cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [1/2] [CXF-5944] Moving some of security utils to the core where they might stay and working toward preparing creating a JOSE module without the deps on the OAuth2 module, the idea from Luigio
Date Mon, 06 Oct 2014 16:16:22 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes d57fd7f2c -> 4765a07b3


http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
index 2d09bb1..3808d4e 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
@@ -24,8 +24,8 @@ import javax.crypto.Mac;
 
 import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.common.util.Base64UrlUtility;
+import org.apache.cxf.common.util.crypto.HmacUtils;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.HmacUtils;
 
 public class HmacJwsSignatureProvider extends AbstractJwsSignatureProvider {
     private byte[] key;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
index a58f161..4ad9c27 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
@@ -23,9 +23,9 @@ import java.util.Arrays;
 
 import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.common.util.Base64UrlUtility;
+import org.apache.cxf.common.util.crypto.HmacUtils;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 import org.apache.cxf.rs.security.jose.jwt.JwtHeaders;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.HmacUtils;
 
 public class HmacJwsSignatureVerifier implements JwsSignatureVerifier {
     private byte[] key;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
index f5693c4..c2f5a6a 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
@@ -24,8 +24,8 @@ import java.security.Signature;
 import java.security.SignatureException;
 import java.security.spec.AlgorithmParameterSpec;
 
+import org.apache.cxf.common.util.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 
 public class PrivateKeyJwsSignatureProvider extends AbstractJwsSignatureProvider {
     private PrivateKey key;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
index 546ce1b..d485256 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
@@ -21,9 +21,9 @@ package org.apache.cxf.rs.security.jose.jws;
 import java.security.PublicKey;
 import java.security.spec.AlgorithmParameterSpec;
 
+import org.apache.cxf.common.util.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 import org.apache.cxf.rs.security.jose.jwt.JwtHeaders;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 
 public class PublicKeyJwsSignatureVerifier implements JwsSignatureVerifier {
     private PublicKey key;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java b/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
index c1f30f6..b62dc87 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
@@ -26,10 +26,10 @@ import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
+import org.apache.cxf.common.util.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 import org.apache.cxf.rs.security.jose.jws.JwsCompactReaderWriterTest;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
 import org.junit.AfterClass;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java b/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
index 5f287f3..bf868bc 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
@@ -27,6 +27,7 @@ import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
 
+import org.apache.cxf.common.util.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
@@ -35,7 +36,6 @@ import org.apache.cxf.rs.security.jose.jwt.JwtHeaders;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
 import org.apache.cxf.rs.security.jose.jwt.JwtTokenWriter;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 
 import org.junit.Assert;
 import org.junit.Test;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java
index 1959952..6d50584 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java
@@ -25,10 +25,10 @@ import java.util.Set;
 
 import javax.crypto.SecretKey;
 
+import org.apache.cxf.common.util.crypto.KeyProperties;
 import org.apache.cxf.rs.security.oauth2.provider.DefaultEncryptingOAuthDataProvider;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.KeyProperties;
 import org.apache.cxf.rs.security.oauth2.utils.crypto.ModelEncryptionSupport;
 
 public class DefaultEncryptingCodeDataProvider extends DefaultEncryptingOAuthDataProvider 

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DigestCodeVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DigestCodeVerifier.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DigestCodeVerifier.java
index 06f55fb..371e907 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DigestCodeVerifier.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DigestCodeVerifier.java
@@ -19,7 +19,7 @@
 package org.apache.cxf.rs.security.oauth2.grants.code;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.rs.security.oauth2.utils.MessageDigestUtils;
+import org.apache.cxf.common.util.crypto.MessageDigestUtils;
 
 public class DigestCodeVerifier implements CodeVerifierTransformer {
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
index 94f1886..f139632 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
@@ -27,11 +27,11 @@ import java.util.concurrent.ConcurrentHashMap;
 
 import javax.crypto.SecretKey;
 
+import org.apache.cxf.common.util.crypto.CryptoUtils;
+import org.apache.cxf.common.util.crypto.KeyProperties;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.KeyProperties;
 import org.apache.cxf.rs.security.oauth2.utils.crypto.ModelEncryptionSupport;
 
 public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvider 

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
index 2bcccfe..ff75484 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
@@ -18,11 +18,11 @@
  */
 package org.apache.cxf.rs.security.oauth2.tokens.hawk;
 
