/** * Get a code point iterator for a UTF-8 encoded array. * * @param bytes the array * @param offs the array offset * @param len the number of characters to include * @return the code point iterator */ public static CodePointIterator ofUtf8Bytes(final byte[] bytes, final int offs, final int len) { if (len <= 0) { return EMPTY; } return ByteIterator.ofBytes(bytes, offs, len).asUtf8String(); }
private static PasswordSpec decodeClearPasswordSpec(ByteIterator iterator) { return new ClearPasswordSpec(iterator.asUtf8String().drainToString().toCharArray()); } }
@Override public String createLogoutParameter(String sessionId) { try { Signature signature = Signature.getInstance(DEFAULT_SIGNATURE_ALGORITHM); signature.initSign(this.keyPair.getPrivate()); Base64.Encoder urlEncoder = Base64.getUrlEncoder(); return sessionId + "." + ByteIterator.ofBytes(urlEncoder.encode(ByteIterator.ofBytes(sessionId.getBytes(StandardCharsets.UTF_8)).sign(signature).drain())).asUtf8String().drainToString(); } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) { throw new IllegalStateException(e); } }
private static char[] unmask(final String algorithm, final char[] initialKeyMaterial, final int iterationCount, final byte[] salt, final byte[] bytes) throws InvalidKeySpecException { final Cipher cipher = getCipher(algorithm, initialKeyMaterial, iterationCount, salt, Cipher.DECRYPT_MODE); try { return ByteIterator.ofBytes(cipher.doFinal(bytes)).asUtf8String().drainToString().toCharArray(); } catch (IllegalBlockSizeException | BadPaddingException e) { throw new InvalidKeySpecException(e); } }
@Override public String verifyLogoutParameter(String parameter) { String[] parts = parameter.split("\\."); if (parts.length != 2) { throw new IllegalArgumentException(parameter); } try { String localSessionId = ByteIterator.ofBytes(parts[0].getBytes(StandardCharsets.UTF_8)).asUtf8String().drainToString(); Signature signature = Signature.getInstance(DEFAULT_SIGNATURE_ALGORITHM); signature.initVerify(this.keyPair.getPublic()); signature.update(localSessionId.getBytes(StandardCharsets.UTF_8)); Base64.Decoder urlDecoder = Base64.getUrlDecoder(); if (!ByteIterator.ofBytes(urlDecoder.decode(parts[1].getBytes(StandardCharsets.UTF_8))).verify(signature)) { throw log.httpMechSsoInvalidLogoutMessage(localSessionId); } return localSessionId; } catch (NoSuchAlgorithmException | InvalidKeyException e) { throw new IllegalStateException(e); } catch (SignatureException e) { throw new IllegalArgumentException(parameter, e); } }
private String nameFor(Path path) { String fileName = path.toString(); fileName = fileName.substring(0, fileName.length() - 4); // remove ".xml" if (encoded) { CodePointIterator it = CodePointIterator.ofString(fileName); it.delimitedBy('-').skipAll(); it.next(); // skip '-' fileName = it.base32Decode(Base32Alphabet.STANDARD, false) .asUtf8String().drainToString(); } return fileName; }
public byte[] handleServerResponse(byte[] serverMessage) { // got a successful response if (serverMessage.length == 0) { return null; } // otherwise, server responded with a error message try { String errorMessage = ByteIterator.ofBytes(serverMessage).asUtf8String().base64Decode().asUtf8String().drainToString(); log.debugf("Got error message from server [%s].", errorMessage); } catch (Exception e) { log.errorf(e, "Server returned an unexpected message that is probably an error but could not be parsed."); } // send a last message to abort the authentication return new ByteStringBuilder().append(KV_DELIMITER).toArray(); } }
for (String current : authorizationValues) { if (current.startsWith(CHALLENGE_PREFIX)) { byte[] decodedValue = ByteIterator.ofBytes(current.substring(PREFIX_LENGTH).getBytes(UTF_8)).asUtf8String().base64Decode().drain();
byte[] hashed = ByteIterator.ofBytes(accountEntry.getPasswordRepresentation().getBytes(StandardCharsets.UTF_8)).asUtf8String().hexDecode().drain(); passwordSpec = new DigestPasswordSpec(accountEntry.getName(), loadedState.getRealmName(), hashed);
passwordFactory = getPasswordFactory(ALGORITHM_DIGEST_MD5); try { byte[] hashed = ByteIterator.ofBytes(accountEntry.getPasswordRepresentation().getBytes(StandardCharsets.UTF_8)).asUtf8String().hexDecode().drain(); passwordSpec = new DigestPasswordSpec(accountEntry.getName(), loadedState.getRealmName(), hashed); } catch (DecodeException e) {
