cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject git commit: [CXF-5954] Experimenting with EC keys, adding a system test
Date Thu, 11 Sep 2014 12:40:31 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 03e25e714 -> 5085661fa


[CXF-5954] Experimenting with EC keys, adding a system test


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5085661f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5085661f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5085661f

Branch: refs/heads/3.0.x-fixes
Commit: 5085661fa0b3d6723ffed72386c37d17e7eb75c0
Parents: 03e25e7
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Thu Sep 11 13:38:53 2014 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Thu Sep 11 13:40:07 2014 +0100

----------------------------------------------------------------------
 .../cxf/rs/security/oauth2/jwk/JsonWebKey.java  | 14 +++++++++
 .../jwt/jaxrs/AbstractJwsReaderProvider.java    |  4 +--
 .../jwt/jaxrs/AbstractJwsWriterProvider.java    |  5 ++--
 .../oauth2/jws/JwsCompactReaderWriterTest.java  |  8 ++++--
 .../oauth2/utils/crypto/CryptoUtils.java        | 30 ++++++++++++--------
 .../jaxrs/security/jwt/JAXRSJweJwsTest.java     | 25 +++++++++++++++-
 .../cxf/systest/jaxrs/security/jwt/server.xml   | 13 +++++++++
 .../jaxrs/security/certs/jwkPrivateSet.txt      | 10 ++++++-
 .../jaxrs/security/certs/jwkPublicSet.txt       |  8 +++++-
 .../jaxrs/security/jws.ec.private.properties    | 20 +++++++++++++
 .../jaxrs/security/jws.ec.public.properties     | 19 +++++++++++++
 .../jaxrs/security/secret.jwk.properties        |  1 -
 12 files changed, 135 insertions(+), 22 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
index fc82c5c..fa357fa 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
@@ -18,6 +18,8 @@
  */
 package org.apache.cxf.rs.security.oauth2.jwk;
 
+import java.security.interfaces.ECPrivateKey;
+import java.security.interfaces.ECPublicKey;
 import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPublicKey;
 import java.util.List;
@@ -190,6 +192,18 @@ public class JsonWebKey extends AbstractJwtObject {
                                                 encodedCrtCoefficient);
         }
     }
+    public ECPublicKey toECPublicKey() {
+        String eCurve = (String)super.getValue(EC_CURVE);
+        String encodedXCoord = (String)super.getValue(EC_X_COORDINATE);
+        String encodedYCoord = (String)super.getValue(EC_Y_COORDINATE);
+        return CryptoUtils.getECPublicKey(eCurve, encodedXCoord, encodedYCoord);
+    }
+    public ECPrivateKey toECPrivateKey() {
+        String eCurve = (String)super.getValue(EC_CURVE);
+        String encodedPrivateKey = (String)super.getValue(EC_PRIVATE_KEY);
+        return CryptoUtils.getECPrivateKey(eCurve, encodedPrivateKey);
+    }
+    
     public SecretKey toSecretKey() {
         return CryptoUtils.createSecretKeySpec((String)getProperty(OCTET_KEY_VALUE), 
                                                Algorithm.toJavaName(getAlgorithm()));

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsReaderProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsReaderProvider.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsReaderProvider.java
index 4d4ea71..27f0f4e 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsReaderProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsReaderProvider.java
@@ -78,8 +78,8 @@ public class AbstractJwsReaderProvider {
                     && Algorithm.isHmacSign(jwk.getAlgorithm())) {
                     theVerifier = 
                         new HmacJwsSignatureProvider((String)jwk.getProperty(JsonWebKey.OCTET_KEY_VALUE));
-                } else {
-                    // TODO: support elliptic curve keys
+                } else if (JsonWebKey.KEY_TYPE_ELLIPTIC.equals(jwk.getKeyType())) {
+                    theVerifier = new PublicKeyJwsSignatureVerifier(jwk.toECPublicKey());
                 }
                 
             } else {

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsWriterProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsWriterProvider.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsWriterProvider.java
index c3afe70..2c89957 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsWriterProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJwsWriterProvider.java
@@ -31,6 +31,7 @@ import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.rs.security.oauth2.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.oauth2.jwk.JwkUtils;
+import org.apache.cxf.rs.security.oauth2.jws.EcDsaJwsSignatureProvider;
 import org.apache.cxf.rs.security.oauth2.jws.HmacJwsSignatureProvider;
 import org.apache.cxf.rs.security.oauth2.jws.JwsCompactProducer;
 import org.apache.cxf.rs.security.oauth2.jws.JwsSignatureProvider;
@@ -74,8 +75,8 @@ public class AbstractJwsWriterProvider {
                     && Algorithm.isHmacSign(rsaSignatureAlgo)) {
                     theSigProvider = 
                         new HmacJwsSignatureProvider((String)jwk.getProperty(JsonWebKey.OCTET_KEY_VALUE));
-                } else {
-                    // TODO: support elliptic curve keys
+                } else if (JsonWebKey.KEY_TYPE_ELLIPTIC.equals(jwk.getKeyType())) {
+                    theSigProvider = new EcDsaJwsSignatureProvider(jwk.toECPrivateKey());
                 }
             } else {
                 RSAPrivateKey pk = (RSAPrivateKey)CryptoUtils.loadPrivateKey(m, props, 