+import org.apache.cxf.common.util.crypto.HmacUtils;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.HmacUtils;
 
 //https://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05
 //->

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java
index 82d5876..2321e4a 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java
@@ -26,6 +26,7 @@ import java.util.Map;
 
 import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.common.util.crypto.HmacUtils;
 import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.oauth2.client.HttpRequestProperties;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
@@ -35,7 +36,6 @@ import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.AuthorizationUtils;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.HmacUtils;
 
 public class HawkAccessTokenValidator implements AccessTokenValidator {
     private OAuthDataProvider dataProvider;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAuthorizationScheme.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAuthorizationScheme.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAuthorizationScheme.java
index 02073e9..64c7959 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAuthorizationScheme.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAuthorizationScheme.java
@@ -23,10 +23,10 @@ import java.util.Map;
 
 import org.apache.cxf.common.util.Base64Utility;
 import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.common.util.crypto.HmacUtils;
 import org.apache.cxf.rs.security.oauth2.client.HttpRequestProperties;
 import org.apache.cxf.rs.security.oauth2.common.AccessToken;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.HmacUtils;
 // https://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05
 // ->
 // https://github.com/hueniverse/hawk/blob/master/README.md

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestUtils.java
deleted file mode 100644
index 5a2d18a..0000000
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestUtils.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.oauth2.utils;
-
-import java.io.UnsupportedEncodingException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
-import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-
-/**
- * The utility Message Digest generator which can be used for generating
- * random values
- */
-public final class MessageDigestUtils {
-    
-    public static final String ALGO_SHA_1 = "SHA-1";
-    public static final String ALGO_SHA_256 = "SHA-256";
-    public static final String ALGO_MD5 = "MD5";
-    
-    private MessageDigestUtils() {
-        
-    }
-        
-    public static String generate(byte[] input) throws OAuthServiceException {
-        return generate(input, ALGO_MD5);
-    }   
-    
-    public static String generate(byte[] input, String algo) throws OAuthServiceException {    
-        if (input == null) {
-            throw new OAuthServiceException("You have to pass input to Token Generator");
-        }
-
-        try {
-            byte[] messageDigest = createDigest(input, algo);
-            StringBuffer hexString = new StringBuffer();
-            for (int i = 0; i < messageDigest.length; i++) {
-                hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
-            }
-
-            return hexString.toString();
-        } catch (NoSuchAlgorithmException e) {
-            throw new OAuthServiceException("server_error", e);
-        }
-    }
-
-    public static byte[] createDigest(String input, String algo) {
-        try {
-            return createDigest(input.getBytes("UTF-8"), algo);
-        } catch (UnsupportedEncodingException e) {
-            throw new OAuthServiceException("server_error", e);
-        } catch (NoSuchAlgorithmException e) {
-            throw new OAuthServiceException("server_error", e);
-        }   
-    }
-    
-    public static byte[] createDigest(byte[] input, String algo) throws NoSuchAlgorithmException { 
-        MessageDigest md = MessageDigest.getInstance(algo);
-        md.reset();
-        md.update(input);
-        return md.digest();
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
index cd5075a..b33b929 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
@@ -29,6 +29,7 @@ import java.util.UUID;
 import javax.ws.rs.core.MultivaluedMap;
 
