Class DefaultEncryptionUtils

  • All Implemented Interfaces:
    EncryptionUtils

    public class DefaultEncryptionUtils
    extends java.lang.Object
    implements EncryptionUtils
    Various encryption utility methods.
    Since:
    4.0
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected boolean authenticate​(byte[] expectedMAC, MACUtils.MACInput macInput)  
      boolean authenticate​(javax.servlet.http.HttpServletRequest req, byte[] decryptedBody)
      Authenticate the http request: validate the MAC, check that the remote IP is as expected and that the timestamp is recent.
      boolean authenticateResponse​(org.apache.commons.httpclient.HttpMethod method, java.lang.String remoteIP, byte[] decryptedBody)
      Authenticate the http method response: validate the MAC, check that the remote IP is as expected and that the timestamp is recent.
      protected java.security.AlgorithmParameters decodeAlgorithmParameters​(javax.servlet.http.HttpServletRequest req)
      Decode cipher algorithm parameters from the HTTP method
      protected java.security.AlgorithmParameters decodeAlgorithmParameters​(org.apache.commons.httpclient.HttpMethod method)
      Decode cipher algorithm parameters from the HTTP method
      byte[] decryptBody​(javax.servlet.http.HttpServletRequest req)
      Decrypt the body of the http request
      byte[] decryptResponseBody​(org.apache.commons.httpclient.HttpMethod method)
      Decrypt the response body of the http method
      protected java.lang.String getLocalIPAddress()
      Get the local registered IP address for authentication purposes
      protected byte[] getMac​(javax.servlet.http.HttpServletRequest req)
      Get the MAC (Message Authentication Code) on the HTTP request
      java.lang.String getRemoteIP()  
      protected byte[] getResponseMac​(org.apache.commons.httpclient.HttpMethod res)
      Get the MAC (Message Authentication Code) on the HTTP response
      protected java.lang.Long getResponseTimestamp​(org.apache.commons.httpclient.HttpMethod method)
      Get the timestamp on the HTTP response
      protected java.lang.Long getTimestamp​(javax.servlet.http.HttpServletRequest method)
      Get the timestamp on the HTTP request
      protected void setAlgorithmParameters​(javax.servlet.http.HttpServletResponse response, java.security.AlgorithmParameters params)
      Set the algorithm parameters header on the HTTP response
      void setEncryptor​(Encryptor encryptor)  
      protected void setMac​(javax.servlet.http.HttpServletResponse response, byte[] mac)
      Set the MAC on the HTTP response
      void setMacUtils​(MACUtils macUtils)  
      void setMessageTimeout​(long messageTimeout)  
      void setRemoteIP​(java.lang.String remoteIP)  
      void setRequestAlgorithmParameters​(org.apache.commons.httpclient.HttpMethod method, java.security.AlgorithmParameters params)
      Set the algorithm parameters header on the method request
      void setRequestAuthentication​(org.apache.commons.httpclient.HttpMethod method, byte[] message)
      Encrypt the http method request body
      protected void setRequestMac​(org.apache.commons.httpclient.HttpMethod method, byte[] mac)  
      protected void setRequestTimestamp​(org.apache.commons.httpclient.HttpMethod method, long timestamp)
      Set the timestamp on the HTTP request
      void setResponseAuthentication​(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, byte[] responseBody, java.security.AlgorithmParameters params)
      Sets authentication headers on the HTTP response.
      protected void setTimestamp​(javax.servlet.http.HttpServletResponse res, long timestamp)
      Set the timestamp on the HTTP response
      protected boolean validateTimestamp​(long timestamp)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • logger

        protected static org.apache.commons.logging.Log logger
      • HEADER_ALGORITHM_PARAMETERS

        protected static java.lang.String HEADER_ALGORITHM_PARAMETERS
      • HEADER_MAC

        protected static java.lang.String HEADER_MAC
      • HEADER_TIMESTAMP

        protected static java.lang.String HEADER_TIMESTAMP
      • messageTimeout

        protected long messageTimeout
      • remoteIP

        protected java.lang.String remoteIP
      • localIP

        protected java.lang.String localIP
    • Constructor Detail

      • DefaultEncryptionUtils

        public DefaultEncryptionUtils()
    • Method Detail

      • getRemoteIP

        public java.lang.String getRemoteIP()
      • setRemoteIP

        public void setRemoteIP​(java.lang.String remoteIP)
      • getLocalIPAddress

        protected java.lang.String getLocalIPAddress()
        Get the local registered IP address for authentication purposes
        Returns:
        String
      • setMessageTimeout

        public void setMessageTimeout​(long messageTimeout)
      • setEncryptor

        public void setEncryptor​(Encryptor encryptor)
      • setMacUtils

        public void setMacUtils​(MACUtils macUtils)
      • setRequestMac

        protected void setRequestMac​(org.apache.commons.httpclient.HttpMethod method,
                                     byte[] mac)
      • setMac

        protected void setMac​(javax.servlet.http.HttpServletResponse response,
                              byte[] mac)
        Set the MAC on the HTTP response
        Parameters:
        response - HttpServletResponse
        mac - byte[]
      • getMac

        protected byte[] getMac​(javax.servlet.http.HttpServletRequest req)
                         throws java.io.IOException
        Get the MAC (Message Authentication Code) on the HTTP request
        Parameters:
        req - HttpServletRequest
        Returns:
        the MAC
        Throws:
        java.io.IOException
      • getResponseMac

