/** * Base64-encode the current stream. * * @param alphabet the alphabet to use * @return an iterator over the encoded characters */ public CodePointIterator base64Encode(final Base64Alphabet alphabet) { return base64Encode(alphabet, true); }
/** * Base64-encode the current stream. * * @return an iterator over the encoded characters */ public CodePointIterator base64Encode() { return base64Encode(Base64Alphabet.STANDARD, true); }
static byte[] generateNonce() { SecureRandom random = new SecureRandom(); byte[] nonceData = new byte[NONCE_SIZE]; random.nextBytes(nonceData); return ByteIterator.ofBytes(nonceData).base64Encode().drainToString().getBytes(StandardCharsets.US_ASCII); }
private byte[] createErrorMessage() { JsonObjectBuilder objectBuilder = Json.createObjectBuilder(); objectBuilder.add("status", "invalid_token"); Object asDiscoveryUrl = serverConfig.get(CONFIG_OPENID_CONFIGURATION_URL); if (asDiscoveryUrl != null) { objectBuilder.add(CONFIG_OPENID_CONFIGURATION_URL, asDiscoveryUrl.toString()); } return ByteIterator.ofBytes(objectBuilder.build().toString().getBytes()).base64Encode().asUtf8().drain(); } }
static String base64UrlEncode(byte[] data) { return ByteIterator.ofBytes(data).base64Encode(BASE64_URL, false).drainToString(); }
private static String getEncodedJson(JsonObject jsonObject) { return CodePointIterator.ofString(jsonObject.toString()).asUtf8().base64Encode(BASE64_URL, false).drainToString(); }
/** * Generate a new encoded nonce to send to the client. * * @param salt additional data to use when creating the overall signature for the nonce. * @return a new encoded nonce to send to the client. */ String generateNonce(byte[] salt) { try { MessageDigest messageDigest = MessageDigest.getInstance(algorithm); ByteBuffer byteBuffer = ByteBuffer.allocate(PREFIX_LENGTH + messageDigest.getDigestLength()); byteBuffer.putInt(nonceCounter.incrementAndGet()); byteBuffer.putLong(System.nanoTime()); byteBuffer.put(digest(byteBuffer.array(), 0, PREFIX_LENGTH, salt, messageDigest)); String nonce = ByteIterator.ofBytes(byteBuffer.array()).base64Encode().drainToString(); if (log.isTraceEnabled()) { String saltString = salt == null ? "null" : ByteIterator.ofBytes(salt).hexEncode().drainToString(); log.tracef("New nonce generated %s, using seed %s", nonce, saltString); } return nonce; } catch (GeneralSecurityException e) { throw new IllegalStateException(e); } }
private static void composeCryptBasedPassword(ByteArrayOutputStream out, UnixDESCryptPassword password) throws IOException { out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 6 & 0x3f)); out.write(ByteIterator.ofBytes(password.getHash()).base64Encode(ModularCrypt.MOD_CRYPT, false).asUtf8().drain()); }
streamWriter.writeStartElement("otp"); streamWriter.writeAttribute("algorithm", otp.getAlgorithm()); streamWriter.writeAttribute("hash", ByteIterator.ofBytes(otp.getHash()).base64Encode().drainToString()); streamWriter.writeAttribute("seed", ByteIterator.ofBytes(otp.getSeed().getBytes(StandardCharsets.US_ASCII)).base64Encode().drainToString()); streamWriter.writeAttribute("sequence", Integer.toString(otp.getSequenceNumber())); streamWriter.writeEndElement(); passwordString = ByteIterator.ofBytes(encoded).base64Encode().drainToString(); } else { format = MCF_FORMAT;
if (ALGORITHM_SIMPLE_DIGEST_MD5.equals(algorithm)) { out.write(new byte[] { '{', 'm', 'd', '5', '}' }); out.write(ByteIterator.ofBytes(((SimpleDigestPassword)password).getDigest()).base64Encode().asUtf8().drain()); } else if (ALGORITHM_SIMPLE_DIGEST_SHA_1.equals(algorithm)) { out.write(new byte[]{'{','s','h','a','}'}); out.write(ByteIterator.ofBytes(((SimpleDigestPassword)password).getDigest()).base64Encode().asUtf8().drain()); } else if (ALGORITHM_SIMPLE_DIGEST_SHA_256.equals(algorithm)) { out.write(new byte[]{'{','s','h','a','2','5','6','}'}); out.write(ByteIterator.ofBytes(((SimpleDigestPassword)password).getDigest()).base64Encode().asUtf8().drain()); } else if (ALGORITHM_SIMPLE_DIGEST_SHA_384.equals(algorithm)) { out.write(new byte[]{'{','s','h','a','3','8','4','}'}); out.write(ByteIterator.ofBytes(((SimpleDigestPassword)password).getDigest()).base64Encode().asUtf8().drain()); } else if (ALGORITHM_SIMPLE_DIGEST_SHA_512.equals(algorithm)) { out.write(new byte[]{'{','s','h','a','5','1','2','}'}); out.write(ByteIterator.ofBytes(((SimpleDigestPassword)password).getDigest()).base64Encode().asUtf8().drain()); } else if (ALGORITHM_PASSWORD_SALT_DIGEST_MD5.equals(algorithm)) { out.write(new byte[]{'{','s','m','d','5','}'});
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); connection.setRequestProperty("Content-Length", String.valueOf(params.length)); connection.setRequestProperty("Authorization", "Basic " + CodePointIterator.ofString(clientId + ":" + clientSecret).asUtf8().base64Encode().drainToString());
private static void composeBsdCryptBasedPassword(ByteArrayOutputStream out, BSDUnixDESCryptPassword password) throws IOException { out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 6 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 12 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getIterationCount() >> 18 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 6 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 12 & 0x3f)); out.write(ModularCrypt.MOD_CRYPT.encode(password.getSalt() >> 18 & 0x3f)); out.write(ByteIterator.ofBytes(password.getHash()).base64Encode(ModularCrypt.MOD_CRYPT, false).asUtf8().drain()); }
