abdera-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jmsn...@apache.org
Subject svn commit: r562761 - in /incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util: Constants.java DHContext.java servlet/DHEncryptedRequestFilter.java servlet/DHEncryptedResponseFilter.java
Date Sat, 04 Aug 2007 20:33:15 GMT
Author: jmsnell
Date: Sat Aug  4 13:33:14 2007
New Revision: 562761

URL: http://svn.apache.org/viewvc?view=rev&rev=562761
Log:
Use Accept-Encryption and Content-Encrypted headers instead of X-DH.
I'll update the AES filter to match later

Modified:
    incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/Constants.java
    incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/DHContext.java
    incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedRequestFilter.java
    incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedResponseFilter.java

Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/Constants.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/Constants.java?view=diff&rev=562761&r1=562760&r2=562761
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/Constants.java
(original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/Constants.java
Sat Aug  4 13:33:14 2007
@@ -21,6 +21,8 @@
 
 public final class Constants {
 
+  public static final String CONTENT_ENCRYPTED = "Content-Encrypted";
+  public static final String ACCEPT_ENCRYPTION = "Accept-Encryption";
   Constants() {}
   
   public static final String DSIG_NS = "http://www.w3.org/2000/09/xmldsig#";

Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/DHContext.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/DHContext.java?view=diff&rev=562761&r1=562760&r2=562761
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/DHContext.java
(original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/DHContext.java
Sat Aug  4 13:33:14 2007
@@ -90,6 +90,7 @@
   
   public String getRequestString() {
     StringBuffer buf = new StringBuffer();
+    buf.append("DH ");
     buf.append("p=");
     buf.append(p.toString());
     buf.append(", ");
@@ -106,6 +107,7 @@
   
   public String getResponseString() {
     StringBuffer buf = new StringBuffer();
+    buf.append("DH ");
     buf.append("k=");
     buf.append(Base64.encode(keyPair.getPublic().getEncoded()));
     return buf.toString();
@@ -133,7 +135,10 @@
       throws NoSuchAlgorithmException, 
              InvalidAlgorithmParameterException, 
              InvalidKeySpecException {
-    String[] params = dh.split("\\s*,\\s*");
+    String[] segments = dh.split("\\s+",2);
+    if (!segments[0].equalsIgnoreCase("DH"))
+      throw new IllegalArgumentException();
+    String[] params = segments[1].split("\\s*,\\s*");
     byte[] key = null;
     for (String param : params) {
       String name = param.substring(0,param.indexOf("="));
@@ -186,7 +191,10 @@
     String dh) 
       throws NoSuchAlgorithmException, 
              InvalidKeySpecException {
-    String[] tokens = dh.split("\\s*,\\s*");
+    String[] segments = dh.split("\\s+",2);
+    if (!segments[0].equalsIgnoreCase("DH"))
+      throw new IllegalArgumentException();
+    String[] tokens = segments[1].split("\\s*,\\s*");
     byte[] key = null;
     for (String token : tokens) {
       String name = token.substring(0,token.indexOf("="));

Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedRequestFilter.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedRequestFilter.java?view=diff&rev=562761&r1=562760&r2=562761
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedRequestFilter.java
(original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedRequestFilter.java
Sat Aug  4 13:33:14 2007
@@ -26,6 +26,7 @@
 
 import org.apache.abdera.security.Encryption;
 import org.apache.abdera.security.EncryptionOptions;
+import org.apache.abdera.security.util.Constants;
 import org.apache.abdera.security.util.DHContext;
 
