chore: sonarcloud fixes

asturio · asturio · commit 8f034e0c3825 · 2026-05-21T16:32:30.000+02:00
diff --git a/openpdf-core/src/main/java/org/openpdf/text/html/HtmlWriter.java b/openpdf-core/src/main/java/org/openpdf/text/html/HtmlWriter.java
@@ -329,7 +329,7 @@ public void open() {
         super.open();
         try {
             writeComment(Document.getVersion());
-            writeComment("CreationDate: " + new Date().toString());
+            writeComment("CreationDate: " + new Date());
             addTabs(1);
             writeEnd(HtmlTags.HEAD);
             addTabs(1);
@@ -467,7 +467,7 @@ protected void writeJavaScript(Header header) throws IOException {
         addTabs(2);
         writeStart(HtmlTags.SCRIPT);
         write(HtmlTags.LANGUAGE, HtmlTags.JAVASCRIPT);
-        if (markup.size() > 0) {
+        if (!markup.isEmpty()) {
             /* JavaScript reference example:
              *
              * <script language="JavaScript" src="/myPath/MyFunctions.js"/>
@@ -629,7 +629,7 @@ protected void write(Element element, int indent) throws IOException {
                 if (attributes != null && attributes.get(Chunk.NEWPAGE) != null) {
                     return;
                 }
-                boolean tag = isOtherFont(chunk.getFont()) || markup.size() > 0;
+                boolean tag = isOtherFont(chunk.getFont()) || !markup.isEmpty();
                 if (tag) {
                     // start span tag
                     addTabs(indent);
diff --git a/openpdf-core/src/main/java/org/openpdf/text/pdf/OcspClientBouncyCastle.java b/openpdf-core/src/main/java/org/openpdf/text/pdf/OcspClientBouncyCastle.java
@@ -108,6 +108,7 @@
 import java.math.BigInteger;
 import java.net.HttpURLConnection;
 import java.net.Proxy;
+import java.net.URI;
 import java.net.URL;
 import java.security.Provider;
 import java.security.Security;
@@ -153,6 +154,7 @@ public class OcspClientBouncyCastle implements OcspClient {
      * HTTP proxy used to access the OCSP URL
      */
     private Proxy proxy;
+    private static final Random RANDOM_INSTANCE = new Random();
 
     /**
      * Creates an instance of an OcspClient that will be using BouncyCastle.
@@ -185,10 +187,6 @@ private static OCSPReq generateOCSPRequest(X509Certificate issuerCert,
         Security.addProvider(prov);
 
         // Generate the id for the certificate we are looking for
-        // OJO... Modificacion de
-        // Felix--------------------------------------------------
-        // CertificateID id = new CertificateID(CertificateID.HASH_SHA1, issuerCert,
-        // serialNumber);
         // Example from
         // http://grepcode.com/file/repo1.maven.org/maven2/org.bouncycastle/bcmail-jdk16/1.46/org/bouncycastle/cert/ocsp/test/OCSPTest.java
         DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder()
@@ -203,19 +201,10 @@ private static OCSPReq generateOCSPRequest(X509Certificate issuerCert,
 
         gen.addRequest(id);
 
-        // create details for nonce extension
-        // Vector oids = new Vector();
-        // Vector values = new Vector();
-        // oids.add(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
-        // values.add(new X509Extension(false, new DEROctetString(new
-        // DEROctetString(PdfEncryption.createDocumentId()).getEncoded())));
-        // gen.setRequestExtensions(new X509Extensions(oids, values));
-
         // Add nonce extension
         ExtensionsGenerator extGen = new ExtensionsGenerator();
         byte[] nonce = new byte[16];
-        Random rand = new Random();
-        rand.nextBytes(nonce);
+        RANDOM_INSTANCE.nextBytes(nonce);
 
         extGen.addExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false,
                 new DEROctetString(nonce));
@@ -236,7 +225,7 @@ public byte[] getEncoded() {
             OCSPReq request = generateOCSPRequest(rootCert,
                     checkCert.getSerialNumber());
             byte[] array = request.getEncoded();
-            URL urlt = new URL(url);
+            URL urlt = new URI(url).toURL();
             Proxy tmpProxy = proxy == null ? Proxy.NO_PROXY : proxy;
             HttpURLConnection con = (HttpURLConnection) urlt.openConnection(tmpProxy);
             con.setRequestProperty("Content-Type", "application/ocsp-request");
diff --git a/openpdf-core/src/main/java/org/openpdf/text/pdf/PdfReader.java b/openpdf-core/src/main/java/org/openpdf/text/pdf/PdfReader.java
@@ -92,9 +92,13 @@ public class PdfReader implements PdfViewerPreferences, Closeable {
     static final PdfName[] pageInhCandidates = {PdfName.MEDIABOX,
             PdfName.ROTATE, PdfName.RESOURCES, PdfName.CROPBOX};
 