/** * Generate PEM content to the given byte string builder. The appropriate header and footer surrounds the base-64 * encoded value. * * @param target the target byte string builder (must not be {@code null}) * @param type the content type (must not be {@code null}) * @param content the content iterator (must not be {@code null}) * @throws IllegalArgumentException if there is a problem with the data or the type * @deprecated Use {@link #generatePemContent(ByteStringBuilder, String, ByteIterator)} instead */ @Deprecated public static void generatePemContent(org.wildfly.security.util.ByteStringBuilder target, String type, ByteIterator content) throws IllegalArgumentException { Assert.checkNotNullParam("target", target); Assert.checkNotNullParam("type", type); Assert.checkNotNullParam("content", content); final Matcher matcher = VALID_LABEL.matcher(type); if (matcher.find()) { throw log.invalidPemType("<any valid PEM type>", type); } target.append("-----BEGIN ").append(type).append("-----"); target.append(content.base64Encode().drainToString(System.lineSeparator(), 64)); // insert the line separator before every 64 code points target.append(System.lineSeparator()).append("-----END ").append(type).append("-----").append(System.lineSeparator()); }
/** * Generate PEM content to the given byte string builder. The appropriate header and footer surrounds the base-64 * encoded value. * * @param target the target byte string builder (must not be {@code null}) * @param type the content type (must not be {@code null}) * @param content the content iterator (must not be {@code null}) * @throws IllegalArgumentException if there is a problem with the data or the type */ public static void generatePemContent(ByteStringBuilder target, String type, ByteIterator content) throws IllegalArgumentException { Assert.checkNotNullParam("target", target); Assert.checkNotNullParam("type", type); Assert.checkNotNullParam("content", content); final Matcher matcher = VALID_LABEL.matcher(type); if (matcher.find()) { throw log.invalidPemType("<any valid PEM type>", type); } target.append("-----BEGIN ").append(type).append("-----"); target.append(content.base64Encode().drainToString(System.lineSeparator(), 64)); // insert the line separator before every 64 code points target.append(System.lineSeparator()).append("-----END ").append(type).append("-----").append(System.lineSeparator()); }
private String encodeUsingAlphabet(byte[] payload) { if (picketBoxCompatibility) { return picketBoxBased64Encode(payload); } else { CodePointIterator codePointIterator = isBase64(alphabet) ? ByteIterator.ofBytes(payload).base64Encode(getAlphabet64(alphabet), usePadding) : ByteIterator.ofBytes(payload).base32Encode(getAlphabet32(alphabet)); return codePointIterator.drainToString(); } }
@Override public void persistCredential(final Credential credential) throws RealmUnavailableException { OneTimePassword password = credential.castAndApply(PasswordCredential.class, c -> c.getPassword(OneTimePassword.class)); try { Attributes attributes = new BasicAttributes(); attributes.put(algorithmAttributeName, password.getAlgorithm()); attributes.put(hashAttributeName, ByteIterator.ofBytes(password.getHash()).base64Encode().drainToString()); attributes.put(seedAttributeName, password.getSeed()); attributes.put(sequenceAttributeName, Integer.toString(password.getSequenceNumber())); context.modifyAttributes(distinguishedName, DirContext.REPLACE_ATTRIBUTE, attributes); } catch (NamingException e) { throw log.ldapRealmCredentialPersistingFailed(credential.toString(), distinguishedName, e); } }
private void sendChallenge(byte[] responseToken, HttpServerResponse response, int statusCode) { if (httpSpnego.isTraceEnabled()) { httpSpnego.tracef("Sending intermediate challenge: %s", Arrays2.objectToString(responseToken)); } if (responseToken == null) { response.addResponseHeader(WWW_AUTHENTICATE, NEGOTIATE); } else { String responseConverted = ByteIterator.ofBytes(responseToken).base64Encode().drainToString(); response.addResponseHeader(WWW_AUTHENTICATE, CHALLENGE_PREFIX + responseConverted); } if (statusCode != 0) { response.setStatusCode(statusCode); } }
private static byte[] composeDigestSalt(SaltedSimpleDigestPassword password) { return ByteIterator.ofBytes(new ByteStringBuilder() .append(password.getDigest()) .append(password.getSalt()) .toArray() ).base64Encode().asUtf8().drain(); }
b2.append(bindingData); encoded.appendLatin1(b2.iterate().base64Encode()); } else { b2.append('n'); encoded.appendLatin1(b2.iterate().base64Encode()); encoded.appendLatin1(ByteIterator.ofBytes(clientProof).base64Encode()); if(trace) saslScram.tracef("[C] Client final message: %s%n", ByteIterator.ofBytes(encoded.toArray()).hexEncode().drainToString()); return new ScramFinalClientMessage(initialResponse, initialChallenge, password, clientProof, encoded.toArray(), proofStart);
b.appendLatin1(ByteIterator.ofBytes(salt).base64Encode()); b.append(','); b.append('i').append('=');