Add UTF8 for getBytes calls

Fixes bisq-network#2729

common/src/main/java/bisq/common/crypto/PGP.java

@@ -17,6 +17,8 @@
 
 package bisq.common.crypto;
 
+import com.google.common.base.Charsets;
+
 import org.bouncycastle.bcpg.BCPGKey;
 import org.bouncycastle.bcpg.RSAPublicBCPGKey;
 import org.bouncycastle.openpgp.PGPException;
@@ -54,7 +56,7 @@ public class PGP {
     @Nullable
     public static PGPPublicKey getPubKeyFromPem(@Nullable String pem) {
         if (pem != null) {
-            InputStream inputStream = new ByteArrayInputStream(pem.getBytes());
+            InputStream inputStream = new ByteArrayInputStream(pem.getBytes(Charsets.UTF_8));
             try {
                 inputStream = PGPUtil.getDecoderStream(inputStream);
                 try {

core/src/main/java/bisq/core/alert/AlertManager.java

@@ -34,6 +34,8 @@
 import com.google.inject.Inject;
 import com.google.inject.name.Named;
 
+import com.google.common.base.Charsets;
+
 import javafx.beans.property.ObjectProperty;
 import javafx.beans.property.ReadOnlyObjectProperty;
 import javafx.beans.property.SimpleObjectProperty;
@@ -151,13 +153,13 @@ private boolean isKeyValid(String privKeyString) {
     }
 
     private void signAndAddSignatureToAlertMessage(Alert alert) {
-        String alertMessageAsHex = Utils.HEX.encode(alert.getMessage().getBytes());
+        String alertMessageAsHex = Utils.HEX.encode(alert.getMessage().getBytes(Charsets.UTF_8));
         String signatureAsBase64 = alertSigningKey.signMessage(alertMessageAsHex);
         alert.setSigAndPubKey(signatureAsBase64, keyRing.getSignatureKeyPair().getPublic());
     }
 
     private boolean verifySignature(Alert alert) {
-        String alertMessageAsHex = Utils.HEX.encode(alert.getMessage().getBytes());
+        String alertMessageAsHex = Utils.HEX.encode(alert.getMessage().getBytes(Charsets.UTF_8));
         try {
             ECKey.fromPublicOnly(HEX.decode(pubKeyAsHex)).verifyMessage(alertMessageAsHex, alert.getSignatureAsBase64());
             return true;

core/src/main/java/bisq/core/alert/PrivateNotificationManager.java

@@ -35,6 +35,8 @@
 import com.google.inject.Inject;
 import com.google.inject.name.Named;
 
+import com.google.common.base.Charsets;
+
 import javafx.beans.property.ObjectProperty;
 import javafx.beans.property.ReadOnlyObjectProperty;
 import javafx.beans.property.SimpleObjectProperty;
@@ -145,13 +147,13 @@ private boolean isKeyValid(String privKeyString) {
     }
 
     private void signAndAddSignatureToPrivateNotificationMessage(PrivateNotificationPayload privateNotification) {
-        String privateNotificationMessageAsHex = Utils.HEX.encode(privateNotification.getMessage().getBytes());
+        String privateNotificationMessageAsHex = Utils.HEX.encode(privateNotification.getMessage().getBytes(Charsets.UTF_8));
         String signatureAsBase64 = privateNotificationSigningKey.signMessage(privateNotificationMessageAsHex);
         privateNotification.setSigAndPubKey(signatureAsBase64, keyRing.getSignatureKeyPair().getPublic());
     }
 
     private boolean verifySignature(PrivateNotificationPayload privateNotification) {
-        String privateNotificationMessageAsHex = Utils.HEX.encode(privateNotification.getMessage().getBytes());
+        String privateNotificationMessageAsHex = Utils.HEX.encode(privateNotification.getMessage().getBytes(Charsets.UTF_8));
         try {
             ECKey.fromPublicOnly(HEX.decode(pubKeyAsHex)).verifyMessage(privateNotificationMessageAsHex, privateNotification.getSignatureAsBase64());
             return true;

core/src/main/java/bisq/core/notifications/MobileMessageEncryption.java

@@ -19,6 +19,8 @@
 
 import javax.inject.Inject;
 