 import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.common.util.crypto.MessageDigestUtils;
 import org.apache.cxf.jaxrs.impl.MetadataMap;
 import org.apache.cxf.jaxrs.model.URITemplate;
 import org.apache.cxf.rs.security.oauth2.common.Client;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
deleted file mode 100644
index 94fbcf4..0000000
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
+++ /dev/null
@@ -1,794 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.oauth2.utils.crypto;
-
-import java.io.InputStream;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.Method;
-import java.math.BigInteger;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.Principal;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.cert.Certificate;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.ECGenParameterSpec;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPoint;
-import java.security.spec.ECPrivateKeySpec;
-import java.security.spec.ECPublicKeySpec;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPrivateKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.Properties;
-import java.util.logging.Logger;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.common.classloader.ClassLoaderUtils;
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.CompressionUtils;
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.jaxrs.utils.ResourceUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageUtils;
-import org.apache.cxf.security.SecurityContext;
-
-
-/**
- * Encryption helpers
- */
-public final class CryptoUtils {
-    public static final String RSSEC_KEY_STORE_TYPE = "rs.security.keystore.type";
-    public static final String RSSEC_KEY_STORE_PSWD = "rs.security.keystore.password";
-    public static final String RSSEC_KEY_PSWD = "rs.security.key.password";
-    public static final String RSSEC_KEY_STORE_ALIAS = "rs.security.keystore.alias";
-    public static final String RSSEC_KEY_STORE_FILE = "rs.security.keystore.file";
-    public static final String RSSEC_PRINCIPAL_NAME = "rs.security.principal.name";
-    public static final String RSSEC_KEY_PSWD_PROVIDER = "rs.security.key.password.provider";
-    public static final String RSSEC_SIG_KEY_PSWD_PROVIDER = "rs.security.signature.key.password.provider";
-    public static final String RSSEC_DECRYPT_KEY_PSWD_PROVIDER = "rs.security.decryption.key.password.provider";
-        
-    private static final Logger LOG = LogUtils.getL7dLogger(CryptoUtils.class);
-    
-    private CryptoUtils() {
-    }
-    
-    public static String encodeSecretKey(SecretKey key) throws SecurityException {
-        return encodeBytes(key.getEncoded());
-    }
-    
-    public static String encryptSecretKey(SecretKey secretKey, PublicKey publicKey) 
-        throws SecurityException {
-        KeyProperties props = new KeyProperties(publicKey.getAlgorithm());
-        return encryptSecretKey(secretKey, publicKey, props);
-    }
-    
-    public static String encryptSecretKey(SecretKey secretKey, PublicKey publicKey,
-        KeyProperties props) throws SecurityException {
-        byte[] encryptedBytes = encryptBytes(secretKey.getEncoded(), 
-                                             publicKey,
-                                             props);
-        return encodeBytes(encryptedBytes);
-    }
-    
-    public static byte[] generateSecureRandomBytes(int size) {
-        SecureRandom sr = new SecureRandom();
-        byte[] bytes = new byte[size];
-        sr.nextBytes(bytes);
-        return bytes;
-    }
-    
-    public static RSAPublicKey getRSAPublicKey(String encodedModulus,
-                                               String encodedPublicExponent) {
-        try {
-            return getRSAPublicKey(decodeSequence(encodedModulus),
-                                   decodeSequence(encodedPublicExponent));
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static RSAPublicKey getRSAPublicKey(byte[] modulusBytes,
-                                               byte[] publicExponentBytes) {
-        try {
-            return getRSAPublicKey(KeyFactory.getInstance("RSA"), 
-                                   modulusBytes,
-                                   publicExponentBytes);
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }         
-    }
-    
-    public static RSAPublicKey getRSAPublicKey(KeyFactory factory,
-                                               byte[] modulusBytes,
-                                               byte[] publicExponentBytes) {
-        BigInteger modulus =  new BigInteger(1, modulusBytes);
-        BigInteger publicExponent =  new BigInteger(1, publicExponentBytes);
-        try {
-            return (RSAPublicKey)factory.generatePublic(
-                new RSAPublicKeySpec(modulus, publicExponent));
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }    
-    }
-    
-    public static Certificate loadCertificate(InputStream storeLocation, char[] storePassword, String alias,
-                                              String storeType) {
-        KeyStore keyStore = loadKeyStore(storeLocation, storePassword, storeType);
