From 426cee6cae7723cccd62d6b10a993cdf9402b2e2 Mon Sep 17 00:00:00 2001
From: Janos Szule <jszule@gmail.com>
Date: Sun, 28 Apr 2019 10:14:28 +0200
Subject: [PATCH 1/2] add Hmac hash generation test

---
 .../java/com/emarsys/escher/util/HmacTest.java | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 src/test/java/com/emarsys/escher/util/HmacTest.java

diff --git a/src/test/java/com/emarsys/escher/util/HmacTest.java b/src/test/java/com/emarsys/escher/util/HmacTest.java
new file mode 100644
index 0000000..9d5b8c8
--- /dev/null
+++ b/src/test/java/com/emarsys/escher/util/HmacTest.java
@@ -0,0 +1,18 @@
+package com.emarsys.escher.util;
+
+import com.emarsys.escher.EscherException;
+import org.junit.Assert;
+import org.junit.Test;
+
+
+public class HmacTest {
+
+    @Test
+    public void testHashGenerationSHA256() throws EscherException {
+        String textToHash = "test text";
+        String expectedHash = "0f46738ebed370c5c52ee0ad96dec8f459fb901c2ca4e285211eddf903bf1598";
+
+        Assert.assertEquals(expectedHash, Hmac.hash(textToHash));
+    }
+
+}
\ No newline at end of file

From a2cf4ecfaae80f430010e15c098314dc8b85f994 Mon Sep 17 00:00:00 2001
From: Janos Szule <jszule@gmail.com>
Date: Sun, 28 Apr 2019 10:15:21 +0200
Subject: [PATCH 2/2] change javax.xml.bind to org.apache.commons.codec due to
 package deprecation

---
 pom.xml                                          |  6 +++---
 src/main/java/com/emarsys/escher/Escher.java     |  5 +++--
 src/main/java/com/emarsys/escher/Helper.java     |  5 +++--
 src/main/java/com/emarsys/escher/util/Hmac.java  | 13 +++++--------
 src/test/java/com/emarsys/escher/HelperTest.java |  4 ++--
 5 files changed, 16 insertions(+), 17 deletions(-)

diff --git a/pom.xml b/pom.xml
index 276195b..8009146 100644
--- a/pom.xml
+++ b/pom.xml
@@ -103,9 +103,9 @@
         </dependency>
 
         <dependency>
-            <groupId>javax.xml.bind</groupId>
-            <artifactId>jaxb-api</artifactId>
-            <version>2.3.0</version>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.12</version>
         </dependency>
 
     </dependencies>
diff --git a/src/main/java/com/emarsys/escher/Escher.java b/src/main/java/com/emarsys/escher/Escher.java
index 7626faf..11eb0d9 100644
--- a/src/main/java/com/emarsys/escher/Escher.java
+++ b/src/main/java/com/emarsys/escher/Escher.java
@@ -4,7 +4,6 @@
 import com.emarsys.escher.util.DateTime;
 import org.apache.http.client.utils.URIBuilder;
 
-import javax.xml.bind.DatatypeConverter;
 import java.net.InetSocketAddress;
 import java.net.URI;
 import java.net.URISyntaxException;
@@ -14,6 +13,8 @@
 import java.util.Map;
 import java.util.function.Consumer;
 
+import static org.apache.commons.codec.binary.Hex.encodeHexString;
+
 public class Escher {
 
     public static final String UNSIGNED_PAYLOAD = "UNSIGNED-PAYLOAD";
@@ -122,7 +123,7 @@ private String calculateSignature(Helper helper, EscherRequest request, String s
 
         Logger.log("Canonicalized request: " + canonicalizedRequest);
         Logger.log("String to sign: " + stringToSign);
-        Logger.log("Signing key: " + DatatypeConverter.printHexBinary(signingKey));
+        Logger.log("Signing key: " + encodeHexString(signingKey, true));
         Logger.log("Signature: " + signature);
 
         return signature;
diff --git a/src/main/java/com/emarsys/escher/Helper.java b/src/main/java/com/emarsys/escher/Helper.java
index 36f0ba6..de6d021 100644
--- a/src/main/java/com/emarsys/escher/Helper.java
+++ b/src/main/java/com/emarsys/escher/Helper.java
@@ -6,7 +6,6 @@
 import org.apache.http.client.utils.URIBuilder;
 import org.apache.http.client.utils.URLEncodedUtils;
 