+import com.google.common.base.Charsets;
+
 import org.apache.commons.codec.binary.Base64;
 
 import javax.crypto.Cipher;
@@ -40,7 +42,7 @@ public MobileMessageEncryption() {
     }
 
     public void setKey(String key) {
-        keySpec = new SecretKeySpec(key.getBytes(), "AES");
+        keySpec = new SecretKeySpec(key.getBytes(Charsets.UTF_8), "AES");
         try {
             cipher = Cipher.getInstance("AES/CBC/NOPadding");
         } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
@@ -56,7 +58,7 @@ public String encrypt(String valueToEncrypt, String iv) throws Exception {
         if (iv.length() != 16) {
             throw new Exception("iv not 16 characters");
         }
-        IvParameterSpec ivSpec = new IvParameterSpec(iv.getBytes());
+        IvParameterSpec ivSpec = new IvParameterSpec(iv.getBytes(Charsets.UTF_8));
         byte[] encryptedBytes = doEncrypt(valueToEncrypt, ivSpec);
         return Base64.encodeBase64String(encryptedBytes);
     }
@@ -69,7 +71,7 @@ private byte[] doEncrypt(String text, IvParameterSpec ivSpec) throws Exception {
         byte[] encrypted;
         try {
             cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);
-            encrypted = cipher.doFinal(text.getBytes());
+            encrypted = cipher.doFinal(text.getBytes(Charsets.UTF_8));
         } catch (Exception e) {
             throw new Exception("[encrypt] " + e.getMessage());
         }

core/src/main/java/bisq/core/trade/protocol/ArbitratorSelectionRule.java

@@ -23,6 +23,8 @@
 
 import bisq.common.crypto.Hash;
 
+import com.google.common.base.Charsets;
+
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
@@ -41,7 +43,7 @@ public static NodeAddress select(List<NodeAddress> acceptedArbitratorNodeAddress
         }
         checkArgument(candidates.size() > 0, "candidates.size() <= 0");
 
-        int index = Math.abs(Arrays.hashCode(Hash.getSha256Hash(offer.getId().getBytes()))) % candidates.size();
+        int index = Math.abs(Arrays.hashCode(Hash.getSha256Hash(offer.getId().getBytes(Charsets.UTF_8)))) % candidates.size();
         NodeAddress selectedArbitrator = candidates.get(index);
         log.debug("selectedArbitrator " + selectedArbitrator);
         return selectedArbitrator;

core/src/main/java/bisq/core/trade/protocol/MediatorSelectionRule.java

@@ -23,6 +23,8 @@
 
 import bisq.common.crypto.Hash;
 
+import com.google.common.base.Charsets;
+
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
@@ -43,7 +45,7 @@ public static NodeAddress select(List<NodeAddress> acceptedMediatorNodeAddresses
         }
         checkArgument(candidates.size() > 0, "candidates.size() <= 0");
 
-        int index = Math.abs(Arrays.hashCode(Hash.getSha256Hash(offer.getId().getBytes()))) % candidates.size();
+        int index = Math.abs(Arrays.hashCode(Hash.getSha256Hash(offer.getId().getBytes(Charsets.UTF_8)))) % candidates.size();
         NodeAddress selectedMediator = candidates.get(index);
         log.debug("selectedMediator " + selectedMediator);
         return selectedMediator;

core/src/main/java/bisq/core/trade/protocol/tasks/maker/MakerProcessPayDepositRequest.java

@@ -27,6 +27,8 @@
 
 import org.bitcoinj.core.Coin;
 
