public RegisterRequest startRegistration(String appId, byte[] challenge) { return new RegisterRequest(Base64Util.base64urlencode(challenge), appId); }
public String base64Decode(String encoded) throws IllegalArgumentException, UnsupportedEncodingException { byte[] decoded = Base64Util.base64urldecode(encoded); return new String(decoded, "UTF-8"); }
} else { String keyHandleWithoutPading = Base64Util.base64urlencode(Base64Util.base64urldecode(keyHandle));
public DeviceRegistration(String keyHandle, String publicKey, X509Certificate attestationCert, long counter) throws BadInputException { this.keyHandle = keyHandle; try { String attestationCertDecoded = Base64Util.base64urlencode(attestationCert.getEncoded()); this.deviceRegistrationConfiguration = new DeviceRegistrationConfiguration(publicKey, attestationCertDecoded); } catch (CertificateEncodingException e) { throw new BadInputException("Malformed attestation certificate", e); } this.counter = counter; }
@JsonIgnore public X509Certificate getAttestationCertificate() throws CertificateException, NoSuchFieldException { if (attestationCert == null) { throw new NoSuchFieldException(); } return CertificateParser.parseDer(Base64Util.base64urldecode(attestationCert)); }
private void storeLogoutParametersInSession(SessionId sessionId) throws JsonGenerationException, JsonMappingException, IOException { Map<String, String> sessionAttributes = sessionId.getSessionAttributes(); LogoutParameters logoutParameters = new LogoutParameters(idTokenHint, postLogoutRedirectUri); String logoutParametersJson = jsonService.objectToJson(logoutParameters); String logoutParametersBase64 = Base64Util.base64urlencode(logoutParametersJson.getBytes(Util.UTF8_STRING_ENCODING)); sessionAttributes.put(EXTERNAL_LOGOUT, Boolean.toString(true)); sessionAttributes.put(EXTERNAL_LOGOUT_DATA, logoutParametersBase64); sessionIdService.updateSessionId(sessionId); }
private boolean restoreLogoutParametersFromSession(SessionId sessionId) throws IllegalArgumentException, JsonParseException, JsonMappingException, IOException { if (sessionId == null) { return false; } this.sessionId = sessionId; Map<String, String> sessionAttributes = sessionId.getSessionAttributes(); boolean restoreParameters = sessionAttributes.containsKey(EXTERNAL_LOGOUT); if (!restoreParameters) { return false; } String logoutParametersBase64 = sessionAttributes.get(EXTERNAL_LOGOUT_DATA); String logoutParametersJson = new String(Base64Util.base64urldecode(logoutParametersBase64), Util.UTF8_STRING_ENCODING); LogoutParameters logoutParameters = jsonService.jsonToObject(logoutParametersJson, LogoutParameters.class); this.idTokenHint = logoutParameters.getIdTokenHint(); this.postLogoutRedirectUri = logoutParameters.getPostLogoutRedirectUri(); return true; }
public String getEncodedJwt(JSONObject jwks) throws Exception { String encodedJwt = null; if (cryptoProvider == null) { throw new Exception("The Crypto Provider cannot be null."); } JSONObject headerJsonObject = headerToJSONObject(); JSONObject payloadJsonObject = getClaims(); String headerString = headerJsonObject.toString(); String payloadString = payloadJsonObject.toString(); String encodedHeader = Base64Util.base64urlencode(headerString.getBytes(Util.UTF8_STRING_ENCODING)); String encodedPayload = Base64Util.base64urlencode(payloadString.getBytes(Util.UTF8_STRING_ENCODING)); String signingInput = encodedHeader + "." + encodedPayload; String encodedSignature = cryptoProvider.sign(signingInput, keyId, sharedKey, signatureAlgorithm); encodedJwt = encodedHeader + "." + encodedPayload + "." + encodedSignature; return encodedJwt; }
@Test(dataProvider = "webKeysDataProvider") public void webKeyTest(final String n, final String e, final String x5c) throws CertificateException { showTitle("webKeyTest"); byte[] nBytes = Base64Util.base64urldecode(n); BigInteger modulus = new BigInteger(1, nBytes); byte[] eBytes = Base64Util.base64urldecode(e); BigInteger exponent = new BigInteger(1, eBytes); System.out.println("n: " + n); System.out.println("n: " + modulus); System.out.println("e: " + e); System.out.println("e: " + exponent); byte[] certBytes = Base64Util.base64urldecode(x5c); X509Certificate cert = new X509CertImpl(certBytes); PublicKey publicKey = cert.getPublicKey(); RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey; assertEquals(rsaPublicKey.getModulus(), modulus); assertEquals(rsaPublicKey.getPublicExponent(), exponent); }
public DeviceRegistration createDevice(RawRegisterResponse rawRegisterResponse) throws BadInputException { return new DeviceRegistration(Base64Util.base64urlencode(rawRegisterResponse.getKeyHandle()), Base64Util.base64urlencode(rawRegisterResponse .getUserPublicKey()), rawRegisterResponse.getAttestationCertificate(), INITIAL_DEVICE_COUNTER_VALUE); }
public RawAuthenticateResponse parseRawAuthenticateResponse(String rawDataBase64) { ByteDataInputStream bis = new ByteDataInputStream(Base64Util.base64urldecode(rawDataBase64)); try { return new RawAuthenticateResponse(bis.readSigned(), bis.readInt(), bis.readAll()); } catch (IOException ex) { throw new BadInputException("Failed to parse RAW authenticate response", ex); } finally { IOUtils.closeQuietly(bis); } }
