cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject git commit: Update Jwe KeyDecryptionAlgorithm and providers to report the algorithm
Date Wed, 22 Oct 2014 18:08:16 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes af03934b7 -> 76313002a


Update Jwe KeyDecryptionAlgorithm and providers to report the algorithm


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/76313002
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/76313002
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/76313002

Branch: refs/heads/3.0.x-fixes
Commit: 76313002a3149d7fa0445baf11489ce7a5388ff1
Parents: af03934
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Oct 22 19:06:35 2014 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Oct 22 19:07:34 2014 +0100

----------------------------------------------------------------------
 .../jose/jwe/AbstractJweDecryption.java         |  9 ++++++-
 .../jose/jwe/AbstractJweEncryption.java         |  8 ++++++
 .../jose/jwe/DirectKeyDecryptionAlgorithm.java  |  4 +++
 .../jose/jwe/JweDecryptionProvider.java         |  2 +-
 .../jose/jwe/JweEncryptionProvider.java         |  2 +-
 .../rs/security/jose/jwe/JweKeyProperties.java  | 26 ++++++++++++++++++++
 .../jose/jwe/KeyDecryptionAlgorithm.java        |  1 +
 .../PbesHmacAesWrapKeyDecryptionAlgorithm.java  | 20 +++++++++++++--
 .../jose/jwe/WrappedKeyDecryptionAlgorithm.java |  7 +++---
 .../jose/jws/HmacJwsSignatureVerifier.java      |  4 +++
 10 files changed, 75 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
index 45d3ee7..ae525c7 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
@@ -101,5 +101,12 @@ public abstract class AbstractJweDecryption implements JweDecryptionProvider
{
     protected byte[] getActualCek(byte[] theCek, String algoJwt) {
         return theCek;
     }
-    
+    @Override
+    public String getKeyAlgorithm() {
+        return keyDecryptionAlgo.getAlgorithm();
+    }
+    @Override
+    public String getContentAlgorithm() {
+        return contentDecryptionAlgo.getAlgorithm();
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
index 4354bf3..9a7764c 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
@@ -117,6 +117,14 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider
{
         return headers;
     }
     @Override
+    public String getKeyAlgorithm() {
+        return keyEncryptionAlgo.getAlgorithm();
+    }
+    @Override
+    public String getContentAlgorithm() {
+        return contentEncryptionAlgo.getAlgorithm();
+    }
+    @Override
     public JweEncryptionState createJweEncryptionState(String contentType) {
         JweEncryptionInternal state = getInternalState(contentType);
         Cipher c = CryptoUtils.initCipher(createCekSecretKey(state), state.keyProps, 

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java
index c1803c6..88a48ca 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java
@@ -36,4 +36,8 @@ public class DirectKeyDecryptionAlgorithm implements KeyDecryptionAlgorithm
{
         }
         return contentDecryptionKey;
     }
+    @Override
+    public String getAlgorithm() {
+        return null;
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweDecryptionProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweDecryptionProvider.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweDecryptionProvider.java
index d20401b..006bc03 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweDecryptionProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweDecryptionProvider.java
@@ -20,7 +20,7 @@ package org.apache.cxf.rs.security.jose.jwe;
 
 
 
-public interface JweDecryptionProvider {
+public interface JweDecryptionProvider extends JweKeyProperties {
     JweDecryptionOutput decrypt(String jweContent);
     byte[] decrypt(JweCompactConsumer consumer);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionProvider.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionProvider.java
index 5b9afee..548191b 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionProvider.java
@@ -20,7 +20,7 @@ package org.apache.cxf.rs.security.jose.jwe;
 
 
 
-public interface JweEncryptionProvider {
+public interface JweEncryptionProvider extends JweKeyProperties {
     String encrypt(byte[] jweContent, String contentType);
     JweEncryptionState createJweEncryptionState(String contentType);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweKeyProperties.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweKeyProperties.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweKeyProperties.java
new file mode 100644
index 0000000..4217525
--- /dev/null
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweKeyProperties.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose.jwe;
+
+
+
+public interface JweKeyProperties {
+    String getKeyAlgorithm();
+    String getContentAlgorithm();
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/KeyDecryptionAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/KeyDecryptionAlgorithm.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/KeyDecryptionAlgorithm.java
index 9932ab2..83339ad 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/KeyDecryptionAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/KeyDecryptionAlgorithm.java
@@ -20,5 +20,6 @@ package org.apache.cxf.rs.security.jose.jwe;
 