+import com.google.common.base.Charsets;
+
 import lombok.extern.slf4j.Slf4j;
 
 import static bisq.core.util.Validator.checkTradeId;
@@ -70,7 +72,7 @@ protected void run() {
                 failed("acceptedArbitratorNodeAddresses must not be empty");
 
             // Taker has to sign offerId (he cannot manipulate that - so we avoid to have a challenge protocol for passing the nonce we want to get signed)
-            tradingPeer.setAccountAgeWitnessNonce(trade.getOffer().getId().getBytes());
+            tradingPeer.setAccountAgeWitnessNonce(trade.getOffer().getId().getBytes(Charsets.UTF_8));
             tradingPeer.setAccountAgeWitnessSignature(payDepositRequest.getAccountAgeWitnessSignatureOfOfferId());
             tradingPeer.setCurrentDate(payDepositRequest.getCurrentDate());
 

core/src/main/java/bisq/core/trade/protocol/tasks/taker/TakerSendPayDepositRequest.java

@@ -32,6 +32,8 @@
 import bisq.common.crypto.Sig;
 import bisq.common.taskrunner.TaskRunner;
 
+import com.google.common.base.Charsets;
+
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
@@ -82,7 +84,7 @@ protected void run() {
             // Taker has to use offerId as nonce (he cannot manipulate that - so we avoid to have a challenge protocol for passing the nonce we want to get signed)
             // He cannot manipulate the offerId - so we avoid to have a challenge protocol for passing the nonce we want to get signed.
             final PaymentAccountPayload paymentAccountPayload = checkNotNull(processModel.getPaymentAccountPayload(trade), "processModel.getPaymentAccountPayload(trade) must not be null");
-            byte[] sig = Sig.sign(processModel.getKeyRing().getSignatureKeyPair().getPrivate(), offerId.getBytes());
+            byte[] sig = Sig.sign(processModel.getKeyRing().getSignatureKeyPair().getPrivate(), offerId.getBytes(Charsets.UTF_8));
 
             PayDepositRequest message = new PayDepositRequest(
                     offerId,

core/src/main/java/bisq/core/trade/statistics/TradeStatistics2.java

@@ -46,6 +46,8 @@
 
 import org.springframework.util.CollectionUtils;
 
+import com.google.common.base.Charsets;
+
 import java.util.Date;
 import java.util.Map;
 import java.util.Optional;
@@ -156,7 +158,7 @@ public TradeStatistics2(OfferPayload.Direction direction,
         if (hash == null)
             // We create hash from all fields excluding hash itself. We use json as simple data serialisation.
             // tradeDate is different for both peers so we ignore it for hash.
-            this.hash = Hash.getSha256Ripemd160hash(Utilities.objectToJson(this).getBytes());
+            this.hash = Hash.getSha256Ripemd160hash(Utilities.objectToJson(this).getBytes(Charsets.UTF_8));
         else
             this.hash = hash;
     }

desktop/src/main/java/bisq/desktop/components/PeerInfoIcon.java

@@ -29,6 +29,8 @@
 
 import bisq.network.p2p.NodeAddress;
 
+import com.google.common.base.Charsets;
+
 import javafx.scene.Group;
 import javafx.scene.canvas.Canvas;
 import javafx.scene.canvas.GraphicsContext;
@@ -121,7 +123,7 @@ public PeerInfoIcon(NodeAddress nodeAddress,
         int intValue = 0;
         try {
             MessageDigest md = MessageDigest.getInstance("SHA1");
-            byte[] bytes = md.digest(fullAddress.getBytes());
+            byte[] bytes = md.digest(fullAddress.getBytes(Charsets.UTF_8));
             intValue = Math.abs(((bytes[0] & 0xFF) << 24) | ((bytes[1] & 0xFF) << 16)
                     | ((bytes[2] & 0xFF) << 8) | (bytes[3] & 0xFF));
 

desktop/src/main/java/bisq/desktop/main/overlays/editor/PeerInfoWithTagEditor.java

@@ -28,6 +28,7 @@
 import bisq.core.user.Preferences;
 
 import bisq.common.UserThread;
+import bisq.common.crypto.PubKeyRing;
 import bisq.common.util.Tuple3;
 import bisq.common.util.Utilities;
 
@@ -202,7 +203,9 @@ private void addContent() {
                 // otherwise the text input handler does not work.
                 doClose();
                 UserThread.runAfter(() -> {
-                    new SendPrivateNotificationWindow(offer.getPubKeyRing(), offer.getMakerNodeAddress(), useDevPrivilegeKeys)
+                    //TODO only taker could send msg as maker would use its own key from offer....
+                    PubKeyRing pubKeyRing = offer.getPubKeyRing();
+                    new SendPrivateNotificationWindow(pubKeyRing, offer.getMakerNodeAddress(), useDevPrivilegeKeys)
                             .onAddAlertMessage(privateNotificationManager::sendPrivateNotificationMessageIfKeyIsValid)
                             .show();
                 }, 100, TimeUnit.MILLISECONDS);

monitor/src/main/java/bisq/monitor/reporter/GraphiteReporter.java

@@ -28,8 +28,12 @@
 
 import org.berndpruenster.netlayer.tor.TorSocket;
 
-import java.io.IOException;
+import com.google.common.base.Charsets;
+
 import java.net.Socket;
+
+import java.io.IOException;
+
 import java.util.HashMap;
 import java.util.Map;
 
@@ -87,7 +91,7 @@ public void report(String key, String value, String timeInMilliseconds, String p
             else
                 socket = new Socket(nodeAddress.getHostName(), nodeAddress.getPort());
 
-            socket.getOutputStream().write(report.getBytes());
+            socket.getOutputStream().write(report.getBytes(Charsets.UTF_8));
             socket.close();
         } catch (IOException e) {
             // TODO Auto-generated catch block

p2p/src/main/java/bisq/network/DnsLookupTor.java

@@ -19,6 +19,8 @@
 
 import com.runjva.sourceforge.jsocks.protocol.Socks5Proxy;
 
+import com.google.common.base.Charsets;
+
 import java.net.InetAddress;
 import java.net.Socket;
 
@@ -80,7 +82,7 @@ public static InetAddress lookup(Socks5Proxy proxy, String host) throws DnsLooku
                 throw new DnsLookupException("Unrecognized Tor Auth Method");
             }
 
-            byte[] hostBytes = host.getBytes();
+            byte[] hostBytes = host.getBytes(Charsets.UTF_8);
             buf = new byte[7 + hostBytes.length];
             buf[0] = b('\u0005');
             buf[1] = b('\u00f0');

pricenode/src/main/java/bisq/price/spot/providers/BitcoinAverage.java

@@ -30,6 +30,8 @@
 import org.springframework.web.client.RestTemplate;
 import org.springframework.web.util.UriComponentsBuilder;
 
+import com.google.common.base.Charsets;
+
 import org.bouncycastle.util.encoders.Hex;
 
 import javax.crypto.Mac;
@@ -118,12 +120,12 @@ private Map<String, BitcoinAverageTicker> getTickersKeyedByCurrencyPair() {
 
     protected String getAuthSignature() {
         String payload = String.format("%s.%s", Instant.now().getEpochSecond(), pubKey);
-        return String.format("%s.%s", payload, Hex.toHexString(mac.doFinal(payload.getBytes())));
+        return String.format("%s.%s", payload, Hex.toHexString(mac.doFinal(payload.getBytes(Charsets.UTF_8))));
     }
 
     private static Mac initMac(String privKey) {
         String algorithm = "HmacSHA256";
-        SecretKey secretKey = new SecretKeySpec(privKey.getBytes(), algorithm);
+        SecretKey secretKey = new SecretKeySpec(privKey.getBytes(Charsets.UTF_8), algorithm);
         try {
             Mac mac = Mac.getInstance(algorithm);
             mac.init(secretKey);