From c69239ff50623d077b92a81526e1c15025d2d2b6 Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Thu, 28 Dec 2023 13:26:45 +0100 Subject: [PATCH] Enable checkstyle checks for all submodules and fix errors Motivation: We should use checkstyle everwhere. Modifications: - Fix config so checkstyle is enforced in submodules - Fix checkstyle errors Result: Cleanup --- .../codec/bhttp/BinaryHttpParser.java | 35 ++++++++------ .../codec/bhttp/BinaryHttpSerializer.java | 3 +- .../codec/bhttp/DefaultBinaryHttpRequest.java | 3 +- .../bhttp/DefaultFullBinaryHttpRequest.java | 6 ++- .../bhttp/DefaultFullBinaryHttpResponse.java | 6 ++- .../codec/bhttp/VarIntCodecUtils.java | 18 +++++--- .../codec/bhttp/BinaryHttpDecoder.java | 2 +- .../bhttp/BinaryHttpMessageEndToEndTest.java | 3 +- .../bhttp/BinaryHttpRequestEndToEndTest.java | 6 ++- .../bhttp/BinaryHttpResponseEndToEndTest.java | 3 +- .../incubator/codec/bhttp/package-info.java | 3 ++ .../BouncyCastleAEADCryptoContext.java | 8 ++-- .../BouncyCastleCryptoOperation.java | 32 ++++++------- .../BouncyCastleHPKERecipientContext.java | 5 +- .../BouncyCastleHPKESenderContext.java | 6 +-- .../BouncyCastleOHttpCryptoProvider.java | 43 +++++++++++------ .../codec/hpke/bouncycastle/package-info.java | 3 ++ .../codec/hpke/boringssl/BoringSSL.java | 4 +- .../hpke/boringssl/BoringSSLAEADContext.java | 3 +- .../codec/hpke/boringssl/BoringSSLHPKE.java | 2 + .../codec/hpke/boringssl/package-info.java | 19 ++++++++ .../io/netty/incubator/codec/hpke/AEAD.java | 3 +- .../io/netty/incubator/codec/hpke/KDF.java | 3 +- .../codec/hpke/OHttpCryptoProvider.java | 1 - .../incubator/codec/hpke/package-info.java | 3 ++ .../codec/ohttp/OHttpChunkFramer.java | 3 +- .../codec/ohttp/OHttpCiphersuite.java | 3 +- .../incubator/codec/ohttp/OHttpCrypto.java | 2 +- .../codec/ohttp/OHttpCryptoReceiver.java | 3 +- .../codec/ohttp/OHttpCryptoSender.java | 4 +- .../netty/incubator/codec/ohttp/OHttpKey.java | 8 ++-- .../ohttp/OHttpRequestResponseContext.java | 4 +- .../codec/ohttp/OHttpServerCodec.java | 9 ++-- .../codec/ohttp/OHttpVersionChunkDraft.java | 12 +++-- .../codec/ohttp/OHttpVersionDraft.java | 6 ++- .../incubator/codec/ohttp/package-info.java | 3 +- .../codec/ohttp/OHttpChunkFramerTest.java | 3 +- .../codec/ohttp/OHttpCodecsTest.java | 46 ++++++++++++------- .../codec/ohttp/OHttpCryptoTest.java | 34 +++++++++----- .../incubator/codec/ohttp/package-info.java | 3 ++ pom.xml | 1 - 41 files changed, 239 insertions(+), 128 deletions(-) create mode 100644 codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/package-info.java diff --git a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/BinaryHttpParser.java b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/BinaryHttpParser.java index 817a40a..c6be4f0 100644 --- a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/BinaryHttpParser.java +++ b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/BinaryHttpParser.java @@ -118,12 +118,14 @@ public BinaryHttpParser(int maxFieldSectionSize) { * 1 {@link io.netty.handler.codec.http.HttpMessage}, 0-n {@link HttpContent}, 1 {@link LastHttpContent}. * * - * It might also use the shortcut of {@link io.netty.handler.codec.http.FullHttpMessage} to represent a full sequence. + * It might also use the shortcut of {@link io.netty.handler.codec.http.FullHttpMessage} to represent a full + * sequence. * * @param in the {@link ByteBuf} to parse. * @param completeBodyReceived {@code true} if we should consider the end of body to be received, {@code false} * otherwise. - * @return the {@link HttpObject} or {@code null} if this method should be called again later once there are + * @return the {@link HttpObject} or {@code null} if this method should be called again later + * once there are * more readable bytes in the input {@link ByteBuf}. */ public HttpObject parse(ByteBuf in, boolean completeBodyReceived) { @@ -173,11 +175,11 @@ public HttpObject parse(ByteBuf in, boolean completeBodyReceived) { } boolean informational = response.status().codeClass() == HttpStatusClass.INFORMATIONAL; if (informational) { - // There will be more responses to follow so just return a FullHttpResponse and NOT change the - // state. + // There will be more responses to follow so just return a FullHttpResponse and NOT change + // the state. // See https://www.rfc-editor.org/rfc/rfc9292.html#section-3.5.1 - return new DefaultFullHttpResponse(response.protocolVersion(), response.status(), Unpooled.EMPTY_BUFFER, - response.headers(), new DefaultHttpHeaders()); + return new DefaultFullHttpResponse(response.protocolVersion(), response.status(), + Unpooled.EMPTY_BUFFER, response.headers(), new DefaultHttpHeaders()); } else if (state.knownLength) { state = State.READ_KNOWN_LENGTH_CONTENT; } else { @@ -326,8 +328,10 @@ private static State readFramingIndicator(ByteBuf in) { } /** - * Reads the request head which includes the control data - * and headers field section. + * Reads the request head which includes the + * control data + * and + * headers field section. * * @param in the {@link ByteBuf} to read from. * @param knownLength {@code true} if the length is known, {@code false} otherwise. @@ -426,8 +430,10 @@ private static BinaryHttpRequest readRequestHead(ByteBuf in, boolean knownLength } /** - * Reads the response head which includes the control data - * and headers field section. + * Reads the response head which includes the + * control data + * and + * headers field section. * * @param in the {@link ByteBuf} to read from. * @param knownLength {@code true} if the length is known, {@code false} otherwise. @@ -475,7 +481,8 @@ private static BinaryHttpResponse readResponseHead(ByteBuf in, boolean knownLeng } /** - * Get the indeterminate length + * Get the + * indeterminate length * of the "section". This will return {@code -1} if the length was not found. * * @param in the {@link ByteBuf} to search for the length. @@ -512,7 +519,8 @@ private static int getIndeterminateLength(ByteBuf in) { * @param maxFieldSectionSize the maximum size of the field-section (in bytes) * @return {@link BinaryHttpHeaders} or {@code null} if not enough bytes are readable yet. */ - private static BinaryHttpHeaders readFieldSection(ByteBuf in, boolean trailers, boolean knownLength, int maxFieldSectionSize) { + private static BinaryHttpHeaders readFieldSection( + ByteBuf in, boolean trailers, boolean knownLength, int maxFieldSectionSize) { if (!in.isReadable()) { return null; } @@ -575,7 +583,8 @@ private static void checkFieldSectionTooLarge(long fieldSectionSize, int maxFiel if (fieldSectionSize > maxFieldSectionSize) { // Guard against buffering too much bytes. // See https://www.rfc-editor.org/rfc/rfc9292.html#section-8 - throw new TooLongFrameException("field-section length exceeds configured maximum: " + fieldSectionSize + " > " + maxFieldSectionSize); + throw new TooLongFrameException("field-section length exceeds configured maximum: " + + fieldSectionSize + " > " + maxFieldSectionSize); } } diff --git a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/BinaryHttpSerializer.java b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/BinaryHttpSerializer.java index 0c19608..d0e53f1 100644 --- a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/BinaryHttpSerializer.java +++ b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/BinaryHttpSerializer.java @@ -53,7 +53,8 @@ private enum State { * 1 {@link BinaryHttpResponse} | {@link BinaryHttpRequest}, 0-n {@link HttpContent}, 1 {@link LastHttpContent}. * * - * {@link FullBinaryHttpResponse} or {@link FullBinaryHttpRequest} can be used as a shortcut for such a valid sequence. + * {@link FullBinaryHttpResponse} or {@link FullBinaryHttpRequest} can be used as a shortcut for such a valid + * sequence. * * @param msg the {@link HttpObject} to serialize * @param out the {@link ByteBuf} into which to write. diff --git a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultBinaryHttpRequest.java b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultBinaryHttpRequest.java index c4d5f94..5243367 100644 --- a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultBinaryHttpRequest.java +++ b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultBinaryHttpRequest.java @@ -51,7 +51,8 @@ public DefaultBinaryHttpRequest(HttpVersion httpVersion, HttpMethod method, Stri * @param scheme the scheme to use. * @param authority the authority to use. * @param uri the uri / path to use - * @param validateHeaders {@code true} if header validation should be done when add headers, {@code false} otherwise. + * @param validateHeaders {@code true} if header validation should be done when add headers, {@code false} + * otherwise. */ public DefaultBinaryHttpRequest(HttpVersion httpVersion, HttpMethod method, String scheme, String authority, String uri, boolean validateHeaders) { diff --git a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultFullBinaryHttpRequest.java b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultFullBinaryHttpRequest.java index a3b20fb..50bb3ca 100644 --- a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultFullBinaryHttpRequest.java +++ b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultFullBinaryHttpRequest.java @@ -69,7 +69,8 @@ public DefaultFullBinaryHttpRequest(HttpVersion httpVersion, HttpMethod method, * @param authority the authority to use. * @param uri the uri / path to use * @param content the payload of the request. - * @param validateHeaders {@code true} if header validation should be done when add headers, {@code false} otherwise. + * @param validateHeaders {@code true} if header validation should be done when add headers, {@code false} + * otherwise. */ public DefaultFullBinaryHttpRequest(HttpVersion httpVersion, HttpMethod method, String scheme, String authority, String uri, ByteBuf content, boolean validateHeaders) { @@ -103,7 +104,8 @@ private DefaultFullBinaryHttpRequest(HttpVersion httpVersion, HttpMethod method, * @param scheme the scheme to use. * @param authority the authority to use. * @param uri the uri / path to use - * @param validateHeaders {@code true} if header validation should be done when add headers, {@code false} otherwise. + * @param validateHeaders {@code true} if header validation should be done when add headers, {@code false} + * otherwise. */ public DefaultFullBinaryHttpRequest(HttpVersion httpVersion, HttpMethod method, String scheme, String authority, String uri, boolean validateHeaders) { diff --git a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultFullBinaryHttpResponse.java b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultFullBinaryHttpResponse.java index e3bf0d8..b0c21ab 100644 --- a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultFullBinaryHttpResponse.java +++ b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/DefaultFullBinaryHttpResponse.java @@ -40,8 +40,10 @@ public DefaultFullBinaryHttpResponse(HttpVersion version, HttpResponseStatus sta this(version, status, Unpooled.EMPTY_BUFFER, validateHeaders); } - public DefaultFullBinaryHttpResponse(HttpVersion version, HttpResponseStatus status, ByteBuf content, boolean validateHeaders) { - this(version, status, content, BinaryHttpHeaders.newHeaders(validateHeaders), BinaryHttpHeaders.newTrailers(validateHeaders)); + public DefaultFullBinaryHttpResponse( + HttpVersion version, HttpResponseStatus status, ByteBuf content, boolean validateHeaders) { + this(version, status, content, BinaryHttpHeaders.newHeaders(validateHeaders), + BinaryHttpHeaders.newTrailers(validateHeaders)); } private DefaultFullBinaryHttpResponse(HttpVersion version, HttpResponseStatus status, ByteBuf content, diff --git a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/VarIntCodecUtils.java b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/VarIntCodecUtils.java index 9bad61f..e16b05d 100644 --- a/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/VarIntCodecUtils.java +++ b/codec-bhttp/src/main/java/io/netty/incubator/codec/bhttp/VarIntCodecUtils.java @@ -23,7 +23,8 @@ private VarIntCodecUtils() { } /** * Returns the number of bytes needed to encode the - * variable length integer. + * + * variable length integer. */ public static int numBytesForVariableLengthInteger(long value) { if (value <= 63) { @@ -43,7 +44,8 @@ public static int numBytesForVariableLengthInteger(long value) { /** * Returns the number of bytes needed to encode a - * variable length integer, + * + * variable length integer, * based on the initial encoded byte. */ public static int numBytesForVariableLengthIntegerFromByte(byte value) { @@ -61,7 +63,8 @@ public static int numBytesForVariableLengthIntegerFromByte(byte value) { } /** - * Read the variable length integer + * Read the + * variable length integer * from the {@link ByteBuf}. */ public static long readVariableLengthInteger(ByteBuf in, int len) { @@ -71,7 +74,8 @@ public static long readVariableLengthInteger(ByteBuf in, int len) { } /** - * Get the variable length integer + * Get the + * variable length integer * from the {@link ByteBuf}. */ public static long getVariableLengthInteger(ByteBuf in, int offset, int len) { @@ -90,7 +94,8 @@ public static long getVariableLengthInteger(ByteBuf in, int offset, int len) { } /** - * Write the variable length integer into the {@link ByteBuf}. + * Write the + * variable length integer into the {@link ByteBuf}. */ public static void writeVariableLengthInteger(ByteBuf out, long value) { int numBytes = VarIntCodecUtils.numBytesForVariableLengthInteger(value); @@ -98,7 +103,8 @@ public static void writeVariableLengthInteger(ByteBuf out, long value) { } /** - * Write the variable length integer into the {@link ByteBuf}. + * Write the + * variable length integer into the {@link ByteBuf}. */ private static void writeVariableLengthInteger(ByteBuf out, long value, int numBytes) { int writerIndex = out.writerIndex(); diff --git a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpDecoder.java b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpDecoder.java index e319e92..80642c3 100644 --- a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpDecoder.java +++ b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpDecoder.java @@ -34,7 +34,7 @@ final class BinaryHttpDecoder extends ByteToMessageDecoder { * * @param maxFieldSectionSize the maximum size of the field-section (in bytes) */ - public BinaryHttpDecoder(int maxFieldSectionSize) { + BinaryHttpDecoder(int maxFieldSectionSize) { this.parser = new BinaryHttpParser(maxFieldSectionSize); } diff --git a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpMessageEndToEndTest.java b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpMessageEndToEndTest.java index a97208b..f3b05e2 100644 --- a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpMessageEndToEndTest.java +++ b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpMessageEndToEndTest.java @@ -565,7 +565,8 @@ void testFullMessageWithContentAndWithoutTrailers(boolean fragmented) throws IOE assertFalse(reader.finishAndReleaseAll()); } - private static void assertContentWithoutTrailers(EmbeddedChannel reader, byte[] expectedContent) throws IOException { + private static void assertContentWithoutTrailers(EmbeddedChannel reader, byte[] expectedContent) + throws IOException { try (ByteArrayOutputStream contentWriter = new ByteArrayOutputStream()) { for (;;) { HttpContent readContent = reader.readInbound(); diff --git a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpRequestEndToEndTest.java b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpRequestEndToEndTest.java index 9b48c9f..b9125d9 100644 --- a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpRequestEndToEndTest.java +++ b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpRequestEndToEndTest.java @@ -21,7 +21,8 @@ import static org.junit.jupiter.api.Assertions.assertEquals; -public class BinaryHttpRequestEndToEndTest extends BinaryHttpMessageEndToEndTest { +public class BinaryHttpRequestEndToEndTest + extends BinaryHttpMessageEndToEndTest { @Override protected BinaryHttpRequest newHttpMessage() { @@ -30,7 +31,8 @@ protected BinaryHttpRequest