From cf109f91ceabb8a0126e472b6603f6e04de1a839 Mon Sep 17 00:00:00 2001 From: Martin Blom Date: Thu, 7 Dec 2017 12:14:34 +0100 Subject: [PATCH] Added support for binary Hawk keys. --- .../main/java/com/wealdtech/hawk/Hawk.java | 2 +- .../com/wealdtech/hawk/HawkCredentials.java | 30 ++++++++++++++----- .../wealdtech/hawk/HawkCredentialsTest.java | 6 ++-- 3 files changed, 27 insertions(+), 11 deletions(-) diff --git a/hawk-core/src/main/java/com/wealdtech/hawk/Hawk.java b/hawk-core/src/main/java/com/wealdtech/hawk/Hawk.java index 3ea42f6..28588c5 100644 --- a/hawk-core/src/main/java/com/wealdtech/hawk/Hawk.java +++ b/hawk-core/src/main/java/com/wealdtech/hawk/Hawk.java @@ -254,7 +254,7 @@ public static String calculateMac(final HawkCredentials credentials, final Strin Mac mac = Mac.getInstance(credentials.getJavaAlgorithm()); try { - mac.init(new SecretKeySpec(credentials.getKey().getBytes("UTF-8"), credentials.getJavaAlgorithm())); + mac.init(new SecretKeySpec(credentials.getKey(), credentials.getJavaAlgorithm())); return BaseEncoding.base64().encode(mac.doFinal(text.getBytes("UTF-8"))); } catch (UnsupportedEncodingException uee) diff --git a/hawk-core/src/main/java/com/wealdtech/hawk/HawkCredentials.java b/hawk-core/src/main/java/com/wealdtech/hawk/HawkCredentials.java index 4d18c38..93a5f7e 100644 --- a/hawk-core/src/main/java/com/wealdtech/hawk/HawkCredentials.java +++ b/hawk-core/src/main/java/com/wealdtech/hawk/HawkCredentials.java @@ -19,6 +19,7 @@ import static com.wealdtech.Preconditions.*; import java.util.Locale; +import java.nio.charset.Charset; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonValue; @@ -66,7 +67,7 @@ public static Algorithm parse(final String algorithm) } private final String keyId; - private final String key; + private final byte[] key; private final Algorithm algorithm; private static final ImmutableMap JAVAALGORITHMS = new ImmutableMap.Builder() @@ -74,7 +75,10 @@ public static Algorithm parse(final String algorithm) .put(Algorithm.SHA256, "HmacSHA256") .build(); - private HawkCredentials(final String keyId, final String key, final Algorithm algorithm) + private static final Charset utf8 = Charset.forName("UTF-8"); + private static final Charset latin1 = Charset.forName("ISO-8859-1"); + + private HawkCredentials(final String keyId, final byte[] key, final Algorithm algorithm) { this.keyId = keyId; this.key = key; @@ -109,10 +113,10 @@ public String getKeyId() /** * Obtain the key. * - * @return the Key ID. Note that the key ID is a shared secret, and should be + * @return the Key. Note that the key is a shared secret, and should be * protected accordingly */ - public String getKey() + public byte[] getKey() { return this.key; } @@ -144,7 +148,7 @@ public String toString() { return Objects.toStringHelper(this) .add("keyId", this.getKeyId()) - .add("key", this.getKey()) + .add("key", java.util.Arrays.toString(this.getKey())) .add("algorithm", this.getAlgorithm()) .toString(); } @@ -166,7 +170,7 @@ public int compareTo(final HawkCredentials that) { return ComparisonChain.start() .compare(this.getKeyId(), that.getKeyId()) - .compare(this.getKey(), that.getKey()) + .compare(new String(this.getKey(), latin1), new String(that.getKey(), latin1)) .compare(this.getAlgorithm(), that.getAlgorithm()) .result(); } @@ -177,7 +181,7 @@ public int compareTo(final HawkCredentials that) public static class Builder { private String keyId; - private String key; + private byte[] key; private Algorithm algorithm; /** @@ -222,6 +226,18 @@ public Builder keyId(final String keyId) * @return the builder */ public Builder key(final String key) + { + return this.key(key != null ? key.getBytes(utf8) : null); + } + + /** + * Set the key. + * + * @param key + * the key + * @return the builder + */ + public Builder key(final byte[] key) { this.key = key; return this; diff --git a/hawk-core/src/test/java/test/com/wealdtech/hawk/HawkCredentialsTest.java b/hawk-core/src/test/java/test/com/wealdtech/hawk/HawkCredentialsTest.java index a6b572d..cf0bc1c 100644 --- a/hawk-core/src/test/java/test/com/wealdtech/hawk/HawkCredentialsTest.java +++ b/hawk-core/src/test/java/test/com/wealdtech/hawk/HawkCredentialsTest.java @@ -35,7 +35,7 @@ public void testModel() throws DataError .algorithm(HawkCredentials.Algorithm.SHA256) .build(); assertEquals(testhc1.getKeyId(), "testkeyid"); - assertEquals(testhc1.getKey(), "testkey"); + assertEquals(testhc1.getKey(), "testkey".getBytes()); assertEquals(testhc1.getAlgorithm().toString(), "sha256"); testhc1.toString(); testhc1.hashCode(); @@ -44,7 +44,7 @@ public void testModel() throws DataError final HawkCredentials testhc2 = new HawkCredentials.Builder(testhc1).keyId("testkeyid2").build(); assertEquals(testhc2.getKeyId(), "testkeyid2"); - assertEquals(testhc1.getKey(), "testkey"); + assertEquals(testhc1.getKey(), "testkey".getBytes()); assertEquals(testhc1.getAlgorithm().toString(), "sha256"); testhc2.toString(); testhc2.hashCode(); @@ -74,7 +74,7 @@ public void testNullKeyId() throws DataError { try { - new HawkCredentials.Builder().keyId("testkeyid").key(null).algorithm(HawkCredentials.Algorithm.SHA256).build(); + new HawkCredentials.Builder().keyId("testkeyid").key((String) null).algorithm(HawkCredentials.Algorithm.SHA256).build(); // Should not reach here fail(); }