java.lang.Object
- com.iizix.push.vapid.HttpEce

```
public class HttpEce
extends java.lang.Object
```
An implementation of Encrypted Content-Encoding for HTTP. The first implementation follows the specification in [1]. The specification later moved from "aesgcm" to "aes128gcm" as content encoding [2]. To remain backwards compatible this library supports both. [1] https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-01 [2] https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-09 TODO: Support multiple records (not needed for Web Push)

Field Summary
Fields
Modifier and Type Field Description
static int KEY_LENGTH
static int SHA_256_LENGTH
static int TAG_SIZE
static int TWO_BYTE_MAX
static java.lang.String WEB_PUSH_INFO

Constructor Summary
Constructors
Constructor Description
HttpEce()
HttpEce(java.util.Map<java.lang.String,java.security.KeyPair> keys, java.util.Map<java.lang.String,java.lang.String> labels)

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected static byte[]`	`buildInfo(java.lang.String type, byte[] context)`	Future versions might require a null-terminated info string?
`byte[]`	`decrypt(byte[] payload, byte[] salt, byte[] key, java.lang.String keyid, Encoding version)`	Decrypt the payload.
`byte[]`	`decryptRecord(byte[] ciphertext, byte[] key, byte[] nonce, Encoding version)`
`byte[][]`	`deriveKeyAndNonce(byte[] salt, byte[] key, java.lang.String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, Encoding version, int mode)`
`byte[]`	`encrypt(byte[] plaintext, byte[] salt, byte[] privateKey, java.lang.String keyid, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, Encoding version)`	Encrypt the given plaintext.
`byte[][]`	`extractSecretAndContext(byte[] key, java.lang.String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret)`
`protected static byte[]`	`hkdfExpand(byte[] ikm, byte[] salt, byte[] info, int length)`	Convenience method for computing the HMAC Key Derivation Function.
`byte[][]`	`parseHeader(byte[] payload)`
`byte[]`	`webpushSecret(java.lang.String keyId, org.bouncycastle.jce.interfaces.ECPublicKey dh, byte[] authSecret, int mode)`	Combine Shared and Authentication Secrets See https://tools.ietf.org/html/draft-ietf-webpush-encryption-09#section-3.3.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- KEY_LENGTH
```
public static final int KEY_LENGTH
```
  See Also:
  Constant Field Values
- SHA_256_LENGTH
```
public static final int SHA_256_LENGTH
```
  See Also:
  Constant Field Values
- TAG_SIZE
```
public static final int TAG_SIZE
```
  See Also:
  Constant Field Values
- TWO_BYTE_MAX
```
public static final int TWO_BYTE_MAX
```
  See Also:
  Constant Field Values
- WEB_PUSH_INFO
```
public static final java.lang.String WEB_PUSH_INFO
```
  See Also:
  Constant Field Values

Constructor Detail

HttpEce
```
public HttpEce()
```

HttpEce

public HttpEce(java.util.Map<java.lang.String,java.security.KeyPair> keys,
               java.util.Map<java.lang.String,java.lang.String> labels)

Method Detail

encrypt
```
public byte[] encrypt(byte[] plaintext,
                      byte[] salt,
                      byte[] privateKey,
                      java.lang.String keyid,
                      org.bouncycastle.jce.interfaces.ECPublicKey dh,
                      byte[] authSecret,
                      Encoding version)
               throws java.security.GeneralSecurityException
```
Encrypt the given plaintext.
Parameters:
plaintext - Payload to encrypt.
salt - A random 16-byte buffer
privateKey - A private key to encrypt this message with (Web Push: the local private key)
keyid - An identifier for the local key. Only applies to AESGCM. For AES128GCM, the header contains the keyid.
dh - An Elliptic curve Diffie-Hellman public privateKey on the P-256 curve (Web Push: the user's keys.p256dh)
authSecret - An authentication secret (Web Push: the user's keys.auth)
version -
Returns:
Throws:
java.security.GeneralSecurityException

decrypt

public byte[] decrypt(byte[] payload,
                      byte[] salt,
                      byte[] key,
                      java.lang.String keyid,
                      Encoding version)
               throws java.security.InvalidKeyException,
                      java.security.NoSuchAlgorithmException,
                      javax.crypto.IllegalBlockSizeException,
                      java.security.InvalidAlgorithmParameterException,
                      javax.crypto.BadPaddingException,
                      java.security.NoSuchProviderException,
                      javax.crypto.NoSuchPaddingException

Decrypt the payload.

