Do not use compact JWS serialization

2017-08-17 22:38:56 +02:00 · 2017-08-17 22:38:56 +02:00 · 2eb59ef364
parent 514b67bb70
commit 2eb59ef364
2 changed files with 22 additions and 19 deletions
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java
@ -190,6 +190,7 @@ public class DefaultConnection implements Connection {

            jws.setAlgorithmHeaderValue(keyAlgorithm(jwk));
            jws.setKey(keypair.getPrivate());
+            jws.sign();

            if (LOG.isDebugEnabled()) {
                LOG.debug("POST {}", url);
@ -197,7 +198,11 @@ public class DefaultConnection implements Connection {
                LOG.debug("  JWS Header: {}", jws.getHeaders().getFullHeaderAsJsonString());
            }

-            byte[] outputData = jws.getCompactSerialization().getBytes(DEFAULT_CHARSET);
+            JSONBuilder jb = new JSONBuilder();
+            jb.put("protected", jws.getHeaders().getEncodedHeader());
+            jb.put("payload", jws.getEncodedPayload());
+            jb.put("signature", jws.getEncodedSignature());
+            byte[] outputData = jb.toString().getBytes(DEFAULT_CHARSET);

            conn.setFixedLengthStreamingMode(outputData.length);
            conn.connect();
--- a/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java
+++ b/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java
@ -689,11 +689,10 @@ public class DefaultConnectionTest {
        verify(mockUrlConnection, atLeast(0)).getHeaderFields();
        verifyNoMoreInteractions(mockUrlConnection);

-        String serialized = new String(outputStream.toByteArray(), "utf-8");
-        String[] written = CompactSerializer.deserialize(serialized);
-        String header = Base64Url.decodeToUtf8String(written[0]);
-        String claims = Base64Url.decodeToUtf8String(written[1]);
-        String signature = written[2];
+        JSON data = JSON.parse(new String(outputStream.toByteArray(), "utf-8"));
+        String encodedHeader = data.get("protected").asString();
+        String encodedSignature = data.get("signature").asString();
+        String encodedPayload = data.get("payload").asString();

        StringBuilder expectedHeader = new StringBuilder();
        expectedHeader.append('{');
@ -703,12 +702,12 @@ public class DefaultConnectionTest {
        expectedHeader.append("\"kid\":\"").append(keyIdentifier).append('"');
        expectedHeader.append('}');

-        assertThat(header, sameJSONAs(expectedHeader.toString()));
-        assertThat(claims, sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}"));
-        assertThat(signature, not(isEmptyOrNullString()));
+        assertThat(Base64Url.decodeToUtf8String(encodedHeader), sameJSONAs(expectedHeader.toString()));
+        assertThat(Base64Url.decodeToUtf8String(encodedPayload), sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}"));
+        assertThat(encodedSignature, not(isEmptyOrNullString()));

        JsonWebSignature jws = new JsonWebSignature();
-        jws.setCompactSerialization(serialized);
+        jws.setCompactSerialization(CompactSerializer.serialize(encodedHeader, encodedPayload, encodedSignature));
        jws.setKey(session.getKeyPair().getPublic());
        assertThat(jws.verifySignature(), is(true));
    }
@ -762,11 +761,10 @@ public class DefaultConnectionTest {
        verify(mockUrlConnection, atLeast(0)).getHeaderFields();
        verifyNoMoreInteractions(mockUrlConnection);

-        String serialized = new String(outputStream.toByteArray(), "utf-8");
-        String[] written = CompactSerializer.deserialize(serialized);
-        String header = Base64Url.decodeToUtf8String(written[0]);
-        String claims = Base64Url.decodeToUtf8String(written[1]);
-        String signature = written[2];
+        JSON data = JSON.parse(new String(outputStream.toByteArray(), "utf-8"));
+        String encodedHeader = data.get("protected").asString();
+        String encodedSignature = data.get("signature").asString();
+        String encodedPayload = data.get("payload").asString();

        StringBuilder expectedHeader = new StringBuilder();
        expectedHeader.append('{');
@ -779,12 +777,12 @@ public class DefaultConnectionTest {
        expectedHeader.append("\"n\":\"").append(TestUtils.N).append("\"");
        expectedHeader.append("}}");

-        assertThat(header, sameJSONAs(expectedHeader.toString()));
-        assertThat(claims, sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}"));
-        assertThat(signature, not(isEmptyOrNullString()));
+        assertThat(Base64Url.decodeToUtf8String(encodedHeader), sameJSONAs(expectedHeader.toString()));
+        assertThat(Base64Url.decodeToUtf8String(encodedPayload), sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}"));
+        assertThat(encodedSignature, not(isEmptyOrNullString()));

        JsonWebSignature jws = new JsonWebSignature();
-        jws.setCompactSerialization(serialized);
+        jws.setCompactSerialization(CompactSerializer.serialize(encodedHeader, encodedPayload, encodedSignature));
        jws.setKey(session.getKeyPair().getPublic());
        assertThat(jws.verifySignature(), is(true));
    }