The Tor Browser / annotate

mobile/android/base/browserid/MockMyIDTokenFactory.java@b8a032363ba2 (annotated)

mobile/android/base/browserid/MockMyIDTokenFactory.java

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4
michael@0 5 package org.mozilla.gecko.browserid;
michael@0 6
michael@0 7 import java.math.BigInteger;
michael@0 8 import java.security.NoSuchAlgorithmException;
michael@0 9 import java.security.spec.InvalidKeySpecException;
michael@0 10
michael@0 11 /**
michael@0 12 * Generate certificates and assertions backed by mockmyid.com's private key.
michael@0 13 * <p>
michael@0 14 * These artifacts are for testing only.
michael@0 15 */
michael@0 16 public class MockMyIDTokenFactory {
michael@0 17 public static final BigInteger MOCKMYID_x = new BigInteger("385cb3509f086e110c5e24bdd395a84b335a09ae", 16);
michael@0 18 public static final BigInteger MOCKMYID_y = new BigInteger("738ec929b559b604a232a9b55a5295afc368063bb9c20fac4e53a74970a4db7956d48e4c7ed523405f629b4cc83062f13029c4d615bbacb8b97f5e56f0c7ac9bc1d4e23809889fa061425c984061fca1826040c399715ce7ed385c4dd0d402256912451e03452d3c961614eb458f188e3e8d2782916c43dbe2e571251ce38262", 16);
michael@0 19 public static final BigInteger MOCKMYID_p = new BigInteger("ff600483db6abfc5b45eab78594b3533d550d9f1bf2a992a7a8daa6dc34f8045ad4e6e0c429d334eeeaaefd7e23d4810be00e4cc1492cba325ba81ff2d5a5b305a8d17eb3bf4a06a349d392e00d329744a5179380344e82a18c47933438f891e22aeef812d69c8f75e326cb70ea000c3f776dfdbd604638c2ef717fc26d02e17", 16);
michael@0 20 public static final BigInteger MOCKMYID_q = new BigInteger("e21e04f911d1ed7991008ecaab3bf775984309c3", 16);
michael@0 21 public static final BigInteger MOCKMYID_g = new BigInteger("c52a4a0ff3b7e61fdf1867ce84138369a6154f4afa92966e3c827e25cfa6cf508b90e5de419e1337e07a2e9e2a3cd5dea704d175f8ebf6af397d69e110b96afb17c7a03259329e4829b0d03bbc7896b15b4ade53e130858cc34d96269aa89041f409136c7242a38895c9d5bccad4f389af1d7a4bd1398bd072dffa896233397a", 16);
michael@0 22
michael@0 23 // Computed lazily by static <code>getMockMyIDPrivateKey</code>.
michael@0 24 protected static SigningPrivateKey cachedMockMyIDPrivateKey = null;
michael@0 25
michael@0 26 public static SigningPrivateKey getMockMyIDPrivateKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
michael@0 27 if (cachedMockMyIDPrivateKey == null) {
michael@0 28 cachedMockMyIDPrivateKey = DSACryptoImplementation.createPrivateKey(MOCKMYID_x, MOCKMYID_p, MOCKMYID_q, MOCKMYID_g);
michael@0 29 }
michael@0 30 return cachedMockMyIDPrivateKey;
michael@0 31 }
michael@0 32
michael@0 33 /**
michael@0 34 * Sign a public key asserting ownership of username@mockmyid.com with
michael@0 35 * mockmyid.com's private key.
michael@0 36 *
michael@0 37 * @param publicKeyToSign
michael@0 38 * public key to sign.
michael@0 39 * @param username
michael@0 40 * sign username@mockmyid.com
michael@0 41 * @param issuedAt
michael@0 42 * timestamp for certificate, in milliseconds since the epoch.
michael@0 43 * @param expiresAt
michael@0 44 * expiration timestamp for certificate, in milliseconds since the epoch.
michael@0 45 * @return encoded certificate string.
michael@0 46 * @throws Exception
michael@0 47 */
michael@0 48 public String createMockMyIDCertificate(final VerifyingPublicKey publicKeyToSign, String username,
michael@0 49 final long issuedAt, final long expiresAt)
michael@0 50 throws Exception {
michael@0 51 if (!username.endsWith("@mockmyid.com")) {
michael@0 52 username = username + "@mockmyid.com";
michael@0 53 }
michael@0 54 SigningPrivateKey mockMyIdPrivateKey = getMockMyIDPrivateKey();
michael@0 55 return JSONWebTokenUtils.createCertificate(publicKeyToSign, username, "mockmyid.com", issuedAt, expiresAt, mockMyIdPrivateKey);