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/oauth2/jws/JwsCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/oauth2/jws/JwsCompactReaderWriterTest.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/oauth2/jws/JwsCompactReaderWriterTest.java
index 36c6aee..bd31858 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/oauth2/jws/JwsCompactReaderWriterTest.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/oauth2/jws/JwsCompactReaderWriterTest.java
@@ -209,10 +209,14 @@ public class JwsCompactReaderWriterTest extends Assert {
         JwtHeaders headers = new JwtHeaders();
         headers.setAlgorithm(Algorithm.SHA256withECDSA.getJwtName());
         JwsCompactProducer jws = initSpecJwtTokenWriter(headers);
-        ECPrivateKey privateKey = CryptoUtils.getECPrivateKey(EC_PRIVATE_KEY_ENCODED);
+        ECPrivateKey privateKey = CryptoUtils.getECPrivateKey(JsonWebKey.EC_CURVE_P256,
+                                                              EC_PRIVATE_KEY_ENCODED);
         jws.signWith(new EcDsaJwsSignatureProvider(privateKey));
         String signedJws = jws.getSignedEncodedJws();
-        ECPublicKey publicKey = CryptoUtils.getECPublicKey(EC_X_POINT_ENCODED, EC_Y_POINT_ENCODED);
+        
+        ECPublicKey publicKey = CryptoUtils.getECPublicKey(JsonWebKey.EC_CURVE_P256,
+                                                           EC_X_POINT_ENCODED, 
+                                                           EC_Y_POINT_ENCODED);
         JwsJwtCompactConsumer jwsConsumer = new JwsJwtCompactConsumer(signedJws);
         assertTrue(jwsConsumer.verifySignatureWith(new PublicKeyJwsSignatureVerifier(publicKey)));
         JwtToken token = jwsConsumer.getJwtToken();

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
index 4847c09..cb1e81e 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
@@ -25,6 +25,7 @@ import java.lang.reflect.Method;
 import java.math.BigInteger;
 import java.security.Key;
 import java.security.KeyFactory;
+import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.KeyStore;
 import java.security.Principal;
@@ -363,17 +364,16 @@ public final class CryptoUtils {
         }    
     }
     
-    public static ECPrivateKey getECPrivateKey(String encodedPrivateKey) {
+    public static ECPrivateKey getECPrivateKey(String curve, String encodedPrivateKey) {
         try {
-            return getECPrivateKey(decodeSequence(encodedPrivateKey));
+            return getECPrivateKey(curve, decodeSequence(encodedPrivateKey));
         } catch (Exception ex) { 
             throw new SecurityException(ex);
         }
     }
-    public static ECPrivateKey getECPrivateKey(byte[] privateKey) {
+    public static ECPrivateKey getECPrivateKey(String curve, byte[] privateKey) {
         try {
-            ECParameterSpec params = getECParameterSpec();
-
+            ECParameterSpec params = getECParameterSpec(curve, true);
             ECPrivateKeySpec keySpec = new ECPrivateKeySpec(
                                            new BigInteger(1, privateKey), params);
             KeyFactory kf = KeyFactory.getInstance("EC");
@@ -383,24 +383,30 @@ public final class CryptoUtils {
             throw new SecurityException(ex);
         }    
     }
-    private static ECParameterSpec getECParameterSpec() throws Exception {
+    private static ECParameterSpec getECParameterSpec(String curve, boolean isPrivate) 
+        throws Exception {
         KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC");
-        ECGenParameterSpec kpgparams = new ECGenParameterSpec("secp256r1");
+        ECGenParameterSpec kpgparams = new ECGenParameterSpec("sec"
+                                                              + curve.toLowerCase().replace("-",
"")
+                                                              + "r1");
         kpg.initialize(kpgparams);
-        return ((ECPublicKey) kpg.generateKeyPair().getPublic()).getParams();
+        KeyPair pair = kpg.generateKeyPair();
+        return isPrivate ? ((ECPublicKey) pair.getPublic()).getParams()
+            : ((ECPrivateKey) pair.getPrivate()).getParams();
     }
     
-    public static ECPublicKey getECPublicKey(String encodedXPoint, String encodedYPoint)
{
+    public static ECPublicKey getECPublicKey(String curve, String encodedXPoint, String encodedYPoint)
{
         try {
-            return getECPublicKey(decodeSequence(encodedXPoint),
+            return getECPublicKey(curve,
+                                  decodeSequence(encodedXPoint),
                                   decodeSequence(encodedYPoint));
         } catch (Exception ex) { 
             throw new SecurityException(ex);
         }
     }
-    public static ECPublicKey getECPublicKey(byte[] xPoint, byte[] yPoint) {
+    public static ECPublicKey getECPublicKey(String curve, byte[] xPoint, byte[] yPoint)
{
         try {
-            ECParameterSpec params = getECParameterSpec();
+            ECParameterSpec params = getECParameterSpec(curve, false);
 