-        return loadCertificate(keyStore, alias);
-    }
-    public static Certificate loadCertificate(KeyStore keyStore, String alias) {
-        try {
-            return keyStore.getCertificate(alias);
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }
-    }
-    public static PublicKey loadPublicKey(InputStream storeLocation, char[] storePassword, String alias,
-                                          String storeType) {
-        return loadCertificate(storeLocation, storePassword, alias, storeType).getPublicKey();
-    }
-    public static PublicKey loadPublicKey(KeyStore keyStore, String alias) {
-        return loadCertificate(keyStore, alias).getPublicKey();
-    }
-    public static PublicKey loadPublicKey(Message m, Properties props) {
-        KeyStore keyStore = CryptoUtils.loadPersistKeyStore(m, props);
-        return CryptoUtils.loadPublicKey(keyStore, props.getProperty(RSSEC_KEY_STORE_ALIAS));
-    }
-    public static PublicKey loadPublicKey(Message m, String keyStoreLocProp) {
-        return loadPublicKey(m, keyStoreLocProp, null);
-    }
-    public static PublicKey loadPublicKey(Message m, String keyStoreLocPropPreferred, String keyStoreLocPropDefault) {
-        String keyStoreLoc = getMessageProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault);
-        Bus bus = m.getExchange().getBus();
-        try {
-            Properties props = ResourceUtils.loadProperties(keyStoreLoc, bus);
-            return CryptoUtils.loadPublicKey(m, props);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    private static String getMessageProperty(Message m, String keyStoreLocPropPreferred, 
-                                             String keyStoreLocPropDefault) {
-        String propLoc = 
-            (String)MessageUtils.getContextualProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault);
-        if (propLoc == null) {
-            throw new SecurityException();
-        }
-        return propLoc;
-    }
-    public static PrivateKey loadPrivateKey(Properties props, Bus bus, PrivateKeyPasswordProvider provider) {
-        KeyStore keyStore = loadKeyStore(props, bus);
-        return loadPrivateKey(keyStore, props, bus, provider);
-    }
-    public static PrivateKey loadPrivateKey(KeyStore keyStore, 
-                                            Properties props, 
-                                            Bus bus, 
-                                            PrivateKeyPasswordProvider provider) {
-        
-        String keyPswd = props.getProperty(RSSEC_KEY_PSWD);
-        String alias = props.getProperty(RSSEC_KEY_STORE_ALIAS);
-        char[] keyPswdChars = provider != null ? provider.getPassword(props) 
-            : keyPswd != null ? keyPswd.toCharArray() : null;    
-        return loadPrivateKey(keyStore, keyPswdChars, alias);
-    }
-    public static PrivateKey loadPrivateKey(InputStream storeLocation, 
-                                            char[] storePassword, 
-                                            char[] keyPassword, 
-                                            String alias,
-                                            String storeType) {
-        KeyStore keyStore = loadKeyStore(storeLocation, storePassword, storeType);
-        return loadPrivateKey(keyStore, keyPassword, alias);
-    }
-    
-    public static PrivateKey loadPrivateKey(KeyStore keyStore,
-                                            char[] keyPassword, 
-                                            String alias) {
-        try {
-            KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
-                keyStore.getEntry(alias, new KeyStore.PasswordProtection(keyPassword));
-            return pkEntry.getPrivateKey();
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }
-    }
-    public static PrivateKey loadPrivateKey(Message m, String keyStoreLocProp, String passwordProviderProp) {
-        return loadPrivateKey(m, keyStoreLocProp, null, passwordProviderProp);
-    }
-    public static PrivateKey loadPrivateKey(Message m, String keyStoreLocPropPreferred,
-                                            String keyStoreLocPropDefault, String passwordProviderProp) {
-        String keyStoreLoc = getMessageProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault);
-        Bus bus = m.getExchange().getBus();
-        try {
-            Properties props = ResourceUtils.loadProperties(keyStoreLoc, bus);
-            return CryptoUtils.loadPrivateKey(m, props, passwordProviderProp);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    public static PrivateKey loadPrivateKey(Message m, Properties props, String passwordProviderProp) {
-        Bus bus = m.getExchange().getBus();
-        KeyStore keyStore = CryptoUtils.loadPersistKeyStore(m, props);
-        PrivateKeyPasswordProvider cb = 
-            (PrivateKeyPasswordProvider)m.getContextualProperty(passwordProviderProp);
-        if (cb != null && m.getExchange().getInMessage() != null) {
-            SecurityContext sc = m.getExchange().getInMessage().get(SecurityContext.class);
