6196856a7c
31 changed files with 126 additions and 4341 deletions

View File

@ -5,11 +5,9 @@
package org.whispersystems.textsecuregcm.auth; package org.whispersystems.textsecuregcm.auth;
import org.whispersystems.textsecuregcm.util.Base64; import java.util.Base64;
import javax.ws.rs.WebApplicationException; import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import java.io.IOException;
public class Anonymous { public class Anonymous {
@ -17,8 +15,8 @@ public class Anonymous {
public Anonymous(String header) { public Anonymous(String header) {
try { try {
this.unidentifiedSenderAccessKey = Base64.decode(header); this.unidentifiedSenderAccessKey = Base64.getDecoder().decode(header);
} catch (IOException e) { } catch (IllegalArgumentException e) {
throw new WebApplicationException(e, Response.Status.UNAUTHORIZED); throw new WebApplicationException(e, Response.Status.UNAUTHORIZED);
} }
} }

View File

@ -5,10 +5,10 @@
package org.whispersystems.textsecuregcm.auth; package org.whispersystems.textsecuregcm.auth;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.util.Util; import org.whispersystems.textsecuregcm.util.Util;
import java.io.IOException; import java.io.IOException;
import java.util.Base64;
public class AuthorizationHeader { public class AuthorizationHeader {
@ -49,7 +49,7 @@ public class AuthorizationHeader {
throw new InvalidAuthorizationHeaderException("Unsupported authorization method: " + headerParts[0]); throw new InvalidAuthorizationHeaderException("Unsupported authorization method: " + headerParts[0]);
} }
String concatenatedValues = new String(Base64.decode(headerParts[1])); String concatenatedValues = new String(Base64.getDecoder().decode(headerParts[1]));
if (Util.isEmpty(concatenatedValues)) { if (Util.isEmpty(concatenatedValues)) {
throw new InvalidAuthorizationHeaderException("Bad decoded value: " + concatenatedValues); throw new InvalidAuthorizationHeaderException("Bad decoded value: " + concatenatedValues);
@ -62,8 +62,8 @@ public class AuthorizationHeader {
} }
return fromUserAndPassword(credentialParts[0], credentialParts[1]); return fromUserAndPassword(credentialParts[0], credentialParts[1]);
} catch (IOException ioe) { } catch (IllegalArgumentException e) {
throw new InvalidAuthorizationHeaderException(ioe); throw new InvalidAuthorizationHeaderException(e);
} }
} }

View File

@ -13,10 +13,10 @@ import org.whispersystems.textsecuregcm.entities.MessageProtos.SenderCertificate
import org.whispersystems.textsecuregcm.entities.MessageProtos.ServerCertificate; import org.whispersystems.textsecuregcm.entities.MessageProtos.ServerCertificate;
import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.storage.Device; import org.whispersystems.textsecuregcm.storage.Device;
import org.whispersystems.textsecuregcm.util.Base64;
import java.io.IOException; import java.io.IOException;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
import java.util.Base64;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
public class CertificateGenerator { public class CertificateGenerator {
@ -37,7 +37,7 @@ public class CertificateGenerator {
SenderCertificate.Certificate.Builder builder = SenderCertificate.Certificate.newBuilder() SenderCertificate.Certificate.Builder builder = SenderCertificate.Certificate.newBuilder()
.setSenderDevice(Math.toIntExact(device.getId())) .setSenderDevice(Math.toIntExact(device.getId()))
.setExpires(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(expiresDays)) .setExpires(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(expiresDays))
.setIdentityKey(ByteString.copyFrom(Base64.decode(account.getIdentityKey()))) .setIdentityKey(ByteString.copyFrom(Base64.getDecoder().decode(account.getIdentityKey())))
.setSigner(serverCertificate) .setSigner(serverCertificate)
.setSenderUuid(account.getUuid().toString()); .setSenderUuid(account.getUuid().toString());

View File

@ -6,13 +6,13 @@
package org.whispersystems.textsecuregcm.auth; package org.whispersystems.textsecuregcm.auth;
import org.whispersystems.textsecuregcm.configuration.TurnConfiguration; import org.whispersystems.textsecuregcm.configuration.TurnConfiguration;
import org.whispersystems.textsecuregcm.util.Base64;
import javax.crypto.Mac; import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec; import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom; import java.security.SecureRandom;
import java.util.Base64;
import java.util.List; import java.util.List;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
@ -34,7 +34,7 @@ public class TurnTokenGenerator {
String userTime = validUntilSeconds + ":" + user; String userTime = validUntilSeconds + ":" + user;
mac.init(new SecretKeySpec(key, "HmacSHA1")); mac.init(new SecretKeySpec(key, "HmacSHA1"));
String password = Base64.encodeBytes(mac.doFinal(userTime.getBytes())); String password = Base64.getEncoder().encodeToString(mac.doFinal(userTime.getBytes()));
return new TurnToken(userTime, password, urls); return new TurnToken(userTime, password, urls);
} catch (NoSuchAlgorithmException | InvalidKeyException e) { } catch (NoSuchAlgorithmException | InvalidKeyException e) {

View File

@ -5,12 +5,11 @@
package org.whispersystems.textsecuregcm.auth; package org.whispersystems.textsecuregcm.auth;
import org.whispersystems.textsecuregcm.util.Base64;
import javax.crypto.Mac; import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec; import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.Optional; import java.util.Optional;
@SuppressWarnings("OptionalUsedAsFieldOrParameterType") @SuppressWarnings("OptionalUsedAsFieldOrParameterType")
@ -23,7 +22,7 @@ public class UnidentifiedAccessChecksum {
Mac mac = Mac.getInstance("HmacSHA256"); Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(unidentifiedAccessKey.get(), "HmacSHA256")); mac.init(new SecretKeySpec(unidentifiedAccessKey.get(), "HmacSHA256"));
return Base64.encodeBytes(mac.doFinal(new byte[32])); return Base64.getEncoder().encodeToString(mac.doFinal(new byte[32]));
} catch (NoSuchAlgorithmException | InvalidKeyException e) { } catch (NoSuchAlgorithmException | InvalidKeyException e) {
throw new AssertionError(e); throw new AssertionError(e);
} }

View File

@ -21,6 +21,7 @@ import io.micrometer.core.instrument.Metrics;
import io.micrometer.core.instrument.Tag; import io.micrometer.core.instrument.Tag;
import java.io.IOException; import java.io.IOException;
import java.time.Duration; import java.time.Duration;
import java.util.Base64;
import java.util.HashSet; import java.util.HashSet;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
@ -71,7 +72,6 @@ import org.whispersystems.textsecuregcm.storage.AccountsManager;
import org.whispersystems.textsecuregcm.storage.Device; import org.whispersystems.textsecuregcm.storage.Device;
import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager; import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
import org.whispersystems.textsecuregcm.storage.MessagesManager; import org.whispersystems.textsecuregcm.storage.MessagesManager;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.util.Constants; import org.whispersystems.textsecuregcm.util.Constants;
import org.whispersystems.textsecuregcm.util.ForwardedIpUtil; import org.whispersystems.textsecuregcm.util.ForwardedIpUtil;
import org.whispersystems.textsecuregcm.util.Util; import org.whispersystems.textsecuregcm.util.Util;
@ -527,9 +527,9 @@ public class MessageController {
if (Util.isEmpty(message.getBody())) return Optional.empty(); if (Util.isEmpty(message.getBody())) return Optional.empty();
try { try {
return Optional.of(Base64.decode(message.getBody())); return Optional.of(Base64.getDecoder().decode(message.getBody()));
} catch (IOException ioe) { } catch (IllegalArgumentException e) {
logger.debug("Bad B64", ioe); logger.debug("Bad B64", e);
return Optional.empty(); return Optional.empty();
} }
} }
@ -538,9 +538,9 @@ public class MessageController {
if (Util.isEmpty(message.getContent())) return Optional.empty(); if (Util.isEmpty(message.getContent())) return Optional.empty();
try { try {
return Optional.of(Base64.decode(message.getContent())); return Optional.of(Base64.getDecoder().decode(message.getContent()));
} catch (IOException ioe) { } catch (IllegalArgumentException e) {
logger.debug("Bad B64", ioe); logger.debug("Bad B64", e);
return Optional.empty(); return Optional.empty();
} }
} }

