From 0548fda9fd48c92459ef5d41539e6fd0a6d43b11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20K=C3=B6rber?= Date: Wed, 20 Sep 2017 20:53:26 +0200 Subject: [PATCH] Do not use compact JWS serialization Backport of commit 2eb59ef3 --- .../acme4j/connector/DefaultConnection.java | 8 +++++++- .../connector/DefaultConnectionTest.java | 19 +++++++++---------- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java b/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java index 998822ee..31f423a5 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java @@ -156,7 +156,13 @@ public class DefaultConnection implements Connection { jws.getHeaders().setJwkHeaderValue("jwk", jwk); jws.setAlgorithmHeaderValue(keyAlgorithm(jwk)); jws.setKey(keypair.getPrivate()); - byte[] outputData = jws.getCompactSerialization().getBytes(DEFAULT_CHARSET); + jws.sign(); + + JSONBuilder jb = new JSONBuilder(); + jb.put("protected", jws.getHeaders().getEncodedHeader()); + jb.put("payload", jws.getEncodedPayload()); + jb.put("signature", jws.getEncodedSignature()); + byte[] outputData = jb.toString().getBytes(DEFAULT_CHARSET); conn.setFixedLengthStreamingMode(outputData.length); conn.connect(); diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java index a1ab6e94..244eb0b4 100644 --- a/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java +++ b/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java @@ -542,11 +542,10 @@ public class DefaultConnectionTest { verify(mockUrlConnection, atLeast(0)).getHeaderFields(); verifyNoMoreInteractions(mockUrlConnection); - String serialized = new String(outputStream.toByteArray(), "utf-8"); - String[] written = CompactSerializer.deserialize(serialized); - String header = Base64Url.decodeToUtf8String(written[0]); - String claims = Base64Url.decodeToUtf8String(written[1]); - String signature = written[2]; + JSON data = JSON.parse(new String(outputStream.toByteArray(), "utf-8")); + String encodedHeader = data.get("protected").asString(); + String encodedSignature = data.get("signature").asString(); + String encodedPayload = data.get("payload").asString(); StringBuilder expectedHeader = new StringBuilder(); expectedHeader.append('{'); @@ -559,13 +558,13 @@ public class DefaultConnectionTest { expectedHeader.append("\"n\":\"").append(TestUtils.N).append("\""); expectedHeader.append("}}"); - assertThat(header, sameJSONAs(expectedHeader.toString())); - assertThat(claims, sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}")); - assertThat(signature, not(isEmptyOrNullString())); + assertThat(Base64Url.decodeToUtf8String(encodedHeader), sameJSONAs(expectedHeader.toString())); + assertThat(Base64Url.decodeToUtf8String(encodedPayload), sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}")); + assertThat(encodedSignature, not(isEmptyOrNullString())); JsonWebSignature jws = new JsonWebSignature(); - jws.setCompactSerialization(serialized); - jws.setKey(DefaultConnectionTest.this.session.getKeyPair().getPublic()); + jws.setCompactSerialization(CompactSerializer.serialize(encodedHeader, encodedPayload, encodedSignature)); + jws.setKey(session.getKeyPair().getPublic()); assertThat(jws.verifySignature(), is(true)); }