diff --git a/app/src/test/java/io/xeres/app/crypto/aead/AEADTest.java b/app/src/test/java/io/xeres/app/crypto/aead/AEADTest.java index 85074dd7..e44f3e9b 100644 --- a/app/src/test/java/io/xeres/app/crypto/aead/AEADTest.java +++ b/app/src/test/java/io/xeres/app/crypto/aead/AEADTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 by David Gerber - https://zapek.com + * Copyright (c) 2024-2025 by David Gerber - https://zapek.com * * This file is part of Xeres. * @@ -19,8 +19,8 @@ package io.xeres.app.crypto.aead; -import io.xeres.testutils.RandomUtils; import io.xeres.testutils.TestUtils; +import org.apache.commons.lang3.RandomUtils; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; @@ -48,9 +48,9 @@ void Instance_ThrowsException() throws NoSuchMethodException @Test void EncryptChaCha20Poly1305_DecryptChaCha20Poly1305_Success() { - var nonce = RandomUtils.nextBytes(12); + var nonce = RandomUtils.insecure().randomBytes(12); var plainText = "hello world".getBytes(StandardCharsets.UTF_8); - var aad = RandomUtils.nextBytes(16); + var aad = RandomUtils.insecure().randomBytes(16); var cipherText = AEAD.encryptChaCha20Poly1305(key, nonce, plainText, aad); var decryptedText = AEAD.decryptChaCha20Poly1305(key, nonce, cipherText, aad); @@ -61,9 +61,9 @@ void EncryptChaCha20Poly1305_DecryptChaCha20Poly1305_Success() @Test void EncryptChaCha20Aes256_DecryptChaCha20Aes256_Success() { - var nonce = RandomUtils.nextBytes(12); + var nonce = RandomUtils.insecure().randomBytes(12); var plainText = "hello world".getBytes(StandardCharsets.UTF_8); - var aad = RandomUtils.nextBytes(16); + var aad = RandomUtils.insecure().randomBytes(16); var cipherText = AEAD.encryptChaCha20Sha256(key, nonce, plainText, aad); var decryptedText = AEAD.decryptChaCha20Sha256(key, nonce, cipherText, aad); diff --git a/app/src/test/java/io/xeres/app/database/model/chat/ChatRoomFakes.java b/app/src/test/java/io/xeres/app/database/model/chat/ChatRoomFakes.java index b886e3cb..792850e7 100644 --- a/app/src/test/java/io/xeres/app/database/model/chat/ChatRoomFakes.java +++ b/app/src/test/java/io/xeres/app/database/model/chat/ChatRoomFakes.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019-2023 by David Gerber - https://zapek.com + * Copyright (c) 2019-2025 by David Gerber - https://zapek.com * * This file is part of Xeres. * @@ -34,12 +34,12 @@ private ChatRoomFakes() public static ChatRoom createChatRoomEntity() { - return createChatRoomEntity(IdFakes.createLong(), IdentityFakes.createOwn(), RandomStringUtils.randomAlphabetic(8), RandomStringUtils.randomAlphabetic(8), 0); + return createChatRoomEntity(IdFakes.createLong(), IdentityFakes.createOwn(), RandomStringUtils.insecure().nextAlphabetic(8), RandomStringUtils.insecure().nextAlphabetic(8), 0); } public static ChatRoom createChatRoomEntity(IdentityGroupItem identityGroupItem) { - return createChatRoomEntity(IdFakes.createLong(), identityGroupItem, RandomStringUtils.randomAlphabetic(8), RandomStringUtils.randomAlphabetic(8), 0); + return createChatRoomEntity(IdFakes.createLong(), identityGroupItem, RandomStringUtils.insecure().nextAlphabetic(8), RandomStringUtils.insecure().nextAlphabetic(8), 0); } public static ChatRoom createChatRoomEntity(long roomId, IdentityGroupItem identityGroupItem, String name, String topic, int flags) @@ -49,7 +49,7 @@ public static ChatRoom createChatRoomEntity(long roomId, IdentityGroupItem ident public static io.xeres.app.xrs.service.chat.ChatRoom createChatRoom() { - return createChatRoom(IdFakes.createLong(), RandomStringUtils.randomAlphabetic(8), RandomStringUtils.randomAlphabetic(8), RoomType.PUBLIC, 5, false); + return createChatRoom(IdFakes.createLong(), RandomStringUtils.insecure().nextAlphabetic(8), RandomStringUtils.insecure().nextAlphabetic(8), RoomType.PUBLIC, 5, false); } public static io.xeres.app.xrs.service.chat.ChatRoom createChatRoom(long id, String name, String topic, RoomType roomType, int userCount, boolean isSigned) diff --git a/app/src/test/java/io/xeres/app/database/model/gxs/ForumGroupItemFakes.java b/app/src/test/java/io/xeres/app/database/model/gxs/ForumGroupItemFakes.java index 9df2ae6c..bac49b95 100644 --- a/app/src/test/java/io/xeres/app/database/model/gxs/ForumGroupItemFakes.java +++ b/app/src/test/java/io/xeres/app/database/model/gxs/ForumGroupItemFakes.