newHttpMessage() { @Override protected FullBinaryHttpRequest newFullHttpMessage(ByteBuf content) { - return new DefaultFullBinaryHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, "scheme", "netty.io", "/path", content); + return new DefaultFullBinaryHttpRequest( + HttpVersion.HTTP_1_1, HttpMethod.GET, "scheme", "netty.io", "/path", content); } @Override diff --git a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpResponseEndToEndTest.java b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpResponseEndToEndTest.java index c0b2fcf..678f8f0 100644 --- a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpResponseEndToEndTest.java +++ b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/BinaryHttpResponseEndToEndTest.java @@ -29,7 +29,8 @@ import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; -public class BinaryHttpResponseEndToEndTest extends BinaryHttpMessageEndToEndTest { +public class BinaryHttpResponseEndToEndTest + extends BinaryHttpMessageEndToEndTest { @Override protected BinaryHttpResponse newHttpMessage() { return new DefaultBinaryHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.OK); diff --git a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/package-info.java b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/package-info.java index 23d2c9a..f0910e7 100644 --- a/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/package-info.java +++ b/codec-bhttp/src/test/java/io/netty/incubator/codec/bhttp/package-info.java @@ -13,4 +13,7 @@ * License for the specific language governing permissions and limitations * under the License. */ +/** + * BHTTP implementation + */ package io.netty.incubator.codec.bhttp; diff --git a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleAEADCryptoContext.java b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleAEADCryptoContext.java index de08508..d0aa946 100644 --- a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleAEADCryptoContext.java +++ b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleAEADCryptoContext.java @@ -30,16 +30,16 @@ final class BouncyCastleAEADCryptoContext implements AEADContext { BouncyCastleAEADCryptoContext(AEAD aead) { this.open = new BouncyCastleCryptoOperation() { @Override - protected byte[] execute(byte[] arg1, byte[] arg2, int offset2, int length2) + protected byte[] execute(byte[] aad, byte[] in, int inOffset, int inLength) throws InvalidCipherTextException { - return aead.open(arg1, arg2, offset2, length2); + return aead.open(aad, in, inOffset, inLength); } }; this.seal = new BouncyCastleCryptoOperation() { @Override - protected byte[] execute(byte[] arg1, byte[] arg2, int offset2, int length2) + protected byte[] execute(byte[] aad, byte[] in, int inOffset, int inLength) throws InvalidCipherTextException { - return aead.seal(arg1, arg2, offset2, length2); + return aead.seal(aad, in, inOffset, inLength); } }; } diff --git a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleCryptoOperation.java b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleCryptoOperation.java index ff8bcf6..d1e4b09 100644 --- a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleCryptoOperation.java +++ b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleCryptoOperation.java @@ -24,32 +24,32 @@ abstract class BouncyCastleCryptoOperation { - final void execute(ByteBuf arg1, ByteBuf arg2, ByteBuf out) throws CryptoException { - final int length1 = arg1.readableBytes(); - final byte[] array1 = ByteBufUtil.getBytes(arg1, arg1.readerIndex(), arg1.readableBytes(), false); - final byte[] array2; - final int length2 = arg2.readableBytes(); - final int offset2; + final void execute(ByteBuf aad, ByteBuf in, ByteBuf out) throws CryptoException { + final int aadLength = aad.readableBytes(); + final byte[] aadArray = ByteBufUtil.getBytes(aad, aad.readerIndex(), aad.readableBytes(), false); + final byte[] inArray; + final int inLength = in.readableBytes(); + final int inOffset; - if (arg2.hasArray()) { + if (in.hasArray()) { // This is backed by a bytearray, just use it as input to reduce memory copies. - array2 = arg2.array(); - offset2 = arg2.arrayOffset() + arg2.readerIndex(); + inArray = in.array(); + inOffset = in.arrayOffset() + in.readerIndex(); } else { - array2 = new byte[length2]; - arg2.getBytes(arg2.readerIndex(), array2); - offset2 = 0; + inArray = new byte[inLength]; + in.getBytes(in.readerIndex(), inArray); + inOffset = 0; } try { - byte[] result = execute(array1, array2, offset2, length2); - arg1.skipBytes(length1); - arg2.skipBytes(length2); + byte[] result = execute(aadArray, inArray, inOffset, inLength); + aad.skipBytes(aadLength); + in.skipBytes(inLength); out.writeBytes(result); } catch (InvalidCipherTextException e) { throw new CryptoException(e); } } - protected abstract byte[] execute(byte[] arg1, byte[] arg2, int offset2, int length2) + protected abstract byte[] execute(byte[] aad, byte[] in, int inOffset, int inLength) throws InvalidCipherTextException; } diff --git a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleHPKERecipientContext.java b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleHPKERecipientContext.java index 08260ed..9ebd34c 100644 --- a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleHPKERecipientContext.java +++ b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleHPKERecipientContext.java @@ -28,8 +28,9 @@ final class BouncyCastleHPKERecipientContext extends BouncyCastleHPKEContext imp super(context); open = new BouncyCastleCryptoOperation() { @Override - protected byte[] execute(byte[] arg1, byte[] arg2, int offset2, int length2) throws InvalidCipherTextException { - return context.open(arg1, arg2, offset2, length2); + protected byte[] execute(byte[] aad, byte[] in, int inOffset, int inLength) + throws InvalidCipherTextException { + return context.open(aad, in, inOffset, inLength); } }; } diff --git a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleHPKESenderContext.java b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleHPKESenderContext.java index 149a15d..ec36e51 100644 --- a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleHPKESenderContext.java +++ b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleHPKESenderContext.java @@ -24,13 +24,13 @@ final class BouncyCastleHPKESenderContext extends BouncyCastleHPKEContext implements HPKESenderContext { private final BouncyCastleCryptoOperation seal; - public BouncyCastleHPKESenderContext(HPKEContextWithEncapsulation context) { + BouncyCastleHPKESenderContext(HPKEContextWithEncapsulation context) { super(context); this.seal = new BouncyCastleCryptoOperation() { @Override - protected byte[] execute(byte[] arg1, byte[] arg2, int offset2, int length2) + protected byte[] execute(byte[] aad, byte[] in, int inOffset, int inLength) throws InvalidCipherTextException { - return context.seal(arg1, arg2, offset2, length2); + return context.seal(aad, in, inOffset, inLength); } }; } diff --git a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleOHttpCryptoProvider.java b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleOHttpCryptoProvider.java index 061bab9..e33a233 100644 --- a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleOHttpCryptoProvider.java +++ b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/BouncyCastleOHttpCryptoProvider.java @@ -54,14 +54,16 @@ public AEADContext setupAEAD(AEAD aead, byte[] key, byte[] baseNonce) { private static BouncyCastleAsymmetricKeyParameter castOrThrow(AsymmetricKeyParameter param) { if (!(param instanceof BouncyCastleAsymmetricKeyParameter)) { - throw new IllegalArgumentException("param must be of type " + BouncyCastleAsymmetricKeyParameter.class + ": " + param); + throw new IllegalArgumentException( + "param must be of type " + BouncyCastleAsymmetricKeyParameter.class + ": " + param); } return (BouncyCastleAsymmetricKeyParameter) param; } private static BouncyCastleAsymmetricCipherKeyPair castOrThrow(AsymmetricCipherKeyPair pair) { if (!