HttpEce (web-push 5.1.0 API)

java.lang.Object
- nl.martijndwars.webpush.HttpEce

```
public class HttpEce
extends java.lang.Object
```
An implementation of Encrypted Content-Encoding for HTTP. The first implementation follows the specification in [1]. The specification later moved from "aesgcm" to "aes128gcm" as content encoding [2]. To remain backwards compatible this library supports both. [1] https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-01 [2] https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-09 TODO: Support multiple records (not needed for Web Push)

Field Summary

Fields
Modifier and Type	Field and Description
`static int`	`KEY_LENGTH`
`static int`	`SHA_256_LENGTH`
`static int`	`TAG_SIZE`
`static int`	`TWO_BYTE_MAX`
`static java.lang.String`	`WEB_PUSH_INFO`

Constructor Summary

Constructors
Constructor and Description

HttpEce()

HttpEce(java.util.Map<java.lang.String,java.security.KeyPair> keys, java.util.Map<java.lang.String,java.lang.String> labels)

Constructors
Constructor and Description
`HttpEce()`
`HttpEce(java.util.Map<java.lang.String,java.security.KeyPair> keys, java.util.Map<java.lang.String,java.lang.String> labels)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected static byte[]`	`buildInfo(java.lang.String type, byte[] context)` Future versions might require a null-terminated info string?
`byte[]`	`decrypt(byte[] payload, byte[] salt, byte[] key, java.lang.String keyid, Encoding version)` Decrypt the payload.
`byte[]`	`decryptRecord(byte[] ciphertext, byte[] key, byte[] nonce, Encoding version)`
`byte[][]`	`deriveKeyAndNonce(byte[] salt, byte[] key, java.lang.String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, Encoding version, int mode)`
`byte[]`	`encrypt(byte[] plaintext, byte[] salt, byte[] privateKey, java.lang.String keyid, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, Encoding version)` Encrypt the given plaintext.
`byte[][]`	`extractSecretAndContext(byte[] key, java.lang.String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret)`
`protected static byte[]`	`hkdfExpand(byte[] ikm, byte[] salt, byte[] info, int length)` Convenience method for computing the HMAC Key Derivation Function.
`byte[][]`	`parseHeader(byte[] payload)`
`byte[]`	`webpushSecret(java.lang.String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, int mode)` Combine Shared and Authentication Secrets See https://tools.ietf.org/html/draft-ietf-webpush-encryption-09#section-3.3.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- KEY_LENGTH
```
public static final int KEY_LENGTH
```
  See Also:
  
  Constant Field Values
- SHA_256_LENGTH
```
public static final int SHA_256_LENGTH
```
  See Also:
  
  Constant Field Values
- TAG_SIZE
```
public static final int TAG_SIZE
```
  See Also:
  
  Constant Field Values
- TWO_BYTE_MAX
```
public static final int TWO_BYTE_MAX
```
  See Also:
  
  Constant Field Values
- WEB_PUSH_INFO
```
public static final java.lang.String WEB_PUSH_INFO
```
  See Also:
  
  Constant Field Values

Constructor Detail

HttpEce
```
public HttpEce()
```

HttpEce

public HttpEce(java.util.Map<java.lang.String,java.security.KeyPair> keys,
               java.util.Map<java.lang.String,java.lang.String> labels)

Method Detail

encrypt
```
public byte[] encrypt(byte[] plaintext,
                      byte[] salt,
                      byte[] privateKey,
                      java.lang.String keyid,
                      org.bouncycastle.jce.interfaces.ECPublicKey dh,
                      byte[] authSecret,
                      Encoding version)
               throws java.security.GeneralSecurityException
```
Encrypt the given plaintext.

Parameters:

plaintext - Payload to encrypt.

salt - A random 16-byte buffer

privateKey - A private key to encrypt this message with (Web Push: the local private key)

keyid - An identifier for the local key. Only applies to AESGCM. For AES128GCM, the header contains the keyid.

dh - An Elliptic curve Diffie-Hellman public privateKey on the P-256 curve (Web Push: the user's keys.p256dh)

authSecret - An authentication secret (Web Push: the user's keys.auth)

version -

Returns:

Throws:

java.security.GeneralSecurityException

decrypt

public byte[] decrypt(byte[] payload,
                      byte[] salt,
                      byte[] key,
                      java.lang.String keyid,
                      Encoding version)
               throws java.security.InvalidKeyException,
                      java.security.NoSuchAlgorithmException,
                      javax.crypto.IllegalBlockSizeException,
                      java.security.InvalidAlgorithmParameterException,
                      javax.crypto.BadPaddingException,
                      java.security.NoSuchProviderException,
                      javax.crypto.NoSuchPaddingException

Decrypt the payload.

Parameters:: payload - Header and body (ciphertext); salt - May be null when version is AES128GCM; the salt is extracted from the header.; version - AES128GCM or AESGCM.
Returns:
Throws:: java.security.InvalidKeyException; java.security.NoSuchAlgorithmException; javax.crypto.IllegalBlockSizeException; java.security.InvalidAlgorithmParameterException; javax.crypto.BadPaddingException; java.security.NoSuchProviderException; javax.crypto.NoSuchPaddingException

parseHeader

public byte[][] parseHeader(byte[] payload)

decryptRecord

public byte[] decryptRecord(byte[] ciphertext,
                            byte[] key,
                            byte[] nonce,
                            Encoding version)
                     throws javax.crypto.NoSuchPaddingException,
                            java.security.NoSuchAlgorithmException,
                            java.security.NoSuchProviderException,
                            java.security.InvalidAlgorithmParameterException,
                            java.security.InvalidKeyException,
                            javax.crypto.BadPaddingException,
                            javax.crypto.IllegalBlockSizeException

Throws:: javax.crypto.NoSuchPaddingException; java.security.NoSuchAlgorithmException; java.security.NoSuchProviderException; java.security.InvalidAlgorithmParameterException; java.security.InvalidKeyException; javax.crypto.BadPaddingException; javax.crypto.IllegalBlockSizeException

buildInfo

protected static byte[] buildInfo(java.lang.String type,
                                  byte[] context)

Future versions might require a null-terminated info string?

Parameters:: type -
Returns:

hkdfExpand

protected static byte[] hkdfExpand(byte[] ikm,
                                   byte[] salt,
                                   byte[] info,
                                   int length)

Convenience method for computing the HMAC Key Derivation Function. The real work is offloaded to BouncyCastle.

extractSecretAndContext

public byte[][] extractSecretAndContext(byte[] key,
                                        java.lang.String keyId,
                                        org.bouncycastle.jce.interfaces.ECPublicKey dh,
                                        byte[] authSecret)
                                 throws java.security.InvalidKeyException,
                                        java.security.NoSuchAlgorithmException

Throws:: java.security.InvalidKeyException; java.security.NoSuchAlgorithmException

deriveKeyAndNonce

public byte[][] deriveKeyAndNonce(byte[] salt,
                                  byte[] key,
                                  java.lang.String keyId,
                                  org.bouncycastle.jce.interfaces.ECPublicKey dh,
                                  byte[] authSecret,
                                  Encoding version,
                                  int mode)
                           throws java.security.NoSuchAlgorithmException,
                                  java.security.InvalidKeyException

Throws:: java.security.NoSuchAlgorithmException; java.security.InvalidKeyException

webpushSecret

public byte[] webpushSecret(java.lang.String keyId,
                            org.bouncycastle.jce.interfaces.ECPublicKey dh,
                            byte[] authSecret,
                            int mode)
                     throws java.security.NoSuchAlgorithmException,
                            java.security.InvalidKeyException

Combine Shared and Authentication Secrets See https://tools.ietf.org/html/draft-ietf-webpush-encryption-09#section-3.3.

Parameters:: keyId -; dh -; authSecret -; mode -
Returns:
Throws:: java.security.NoSuchAlgorithmException; java.security.InvalidKeyException

Class HttpEce

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

KEY_LENGTH

SHA_256_LENGTH

TAG_SIZE

TWO_BYTE_MAX

WEB_PUSH_INFO

Constructor Detail

HttpEce

HttpEce

Method Detail

encrypt

decrypt

parseHeader

decryptRecord

buildInfo

hkdfExpand

extractSecretAndContext

deriveKeyAndNonce

webpushSecret