cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject git commit: [CXF-5902] Set default IV size in to the typical block size in bits
Date Fri, 01 Aug 2014 13:04:59 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 9a33c9e45 -> c33e0e75c


[CXF-5902] Set default IV size in to the typical block size in bits


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c33e0e75
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c33e0e75
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c33e0e75

Branch: refs/heads/master
Commit: c33e0e75caa6cc4b1ca78c04fc27539e8944b70c
Parents: 9a33c9e
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Fri Aug 1 16:04:38 2014 +0300
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Fri Aug 1 16:04:38 2014 +0300

----------------------------------------------------------------------
 .../oauth2/jwe/AbstractContentEncryptionAlgorithm.java        | 7 +++++--
 .../security/oauth2/jwe/AesGcmContentEncryptionAlgorithm.java | 4 ++++
 2 files changed, 9 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c33e0e75/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java
index c2494ab..c452992 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java
@@ -28,7 +28,7 @@ import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 
 
 public abstract class AbstractContentEncryptionAlgorithm implements ContentEncryptionAlgorithm
{
-    private static final int DEFAULT_IV_SIZE = 96;
+    private static final int DEFAULT_IV_SIZE = 128;
     private static final int DEFAULT_AUTH_TAG_LENGTH = 128;
     private byte[] cek;
     private byte[] iv;
@@ -57,7 +57,7 @@ public abstract class AbstractContentEncryptionAlgorithm implements ContentEncry
     }
     public byte[] getInitVector() {
         if (iv == null) {
-            return CryptoUtils.generateSecureRandomBytes(DEFAULT_IV_SIZE);
+            return CryptoUtils.generateSecureRandomBytes(getIvSize());
         } else if (iv.length > 0 && providedIvUsageCount.addAndGet(1) > 1)
{
             throw new SecurityException();
         } else {
@@ -67,4 +67,7 @@ public abstract class AbstractContentEncryptionAlgorithm implements ContentEncry
     protected int getAuthTagLen() {
         return authTagLen;
     }
+    protected int getIvSize() { 
+        return DEFAULT_IV_SIZE;
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/c33e0e75/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AesGcmContentEncryptionAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AesGcmContentEncryptionAlgorithm.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AesGcmContentEncryptionAlgorithm.java
index c1f89aa..5d69273 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AesGcmContentEncryptionAlgorithm.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AesGcmContentEncryptionAlgorithm.java
@@ -22,10 +22,14 @@ import javax.crypto.SecretKey;
 
 
 public class AesGcmContentEncryptionAlgorithm extends AbstractContentEncryptionAlgorithm
{
+    private static final int DEFAULT_IV_SIZE = 96;
     public AesGcmContentEncryptionAlgorithm(SecretKey key, byte[] iv) { 
         this(key.getEncoded(), iv);    
     }
     public AesGcmContentEncryptionAlgorithm(byte[] cek, byte[] iv) { 
         super(cek, iv);    
     }
+    protected int getIvSize() { 
+        return DEFAULT_IV_SIZE;
+    }
 }


Mime
View raw message