Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for RSA-SHA1 #30

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Support for RSA-SHA1 #30

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 47 additions & 0 deletions signpost-core/src/main/java/oauth/signpost/signature/RsaSha1MessageSigner.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
package oauth.signpost.signature;

import oauth.signpost.OAuth;
import oauth.signpost.exception.OAuthMessageSignerException;
import oauth.signpost.http.HttpParameters;
import oauth.signpost.http.HttpRequest;

import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;

@SuppressWarnings("serial")
public class RsaSha1MessageSigner extends OAuthMessageSigner {

@Override
public String getSignatureMethod() {
return "RSA-SHA1";
}

@Override
public String sign(HttpRequest request, HttpParameters requestParameters) throws OAuthMessageSignerException {
byte[] privateKeyBytes = decodeBase64(getConsumerSecret());
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);

try {
PrivateKey privateKey = KeyFactory.getInstance("RSA").generatePrivate(privateKeySpec);
Signature signer = Signature.getInstance("SHA1withRSA");

String sbs = new SignatureBaseString(request, requestParameters).generate();
OAuth.debugOut("SBS", sbs);
byte[] text = sbs.getBytes(OAuth.ENCODING);

signer.initSign(privateKey);
signer.update(text);

return base64Encode(signer.sign());
} catch (GeneralSecurityException e) {
throw new OAuthMessageSignerException(e);
} catch (UnsupportedEncodingException e) {
throw new OAuthMessageSignerException(e);
}
}

}
44 changes: 44 additions & 0 deletions signpost-core/src/test/java/oauth/signpost/signature/OAuthMessageSignerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,4 +63,48 @@ public void shouldComputeCorrectHmacSha256Signature() throws Exception {

assertEquals("0gCtTYQAxqCKhIE0sltgx7UgHkAs10vrpuYE7xpRBnE=", signer.sign(request, params));
}

@Test
public void shouldComputeCorrectRsaSha1Signature() throws Exception {
// based on the reference test case from
// http://oauth.pbwiki.com/TestCases
final String PRIVATE_KEY =
"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALRiMLAh9iimur8V" +
"A7qVvdqxevEuUkW4K+2KdMXmnQbG9Aa7k7eBjK1S+0LYmVjPKlJGNXHDGuy5Fw/d" +
"7rjVJ0BLB+ubPK8iA/Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZSatdLB81mydBETlJ" +
"hI6GH4twrbDJCR2Bwy/XWXgqgGRzAgMBAAECgYBYWVtleUzavkbrPjy0T5FMou8H" +
"X9u2AC2ry8vD/l7cqedtwMPp9k7TubgNFo+NGvKsl2ynyprOZR1xjQ7WgrgVB+mm" +
"uScOM/5HVceFuGRDhYTCObE+y1kxRloNYXnx3ei1zbeYLPCHdhxRYW7T0qcynNmw" +
"rn05/KO2RLjgQNalsQJBANeA3Q4Nugqy4QBUCEC09SqylT2K9FrrItqL2QKc9v0Z" +
"zO2uwllCbg0dwpVuYPYXYvikNHHg+aCWF+VXsb9rpPsCQQDWR9TT4ORdzoj+Nccn" +
"qkMsDmzt0EfNaAOwHOmVJ2RVBspPcxt5iN4HI7HNeG6U5YsFBb+/GZbgfBT3kpNG" +
"WPTpAkBI+gFhjfJvRw38n3g/+UeAkwMI2TJQS4n8+hid0uus3/zOjDySH3XHCUno" +
"cn1xOJAyZODBo47E+67R4jV1/gzbAkEAklJaspRPXP877NssM5nAZMU0/O/NGCZ+" +
"3jPgDUno6WbJn5cqm8MqWhW1xGkImgRk+fkDBquiq4gPiT898jusgQJAd5Zrr6Q8" +
"AO/0isr/3aa6O6NLQxISLKcPDk2NOccAfS/xOtfOz4sJYM3+Bs4Io9+dZGSDCA54" +
"Lw03eHTNQghS0A==";

OAuthMessageSigner signer = new RsaSha1MessageSigner();
signer.setConsumerSecret(PRIVATE_KEY);

HttpRequest request = mock(HttpRequest.class);
when(request.getRequestUrl()).thenReturn("http://photos.example.net/photos");
when(request.getMethod()).thenReturn("GET");

HttpParameters OAUTH_PARAMS = new HttpParameters();
OAUTH_PARAMS.put("oauth_consumer_key", "dpf43f3p2l4k3l03");
OAUTH_PARAMS.put("oauth_signature_method", "RSA-SHA1");
OAUTH_PARAMS.put("oauth_timestamp", "1196666512");
OAUTH_PARAMS.put("oauth_nonce", "13917289812797014437");
OAUTH_PARAMS.put("oauth_version", "1.0");

HttpParameters params = new HttpParameters();
params.putAll(OAUTH_PARAMS);
params.put("file", "vacaction.jpg");
params.put("size", "original");

assertEquals("jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=", signer.sign(request, params));
}


}