Merge remote-tracking branch 'upstream/master'

core-java-modules/core-java-security-2/README.md

@@ -5,12 +5,10 @@ This module contains articles about core Java Security
 ### Relevant Articles:
 
 - [Guide to the Java Authentication And Authorization Service (JAAS)](https://www.baeldung.com/java-authentication-authorization-service)
-- [MD5 Hashing in Java](http://www.baeldung.com/java-md5)
 - [Hashing a Password in Java](https://www.baeldung.com/java-password-hashing)
-- [SHA-256 and SHA3-256 Hashing in Java](https://www.baeldung.com/sha-256-hashing-java)
 - [Checksums in Java](https://www.baeldung.com/java-checksums)
-- [How to Read PEM File to Get Public and Private Keys](https://www.baeldung.com/java-read-pem-file-keys)
 - [Get a List of Trusted Certificates in Java](https://www.baeldung.com/java-list-trusted-certificates)
 - [Security Context Basics: User, Subject and Principal](https://www.baeldung.com/security-context-basics)
 - [The java.security.egd JVM Option](https://www.baeldung.com/java-security-egd)
+- [The Java SecureRandom Class](https://www.baeldung.com/java-secure-random)
 - More articles: [[<-- prev]](/core-java-modules/core-java-security) [[next -->]](/core-java-modules/core-java-security-3)

core-java-modules/core-java-security-2/pom.xml

@@ -24,18 +24,11 @@
             <artifactId>bcprov-jdk18on</artifactId>
             <version>${bouncycastle.version}</version>
         </dependency>
-        <!-- https://mvnrepository.com/artifact/javax.xml.bind/jaxb-api -->
-        <dependency>
-            <groupId>javax.xml.bind</groupId>
-            <artifactId>jaxb-api</artifactId>
-            <version>${jaxb-api.version}</version>
-        </dependency>
     </dependencies>
 
     <properties>
         <bouncycastle.version>1.76</bouncycastle.version>
         <commons-codec.version>1.16.0</commons-codec.version>
-        <jaxb-api.version>2.3.1</jaxb-api.version>
     </properties>
 
 </project>

core-java-modules/core-java-security-3/README.md

@@ -7,10 +7,8 @@ This module contains articles about core Java Security
 - [Secret Key and String Conversion in Java](https://www.baeldung.com/java-secret-key-to-string)
 - [Enabling Unlimited Strength Cryptography in Java](https://www.baeldung.com/jce-enable-unlimited-strength)
 - [Initialization Vector for Encryption](https://www.baeldung.com/java-encryption-iv)
-- [HMAC in Java](https://www.baeldung.com/java-hmac)
 - [Generating a Secure AES Key in Java](https://www.baeldung.com/java-secure-aes-key)
 - [Computing an X509 Certificate’s Thumbprint in Java](https://www.baeldung.com/java-x509-certificate-thumbprint)
-- [Error: “trustAnchors parameter must be non-empty”](https://www.baeldung.com/java-trustanchors-parameter-must-be-non-empty)
 - [Common Exceptions of Crypto APIs in Java](https://www.baeldung.com/java-crypto-apis-exceptions)
 - [Hashing With Argon2 in Java](https://www.baeldung.com/java-argon2-hashing)
 - [Hex Representation of a SHA-1 Digest of a String in Java](https://www.baeldung.com/java-string-sha1-hexadecimal)

core-java-modules/core-java-security-4/README.md

@@ -10,4 +10,5 @@ This module contains articles about core Java Security
 - [Enable Java SSL Debug Logging](https://www.baeldung.com/java-ssl-debug-logging)
 - [Resolving Security Exception: java.security.UnrecoverableKeyException: Cannot Recover Key](https://www.baeldung.com/java-security-unrecoverablekeyexception-resolve)
 - [List Private Keys From a Keystore](https://www.baeldung.com/java-keystore-jks-list-private-keys)
+- [Introduction to SSL in Java](http://www.baeldung.com/java-ssl)
 - More articles: [[<-- prev]](/core-java-modules/core-java-security-3)