michael@0 56 }
michael@0 57
michael@0 58 /**
michael@0 59 * Sign a public key asserting ownership of username@mockmyid.com with
michael@0 60 * mockmyid.com's private key.
michael@0 61 *
michael@0 62 * @param publicKeyToSign
michael@0 63 * public key to sign.
michael@0 64 * @param username
michael@0 65 * sign username@mockmyid.com
michael@0 66 * @return encoded certificate string.
michael@0 67 * @throws Exception
michael@0 68 */
michael@0 69 public String createMockMyIDCertificate(final VerifyingPublicKey publicKeyToSign, final String username)
michael@0 70 throws Exception {
michael@0 71 long ciat = System.currentTimeMillis();
michael@0 72 long cexp = ciat + JSONWebTokenUtils.DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS;
michael@0 73 return createMockMyIDCertificate(publicKeyToSign, username, ciat, cexp);
michael@0 74 }
michael@0 75
michael@0 76 /**
michael@0 77 * Generate an assertion asserting ownership of username@mockmyid.com to a
michael@0 78 * relying party. The underlying certificate is signed by mockymid.com's
michael@0 79 * private key.
michael@0 80 *
michael@0 81 * @param keyPair
michael@0 82 * to sign with.
michael@0 83 * @param username
michael@0 84 * sign username@mockmyid.com.
michael@0 85 * @param certificateIssuedAt
michael@0 86 * timestamp for certificate, in milliseconds since the epoch.
michael@0 87 * @param certificateExpiresAt
michael@0 88 * expiration timestamp for certificate, in milliseconds since the epoch.
michael@0 89 * @param assertionIssuedAt
michael@0 90 * timestamp for assertion, in milliseconds since the epoch; if null,
michael@0 91 * no timestamp is included.
michael@0 92 * @param assertionExpiresAt
michael@0 93 * expiration timestamp for assertion, in milliseconds since the epoch.
michael@0 94 * @return encoded assertion string.
michael@0 95 * @throws Exception
michael@0 96 */
michael@0 97 public String createMockMyIDAssertion(BrowserIDKeyPair keyPair, String username, String audience,
michael@0 98 long certificateIssuedAt, long certificateExpiresAt,
michael@0 99 Long assertionIssuedAt, long assertionExpiresAt)
michael@0 100 throws Exception {
michael@0 101 String certificate = createMockMyIDCertificate(keyPair.getPublic(), username,
michael@0 102 certificateIssuedAt, certificateExpiresAt);
michael@0 103 return JSONWebTokenUtils.createAssertion(keyPair.getPrivate(), certificate, audience,
michael@0 104 JSONWebTokenUtils.DEFAULT_ASSERTION_ISSUER, assertionIssuedAt, assertionExpiresAt);
michael@0 105 }
michael@0 106
michael@0 107 /**
michael@0 108 * Generate an assertion asserting ownership of username@mockmyid.com to a
michael@0 109 * relying party. The underlying certificate is signed by mockymid.com's
michael@0 110 * private key.
michael@0 111 *
michael@0 112 * @param keyPair
michael@0 113 * to sign with.
michael@0 114 * @param username
michael@0 115 * sign username@mockmyid.com.
michael@0 116 * @return encoded assertion string.
michael@0 117 * @throws Exception
michael@0 118 */
michael@0 119 public String createMockMyIDAssertion(BrowserIDKeyPair keyPair, String username, String audience)
michael@0 120 throws Exception {
michael@0 121 long ciat = System.currentTimeMillis();
michael@0 122 long cexp = ciat + JSONWebTokenUtils.DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS;
michael@0 123 long aiat = ciat + 1;
michael@0 124 long aexp = aiat + JSONWebTokenUtils.DEFAULT_ASSERTION_DURATION_IN_MILLISECONDS;
michael@0 125 return createMockMyIDAssertion(keyPair, username, audience,
michael@0 126 ciat, cexp, aiat, aexp);
michael@0 127 }
michael@0 128 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial