/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. The ASF licenses this file to You * under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. For additional information regarding * copyright in this work, please see the NOTICE file in the top level * directory of this distribution. */ package org.apache.abdera2.security.util.filters; import org.apache.abdera2.common.misc.Chain; import org.apache.abdera2.common.protocol.RequestContext; import org.apache.abdera2.common.protocol.ResponseContext; import org.apache.abdera2.security.Encryption; import org.apache.abdera2.security.EncryptionOptions; import org.apache.abdera2.security.util.Constants; import org.apache.abdera2.security.util.DHContext; /** * A Servlet Filter that uses Diffie-Hellman Key Exchange to encrypt Atom documents. The HTTP request must include an * Accept-Encryption header in the form: Accept-Encryption: DH p={dh_p}, g={dh_g}, l={dh_l}, k={base64_pubkey} Example * AbderaClient Code: * *
* DHContext context = new DHContext(); * Abdera abdera = Abdera.getInstance(); * CommonsClient client = new CommonsClient(abdera); * RequestOptions options = client.getDefaultRequestOptions(); * options.setHeader("Accept-Encryption", context.getRequestString()); * * ClientResponse response = client.get("http://localhost:8080/TestWeb/test", options); * Document<Element> doc = response.getDocument(); * * String dh_ret = response.getHeader("Content-Encrypted"); * if (dh_ret != null) { * context.setPublicKey(dh_ret); * AbderaSecurity absec = new AbderaSecurity(abdera); * Encryption enc = absec.getEncryption(); * EncryptionOptions encoptions = context.getEncryptionOptions(enc); * doc = enc.decrypt(doc, encoptions); * } * * doc.writeTo(System.out); ** * Webapp Deployment: * *
* <filter> * <filter-name>enc filter</filter-name> * <filter-class>com.test.EncryptedResponseFilter</filter-class> * </filter> * <filter-mapping> * <filter-name>enc filter</filter-name> * <servlet-name>TestServlet</servlet-name> * </filter-mapping> **/ public class DHEncryptedResponseFilter extends AbstractEncryptedResponseFilter { protected boolean doEncryption(RequestContext request, Object arg) { return arg != null; } protected Object initArg(RequestContext request) { return getDHContext(request); } protected EncryptionOptions initEncryptionOptions(RequestContext request, ResponseContext response, Encryption enc, Object arg) { EncryptionOptions options = null; try { DHContext context = (DHContext)arg; options = context.getEncryptionOptions(enc); returnPublicKey(response, context); } catch (Exception e) { } return options; } public ResponseContext apply(RequestContext request, Chain