-            if (sc != null) {
-                Principal p = sc.getUserPrincipal();
-                if (p != null) {
-                    props.setProperty(RSSEC_PRINCIPAL_NAME, p.getName());
-                }
-            }
-        }
-        return CryptoUtils.loadPrivateKey(keyStore, props, bus, cb);
-    }
-    public static KeyStore loadPersistKeyStore(Message m, Properties props) {
-        KeyStore keyStore = (KeyStore)m.getExchange().get(props.get(CryptoUtils.RSSEC_KEY_STORE_FILE));
-        if (keyStore == null) {
-            keyStore = CryptoUtils.loadKeyStore(props, m.getExchange().getBus());
-            m.getExchange().put((String)props.get(CryptoUtils.RSSEC_KEY_STORE_FILE), keyStore);
-        }
-        return keyStore;
-    }
-    public static KeyStore loadKeyStore(Properties props, Bus bus) {
-        String keyStoreType = props.getProperty(RSSEC_KEY_STORE_TYPE);
-        String keyStoreLoc = props.getProperty(RSSEC_KEY_STORE_FILE);
-        String keyStorePswd = props.getProperty(RSSEC_KEY_STORE_PSWD);
-        try {
-            InputStream is = ResourceUtils.getResourceStream(keyStoreLoc, bus);
-            return loadKeyStore(is, keyStorePswd.toCharArray(), keyStoreType);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static KeyStore loadKeyStore(InputStream storeLocation, char[] storePassword, String type) {
-        try {
-            KeyStore ks = KeyStore.getInstance(type == null ? KeyStore.getDefaultType() : type);
-            ks.load(storeLocation, storePassword);
-            return ks;
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static RSAPrivateKey getRSAPrivateKey(String encodedModulus,
-                                                 String encodedPrivateExponent) {
-        try {
-            return getRSAPrivateKey(decodeSequence(encodedModulus),
-                                    decodeSequence(encodedPrivateExponent));
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static RSAPrivateKey getRSAPrivateKey(byte[] modulusBytes,
-                                                 byte[] privateExponentBytes) {
-        BigInteger modulus =  new BigInteger(1, modulusBytes);
-        BigInteger privateExponent =  new BigInteger(1, privateExponentBytes);
-        try {
-            KeyFactory factory = KeyFactory.getInstance("RSA");
-            return (RSAPrivateKey)factory.generatePrivate(
-                new RSAPrivateKeySpec(modulus, privateExponent));
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }    
-    }
-    //CHECKSTYLE:OFF
-    public static RSAPrivateKey getRSAPrivateKey(String encodedModulus,
-                                                 String encodedPublicExponent,
-                                                 String encodedPrivateExponent,
-                                                 String encodedPrimeP,
-                                                 String encodedPrimeQ,
-                                                 String encodedPrimeExpP,
-                                                 String encodedPrimeExpQ,
-                                                 String encodedCrtCoefficient) {
-    //CHECKSTYLE:ON
-        try {
-            return getRSAPrivateKey(decodeSequence(encodedModulus),
-                                    decodeSequence(encodedPublicExponent),
-                                    decodeSequence(encodedPrivateExponent),
-                                    decodeSequence(encodedPrimeP),
-                                    decodeSequence(encodedPrimeQ),
-                                    decodeSequence(encodedPrimeExpP),
-                                    decodeSequence(encodedPrimeExpQ),
-                                    decodeSequence(encodedCrtCoefficient));
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }
-    }
-    //CHECKSTYLE:OFF
-    public static RSAPrivateKey getRSAPrivateKey(byte[] modulusBytes,
-                                                 byte[] publicExponentBytes,
-                                                 byte[] privateExponentBytes,
-                                                 byte[] primePBytes,
-                                                 byte[] primeQBytes,
-                                                 byte[] primeExpPBytes,
-                                                 byte[] primeExpQBytes,
-                                                 byte[] crtCoefficientBytes) {
-    //CHECKSTYLE:ON
-        BigInteger modulus =  new BigInteger(1, modulusBytes);
-        BigInteger publicExponent =  new BigInteger(1, publicExponentBytes);
-        BigInteger privateExponent =  new BigInteger(1, privateExponentBytes);
-        BigInteger primeP =  new BigInteger(1, primePBytes);
-        BigInteger primeQ =  new BigInteger(1, primeQBytes);
-        BigInteger primeExpP =  new BigInteger(1, primeExpPBytes);
-        BigInteger primeExpQ =  new BigInteger(1, primeExpQBytes);
-        BigInteger crtCoefficient =  new BigInteger(1, crtCoefficientBytes);
-        try {
-            KeyFactory factory = KeyFactory.getInstance("RSA");
