Fixes #41 by removing javax.xml.bind.DatatypeConverter usage (#42)

* Fixes #41 by removing javax.xml.bind.DatatypeConverter usage

* Suppressed deprecation warning

* Enabled all warnings when compiling.

Author: dekobon

CHANGELOG.md

@@ -2,6 +2,11 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## [4.0.5] - ?
+
+### Fixed
+ - [Removed use of javax.xml.bind.DatatypeConverter](https://github.com/joyent/java-http-signature/issues/41) 
+
 ## [4.0.4] - 2017-10-06
 
 ### Changed

common/pom.xml

@@ -22,6 +22,7 @@
         <!-- Dependency versions -->
         <dependency.bouncycastle.version>1.58</dependency.bouncycastle.version>
         <dependency.jnagmp.version>2.0.0</dependency.jnagmp.version>
+        <dependency.commons-codec.version>1.10</dependency.commons-codec.version>
     </properties>
 
     <dependencies>
@@ -46,6 +47,13 @@
                 </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>${dependency.commons-codec.version}</version>
+            <scope>test</scope>
+        </dependency>
+
     </dependencies>
 
     <build>

common/src/main/java/com/joyent/http/signature/KeyFingerprinter.java

@@ -19,17 +19,23 @@
 import java.security.interfaces.RSAPublicKey;
 import java.util.Base64;
 import java.util.Objects;
-import javax.xml.bind.DatatypeConverter;
 
 /**
  * Utiility class for calculating and verifying SSH key fingerprints as defined by OpenSSH.
  */
 public final class KeyFingerprinter {
 
-    /** OpenSSH does not pad.
+    /**
+     * OpenSSH does not pad.
      */
     private static Base64.Encoder b64Encoder = Base64.getEncoder().withoutPadding();
 
+    /**
+     * Hexadecimal characters to translate to when converting from a byte[]
+     * array to a hex string.
+     */
+    private static final char[] HEX_CHARS = "0123456789abcdef".toCharArray();
+
     @SuppressWarnings("checkstyle:javadocmethod")
     private KeyFingerprinter() {
     }
@@ -56,7 +62,7 @@ public static String md5Fingerprint(final KeyPair keyPair) {
         byte[] encoded = SshEncoder.encode(keyPair.getPublic());
         md.update(encoded);
         byte[] digest = md.digest();
-        return colonify(DatatypeConverter.printHexBinary(digest));
+        return colonify(digest);
     }
 
     /**
@@ -115,23 +121,36 @@ public static boolean verifyFingerprint(final KeyPair keyPair, final String fing
     }
 
     /**
-     * Given a hex encoded string, space it out with colons and
-     * lowercase each character to match the OpenSSH format.  For
-     * example {@code 9F0B50AEE3DAF6EBB5719A69EE799EC2} becomes {@code
+     * Given a byte array, space it out with colons and
+     * lowercase each character to match the OpenSSH format.
+     * Example output would be {@code
      * 9f:0b:50:ae:e3:da:f6:eb:b5:71:9a:69:ee:79:9e:c2}
      *
-     * @param str The hex encoded string
-     * @return str with colons
+     * @param bytes byte array to convert to hex string
+     * @return hex string with colons
      */
-    private static String colonify(final String str) {
-        StringBuilder sb = new StringBuilder();
-        for (int i = 0; i < str.length(); i++) {
-            sb.append(Character.toLowerCase(str.charAt(i)));
-            if (i % 2 == 1 && i != str.length() - 1) {
-                sb.append(":");
+    @SuppressWarnings("MagicNumber")
+    static String colonify(final byte[] bytes) {
+        Objects.requireNonNull(bytes, "byte array is null");
+
+        if (bytes.length == 0) {
+            return "";
+        }
+
+        final char[] chars = new char[bytes.length * 3 - 1];
+
+        int charPos = 0;
+        for (int i = 0; i < bytes.length; i++) {
+            final int val = bytes[i] & 0xFF;
+            chars[charPos++] = HEX_CHARS[val >>> 4];
+            chars[charPos++] = HEX_CHARS[val & 0x0F];
+
+            if (charPos + 1 < chars.length) {
+                chars[charPos++] = ':';
             }
         }
-        return sb.toString();
+
+        return new String(chars);
     }
 
     /*

common/src/test/java/com/joyent/http/signature/KeyFingerprinterTest.java

@@ -7,16 +7,14 @@
  */
 package com.joyent.http.signature;
 
+import org.bouncycastle.util.encoders.Hex;
 import org.testng.Assert;
-import org.testng.annotations.BeforeClass;
-import org.testng.annotations.Optional;
-import org.testng.annotations.Parameters;
 import org.testng.annotations.Test;
 
 
+@Test
 public class KeyFingerprinterTest {
 
-    @Test
     public void rsaMd5() throws Exception {
         Assert.assertEquals(KeyFingerprinter.md5Fingerprint(SignerTestUtil.testKeyPair("rsa_1024")),
                              SignerTestUtil.testKeyMd5Fingerprint("rsa_1024"));
@@ -28,7 +26,6 @@ public void rsaMd5() throws Exception {
                              SignerTestUtil.testKeyMd5Fingerprint("rsa_4096"));
     }
 