             ECPoint ecPoint = new ECPoint(new BigInteger(1, xPoint),
                                           new BigInteger(1, yPoint));

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
index 8f6518b..8d72b8e 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
@@ -158,7 +158,30 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase
{
         String text = bs.echoText("book");
         assertEquals("book", text);
     }
-    
+    @Test
+    public void testJwsJwkEC() throws Exception {
+        String address = "https://localhost:" + PORT + "/jwsjwkec";
+        JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
+        Bus springBus = bf.createBus(busFile.toString());
+        bean.setBus(springBus);
+        bean.setServiceClass(BookStore.class);
+        bean.setAddress(address);
+        List<Object> providers = new LinkedList<Object>();
+        JwsWriterInterceptor jwsWriter = new JwsWriterInterceptor();
+        jwsWriter.setUseJwsOutputStream(true);
+        providers.add(jwsWriter);
+        providers.add(new JwsClientResponseFilter());
+        bean.setProviders(providers);
+        bean.getProperties(true).put("rs.security.signature.out.properties", 
+            "org/apache/cxf/systest/jaxrs/security/jws.ec.private.properties");
+        bean.getProperties(true).put("rs.security.signature.in.properties", 
+            "org/apache/cxf/systest/jaxrs/security/jws.ec.public.properties");
+        BookStore bs = bean.create(BookStore.class);
+        String text = bs.echoText("book");
+        assertEquals("book", text);
+    }
     private void doTestJweJwsRsa(String address, 
                                  JwsSignatureProvider jwsSigProvider) throws Exception {
         JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
index 0befa8a..145846a 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
@@ -156,6 +156,19 @@ under the License.
             <entry key="rs.security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/secret.jwk.properties"/>
         </jaxrs:properties>
     </jaxrs:server>
+    <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-jwt}/jwsjwkec">
+        <jaxrs:serviceBeans>
+            <ref bean="serviceBean"/>
+        </jaxrs:serviceBeans>
+        <jaxrs:providers>
+            <ref bean="jwsInFilter"/>
+            <ref bean="jwsOutFilter"/>
+        </jaxrs:providers>
+        <jaxrs:properties>
+            <entry key="rs.security.signature.in.properties" value="org/apache/cxf/systest/jaxrs/security/jws.ec.public.properties"/>
+            <entry key="rs.security.signature.out.properties" value="org/apache/cxf/systest/jaxrs/security/jws.ec.private.properties"/>
+        </jaxrs:properties>
+    </jaxrs:server>
     <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-jwt}/jweaescbchmac">
         <jaxrs:serviceBeans>
             <ref bean="serviceBean"/>

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
index 785f553..3aab043 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
@@ -14,6 +14,14 @@
           {"kty":"oct",
           "alg":"HS256",
           "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow",
-          "kid":"HMACKey"} 
+          "kid":"HMACKey"},
+          
+          {"kty":"EC",
+          "crv":"P-256",
+          "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
+          "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
+          "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE",
+          "use":"enc",
+          "kid":"ECKey"} 
        ]
      }

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
index 4487aa2..6ecc25e 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
@@ -3,6 +3,12 @@
          {"kty":"RSA",
           "n":"oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUWcJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3Spsk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2asbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMStPs6mS6XrgxnxbWhojf663tuEQueGC-FCMfra36C9knDFGzKsNa7LZK2djYgyD3JR_MB_4NUJW_TqOQtwHYbxevoJArm-L5StowjzGy-_bq6Gw",
           "e":"AQAB",
-          "kid":"2011-04-29"}
+          "kid":"2011-04-29"},
+         {"kty":"EC",
+          "crv":"P-256",
+          "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
+          "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
+          "use":"enc",
+          "kid":"ECKey"},
        ]
      }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jws.ec.private.properties
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jws.ec.private.properties
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jws.ec.private.properties
new file mode 100644
index 0000000..a389312
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jws.ec.private.properties
@@ -0,0 +1,20 @@
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+rs.security.keystore.type=jwk
+rs.security.keystore.alias=ECKey
+rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
+rs.security.jws.content.signature.algorithm=ES256
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jws.ec.public.properties
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jws.ec.public.properties
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jws.ec.public.properties
new file mode 100644
index 0000000..9d67710
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jws.ec.public.properties
@@ -0,0 +1,19 @@
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+rs.security.keystore.type=jwk
+rs.security.keystore.alias=ECKey
+rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt

http://git-wip-us.apache.org/repos/asf/cxf/blob/5085661f/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.properties
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.properties
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.properties
index c512d60..b616a55 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.properties
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/secret.jwk.properties
@@ -19,4 +19,3 @@ rs.security.keystore.alias.jwe=AesWrapKey
 rs.security.keystore.alias.jws=HMACKey
 rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
 rs.security.jwe.content.encryption.algorithm=A128GCM
-rs.security.jwe.key.encryption.algorithm=A128KW


Mime
View raw message