DefaultEncryptionUtils (Alfresco Core API)

java.lang.Object
- org.alfresco.encryption.DefaultEncryptionUtils

All Implemented Interfaces:: EncryptionUtils

public class DefaultEncryptionUtils
extends java.lang.Object
implements EncryptionUtils

Various encryption utility methods.

Since:: 4.0

Field Summary

Fields
Modifier and Type	Field and Description
`protected Encryptor`	`encryptor`
`protected static java.lang.String`	`HEADER_ALGORITHM_PARAMETERS`
`protected static java.lang.String`	`HEADER_MAC`
`protected static java.lang.String`	`HEADER_TIMESTAMP`
`protected java.lang.String`	`localIP`
`protected static org.apache.commons.logging.Log`	`logger`
`protected MACUtils`	`macUtils`
`protected long`	`messageTimeout`
`protected java.lang.String`	`remoteIP`

Constructor Summary

Constructors
Constructor and Description

DefaultEncryptionUtils()

Constructors
Constructor and Description
`DefaultEncryptionUtils()`

Method Summary

Methods
Modifier and Type	Method and Description
`protected boolean`	`authenticate(byte[] expectedMAC, MACUtils.MACInput macInput)`
`boolean`	`authenticate(javax.servlet.http.HttpServletRequest req, byte[] decryptedBody)` Authenticate the http request: validate the MAC, check that the remote IP is as expected and that the timestamp is recent.
`boolean`	`authenticateResponse(org.apache.commons.httpclient.HttpMethod method, java.lang.String remoteIP, byte[] decryptedBody)` Authenticate the http method response: validate the MAC, check that the remote IP is as expected and that the timestamp is recent.
`protected java.security.AlgorithmParameters`	`decodeAlgorithmParameters(org.apache.commons.httpclient.HttpMethod method)` Decode cipher algorithm parameters from the HTTP method
`protected java.security.AlgorithmParameters`	`decodeAlgorithmParameters(javax.servlet.http.HttpServletRequest req)` Decode cipher algorithm parameters from the HTTP method
`byte[]`	`decryptBody(javax.servlet.http.HttpServletRequest req)` Decrypt the body of the http request
`byte[]`	`decryptResponseBody(org.apache.commons.httpclient.HttpMethod method)` Decrypt the response body of the http method
`protected java.lang.String`	`getLocalIPAddress()` Get the local registered IP address for authentication purposes
`protected byte[]`	`getMac(javax.servlet.http.HttpServletRequest req)` Get the MAC (Message Authentication Code) on the HTTP request
`java.lang.String`	`getRemoteIP()`
`protected byte[]`	`getResponseMac(org.apache.commons.httpclient.HttpMethod res)` Get the MAC (Message Authentication Code) on the HTTP response
`protected java.lang.Long`	`getResponseTimestamp(org.apache.commons.httpclient.HttpMethod method)` Get the timestamp on the HTTP response
`protected java.lang.Long`	`getTimestamp(javax.servlet.http.HttpServletRequest method)` Get the timestamp on the HTTP request
`protected void`	`setAlgorithmParameters(javax.servlet.http.HttpServletResponse response, java.security.AlgorithmParameters params)` Set the algorithm parameters header on the HTTP response
`void`	`setEncryptor(Encryptor encryptor)`
`protected void`	`setMac(javax.servlet.http.HttpServletResponse response, byte[] mac)` Set the MAC on the HTTP response
`void`	`setMacUtils(MACUtils macUtils)`
`void`	`setMessageTimeout(long messageTimeout)`
`void`	`setRemoteIP(java.lang.String remoteIP)`
`void`	`setRequestAlgorithmParameters(org.apache.commons.httpclient.HttpMethod method, java.security.AlgorithmParameters params)` Set the algorithm parameters header on the method request
`void`	`setRequestAuthentication(org.apache.commons.httpclient.HttpMethod method, byte[] message)` Encrypt the http method request body
`protected void`	`setRequestMac(org.apache.commons.httpclient.HttpMethod method, byte[] mac)`
`protected void`	`setRequestTimestamp(org.apache.commons.httpclient.HttpMethod method, long timestamp)` Set the timestamp on the HTTP request
`void`	`setResponseAuthentication(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, byte[] responseBody, java.security.AlgorithmParameters params)` Sets authentication headers on the HTTP response.
`protected void`	`setTimestamp(javax.servlet.http.HttpServletResponse res, long timestamp)` Set the timestamp on the HTTP response
`protected boolean`	`validateTimestamp(long timestamp)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

