Cherry pick branch 'genexuslabs:gamutils_eo' into beta

Author: sgrampone

gamutils/src/main/java/com/genexus/gam/GamUtilsEO.java

@@ -42,6 +42,10 @@ public static String randomHexaBits(int bits) {
 		return Random.hexaBits(bits);
 	}
 
+	public static String randomUtf8Bits(int bits) {
+		return Random.utf8Bits(bits);
+	}
+
 	//**JWK**//
 
 	public static String generateKeyPair() {
@@ -52,13 +56,30 @@ public static String getPublicJwk(String jwkString) {
 		return Jwk.getPublic(jwkString);
 	}
 
+	public static String getJwkAlgorithm(String jwkString) {
+		return Jwk.getAlgorithm(jwkString);
+	}
+
 	//**JWT**//
-	public static boolean verifyJwt(String path, String alias, String password, String token) {
-		return Jwt.verify(path, alias, password, token);
+	public static boolean verifyJwtRsa(String path, String alias, String password, String token) {
+		return Jwt.verify(path, alias, password, token, "", false);
+	}
+
+	public static String createJwtRsa(String path, String alias, String password, String payload, String header) {
+		return Jwt.create(path, alias, password, payload, header, "", false);
 	}
 
-	public static String createJwt(String path, String alias, String password, String payload, String header) {
-		return Jwt.create(path, alias, password, payload, header);
+	public static boolean verifyJwtSha(String secret, String token) {
+		return Jwt.verify("", "", "", token, secret, true);
+	}
+
+	public static boolean verifyAlgorithm(String expectedAlgorithm, String token)
+	{
+		return Jwt.verifyAlgorithm(expectedAlgorithm, token);
+	}
+
+	public static String createJwtSha(String secret, String payload, String header) {
+		return Jwt.create("", "", "",  payload, header, secret, true);
 	}
 
 	public static long createUnixTimestamp(Date date) {
@@ -78,5 +99,7 @@ public static String base64ToBase64Url(String base64) {
 		return Encoding.b64ToB64Url(base64);
 	}
 
+	public static String hexaToBase64(String hexa) { return Encoding.hexaToBase64(hexa); }
+
 	/********EXTERNAL OBJECT PUBLIC METHODS  - END ********/
 }

gamutils/src/main/java/com/genexus/gam/utils/Encoding.java

@@ -4,6 +4,7 @@
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.bouncycastle.util.encoders.Base64;
+import org.bouncycastle.util.encoders.Hex;
 import org.bouncycastle.util.encoders.UrlBase64;
 
 public class Encoding {
@@ -19,4 +20,16 @@ public static String b64ToB64Url(String input) {
 			return "";
 		}
 	}
+
+	public static String hexaToBase64(String hexa)
+	{
+		logger.debug("hexaToBase64");
+		try{
+			return Base64.toBase64String(Hex.decode(hexa));
+		}catch (Exception e)
+		{
+			logger.error("hexaToBase64", e);
+			return "";
+		}
+	}
 }

gamutils/src/main/java/com/genexus/gam/utils/Random.java

@@ -3,6 +3,7 @@
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
+import java.nio.charset.StandardCharsets;
 import java.security.SecureRandom;
 
 public class Random {
@@ -59,4 +60,25 @@ public static String hexaBits(int bits)
 		}
 		return sb.toString().replaceAll("\\s", "");
 	}
+
+	public static String utf8Bits(int bits)
+	{
+		int targetBytes = (bits + 7) / 8;
+		StringBuilder sb = new StringBuilder();
+		for (int i = 0; i < targetBytes; i++) {
+			sb.append("a");
+		}
+		String result = sb.toString();
+		byte[] utf8Bytes = sb.toString().getBytes(StandardCharsets.UTF_8);
+		if (utf8Bytes.length > targetBytes) {
+			return new String(utf8Bytes, 0, targetBytes, StandardCharsets.UTF_8);
+		} else if (utf8Bytes.length < targetBytes) {
+			StringBuilder paddedString = new StringBuilder(sb.toString());
+			for (int i = utf8Bytes.length; i < targetBytes; i++) {
+				paddedString.append("0");
+			}
+			return paddedString.toString();
+		}
+		return result;
+	}
 }

gamutils/src/main/java/com/genexus/gam/utils/json/Jwk.java

@@ -44,6 +44,20 @@ public static String getPublic(String jwkString) {
 		}
 	}
 
+	public static String getAlgorithm(String jwkString) {
+		if (jwkString.isEmpty()) {
+			logger.error("getAlgorithm jwkString parameter is empty");
+			return "";
+		}
+		try {
+			return JWK.parse(jwkString).getAlgorithm().toString();
+		} catch (Exception e) {
+			logger.error("getPublic", e);
+			return "";
+		}
+	}
+
+
 	/*public static boolean verifyJWT(String jwkString, String token) {
 		if (jwkString.isEmpty()) {
 			logger.error("verifyJWT jwkString parameter is empty");

gamutils/src/main/java/com/genexus/gam/utils/json/Jwt.java

@@ -2,8 +2,12 @@
 
 import com.genexus.gam.utils.keys.PrivateKeyUtil;
 import com.genexus.gam.utils.keys.PublicKeyUtil;
+import com.nimbusds.jose.JWSAlgorithm;
 import com.nimbusds.jose.JWSHeader;
+import com.nimbusds.jose.JWSSigner;
 import com.nimbusds.jose.JWSVerifier;
+import com.nimbusds.jose.crypto.MACSigner;
+import com.nimbusds.jose.crypto.MACVerifier;
 import com.nimbusds.jose.crypto.RSASSASigner;
 import com.nimbusds.jose.crypto.RSASSAVerifier;
 import com.nimbusds.jwt.JWTClaimsSet;
@@ -20,20 +24,20 @@ public class Jwt {
 
