|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.alfresco.encryption.DefaultEncryptionUtils
public class DefaultEncryptionUtils
Various encryption utility methods.
Field Summary | |
---|---|
protected Encryptor |
encryptor
|
protected static java.lang.String |
HEADER_ALGORITHM_PARAMETERS
|
protected static java.lang.String |
HEADER_MAC
|
protected static java.lang.String |
HEADER_TIMESTAMP
|
protected java.lang.String |
localIP
|
protected static org.apache.commons.logging.Log |
logger
|
protected MACUtils |
macUtils
|
protected long |
messageTimeout
|
protected java.lang.String |
remoteIP
|
Constructor Summary | |
---|---|
DefaultEncryptionUtils()
|
Method Summary | |
---|---|
protected boolean |
authenticate(byte[] expectedMAC,
MACUtils.MACInput macInput)
|
boolean |
authenticate(javax.servlet.http.HttpServletRequest req,
byte[] decryptedBody)
Authenticate the http request: validate the MAC, check that the remote IP is as expected and that the timestamp is recent. |
boolean |
authenticateResponse(org.apache.commons.httpclient.HttpMethod method,
java.lang.String remoteIP,
byte[] decryptedBody)
Authenticate the http method response: validate the MAC, check that the remote IP is as expected and that the timestamp is recent. |
protected java.security.AlgorithmParameters |
decodeAlgorithmParameters(org.apache.commons.httpclient.HttpMethod method)
Decode cipher algorithm parameters from the HTTP method |
protected java.security.AlgorithmParameters |
decodeAlgorithmParameters(javax.servlet.http.HttpServletRequest req)
Decode cipher algorithm parameters from the HTTP method |
byte[] |
decryptBody(javax.servlet.http.HttpServletRequest req)
Decrypt the body of the http request |
byte[] |
decryptResponseBody(org.apache.commons.httpclient.HttpMethod method)
Decrypt the response body of the http method |
protected java.lang.String |
getLocalIPAddress()
Get the local registered IP address for authentication purposes |
protected byte[] |
getMac(javax.servlet.http.HttpServletRequest req)
Get the MAC (Message Authentication Code) on the HTTP request |
java.lang.String |
getRemoteIP()
|
protected byte[] |
getResponseMac(org.apache.commons.httpclient.HttpMethod res)
Get the MAC (Message Authentication Code) on the HTTP response |
protected java.lang.Long |
getResponseTimestamp(org.apache.commons.httpclient.HttpMethod method)
Get the timestamp on the HTTP response |
protected java.lang.Long |
getTimestamp(javax.servlet.http.HttpServletRequest method)
Get the timestamp on the HTTP request |
protected void |
setAlgorithmParameters(javax.servlet.http.HttpServletResponse response,
java.security.AlgorithmParameters params)
Set the algorithm parameters header on the HTTP response |
void |
setEncryptor(Encryptor encryptor)
|
protected void |
setMac(javax.servlet.http.HttpServletResponse response,
byte[] mac)
Set the MAC on the HTTP response |
void |
setMacUtils(MACUtils macUtils)
|
void |
setMessageTimeout(long messageTimeout)
|
void |
setRemoteIP(java.lang.String remoteIP)
|
void |
setRequestAlgorithmParameters(org.apache.commons.httpclient.HttpMethod method,
java.security.AlgorithmParameters params)
Set the algorithm parameters header on the method request |
void |
setRequestAuthentication(org.apache.commons.httpclient.HttpMethod method,
byte[] message)
Encrypt the http method request body |
protected void |
setRequestMac(org.apache.commons.httpclient.HttpMethod method,
byte[] mac)
|
protected void |
setRequestTimestamp(org.apache.commons.httpclient.HttpMethod method,
long timestamp)
Set the timestamp on the HTTP request |
void |
setResponseAuthentication(javax.servlet.http.HttpServletRequest httpRequest,
javax.servlet.http.HttpServletResponse httpResponse,
byte[] responseBody,
java.security.AlgorithmParameters params)
Sets authentication headers on the HTTP response. |
protected void |
setTimestamp(javax.servlet.http.HttpServletResponse res,
long timestamp)