protected static org.apache.commons.logging.Log logger

HEADER_ALGORITHM_PARAMETERS

protected static java.lang.String HEADER_ALGORITHM_PARAMETERS

HEADER_MAC

protected static java.lang.String HEADER_MAC

HEADER_TIMESTAMP

protected static java.lang.String HEADER_TIMESTAMP

encryptor
```
protected Encryptor encryptor
```

macUtils
```
protected MACUtils macUtils
```

messageTimeout
```
protected long messageTimeout
```

remoteIP
```
protected java.lang.String remoteIP
```

localIP
```
protected java.lang.String localIP
```

Constructor Detail
- DefaultEncryptionUtils
```
public DefaultEncryptionUtils()
```

Method Detail

getRemoteIP
```
public java.lang.String getRemoteIP()
```

setRemoteIP

public void setRemoteIP(java.lang.String remoteIP)

getLocalIPAddress
```
protected java.lang.String getLocalIPAddress()
```
Get the local registered IP address for authentication purposes

Returns:

setMessageTimeout

public void setMessageTimeout(long messageTimeout)

setEncryptor

public void setEncryptor(Encryptor encryptor)

setMacUtils

public void setMacUtils(MACUtils macUtils)

setRequestMac

protected void setRequestMac(org.apache.commons.httpclient.HttpMethod method,
                 byte[] mac)

setMac

protected void setMac(javax.servlet.http.HttpServletResponse response,
          byte[] mac)

Set the MAC on the HTTP response

Parameters:: response -; mac -

getMac
```
protected byte[] getMac(javax.servlet.http.HttpServletRequest req)
                 throws java.io.IOException
```
Get the MAC (Message Authentication Code) on the HTTP request

Parameters:
req -

Returns:
the MAC

Throws:

java.io.IOException

getResponseMac

protected byte[] getResponseMac(org.apache.commons.httpclient.HttpMethod res)
                         throws java.io.IOException

Get the MAC (Message Authentication Code) on the HTTP response

Parameters:: res -
Returns:: the MAC
Throws:: java.io.IOException

setRequestTimestamp

protected void setRequestTimestamp(org.apache.commons.httpclient.HttpMethod method,
                       long timestamp)

Set the timestamp on the HTTP request

Parameters:: method -; timestamp - (ms, in UNIX time)

setTimestamp

protected void setTimestamp(javax.servlet.http.HttpServletResponse res,
                long timestamp)

Set the timestamp on the HTTP response

Parameters:: res -; timestamp - (ms, in UNIX time)

getResponseTimestamp

protected java.lang.Long getResponseTimestamp(org.apache.commons.httpclient.HttpMethod method)
                                       throws java.io.IOException

Get the timestamp on the HTTP response

Parameters:: method -
Returns:: timestamp (ms, in UNIX time)
Throws:: java.io.IOException

getTimestamp

protected java.lang.Long getTimestamp(javax.servlet.http.HttpServletRequest method)
                               throws java.io.IOException

Get the timestamp on the HTTP request

Parameters:: method -
Returns:: timestamp (ms, in UNIX time)
Throws:: java.io.IOException

setRequestAlgorithmParameters

public void setRequestAlgorithmParameters(org.apache.commons.httpclient.HttpMethod method,
                                 java.security.AlgorithmParameters params)
                                   throws java.io.IOException

Set the algorithm parameters header on the method request

Specified by:: setRequestAlgorithmParameters in interface EncryptionUtils
Throws:: java.io.IOException

setAlgorithmParameters

protected void setAlgorithmParameters(javax.servlet.http.HttpServletResponse response,
                          java.security.AlgorithmParameters params)
                               throws java.io.IOException