 /**
@@ -49,7 +50,7 @@
     ServletRequest request, 
     ServletResponse response ) {
     String method = ((HttpServletRequest)request).getMethod();
-    // include a X-DH header in the response to GET, HEAD and OPTIONS requests
+    // include a Accept-Encryption header in the response to GET, HEAD and OPTIONS requests
     // the header will specify all the information the client needs to construct
     // it's own DH context and encrypt the request
     if ("GET".equalsIgnoreCase(method) || 
@@ -57,7 +58,7 @@
         "OPTIONS".equalsIgnoreCase(method)) {
       DHContext context = new DHContext();
       ((HttpServletResponse)response).setHeader(
-        DHEncryptedResponseFilter.DH, 
+        Constants.ACCEPT_ENCRYPTION, 
         context.getRequestString());
       ((HttpServletRequest) request).getSession(true).setAttribute(
         "dhcontext", context);
@@ -69,7 +70,7 @@
     DHContext context = 
       (DHContext) ((HttpServletRequest)request).
         getSession(true).getAttribute("dhcontext");
-    String dh = ((HttpServletRequest)request).getHeader(DHEncryptedResponseFilter.DH);
+    String dh = ((HttpServletRequest)request).getHeader(Constants.CONTENT_ENCRYPTED);
     if (context != null && dh != null && dh.length() > 0) {
       try {
         context.setPublicKey(dh);

Modified: incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedResponseFilter.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedResponseFilter.java?view=diff&rev=562761&r1=562760&r2=562761
==============================================================================
--- incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedResponseFilter.java
(original)
+++ incubator/abdera/java/trunk/security/src/main/java/org/apache/abdera/security/util/servlet/DHEncryptedResponseFilter.java
Sat Aug  4 13:33:14 2007
@@ -24,13 +24,14 @@
 
 import org.apache.abdera.security.Encryption;
 import org.apache.abdera.security.EncryptionOptions;
+import org.apache.abdera.security.util.Constants;
 import org.apache.abdera.security.util.DHContext;
 
 /**
  * A Servlet Filter that uses Diffie-Hellman Key Exchange to encrypt 
- * Atom documents.  The HTTP request must include a X-DH header in the form:
+ * Atom documents.  The HTTP request must include an Accept-Encryption header in the form:
  * 
- * X-DH: p={dh_p}, g={dh_g}, l={dh_l}, k={base64_pubkey}
+ * Accept-Encryption: DH p={dh_p}, g={dh_g}, l={dh_l}, k={base64_pubkey}
  * 
  * Example AbderaClient Code:
  * <pre>
@@ -38,12 +39,12 @@
  *   Abdera abdera = new Abdera();
  *   CommonsClient client = new CommonsClient(abdera);
  *   RequestOptions options = client.getDefaultRequestOptions();
- *   options.setHeader("X-DH", context.getRequestString());
+ *   options.setHeader("Accept-Encryption", context.getRequestString());
  *   
  *   ClientResponse response = client.get("http://localhost:8080/TestWeb/test",options);
  *   Document<Element> doc = response.getDocument();
  *   
- *   String dh_ret = response.getHeader("X-DH");
+ *   String dh_ret = response.getHeader("Content-Encrypted");
  *   if (dh_ret != null) {
  *     context.setPublicKey(dh_ret);
  *     AbderaSecurity absec = new AbderaSecurity(abdera);
@@ -69,8 +70,6 @@
  */
 public class DHEncryptedResponseFilter 
   extends BCEncryptedResponseFilter {
-
-  public static final String DH = "X-DH";
     
   protected boolean doEncryption(ServletRequest request, Object arg) {
     return arg != null;
@@ -96,12 +95,12 @@
   }
   
   private void returnPublicKey(HttpServletResponse response, DHContext context) {
-    response.setHeader(DH,context.getResponseString());
+    response.setHeader(Constants.CONTENT_ENCRYPTED,context.getResponseString());
   }
   
   private DHContext getDHContext(HttpServletRequest request) {
     try {
-      String dh_req = request.getHeader(DH);
+      String dh_req = request.getHeader(Constants.ACCEPT_ENCRYPTION);
       if (dh_req == null || dh_req.length() == 0) return null;
       return new DHContext(dh_req);
     } catch (Exception e) {



Mime
View raw message