Parameters:: payload - Header and body (ciphertext); salt - May be null when version is AES128GCM; the salt is extracted from the header.; version - AES128GCM or AESGCM.
Returns:
Throws:: java.security.InvalidKeyException; java.security.NoSuchAlgorithmException; javax.crypto.IllegalBlockSizeException; java.security.InvalidAlgorithmParameterException; javax.crypto.BadPaddingException; java.security.NoSuchProviderException; javax.crypto.NoSuchPaddingException

parseHeader

public byte[][] parseHeader(byte[] payload)

decryptRecord

public byte[] decryptRecord(byte[] ciphertext,
                            byte[] key,
                            byte[] nonce,
                            Encoding version)
                     throws javax.crypto.NoSuchPaddingException,
                            java.security.NoSuchAlgorithmException,
                            java.security.NoSuchProviderException,
                            java.security.InvalidAlgorithmParameterException,
                            java.security.InvalidKeyException,
                            javax.crypto.BadPaddingException,
                            javax.crypto.IllegalBlockSizeException

Throws:: javax.crypto.NoSuchPaddingException; java.security.NoSuchAlgorithmException; java.security.NoSuchProviderException; java.security.InvalidAlgorithmParameterException; java.security.InvalidKeyException; javax.crypto.BadPaddingException; javax.crypto.IllegalBlockSizeException

buildInfo

protected static byte[] buildInfo(java.lang.String type,
                                  byte[] context)

Future versions might require a null-terminated info string?

Parameters:: type -
Returns:

hkdfExpand

protected static byte[] hkdfExpand(byte[] ikm,
                                   byte[] salt,
                                   byte[] info,
                                   int length)

Convenience method for computing the HMAC Key Derivation Function. The real work is offloaded to BouncyCastle.

extractSecretAndContext

public byte[][] extractSecretAndContext(byte[] key,
                                        java.lang.String keyId,
                                        org.bouncycastle.jce.interfaces.ECPublicKey dh,
                                        byte[] authSecret)
                                 throws java.security.InvalidKeyException,
                                        java.security.NoSuchAlgorithmException

Throws:: java.security.InvalidKeyException; java.security.NoSuchAlgorithmException

deriveKeyAndNonce

public byte[][] deriveKeyAndNonce(byte[] salt,
                                  byte[] key,
                                  java.lang.String keyId,
                                  org.bouncycastle.jce.interfaces.ECPublicKey dh,
                                  byte[] authSecret,
                                  Encoding version,
                                  int mode)
                           throws java.security.NoSuchAlgorithmException,
                                  java.security.InvalidKeyException

Throws:: java.security.NoSuchAlgorithmException; java.security.InvalidKeyException

webpushSecret

public byte[] webpushSecret(java.lang.String keyId,
                            org.bouncycastle.jce.interfaces.ECPublicKey dh,
                            byte[] authSecret,
                            int mode)
                     throws java.security.NoSuchAlgorithmException,
                            java.security.InvalidKeyException

Combine Shared and Authentication Secrets See https://tools.ietf.org/html/draft-ietf-webpush-encryption-09#section-3.3.

Parameters:: keyId -; dh -; authSecret -; mode -
Returns:
Throws:: java.security.NoSuchAlgorithmException; java.security.InvalidKeyException

Modifier and Type	Field	Description
`static int`	`KEY_LENGTH`
`static int`	`SHA_256_LENGTH`
`static int`	`TAG_SIZE`
`static int`	`TWO_BYTE_MAX`
`static java.lang.String`	`WEB_PUSH_INFO`

Constructor	Description
`HttpEce()`
`HttpEce(java.util.Map<java.lang.String,java.security.KeyPair> keys, java.util.Map<java.lang.String,java.lang.String> labels)`

Class HttpEce

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

KEY_LENGTH

SHA_256_LENGTH

TAG_SIZE

TWO_BYTE_MAX

WEB_PUSH_INFO

Constructor Detail

HttpEce

HttpEce

Method Detail

encrypt

decrypt

parseHeader

decryptRecord

buildInfo

hkdfExpand

extractSecretAndContext

deriveKeyAndNonce

webpushSecret