Remove restricted static imports

Replace static imports with class referenced methods. With the exception of a few well known static imports, checkstyle restricts the static imports that a class can use. For example, `asList(...)` would be replaced with `Arrays.asList(...)`. Issue gh-8945
2026-05-22 21:33:16 +00:00 · 2020-07-27 21:34:26 -07:00
parent 9a3fa6e812
commit e9130489a6
252 changed files with 2216 additions and 2222 deletions
@@ -27,13 +27,7 @@ import javax.crypto.spec.SecretKeySpec;
 import org.springframework.security.crypto.codec.Hex;
 import org.springframework.security.crypto.keygen.BytesKeyGenerator;
 import org.springframework.security.crypto.keygen.KeyGenerators;
-
-import static org.springframework.security.crypto.encrypt.CipherUtils.doFinal;
-import static org.springframework.security.crypto.encrypt.CipherUtils.initCipher;
-import static org.springframework.security.crypto.encrypt.CipherUtils.newCipher;
-import static org.springframework.security.crypto.encrypt.CipherUtils.newSecretKey;
-import static org.springframework.security.crypto.util.EncodingUtils.concatenate;
-import static org.springframework.security.crypto.util.EncodingUtils.subArray;
+import org.springframework.security.crypto.util.EncodingUtils;

 /**
 * Encryptor that uses AES encryption.
@@ -80,7 +74,7 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 		}

 		public Cipher createCipher() {
-			return newCipher(this.toString());
+			return CipherUtils.newCipher(this.toString());
 		}

 		public BytesKeyGenerator defaultIvGenerator() {
@@ -98,8 +92,8 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 	}

 	public AesBytesEncryptor(String password, CharSequence salt, BytesKeyGenerator ivGenerator, CipherAlgorithm alg) {
-		this(newSecretKey("PBKDF2WithHmacSHA1", new PBEKeySpec(password.toCharArray(), Hex.decode(salt), 1024, 256)),
-				ivGenerator, alg);
+		this(CipherUtils.newSecretKey("PBKDF2WithHmacSHA1",
+				new PBEKeySpec(password.toCharArray(), Hex.decode(salt), 1024, 256)), ivGenerator, alg);
 	}

 	/**
@@ -122,9 +116,9 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 	public byte[] encrypt(byte[] bytes) {
 		synchronized (this.encryptor) {
 			byte[] iv = this.ivGenerator.generateKey();
-			initCipher(this.encryptor, Cipher.ENCRYPT_MODE, this.secretKey, this.alg.getParameterSpec(iv));
-			byte[] encrypted = doFinal(this.encryptor, bytes);
-			return this.ivGenerator != NULL_IV_GENERATOR ? concatenate(iv, encrypted) : encrypted;
+			CipherUtils.initCipher(this.encryptor, Cipher.ENCRYPT_MODE, this.secretKey, this.alg.getParameterSpec(iv));
+			byte[] encrypted = CipherUtils.doFinal(this.encryptor, bytes);
+			return this.ivGenerator != NULL_IV_GENERATOR ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
 		}
 	}

@@ -132,8 +126,8 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 	public byte[] decrypt(byte[] encryptedBytes) {
 		synchronized (this.decryptor) {
 			byte[] iv = iv(encryptedBytes);
-			initCipher(this.decryptor, Cipher.DECRYPT_MODE, this.secretKey, this.alg.getParameterSpec(iv));
-			return doFinal(this.decryptor,
+			CipherUtils.initCipher(this.decryptor, Cipher.DECRYPT_MODE, this.secretKey, this.alg.getParameterSpec(iv));
+			return CipherUtils.doFinal(this.decryptor,
 					this.ivGenerator != NULL_IV_GENERATOR ? encrypted(encryptedBytes, iv.length) : encryptedBytes);
 		}
 	}
@@ -141,12 +135,13 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 	// internal helpers

 	private byte[] iv(byte[] encrypted) {
-		return this.ivGenerator != NULL_IV_GENERATOR ? subArray(encrypted, 0, this.ivGenerator.getKeyLength())
+		return this.ivGenerator != NULL_IV_GENERATOR
+				? EncodingUtils.subArray(encrypted, 0, this.ivGenerator.getKeyLength())
 				: NULL_IV_GENERATOR.generateKey();
 	}

 	private byte[] encrypted(byte[] encryptedBytes, int ivLength) {
-		return subArray(encryptedBytes, ivLength, encryptedBytes.length);
+		return EncodingUtils.subArray(encryptedBytes, ivLength, encryptedBytes.length);
 	}

 	private static final BytesKeyGenerator NULL_IV_GENERATOR = new BytesKeyGenerator() {
@@ -24,9 +24,7 @@ import org.bouncycastle.crypto.params.ParametersWithIV;

 import org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm;
 import org.springframework.security.crypto.keygen.BytesKeyGenerator;
-
-import static org.springframework.security.crypto.util.EncodingUtils.concatenate;
-import static org.springframework.security.crypto.util.EncodingUtils.subArray;
+import org.springframework.security.crypto.util.EncodingUtils;

