diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/Session.java b/acme4j-client/src/main/java/org/shredzone/acme4j/Session.java
index eefe93b6..6e0d947c 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/Session.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/Session.java
@@ -168,13 +168,14 @@ public class Session {
private void readDirectory() throws AcmeException {
synchronized (this) {
Instant now = Instant.now();
- if (directoryJson != null && directoryCacheExpiry.isAfter(now)) {
+ if (directoryCacheExpiry != null && directoryCacheExpiry.isAfter(now)) {
return;
}
- directoryJson = provider().directory(this, getServerUri());
directoryCacheExpiry = now.plus(Duration.ofHours(1));
}
+ JSON directoryJson = provider().directory(this, getServerUri());
+
JSON meta = directoryJson.get("meta").asObject();
if (meta != null) {
metadata.set(new Metadata(meta));
diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/provider/pebble/PebbleHttpConnector.java b/acme4j-client/src/main/java/org/shredzone/acme4j/provider/pebble/PebbleHttpConnector.java
index 320a097f..c3b7d34e 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/provider/pebble/PebbleHttpConnector.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/provider/pebble/PebbleHttpConnector.java
@@ -14,6 +14,7 @@
package org.shredzone.acme4j.provider.pebble;
import java.io.IOException;
+import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyManagementException;
@@ -52,10 +53,9 @@ public class PebbleHttpConnector extends HttpConnector {
*/
protected synchronized SSLSocketFactory createSocketFactory() throws IOException {
if (sslSocketFactory == null) {
- try {
+ try (InputStream in = getClass().getResourceAsStream("/org/shredzone/acme4j/provider/pebble/pebble.truststore")) {
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
- keystore.load(getClass().getResourceAsStream("/org/shredzone/acme4j/provider/pebble/pebble.truststore"),
- "acme4j".toCharArray());
+ keystore.load(in, "acme4j".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keystore);
diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/toolbox/AcmeUtils.java b/acme4j-client/src/main/java/org/shredzone/acme4j/toolbox/AcmeUtils.java
index 031a9765..8db157af 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/toolbox/AcmeUtils.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/toolbox/AcmeUtils.java
@@ -17,6 +17,7 @@ import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.io.Writer;
import java.net.IDN;
+import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.time.Instant;
@@ -58,7 +59,8 @@ public final class AcmeUtils {
private static final Pattern CONTENT_TYPE_PATTERN = Pattern.compile(
"([^;]+)(?:;.*?charset=(\"?)([a-z0-9_-]+)(\\2))?.*", Pattern.CASE_INSENSITIVE);
- private static final Base64.Encoder PEM_ENCODER = Base64.getMimeEncoder(64, "\n".getBytes());
+ private static final Base64.Encoder PEM_ENCODER = Base64.getMimeEncoder(64,
+ "\n".getBytes(StandardCharsets.US_ASCII));
/**
* Enumeration of PEM labels.
@@ -305,7 +307,7 @@ public final class AcmeUtils {
*/
public static void writeToPem(byte[] encoded, PemLabel label, Writer out) throws IOException {
out.append("-----BEGIN ").append(label.toString()).append("-----\n");
- out.append(new String(PEM_ENCODER.encode(encoded)));
+ out.append(new String(PEM_ENCODER.encode(encoded), StandardCharsets.US_ASCII));
out.append("\n-----END ").append(label.toString()).append("-----\n");
}
diff --git a/acme4j-example/pom.xml b/acme4j-example/pom.xml
index dc50c548..0991a0d3 100644
--- a/acme4j-example/pom.xml
+++ b/acme4j-example/pom.xml
@@ -31,6 +31,7 @@
true
+ true
diff --git a/acme4j-utils/src/main/java/org/shredzone/acme4j/util/CertificateUtils.java b/acme4j-utils/src/main/java/org/shredzone/acme4j/util/CertificateUtils.java
index 06b92027..e6d4ff15 100644
--- a/acme4j-utils/src/main/java/org/shredzone/acme4j/util/CertificateUtils.java
+++ b/acme4j-utils/src/main/java/org/shredzone/acme4j/util/CertificateUtils.java
@@ -16,6 +16,7 @@ package org.shredzone.acme4j.util;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
+import java.nio.charset.StandardCharsets;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
@@ -40,7 +41,7 @@ public final class CertificateUtils {
* @return CSR that was read
*/
public static PKCS10CertificationRequest readCSR(InputStream in) throws IOException {
- try (PEMParser pemParser = new PEMParser(new InputStreamReader(in))) {
+ try (PEMParser pemParser = new PEMParser(new InputStreamReader(in, StandardCharsets.US_ASCII))) {
Object parsedObj = pemParser.readObject();
if (!(parsedObj instanceof PKCS10CertificationRequest)) {
throw new IOException("Not a PKCS10 CSR");
diff --git a/pom.xml b/pom.xml
index 0ee27bab..5c0caa45 100644
--- a/pom.xml
+++ b/pom.xml
@@ -79,6 +79,18 @@
1.8
+
+ com.github.spotbugs
+ spotbugs-maven-plugin
+ 3.1.1
+
+
+
+ check
+
+
+
+
org.apache.maven.plugins
maven-surefire-plugin
@@ -188,6 +200,11 @@
en
+
+ com.github.spotbugs
+ spotbugs-maven-plugin
+ 3.1.1
+