View File

@ -10,7 +10,6 @@ import org.whispersystems.textsecuregcm.entities.ProvisioningMessage;
import org.whispersystems.textsecuregcm.limits.RateLimiters; import org.whispersystems.textsecuregcm.limits.RateLimiters;
import org.whispersystems.textsecuregcm.push.ProvisioningManager; import org.whispersystems.textsecuregcm.push.ProvisioningManager;
import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.websocket.InvalidWebsocketAddressException; import org.whispersystems.textsecuregcm.websocket.InvalidWebsocketAddressException;
import org.whispersystems.textsecuregcm.websocket.ProvisioningAddress; import org.whispersystems.textsecuregcm.websocket.ProvisioningAddress;
@ -24,6 +23,7 @@ import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import java.io.IOException; import java.io.IOException;
import java.util.Base64;
import io.dropwizard.auth.Auth; import io.dropwizard.auth.Auth;
@ -51,7 +51,7 @@ public class ProvisioningController {
rateLimiters.getMessagesLimiter().validate(source.getNumber()); rateLimiters.getMessagesLimiter().validate(source.getNumber());
if (!provisioningManager.sendProvisioningMessage(new ProvisioningAddress(destinationName, 0), if (!provisioningManager.sendProvisioningMessage(new ProvisioningAddress(destinationName, 0),
Base64.decode(message.getBody()))) Base64.getDecoder().decode(message.getBody())))
{ {
throw new WebApplicationException(Response.Status.NOT_FOUND); throw new WebApplicationException(Response.Status.NOT_FOUND);
} }

View File

@ -8,7 +8,6 @@ package org.whispersystems.textsecuregcm.entities;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.JsonGenerator; import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.core.JsonParser; import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationContext; import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer; import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.JsonSerializer; import com.fasterxml.jackson.databind.JsonSerializer;
@ -16,10 +15,8 @@ import com.fasterxml.jackson.databind.SerializerProvider;
import com.fasterxml.jackson.databind.annotation.JsonDeserialize; import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.databind.annotation.JsonSerialize; import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.google.common.annotations.VisibleForTesting; import com.google.common.annotations.VisibleForTesting;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.util.ByteArrayAdapter;
import java.io.IOException; import java.io.IOException;
import java.util.Base64;
public class DeliveryCertificate { public class DeliveryCertificate {
@ -42,14 +39,14 @@ public class DeliveryCertificate {
public static class ByteArraySerializer extends JsonSerializer<byte[]> { public static class ByteArraySerializer extends JsonSerializer<byte[]> {
@Override @Override
public void serialize(byte[] bytes, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException { public void serialize(byte[] bytes, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException {
jsonGenerator.writeString(Base64.encodeBytes(bytes)); jsonGenerator.writeString(Base64.getEncoder().encodeToString(bytes));
} }
} }
public static class ByteArrayDeserializer extends JsonDeserializer<byte[]> { public static class ByteArrayDeserializer extends JsonDeserializer<byte[]> {
@Override @Override
public byte[] deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException { public byte[] deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException {
return Base64.decode(jsonParser.getValueAsString()); return Base64.getDecoder().decode(jsonParser.getValueAsString());
} }
} }
} }

View File

@ -14,9 +14,9 @@ import com.fasterxml.jackson.databind.JsonSerializer;
import com.fasterxml.jackson.databind.SerializerProvider; import com.fasterxml.jackson.databind.SerializerProvider;
import com.fasterxml.jackson.databind.annotation.JsonDeserialize; import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.databind.annotation.JsonSerialize; import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import org.whispersystems.textsecuregcm.util.Base64;
import java.io.IOException; import java.io.IOException;
import java.util.Base64;
import java.util.List; import java.util.List;
public class GroupCredentials { public class GroupCredentials {
@ -63,14 +63,14 @@ public class GroupCredentials {
public static class ByteArraySerializer extends JsonSerializer<byte[]> { public static class ByteArraySerializer extends JsonSerializer<byte[]> {
@Override @Override
public void serialize(byte[] bytes, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException { public void serialize(byte[] bytes, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException {
jsonGenerator.writeString(Base64.encodeBytes(bytes)); jsonGenerator.writeString(Base64.getEncoder().encodeToString(bytes));
} }
} }
public static class ByteArrayDeserializer extends JsonDeserializer<byte[]> { public static class ByteArrayDeserializer extends JsonDeserializer<byte[]> {
@Override @Override
public byte[] deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException { public byte[] deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException {
return Base64.decode(jsonParser.getValueAsString()); return Base64.getDecoder().decode(jsonParser.getValueAsString());
} }
} }

View File

@ -7,32 +7,30 @@ package org.whispersystems.textsecuregcm.entities;
import com.fasterxml.jackson.core.JsonGenerator; import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.core.JsonParser; import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationContext; import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer; import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.JsonSerializer; import com.fasterxml.jackson.databind.JsonSerializer;
import com.fasterxml.jackson.databind.SerializerProvider; import com.fasterxml.jackson.databind.SerializerProvider;
import java.io.IOException;
import java.util.Base64;
import org.signal.zkgroup.InvalidInputException; import org.signal.zkgroup.InvalidInputException;
import org.signal.zkgroup.profiles.ProfileKeyCommitment; import org.signal.zkgroup.profiles.ProfileKeyCommitment;
import org.whispersystems.textsecuregcm.util.Base64;
import java.io.IOException;
public class ProfileKeyCommitmentAdapter { public class ProfileKeyCommitmentAdapter {
public static class Serializing extends JsonSerializer<ProfileKeyCommitment> { public static class Serializing extends JsonSerializer<ProfileKeyCommitment> {
@Override @Override
public void serialize(ProfileKeyCommitment value, JsonGenerator gen, SerializerProvider serializers) throws IOException { public void serialize(ProfileKeyCommitment value, JsonGenerator gen, SerializerProvider serializers) throws IOException {
gen.writeString(Base64.encodeBytes(value.serialize())); gen.writeString(Base64.getEncoder().encodeToString(value.serialize()));
} }
} }
public static class Deserializing extends JsonDeserializer<ProfileKeyCommitment> { public static class Deserializing extends JsonDeserializer<ProfileKeyCommitment> {
@Override @Override
public ProfileKeyCommitment deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException { public ProfileKeyCommitment deserialize(JsonParser p, DeserializationContext ctxt) throws IOException {
try { try {
return new ProfileKeyCommitment(Base64.decode(p.getValueAsString())); return new ProfileKeyCommitment(Base64.getDecoder().decode(p.getValueAsString()));
} catch (InvalidInputException e) { } catch (InvalidInputException e) {
throw new IOException(e); throw new IOException(e);
} }

