app/src/main/java/org/apache/roller/weblogger/util/WSSEUtilities.java - roller - Git at Google

 /*
  * Copyright 2005, Dave Johnson
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.roller.weblogger.util;

 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.text.SimpleDateFormat;
 import java.util.Date;

 import org.apache.commons.codec.binary.Base64;

 /**
  * Utilties to support WSSE authentication.
  * @author Dave Johnson
  */
 public class WSSEUtilities {
     public static synchronized String generateDigest(
             byte[] nonce, byte[] created, byte[] password) {
         String result = null;
         try {
             MessageDigest digester = MessageDigest.getInstance("SHA");
             digester.reset();
             digester.update(nonce);
             digester.update(created);
             digester.update(password);
             byte[] digest = digester.digest();
             result = base64Encode(digest);
         }
         catch (NoSuchAlgorithmException e) {
             result = null;
         }
         return result;
     }
     public static byte[] base64Decode(String value) throws IOException {
         return Base64.decodeBase64(value.getBytes("UTF-8"));
     }
     public static String base64Encode(byte[] value) {
         return new String(Base64.encodeBase64(value));
     }
     public static String generateWSSEHeader(String userName, String password)
     throws UnsupportedEncodingException {

         byte[] nonceBytes = Long.toString(new Date().getTime()).getBytes();
         String nonce = WSSEUtilities.base64Encode(nonceBytes);

         SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
         String created = sdf.format(new Date());

         String digest = WSSEUtilities.generateDigest(
                 nonceBytes, created.getBytes("UTF-8"), password.getBytes("UTF-8"));

         StringBuilder header = new StringBuilder("UsernameToken Username=\"");
         header.append(userName);
         header.append("\", ");
         header.append("PasswordDigest=\"");
         header.append(digest);
         header.append("\", ");
         header.append("Nonce=\"");
         header.append(nonce);
         header.append("\", ");
         header.append("Created=\"");
         header.append(created);
         header.append("\"");
         return header.toString();
     }
 }
	/*
	* Copyright 2005, Dave Johnson
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.roller.weblogger.util;

	import java.io.IOException;
	import java.io.UnsupportedEncodingException;
	import java.security.MessageDigest;
	import java.security.NoSuchAlgorithmException;
	import java.text.SimpleDateFormat;
	import java.util.Date;

	import org.apache.commons.codec.binary.Base64;

	/**
	* Utilties to support WSSE authentication.
	* @author Dave Johnson
	*/
	public class WSSEUtilities {
	public static synchronized String generateDigest(
	byte[] nonce, byte[] created, byte[] password) {
	String result = null;
	try {
	MessageDigest digester = MessageDigest.getInstance("SHA");
	digester.reset();
	digester.update(nonce);
	digester.update(created);
	digester.update(password);
	byte[] digest = digester.digest();
	result = base64Encode(digest);
	}
	catch (NoSuchAlgorithmException e) {
	result = null;
	}
	return result;
	}
	public static byte[] base64Decode(String value) throws IOException {
	return Base64.decodeBase64(value.getBytes("UTF-8"));
	}
	public static String base64Encode(byte[] value) {
	return new String(Base64.encodeBase64(value));
	}
	public static String generateWSSEHeader(String userName, String password)
	throws UnsupportedEncodingException {

	byte[] nonceBytes = Long.toString(new Date().getTime()).getBytes();
	String nonce = WSSEUtilities.base64Encode(nonceBytes);

	SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
	String created = sdf.format(new Date());

	String digest = WSSEUtilities.generateDigest(
	nonceBytes, created.getBytes("UTF-8"), password.getBytes("UTF-8"));

	StringBuilder header = new StringBuilder("UsernameToken Username=\"");
	header.append(userName);
	header.append("\", ");
	header.append("PasswordDigest=\"");
	header.append(digest);
	header.append("\", ");
	header.append("Nonce=\"");
	header.append(nonce);
	header.append("\", ");
	header.append("Created=\"");
	header.append(created);
	header.append("\"");
	return header.toString();
	}
	}