(pair instanceof BouncyCastleAsymmetricCipherKeyPair)) { - throw new IllegalArgumentException("pair must be of type " + BouncyCastleAsymmetricCipherKeyPair.class + ": " + pair); + throw new IllegalArgumentException( + "pair must be of type " + BouncyCastleAsymmetricCipherKeyPair.class + ": " + pair); } return (BouncyCastleAsymmetricCipherKeyPair) pair; } @@ -97,7 +99,8 @@ public AsymmetricCipherKeyPair deserializePrivateKey(KEM kem, byte[] privateKeyB private static org.bouncycastle.crypto.AsymmetricCipherKeyPair deserializePrivateKeyBouncyCastle( KEM kem, byte[] privateKeyBytes, byte[] publicKeyBytes) { - // See https://github.com/bcgit/bc-java/blob/f1367f0b89962b29460eea381a12063fa7cd2428/core/src/main/java/org/bouncycastle/crypto/hpke/DHKEM.java#L204 + // See https://github.com/bcgit/bc-java/blob/ + // f1367f0b89962b29460eea381a12063fa7cd2428/core/src/main/java/org/bouncycastle/crypto/hpke/DHKEM.java#L204 org.bouncycastle.crypto.params.AsymmetricKeyParameter publicKey = deserializePublicKeyBouncyCastle(kem, publicKeyBytes); switch (kem) { @@ -125,7 +128,8 @@ public AsymmetricKeyParameter deserializePublicKey(KEM kem, byte[] publicKeyByte private static org.bouncycastle.crypto.params.AsymmetricKeyParameter deserializePublicKeyBouncyCastle( KEM kem, byte[] publicKeyBytes) { - // See https://github.com/bcgit/bc-java/blob/f1367f0b89962b29460eea381a12063fa7cd2428/core/src/main/java/org/bouncycastle/crypto/hpke/DHKEM.java#L186 + // See https://github.com/bcgit/bc-java/blob/ + // f1367f0b89962b29460eea381a12063fa7cd2428/core/src/main/java/org/bouncycastle/crypto/hpke/DHKEM.java#L186 switch (kem) { case P256_SHA256: case P384_SHA348: @@ -142,40 +146,53 @@ private static org.bouncycastle.crypto.params.AsymmetricKeyParameter deserialize } } - // See https://github.com/bcgit/bc-java/blob/f1367f0b89962b29460eea381a12063fa7cd2428/core/src/main/java/org/bouncycastle/crypto/hpke/DHKEM.java#L59 + // See https://github.com/bcgit/bc-java/blob/ + // f1367f0b89962b29460eea381a12063fa7cd2428/core/src/main/java/org/bouncycastle/crypto/hpke/DHKEM.java#L59 private static ECDomainParameters ecDomainParameters(KEM kem) { switch (kem) { case P256_SHA256: SecP256R1Curve p256R1Curve = new SecP256R1Curve(); + byte[] p256R1Magnitude1 = + Hex.decode("6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"); + byte[] p256R1Magnitude2 = + Hex.decode("4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"); + byte[] p256R1Seed = Hex.decode("c49d360886e704936a6678e1139d26b7819f7e90"); return new ECDomainParameters( p256R1Curve, p256R1Curve.createPoint( - new BigInteger(1, Hex.decode("6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296")), - new BigInteger(1, Hex.decode("4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5")) + new BigInteger(1, p256R1Magnitude1), + new BigInteger(1, p256R1Magnitude2) ), p256R1Curve.getOrder(), p256R1Curve.getCofactor(), - Hex.decode("c49d360886e704936a6678e1139d26b7819f7e90") + p256R1Seed ); case P384_SHA348: SecP384R1Curve p384R1Curve = new SecP384R1Curve(); + byte[] p384R1Magnitude1 = Hex.decode("aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e" + + "082542a385502f25dbf55296c3a545e3872760ab7"); + byte[] p384R1Magnitude2 = Hex.decode("3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da311" + + "3b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f"); + byte[] p384R11Seed = Hex.decode("a335926aa319a27a1d00896a6773a4827acdac73"); return new ECDomainParameters( p384R1Curve, p384R1Curve.createPoint( - new BigInteger(1, Hex.decode("aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7")), - new BigInteger(1, Hex.decode("3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f")) + new BigInteger(1, p384R1Magnitude1), + new BigInteger(1, p384R1Magnitude2) ), p384R1Curve.getOrder(), p384R1Curve.getCofactor(), - Hex.decode("a335926aa319a27a1d00896a6773a4827acdac73") + p384R11Seed ); case P521_SHA512: SecP521R1Curve p521R1Curve = new SecP521R1Curve(); return new ECDomainParameters( p521R1Curve, p521R1Curve.createPoint( - new BigInteger("c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", 16), - new BigInteger("11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", 16) + new BigInteger("c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d" + + "3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", 16), + new BigInteger("11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273" + + "e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", 16) ), p521R1Curve.getOrder(), p521R1Curve.getCofactor(), diff --git a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/package-info.java b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/package-info.java index 673e193..2476834 100644 --- a/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/package-info.java +++ b/codec-ohttp-hpke-bouncycastle/src/main/java/io/netty/incubator/codec/hpke/bouncycastle/package-info.java @@ -13,4 +13,7 @@ * License for the specific language governing permissions and limitations * under the License. */ +/** + * Bouncycastle based implementation. + */ package io.netty.incubator.codec.hpke.bouncycastle; diff --git a/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSL.java b/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSL.java index 48df286..293c772 100644 --- a/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSL.java +++ b/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSL.java @@ -216,6 +216,6 @@ static void EVP_AEAD_CTX_cleanup_and_free(long ctx) { BoringSSL.EVP_AEAD_CTX_free(ctx); } } -} - + private BoringSSL() { } +} diff --git a/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLAEADContext.java b/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLAEADContext.java index 5e69ecc..3d3e767 100644 --- a/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLAEADContext.java +++ b/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLAEADContext.java @@ -88,7 +88,6 @@ public void seal(ByteBuf aad, ByteBuf pt, ByteBuf out) throws CryptoException { } } - private static final class Nonce { private final ByteBuf nonce; private final long nonceAddress; @@ -118,7 +117,7 @@ void incrementSequence() { * @return memory address of the nonce buffer. */ long computeNext() { - for(int idx = 0, idx2 = baseNonce.length - 8 ; idx < 8; ++idx, ++idx2) { + for (int idx = 0, idx2 = baseNonce.length - 8 ; idx < 8; ++idx, ++idx2) { nonce.setByte(idx2, baseNonce[idx2] ^ bigEndianByteAt(idx, seq)); } return nonceAddress; diff --git a/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLHPKE.java b/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLHPKE.java index bcde363..c7c1c79 100644 --- a/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLHPKE.java +++ b/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLHPKE.java @@ -65,4 +65,6 @@ public static void ensureAvailability() { public static Throwable unavailabilityCause() { return UNAVAILABILITY_CAUSE; } + + private BoringSSLHPKE() { } } diff --git a/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/package-info.java b/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/package-info.java new file mode 100644 index 0000000..5f6887f --- /dev/null +++ b/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/package-info.java @@ -0,0 +1,19 @@ +/* + * Copyright 2023 The Netty Project + * + * The Netty Project licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +/** + * BoringSSL based implementation. + */ +package io.netty.incubator.codec.hpke.boringssl; diff --git a/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/AEAD.java b/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/AEAD.java index 08939d4..134c062 100644 --- a/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/AEAD.java +++ b/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/AEAD.java @@ -16,7 +16,8 @@ package io.netty.incubator.codec.hpke; /** - * Authenticated Encryption with Associated Data (AEAD) Functions + * + * Authenticated Encryption with Associated Data (AEAD) Functions */ public enum AEAD { AES_GCM128((short) 0x0001, 16, 12), diff --git a/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/KDF.java b/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/KDF.java index bed1574..2bf51e3 100644 --- a/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/KDF.java +++ b/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/KDF.java @@ -16,7 +16,8 @@ package io.netty.incubator.codec.hpke; /** - * Key Derivation Functions (KDFs) + * + * Key Derivation Functions (KDFs) */ public enum KDF { HKDF_SHA256((short) 0x0001), diff --git a/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/OHttpCryptoProvider.java b/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/OHttpCryptoProvider.java index e91130f..73fe328 100644 --- a/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/OHttpCryptoProvider.java +++ b/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/OHttpCryptoProvider.java @@ -78,7 +78,6 @@ HPKERecipientContext setupHPKEBaseR(KEM kem, KDF kdf, AEAD aead, byte[] enc, */ AsymmetricKeyParameter deserializePublicKey(KEM kem, byte[] publicKeyBytes); - /** * Generate a random private key. Please note that this might not be possible for all of the {@link KEM} and so * this method might throw an {@link UnsupportedOperationException}. diff --git a/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/package-info.java b/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/package-info.java index e971068..1c09193 100644 --- a/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/package-info.java +++ b/codec-ohttp-hpke/src/main/java/io/netty/incubator/codec/hpke/package-info.java @@ -13,4 +13,7 @@ * License for the specific language governing permissions and limitations * under the License. */ +/** + * Crypto related API for OHTTP. + */ package io.netty.incubator.codec.hpke; diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpChunkFramer.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpChunkFramer.java index 96df712..692e979 100644 --- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpChunkFramer.java +++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpChunkFramer.java @@ -64,7 +64,8 @@ interface Decoder { * @param out {@link List} of {@link Object}s that are produced from the chunk. * @throws CryptoException if the chunk cannot be decrypted. */ - void decodeChunk(ByteBuf chunk, int chunkLength, boolean completeBodyReceived, List out) throws CryptoException; + void decodeChunk(ByteBuf chunk, int chunkLength, boolean completeBodyReceived, List out) + throws CryptoException; } /** diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java index 0dd7067..0ce4028 100644 --- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java +++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java @@ -133,6 +133,7 @@ AEADContext createResponseAEAD(OHttpCryptoProvider provider, HPKEContext context @Override public String toString() { - return "OHttpCiphersuite{id=" + Byte.toUnsignedInt(keyId) + ", kem=" + this.kem + ", kdf=" + this.kdf + ", aead=" + this.aead + "}"; + return "OHttpCiphersuite{id=" + Byte.toUnsignedInt(keyId) + + ", kem=" + this.kem + ", kdf=" + this.kdf + ", aead=" + this.aead + "}"; } } diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCrypto.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCrypto.java index 482376b..e2454a6 100644 --- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCrypto.java +++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCrypto.java @@ -85,7 +85,7 @@ public void close() { } CryptoDecryptContext decryptContext = decryptCrypto(); if (decryptContext != null) { - decryptContext.close();; + decryptContext.close(); } } } diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java index ee067fa..5849b99 100644 --- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java +++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java @@ -38,7 +38,7 @@ public final class OHttpCryptoReceiver extends OHttpCrypto { private final byte[] responseNonce; private final CryptoEncryptContext aead; - public final static class Builder { + public static final class Builder { private OHttpCryptoProvider provider; private OHttpCryptoConfiguration configuration; private AsymmetricCipherKeyPair privateKey; @@ -84,7 +84,6 @@ private Builder() { } } - /** * Return a new {@link Builder} that can be used to build a {@link OHttpCryptoReceiver} instance. * diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java index 4aa9e69..7b2e5a7 100644 --- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java +++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java @@ -93,8 +93,8 @@ private OHttpCryptoSender(Builder builder) { AsymmetricKeyParameter pkR = requireNonNull(builder.receiverPublicKey, "receiverPublicKey"); AsymmetricCipherKeyPair forcedEphemeralKeyPair = builder.forcedEphemeralKeyPair; this.context = this.provider.setupHPKEBaseS(ciphersuite.kem(), - ciphersuite.kdf(), ciphersuite.aead(), pkR, ciphersuite.createInfo(configuration.requestExportContext()), - forcedEphemeralKeyPair); + ciphersuite.kdf(), ciphersuite.aead(), pkR, + ciphersuite.createInfo(configuration.requestExportContext()), forcedEphemeralKeyPair); } /** diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpKey.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpKey.java index aae3a47..79f9037 100644 --- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpKey.java +++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpKey.java @@ -111,14 +111,15 @@ private PrivateKey( requireNonNull(keyPair, "keyPair"); byte[] encoded = keyPair.privateParameters().encoded(); - if (encoded != null && encoded.length!= kem.npk()) { + if (encoded != null && encoded.length != kem.npk()) { throw new CryptoException("Invalid public key, pkEncoded.length does not match Npk from KEM"); } this.keyPair = keyPair; } } - public static PublicKey newPublicKey(byte id, KEM kem, List ciphers, byte[] pkEncoded) throws CryptoException { + public static PublicKey newPublicKey(byte id, KEM kem, List ciphers, byte[] pkEncoded) + throws CryptoException { return new PublicKey(id, kem, ciphers, pkEncoded); } @@ -126,7 +127,8 @@ public static Cipher newCipher(KDF kdf, AEAD aead) { return new Cipher(kdf, aead); } - public static PrivateKey newPrivateKey(byte id, KEM kem, List ciphers, AsymmetricCipherKeyPair keyPair) throws CryptoException { + public static PrivateKey newPrivateKey(byte id, KEM kem, List ciphers, AsymmetricCipherKeyPair keyPair) + throws CryptoException { return new PrivateKey(id, kem, ciphers, keyPair); } } diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpRequestResponseContext.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpRequestResponseContext.java index 01859a5..18ee3e8 100644 --- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpRequestResponseContext.java +++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpRequestResponseContext.java @@ -106,7 +106,6 @@ public void encodePrefix(ByteBuf out) throws CryptoException { } } - /** * Parse OHTTP-encoded HTTP content bytes. *
@@ -143,7 +142,8 @@ final void parse(ByteBuf in, boolean completeBodyReceived, List out) thr * @param out the {@link ByteBuf} into which the decrypted bytes are written. * @throws CryptoException if the decryption fails. */ - protected abstract void decryptChunk(ByteBuf chunk, int chunkLength, boolean isFinal, ByteBuf out) throws CryptoException; + protected abstract void decryptChunk(ByteBuf chunk, int chunkLength, boolean isFinal, ByteBuf out) + throws CryptoException; /** * Must be called once the {@link OHttpRequestResponseContext} will not be used anymore. diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpServerCodec.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpServerCodec.java index 1fe07d8..166a289 100644 --- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpServerCodec.java +++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpServerCodec.java @@ -133,7 +133,8 @@ protected final void decode(ChannelHandlerContext ctx, HttpObject msg, ListChunked Oblivious HTTP Messages. + * Implementation of + * Chunked Oblivious HTTP Messages. * * 
  * Chunked Chunks {
@@ -54,8 +55,10 @@ public final class OHttpVersionChunkDraft implements OHttpVersion {
 
     public static final OHttpVersion INSTANCE = new OHttpVersionChunkDraft();
 
-    private static final byte[] CHUNKED_REQUEST_EXPORT_CONTEXT = "message/bhttp chunked request".getBytes(StandardCharsets.US_ASCII);
-    private static final byte[] CHUNKED_RESPONSE_EXPORT_CONTEXT = "message/bhttp chunked response".getBytes(StandardCharsets.US_ASCII);
+    private static final byte[] CHUNKED_REQUEST_EXPORT_CONTEXT =
+            "message/bhttp chunked request".getBytes(StandardCharsets.US_ASCII);
+    private static final byte[] CHUNKED_RESPONSE_EXPORT_CONTEXT =
+            "message/bhttp chunked response".getBytes(StandardCharsets.US_ASCII);
 
     private OHttpVersionChunkDraft() {
     }
@@ -149,7 +152,8 @@ static void serializeChunk(ByteBuf content, boolean isFinal, ByteBuf out) {
     }
 
     @Override
-    public void parse(ByteBuf in, boolean completeBodyReceived, Decoder decoder, List out) throws CryptoException {
+    public void parse(ByteBuf in, boolean completeBodyReceived, Decoder decoder, List out)
+            throws CryptoException {
         if (decoder.isPrefixNeeded()) {
             if (!decoder.decodePrefix(in)) {
                 if (completeBodyReceived) {
diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpVersionDraft.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpVersionDraft.java
index 2a26bd6..9c9aba9 100644
--- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpVersionDraft.java
+++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpVersionDraft.java
@@ -27,7 +27,8 @@
 import java.util.List;
 
 /**
- * Implementation of the draft protocol.
+ * Implementation of
+ * the draft protocol.
  */
 public final class OHttpVersionDraft implements OHttpVersion {
 
@@ -65,7 +66,8 @@ public AsciiString responseContentType() {
     }
 
     @Override
-    public void parse(ByteBuf in, boolean completeBodyReceived, Decoder decoder, List out) throws CryptoException {
+    public void parse(ByteBuf in, boolean completeBodyReceived, Decoder decoder, List out)
+            throws CryptoException {
         if (completeBodyReceived) {
             if (decoder.isPrefixNeeded() && !decoder.decodePrefix(in)) {
                 throw new CorruptedFrameException("Prefix is truncated");
diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/package-info.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/package-info.java
index e14e107..e01437d 100644
--- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/package-info.java
+++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/package-info.java
@@ -14,6 +14,7 @@
  * under the License.
  */
 /**
- * Implementation of Oblivious HTTP.
+ * Implementation of
+ * Oblivious HTTP.
  */
 package io.netty.incubator.codec.ohttp;
diff --git a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpChunkFramerTest.java b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpChunkFramerTest.java
index 3c6b96b..acaef56 100644
--- a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpChunkFramerTest.java
+++ b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpChunkFramerTest.java
@@ -51,7 +51,8 @@ private static void serializeHelper(String chunkHex, boolean isFinal, String exp
         }
     }
 
-    private static  void serializeThrowsHelper(String chunkHex, boolean isFinal, Class exception) {
+    private static  void serializeThrowsHelper(
+            String chunkHex, boolean isFinal, Class exception) {
         ByteBuf out = Unpooled.buffer();
         try {
             ByteBuf in = bytesFromHex(chunkHex);
diff --git a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCodecsTest.java b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCodecsTest.java
index 9c72111..3be6dc7 100644
--- a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCodecsTest.java
+++ b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCodecsTest.java
@@ -75,18 +75,26 @@ private static final class OHttpVersionArgumentsProvider implements ArgumentsPro
         @Override
         public Stream provideArguments(ExtensionContext context) {
             List arguments = new ArrayList<>();
-            arguments.add(Arguments.of(OHttpVersionDraft.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE));
-            arguments.add(Arguments.of(OHttpVersionChunkDraft.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE));
+            arguments.add(Arguments.of(OHttpVersionDraft.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE,
+                    BouncyCastleOHttpCryptoProvider.INSTANCE));
+            arguments.add(Arguments.of(OHttpVersionChunkDraft.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE,
+                    BouncyCastleOHttpCryptoProvider.INSTANCE));
 
             if (BoringSSLHPKE.isAvailable()) {
-                arguments.add(Arguments.of(OHttpVersionDraft.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE));
-                arguments.add(Arguments.of(OHttpVersionChunkDraft.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE));
-
-                arguments.add(Arguments.of(OHttpVersionDraft.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE));
-                arguments.add(Arguments.of(OHttpVersionChunkDraft.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE));
-
-                arguments.add(Arguments.of(OHttpVersionDraft.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE));
-                arguments.add(Arguments.of(OHttpVersionChunkDraft.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE));
+                arguments.add(Arguments.of(OHttpVersionDraft.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE,
+                        BoringSSLOHttpCryptoProvider.INSTANCE));
+                arguments.add(Arguments.of(OHttpVersionChunkDraft.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE,
+                        BoringSSLOHttpCryptoProvider.INSTANCE));
+
+                arguments.add(Arguments.of(OHttpVersionDraft.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE,
+                        BouncyCastleOHttpCryptoProvider.INSTANCE));
+                arguments.add(Arguments.of(OHttpVersionChunkDraft.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE,
+                        BouncyCastleOHttpCryptoProvider.INSTANCE));
+
+                arguments.add(Arguments.of(OHttpVersionDraft.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE,
+                        BoringSSLOHttpCryptoProvider.INSTANCE));
+                arguments.add(Arguments.of(OHttpVersionChunkDraft.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE,
+                        BoringSSLOHttpCryptoProvider.INSTANCE));
             }
             return arguments.stream();
         }
@@ -113,8 +121,10 @@ public interface ChannelPair {
         EmbeddedChannel server();
     }
 
-    public static ChannelPair createChannelPair(OHttpVersion version, OHttpCryptoProvider clientProvider, OHttpCryptoProvider serverProvider) throws Exception {
-        AsymmetricCipherKeyPair kpR = OHttpCryptoTest.createX25519KeyPair(serverProvider, "3c168975674b2fa8e465970b79c8dcf09f1c741626480bd4c6162fc5b6a98e1a");
+    public static ChannelPair createChannelPair(OHttpVersion version, OHttpCryptoProvider clientProvider,
+                                                OHttpCryptoProvider serverProvider) throws Exception {
+        AsymmetricCipherKeyPair kpR = OHttpCryptoTest.createX25519KeyPair(serverProvider,
+                "3c168975674b2fa8e465970b79c8dcf09f1c741626480bd4c6162fc5b6a98e1a");
         byte keyId = 0x66;
 
         OHttpServerKeys serverKeys = new OHttpServerKeys(
@@ -131,7 +141,8 @@ public static ChannelPair createChannelPair(OHttpVersion version, OHttpCryptoPro
                 KDF.HKDF_SHA256,
                 AEAD.AES_GCM128);
 
-        AsymmetricKeyParameter publicKey = clientProvider.deserializePublicKey(KEM.X25519_SHA256, kpR.publicParameters().encoded());
+        AsymmetricKeyParameter publicKey = clientProvider.deserializePublicKey(
+                KEM.X25519_SHA256, kpR.publicParameters().encoded());
         return new ChannelPair() {
             @Override
             public EmbeddedChannel client() {
@@ -198,7 +209,8 @@ public static ByteBuf strToBuf(String str) {
 
     @ParameterizedTest
     @ArgumentsSource(value = OHttpVersionArgumentsProvider.class)
-    void testContent(OHttpVersion version, OHttpCryptoProvider clientProvider, OHttpCryptoProvider serverProvider) throws Exception {
+    void testContent(OHttpVersion version, OHttpCryptoProvider clientProvider, OHttpCryptoProvider serverProvider)
+            throws Exception {
         ChannelPair channels = createChannelPair(version, clientProvider, serverProvider);
         EmbeddedChannel client = channels.client();
         EmbeddedChannel server = channels.server();
@@ -237,7 +249,8 @@ void testContent(OHttpVersion version, OHttpCryptoProvider clientProvider, OHttp
 
     @ParameterizedTest
     @ArgumentsSource(value = OHttpVersionArgumentsProvider.class)
-    void testContentChunked(OHttpVersion version, OHttpCryptoProvider clientProvider, OHttpCryptoProvider serverProvider) throws Exception {
+    void testContentChunked(OHttpVersion version, OHttpCryptoProvider clientProvider,
+                            OHttpCryptoProvider serverProvider) throws Exception {
 
         assumeTrue(version != OHttpVersionDraft.INSTANCE);
 
@@ -289,7 +302,8 @@ void testContentChunked(OHttpVersion version, OHttpCryptoProvider clientProvider
 
     @ParameterizedTest
     @ArgumentsSource(value = OHttpVersionArgumentsProvider.class)
-    void testCodec(OHttpVersion version, OHttpCryptoProvider clientProvider, OHttpCryptoProvider serverProvider) throws Exception {
+    void testCodec(OHttpVersion version, OHttpCryptoProvider clientProvider,
+                   OHttpCryptoProvider serverProvider) throws Exception {
 
         ChannelPair channels = createChannelPair(version, clientProvider, serverProvider);
         EmbeddedChannel client = channels.client();
diff --git a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCryptoTest.java b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCryptoTest.java
index cf98bfe..a273347 100644
--- a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCryptoTest.java
+++ b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCryptoTest.java
@@ -53,11 +53,15 @@ private static final class OHttpCryptoProviderArgumentsProvider implements Argum
         @Override
         public Stream provideArguments(ExtensionContext context) {
             List arguments = new ArrayList<>();
-            arguments.add(Arguments.of(BouncyCastleOHttpCryptoProvider.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE));
+            arguments.add(Arguments.of(BouncyCastleOHttpCryptoProvider.INSTANCE,
+                    BouncyCastleOHttpCryptoProvider.INSTANCE));
             if (BoringSSLHPKE.isAvailable()) {
-                arguments.add(Arguments.of(BoringSSLOHttpCryptoProvider.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE));
-                arguments.add(Arguments.of(BouncyCastleOHttpCryptoProvider.INSTANCE, BoringSSLOHttpCryptoProvider.INSTANCE));
-                arguments.add(Arguments.of(BoringSSLOHttpCryptoProvider.INSTANCE, BouncyCastleOHttpCryptoProvider.INSTANCE));
+                arguments.add(Arguments.of(BoringSSLOHttpCryptoProvider.INSTANCE,
+                        BoringSSLOHttpCryptoProvider.INSTANCE));
+                arguments.add(Arguments.of(BouncyCastleOHttpCryptoProvider.INSTANCE,
+                        BoringSSLOHttpCryptoProvider.INSTANCE));
+                arguments.add(Arguments.of(BoringSSLOHttpCryptoProvider.INSTANCE,
+                        BouncyCastleOHttpCryptoProvider.INSTANCE));
             }
             return arguments.stream();
         }
@@ -72,14 +76,18 @@ static AsymmetricCipherKeyPair createX25519KeyPair(OHttpCryptoProvider cryptoPro
     }
 
     /*
-     * Use values from https://ietf-wg-ohai.github.io/oblivious-http/draft-ietf-ohai-ohttp.html#name-complete-example-of-a-reque
+     * Use values from
+     * https://ietf-wg-ohai.github.io/oblivious-http/draft-ietf-ohai-ohttp.html#name-complete-example-of-a-reque
      */
     @ParameterizedTest
     @ArgumentsSource(value = OHttpCryptoProviderArgumentsProvider.class)
-    public void testCryptoVectors(OHttpCryptoProvider senderProvider, OHttpCryptoProvider receiverProvider) throws DecoderException, CryptoException {
+    public void testCryptoVectors(OHttpCryptoProvider senderProvider, OHttpCryptoProvider receiverProvider)
+            throws DecoderException, CryptoException {
         byte keyId = 1;
-        AsymmetricCipherKeyPair kpR = createX25519KeyPair(receiverProvider, "3c168975674b2fa8e465970b79c8dcf09f1c741626480bd4c6162fc5b6a98e1a");
-        AsymmetricCipherKeyPair kpE = createX25519KeyPair(senderProvider, "bc51d5e930bda26589890ac7032f70ad12e4ecb37abb1b65b1256c9c48999c73");
+        AsymmetricCipherKeyPair kpR = createX25519KeyPair(
+                receiverProvider, "3c168975674b2fa8e465970b79c8dcf09f1c741626480bd4c6162fc5b6a98e1a");
+        AsymmetricCipherKeyPair kpE = createX25519KeyPair(
+                senderProvider, "bc51d5e930bda26589890ac7032f70ad12e4ecb37abb1b65b1256c9c48999c73");
         byte[] request = ByteBufUtil.decodeHexDump("00034745540568747470730b6578616d706c652e636f6d012f");
         byte[] response = ByteBufUtil.decodeHexDump("0140c8");
 
@@ -97,7 +105,8 @@ public void testCryptoVectors(OHttpCryptoProvider senderProvider, OHttpCryptoPro
         ByteBuf encodedKeyConfiguration = Unpooled.buffer();
         try {
             serverKeys.encodePublicKeys(encodedKeyConfiguration);
-            assertEquals("01002031e1f05a740102115220e9af918f738674aec95f54db6e04eb705aae8e79815500080001000100010003", ByteBufUtil.hexDump(encodedKeyConfiguration));
+            assertEquals("01002031e1f05a740102115220e9af918f738674aec95f54db6e04eb705aae8e79815500080001000100010003"
+                    , ByteBufUtil.hexDump(encodedKeyConfiguration));
 
             // Key configuration decoding
 
@@ -144,8 +153,8 @@ public void testCryptoVectors(OHttpCryptoProvider senderProvider, OHttpCryptoPro
                 encodedRequest.writeBytes(encrypted);
 
                 assertEquals(
-                        "010020000100014b28f881333e7c164ffc499ad9796f877f4e1051ee6d31bad19dec96c208b4726374e469135906992"
-                                + "e1268c594d2a10c695d858c40a026e7965e7d86b83dd440b2c0185204b4d63525",
+                        "010020000100014b28f881333e7c164ffc499ad9796f877f4e1051ee6d31bad19dec96c208b4726374e4691359" +
+                                "06992e1268c594d2a10c695d858c40a026e7965e7d86b83dd440b2c0185204b4d63525",
                         ByteBufUtil.hexDump(encodedRequest));
                 // Receiver decodes request
 
@@ -171,7 +180,8 @@ public void testCryptoVectors(OHttpCryptoProvider senderProvider, OHttpCryptoPro
                     receiver.encrypt(responseBuffer, response.length, true, enc);
                     receiver.writeResponseNonce(encodedResponse);
                     encodedResponse.writeBytes(enc);
-                    assertEquals("c789e7151fcba46158ca84b04464910d86f9013e404feea014e7be4a441f234f857fbd", ByteBufUtil.hexDump(encodedResponse));
+                    assertEquals("c789e7151fcba46158ca84b04464910d86f9013e404feea014e7be4a441f234f857fbd",
+                            ByteBufUtil.hexDump(encodedResponse));
 
                     // Sender decodes response
 
diff --git a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/package-info.java b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/package-info.java
index f7b4b60..134d11b 100644
--- a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/package-info.java
+++ b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/package-info.java
@@ -13,4 +13,7 @@
  * License for the specific language governing permissions and limitations
  * under the License.
  */
+/**
+ * Tests for OHTTP.
+ */
 package io.netty.incubator.codec.ohttp;
diff --git a/pom.xml b/pom.xml
index 62cd01e..383d9d6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -243,7 +243,6 @@
                 ${project.build.testSourceDirectory}
               
             
-            false