public ScramFinalServerMessage parseFinalServerMessage(final byte[] messageBytes) throws AuthenticationMechanismException { final ByteIterator bi = ByteIterator.ofBytes(messageBytes); final byte[] sig; try { int c = bi.next(); if (c == 'e') { if (bi.next() == '=') { throw saslScram.scramServerRejectedAuthentication(ScramServerErrorCode.fromErrorString(bi.delimitedBy(',').asUtf8String().drainToString())); } throw saslScram.mechInvalidMessageReceived(); } else if (c == 'v' && bi.next() == '=') { sig = bi.delimitedBy(',').asUtf8String().base64Decode().drain(); } else { throw saslScram.mechInvalidMessageReceived(); } if (bi.hasNext()) { throw saslScram.mechInvalidMessageReceived(); } } catch (IllegalArgumentException e) { throw saslScram.mechInvalidMessageReceived(); } return new ScramFinalServerMessage(sig, messageBytes); }
response = ByteIterator.ofBytes(responseTokens.get(RESPONSE)).asUtf8String().hexDecode().drain(); } else { throw httpDigest.mechMissingDirective(RESPONSE);
public OAuth2InitialClientMessage parseInitialClientMessage(byte[] fromBytes) throws AuthenticationMechanismException { byte[] messageBytes = fromBytes.clone(); ByteIterator byteIterator = ByteIterator.ofBytes(fromBytes.clone()); try { final char cbindFlag = (char) byteIterator.next(); if (cbindFlag != 'n') { throw log.mechChannelBindingNotSupported(); } String authorizationID = null; if (byteIterator.next() == ',') { final int c = byteIterator.next(); if (c == 'a') { if (byteIterator.next() != '=') { throw log.mechInvalidClientMessage(); } authorizationID = byteIterator.delimitedBy(',').asUtf8String().drainToString(); if (byteIterator.next() != ',') { throw ElytronMessages.log.mechInvalidClientMessage(); } } } String auth = getValue("auth", byteIterator.asUtf8String().drainToString()); if (auth == null) { throw log.mechInvalidClientMessage(); } return new OAuth2InitialClientMessage(authorizationID, auth, messageBytes); } catch (NoSuchElementException ignored) { throw ElytronMessages.log.mechInvalidMessageReceived(); } }
byte[] decodedValue = ByteIterator.ofBytes(challenge.getBytes(UTF_8)).asUtf8String().base64Decode().drain();
bi.next(); if (bi.next() == '=') { throw saslScram.scramServerRejectedAuthentication(ScramServerErrorCode.fromErrorString(bi.delimitedBy(',').asUtf8String().drainToString())); throw saslScram.mechInvalidMessageReceived(); salt = bi.delimitedBy(',').asUtf8String().base64Decode().drain();
throw saslScram.mechInvalidMessageReceived(); if (! bindingType.equals(bi.delimitedBy(',').asUtf8String().drainToString())) { throw new ScramServerException(saslScram.mechChannelBindingTypeMismatch(), ScramServerErrorCode.UNSUPPORTED_CHANNEL_BINDING_TYPE); throw saslScram.mechInvalidClientMessage(); authorizationID = bi.delimitedBy(',').asUtf8String().drainToString(); StringPrep.encode(bi.delimitedBy(',').asUtf8String().drainToString(), bsb, StringPrep.PROFILE_SASL_QUERY | StringPrep.UNMAP_SCRAM_LOGIN_CHARS); authenticationName = new String(bsb.toArray(), StandardCharsets.UTF_8);
throw saslScram.mechInvalidMessageReceived(); ByteIterator ibi = bi.delimitedBy(',').asUtf8String().base64Decode(); char cbindFlag = (char) ibi.next(); final String bindingType = initialResponse.getBindingType(); throw saslScram.mechInvalidMessageReceived(); if (! bindingType.equals(ibi.delimitedBy(',').asUtf8String().drainToString())) { throw new ScramServerException(saslScram.mechChannelBindingTypeMismatch(), ScramServerErrorCode.UNSUPPORTED_CHANNEL_BINDING_TYPE); throw saslScram.mechInvalidClientMessage(); authorizationID = ibi.delimitedBy(',').asUtf8String().drainToString(); proof = bi.delimitedBy(',').asUtf8String().base64Decode().drain();
CodePointIterator cpi = di.asUtf8String(); boolean gs2CbFlagPUsed = false;
private static char[] unmask(final String algorithm, final char[] initialKeyMaterial, final int iterationCount, final byte[] salt, final byte[] bytes) throws InvalidKeySpecException { final Cipher cipher = getCipher(algorithm, initialKeyMaterial, iterationCount, salt, Cipher.DECRYPT_MODE); try { return ByteIterator.ofBytes(cipher.doFinal(bytes)).asUtf8String().drainToString().toCharArray(); } catch (IllegalBlockSizeException | BadPaddingException e) { throw new InvalidKeySpecException(e); } }
private String nameFor(Path path) { String fileName = path.toString(); fileName = fileName.substring(0, fileName.length() - 4); // remove ".xml" if (encoded) { CodePointIterator it = CodePointIterator.ofString(fileName); it.delimitedBy('-').skipAll(); it.next(); // skip '-' fileName = it.base32Decode(Base32Alphabet.STANDARD, false) .asUtf8String().drainToString(); } return fileName; }