You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by rb...@apache.org on 2013/08/26 19:44:23 UTC
svn commit: r1517617 - in /shindig/trunk/java/common/src:
main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java
test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenTest.java
test/java/org/apache/shindig/common/crypto/CryptoTest.java
Author: rbaxter85
Date: Mon Aug 26 17:44:22 2013
New Revision: 1517617
URL: http://svn.apache.org/r1517617
Log:
fix for configurable to support different SHA algorithm
SHINDIG-1930
Committed For Zhi Hong Yang
Modified:
shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenTest.java
shindig/trunk/java/common/src/test/java/org/apache/shindig/common/crypto/CryptoTest.java
Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java?rev=1517617&r1=1517616&r2=1517617&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java Mon Aug 26 17:44:22 2013
@@ -240,8 +240,8 @@ public class BasicBlobCrypter implements
public Map<String, String> unwrap(String in) throws BlobCrypterException {
try {
byte[] bin = Base64.decodeBase64(CharsetUtil.getUtf8Bytes(in));
- byte[] hmac = new byte[Crypto.HMAC_SHA_LEN];
- byte[] cipherText = new byte[bin.length-Crypto.HMAC_SHA_LEN];
+ byte[] hmac = new byte[hmacType.getLength()];
+ byte[] cipherText = new byte[bin.length-hmacType.getLength()];
System.arraycopy(bin, 0, cipherText, 0, cipherText.length);
System.arraycopy(bin, cipherText.length, hmac, 0, hmac.length);
Crypto.hmacShaVerify(hmacKey, cipherText, hmac, hmacType.getName());
Modified: shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenTest.java?rev=1517617&r1=1517616&r2=1517617&view=diff
==============================================================================
--- shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenTest.java (original)
+++ shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenTest.java Mon Aug 26 17:44:22 2013
@@ -22,7 +22,9 @@ import static org.junit.Assert.assertEqu
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
+import java.util.ArrayList;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
@@ -44,55 +46,71 @@ public class BlobCrypterSecurityTokenTes
private FakeTimeSource timeSource = new FakeTimeSource();
private BasicBlobCrypter crypter;
+ private BasicBlobCrypter crypter256;
+ private BasicBlobCrypter crypter384;
+ private BasicBlobCrypter crypter512;
+ private List<BasicBlobCrypter> crypters = new ArrayList<BasicBlobCrypter>();
@Before
public void setUp() {
crypter = new BasicBlobCrypter(Crypto.getRandomBytes(20),HMACType.HMACSHA1);
+ crypter256 = new BasicBlobCrypter(Crypto.getRandomBytes(20),HMACType.HMACSHA256);
+ crypter384 = new BasicBlobCrypter(Crypto.getRandomBytes(20),HMACType.HMACSHA384);
+ crypter512 = new BasicBlobCrypter(Crypto.getRandomBytes(20),HMACType.HMACSHA512);
+ crypters.add(crypter);
+ crypters.add(crypter256);
+ crypters.add(crypter384);
+ crypters.add(crypter512);
crypter.timeSource = timeSource;
}
@Test
public void testNullValues() throws Exception {
- BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, null);
- String token = t.getContainer() + ":" + crypter.wrap(t.toMap());
- assertTrue("should start with container: " + token, token.startsWith("container:"));
- String[] fields = StringUtils.split(token, ':');
- BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, crypter.unwrap(fields[1]));
-
- assertNull(t2.getAppId(), t2.getAppId());
- assertNull(t2.getAppUrl(), t2.getAppUrl());
- assertEquals(DOMAIN, t2.getDomain());
- assertEquals(0, t2.getModuleId());
- assertNull(t2.getOwnerId(), t2.getOwnerId());
- assertNull(t2.getViewerId(), t2.getViewerId());