public AuthenticateRequest startAuthentication(String appId, DeviceRegistration device, byte[] challenge) throws DeviceCompromisedException { if (device.isCompromised()) { throw new DeviceCompromisedException(device, "Device has been marked as compromised, cannot authenticate"); } return new AuthenticateRequest(Base64Util.base64urlencode(challenge), appId, device.getKeyHandle()); }
public List<DeviceRegistration> findDeviceRegistrationsByKeyHandle(String appId, String keyHandle, String ... returnAttributes) { if (org.xdi.util.StringHelper.isEmpty(appId) || StringHelper.isEmpty(keyHandle)) { return new ArrayList<DeviceRegistration>(0); } byte[] keyHandleDecoded = Base64Util.base64urldecode(keyHandle); String baseDn = userService.getDnForUser(null); Filter deviceObjectClassFilter = Filter.createEqualityFilter("objectClass", "oxDeviceRegistration"); Filter deviceHashCodeFilter = Filter.createEqualityFilter("oxDeviceHashCode", String.valueOf(getKeyHandleHashCode(keyHandleDecoded))); Filter deviceKeyHandleFilter = Filter.createEqualityFilter("oxDeviceKeyHandle", keyHandle); Filter appIdFilter = Filter.createEqualityFilter("oxApplication", appId); Filter filter = Filter.createANDFilter(deviceObjectClassFilter, deviceHashCodeFilter, appIdFilter, deviceKeyHandleFilter); return ldapEntryManager.findEntries(baseDn, DeviceRegistration.class, filter, returnAttributes); }
@Test public void testSecureClickRawAuthenticationResponse() { String secureClickResponseHex = "01010000 001a3044 0220652a 4248527f 805a6203 a903e820 20d9d871 3966614b f41b93c9 02c83a9f c56f0220 230283f9 8305f889 d379278b 5fde2e2f d3e68182 08dfff75 3e218b74 a6e56306"; byte[] secureClickResponseBytes = Hex.decode(secureClickResponseHex); // Base64 URL encode to allow consume by API String u2fResponseBase64 = Base64Util.base64urlencode(secureClickResponseBytes); RawAuthenticateResponse rawAuthenticateResponse = rawAuthenticationService.parseRawAuthenticateResponse(u2fResponseBase64); assertNotNull(rawAuthenticateResponse); }
@Test public void setClaimTestJsonObj() { try { String stringJson = StringUtil.fromBytes(Base64Util.base64urldecode("eyJzYWx0IjoibWFjbmgiLCJwcm92aWRlciI6ImlkcDEifQ==")); JSONObject jobj = new JSONObject(stringJson); JwtClaims claims = new JwtClaims(); claims.setClaim("test_claim", jobj); assertEquals(jobj, claims.toJsonObject().get("test_claim")); } catch (Exception ex) { fail(ex.getMessage()); } }
@Override public String sign(String signingInput, String keyId, String sharedSecret, SignatureAlgorithm signatureAlgorithm) throws Exception { RSAPrivateKey privateKey = ((RSAKey) JWK.parse(senderJwkJson)).toRSAPrivateKey(); Signature signature = Signature.getInstance(signatureAlgorithm.getAlgorithm(), "BC"); signature.initSign(privateKey); signature.update(signingInput.getBytes()); return Base64Util.base64urlencode(signature.sign()); }
public RawRegisterResponse parseRawRegisterResponse(String rawDataBase64) throws BadInputException { ByteDataInputStream bis = new ByteDataInputStream(Base64Util.base64urldecode(rawDataBase64)); try { try { byte reservedByte = bis.readSigned(); if (reservedByte != REGISTRATION_RESERVED_BYTE_VALUE) { throw new BadInputException("Incorrect value of reserved byte. Expected: " + REGISTRATION_RESERVED_BYTE_VALUE + ". Was: " + reservedByte); } return new RawRegisterResponse(bis.read(65), bis.read(bis.readUnsigned()), CertificateParser.parseDer(bis), bis.readAll()); } catch (IOException ex) { throw new BadInputException("Failed to parse RAW register response", ex); } catch (CertificateException e) { throw new BadInputException("Malformed attestation certificate", e); } } finally { IOUtils.closeQuietly(bis); } }
byte[] lefMostHalf = new byte[digest.length / 2]; System.arraycopy(digest, 0, lefMostHalf, 0, lefMostHalf.length); hash = Base64Util.base64urlencode(lefMostHalf);
private boolean testDecryptNimbusJoseJwt(String jwe) { try { EncryptedJWT encryptedJwt = EncryptedJWT.parse(jwe); //EncryptedJWT encryptedJwt = EncryptedJWT.parse(encryptWithGluu()); //EncryptedJWT encryptedJwt = EncryptedJWT.parse(encryptWithNimbus()); JWK jwk = JWK.parse(recipientJwkJson); RSAPrivateKey rsaPrivateKey = ((RSAKey) jwk).toRSAPrivateKey(); JWEDecrypter decrypter = new RSADecrypter(rsaPrivateKey); decrypter.getJCAContext().setProvider(BouncyCastleProviderSingleton.getInstance()); encryptedJwt.decrypt(decrypter); final String decryptedPayload = new String(Base64Util.base64urldecode(encryptedJwt.getPayload().toString())); System.out.println("Nimbusds decrypt succeed: " + decryptedPayload); if (decryptedPayload.equals(PAYLOAD)) { return true; } } catch (Exception e) { System.out.println("Nimbusds decrypt failed: " + e.getMessage()); e.printStackTrace(); } return false; }
requestJwt = entity; } else { String hash = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(entity)); if (StringUtils.equals(reqUriHash, hash)) { requestJwt = entity;