public Map<String, String> unwrap(String in, int maxAgeSec) throws BlobCrypterException { try { byte[] bin = Base64.decodeBase64(in.getBytes("UTF-8")); byte[] hmac = new byte[Crypto.HMAC_SHA1_LEN]; byte[] cipherText = new byte[bin.length-Crypto.HMAC_SHA1_LEN]; System.arraycopy(bin, 0, cipherText, 0, cipherText.length); System.arraycopy(bin, cipherText.length, hmac, 0, hmac.length); Crypto.hmacSha1Verify(hmacKey, cipherText, hmac); byte[] plain = Crypto.aes128cbcDecrypt(cipherKey, cipherText); Map<String, String> out = deserialize(plain); checkTimestamp(out, maxAgeSec); return out; } catch (GeneralSecurityException e) { throw new BlobCrypterException("Invalid token signature", e); } catch (ArrayIndexOutOfBoundsException e) { throw new BlobCrypterException("Invalid token format", e); } catch (NegativeArraySizeException e) { throw new BlobCrypterException("Invalid token format", e); } catch (UnsupportedEncodingException e) { throw new BlobCrypterException(e); } }
public Map<String, String> unwrap(String in, int maxAgeSec) throws BlobCrypterException { try { byte[] bin = Base64.decodeBase64(in.getBytes("UTF-8")); byte[] hmac = new byte[Crypto.HMAC_SHA1_LEN]; byte[] cipherText = new byte[bin.length-Crypto.HMAC_SHA1_LEN]; System.arraycopy(bin, 0, cipherText, 0, cipherText.length); System.arraycopy(bin, cipherText.length, hmac, 0, hmac.length); Crypto.hmacSha1Verify(hmacKey, cipherText, hmac); byte[] plain = Crypto.aes128cbcDecrypt(cipherKey, cipherText); Map<String, String> out = deserialize(plain); checkTimestamp(out, maxAgeSec); return out; } catch (GeneralSecurityException e) { throw new BlobCrypterException("Invalid token signature", e); } catch (ArrayIndexOutOfBoundsException e) { throw new BlobCrypterException("Invalid token format", e); } catch (NegativeArraySizeException e) { throw new BlobCrypterException("Invalid token format", e); } catch (UnsupportedEncodingException e) { throw new BlobCrypterException(e); } }