 /**
 * An Encryptor equivalent to {@link AesBytesEncryptor} using {@link CipherAlgorithm#CBC}
@@ -55,13 +53,13 @@ public class BouncyCastleAesCbcBytesEncryptor extends BouncyCastleAesBytesEncryp
 				new CBCBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()), new PKCS7Padding());
 		blockCipher.init(true, new ParametersWithIV(this.secretKey, iv));
 		byte[] encrypted = process(blockCipher, bytes);
-		return iv != null ? concatenate(iv, encrypted) : encrypted;
+		return iv != null ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
 	}

 	@Override
 	public byte[] decrypt(byte[] encryptedBytes) {
-		byte[] iv = subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength());
-		encryptedBytes = subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length);
+		byte[] iv = EncodingUtils.subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength());
+		encryptedBytes = EncodingUtils.subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length);

 		@SuppressWarnings("deprecation")
 		PaddedBufferedBlockCipher blockCipher = new PaddedBufferedBlockCipher(
@@ -22,9 +22,7 @@ import org.bouncycastle.crypto.params.AEADParameters;

 import org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm;
 import org.springframework.security.crypto.keygen.BytesKeyGenerator;
-
-import static org.springframework.security.crypto.util.EncodingUtils.concatenate;
-import static org.springframework.security.crypto.util.EncodingUtils.subArray;
+import org.springframework.security.crypto.util.EncodingUtils;

 /**
 * An Encryptor equivalent to {@link AesBytesEncryptor} using {@link CipherAlgorithm#GCM}
@@ -53,13 +51,13 @@ public class BouncyCastleAesGcmBytesEncryptor extends BouncyCastleAesBytesEncryp
 		blockCipher.init(true, new AEADParameters(this.secretKey, 128, iv, null));

 		byte[] encrypted = process(blockCipher, bytes);
-		return iv != null ? concatenate(iv, encrypted) : encrypted;
+		return iv != null ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
 	}

 	@Override
 	public byte[] decrypt(byte[] encryptedBytes) {
-		byte[] iv = subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength());
-		encryptedBytes = subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length);
+		byte[] iv = EncodingUtils.subArray(encryptedBytes, 0, this.ivGenerator.getKeyLength());
+		encryptedBytes = EncodingUtils.subArray(encryptedBytes, this.ivGenerator.getKeyLength(), encryptedBytes.length);

 		@SuppressWarnings("deprecation")
 		GCMBlockCipher blockCipher = new GCMBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine());
@@ -20,9 +20,7 @@ import java.security.MessageDigest;
 import org.springframework.security.crypto.codec.Hex;
 import org.springframework.security.crypto.keygen.BytesKeyGenerator;
 import org.springframework.security.crypto.keygen.KeyGenerators;
-
-import static org.springframework.security.crypto.util.EncodingUtils.concatenate;
-import static org.springframework.security.crypto.util.EncodingUtils.subArray;
+import org.springframework.security.crypto.util.EncodingUtils;

 /**
 * Abstract base class for password encoders
@@ -47,14 +45,14 @@ public abstract class AbstractPasswordEncoder implements PasswordEncoder {
 	@Override
 	public boolean matches(CharSequence rawPassword, String encodedPassword) {
 		byte[] digested = Hex.decode(encodedPassword);
-		byte[] salt = subArray(digested, 0, this.saltGenerator.getKeyLength());
+		byte[] salt = EncodingUtils.subArray(digested, 0, this.saltGenerator.getKeyLength());
 		return matches(digested, encodeAndConcatenate(rawPassword, salt));
 	}

 	protected abstract byte[] encode(CharSequence rawPassword, byte[] salt);

 	protected byte[] encodeAndConcatenate(CharSequence rawPassword, byte[] salt) {
-		return concatenate(salt, encode(rawPassword, salt));
+		return EncodingUtils.concatenate(salt, encode(rawPassword, salt));
 	}

 	/**
@@ -27,9 +27,7 @@ import org.springframework.security.crypto.codec.Hex;
 import org.springframework.security.crypto.codec.Utf8;
 import org.springframework.security.crypto.keygen.BytesKeyGenerator;
 import org.springframework.security.crypto.keygen.KeyGenerators;
-
-import static org.springframework.security.crypto.util.EncodingUtils.concatenate;
-import static org.springframework.security.crypto.util.EncodingUtils.subArray;
+import org.springframework.security.crypto.util.EncodingUtils;

 /**
 * A {@code PasswordEncoder} implementation that uses PBKDF2 with a configurable number of
@@ -147,7 +145,7 @@ public class Pbkdf2PasswordEncoder implements PasswordEncoder {
 	@Override
 	public boolean matches(CharSequence rawPassword, String encodedPassword) {
 		byte[] digested = decode(encodedPassword);
-		byte[] salt = subArray(digested, 0, this.saltGenerator.getKeyLength());
+		byte[] salt = EncodingUtils.subArray(digested, 0, this.saltGenerator.getKeyLength());
 		return MessageDigest.isEqual(digested, encode(rawPassword, salt));
 	}