core-java-modules/core-java-security-5/README.md

@@ -0,0 +1,11 @@
+## Core Java Security
+
+This module contains articles about core Java Security
+
+### Relevant Articles:
+- [An Introduction to Java SASL](https://www.baeldung.com/java-sasl)
+- [A Guide to Java GSS API](https://www.baeldung.com/java-gss)
+- [Encrypting and Decrypting Files in Java](http://www.baeldung.com/java-cipher-input-output-stream)
+- [Enabling TLS v1.2 in Java 7](https://www.baeldung.com/java-7-tls-v12)
+- [Intro to the Java SecurityManager](https://www.baeldung.com/java-security-manager)
+- More articles: [[<-- prev]](/core-java-modules/core-java-security-4)

core-java-modules/core-java-security-5/pom.xml

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>core-java-security-5</artifactId>
+    <packaging>jar</packaging>
+    <name>core-java-security-5</name>
+
+    <parent>
+        <groupId>com.baeldung.core-java-modules</groupId>
+        <artifactId>core-java-modules</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+    </parent>
+
+    <dependencies>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>${maven-surefire-plugin.version}</version>
+                <configuration>
+                    <argLine>
+                        --add-opens java.base/java.util=ALL-UNNAMED
+                        --add-opens java.base/java.lang=ALL-UNNAMED
+                        -Djava.security.manager=allow
+                    </argLine>
+                    <environmentVariables>
+                        <SET_BY_SUREFIRE>YES</SET_BY_SUREFIRE>
+                    </environmentVariables>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    <properties>
+    </properties>
+
+</project>

core-java-modules/core-java-security/src/test/java/com/baeldung/securitymanager/SecurityManagerUnitTest.java → core-java-modules/core-java-security-5/src/test/java/com/baeldung/securitymanager/SecurityManagerUnitTest.java

@@ -1,14 +1,12 @@
 package com.baeldung.securitymanager;
 
+import java.net.URI;
+import java.security.AccessControlException;
+
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
 
-import java.io.IOException;
-import java.net.URI;
-import java.net.URL;
-import java.security.AccessControlException;
-
 public class SecurityManagerUnitTest {
 
     private static final String TESTING_SECURITY_POLICY = "file:src/test/resources/testing.policy";

core-java-modules/core-java-security-5/src/test/resources/logback.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
+            </pattern>
+        </encoder>
+    </appender>
+
+    <root level="INFO">
+        <appender-ref ref="STDOUT" />
+    </root>
+</configuration>

core-java-modules/core-java-security/README.md

@@ -5,14 +5,12 @@ This module contains articles about core Java Security
 ### Relevant Articles: 
 
 - [Guide to the Cipher Class](http://www.baeldung.com/java-cipher-class)
-- [Introduction to SSL in Java](http://www.baeldung.com/java-ssl)
 - [Java KeyStore API](http://www.baeldung.com/java-keystore)
-- [Encrypting and Decrypting Files in Java](http://www.baeldung.com/java-cipher-input-output-stream)
 - [SSL Handshake Failures](https://www.baeldung.com/java-ssl-handshake-failures)
-- [Enabling TLS v1.2 in Java 7](https://www.baeldung.com/java-7-tls-v12)
-- [The Java SecureRandom Class](https://www.baeldung.com/java-secure-random)
-- [An Introduction to Java SASL](https://www.baeldung.com/java-sasl)
-- [A Guide to Java GSS API](https://www.baeldung.com/java-gss)
-- [Intro to the Java SecurityManager](https://www.baeldung.com/java-security-manager)
+- [MD5 Hashing in Java](http://www.baeldung.com/java-md5)
+- [How to Read PEM File to Get Public and Private Keys](https://www.baeldung.com/java-read-pem-file-keys)
+- [SHA-256 and SHA3-256 Hashing in Java](https://www.baeldung.com/sha-256-hashing-java)
+- [HMAC in Java](https://www.baeldung.com/java-hmac)
+- [Error: “trustAnchors parameter must be non-empty”](https://www.baeldung.com/java-trustanchors-parameter-must-be-non-empty)
 - More articles: [[next -->]](/core-java-modules/core-java-security-2)
 

