cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1563141 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src: main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java
Date Fri, 31 Jan 2014 14:56:57 GMT
Author: sergeyb
Date: Fri Jan 31 14:56:57 2014
New Revision: 1563141

URL: http://svn.apache.org/r1563141
Log:
[CXF-5513] Adding a test involving both cert and secret key

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java?rev=1563141&r1=1563140&r2=1563141&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtils.java
Fri Jan 31 14:56:57 2014
@@ -20,6 +20,7 @@
 package org.apache.cxf.rs.security.oauth2.utils;
 
 import java.security.Key;
+import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.spec.AlgorithmParameterSpec;
@@ -41,9 +42,28 @@ public final class EncryptionUtils {
     private EncryptionUtils() {
     }
     
-    public static String getEncodedSecretKey(SecretKey key) throws Exception {
+    public static String encodeSecretKey(SecretKey key) throws Exception {
         try {
-            return Base64UrlUtility.encode(key.getEncoded());
+            return encodeBytes(key.getEncoded());
+        } catch (Exception ex) {
+            throw new OAuthServiceException(ex);
+        }
+    }
+    
+    public static String encryptSecretKey(SecretKey secretKey, PublicKey publicKey) throws
Exception {
+        SecretKeyProperties props = new SecretKeyProperties();
+        props.setCompressionSupported(false);
+        return encryptSecretKey(secretKey, publicKey, props);
+    }
+    
+    public static String encryptSecretKey(SecretKey secretKey, 
+                                          PublicKey publicKey,
+                                          SecretKeyProperties props) throws Exception {
+        try {
+            byte[] encryptedBytes = encryptBytes(secretKey.getEncoded(), 
+                                                 publicKey,
+                                                 props);
+            return encodeBytes(encryptedBytes);
         } catch (Exception ex) {
             throw new OAuthServiceException(ex);
         }
@@ -104,7 +124,7 @@ public final class EncryptionUtils {
                                               SecretKeyProperties props) {
         try {
             byte[] encryptedBytes = decodeSequence(encodedData);
-            byte[] bytes = processBytes(encryptedBytes, secretKey, props, Cipher.DECRYPT_MODE);
+            byte[] bytes = decryptBytes(encryptedBytes, secretKey, props);
             return new String(bytes, "UTF-8");
         } catch (Exception ex) {
             throw new OAuthServiceException(ex);
@@ -118,17 +138,38 @@ public final class EncryptionUtils {
     public static String encryptSequence(String sequence, Key secretKey,
                                          SecretKeyProperties keyProps) {
         try {
-            byte[] bytes = processBytes(sequence.getBytes("UTF-8"), 
-                                        secretKey,
-                                        keyProps,
-                                        Cipher.ENCRYPT_MODE);
+            byte[] bytes = encryptBytes(sequence.getBytes("UTF-8"), secretKey, keyProps);
+            return encodeBytes(bytes);
+        } catch (Exception ex) {
+            throw new OAuthServiceException(ex);
+        }
+    }
+    
+    public static String encodeBytes(byte[] bytes) throws Exception {
+        try {
             return Base64UrlUtility.encode(bytes);
         } catch (Exception ex) {
             throw new OAuthServiceException(ex);
         }
     }
     
-    public static byte[] processBytes(byte[] bytes, 
+    public static byte[] encryptBytes(byte[] bytes, Key secretKey) {
+        return encryptBytes(bytes, secretKey, null);
+    }
+    
+    public static byte[] encryptBytes(byte[] bytes, Key secretKey, SecretKeyProperties keyProps)
{
+        return processBytes(bytes, secretKey, keyProps, Cipher.ENCRYPT_MODE);
+    }
+    
+    public static byte[] decryptBytes(byte[] bytes, Key secretKey) {
+        return decryptBytes(bytes, secretKey, null);
+    }
+    
+    public static byte[] decryptBytes(byte[] bytes, Key secretKey, SecretKeyProperties keyProps)
{
+        return processBytes(bytes, secretKey, keyProps, Cipher.DECRYPT_MODE);
+    }
+    
+    private static byte[] processBytes(byte[] bytes, 
                                       Key secretKey, 
                                       SecretKeyProperties keyProps, 
                                       int mode) {
@@ -183,6 +224,10 @@ public final class EncryptionUtils {
         return result;
     }
     
+    public static SecretKey decodeSecretKey(String encodedSecretKey) {
+        return decodeSecretKey(encodedSecretKey, "AES");
+    }
+    
     public static SecretKey decodeSecretKey(String encodedSecretKey, String algo) {
         try {
             byte[] secretKeyBytes = decodeSequence(encodedSecretKey);
@@ -192,6 +237,24 @@ public final class EncryptionUtils {
         }
     }
     
+    public static SecretKey decryptSecretKey(String encodedEncryptedSecretKey, PrivateKey
privateKey) {
+        SecretKeyProperties props = new SecretKeyProperties();
+        props.setCompressionSupported(false);
+        return decryptSecretKey(encodedEncryptedSecretKey, props, privateKey);
+    }
+    
+    public static SecretKey decryptSecretKey(String encodedEncryptedSecretKey, 
+                                             SecretKeyProperties props,
+                                             PrivateKey privateKey) {
+        try {
+            byte[] encryptedBytes = decodeSequence(encodedEncryptedSecretKey);
+            byte[] descryptedBytes = decryptBytes(encryptedBytes, privateKey, props);
+            return new SecretKeySpec(descryptedBytes, props.getKeyAlgo());
+        } catch (Exception ex) {
+            throw new OAuthServiceException(ex);
+        }
+    }
+    
     public static byte[] decodeSequence(String encodedSequence) {
         try {
             return Base64UrlUtility.decode(encodedSequence);

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java?rev=1563141&r1=1563140&r2=1563141&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/EncryptionUtilsTest.java
Fri Jan 31 14:56:57 2014
@@ -28,6 +28,7 @@ import java.security.PublicKey;
 import java.util.Collections;
 import java.util.List;
 
+import javax.crypto.SecretKey;
 import javax.ws.rs.core.MediaType;
 
 import org.apache.cxf.jaxrs.impl.MetadataMap;
@@ -85,6 +86,27 @@ public class EncryptionUtilsTest extends
     }
     
     @Test
+    public void testBearerTokenCertAndSecretKey() throws Exception {
+        AccessTokenRegistration atr = prepareTokenRegistration();
+        BearerAccessToken token = p.createAccessTokenInternal(atr);
+        
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+        KeyPair keyPair = kpg.generateKeyPair();
+        PublicKey publicKey = keyPair.getPublic();
+        PrivateKey privateKey = keyPair.getPrivate();
+        
+        SecretKey secretKey = EncryptionUtils.getSecretKey();
+        String encryptedSecretKey = EncryptionUtils.encryptSecretKey(secretKey, publicKey);
+        
+        String encryptedToken = ModelEncryptionSupport.encryptAccessToken(token, secretKey);
+        token.setTokenKey(encryptedToken);
+        SecretKey decryptedSecretKey = EncryptionUtils.decryptSecretKey(encryptedSecretKey,
privateKey);
+        ServerAccessToken token2 = ModelEncryptionSupport.decryptAccessToken(p, encryptedToken,
decryptedSecretKey);
+        // compare tokens
+        compareAccessTokens(token, token2);
+    }
+    
+    @Test
     public void testBearerTokenJSON() throws Exception {
         AccessTokenRegistration atr = prepareTokenRegistration();
         



Mime
View raw message