-    private static final byte[] endstream = PdfEncodings
-            .convertToBytes("endstream", null);
+    private static final String ENDSTREAM = "endstream";
+    private static final byte[] endstreamBytes = PdfEncodings
+            .convertToBytes(ENDSTREAM, null);
     private static final byte[] endobj = PdfEncodings.convertToBytes("endobj", null);
+    private static final String FALSE = "false";
+    private static final String ILLEGAL_LENGTH_VALUE = "illegal.length.value";
+    public static final String BAD_USER_PASSWORD = "bad.user.password";
     private final PdfViewerPreferencesImp viewerPreferences = new PdfViewerPreferencesImp();
     protected PRTokeniser tokens;
     // Each xref pair is a position
@@ -1482,12 +1486,12 @@ private void readDecryptedDocObj() throws IOException {
                     o = enc.get(PdfName.LENGTH);
                     if (!o.isNumber()) {
                         throw new InvalidPdfException(
-                                MessageLocalization.getComposedMessage("illegal.length.value"));
+                                MessageLocalization.getComposedMessage(ILLEGAL_LENGTH_VALUE));
                     }
                     lengthValue = ((PdfNumber) o).intValue();
                     if (lengthValue > 128 || lengthValue < 40 || lengthValue % 8 != 0) {
                         throw new InvalidPdfException(
-                                MessageLocalization.getComposedMessage("illegal.length.value"));
+                                MessageLocalization.getComposedMessage(ILLEGAL_LENGTH_VALUE));
                     }
                     cryptoMode = PdfWriter.STANDARD_ENCRYPTION_128;
                     break;
@@ -1513,14 +1517,14 @@ private void readDecryptedDocObj() throws IOException {
                                         .getComposedMessage("no.compatible.encryption.found"));
                     }
                     PdfObject em = enc.get(PdfName.ENCRYPTMETADATA);
-                    if (em != null && em.toString().equals("false")) {
+                    if (em != null && em.toString().equals(FALSE)) {
                         cryptoMode |= PdfWriter.DO_NOT_ENCRYPT_METADATA;
                     }
                     break;
                 case 6:
                     cryptoMode = PdfWriter.ENCRYPTION_AES_256_V3;
                     em = enc.get(PdfName.ENCRYPTMETADATA);
-                    if (em != null && em.toString().equals("false")) {
+                    if (em != null && em.toString().equals(FALSE)) {
                         cryptoMode |= PdfWriter.DO_NOT_ENCRYPT_METADATA;
                     }
                     break;
@@ -1548,12 +1552,12 @@ private void readDecryptedDocObj() throws IOException {
                     o = enc.get(PdfName.LENGTH);
                     if (!o.isNumber()) {
                         throw new InvalidPdfException(
-                                MessageLocalization.getComposedMessage("illegal.length.value"));
+                                MessageLocalization.getComposedMessage(ILLEGAL_LENGTH_VALUE));
                     }
                     lengthValue = ((PdfNumber) o).intValue();
                     if (lengthValue > 128 || lengthValue < 40 || lengthValue % 8 != 0) {
                         throw new InvalidPdfException(
-                                MessageLocalization.getComposedMessage("illegal.length.value"));
+                                MessageLocalization.getComposedMessage(ILLEGAL_LENGTH_VALUE));
                     }
                     cryptoMode = PdfWriter.STANDARD_ENCRYPTION_128;
                     recipients = (PdfArray) enc.get(PdfName.RECIPIENTS);
@@ -1582,7 +1586,7 @@ private void readDecryptedDocObj() throws IOException {
                                         .getComposedMessage("no.compatible.encryption.found"));
                     }
                     PdfObject em = dic.get(PdfName.ENCRYPTMETADATA);
-                    if (em != null && em.toString().equals("false")) {
+                    if (em != null && em.toString().equals(FALSE)) {
                         cryptoMode |= PdfWriter.DO_NOT_ENCRYPT_METADATA;
                     }
 