Set the algorithm parameters header on the HTTP response

Parameters:: response -; params -
Throws:: java.io.IOException

decodeAlgorithmParameters

protected java.security.AlgorithmParameters decodeAlgorithmParameters(org.apache.commons.httpclient.HttpMethod method)
                                                               throws java.io.IOException

Decode cipher algorithm parameters from the HTTP method

Parameters:: method -
Returns:: decoded algorithm parameters
Throws:: java.io.IOException

decodeAlgorithmParameters

protected java.security.AlgorithmParameters decodeAlgorithmParameters(javax.servlet.http.HttpServletRequest req)
                                                               throws java.io.IOException

Decode cipher algorithm parameters from the HTTP method

Parameters:: req -
Returns:: decoded algorithm parameters
Throws:: java.io.IOException

decryptResponseBody
```
public byte[] decryptResponseBody(org.apache.commons.httpclient.HttpMethod method)
                           throws java.io.IOException
```
Decrypt the response body of the http method

Specified by:

decryptResponseBody in interface EncryptionUtils

Returns:
decrypted response body

Throws:

java.io.IOException

decryptBody
```
public byte[] decryptBody(javax.servlet.http.HttpServletRequest req)
                   throws java.io.IOException
```
Decrypt the body of the http request

Specified by:

decryptBody in interface EncryptionUtils

Returns:
decrypted response body

Throws:

java.io.IOException

authenticateResponse
```
public boolean authenticateResponse(org.apache.commons.httpclient.HttpMethod method,
                           java.lang.String remoteIP,
                           byte[] decryptedBody)
```
Authenticate the http method response: validate the MAC, check that the remote IP is as expected and that the timestamp is recent.

Specified by:

authenticateResponse in interface EncryptionUtils

Returns:
true if the method reponse is authentic, false otherwise

authenticate
```
public boolean authenticate(javax.servlet.http.HttpServletRequest req,
                   byte[] decryptedBody)
```
Authenticate the http request: validate the MAC, check that the remote IP is as expected and that the timestamp is recent.

Specified by:

authenticate in interface EncryptionUtils

Returns:
true if the method request is authentic, false otherwise

setRequestAuthentication

public void setRequestAuthentication(org.apache.commons.httpclient.HttpMethod method,
                            byte[] message)
                              throws java.io.IOException

Encrypt the http method request body

Specified by:: setRequestAuthentication in interface EncryptionUtils
Throws:: java.io.IOException

setResponseAuthentication

public void setResponseAuthentication(javax.servlet.http.HttpServletRequest httpRequest,
                             javax.servlet.http.HttpServletResponse httpResponse,
                             byte[] responseBody,
                             java.security.AlgorithmParameters params)
                               throws java.io.IOException

Sets authentication headers on the HTTP response.

Specified by:: setResponseAuthentication in interface EncryptionUtils
Throws:: java.io.IOException

authenticate

protected boolean authenticate(byte[] expectedMAC,
                   MACUtils.MACInput macInput)

validateTimestamp

protected boolean validateTimestamp(long timestamp)

Class DefaultEncryptionUtils

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

logger

HEADER_ALGORITHM_PARAMETERS

HEADER_MAC

HEADER_TIMESTAMP

encryptor

macUtils

messageTimeout

remoteIP

localIP

Constructor Detail

DefaultEncryptionUtils

Method Detail

getRemoteIP

setRemoteIP

getLocalIPAddress

setMessageTimeout

setEncryptor

setMacUtils

setRequestMac

setMac

getMac

getResponseMac

setRequestTimestamp

setTimestamp

getResponseTimestamp

getTimestamp

setRequestAlgorithmParameters

setAlgorithmParameters

decodeAlgorithmParameters

decodeAlgorithmParameters

decryptResponseBody

decryptBody

authenticateResponse

authenticate

setRequestAuthentication

setResponseAuthentication

authenticate

validateTimestamp