- assertNull(t2.getTrustedJson(), t2.getTrustedJson());
- assertNull(t2.getUpdatedToken(), t2.getUpdatedToken());
- assertEquals(CONTAINER, t2.getContainer());
- assertNull(t2.getActiveUrl(), t2.getActiveUrl());
+ for (BasicBlobCrypter crypter: crypters) {
+ BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, null);
+ String token = t.getContainer() + ":" + crypter.wrap(t.toMap());
+ assertTrue("should start with container: " + token, token.startsWith("container:"));
+ String[] fields = StringUtils.split(token, ':');
+ BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, crypter.unwrap(fields[1]));
+
+ assertNull(t2.getAppId(), t2.getAppId());
+ assertNull(t2.getAppUrl(), t2.getAppUrl());
+ assertEquals(DOMAIN, t2.getDomain());
+ assertEquals(0, t2.getModuleId());
+ assertNull(t2.getOwnerId(), t2.getOwnerId());
+ assertNull(t2.getViewerId(), t2.getViewerId());
+ assertNull(t2.getTrustedJson(), t2.getTrustedJson());
+ assertNull(t2.getUpdatedToken(), t2.getUpdatedToken());
+ assertEquals(CONTAINER, t2.getContainer());
+ assertNull(t2.getActiveUrl(), t2.getActiveUrl());
+ }
}
@Test
public void testRealValues() throws Exception {
- Map<String, String> values = new HashMap<String, String>();
- values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml");
- values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10));
- values.put(Keys.OWNER.getKey(), "owner");
- values.put(Keys.VIEWER.getKey(), "viewer");
- values.put(Keys.TRUSTED_JSON.getKey(), "trusted");
-
- BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, values);
- String token = t.getContainer() + ":" + crypter.wrap(t.toMap());
- assertTrue("should start with container: " + token, token.startsWith("container:"));
- String[] fields = StringUtils.split(token, ':');
- BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, "active", crypter.unwrap(fields[1]));
- assertEquals("http://www.example.com/gadget.xml", t2.getAppId());
- assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl());
- assertEquals(DOMAIN, t2.getDomain());
- assertEquals(12345L, t2.getModuleId());
- assertEquals("owner", t2.getOwnerId());
- assertEquals("viewer", t2.getViewerId());
- assertEquals("trusted", t2.getTrustedJson());
- assertEquals(CONTAINER, t2.getContainer());
- assertEquals("active", t2.getActiveUrl());
+ for (BasicBlobCrypter crypter: crypters) {
+ Map<String, String> values = new HashMap<String, String>();
+ values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml");
+ values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10));
+ values.put(Keys.OWNER.getKey(), "owner");
+ values.put(Keys.VIEWER.getKey(), "viewer");
+ values.put(Keys.TRUSTED_JSON.getKey(), "trusted");
+
+ BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, null, values);
+ String token = t.getContainer() + ":" + crypter.wrap(t.toMap());
+ assertTrue("should start with container: " + token, token.startsWith("container:"));
+ String[] fields = StringUtils.split(token, ':');
+ BlobCrypterSecurityToken t2 = new BlobCrypterSecurityToken(CONTAINER, DOMAIN, "active", crypter.unwrap(fields[1]));
+ assertEquals("http://www.example.com/gadget.xml", t2.getAppId());
+ assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl());
+ assertEquals(DOMAIN, t2.getDomain());
+ assertEquals(12345L, t2.getModuleId());
+ assertEquals("owner", t2.getOwnerId());
+ assertEquals("viewer", t2.getViewerId());
+ assertEquals("trusted", t2.getTrustedJson());
+ assertEquals(CONTAINER, t2.getContainer());
+ assertEquals("active", t2.getActiveUrl());
+ }
}
+
}
Modified: shindig/trunk/java/common/src/test/java/org/apache/shindig/common/crypto/CryptoTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/crypto/CryptoTest.java?rev=1517617&r1=1517616&r2=1517617&view=diff
==============================================================================
--- shindig/trunk/java/common/src/test/java/org/apache/shindig/common/crypto/CryptoTest.java (original)
+++ shindig/trunk/java/common/src/test/java/org/apache/shindig/common/crypto/CryptoTest.java Mon Aug 26 17:44:22 2013
@@ -60,7 +60,74 @@ public class CryptoTest {
Crypto.hmacShaVerify(key.getBytes(), val.getBytes(), expected,HMACType.HMACSHA1.getName());
}
+ @Test
+ public void testHmacSha256() throws Exception {
+ String key = "abcd1234";
+ String val = "your mother is a hedgehog";
+ byte[] expected = { 69, -128, -5, 20, 94, -46, -40, 46, 43, -24, -76, -93,
+ -28, -70, 3, 93, 101, 124, 111, -56, 124, -38, 103, 41, 83, -53, -45,
+ 36, -21, 73, -10, -32, };
+ byte[] hmac = Crypto.hmacSha(key.getBytes(), val.getBytes(),HMACType.HMACSHA256.getName());
+ assertArrayEquals(expected, hmac);
+ }
+
+ @Test
+ public void testHmacSha256Verify() throws Exception {
+ String key = "abcd1234";
+ String val = "your mother is a hedgehog";
+ byte[] expected = { 69, -128, -5, 20, 94, -46, -40, 46, 43, -24, -76, -93,
+ -28, -70, 3, 93, 101, 124, 111, -56, 124, -38, 103, 41, 83, -53, -45,
+ 36, -21, 73, -10, -32, };
+ Crypto.hmacShaVerify(key.getBytes(), val.getBytes(), expected,HMACType.HMACSHA256.getName());
+ }
+
+ @Test
+ public void testHmacSha384() throws Exception {
+ String key = "abcd1234";
+ String val = "your mother is a hedgehog";
+ byte[] expected = { 66, -117, 24, -112, 19, -58, 80, 27, -117, 23, 107, 41,
+ -118, -3, 100, -61, 42, 77, 50, 70, -28, 85, -39, -55, 47, 42, 106,
+ 116, -26, 72, 76, -101, 67, -37, -56, 5, -85, 117, -51, -95, -18, -100,
+ 81, 69, 9, 105, 70, 99, };
+ byte[] hmac = Crypto.hmacSha(key.getBytes(), val.getBytes(),HMACType.HMACSHA384.getName());
+ assertArrayEquals(expected, hmac);
+ }
+ @Test
+ public void testHmacSha384Verify() throws Exception {
+ String key = "abcd1234";
+ String val = "your mother is a hedgehog";
+ byte[] expected = { 66, -117, 24, -112, 19, -58, 80, 27, -117, 23, 107, 41,
+ -118, -3, 100, -61, 42, 77, 50, 70, -28, 85, -39, -55, 47, 42, 106,
+ 116, -26, 72, 76, -101, 67, -37, -56, 5, -85, 117, -51, -95, -18, -100,
+ 81, 69, 9, 105, 70, 99, };
+ Crypto.hmacShaVerify(key.getBytes(), val.getBytes(), expected,HMACType.HMACSHA384.getName());
+ }
+
+ @Test
+ public void testHmacSha512() throws Exception {
+ String key = "abcd1234";
+ String val = "your mother is a hedgehog";
+ byte[] expected = { -40, -114, 57, 41, -97, -13, 13, 106, -71, 72, -54, 97,
+ -50, -109, -115, -24, -68, 82, 73, -97, 46, -21, -128, -40, 73, 41, 43,
+ 61, 20, 35, 79, 90, -27, 83, -1, -64, -128, 49, -118, -117, 34, -63,
+ -51, 87, -85, 120, -9, -107, 29, 106, -48, 51, 105, -56, 86, -52, 18,
+ -45, -81, -6, 0, 16, 67, 90, };
+ byte[] hmac = Crypto.hmacSha(key.getBytes(), val.getBytes(),HMACType.HMACSHA512.getName());
+ assertArrayEquals(expected, hmac);
+ }
+
+ @Test
+ public void testHmacSha512Verify() throws Exception {
+ String key = "abcd1234";
+ String val = "your mother is a hedgehog";
+ byte[] expected = { -40, -114, 57, 41, -97, -13, 13, 106, -71, 72, -54, 97,
+ -50, -109, -115, -24, -68, 82, 73, -97, 46, -21, -128, -40, 73, 41, 43,
+ 61, 20, 35, 79, 90, -27, 83, -1, -64, -128, 49, -118, -117, 34, -63,
+ -51, 87, -85, 120, -9, -107, 29, 106, -48, 51, 105, -56, 86, -52, 18,
+ -45, -81, -6, 0, 16, 67, 90, };
+ Crypto.hmacShaVerify(key.getBytes(), val.getBytes(), expected,HMACType.HMACSHA512.getName());
+ }
@Test(expected = GeneralSecurityException.class)
public void testHmacSha1VerifyTampered() throws Exception {
String key = "abcd1234";