Package de.svenkubiak.webpush4j

Class HttpEce

java.lang.Object
de.svenkubiak.webpush4j.HttpEce
public class HttpEce extends Object
An implementation of Encrypted Content-Encoding for HTTP. The first implementation follows the specification in [1]. The specification later moved from "aesgcm" to "aes128gcm" as content encoding [2]. To remain backwards compatible this library supports both. [1] https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-01 [2] https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-09 TODO: Support multiple records (not needed for Web Push)

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    KEY_LENGTH
     
    static final int
    SHA_256_LENGTH
     
    static final int
    TAG_SIZE
     
    static final int
    TWO_BYTE_MAX
     
    static final String
    WEB_PUSH_INFO
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    HttpEce()
     
    HttpEce(Map<String,KeyPair> keys, Map<String,String> labels)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected static byte[]
    buildInfo(String type, byte[] context)
    Future versions might require a null-terminated info string?
    byte[]
    decrypt(byte[] payload, byte[] salt, byte[] key, String keyid, Encoding version)
    Decrypt the payload.
    byte[]
    decryptRecord(byte[] ciphertext, byte[] key, byte[] nonce, Encoding version)
     
    byte[][]
    deriveKeyAndNonce(byte[] salt, byte[] key, String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, Encoding version, int mode)
     
    byte[]
    encrypt(byte[] plaintext, byte[] salt, byte[] privateKey, String keyid, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, Encoding version)
    Encrypt the given plaintext.
    byte[][]
    extractSecretAndContext(byte[] key, String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret)
     
    protected static byte[]
    hkdfExpand(byte[] ikm, byte[] salt, byte[] info, int length)
    Convenience method for computing the HMAC Key Derivation Function.
    byte[][]
    parseHeader(byte[] payload)
     
    byte[]
    webpushSecret(String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, int mode)
    Combine Shared and Authentication Secrets See https://tools.ietf.org/html/draft-ietf-webpush-encryption-09#section-3.3.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait