From 658003bc567478c122a3f6845b5abac77b9134b1 Mon Sep 17 00:00:00 2001
From: Aleksey Sazonov <acmi831@gmail.com>
Date: Sun, 4 Feb 2018 10:51:27 +0400
Subject: [PATCH] enforce string charset

---
 .../ironz/binaryprefs/encryption/XorKeyEncryption.java    | 7 +++++--
 .../serialization/serializer/StringSerializer.java        | 8 ++++++--
 .../serialization/serializer/StringSetSerializer.java     | 7 +++++--
 3 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/library/src/main/java/com/ironz/binaryprefs/encryption/XorKeyEncryption.java b/library/src/main/java/com/ironz/binaryprefs/encryption/XorKeyEncryption.java
index 2346932..5199ee9 100644
--- a/library/src/main/java/com/ironz/binaryprefs/encryption/XorKeyEncryption.java
+++ b/library/src/main/java/com/ironz/binaryprefs/encryption/XorKeyEncryption.java
@@ -2,10 +2,13 @@
 
 import com.ironz.binaryprefs.exception.EncryptionException;
 
+import java.nio.charset.Charset;
 import java.util.Arrays;
 
 public final class XorKeyEncryption implements KeyEncryption {
 
+    private static final Charset CHARSET = Charset.forName("UTF-8");
+
     private static final String SMALL_XOR_MESSAGE = "XOR must be at least 16 bytes";
     private static final String MIRRORED_XOR_MESSAGE = "XOR must not be mirrored";
 
@@ -47,7 +50,7 @@ private boolean isEven() {
 
     @Override
     public String encrypt(String name) {
-        byte[] original = name.getBytes();
+        byte[] original = name.getBytes(CHARSET);
         byte[] bytes = xorName(original);
         return safeEncoder.encodeToString(bytes);
     }
@@ -56,7 +59,7 @@ public String encrypt(String name) {
     public String decrypt(String name) {
         byte[] decode = safeEncoder.decode(name);
         byte[] bytes = xorName(decode);
-        return new String(bytes);
+        return new String(bytes, CHARSET);
     }
 
     private byte[] xorName(byte[] original) {
diff --git a/library/src/main/java/com/ironz/binaryprefs/serialization/serializer/StringSerializer.java b/library/src/main/java/com/ironz/binaryprefs/serialization/serializer/StringSerializer.java
index 4224efd..e977c6e 100644
--- a/library/src/main/java/com/ironz/binaryprefs/serialization/serializer/StringSerializer.java
+++ b/library/src/main/java/com/ironz/binaryprefs/serialization/serializer/StringSerializer.java
@@ -1,10 +1,14 @@
 package com.ironz.binaryprefs.serialization.serializer;
 
+import java.nio.charset.Charset;
+
 /**
  * {@code String} to byte array implementation and backwards
  */
 public final class StringSerializer {
 
+    private static final Charset CHARSET = Charset.forName("UTF-8");
+
     /**
      * Uses for detecting byte array type of {@link String}
      */
@@ -27,7 +31,7 @@ public final class StringSerializer {
      * @return specific byte array with scheme.
      */
     public byte[] serialize(String s) {
-        byte[] stringBytes = s.getBytes();
+        byte[] stringBytes = s.getBytes(CHARSET);
         byte[] b = new byte[stringBytes.length + FLAG_OFFSET];
         b[0] = FLAG;
         System.arraycopy(stringBytes, 0, b, FLAG_OFFSET, stringBytes.length);
@@ -53,7 +57,7 @@ public String deserialize(byte[] bytes) {
      * @return deserialized String
      */
     public String deserialize(byte[] bytes, int offset, int length) {
-        return new String(bytes, FLAG_OFFSET + offset, length);
+        return new String(bytes, FLAG_OFFSET + offset, length, CHARSET);
     }
 
     public boolean isMatches(byte flag) {
diff --git a/library/src/main/java/com/ironz/binaryprefs/serialization/serializer/StringSetSerializer.java b/library/src/main/java/com/ironz/binaryprefs/serialization/serializer/StringSetSerializer.java
index 07c3e44..5f59081 100644
--- a/library/src/main/java/com/ironz/binaryprefs/serialization/serializer/StringSetSerializer.java
+++ b/library/src/main/java/com/ironz/binaryprefs/serialization/serializer/StringSetSerializer.java
@@ -1,5 +1,6 @@
 package com.ironz.binaryprefs.serialization.serializer;
 
+import java.nio.charset.Charset;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.Set;
@@ -9,6 +10,8 @@
  */
 public final class StringSetSerializer {
 
+    private static final Charset CHARSET = Charset.forName("UTF-8");
+
     /**
      * Uses for detecting byte array type of {@link Set} of {@link String}
      */
@@ -32,7 +35,7 @@ public byte[] serialize(Set<String> set) {
         int totalArraySize = 1;
 
         for (String s : set) {
-            byte[] stringBytes = s.getBytes();
+            byte[] stringBytes = s.getBytes(CHARSET);
             byte[] stringSizeBytes = intToBytes(stringBytes.length);
 
             byte[] merged = new byte[stringBytes.length + stringSizeBytes.length];
@@ -96,7 +99,7 @@ public Set<String> deserialize(byte[] bytes) {
                     stringBytes[k] = bytes[stringOffset];
                 }
 
-                set.add(new String(stringBytes));
+                set.add(new String(stringBytes, CHARSET));
 
                 i += integerBytesSize + stringSize;
             }