core-java-modules/core-java-security/pom.xml

@@ -13,4 +13,59 @@
         <version>0.0.1-SNAPSHOT</version>
     </parent>
 
+    <dependencies>
+        <dependency>
+            <groupId>javax.xml.bind</groupId>
+            <artifactId>jaxb-api</artifactId>
+            <version>${jaxb-api.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>${commons-codec.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk18on</artifactId>
+            <version>${bouncycastle.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcpkix-jdk18on</artifactId>
+            <version>${bouncycastle.version}</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>${maven-surefire-plugin.version}</version>
+                <configuration>
+                    <argLine>--add-opens java.base/sun.security.x509=ALL-UNNAMED</argLine>
+                    <argLine>--add-exports java.base/sun.security.util=ALL-UNNAMED</argLine>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <compilerArgs>
+                        <arg>--add-exports</arg>
+                        <arg>java.base/sun.security.x509=ALL-UNNAMED</arg>
+                        <arg>--add-exports</arg>
+                        <arg>java.base/sun.security.util=ALL-UNNAMED</arg>
+                    </compilerArgs>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    <properties>
+        <jaxb-api.version>2.3.1</jaxb-api.version>
+        <commons-codec.version>1.16.0</commons-codec.version>
+        <bouncycastle.version>1.76</bouncycastle.version>
+    </properties>
+
 </project>

core-java-modules/core-java-security/src/main/java/com/baeldung/hashing/DigestAlgorithms.java

@@ -0,0 +1,9 @@
+package com.baeldung.hashing;
+
+public class DigestAlgorithms {
+
+    public static final String SHA3_256 = "SHA3-256";
+    public static final String SHA_256 = "SHA-256";
+    public static final String KECCAK_256 = "Keccak-256";
+
+}

core-java-modules/core-java-security-2/src/main/java/com/baeldung/hashing/SHA256Hashing.java → core-java-modules/core-java-security/src/main/java/com/baeldung/hashing/SHA256Hashing.java

@@ -1,15 +1,16 @@
 package com.baeldung.hashing;
 
-import com.google.common.hash.Hashing;
-import org.apache.commons.codec.digest.DigestUtils;
-import org.bouncycastle.util.encoders.Hex;
+import static com.baeldung.hashing.DigestAlgorithms.SHA_256;
+import static com.baeldung.hashing.SHACommonUtils.bytesToHex;
 
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 
-import static com.baeldung.hashing.DigestAlgorithms.SHA_256;
-import static com.baeldung.hashing.SHACommonUtils.bytesToHex;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.bouncycastle.util.encoders.Hex;
+
+import com.google.common.hash.Hashing;
 
 public class SHA256Hashing {
 

core-java-modules/core-java-security/src/main/java/com/baeldung/hashing/SHACommonUtils.java

@@ -0,0 +1,16 @@
+package com.baeldung.hashing;
+
+class SHACommonUtils {
+
+    public static String bytesToHex(byte[] hash) {
+        StringBuilder hexString = new StringBuilder(2 * hash.length);
+        for (byte h : hash) {
+            String hex = Integer.toHexString(0xff & h);
+            if (hex.length() == 1)
+                hexString.append('0');
+            hexString.append(hex);
+        }
+        return hexString.toString();
+    }
+
+}

core-java-modules/core-java-security-3/src/main/java/com/baeldung/hmac/HMACUtil.java → core-java-modules/core-java-security/src/main/java/com/baeldung/hmac/HMACUtil.java

@@ -1,5 +1,11 @@
 package com.baeldung.hmac;
 
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+
 import org.apache.commons.codec.digest.HmacUtils;
 import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.digests.MD5Digest;
@@ -9,12 +15,6 @@
 import org.bouncycastle.crypto.macs.HMac;
 import org.bouncycastle.crypto.params.KeyParameter;
 