        protected byte[] getResponseMac​(org.apache.commons.httpclient.HttpMethod res)
                                 throws java.io.IOException
        Get the MAC (Message Authentication Code) on the HTTP response
        Parameters:
        res - HttpMethod
        Returns:
        the MAC
        Throws:
        java.io.IOException
      • setRequestTimestamp

        protected void setRequestTimestamp​(org.apache.commons.httpclient.HttpMethod method,
                                           long timestamp)
        Set the timestamp on the HTTP request
        Parameters:
        method - HttpMethod
        timestamp - (ms, in UNIX time)
      • setTimestamp

        protected void setTimestamp​(javax.servlet.http.HttpServletResponse res,
                                    long timestamp)
        Set the timestamp on the HTTP response
        Parameters:
        res - HttpServletResponse
        timestamp - (ms, in UNIX time)
      • getResponseTimestamp

        protected java.lang.Long getResponseTimestamp​(org.apache.commons.httpclient.HttpMethod method)
                                               throws java.io.IOException
        Get the timestamp on the HTTP response
        Parameters:
        method - HttpMethod
        Returns:
        timestamp (ms, in UNIX time)
        Throws:
        java.io.IOException
      • getTimestamp

        protected java.lang.Long getTimestamp​(javax.servlet.http.HttpServletRequest method)
                                       throws java.io.IOException
        Get the timestamp on the HTTP request
        Parameters:
        method - HttpServletRequest
        Returns:
        timestamp (ms, in UNIX time)
        Throws:
        java.io.IOException
      • setRequestAlgorithmParameters

        public void setRequestAlgorithmParameters​(org.apache.commons.httpclient.HttpMethod method,
                                                  java.security.AlgorithmParameters params)
                                           throws java.io.IOException
        Set the algorithm parameters header on the method request
        Specified by:
        setRequestAlgorithmParameters in interface EncryptionUtils
        Throws:
        java.io.IOException
      • setAlgorithmParameters

        protected void setAlgorithmParameters​(javax.servlet.http.HttpServletResponse response,
                                              java.security.AlgorithmParameters params)
                                       throws java.io.IOException
        Set the algorithm parameters header on the HTTP response
        Parameters:
        response - HttpServletResponse
        params - AlgorithmParameters
        Throws:
        java.io.IOException
      • decodeAlgorithmParameters

        protected java.security.AlgorithmParameters decodeAlgorithmParameters​(org.apache.commons.httpclient.HttpMethod method)
                                                                       throws java.io.IOException
        Decode cipher algorithm parameters from the HTTP method
        Parameters:
        method - HttpMethod
        Returns:
        decoded algorithm parameters
        Throws:
        java.io.IOException
      • decodeAlgorithmParameters

        protected java.security.AlgorithmParameters decodeAlgorithmParameters​(javax.servlet.http.HttpServletRequest req)
                                                                       throws java.io.IOException
        Decode cipher algorithm parameters from the HTTP method
        Parameters:
        req -
        Returns:
        decoded algorithm parameters
        Throws:
        java.io.IOException
      • decryptResponseBody

        public byte[] decryptResponseBody​(org.apache.commons.httpclient.HttpMethod method)
                                   throws java.io.IOException
        Decrypt the response body of the http method
        Specified by:
        decryptResponseBody in interface EncryptionUtils
        Returns:
        decrypted response body
        Throws:
        java.io.IOException
      • decryptBody

        public byte[] decryptBody​(javax.servlet.http.HttpServletRequest req)
                           throws java.io.IOException
        Decrypt the body of the http request
        Specified by:
        decryptBody in interface EncryptionUtils
        Returns:
        decrypted response body
        Throws:
        java.io.IOException
      • authenticateResponse

        public boolean authenticateResponse​(org.apache.commons.httpclient.HttpMethod method,
                                            java.lang.String remoteIP,
                                            byte[] decryptedBody)
        Authenticate the http method response: validate the MAC, check that the remote IP is as expected and that the timestamp is recent.
        Specified by:
        authenticateResponse in interface EncryptionUtils
        Returns:
        true if the method reponse is authentic, false otherwise
      • authenticate

        public boolean authenticate​(javax.servlet.http.HttpServletRequest req,
                                    byte[] decryptedBody)
        Authenticate the http request: validate the MAC, check that the remote IP is as expected and that the timestamp is recent.
        Specified by:
        authenticate in interface EncryptionUtils
        Returns:
        true if the method request is authentic, false otherwise
      • setRequestAuthentication

        public void setRequestAuthentication​(org.apache.commons.httpclient.HttpMethod method,
                                             byte[] message)
                                      throws java.io.IOException
        Encrypt the http method request body
        Specified by:
        setRequestAuthentication in interface EncryptionUtils
        Throws:
        java.io.IOException
      • setResponseAuthentication

        public void setResponseAuthentication​(javax.servlet.http.HttpServletRequest httpRequest,
                                              javax.servlet.http.HttpServletResponse httpResponse,
                                              byte[] responseBody,
                                              java.security.AlgorithmParameters params)
                                       throws java.io.IOException
        Sets authentication headers on the HTTP response.
        Specified by:
        setResponseAuthentication in interface EncryptionUtils
        Throws:
        java.io.IOException
      • authenticate

        protected boolean authenticate​(byte[] expectedMAC,
                                       MACUtils.MACInput macInput)
      • validateTimestamp

        protected boolean validateTimestamp​(long timestamp)