View File

@ -7,36 +7,32 @@ package org.whispersystems.textsecuregcm.entities;
import com.fasterxml.jackson.core.JsonGenerator; import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.core.JsonParser; import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationContext; import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer; import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.JsonSerializer; import com.fasterxml.jackson.databind.JsonSerializer;
import com.fasterxml.jackson.databind.SerializerProvider; import com.fasterxml.jackson.databind.SerializerProvider;
import java.io.IOException;
import java.util.Base64;
import org.signal.zkgroup.InvalidInputException; import org.signal.zkgroup.InvalidInputException;
import org.signal.zkgroup.profiles.ProfileKeyCredentialResponse; import org.signal.zkgroup.profiles.ProfileKeyCredentialResponse;
import org.whispersystems.textsecuregcm.util.Base64;
import java.io.IOException;
public class ProfileKeyCredentialResponseAdapter { public class ProfileKeyCredentialResponseAdapter {
public static class Serializing extends JsonSerializer<ProfileKeyCredentialResponse> { public static class Serializing extends JsonSerializer<ProfileKeyCredentialResponse> {
@Override @Override
public void serialize(ProfileKeyCredentialResponse response, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) public void serialize(ProfileKeyCredentialResponse response, JsonGenerator jsonGenerator, SerializerProvider serializerProvider)
throws IOException, JsonProcessingException throws IOException {
{
if (response == null) jsonGenerator.writeNull(); if (response == null) jsonGenerator.writeNull();
else jsonGenerator.writeString(Base64.encodeBytes(response.serialize())); else jsonGenerator.writeString(Base64.getEncoder().encodeToString(response.serialize()));
} }
} }
public static class Deserializing extends JsonDeserializer<ProfileKeyCredentialResponse> { public static class Deserializing extends JsonDeserializer<ProfileKeyCredentialResponse> {
@Override @Override
public ProfileKeyCredentialResponse deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) public ProfileKeyCredentialResponse deserialize(JsonParser jsonParser, DeserializationContext deserializationContext)
throws IOException, JsonProcessingException throws IOException {
{
try { try {
return new ProfileKeyCredentialResponse(Base64.decode(jsonParser.getValueAsString())); return new ProfileKeyCredentialResponse(Base64.getDecoder().decode(jsonParser.getValueAsString()));
} catch (InvalidInputException e) { } catch (InvalidInputException e) {
throw new IOException(e); throw new IOException(e);
} }

View File

@ -16,11 +16,11 @@ import java.security.Signature;
import java.security.SignatureException; import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException; import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import org.apache.commons.codec.binary.Hex; import org.apache.commons.codec.binary.Hex;
import org.whispersystems.websocket.util.Base64;
public class CanonicalRequestSigner { public class CanonicalRequestSigner {
@ -28,7 +28,7 @@ public class CanonicalRequestSigner {
private final PrivateKey rsaSigningKey; private final PrivateKey rsaSigningKey;
private static final Pattern PRIVATE_KEY_PATTERN = private static final Pattern PRIVATE_KEY_PATTERN =
Pattern.compile("(?m)(?s)^-+BEGIN PRIVATE KEY-+$(.+)^-+END PRIVATE KEY-+.*$"); Pattern.compile("^-+BEGIN PRIVATE KEY-+\\s*(.+)\\n-+END PRIVATE KEY-+\\s*$", Pattern.DOTALL);
public CanonicalRequestSigner(@Nonnull String rsaSigningKey) throws IOException, InvalidKeyException, InvalidKeySpecException { public CanonicalRequestSigner(@Nonnull String rsaSigningKey) throws IOException, InvalidKeyException, InvalidKeySpecException {
this.rsaSigningKey = initializeRsaSigningKey(rsaSigningKey); this.rsaSigningKey = initializeRsaSigningKey(rsaSigningKey);
@ -76,7 +76,7 @@ public class CanonicalRequestSigner {
if (matcher.matches()) { if (matcher.matches()) {
try { try {
final KeyFactory keyFactory = KeyFactory.getInstance("RSA"); final KeyFactory keyFactory = KeyFactory.getInstance("RSA");
final PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decode(matcher.group(1))); final PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(matcher.group(1)));
final PrivateKey key = keyFactory.generatePrivate(keySpec); final PrivateKey key = keyFactory.generatePrivate(keySpec);
testKeyIsValidForSigning(key); testKeyIsValidForSigning(key);

View File

@ -13,6 +13,7 @@ import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.time.Duration; import java.time.Duration;
import java.util.Base64;
import java.util.UUID; import java.util.UUID;
import java.util.concurrent.CompletableFuture; import java.util.concurrent.CompletableFuture;
import java.util.concurrent.Executor; import java.util.concurrent.Executor;
@ -20,7 +21,6 @@ import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialGenerator;
import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials;
import org.whispersystems.textsecuregcm.configuration.SecureBackupServiceConfiguration; import org.whispersystems.textsecuregcm.configuration.SecureBackupServiceConfiguration;
import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient; import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient;
import org.whispersystems.textsecuregcm.util.Base64;
/** /**
* A client for sending requests to Signal's secure value recovery service on behalf of authenticated users. * A client for sending requests to Signal's secure value recovery service on behalf of authenticated users.
@ -56,7 +56,8 @@ public class SecureBackupClient {
final HttpRequest request = HttpRequest.newBuilder() final HttpRequest request = HttpRequest.newBuilder()
.uri(deleteUri) .uri(deleteUri)
.DELETE() .DELETE()
.header("Authorization", "Basic " + Base64.encodeBytes((credentials.getUsername() + ":" + credentials.getPassword()).getBytes(StandardCharsets.UTF_8))) .header("Authorization", "Basic " + Base64.getEncoder().encodeToString(
(credentials.getUsername() + ":" + credentials.getPassword()).getBytes(StandardCharsets.UTF_8)))
.build(); .build();
return httpClient.sendAsync(request, HttpResponse.BodyHandlers.ofString()).thenApply(response -> { return httpClient.sendAsync(request, HttpResponse.BodyHandlers.ofString()).thenApply(response -> {

View File

@ -10,7 +10,6 @@ import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialGenerator;
import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials;
import org.whispersystems.textsecuregcm.configuration.SecureStorageServiceConfiguration; import org.whispersystems.textsecuregcm.configuration.SecureStorageServiceConfiguration;
import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient; import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient;
import org.whispersystems.textsecuregcm.util.Base64;
import java.net.URI; import java.net.URI;
import java.net.http.HttpClient; import java.net.http.HttpClient;
@ -19,6 +18,7 @@ import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.time.Duration; import java.time.Duration;
import java.util.Base64;
import java.util.UUID; import java.util.UUID;
import java.util.concurrent.CompletableFuture; import java.util.concurrent.CompletableFuture;
import java.util.concurrent.Executor; import java.util.concurrent.Executor;
@ -57,7 +57,8 @@ public class SecureStorageClient {
final HttpRequest request = HttpRequest.newBuilder() final HttpRequest request = HttpRequest.newBuilder()
.uri(deleteUri) .uri(deleteUri)
.DELETE() .DELETE()
.header("Authorization", "Basic " + Base64.encodeBytes((credentials.getUsername() + ":" + credentials.getPassword()).getBytes(StandardCharsets.UTF_8))) .header("Authorization", "Basic " + Base64.getEncoder().encodeToString(
(credentials.getUsername() + ":" + credentials.getPassword()).getBytes(StandardCharsets.UTF_8)))
.build(); .build();
return httpClient.sendAsync(request, HttpResponse.BodyHandlers.ofString()).thenApply(response -> { return httpClient.sendAsync(request, HttpResponse.BodyHandlers.ofString()).thenApply(response -> {