@@ -160,10 +158,10 @@ public class Pbkdf2PasswordEncoder implements PasswordEncoder {

 	private byte[] encode(CharSequence rawPassword, byte[] salt) {
 		try {
-			PBEKeySpec spec = new PBEKeySpec(rawPassword.toString().toCharArray(), concatenate(salt, this.secret),
-					this.iterations, this.hashWidth);
+			PBEKeySpec spec = new PBEKeySpec(rawPassword.toString().toCharArray(),
+					EncodingUtils.concatenate(salt, this.secret), this.iterations, this.hashWidth);
 			SecretKeyFactory skf = SecretKeyFactory.getInstance(this.algorithm);
-			return concatenate(salt, skf.generateSecret(spec).getEncoded());
+			return EncodingUtils.concatenate(salt, skf.generateSecret(spec).getEncoded());
 		}
 		catch (GeneralSecurityException e) {
 			throw new IllegalStateException("Could not create hash", e);
@@ -21,9 +21,7 @@ import org.springframework.security.crypto.codec.Hex;
 import org.springframework.security.crypto.codec.Utf8;
 import org.springframework.security.crypto.keygen.BytesKeyGenerator;
 import org.springframework.security.crypto.keygen.KeyGenerators;
-
-import static org.springframework.security.crypto.util.EncodingUtils.concatenate;
-import static org.springframework.security.crypto.util.EncodingUtils.subArray;
+import org.springframework.security.crypto.util.EncodingUtils;

 /**
 * This {@link PasswordEncoder} is provided for legacy purposes only and is not considered
@@ -81,7 +79,7 @@ public final class StandardPasswordEncoder implements PasswordEncoder {
 	@Override
 	public boolean matches(CharSequence rawPassword, String encodedPassword) {
 		byte[] digested = decode(encodedPassword);
-		byte[] salt = subArray(digested, 0, this.saltGenerator.getKeyLength());
+		byte[] salt = EncodingUtils.subArray(digested, 0, this.saltGenerator.getKeyLength());
 		return MessageDigest.isEqual(digested, digest(rawPassword, salt));
 	}

@@ -99,8 +97,8 @@ public final class StandardPasswordEncoder implements PasswordEncoder {
 	}

 	private byte[] digest(CharSequence rawPassword, byte[] salt) {
-		byte[] digest = this.digester.digest(concatenate(salt, this.secret, Utf8.encode(rawPassword)));
-		return concatenate(salt, digest);
+		byte[] digest = this.digester.digest(EncodingUtils.concatenate(salt, this.secret, Utf8.encode(rawPassword)));
+		return EncodingUtils.concatenate(salt, digest);
 	}

 	private byte[] decode(CharSequence encodedPassword) {
@@ -23,14 +23,13 @@ import org.junit.Before;
 import org.junit.Test;

 import org.springframework.security.crypto.codec.Hex;
+import org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm;
 import org.springframework.security.crypto.keygen.BytesKeyGenerator;
+import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm;

 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.mock;
-import static org.springframework.security.crypto.encrypt.AesBytesEncryptor.CipherAlgorithm.GCM;
-import static org.springframework.security.crypto.encrypt.CipherUtils.newSecretKey;
-import static org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.SecretKeyFactoryAlgorithm.PBKDF2WithHmacSHA1;

 /**
 * Tests for {@link AesBytesEncryptor}
@@ -76,7 +75,8 @@ public class AesBytesEncryptorTests {
 	@Test
 	public void roundtripWhenUsingGcmThenEncryptsAndDecrypts() {
 		CryptoAssumptions.assumeGCMJCE();
-		AesBytesEncryptor encryptor = new AesBytesEncryptor(this.password, this.hexSalt, this.generator, GCM);
+		AesBytesEncryptor encryptor = new AesBytesEncryptor(this.password, this.hexSalt, this.generator,
+				CipherAlgorithm.GCM);

 		byte[] encryption = encryptor.encrypt(this.secret.getBytes());
 		assertThat(new String(Hex.encode(encryption)))
@@ -90,8 +90,8 @@ public class AesBytesEncryptorTests {
 	public void roundtripWhenUsingSecretKeyThenEncryptsAndDecrypts() {
 		CryptoAssumptions.assumeGCMJCE();
 		PBEKeySpec keySpec = new PBEKeySpec(this.password.toCharArray(), Hex.decode(this.hexSalt), 1024, 256);
-		SecretKey secretKey = newSecretKey(PBKDF2WithHmacSHA1.name(), keySpec);
-		AesBytesEncryptor encryptor = new AesBytesEncryptor(secretKey, this.generator, GCM);
+		SecretKey secretKey = CipherUtils.newSecretKey(SecretKeyFactoryAlgorithm.PBKDF2WithHmacSHA1.name(), keySpec);
+		AesBytesEncryptor encryptor = new AesBytesEncryptor(secretKey, this.generator, CipherAlgorithm.GCM);

 		byte[] encryption = encryptor.encrypt(this.secret.getBytes());
 		assertThat(new String(Hex.encode(encryption)))