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-
-
 public class HMACUtil {
 
     public static String hmacWithJava(String algorithm, String data, String key)

core-java-modules/core-java-security-2/src/main/java/com/baeldung/pem/JavaSecurityPemUtils.java → core-java-modules/core-java-security/src/main/java/com/baeldung/pem/JavaSecurityPemUtils.java

@@ -1,7 +1,5 @@
 package com.baeldung.pem;
 
-import org.apache.commons.codec.binary.Base64;
-
 import java.io.File;
 import java.io.IOException;
 import java.nio.charset.Charset;
@@ -13,6 +11,8 @@
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
 
+import org.apache.commons.codec.binary.Base64;
+
 public class JavaSecurityPemUtils {
 
     public static RSAPrivateKey readPKCS8PrivateKey(File file) throws GeneralSecurityException, IOException {

core-java-modules/core-java-security-2/src/test/java/com/baeldung/hashing/SHA256HashingUnitTest.java → core-java-modules/core-java-security/src/test/java/com/baeldung/hashing/SHA256HashingUnitTest.java

@@ -1,9 +1,9 @@
 package com.baeldung.hashing;
 
-import org.junit.Test;
-
 import static org.junit.Assert.assertEquals;
 
+import org.junit.Test;
+
 public class SHA256HashingUnitTest {
 
     private static String originalValue = "abc123";

core-java-modules/core-java-security-3/src/test/java/com/baeldung/hmac/HMACUtilUnitTest.java → core-java-modules/core-java-security/src/test/java/com/baeldung/hmac/HMACUtilUnitTest.java

@@ -1,11 +1,11 @@
 package com.baeldung.hmac;
 
-import org.junit.Test;
+import static org.junit.Assert.assertEquals;
 
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 
-import static org.junit.Assert.assertEquals;
+import org.junit.Test;
 
 public class HMACUtilUnitTest {
 

core-java-modules/core-java-security-2/src/test/java/com/baeldung/java/md5/JavaMD5UnitTest.java → core-java-modules/core-java-security/src/test/java/com/baeldung/java/md5/JavaMD5UnitTest.java

@@ -27,8 +27,6 @@ public class JavaMD5UnitTest {
 
     @Test
     public void givenPassword_whenHashing_thenVerifying() throws NoSuchAlgorithmException {
-        String hash = "35454B055CC325EA1AF2126E27707052";
-        String password = "ILoveJava";
 
         MessageDigest md = MessageDigest.getInstance("MD5");
         md.update(password.getBytes());
@@ -40,8 +38,6 @@ public void givenPassword_whenHashing_thenVerifying() throws NoSuchAlgorithmExce
 
     @Test
     public void givenFile_generatingChecksum_thenVerifying() throws NoSuchAlgorithmException, IOException {
-        String filename = "src/test/resources/test_md5.txt";
-        String checksum = "5EB63BBBE01EEED093CB22BB8F5ACDC3";
 
         MessageDigest md = MessageDigest.getInstance("MD5");
         md.update(Files.readAllBytes(Paths.get(filename)));
@@ -53,18 +49,14 @@ public void givenFile_generatingChecksum_thenVerifying() throws NoSuchAlgorithmE
 
     @Test
     public void givenPassword_whenHashingUsingCommons_thenVerifying() {
-        String hash = "35454B055CC325EA1AF2126E27707052";
-        String password = "ILoveJava";
 
         String md5Hex = DigestUtils.md5Hex(password).toUpperCase();
-
         assertThat(md5Hex.equals(hash)).isTrue();
+
     }
 
     @Test
     public void givenFile_whenChecksumUsingGuava_thenVerifying() throws IOException {
-        String filename = "src/test/resources/test_md5.txt";
-        String checksum = "5EB63BBBE01EEED093CB22BB8F5ACDC3";
 
         HashCode hash = com.google.common.io.Files.hash(new File(filename), Hashing.md5());
         String myChecksum = hash.toString().toUpperCase();