View File

@ -20,6 +20,7 @@ import java.net.http.HttpRequest;
import java.net.http.HttpResponse; import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.time.Duration; import java.time.Duration;
import java.util.Base64;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
@ -39,7 +40,6 @@ import org.whispersystems.textsecuregcm.configuration.TwilioConfiguration;
import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient; import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient;
import org.whispersystems.textsecuregcm.http.FormDataBodyPublisher; import org.whispersystems.textsecuregcm.http.FormDataBodyPublisher;
import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager; import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.util.Constants; import org.whispersystems.textsecuregcm.util.Constants;
import org.whispersystems.textsecuregcm.util.ExecutorUtils; import org.whispersystems.textsecuregcm.util.ExecutorUtils;
import org.whispersystems.textsecuregcm.util.SystemMapper; import org.whispersystems.textsecuregcm.util.SystemMapper;
@ -124,7 +124,7 @@ public class TwilioSmsSender {
.uri(smsUri) .uri(smsUri)
.POST(FormDataBodyPublisher.of(requestParameters)) .POST(FormDataBodyPublisher.of(requestParameters))
.header("Content-Type", "application/x-www-form-urlencoded") .header("Content-Type", "application/x-www-form-urlencoded")
.header("Authorization", "Basic " + Base64.encodeBytes((accountId + ":" + accountToken).getBytes(StandardCharsets.UTF_8))) .header("Authorization", "Basic " + Base64.getEncoder().encodeToString((accountId + ":" + accountToken).getBytes(StandardCharsets.UTF_8)))
.build(); .build();
smsMeter.mark(); smsMeter.mark();
@ -183,7 +183,7 @@ public class TwilioSmsSender {
.uri(voxUri) .uri(voxUri)
.POST(FormDataBodyPublisher.of(requestParameters)) .POST(FormDataBodyPublisher.of(requestParameters))
.header("Content-Type", "application/x-www-form-urlencoded") .header("Content-Type", "application/x-www-form-urlencoded")
.header("Authorization", "Basic " + Base64.encodeBytes((accountId + ":" + accountToken).getBytes())) .header("Authorization", "Basic " + Base64.getEncoder().encodeToString((accountId + ":" + accountToken).getBytes()))
.build(); .build();
voxMeter.mark(); voxMeter.mark();

View File

@ -6,6 +6,7 @@ import java.io.IOException;
import java.net.URI; import java.net.URI;
import java.net.http.HttpRequest; import java.net.http.HttpRequest;
import java.net.http.HttpResponse; import java.net.http.HttpResponse;
import java.util.Base64;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Locale.LanguageRange; import java.util.Locale.LanguageRange;
@ -19,7 +20,6 @@ import org.slf4j.LoggerFactory;
import org.whispersystems.textsecuregcm.configuration.TwilioConfiguration; import org.whispersystems.textsecuregcm.configuration.TwilioConfiguration;
import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient; import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient;
import org.whispersystems.textsecuregcm.http.FormDataBodyPublisher; import org.whispersystems.textsecuregcm.http.FormDataBodyPublisher;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.util.SystemMapper; import org.whispersystems.textsecuregcm.util.SystemMapper;
import org.whispersystems.textsecuregcm.util.Util; import org.whispersystems.textsecuregcm.util.Util;
@ -163,7 +163,7 @@ class TwilioVerifySender {
.uri(verifyServiceUri) .uri(verifyServiceUri)
.POST(FormDataBodyPublisher.of(requestParameters)) .POST(FormDataBodyPublisher.of(requestParameters))
.header("Content-Type", "application/x-www-form-urlencoded") .header("Content-Type", "application/x-www-form-urlencoded")
.header("Authorization", "Basic " + Base64.encodeBytes((accountId + ":" + accountToken).getBytes())) .header("Authorization", "Basic " + Base64.getEncoder().encodeToString((accountId + ":" + accountToken).getBytes()))
.build(); .build();
} }
@ -176,7 +176,7 @@ class TwilioVerifySender {
.uri(verifyApprovalBaseUri.resolve(verificationSid)) .uri(verifyApprovalBaseUri.resolve(verificationSid))
.POST(FormDataBodyPublisher.of(requestParameters)) .POST(FormDataBodyPublisher.of(requestParameters))
.header("Content-Type", "application/x-www-form-urlencoded") .header("Content-Type", "application/x-www-form-urlencoded")
.header("Authorization", "Basic " + Base64.encodeBytes((accountId + ":" + accountToken).getBytes())) .header("Authorization", "Basic " + Base64.getEncoder().encodeToString((accountId + ":" + accountToken).getBytes()))
.build(); .build();
return httpClient.sendAsync(request, HttpResponse.BodyHandlers.ofString()) return httpClient.sendAsync(request, HttpResponse.BodyHandlers.ofString())

View File

@ -7,31 +7,27 @@ package org.whispersystems.textsecuregcm.util;
import com.fasterxml.jackson.core.JsonGenerator; import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.core.JsonParser; import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationContext; import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer; import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.JsonSerializer; import com.fasterxml.jackson.databind.JsonSerializer;
import com.fasterxml.jackson.databind.SerializerProvider; import com.fasterxml.jackson.databind.SerializerProvider;
import java.io.IOException; import java.io.IOException;
import java.util.Base64;
public class ByteArrayAdapter { public class ByteArrayAdapter {
public static class Serializing extends JsonSerializer<byte[]> { public static class Serializing extends JsonSerializer<byte[]> {
@Override @Override
public void serialize(byte[] bytes, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) public void serialize(byte[] bytes, JsonGenerator jsonGenerator, SerializerProvider serializerProvider)
throws IOException, JsonProcessingException throws IOException {
{ jsonGenerator.writeString(Base64.getEncoder().withoutPadding().encodeToString(bytes));
jsonGenerator.writeString(Base64.encodeBytesWithoutPadding(bytes));
} }
} }
public static class Deserializing extends JsonDeserializer<byte[]> { public static class Deserializing extends JsonDeserializer<byte[]> {
@Override @Override
public byte[] deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) public byte[] deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException {
throws IOException, JsonProcessingException return Base64.getDecoder().decode(jsonParser.getValueAsString());
{
return Base64.decodeWithoutPadding(jsonParser.getValueAsString());
} }
} }
} }

View File

@ -5,7 +5,6 @@
package org.whispersystems.textsecuregcm.util; package org.whispersystems.textsecuregcm.util;
import com.google.i18n.phonenumbers.PhoneNumberUtil; import com.google.i18n.phonenumbers.PhoneNumberUtil;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.net.URLEncoder; import java.net.URLEncoder;
import java.security.MessageDigest; import java.security.MessageDigest;
@ -14,8 +13,13 @@ import java.security.SecureRandom;
import java.time.Clock; import java.time.Clock;
import java.time.Duration; import java.time.Duration;
import java.time.temporal.ChronoField; import java.time.temporal.ChronoField;
import java.util.*; import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Locale;
import java.util.Locale.LanguageRange; import java.util.Locale.LanguageRange;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import java.util.regex.Pattern; import java.util.regex.Pattern;
@ -36,10 +40,6 @@ public class Util {
} }
} }
public static String getEncodedContactToken(String number) {
return Base64.encodeBytesWithoutPadding(getContactToken(number));
}
public static boolean isValidNumber(String number) { public static boolean isValidNumber(String number) {
return number.matches("^\\+[0-9]+") && PhoneNumberUtil.getInstance().isPossibleNumber(number, null); return number.matches("^\\+[0-9]+") && PhoneNumberUtil.getInstance().isPossibleNumber(number, null);
} }

View File

@ -5,13 +5,12 @@
package org.whispersystems.textsecuregcm.websocket; package org.whispersystems.textsecuregcm.websocket;
import org.whispersystems.textsecuregcm.util.Base64;
import java.security.SecureRandom; import java.security.SecureRandom;
import java.util.Base64;
public class ProvisioningAddress extends WebsocketAddress { public class ProvisioningAddress extends WebsocketAddress {
public ProvisioningAddress(String address, int id) throws InvalidWebsocketAddressException { public ProvisioningAddress(String address, int id) {
super(address, id); super(address, id);
} }
@ -24,14 +23,9 @@ public class ProvisioningAddress extends WebsocketAddress {
} }
public static ProvisioningAddress generate() { public static ProvisioningAddress generate() {
try { byte[] random = new byte[16];
byte[] random = new byte[16]; new SecureRandom().nextBytes(random);
new SecureRandom().nextBytes(random);
return new ProvisioningAddress(Base64.encodeBytesWithoutPadding(random) return new ProvisioningAddress(Base64.getUrlEncoder().withoutPadding().encodeToString(random), 0);
.replace('+', '-').replace('/', '_'), 0);
} catch (InvalidWebsocketAddressException e) {
throw new AssertionError(e);
}
} }
} }

View File

@ -14,10 +14,10 @@ import org.whispersystems.textsecuregcm.crypto.Curve;
import org.whispersystems.textsecuregcm.crypto.ECKeyPair; import org.whispersystems.textsecuregcm.crypto.ECKeyPair;
import org.whispersystems.textsecuregcm.crypto.ECPrivateKey; import org.whispersystems.textsecuregcm.crypto.ECPrivateKey;
import org.whispersystems.textsecuregcm.entities.MessageProtos; import org.whispersystems.textsecuregcm.entities.MessageProtos;
import org.whispersystems.textsecuregcm.util.Base64;
import java.io.IOException; import java.io.IOException;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
import java.util.Base64;
import java.util.Set; import java.util.Set;
import io.dropwizard.cli.Command; import io.dropwizard.cli.Command;
@ -60,8 +60,8 @@ public class CertificateCommand extends Command {
private void runCaCommand() { private void runCaCommand() {
ECKeyPair keyPair = Curve.generateKeyPair(); ECKeyPair keyPair = Curve.generateKeyPair();
System.out.println("Public key : " + Base64.encodeBytes(keyPair.getPublicKey().serialize())); System.out.println("Public key : " + Base64.getEncoder().encodeToString(keyPair.getPublicKey().serialize()));
System.out.println("Private key: " + Base64.encodeBytes(keyPair.getPrivateKey().serialize())); System.out.println("Private key: " + Base64.getEncoder().encodeToString(keyPair.getPrivateKey().serialize()));
} }
private void runCertificateCommand(Namespace namespace) throws IOException, InvalidKeyException { private void runCertificateCommand(Namespace namespace) throws IOException, InvalidKeyException {
@ -75,7 +75,7 @@ public class CertificateCommand extends Command {
return; return;
} }
ECPrivateKey key = Curve.decodePrivatePoint(Base64.decode(namespace.getString("key"))); ECPrivateKey key = Curve.decodePrivatePoint(Base64.getDecoder().decode(namespace.getString("key")));
int keyId = namespace.getInt("keyId"); int keyId = namespace.getInt("keyId");
if (RESERVED_CERTIFICATE_IDS.contains(keyId)) { if (RESERVED_CERTIFICATE_IDS.contains(keyId)) {
@ -99,7 +99,7 @@ public class CertificateCommand extends Command {
.build() .build()
.toByteArray(); .toByteArray();
System.out.println("Certificate: " + Base64.encodeBytes(signedCertificate)); System.out.println("Certificate: " + Base64.getEncoder().encodeToString(signedCertificate));
System.out.println("Private key: " + Base64.encodeBytes(keyPair.getPrivateKey().serialize())); System.out.println("Private key: " + Base64.getEncoder().encodeToString(keyPair.getPrivateKey().serialize()));
} }
} }

View File

@ -9,10 +9,10 @@ import net.sourceforge.argparse4j.inf.Namespace;
import net.sourceforge.argparse4j.inf.Subparser; import net.sourceforge.argparse4j.inf.Subparser;
import org.signal.zkgroup.ServerPublicParams; import org.signal.zkgroup.ServerPublicParams;
import org.signal.zkgroup.ServerSecretParams; import org.signal.zkgroup.ServerSecretParams;
import org.whispersystems.textsecuregcm.util.Base64;
import io.dropwizard.cli.Command; import io.dropwizard.cli.Command;
import io.dropwizard.setup.Bootstrap; import io.dropwizard.setup.Bootstrap;
import java.util.Base64;
public class ZkParamsCommand extends Command { public class ZkParamsCommand extends Command {
@ -30,8 +30,8 @@ public class ZkParamsCommand extends Command {
ServerSecretParams serverSecretParams = ServerSecretParams.generate(); ServerSecretParams serverSecretParams = ServerSecretParams.generate();
ServerPublicParams serverPublicParams = serverSecretParams.getPublicParams(); ServerPublicParams serverPublicParams = serverSecretParams.getPublicParams();
System.out.println("Public: " + Base64.encodeBytesWithoutPadding(serverPublicParams.serialize())); System.out.println("Public: " + Base64.getEncoder().withoutPadding().encodeToString(serverPublicParams.serialize()));
System.out.println("Private: " + Base64.encodeBytesWithoutPadding(serverSecretParams.serialize())); System.out.println("Private: " + Base64.getEncoder().withoutPadding().encodeToString(serverSecretParams.serialize()));
} }
} }

View File

@ -9,10 +9,10 @@ import org.junit.Test;
import org.whispersystems.textsecuregcm.crypto.Curve; import org.whispersystems.textsecuregcm.crypto.Curve;
import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.storage.Device; import org.whispersystems.textsecuregcm.storage.Device;
import org.whispersystems.textsecuregcm.util.Base64;
import java.io.IOException; import java.io.IOException;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
import java.util.Base64;
import java.util.UUID; import java.util.UUID;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
@ -29,7 +29,7 @@ public class CertificateGeneratorTest {
public void testCreateFor() throws IOException, InvalidKeyException { public void testCreateFor() throws IOException, InvalidKeyException {
final Account account = mock(Account.class); final Account account = mock(Account.class);
final Device device = mock(Device.class); final Device device = mock(Device.class);
final CertificateGenerator certificateGenerator = new CertificateGenerator(Base64.decode(SIGNING_CERTIFICATE), Curve.decodePrivatePoint(Base64.decode(SIGNING_KEY)), 1); final CertificateGenerator certificateGenerator = new CertificateGenerator(Base64.getDecoder().decode(SIGNING_CERTIFICATE), Curve.decodePrivatePoint(Base64.getDecoder().decode(SIGNING_KEY)), 1);
when(account.getIdentityKey()).thenReturn(IDENTITY_KEY); when(account.getIdentityKey()).thenReturn(IDENTITY_KEY);
when(account.getUuid()).thenReturn(UUID.randomUUID()); when(account.getUuid()).thenReturn(UUID.randomUUID());