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019-2023 by David Gerber - https://zapek.com + * Copyright (c) 2019-2025 by David Gerber - https://zapek.com * * This file is part of Xeres. * @@ -35,7 +35,7 @@ private ForumGroupItemFakes() public static ForumGroupItem createForumGroupItem() { - return createForumGroupItem(IdFakes.createGxsId(), RandomStringUtils.randomAlphabetic(8)); + return createForumGroupItem(IdFakes.createGxsId(), RandomStringUtils.insecure().nextAlphabetic(8)); } public static ForumGroupItem createForumGroupItem(GxsId gxsId, String name) @@ -43,7 +43,7 @@ public static ForumGroupItem createForumGroupItem(GxsId gxsId, String name) var item = new ForumGroupItem(gxsId, name); item.setDiffusionFlags(EnumSet.noneOf(GxsPrivacyFlags.class)); item.setSignatureFlags(EnumSet.noneOf(GxsSignatureFlags.class)); - item.setDescription(RandomStringUtils.randomAlphabetic(8)); + item.setDescription(RandomStringUtils.insecure().nextAlphabetic(8)); return item; } } diff --git a/app/src/test/java/io/xeres/app/database/model/gxs/ForumMessageItemFakes.java b/app/src/test/java/io/xeres/app/database/model/gxs/ForumMessageItemFakes.java index 5348fb3a..281d2edb 100644 --- a/app/src/test/java/io/xeres/app/database/model/gxs/ForumMessageItemFakes.java +++ b/app/src/test/java/io/xeres/app/database/model/gxs/ForumMessageItemFakes.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 by David Gerber - https://zapek.com + * Copyright (c) 2023-2025 by David Gerber - https://zapek.com * * This file is part of Xeres. * @@ -34,7 +34,7 @@ private ForumMessageItemFakes() public static ForumMessageItem createForumMessageItem() { - return createForumMessageItem(IdFakes.createGxsId(), IdFakes.createMessageId(), RandomStringUtils.randomAlphabetic(8)); + return createForumMessageItem(IdFakes.createGxsId(), IdFakes.createMessageId(), RandomStringUtils.insecure().nextAlphabetic(8)); } private static ForumMessageItem createForumMessageItem(GxsId gxsId, MessageId messageId, String name) diff --git a/app/src/test/java/io/xeres/app/database/model/gxs/IdentityGroupItemFakes.java b/app/src/test/java/io/xeres/app/database/model/gxs/IdentityGroupItemFakes.java index 689ad4e0..3079bae8 100644 --- a/app/src/test/java/io/xeres/app/database/model/gxs/IdentityGroupItemFakes.java +++ b/app/src/test/java/io/xeres/app/database/model/gxs/IdentityGroupItemFakes.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019-2023 by David Gerber - https://zapek.com + * Copyright (c) 2019-2025 by David Gerber - https://zapek.com * * This file is part of Xeres. * @@ -36,7 +36,7 @@ private IdentityGroupItemFakes() public static IdentityGroupItem createIdentityGroupItem() { - return createIdentityGroupItem(IdFakes.createGxsId(), RandomStringUtils.randomAlphabetic(8)); + return createIdentityGroupItem(IdFakes.createGxsId(), RandomStringUtils.insecure().nextAlphabetic(8)); } public static IdentityGroupItem createIdentityGroupItem(GxsId gxsId, String name) diff --git a/app/src/test/java/io/xeres/app/xrs/serialization/SerializerTest.java b/app/src/test/java/io/xeres/app/xrs/serialization/SerializerTest.java index 4a81ac66..f117d969 100644 --- a/app/src/test/java/io/xeres/app/xrs/serialization/SerializerTest.java +++ b/app/src/test/java/io/xeres/app/xrs/serialization/SerializerTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019-2023 by David Gerber - https://zapek.com + * Copyright (c) 2019-2025 by David Gerber - https://zapek.com * * This file is part of Xeres. * @@ -30,7 +30,7 @@ import io.xeres.common.id.LocationIdentifier; import io.xeres.common.id.MessageId; import io.xeres.testutils.IdFakes; -import io.xeres.testutils.RandomUtils; +import org.apache.commons.lang3.RandomUtils; import org.junit.jupiter.api.Test; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.ValueSource; @@ -444,7 +444,7 @@ void Serialize_TlvString() void Serialize_TlvKeySignature() { var buf = Unpooled.buffer(); - var key = RandomUtils.nextBytes(30); + var key = RandomUtils.insecure().randomBytes(30); var input = new Signature(IdFakes.createGxsId(), key); @@ -464,7 +464,7 @@ void Serialize_TlvKeySignatureSet() var buf = Unpooled.buffer(); Set input = new HashSet<>(); var gxsId = IdFakes.createGxsId(); - var signature = RandomUtils.nextBytes(20); + var signature = RandomUtils.insecure().randomBytes(20); var keySignature = new Signature(Signature.Type.ADMIN, gxsId, signature); input.add(keySignature); @@ -533,8 +533,8 @@ void Serialize_TlvSet_GxsId() void Serialize_TlvSet_MessageId() { var buf = Unpooled.buffer(); - var messageId1 = new MessageId(RandomUtils.nextBytes(MessageId.LENGTH)); - var messageId2 = new MessageId(RandomUtils.nextBytes(MessageId.LENGTH)); + var messageId1 = new MessageId(RandomUtils.insecure().randomBytes(MessageId.LENGTH)); + var messageId2 = new MessageId(RandomUtils.insecure().randomBytes(MessageId.LENGTH)); Set input = new HashSet<>(); input.add(messageId1); input.add(messageId2); diff --git a/app/src/test/java/io/xeres/app/xrs/service/filetransfer/FileSeederTest.java b/app/src/test/java/io/xeres/app/xrs/service/filetransfer/FileSeederTest.java index 2e259bc5..fa11ca17 100644 --- a/app/src/test/java/io/xeres/app/xrs/service/filetransfer/FileSeederTest.java +++ b/app/src/test/java/io/xeres/app/xrs/service/filetransfer/FileSeederTest.java @@ -1,6 +1,25 @@ +/* + * Copyright (c) 2025 by David Gerber - https://zapek.com + * + * This file is part of Xeres. + * + * Xeres is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Xeres is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Xeres. If not, see . + */ + package io.xeres.app.xrs.service.filetransfer; -import io.xeres.testutils.RandomUtils; +import org.apache.commons.lang3.RandomUtils; import org.junit.jupiter.api.Test; import java.io.File; @@ -18,7 +37,7 @@ private static File createTempFile(int size) throws IOException var tempFile = Files.createTempFile("fileseeder", ".tmp").toFile(); if (size > 0) { - Files.write(tempFile.toPath(), RandomUtils.nextBytes(size)); + Files.write(tempFile.toPath(), RandomUtils.insecure().randomBytes(size)); } return tempFile; } diff --git a/common/src/testFixtures/java/io/xeres/testutils/IdFakes.java b/common/src/testFixtures/java/io/xeres/testutils/IdFakes.java index 50c3647a..5d866279 100644 --- a/common/src/testFixtures/java/io/xeres/testutils/IdFakes.java +++ b/common/src/testFixtures/java/io/xeres/testutils/IdFakes.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 by David Gerber - https://zapek.com + * Copyright (c) 2023-2025 by David Gerber - https://zapek.com * * This file is part of Xeres. * @@ -22,6 +22,7 @@ import io.xeres.common.id.GxsId; import io.xeres.common.id.LocationIdentifier; import io.xeres.common.id.MessageId; +import org.apache.commons.lang3.RandomUtils; public final class IdFakes { @@ -32,7 +33,7 @@ private IdFakes() public static GxsId createGxsId() { - return new GxsId(RandomUtils.nextBytes(GxsId.LENGTH)); + return new GxsId(RandomUtils.insecure().randomBytes(GxsId.LENGTH)); } public static GxsId createGxsId(byte[] gxsId) @@ -42,21 +43,21 @@ public static GxsId createGxsId(byte[] gxsId) public static MessageId createMessageId() { - return new MessageId(RandomUtils.nextBytes(MessageId.LENGTH)); + return new MessageId(RandomUtils.insecure().randomBytes(MessageId.LENGTH)); } public static LocationIdentifier createLocationIdentifier() { - return new LocationIdentifier(RandomUtils.nextBytes(LocationIdentifier.LENGTH)); + return new LocationIdentifier(RandomUtils.insecure().randomBytes(LocationIdentifier.LENGTH)); } public static long createLong() { - return RandomUtils.nextLong(1, Long.MAX_VALUE); + return RandomUtils.insecure().randomLong(1, Long.MAX_VALUE); } public static int createInt() { - return RandomUtils.nextInt(1, Integer.MAX_VALUE); + return RandomUtils.insecure().randomInt(1, Integer.MAX_VALUE); } } diff --git a/common/src/testFixtures/java/io/xeres/testutils/RandomUtils.java b/common/src/testFixtures/java/io/xeres/testutils/RandomUtils.java deleted file mode 100644 index 791cf8db..00000000 --- a/common/src/testFixtures/java/io/xeres/testutils/RandomUtils.java +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 2023 by David Gerber - https://zapek.com - * - * This file is part of Xeres. - * - * Xeres is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * Xeres is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Xeres. If not, see . - */ - -package io.xeres.testutils; - -import org.apache.commons.lang3.Validate; - -import java.util.concurrent.ThreadLocalRandom; - -/** - * Apache stupidly deprecated RandomUtils from lang3, so we use a subset here. - */ -public final class RandomUtils -{ - - public static final String ERROR_START_END = "Start value must be smaller or equal to end value."; - public static final String ERROR_RANGES = "Both range values must be non-negative."; - - private RandomUtils() - { - throw new UnsupportedOperationException("Utility class"); - } - - public static boolean nextBoolean() - { - return random().nextBoolean(); - } - - public static byte[] nextBytes(int count) - { - Validate.isTrue(count >= 0, "Count cannot be negative."); - - final byte[] result = new byte[count]; - random().nextBytes(result); - return result; - } - - public static int nextInt() - { - return nextInt(0, Integer.MAX_VALUE); - } - - public static int nextInt(int startInclusive, int endExclusive) - { - Validate.isTrue(endExclusive >= startInclusive, ERROR_START_END); - Validate.isTrue(startInclusive >= 0, ERROR_RANGES); - - if (startInclusive == endExclusive) - { - return startInclusive; - } - return startInclusive + random().nextInt(endExclusive - startInclusive); - } - - public static double nextDouble() - { - return nextDouble(0, Double.MAX_VALUE); - } - - public static double nextDouble(double startInclusive, double endExclusive) - { - Validate.isTrue(endExclusive >= startInclusive, ERROR_START_END); - Validate.isTrue(startInclusive >= 0, ERROR_RANGES); - - if (startInclusive == endExclusive) - { - return startInclusive; - } - return startInclusive + ((endExclusive - startInclusive) * random().nextDouble()); - } - - public static float nextFloat() - { - return nextFloat(0, Float.MAX_VALUE); - } - - public static long nextLong() - { - return nextLong(Long.MAX_VALUE); - } - - public static long nextLong(long startInclusive, long endExclusive) - { - Validate.isTrue(endExclusive >= startInclusive, ERROR_START_END); - Validate.isTrue(startInclusive >= 0, ERROR_RANGES); - - if (startInclusive == endExclusive) - { - return startInclusive; - } - return startInclusive + nextLong(endExclusive - startInclusive); - } - - public static float nextFloat(float startInclusive, float endExclusive) - { - Validate.isTrue(endExclusive >= startInclusive, ERROR_START_END); - Validate.isTrue(startInclusive >= 0, ERROR_RANGES); - - if (startInclusive == endExclusive) - { - return startInclusive; - } - return startInclusive + ((endExclusive - startInclusive) * random().nextFloat()); - } - - private static long nextLong(long n) - { - long bits; - long val; - do - { - bits = random().nextLong() >>> 1; - val = bits % n; - } - while (bits - val + (n - 1) < 0); - return val; - } - - private static ThreadLocalRandom random() - { - return ThreadLocalRandom.current(); - } -} diff --git a/common/src/testFixtures/java/io/xeres/testutils/Sha1SumFakes.java b/common/src/testFixtures/java/io/xeres/testutils/Sha1SumFakes.java index f090f146..8a13b585 100644 --- a/common/src/testFixtures/java/io/xeres/testutils/Sha1SumFakes.java +++ b/common/src/testFixtures/java/io/xeres/testutils/Sha1SumFakes.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 by David Gerber - https://zapek.com + * Copyright (c) 2023-2025 by David Gerber - https://zapek.com * * This file is part of Xeres. * @@ -20,6 +20,7 @@ package io.xeres.testutils; import io.xeres.common.id.Sha1Sum; +import org.apache.commons.lang3.RandomUtils; public final class Sha1SumFakes { @@ -30,6 +31,6 @@ private Sha1SumFakes() public static Sha1Sum createSha1Sum() { - return new Sha1Sum(RandomUtils.nextBytes(Sha1Sum.LENGTH)); + return new Sha1Sum(RandomUtils.insecure().randomBytes(Sha1Sum.LENGTH)); } }