 
 public interface KeyDecryptionAlgorithm {
+    String getAlgorithm();
     byte[] getDecryptedContentEncryptionKey(JweCompactConsumer consumer);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
index d338cdd..f5f4c99 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
@@ -19,17 +19,29 @@
 package org.apache.cxf.rs.security.jose.jwe;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
+import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 
 public class PbesHmacAesWrapKeyDecryptionAlgorithm implements KeyDecryptionAlgorithm {
     private byte[] password;
+    private String algo;
     public PbesHmacAesWrapKeyDecryptionAlgorithm(String password) {    
-        this(PbesHmacAesWrapKeyEncryptionAlgorithm.stringToBytes(password));
+        this(password, Algorithm.PBES2_HS256_A128KW.getJwtName());
+    }
+    public PbesHmacAesWrapKeyDecryptionAlgorithm(String password, String algo) {    
+        this(PbesHmacAesWrapKeyEncryptionAlgorithm.stringToBytes(password), algo);
     }
     public PbesHmacAesWrapKeyDecryptionAlgorithm(char[] password) {    
-        this(PbesHmacAesWrapKeyEncryptionAlgorithm.charsToBytes(password));
+        this(password, Algorithm.PBES2_HS256_A128KW.getJwtName());
+    }
+    public PbesHmacAesWrapKeyDecryptionAlgorithm(char[] password, String algo) {    
+        this(PbesHmacAesWrapKeyEncryptionAlgorithm.charsToBytes(password), algo);
     }
     public PbesHmacAesWrapKeyDecryptionAlgorithm(byte[] password) {    
+        this(password, Algorithm.PBES2_HS256_A128KW.getJwtName());
+    }
+    public PbesHmacAesWrapKeyDecryptionAlgorithm(byte[] password, String algo) {    
         this.password = password;
+        this.algo = algo;
     }
     @Override
     public byte[] getDecryptedContentEncryptionKey(JweCompactConsumer consumer) {
@@ -50,5 +62,9 @@ public class PbesHmacAesWrapKeyDecryptionAlgorithm implements KeyDecryptionAlgor
             throw new SecurityException(ex);
         }
     }
+    @Override
+    public String getAlgorithm() {
+        return algo;
+    }
     
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyDecryptionAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyDecryptionAlgorithm.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyDecryptionAlgorithm.java
index 8af2c63..6608436 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyDecryptionAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyDecryptionAlgorithm.java
@@ -29,9 +29,6 @@ public class WrappedKeyDecryptionAlgorithm implements KeyDecryptionAlgorithm
{
     private Key cekDecryptionKey;
     private boolean unwrap;
     private String supportedAlgo;
-    public WrappedKeyDecryptionAlgorithm(Key cekDecryptionKey) {    
-        this(cekDecryptionKey, null);
-    }
     public WrappedKeyDecryptionAlgorithm(Key cekDecryptionKey, String supportedAlgo) {  
 
         this(cekDecryptionKey, supportedAlgo, true);
     }
@@ -82,4 +79,8 @@ public class WrappedKeyDecryptionAlgorithm implements KeyDecryptionAlgorithm
{
     protected byte[] getEncryptedContentEncryptionKey(JweCompactConsumer consumer) {
         return consumer.getEncryptedContentEncryptionKey();
     }
+    @Override
+    public String getAlgorithm() {
+        return supportedAlgo;
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/76313002/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
index 3bdf335..55ec94e 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
@@ -22,6 +22,7 @@ import java.security.spec.AlgorithmParameterSpec;
 import java.util.Arrays;
 
 import org.apache.cxf.common.util.crypto.HmacUtils;
+import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
@@ -31,6 +32,9 @@ public class HmacJwsSignatureVerifier implements JwsSignatureVerifier {
     private AlgorithmParameterSpec hmacSpec;
     private String supportedAlgo;
     
+    public HmacJwsSignatureVerifier(String encodedKey) {
+        this(JoseUtils.decode(encodedKey), JoseConstants.HMAC_SHA_256_ALGO);
+    }
     public HmacJwsSignatureVerifier(String encodedKey, String supportedAlgo) {
         this(JoseUtils.decode(encodedKey), supportedAlgo);
     }


Mime
View raw message