View File

@ -9,9 +9,9 @@ import org.junit.Test;
import org.whispersystems.textsecuregcm.auth.Anonymous; import org.whispersystems.textsecuregcm.auth.Anonymous;
import org.whispersystems.textsecuregcm.auth.OptionalAccess; import org.whispersystems.textsecuregcm.auth.OptionalAccess;
import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.util.Base64;
import javax.ws.rs.WebApplicationException; import javax.ws.rs.WebApplicationException;
import java.util.Base64;
import java.util.Optional; import java.util.Optional;
import static junit.framework.TestCase.assertEquals; import static junit.framework.TestCase.assertEquals;
@ -39,7 +39,7 @@ public class OptionalAccessTest {
when(account.getUnidentifiedAccessKey()).thenReturn(Optional.of("1234".getBytes())); when(account.getUnidentifiedAccessKey()).thenReturn(Optional.of("1234".getBytes()));
try { try {
OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.encodeBytes("1234".getBytes()))), Optional.of(account), "10"); OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.getEncoder().encodeToString("1234".getBytes()))), Optional.of(account), "10");
} catch (WebApplicationException e) { } catch (WebApplicationException e) {
assertEquals(e.getResponse().getStatus(), 401); assertEquals(e.getResponse().getStatus(), 401);
} }
@ -53,7 +53,7 @@ public class OptionalAccessTest {
when(account.getUnidentifiedAccessKey()).thenReturn(Optional.of("1234".getBytes())); when(account.getUnidentifiedAccessKey()).thenReturn(Optional.of("1234".getBytes()));
try { try {
OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.encodeBytes("1234".getBytes()))), Optional.of(account), "$$"); OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.getEncoder().encodeToString("1234".getBytes()))), Optional.of(account), "$$");
} catch (WebApplicationException e) { } catch (WebApplicationException e) {
assertEquals(e.getResponse().getStatus(), 422); assertEquals(e.getResponse().getStatus(), 422);
} }
@ -67,7 +67,7 @@ public class OptionalAccessTest {
when(account.getUnidentifiedAccessKey()).thenReturn(Optional.of("1234".getBytes())); when(account.getUnidentifiedAccessKey()).thenReturn(Optional.of("1234".getBytes()));
try { try {
OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.encodeBytes("5678".getBytes()))), Optional.of(account)); OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.getEncoder().encodeToString("5678".getBytes()))), Optional.of(account));
throw new AssertionError("should fail"); throw new AssertionError("should fail");
} catch (WebApplicationException e) { } catch (WebApplicationException e) {
assertEquals(e.getResponse().getStatus(), 401); assertEquals(e.getResponse().getStatus(), 401);
@ -115,7 +115,7 @@ public class OptionalAccessTest {
Account account = mock(Account.class); Account account = mock(Account.class);
when(account.getUnidentifiedAccessKey()).thenReturn(Optional.of("1234".getBytes())); when(account.getUnidentifiedAccessKey()).thenReturn(Optional.of("1234".getBytes()));
when(account.isEnabled()).thenReturn(true); when(account.isEnabled()).thenReturn(true);
OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.encodeBytes("1234".getBytes()))), Optional.of(account)); OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.getEncoder().encodeToString("1234".getBytes()))), Optional.of(account));
} }
@Test @Test
@ -125,7 +125,7 @@ public class OptionalAccessTest {
when(account.isEnabled()).thenReturn(false); when(account.isEnabled()).thenReturn(false);
try { try {
OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.encodeBytes("1234".getBytes()))), Optional.of(account)); OptionalAccess.verify(Optional.empty(), Optional.of(new Anonymous(Base64.getEncoder().encodeToString("1234".getBytes()))), Optional.of(account));
throw new AssertionError(); throw new AssertionError();
} catch (WebApplicationException e) { } catch (WebApplicationException e) {
assertEquals(e.getResponse().getStatus(), 401); assertEquals(e.getResponse().getStatus(), 401);
@ -137,6 +137,6 @@ public class OptionalAccessTest {
Account source = mock(Account.class); Account source = mock(Account.class);
Account target = mock(Account.class); Account target = mock(Account.class);
when(target.isEnabled()).thenReturn(true); when(target.isEnabled()).thenReturn(true);
OptionalAccess.verify(Optional.of(source), Optional.empty(), Optional.of(target));; OptionalAccess.verify(Optional.of(source), Optional.empty(), Optional.of(target));
} }
} }

View File

@ -5,15 +5,31 @@
package org.whispersystems.textsecuregcm.tests.controllers; package org.whispersystems.textsecuregcm.tests.controllers;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import com.google.common.collect.ImmutableSet; import com.google.common.collect.ImmutableSet;
import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider; import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider;
import io.dropwizard.testing.junit.ResourceTestRule; import io.dropwizard.testing.junit.ResourceTestRule;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import javax.ws.rs.core.Response;
import org.assertj.core.api.Assertions; import org.assertj.core.api.Assertions;
import org.assertj.core.api.Condition; import org.assertj.core.api.Condition;
import org.assertj.core.api.InstanceOfAssertFactories; import org.assertj.core.api.InstanceOfAssertFactories;
import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory; import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.ClassRule; import org.junit.ClassRule;
import org.junit.Test; import org.junit.Test;
import org.whispersystems.textsecuregcm.auth.DisabledPermittedAccount; import org.whispersystems.textsecuregcm.auth.DisabledPermittedAccount;
@ -28,27 +44,8 @@ import org.whispersystems.textsecuregcm.limits.RateLimiter;
import org.whispersystems.textsecuregcm.limits.RateLimiters; import org.whispersystems.textsecuregcm.limits.RateLimiters;
import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.tests.util.AuthHelper; import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.util.SystemMapper; import org.whispersystems.textsecuregcm.util.SystemMapper;
import javax.ws.rs.core.Response;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.HashMap;
import java.util.Map;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
public class AttachmentControllerTest { public class AttachmentControllerTest {
private static RateLimiters rateLimiters = mock(RateLimiters.class ); private static RateLimiters rateLimiters = mock(RateLimiters.class );
@ -67,7 +64,7 @@ public class AttachmentControllerTest {
final KeyPair keyPair = keyPairGenerator.generateKeyPair(); final KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSA_PRIVATE_KEY_PEM = "-----BEGIN PRIVATE KEY-----\n" + RSA_PRIVATE_KEY_PEM = "-----BEGIN PRIVATE KEY-----\n" +
Base64.encodeBytes(keyPair.getPrivate().getEncoded()) + "\n" + Base64.getEncoder().encodeToString(keyPair.getPrivate().getEncoded()) + "\n" +
"-----END PRIVATE KEY-----"; "-----END PRIVATE KEY-----";
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
throw new AssertionError(e); throw new AssertionError(e);
@ -185,7 +182,7 @@ public class AttachmentControllerTest {
assertThat(descriptor.getPolicy()).isNotBlank(); assertThat(descriptor.getPolicy()).isNotBlank();
assertThat(descriptor.getSignature()).isNotBlank(); assertThat(descriptor.getSignature()).isNotBlank();
assertThat(new String(Base64.decode(descriptor.getPolicy()))).contains("[\"content-length-range\", 1, 104857600]"); assertThat(new String(Base64.getDecoder().decode(descriptor.getPolicy()))).contains("[\"content-length-range\", 1, 104857600]");
} }
@Test @Test