 	/******** EXTERNAL OBJECT PUBLIC METHODS - BEGIN ********/
 
-	public static boolean verify(String path, String alias, String password, String token) {
+	public static boolean verify(String path, String alias, String password, String token, String secret, boolean isSymmetric) {
 		logger.debug("verify");
 		try {
-			return verify(PublicKeyUtil.getPublicKey(path, alias, password, token), token);
+			return !isSymmetric ? verify_internal(PublicKeyUtil.getPublicKey(path, alias, password, token), token, "", isSymmetric) : verify_internal(null, token, secret, isSymmetric);
 		} catch (Exception e) {
 			logger.error("verify", e);
 			return false;
 		}
 	}
 
-	public static String create(String path, String alias, String password, String payload, String header) {
+	public static String create(String path, String alias, String password, String payload, String header, String secret, boolean isSymmetric) {
 		logger.debug("create");
 		try {
-			return create(PrivateKeyUtil.getPrivateKey(path, alias, password), payload, header);
+			return !isSymmetric ? create_internal(PrivateKeyUtil.getPrivateKey(path, alias, password), payload, header, "", isSymmetric): create_internal(null, payload, header, secret, isSymmetric);
 		}catch (Exception e)
 		{
 			logger.error("create", e);
@@ -61,26 +65,41 @@ public static String getPayload(String token) {
 		}
 	}
 
+	public static boolean verifyAlgorithm(String algorithm, String token)
+	{
+		logger.debug("verifyAlgorithm");
+		try{
+			return SignedJWT.parse(token).getHeader().getAlgorithm().equals(JWSAlgorithm.parse(algorithm));
+		}catch (Exception e)
+		{
+			logger.error("verifyAlgorithm", e);
+			return false;
+		}
+	}
+
 	/******** EXTERNAL OBJECT PUBLIC METHODS - END ********/
 
-	private static boolean verify(RSAPublicKey publicKey, String token) {
+	private static boolean verify_internal(RSAPublicKey publicKey, String token, String secret, boolean isSymmetric){
+		logger.debug("verify_internal");
 		try {
 			SignedJWT signedJWT = SignedJWT.parse(token);
-			JWSVerifier verifier = new RSASSAVerifier(publicKey);
+			JWSVerifier verifier = isSymmetric ? new MACVerifier(secret):new RSASSAVerifier(publicKey);
 			return signedJWT.verify(verifier);
 		} catch (Exception e) {
-			logger.error("verify", e);
+			logger.error("verify_internal", e);
 			return false;
 		}
 	}
 
-	private static String create(RSAPrivateKey privateKey, String payload, String header) {
+	private static String create_internal(RSAPrivateKey privateKey, String payload, String header, String secret, boolean isSymmetric) {
+		logger.debug("create_internal");
 		try {
 			SignedJWT signedJWT = new SignedJWT(JWSHeader.parse(header), JWTClaimsSet.parse(payload));
-			signedJWT.sign(new RSASSASigner(privateKey));
+			JWSSigner signer = isSymmetric ? new MACSigner(secret): new RSASSASigner(privateKey);
+			signedJWT.sign(signer);
 			return signedJWT.serialize();
 		} catch (Exception e) {
-			logger.error("create", e);
+			logger.error("create_internal", e);
 			return "";
 		}
 	}

gamutils/src/test/java/com/genexus/gam/utils/test/EncodingTest.java

@@ -1,7 +1,10 @@
 package com.genexus.gam.utils.test;
 
 import com.genexus.gam.GamUtilsEO;
+import com.genexus.gam.utils.Encoding;
+import com.genexus.gam.utils.Random;
 import org.bouncycastle.util.encoders.Base64;
+import org.bouncycastle.util.encoders.Hex;
 import org.bouncycastle.util.encoders.UrlBase64;
 import org.junit.Assert;
 import org.junit.Test;
@@ -31,5 +34,28 @@ private static String b64UrlToUtf8(String base64Url) {
 		}
 	}
 
+	@Test
+	public void testHexaToBase64()
+	{
+		int i = 0;
+		do {
+			String randomHexa = Random.hexaBits(128);
+			String testing = b64ToHexa(Encoding.hexaToBase64(randomHexa));
+			Assert.assertEquals("testB64ToB64Url", randomHexa, testing);
+			i++;
+		} while (i < 50);
+	}
+
+	private static String b64ToHexa(String base64) {
+		try {
+			byte[] bytes = Base64.decode(base64);
+			return Hex.toHexString(bytes);
+		} catch (Exception e) {
+			e.printStackTrace();
+			return "";
+		}
+	}
+
+
 
 }

gamutils/src/test/java/com/genexus/gam/utils/test/JwkTest.java

@@ -27,4 +27,12 @@ public void testPublicJwk() {
 			Assert.fail("Exception on testPublicJwk" + e.getMessage());
 		}
 	}
+
+	@Test
+	public void testGetAlgorithm()
+	{
+		String jwk = GamUtilsEO.generateKeyPair();
+		String algorithm = GamUtilsEO.getJwkAlgorithm(jwk);
+		Assert.assertEquals("testGetAlgorithm", algorithm, "RS256");
+	}
 }