-import javax.xml.bind.DatatypeConverter;
 import java.io.UnsupportedEncodingException;
 import java.net.MalformedURLException;
 import java.net.URI;
@@ -16,6 +15,8 @@
 import java.util.function.BinaryOperator;
 import java.util.function.Predicate;
 
+import static org.apache.commons.codec.binary.Hex.encodeHexString;
+
 
 class Helper {
 
@@ -132,7 +133,7 @@ public String calculateAuthHeader(String accessKeyId, Instant date, String crede
 
 
     public String calculateSignature(byte[] signingKey, String stringToSign) throws EscherException {
-        return DatatypeConverter.printHexBinary(Hmac.sign(config.getHashAlgo(), signingKey, stringToSign)).toLowerCase();
+        return encodeHexString(Hmac.sign(config.getHashAlgo(), signingKey, stringToSign), true);
     }
 
 
diff --git a/src/main/java/com/emarsys/escher/util/Hmac.java b/src/main/java/com/emarsys/escher/util/Hmac.java
index 552caaa..03fd4c1 100644
--- a/src/main/java/com/emarsys/escher/util/Hmac.java
+++ b/src/main/java/com/emarsys/escher/util/Hmac.java
@@ -1,30 +1,27 @@
 package com.emarsys.escher.util;
 
 import com.emarsys.escher.EscherException;
+import org.apache.commons.codec.digest.DigestUtils;
 
 import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
-import javax.xml.bind.DatatypeConverter;
 import java.nio.charset.Charset;
 import java.security.MessageDigest;
 
 public class Hmac {
 
     private static final Charset UTF8 = Charset.forName("UTF-8");
-
+    private static final String HASH_ALGO = "SHA-256";
 
     public static String hash(String text) throws EscherException {
         try {
-            MessageDigest md = MessageDigest.getInstance("SHA-256");
-            md.update(text.getBytes(UTF8));
-            byte[] bytes = md.digest();
-            return DatatypeConverter.printHexBinary(bytes).toLowerCase();
+            MessageDigest md = MessageDigest.getInstance(HASH_ALGO);
+            return new DigestUtils(md).digestAsHex(text).toLowerCase();
         } catch (Exception e) {
-            throw new EscherException("Unable to compute hash", e);
+            throw new EscherException("Unable to compute hash: " + e.getMessage(), e);
         }
     }
 
-
     public static byte[] sign(String hashAlgo, String key, String data) throws EscherException {
         return  sign(hashAlgo, key.getBytes(UTF8), data);
     }
diff --git a/src/test/java/com/emarsys/escher/HelperTest.java b/src/test/java/com/emarsys/escher/HelperTest.java
index 2d21e41..603f3f0 100644
--- a/src/test/java/com/emarsys/escher/HelperTest.java
+++ b/src/test/java/com/emarsys/escher/HelperTest.java
@@ -7,13 +7,13 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
-import javax.xml.bind.DatatypeConverter;
 import java.net.URI;
 import java.time.Instant;
 import java.time.ZoneOffset;
 import java.util.*;
 import java.util.stream.Collectors;
 
+import static org.apache.commons.codec.binary.Hex.encodeHexString;
 import static org.hamcrest.Matchers.is;
 import static org.junit.Assert.assertThat;
 import static org.junit.Assert.fail;
@@ -35,7 +35,7 @@ public void testCalculateSigningKey() throws Exception {
         );
 
         assertThat(
-                DatatypeConverter.printHexBinary(signingKey).toLowerCase(),
+                encodeHexString(signingKey, true),
                 is("98f1d889fec4f4421adc522bab0ce1f82e6929c262ed15e5a94c90efd1e3b0e7")
         );
     }