User: starksm Date: 02/03/22 19:35:47 Added: src/main/org/jboss/test/security/interceptors ClientEncryptionInterceptor.java ServerEncryptionInterceptor.java Log: Interceptors used by the SRPUnitTestCase Revision Changes Path 1.1 jbosstest/src/main/org/jboss/test/security/interceptors/ClientEncryptionInterceptor.java Index: ClientEncryptionInterceptor.java =================================================================== package org.jboss.test.security.interceptors; import java.io.Serializable; import java.security.GeneralSecurityException; import java.util.Arrays; import java.util.Iterator; import java.util.Set; import javax.crypto.Cipher; import javax.crypto.SealedObject; import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import javax.security.auth.Subject; import org.apache.log4j.Category; import org.jboss.invocation.Invocation; import org.jboss.proxy.Interceptor; import org.jboss.security.SecurityAssociation; import org.jboss.security.srp.SRPParameters; /** A client side interceptor that encrypts @author [EMAIL PROTECTED] @version $Revision: 1.1 $ */ public class ClientEncryptionInterceptor extends Interceptor { /** The is initialized the first time */ private Cipher encryptCipher; private Cipher decryptCipher; private Category log = Category.getInstance(ClientEncryptionInterceptor.class); /** Creates a new instance of EncryptionInterceptor */ public ClientEncryptionInterceptor() { } public Object invoke(Invocation mi) throws Throwable { if( encryptCipher == null ) { Subject subject = SecurityAssociation.getSubject(); initCipher(subject); } log.debug("invoke mi="+mi.getMethod()); // Check for arguments to encrypt Object[] args = mi.getArguments(); int length = args != null ? args.length : 0; for(int a = 0; a < length; a ++) { if( (args[a] instanceof Serializable) == false ) continue; Serializable arg = (Serializable) args[a]; SealedObject sarg = new SealedObject(arg, encryptCipher); args[a] = sarg; log.debug(" Sealed arg("+a+"): "+arg); } Interceptor next = getNext(); Object value = next.invoke(mi); if( value instanceof SealedObject ) { SealedObject svalue = (SealedObject) value; value = svalue.getObject(decryptCipher); } return value; } private void initCipher(Subject subject) throws GeneralSecurityException { Set credentials = subject.getPrivateCredentials(SecretKey.class); Iterator iter = credentials.iterator(); SecretKey key = null; while( iter.hasNext() ) { key = (SecretKey) iter.next(); } if( key == null ) { System.out.println("Subject: "+subject); throw new GeneralSecurityException("Failed to find SecretKey in Subject.PrivateCredentials"); } credentials = subject.getPrivateCredentials(SRPParameters.class); iter = credentials.iterator(); SRPParameters params = null; while( iter.hasNext() ) { params = (SRPParameters) iter.next(); } if( params == null ) throw new GeneralSecurityException("Failed to find SRPParameters in Subject.PrivateCredentials"); encryptCipher = Cipher.getInstance(key.getAlgorithm()); IvParameterSpec iv = new IvParameterSpec(params.cipherIV); encryptCipher.init(Cipher.ENCRYPT_MODE, key, iv); decryptCipher = Cipher.getInstance(key.getAlgorithm()); decryptCipher.init(Cipher.DECRYPT_MODE, key, iv); } } 1.1 jbosstest/src/main/org/jboss/test/security/interceptors/ServerEncryptionInterceptor.java Index: ServerEncryptionInterceptor.java =================================================================== package org.jboss.test.security.interceptors; import java.io.Serializable; import java.security.GeneralSecurityException; import java.util.Arrays; import java.util.Iterator; import java.util.Set; import javax.crypto.Cipher; import javax.crypto.SealedObject; import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import javax.security.auth.Subject; import org.jboss.ejb.Container; import org.jboss.ejb.Interceptor; import org.jboss.ejb.plugins.AbstractInterceptor; import org.jboss.invocation.Invocation; import org.jboss.security.SecurityAssociation; import org.jboss.security.srp.SRPParameters; /** A server side interceptor that encrypts @author [EMAIL PROTECTED] @version $Revision: 1.1 $ */ public class ServerEncryptionInterceptor extends AbstractInterceptor { /** The is initialized the first time */ private Cipher decryptCipher; private Cipher encryptCipher; private Container container; /** Creates a new instance of EncryptionInterceptor */ public ServerEncryptionInterceptor() { } public void setContainer(Container container) { this.container = container; } public Container getContainer() { return container; } public Object invoke(Invocation mi) throws Exception { if( decryptCipher == null ) { Subject subject = SecurityAssociation.getSubject(); initCipher(subject); } log.debug("invoke mi="+mi.getMethod()); // Check for arguments to decrypt Object[] args = mi.getArguments(); int length = args != null ? args.length : 0; for(int a = 0; a < length; a ++) { if( (args[a] instanceof SealedObject) == false ) continue; SealedObject sarg = (SealedObject) args[a]; Object arg = sarg.getObject(decryptCipher); args[a] = arg; log.debug(" Unsealed arg("+a+"): "+arg); } // We must set the arguments because args[] may be a copy mi.setArguments(args); Interceptor next = getNext(); Object value = next.invoke(mi); if( value instanceof Serializable ) { Serializable svalue = (Serializable) value; value = new SealedObject(svalue, encryptCipher); } return value; } private void initCipher(Subject subject) throws GeneralSecurityException { Set credentials = subject.getPrivateCredentials(SecretKey.class); Iterator iter = credentials.iterator(); SecretKey key = null; while( iter.hasNext() ) { key = (SecretKey) iter.next(); } if( key == null ) throw new GeneralSecurityException("Failed to find SecretKey in Subject.PrivateCredentials"); credentials = subject.getPrivateCredentials(SRPParameters.class); iter = credentials.iterator(); SRPParameters params = null; while( iter.hasNext() ) { params = (SRPParameters) iter.next(); } if( params == null ) throw new GeneralSecurityException("Failed to find SRPParameters in Subject.PrivateCredentials"); encryptCipher = Cipher.getInstance(key.getAlgorithm()); IvParameterSpec iv = new IvParameterSpec(params.cipherIV); encryptCipher.init(Cipher.ENCRYPT_MODE, key, iv); decryptCipher = Cipher.getInstance(key.getAlgorithm()); decryptCipher.init(Cipher.DECRYPT_MODE, key, iv); } }
_______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development