Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id EB2D3200CAF for ; Thu, 22 Jun 2017 13:45:35 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id E9E89160BF1; Thu, 22 Jun 2017 11:45:35 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 18B12160BE5 for ; Thu, 22 Jun 2017 13:45:34 +0200 (CEST) Received: (qmail 92395 invoked by uid 500); 22 Jun 2017 11:45:34 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 92381 invoked by uid 99); 22 Jun 2017 11:45:34 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Jun 2017 11:45:34 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 284DADFB92; Thu, 22 Jun 2017 11:45:34 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Date: Thu, 22 Jun 2017 11:45:34 -0000 Message-Id: <92b4a2c5b4f644428218d2fddececd6a@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [1/2] cxf git commit: [CXF-7420] Adding the file archived-at: Thu, 22 Jun 2017 11:45:36 -0000 Repository: cxf Updated Branches: refs/heads/3.1.x-fixes df314e5d9 -> 4ae1b339d [CXF-7420] Adding the file Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4ae1b339 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4ae1b339 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4ae1b339 Branch: refs/heads/3.1.x-fixes Commit: 4ae1b339de709659e4881e2a00b4d09b531909d0 Parents: cc6f6e8 Author: Sergey Beryozkin Authored: Thu Jun 22 12:44:01 2017 +0100 Committer: Sergey Beryozkin Committed: Thu Jun 22 12:45:17 2017 +0100 ---------------------------------------------------------------------- .../rs/security/jose/jwe/JweCompactBuilder.java | 129 +++++++++++++++++++ 1 file changed, 129 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/4ae1b339/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactBuilder.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactBuilder.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactBuilder.java new file mode 100644 index 0000000..c11322a --- /dev/null +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactBuilder.java @@ -0,0 +1,129 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.rs.security.jose.jwe; + +import java.io.IOException; +import java.io.OutputStream; + +import org.apache.cxf.common.util.Base64UrlUtility; +import org.apache.cxf.common.util.StringUtils; +import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter; + + +public class JweCompactBuilder { + private StringBuilder jweContentBuilder; + private String encodedEncryptedContent; + private String encodedAuthTag; + public JweCompactBuilder(JweHeaders headers, + byte[] encryptedContentEncryptionKey, + byte[] cipherInitVector, + byte[] encryptedContentNoTag, + byte[] authenticationTag) { + this(getHeadersJson(headers), encryptedContentEncryptionKey, + cipherInitVector, encryptedContentNoTag, authenticationTag); + } + + public JweCompactBuilder(String headersJson, + byte[] encryptedContentEncryptionKey, + byte[] cipherInitVector, + byte[] encryptedContentNoTag, + byte[] authenticationTag) { + jweContentBuilder = startJweContent(new StringBuilder(), headersJson, + encryptedContentEncryptionKey, cipherInitVector); + this.encodedEncryptedContent = Base64UrlUtility.encode(encryptedContentNoTag); + this.encodedAuthTag = Base64UrlUtility.encode(authenticationTag); + + } + + public JweCompactBuilder(JweHeaders headers, + byte[] encryptedContentEncryptionKey, + byte[] cipherInitVector, + byte[] encryptedContentWithTag, + int authTagLengthBits) { + jweContentBuilder = startJweContent(new StringBuilder(), headers, + encryptedContentEncryptionKey, cipherInitVector); + this.encodedEncryptedContent = Base64UrlUtility.encodeChunk( + encryptedContentWithTag, + 0, + encryptedContentWithTag.length - authTagLengthBits / 8); + this.encodedAuthTag = Base64UrlUtility.encodeChunk( + encryptedContentWithTag, + encryptedContentWithTag.length - authTagLengthBits / 8, + authTagLengthBits / 8); + + } + public static String startJweContent(JweHeaders headers, + byte[] encryptedContentEncryptionKey, + byte[] cipherInitVector) { + return startJweContent(new StringBuilder(), + headers, encryptedContentEncryptionKey, cipherInitVector).toString(); + } + public static StringBuilder startJweContent(StringBuilder sb, + JweHeaders headers, + byte[] encryptedContentEncryptionKey, + byte[] cipherInitVector) { + return startJweContent(sb, + getHeadersJson(headers), + encryptedContentEncryptionKey, + cipherInitVector); + } + private static String getHeadersJson(JweHeaders headers) { + return new JsonMapObjectReaderWriter().toJson(headers); + + } + public static StringBuilder startJweContent(StringBuilder sb, + String headersJson, + byte[] encryptedContentEncryptionKey, + byte[] cipherInitVector) { + String encodedHeaders = Base64UrlUtility.encode(headersJson); + String encodedContentEncryptionKey = Base64UrlUtility.encode(encryptedContentEncryptionKey); + String encodedInitVector = Base64UrlUtility.encode(cipherInitVector); + sb.append(encodedHeaders) + .append('.') + .append(encodedContentEncryptionKey == null ? "" : encodedContentEncryptionKey) + .append('.') + .append(encodedInitVector == null ? "" : encodedInitVector) + .append('.'); + return sb; + } + + public static void startJweContent(OutputStream os, + JweHeaders headers, + byte[] encryptedContentEncryptionKey, + byte[] cipherInitVector) throws IOException { + byte[] jsonBytes = StringUtils.toBytesUTF8(getHeadersJson(headers)); + Base64UrlUtility.encodeAndStream(jsonBytes, 0, jsonBytes.length, os); + byte[] dotBytes = new byte[]{'.'}; + os.write(dotBytes); + Base64UrlUtility.encodeAndStream(encryptedContentEncryptionKey, 0, + encryptedContentEncryptionKey.length, os); + os.write(dotBytes); + Base64UrlUtility.encodeAndStream(cipherInitVector, 0, cipherInitVector.length, os); + os.write(dotBytes); + os.flush(); + } + + public String getJweContent() { + return jweContentBuilder.append(encodedEncryptedContent) + .append('.') + .append(encodedAuthTag) + .toString(); + } +}