github
/
acme4j
mirror of https://github.com/shred/acme4j
1
0
Fork 0
Code Issues Releases Wiki Activity

Do not use compact JWS serialization

pull/55/head
Richard Körber 2017-08-17 22:38:56 +02:00
parent 514b67bb70
commit 2eb59ef364
2 changed files with 22 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java
View File

@ -190,6 +190,7 @@ public class DefaultConnection implements Connection {
jws.setAlgorithmHeaderValue(keyAlgorithm(jwk)); jws.setAlgorithmHeaderValue(keyAlgorithm(jwk));
jws.setKey(keypair.getPrivate()); jws.setKey(keypair.getPrivate());
jws.sign();
if (LOG.isDebugEnabled()) { if (LOG.isDebugEnabled()) {
LOG.debug("POST {}", url); LOG.debug("POST {}", url);
@ -197,7 +198,11 @@ public class DefaultConnection implements Connection {
LOG.debug(" JWS Header: {}", jws.getHeaders().getFullHeaderAsJsonString()); LOG.debug(" JWS Header: {}", jws.getHeaders().getFullHeaderAsJsonString());
} }
byte[] outputData = jws.getCompactSerialization().getBytes(DEFAULT_CHARSET); JSONBuilder jb = new JSONBuilder();
jb.put("protected", jws.getHeaders().getEncodedHeader());
jb.put("payload", jws.getEncodedPayload());
jb.put("signature", jws.getEncodedSignature());
byte[] outputData = jb.toString().getBytes(DEFAULT_CHARSET);
conn.setFixedLengthStreamingMode(outputData.length); conn.setFixedLengthStreamingMode(outputData.length);
conn.connect(); conn.connect();

34
acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java
View File

@ -689,11 +689,10 @@ public class DefaultConnectionTest {
verify(mockUrlConnection, atLeast(0)).getHeaderFields(); verify(mockUrlConnection, atLeast(0)).getHeaderFields();
verifyNoMoreInteractions(mockUrlConnection); verifyNoMoreInteractions(mockUrlConnection);
String serialized = new String(outputStream.toByteArray(), "utf-8"); JSON data = JSON.parse(new String(outputStream.toByteArray(), "utf-8"));
String[] written = CompactSerializer.deserialize(serialized); String encodedHeader = data.get("protected").asString();
String header = Base64Url.decodeToUtf8String(written[0]); String encodedSignature = data.get("signature").asString();
String claims = Base64Url.decodeToUtf8String(written[1]); String encodedPayload = data.get("payload").asString();
String signature = written[2];
StringBuilder expectedHeader = new StringBuilder(); StringBuilder expectedHeader = new StringBuilder();
expectedHeader.append('{'); expectedHeader.append('{');
@ -703,12 +702,12 @@ public class DefaultConnectionTest {
expectedHeader.append("\"kid\":\"").append(keyIdentifier).append('"'); expectedHeader.append("\"kid\":\"").append(keyIdentifier).append('"');
expectedHeader.append('}'); expectedHeader.append('}');
assertThat(header, sameJSONAs(expectedHeader.toString())); assertThat(Base64Url.decodeToUtf8String(encodedHeader), sameJSONAs(expectedHeader.toString()));
assertThat(claims, sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}")); assertThat(Base64Url.decodeToUtf8String(encodedPayload), sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}"));
assertThat(signature, not(isEmptyOrNullString())); assertThat(encodedSignature, not(isEmptyOrNullString()));
JsonWebSignature jws = new JsonWebSignature(); JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(serialized); jws.setCompactSerialization(CompactSerializer.serialize(encodedHeader, encodedPayload, encodedSignature));
jws.setKey(session.getKeyPair().getPublic()); jws.setKey(session.getKeyPair().getPublic());
assertThat(jws.verifySignature(), is(true)); assertThat(jws.verifySignature(), is(true));
} }
@ -762,11 +761,10 @@ public class DefaultConnectionTest {
verify(mockUrlConnection, atLeast(0)).getHeaderFields(); verify(mockUrlConnection, atLeast(0)).getHeaderFields();
verifyNoMoreInteractions(mockUrlConnection); verifyNoMoreInteractions(mockUrlConnection);
String serialized = new String(outputStream.toByteArray(), "utf-8"); JSON data = JSON.parse(new String(outputStream.toByteArray(), "utf-8"));
String[] written = CompactSerializer.deserialize(serialized); String encodedHeader = data.get("protected").asString();
String header = Base64Url.decodeToUtf8String(written[0]); String encodedSignature = data.get("signature").asString();
String claims = Base64Url.decodeToUtf8String(written[1]); String encodedPayload = data.get("payload").asString();
String signature = written[2];
StringBuilder expectedHeader = new StringBuilder(); StringBuilder expectedHeader = new StringBuilder();
expectedHeader.append('{'); expectedHeader.append('{');
@ -779,12 +777,12 @@ public class DefaultConnectionTest {
expectedHeader.append("\"n\":\"").append(TestUtils.N).append("\""); expectedHeader.append("\"n\":\"").append(TestUtils.N).append("\"");
expectedHeader.append("}}"); expectedHeader.append("}}");
assertThat(header, sameJSONAs(expectedHeader.toString())); assertThat(Base64Url.decodeToUtf8String(encodedHeader), sameJSONAs(expectedHeader.toString()));
assertThat(claims, sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}")); assertThat(Base64Url.decodeToUtf8String(encodedPayload), sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}"));
assertThat(signature, not(isEmptyOrNullString())); assertThat(encodedSignature, not(isEmptyOrNullString()));
JsonWebSignature jws = new JsonWebSignature(); JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(serialized); jws.setCompactSerialization(CompactSerializer.serialize(encodedHeader, encodedPayload, encodedSignature));
jws.setKey(session.getKeyPair().getPublic()); jws.setKey(session.getKeyPair().getPublic());
assertThat(jws.verifySignature(), is(true)); assertThat(jws.verifySignature(), is(true));
} }