-    @Test
     public void rsaSha256() throws Exception {
         Assert.assertEquals(KeyFingerprinter.sha256Fingerprint(SignerTestUtil.testKeyPair("rsa_1024")),
                              SignerTestUtil.testKeySha256Fingerprint("rsa_1024"));
@@ -40,19 +37,16 @@ public void rsaSha256() throws Exception {
                              SignerTestUtil.testKeySha256Fingerprint("rsa_4096"));
     }
 
-    @Test
     public void dsaMd5() throws Exception {
          Assert.assertEquals(KeyFingerprinter.md5Fingerprint(SignerTestUtil.testKeyPair("dsa_1024")),
                              SignerTestUtil.testKeyMd5Fingerprint("dsa_1024"));
     }
 
-    @Test
     public void dsaSha256() throws Exception {
          Assert.assertEquals(KeyFingerprinter.sha256Fingerprint(SignerTestUtil.testKeyPair("dsa_1024")),
                              SignerTestUtil.testKeySha256Fingerprint("dsa_1024"));
     }
 
-    @Test
     public void ecdsaMd5() throws Exception {
         Assert.assertEquals(KeyFingerprinter.md5Fingerprint(SignerTestUtil.testKeyPair("ecdsa_256")),
                             SignerTestUtil.testKeyMd5Fingerprint("ecdsa_256"));
@@ -62,7 +56,6 @@ public void ecdsaMd5() throws Exception {
                             SignerTestUtil.testKeyMd5Fingerprint("ecdsa_521"));
     }
 
-    @Test
     public void ecdsaSha256() throws Exception {
         Assert.assertEquals(KeyFingerprinter.sha256Fingerprint(SignerTestUtil.testKeyPair("ecdsa_256")),
                             SignerTestUtil.testKeySha256Fingerprint("ecdsa_256"));
@@ -72,27 +65,38 @@ public void ecdsaSha256() throws Exception {
                             SignerTestUtil.testKeySha256Fingerprint("ecdsa_521"));
     }
 
-    @Test
     public void testVerifyDefault() throws Exception {
         Assert.assertTrue(KeyFingerprinter.verifyFingerprint(SignerTestUtil.testKeyPair("rsa_2048"),
                                                              SignerTestUtil.testKeyMd5Fingerprint("rsa_2048")));
         Assert.assertFalse(KeyFingerprinter.verifyFingerprint(SignerTestUtil.testKeyPair("rsa_2048"),
                                                               "1" + SignerTestUtil.testKeyMd5Fingerprint("rsa_2048")));
     }
 
-    @Test
     public void testVerifyMd5() throws Exception {
         Assert.assertTrue(KeyFingerprinter.verifyFingerprint(SignerTestUtil.testKeyPair("rsa_2048"),
                                                              "MD5:" + SignerTestUtil.testKeyMd5Fingerprint("rsa_2048")));
         Assert.assertFalse(KeyFingerprinter.verifyFingerprint(SignerTestUtil.testKeyPair("rsa_2048"),
                                                               "MD5:foo"));
     }
 
-    @Test
     public void testVerifySha256() throws Exception {
         Assert.assertTrue(KeyFingerprinter.verifyFingerprint(SignerTestUtil.testKeyPair("rsa_2048"),
                                                              "SHA256:" + SignerTestUtil.testKeySha256Fingerprint("rsa_2048")));
         Assert.assertFalse(KeyFingerprinter.verifyFingerprint(SignerTestUtil.testKeyPair("rsa_2048"),
                                                               "SHA256:LP3pWCEhg6rdmE05GhUKbZ7uOZqsJd0sK0AR3sVoMq4"));
     }
+
+    public void canColonifyByteArray() {
+        final String expected = "9f:0b:50:ae:e3:da:f6:eb:b5:71:9a:69:ee:79:9e:c2";
+        final byte[] bytes = Hex.decode(expected.replaceAll(":", ""));
+        final String actual = KeyFingerprinter.colonify(bytes);
+
+        Assert.assertEquals(actual, expected);
+    }
+
+    public void canColonifyEmptyByteArray() {
+        final String actual = KeyFingerprinter.colonify(new byte[0]);
+
+        Assert.assertEquals(actual, "");
+    }
 }

jaxrs-client/src/test/java/com/joyent/http/signature/jaxrs/client/SignedRequestClientRequestFilterIT.java

@@ -99,6 +99,7 @@ public static WebArchive createDeployment() {
      * @throws IOException if unable to read test key
      */
     @Test
+    @SuppressWarnings("deprecation")
     public void testSignedRequestWithFilter() throws URISyntaxException, IOException {
         Assert.assertNotNull(endpointBaseUrl);
 

pom.xml

@@ -175,8 +175,9 @@
                     <forceJavacCompilerUse>true</forceJavacCompilerUse>
                     <source>${java.min.version}</source>
                     <target>${java.min.version}</target>
+                    <showWarnings>true</showWarnings>
                     <compilerArgs>
-                        <arg>-Xlint:deprecation</arg>
+                        <arg>-Xlint:all</arg>
                     </compilerArgs>
                 </configuration>
                 <dependencies>