Set the timestamp on the HTTP response |
protected boolean |
validateTimestamp(long timestamp)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected static org.apache.commons.logging.Log logger
protected static java.lang.String HEADER_ALGORITHM_PARAMETERS
protected static java.lang.String HEADER_MAC
protected static java.lang.String HEADER_TIMESTAMP
protected Encryptor encryptor
protected MACUtils macUtils
protected long messageTimeout
protected java.lang.String remoteIP
protected java.lang.String localIP
Constructor Detail |
---|
public DefaultEncryptionUtils()
Method Detail |
---|
public java.lang.String getRemoteIP()
public void setRemoteIP(java.lang.String remoteIP)
protected java.lang.String getLocalIPAddress()
public void setMessageTimeout(long messageTimeout)
public void setEncryptor(Encryptor encryptor)
public void setMacUtils(MACUtils macUtils)
protected void setRequestMac(org.apache.commons.httpclient.HttpMethod method, byte[] mac)
protected void setMac(javax.servlet.http.HttpServletResponse response, byte[] mac)
response
- mac
- protected byte[] getMac(javax.servlet.http.HttpServletRequest req) throws java.io.IOException
req
-
java.io.IOException
protected byte[] getResponseMac(org.apache.commons.httpclient.HttpMethod res) throws java.io.IOException
res
-
java.io.IOException
protected void setRequestTimestamp(org.apache.commons.httpclient.HttpMethod method, long timestamp)
method
- timestamp
- (ms, in UNIX time)protected void setTimestamp(javax.servlet.http.HttpServletResponse res, long timestamp)
res
- timestamp
- (ms, in UNIX time)protected java.lang.Long getResponseTimestamp(org.apache.commons.httpclient.HttpMethod method) throws java.io.IOException
method
-
java.io.IOException
protected java.lang.Long getTimestamp(javax.servlet.http.HttpServletRequest method) throws java.io.IOException
method
-
java.io.IOException
public void setRequestAlgorithmParameters(org.apache.commons.httpclient.HttpMethod method, java.security.AlgorithmParameters params) throws java.io.IOException
setRequestAlgorithmParameters
in interface EncryptionUtils
java.io.IOException
protected void setAlgorithmParameters(javax.servlet.http.HttpServletResponse response, java.security.AlgorithmParameters params) throws java.io.IOException
response
- params
-
java.io.IOException
protected java.security.AlgorithmParameters decodeAlgorithmParameters(org.apache.commons.httpclient.HttpMethod method) throws java.io.IOException
method
-
java.io.IOException
protected java.security.AlgorithmParameters decodeAlgorithmParameters(javax.servlet.http.HttpServletRequest req) throws java.io.IOException
req
-
java.io.IOException
public byte[] decryptResponseBody(org.apache.commons.httpclient.HttpMethod method) throws java.io.IOException
decryptResponseBody
in interface EncryptionUtils
java.io.IOException
public byte[] decryptBody(javax.servlet.http.HttpServletRequest req) throws java.io.IOException
decryptBody
in interface EncryptionUtils
java.io.IOException
public boolean authenticateResponse(org.apache.commons.httpclient.HttpMethod method, java.lang.String remoteIP, byte[] decryptedBody)
authenticateResponse
in interface EncryptionUtils
public boolean authenticate(javax.servlet.http.HttpServletRequest req, byte[] decryptedBody)
authenticate
in interface EncryptionUtils
public void setRequestAuthentication(org.apache.commons.httpclient.HttpMethod method, byte[] message) throws java.io.IOException
setRequestAuthentication
in interface EncryptionUtils
java.io.IOException
public void setResponseAuthentication(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, byte[] responseBody, java.security.AlgorithmParameters params) throws java.io.IOException
setResponseAuthentication
in interface EncryptionUtils
java.io.IOException
protected boolean authenticate(byte[] expectedMAC, MACUtils.MACInput macInput)
protected boolean validateTimestamp(long timestamp)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |