Java tutorial
//package com.java2s; /* * * Copyright (C) 2015 Orange Labs * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ import java.nio.ByteBuffer; import java.util.Arrays; import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; import android.util.Base64; public class Main { public static String completeJweFromSIM(String jweSIM) { // android.os.Debug.waitForDebugger(); try { if (jweSIM != null && jweSIM.length() > 0) { String parts[] = jweSIM.split("\\."); ; if (parts != null && parts.length == 5) { // retrieve hmac key byte hmac_key[] = Base64.decode(parts[4], Base64.URL_SAFE); if (hmac_key != null && hmac_key.length == 16) { // init hash instance Mac hmac = Mac.getInstance("HmacSHA256", "SC"); hmac.init(new SecretKeySpec(hmac_key, "HmacSHA256")); byte[] aad = parts[0].getBytes(); long al = aad.length * 8; byte[] iv_key = decodeB64(parts[2]); byte[] cryptedBytes = decodeB64(parts[3]); // build data to hash byte[] hmacData = new byte[aad.length + iv_key.length + cryptedBytes.length + 8]; int offset = 0; System.arraycopy(aad, offset, hmacData, 0, aad.length); offset += aad.length; System.arraycopy(iv_key, 0, hmacData, offset, iv_key.length); offset += iv_key.length; System.arraycopy(cryptedBytes, 0, hmacData, offset, cryptedBytes.length); offset += cryptedBytes.length; ByteBuffer buffer = ByteBuffer.allocate(8); buffer.putLong(al); System.arraycopy(buffer.array(), 0, hmacData, offset, 8); // compute hac value byte[] hmacValue = hmac.doFinal(hmacData); // authentication tag byte[] auth_tag = Arrays.copyOf(hmacValue, 16); String auth_tag64 = encodeB64(auth_tag); // A.2.7. Complete Representation String finalString = parts[0] + "." + parts[1] + "." + parts[2] + "." + parts[3] + "." + auth_tag64; // // just for verification // byte jwt64 [] = decryptJWE(finalString, RsaKeyTim.privRsaKey); // if(jwt64!=null) { // String jws = new String(jwt64); // Log.d("completeJweFromSIM", "jws verify Key TIM :"+verifyJWS(jws,RsaKeyTim.pubRsaKey)); // } return finalString; } } // } } catch (Exception e) { e.printStackTrace(); } return null; } static byte[] decodeB64(String s64) { return Base64.decode(s64, Base64.URL_SAFE); } static String encodeB64(byte[] bytes) { try { return Base64.encodeToString(bytes, Base64.URL_SAFE | Base64.NO_PADDING | Base64.NO_WRAP); } catch (Exception e) { } return null; } }