View File

@ -14,6 +14,7 @@ import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider;
import io.dropwizard.testing.junit.ResourceTestRule; import io.dropwizard.testing.junit.ResourceTestRule;
import java.io.IOException; import java.io.IOException;
import java.util.Arrays; import java.util.Arrays;
import java.util.Base64;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory; import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory;
@ -37,7 +38,6 @@ import org.whispersystems.textsecuregcm.entities.MessageProtos.SenderCertificate
import org.whispersystems.textsecuregcm.entities.MessageProtos.ServerCertificate; import org.whispersystems.textsecuregcm.entities.MessageProtos.ServerCertificate;
import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.tests.util.AuthHelper; import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.util.SystemMapper; import org.whispersystems.textsecuregcm.util.SystemMapper;
import org.whispersystems.textsecuregcm.util.Util; import org.whispersystems.textsecuregcm.util.Util;
@ -55,7 +55,7 @@ public class CertificateControllerTest {
static { static {
try { try {
certificateGenerator = new CertificateGenerator(Base64.decode(signingCertificate), Curve.decodePrivatePoint(Base64.decode(signingKey)), 1); certificateGenerator = new CertificateGenerator(Base64.getDecoder().decode(signingCertificate), Curve.decodePrivatePoint(Base64.getDecoder().decode(signingKey)), 1);
serverZkAuthOperations = new ServerZkAuthOperations(serverSecretParams); serverZkAuthOperations = new ServerZkAuthOperations(serverSecretParams);
} catch (IOException e) { } catch (IOException e) {
throw new AssertionError(e); throw new AssertionError(e);
@ -88,13 +88,13 @@ public class CertificateControllerTest {
ServerCertificate.Certificate serverCertificate = ServerCertificate.Certificate.parseFrom(serverCertificateHolder.getCertificate()); ServerCertificate.Certificate serverCertificate = ServerCertificate.Certificate.parseFrom(serverCertificateHolder.getCertificate());
assertTrue(Curve.verifySignature(Curve.decodePoint(serverCertificate.getKey().toByteArray(), 0), certificateHolder.getCertificate().toByteArray(), certificateHolder.getSignature().toByteArray())); assertTrue(Curve.verifySignature(Curve.decodePoint(serverCertificate.getKey().toByteArray(), 0), certificateHolder.getCertificate().toByteArray(), certificateHolder.getSignature().toByteArray()));
assertTrue(Curve.verifySignature(Curve.decodePoint(Base64.decode(caPublicKey), 0), serverCertificateHolder.getCertificate().toByteArray(), serverCertificateHolder.getSignature().toByteArray())); assertTrue(Curve.verifySignature(Curve.decodePoint(Base64.getDecoder().decode(caPublicKey), 0), serverCertificateHolder.getCertificate().toByteArray(), serverCertificateHolder.getSignature().toByteArray()));
assertEquals(certificate.getSender(), AuthHelper.VALID_NUMBER); assertEquals(certificate.getSender(), AuthHelper.VALID_NUMBER);
assertEquals(certificate.getSenderDevice(), 1L); assertEquals(certificate.getSenderDevice(), 1L);
assertTrue(certificate.hasSenderUuid()); assertTrue(certificate.hasSenderUuid());
assertEquals(AuthHelper.VALID_UUID.toString(), certificate.getSenderUuid()); assertEquals(AuthHelper.VALID_UUID.toString(), certificate.getSenderUuid());
assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.decode(AuthHelper.VALID_IDENTITY))); assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.getDecoder().decode(AuthHelper.VALID_IDENTITY)));
} }
@Test @Test
@ -114,12 +114,12 @@ public class CertificateControllerTest {
ServerCertificate.Certificate serverCertificate = ServerCertificate.Certificate.parseFrom(serverCertificateHolder.getCertificate()); ServerCertificate.Certificate serverCertificate = ServerCertificate.Certificate.parseFrom(serverCertificateHolder.getCertificate());
assertTrue(Curve.verifySignature(Curve.decodePoint(serverCertificate.getKey().toByteArray(), 0), certificateHolder.getCertificate().toByteArray(), certificateHolder.getSignature().toByteArray())); assertTrue(Curve.verifySignature(Curve.decodePoint(serverCertificate.getKey().toByteArray(), 0), certificateHolder.getCertificate().toByteArray(), certificateHolder.getSignature().toByteArray()));
assertTrue(Curve.verifySignature(Curve.decodePoint(Base64.decode(caPublicKey), 0), serverCertificateHolder.getCertificate().toByteArray(), serverCertificateHolder.getSignature().toByteArray())); assertTrue(Curve.verifySignature(Curve.decodePoint(Base64.getDecoder().decode(caPublicKey), 0), serverCertificateHolder.getCertificate().toByteArray(), serverCertificateHolder.getSignature().toByteArray()));
assertEquals(certificate.getSender(), AuthHelper.VALID_NUMBER); assertEquals(certificate.getSender(), AuthHelper.VALID_NUMBER);
assertEquals(certificate.getSenderDevice(), 1L); assertEquals(certificate.getSenderDevice(), 1L);
assertEquals(certificate.getSenderUuid(), AuthHelper.VALID_UUID.toString()); assertEquals(certificate.getSenderUuid(), AuthHelper.VALID_UUID.toString());
assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.decode(AuthHelper.VALID_IDENTITY))); assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.getDecoder().decode(AuthHelper.VALID_IDENTITY)));
} }
@Test @Test
@ -140,12 +140,12 @@ public class CertificateControllerTest {
ServerCertificate.Certificate serverCertificate = ServerCertificate.Certificate.parseFrom(serverCertificateHolder.getCertificate()); ServerCertificate.Certificate serverCertificate = ServerCertificate.Certificate.parseFrom(serverCertificateHolder.getCertificate());
assertTrue(Curve.verifySignature(Curve.decodePoint(serverCertificate.getKey().toByteArray(), 0), certificateHolder.getCertificate().toByteArray(), certificateHolder.getSignature().toByteArray())); assertTrue(Curve.verifySignature(Curve.decodePoint(serverCertificate.getKey().toByteArray(), 0), certificateHolder.getCertificate().toByteArray(), certificateHolder.getSignature().toByteArray()));
assertTrue(Curve.verifySignature(Curve.decodePoint(Base64.decode(caPublicKey), 0), serverCertificateHolder.getCertificate().toByteArray(), serverCertificateHolder.getSignature().toByteArray())); assertTrue(Curve.verifySignature(Curve.decodePoint(Base64.getDecoder().decode(caPublicKey), 0), serverCertificateHolder.getCertificate().toByteArray(), serverCertificateHolder.getSignature().toByteArray()));
assertTrue(StringUtils.isBlank(certificate.getSender())); assertTrue(StringUtils.isBlank(certificate.getSender()));
assertEquals(certificate.getSenderDevice(), 1L); assertEquals(certificate.getSenderDevice(), 1L);
assertEquals(certificate.getSenderUuid(), AuthHelper.VALID_UUID.toString()); assertEquals(certificate.getSenderUuid(), AuthHelper.VALID_UUID.toString());
assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.decode(AuthHelper.VALID_IDENTITY))); assertTrue(Arrays.equals(certificate.getIdentityKey().toByteArray(), Base64.getDecoder().decode(AuthHelper.VALID_IDENTITY)));
} }
@Test @Test

View File

@ -36,6 +36,7 @@ import io.dropwizard.testing.junit5.DropwizardExtensionsSupport;
import io.dropwizard.testing.junit5.ResourceExtension; import io.dropwizard.testing.junit5.ResourceExtension;
import io.lettuce.core.cluster.api.sync.RedisAdvancedClusterCommands; import io.lettuce.core.cluster.api.sync.RedisAdvancedClusterCommands;
import java.time.Duration; import java.time.Duration;
import java.util.Base64;
import java.util.HashSet; import java.util.HashSet;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
@ -90,7 +91,6 @@ import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
import org.whispersystems.textsecuregcm.storage.MessagesManager; import org.whispersystems.textsecuregcm.storage.MessagesManager;
import org.whispersystems.textsecuregcm.tests.util.AuthHelper; import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
import org.whispersystems.textsecuregcm.tests.util.RedisClusterHelper; import org.whispersystems.textsecuregcm.tests.util.RedisClusterHelper;
import org.whispersystems.textsecuregcm.util.Base64;
@ExtendWith(DropwizardExtensionsSupport.class) @ExtendWith(DropwizardExtensionsSupport.class)
class MessageControllerTest { class MessageControllerTest {
@ -298,7 +298,7 @@ class MessageControllerTest {
resources.getJerseyTest() resources.getJerseyTest()
.target(String.format("/v1/messages/%s", SINGLE_DEVICE_RECIPIENT)) .target(String.format("/v1/messages/%s", SINGLE_DEVICE_RECIPIENT))
.request() .request()
.header(OptionalAccess.UNIDENTIFIED, Base64.encodeBytes("1234".getBytes())) .header(OptionalAccess.UNIDENTIFIED, Base64.getEncoder().encodeToString("1234".getBytes()))
.put(Entity.entity(mapper.readValue(jsonFixture("fixtures/current_message_single_device.json"), IncomingMessageList.class), .put(Entity.entity(mapper.readValue(jsonFixture("fixtures/current_message_single_device.json"), IncomingMessageList.class),
MediaType.APPLICATION_JSON_TYPE)); MediaType.APPLICATION_JSON_TYPE));

View File

@ -16,6 +16,7 @@ import com.google.common.collect.ImmutableSet;
import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider; import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider;
import io.dropwizard.testing.junit.ResourceTestRule; import io.dropwizard.testing.junit.ResourceTestRule;
import java.io.IOException; import java.io.IOException;
import java.util.Base64;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory; import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory;
import org.junit.Before; import org.junit.Before;
@ -29,7 +30,6 @@ import org.whispersystems.textsecuregcm.limits.RateLimiter;
import org.whispersystems.textsecuregcm.limits.RateLimiters; import org.whispersystems.textsecuregcm.limits.RateLimiters;
import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.tests.util.AuthHelper; import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
import org.whispersystems.textsecuregcm.util.Base64;
import org.whispersystems.textsecuregcm.util.SystemMapper; import org.whispersystems.textsecuregcm.util.SystemMapper;
public class StickerControllerTest { public class StickerControllerTest {
@ -66,7 +66,7 @@ public class StickerControllerTest {
assertThat(attributes.getManifest().getKey()).isEqualTo("stickers/" + attributes.getPackId() + "/manifest.proto"); assertThat(attributes.getManifest().getKey()).isEqualTo("stickers/" + attributes.getPackId() + "/manifest.proto");
assertThat(attributes.getManifest().getAcl()).isEqualTo("private"); assertThat(attributes.getManifest().getAcl()).isEqualTo("private");
assertThat(attributes.getManifest().getPolicy()).isNotEmpty(); assertThat(attributes.getManifest().getPolicy()).isNotEmpty();
assertThat(new String(Base64.decode(attributes.getManifest().getPolicy()))).contains("[\"content-length-range\", 1, 10240]"); assertThat(new String(Base64.getDecoder().decode(attributes.getManifest().getPolicy()))).contains("[\"content-length-range\", 1, 10240]");
assertThat(attributes.getManifest().getSignature()).isNotEmpty(); assertThat(attributes.getManifest().getSignature()).isNotEmpty();
assertThat(attributes.getManifest().getAlgorithm()).isEqualTo("AWS4-HMAC-SHA256"); assertThat(attributes.getManifest().getAlgorithm()).isEqualTo("AWS4-HMAC-SHA256");
assertThat(attributes.getManifest().getCredential()).isNotEmpty(); assertThat(attributes.getManifest().getCredential()).isNotEmpty();
@ -79,7 +79,7 @@ public class StickerControllerTest {
assertThat(attributes.getStickers().get(i).getKey()).isEqualTo("stickers/" + attributes.getPackId() + "/full/" + i); assertThat(attributes.getStickers().get(i).getKey()).isEqualTo("stickers/" + attributes.getPackId() + "/full/" + i);
assertThat(attributes.getStickers().get(i).getAcl()).isEqualTo("private"); assertThat(attributes.getStickers().get(i).getAcl()).isEqualTo("private");
assertThat(attributes.getStickers().get(i).getPolicy()).isNotEmpty(); assertThat(attributes.getStickers().get(i).getPolicy()).isNotEmpty();
assertThat(new String(Base64.decode(attributes.getStickers().get(i).getPolicy()))).contains("[\"content-length-range\", 1, 307200]"); assertThat(new String(Base64.getDecoder().decode(attributes.getStickers().get(i).getPolicy()))).contains("[\"content-length-range\", 1, 307200]");
assertThat(attributes.getStickers().get(i).getSignature()).isNotEmpty(); assertThat(attributes.getStickers().get(i).getSignature()).isNotEmpty();
assertThat(attributes.getStickers().get(i).getAlgorithm()).isEqualTo("AWS4-HMAC-SHA256"); assertThat(attributes.getStickers().get(i).getAlgorithm()).isEqualTo("AWS4-HMAC-SHA256");
assertThat(attributes.getStickers().get(i).getCredential()).isNotEmpty(); assertThat(attributes.getStickers().get(i).getCredential()).isNotEmpty();

View File

@ -19,6 +19,7 @@ import static org.mockito.Mockito.when;
import io.lettuce.core.RedisException; import io.lettuce.core.RedisException;
import io.lettuce.core.cluster.api.sync.RedisAdvancedClusterCommands; import io.lettuce.core.cluster.api.sync.RedisAdvancedClusterCommands;
import java.util.Base64;
import java.util.Optional; import java.util.Optional;
import java.util.UUID; import java.util.UUID;
import org.junit.Test; import org.junit.Test;
@ -27,7 +28,6 @@ import org.whispersystems.textsecuregcm.storage.Profiles;
import org.whispersystems.textsecuregcm.storage.ProfilesManager; import org.whispersystems.textsecuregcm.storage.ProfilesManager;
import org.whispersystems.textsecuregcm.storage.VersionedProfile; import org.whispersystems.textsecuregcm.storage.VersionedProfile;
import org.whispersystems.textsecuregcm.tests.util.RedisClusterHelper; import org.whispersystems.textsecuregcm.tests.util.RedisClusterHelper;
import org.whispersystems.textsecuregcm.util.Base64;
public class ProfilesManagerTest { public class ProfilesManagerTest {
@ -39,7 +39,7 @@ public class ProfilesManagerTest {
UUID uuid = UUID.randomUUID(); UUID uuid = UUID.randomUUID();
when(commands.hget(eq("profiles::" + uuid.toString()), eq("someversion"))).thenReturn("{\"version\": \"someversion\", \"name\": \"somename\", \"avatar\": \"someavatar\", \"commitment\":\"" + Base64.encodeBytes("somecommitment".getBytes()) + "\"}"); when(commands.hget(eq("profiles::" + uuid.toString()), eq("someversion"))).thenReturn("{\"version\": \"someversion\", \"name\": \"somename\", \"avatar\": \"someavatar\", \"commitment\":\"" + Base64.getEncoder().encodeToString("somecommitment".getBytes()) + "\"}");
ProfilesManager profilesManager = new ProfilesManager(profiles, cacheCluster); ProfilesManager profilesManager = new ProfilesManager(profiles, cacheCluster);
Optional<VersionedProfile> profile = profilesManager.get(uuid, "someversion"); Optional<VersionedProfile> profile = profilesManager.get(uuid, "someversion");

View File

@ -16,6 +16,7 @@ import io.dropwizard.auth.PolymorphicAuthDynamicFeature;
import io.dropwizard.auth.basic.BasicCredentialAuthFilter; import io.dropwizard.auth.basic.BasicCredentialAuthFilter;
import io.dropwizard.auth.basic.BasicCredentials; import io.dropwizard.auth.basic.BasicCredentials;
import java.security.Principal; import java.security.Principal;
import java.util.Base64;
import java.util.Optional; import java.util.Optional;
import java.util.Random; import java.util.Random;
import java.util.UUID; import java.util.UUID;
@ -28,7 +29,6 @@ import org.whispersystems.textsecuregcm.auth.DisabledPermittedAccountAuthenticat
import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.storage.AccountsManager; import org.whispersystems.textsecuregcm.storage.AccountsManager;
import org.whispersystems.textsecuregcm.storage.Device; import org.whispersystems.textsecuregcm.storage.Device;
import org.whispersystems.textsecuregcm.util.Base64;
public class AuthHelper { public class AuthHelper {
// Static seed to ensure reproducible tests. // Static seed to ensure reproducible tests.
@ -173,11 +173,11 @@ public class AuthHelper {
} }
public static String getAuthHeader(String number, String password) { public static String getAuthHeader(String number, String password) {
return "Basic " + Base64.encodeBytes((number + ":" + password).getBytes()); return "Basic " + Base64.getEncoder().encodeToString((number + ":" + password).getBytes());
} }
public static String getUnidentifiedAccessHeader(byte[] key) { public static String getUnidentifiedAccessHeader(byte[] key) {
return Base64.encodeBytes(key); return Base64.getEncoder().encodeToString(key);
} }
public static UUID getRandomUUID(Random random) { public static UUID getRandomUUID(Random random) {