@@ -1634,7 +1638,7 @@ private void readDecryptedDocObj() throws IOException {
                     if (!equalsArray(uValue, decrypt.userKey,
                             (rValue == 3 || rValue == 4) ? 16 : 32)) {
                         throw new BadPasswordException(
-                                MessageLocalization.getComposedMessage("bad.user.password"));
+                                MessageLocalization.getComposedMessage(BAD_USER_PASSWORD));
                     }
                 } else {
                     ownerPasswordUsed = true;
@@ -1684,13 +1688,13 @@ decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3 */
                         // analog of step c of Algorithm 2.A for user password
                         hashAlg2B = decrypt.hashAlg2B(password, Arrays.copyOfRange(uValue, 32, 40), null);
                         if (!equalsArray(hashAlg2B, uValue, 32)) {
-                            throw new BadPasswordException(MessageLocalization.getComposedMessage("bad.user.password"));
+                            throw new BadPasswordException(MessageLocalization.getComposedMessage(BAD_USER_PASSWORD));
                         }
                         // step e of Algorithm 2.A
                         decrypt.setupByUserPassword(documentID, password, uValue, ueValue, oValue, oeValue, pValue);
                         // step f of Algorithm 2.A
                         if (!decrypt.decryptAndCheckPerms(permsValue)) {
-                            throw new BadPasswordException(MessageLocalization.getComposedMessage("bad.user.password"));
+                            throw new BadPasswordException(MessageLocalization.getComposedMessage(BAD_USER_PASSWORD));
                         }
                     }
                     pValue = decrypt.permissions;
@@ -1981,7 +1985,7 @@ private void checkPRStreamLength(PRStream stream) throws IOException {
                 String line = tokens.readString(20);
                 if (!line.startsWith("\nendstream")
                         && !line.startsWith("\r\nendstream")
-                        && !line.startsWith("\rendstream") && !line.startsWith("endstream")) {
+                        && !line.startsWith("\rendstream") && !line.startsWith(ENDSTREAM)) {
                     calc = true;
                 }
             }
@@ -1996,14 +2000,14 @@ private void checkPRStreamLength(PRStream stream) throws IOException {
                 if (!tokens.readLineSegment(tline)) {
                     break;
                 }
-                if (equalsn(tline, endstream)) {
+                if (equalsn(tline, endstreamBytes)) {
                     streamLength = pos - start;
                     break;
                 }
                 if (equalsn(tline, endobj)) {
                     tokens.seek(pos - 16);
                     String s = tokens.readString(16);
-                    int index = s.indexOf("endstream");
+                    int index = s.indexOf(ENDSTREAM);
                     if (index >= 0) {
                         pos = pos - 16 + index;
                     }
@@ -2523,7 +2527,7 @@ protected PdfObject readPRObject() throws IOException {
                         return new PdfBoolean(true);
                     } // else
                     return PdfBoolean.PDFTRUE;
-                } else if ("false".equals(sv)) {
+                } else if (FALSE.equals(sv)) {
                     if (readDepth == 0) {
                         return new PdfBoolean(false);
                     } // else
@@ -2985,6 +2989,7 @@ public int shuffleSubsetNames() {
      *
      * @return the subset prefix
      */
+    @SuppressWarnings("java:S2245") // weak random is here ok
     private String createRandomSubsetPrefix() {
         String s = "";
         for (int k = 0; k < 6; ++k) {
diff --git a/pdf-toolbox/src/main/java/org/openpdf/tools/Executable.java b/pdf-toolbox/src/main/java/org/openpdf/tools/Executable.java
@@ -59,6 +59,7 @@
  */
 public class Executable {
 
+    public static final String OS_NAME = "os.name";
     /**
      * The path to Acrobat Reader.
      */
@@ -77,7 +78,7 @@ public class Executable {
     private static Process action(final String fileName,
             String parameters, boolean waitForTermination) throws IOException {
         Process process = null;
-        if (parameters.trim().length() > 0) {
+        if (!parameters.trim().isEmpty()) {
             parameters = " " + parameters.trim();
         } else {
             parameters = "";
@@ -94,7 +95,7 @@ private static Process action(final String fileName,
                         "cmd /c start acrord32", parameters, " \"", fileName, "\""));
             }
         } else if (isMac()) {
-            if (parameters.trim().length() == 0) {
+            if (parameters.trim().isEmpty()) {
                 process = Runtime.getRuntime().exec(
                         new String[]{"/usr/bin/open", fileName});
             } else {
@@ -271,6 +272,7 @@ public static Process printDocumentSilent(File file) throws IOException {
      * @param url the URL you want to open in the browser
      * @throws IOException on error
      */
+    @SuppressWarnings("java:S4036") // PATH is under user-control
     public static void launchBrowser(String url) throws IOException {
         try {
             if (isMac()) {
@@ -305,7 +307,7 @@ public static void launchBrowser(String url) throws IOException {
      * @return true if the current os is Windows
      */
     public static boolean isWindows() {
-        String os = System.getProperty("os.name").toLowerCase();
+        String os = System.getProperty(OS_NAME).toLowerCase();
         return os.contains("windows") || os.contains("nt");
     }
 
@@ -315,7 +317,7 @@ public static boolean isWindows() {
      * @return true if the current os is Windows
      */
     public static boolean isWindows9X() {
-        String os = System.getProperty("os.name").toLowerCase();
+        String os = System.getProperty(OS_NAME).toLowerCase();
         return os.equals("windows 95") || os.equals("windows 98");
     }
 
@@ -325,7 +327,7 @@ public static boolean isWindows9X() {
      * @return true if the current os is Apple
      */
     public static boolean isMac() {
-        String os = System.getProperty("os.name").toLowerCase();
+        String os = System.getProperty(OS_NAME).toLowerCase();
         return os.contains("mac");
     }
 
@@ -335,7 +337,7 @@ public static boolean isMac() {
      * @return true if the current os is Linux
      */
     public static boolean isLinux() {
-        String os = System.getProperty("os.name").toLowerCase();
+        String os = System.getProperty(OS_NAME).toLowerCase();
         return os.contains("linux");
     }
 }