-            return (RSAPrivateKey)factory.generatePrivate(
-                new RSAPrivateCrtKeySpec(modulus, 
-                                         publicExponent,
-                                         privateExponent,
-                                         primeP,
-                                         primeQ,
-                                         primeExpP,
-                                         primeExpQ,
-                                         crtCoefficient));
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }    
-    }
-    
-    public static ECPrivateKey getECPrivateKey(String curve, String encodedPrivateKey) {
-        try {
-            return getECPrivateKey(curve, decodeSequence(encodedPrivateKey));
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }
-    }
-    public static ECPrivateKey getECPrivateKey(String curve, byte[] privateKey) {
-        try {
-            ECParameterSpec params = getECParameterSpec(curve, true);
-            ECPrivateKeySpec keySpec = new ECPrivateKeySpec(
-                                           new BigInteger(1, privateKey), params);
-            KeyFactory kf = KeyFactory.getInstance("EC");
-            return (ECPrivateKey) kf.generatePrivate(keySpec);
-
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }    
-    }
-    private static ECParameterSpec getECParameterSpec(String curve, boolean isPrivate) 
-        throws Exception {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC");
-        ECGenParameterSpec kpgparams = new ECGenParameterSpec("sec"
-                                                              + curve.toLowerCase().replace("-", "")
-                                                              + "r1");
-        kpg.initialize(kpgparams);
-        KeyPair pair = kpg.generateKeyPair();
-        return isPrivate ? ((ECPublicKey) pair.getPublic()).getParams()
-            : ((ECPrivateKey) pair.getPrivate()).getParams();
-    }
-    
-    public static ECPublicKey getECPublicKey(String curve, String encodedXPoint, String encodedYPoint) {
-        try {
-            return getECPublicKey(curve,
-                                  decodeSequence(encodedXPoint),
-                                  decodeSequence(encodedYPoint));
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }
-    }
-    public static ECPublicKey getECPublicKey(String curve, byte[] xPoint, byte[] yPoint) {
-        try {
-            ECParameterSpec params = getECParameterSpec(curve, false);
-
-            ECPoint ecPoint = new ECPoint(new BigInteger(1, xPoint),
-                                          new BigInteger(1, yPoint));
-            ECPublicKeySpec keySpec = new ECPublicKeySpec(ecPoint, params);
-            KeyFactory kf = KeyFactory.getInstance("EC");
-            return (ECPublicKey) kf.generatePublic(keySpec);
-
-        } catch (Exception ex) { 
-            throw new SecurityException(ex);
-        }    
-    }
-    public static AlgorithmParameterSpec getContentEncryptionCipherSpec(int authTagLength, byte[] iv) {
-        // this can be overridden if needed
-        if (authTagLength > 0) {
-            return CryptoUtils.getGCMParameterSpec(authTagLength, iv);
-        } else if (iv.length > 0) {
-            return new IvParameterSpec(iv);
-        } else {
-            return null;
-        }
-    }
-    
-    public static AlgorithmParameterSpec getGCMParameterSpec(int authTagLength, byte[] iv) {
-        try {
-            // In case Java 6 compiler is used
-            Class<?> c = ClassLoaderUtils.loadClass("javax.crypto.spec.GCMParameterSpec", CryptoUtils.class);
-            Constructor<?> ctr = c.getConstructor(new Class[]{int.class, byte[].class});
-            return (AlgorithmParameterSpec)ctr.newInstance(new Object[]{authTagLength, iv});
-        } catch (Throwable t) {
-            return new IvParameterSpec(iv);
-        }
-    }
-    
-    public static byte[] signData(byte[] data, PrivateKey key, String signAlgo) {
-        return signData(data, key, signAlgo, null, null);
-    }
-    
-    public static byte[] signData(byte[] data, PrivateKey key, String signAlgo, SecureRandom random,
-                           AlgorithmParameterSpec params) {
-        try {
-            Signature s = getSignature(key, signAlgo, random, params);
-            s.update(data);
-            return s.sign();
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static Signature getSignature(PrivateKey key, String signAlgo, SecureRandom random,
-                                  AlgorithmParameterSpec params) {
-        try {
-            Signature s = Signature.getInstance(signAlgo);
-            if (random == null) {
-                s.initSign(key);
-            } else {
-                s.initSign(key, random);
-            }
-            if (params != null) {
-                s.setParameter(params);
-            }
-            return s;
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static boolean verifySignature(byte[] data, byte[] signature, PublicKey key, String signAlgo) {
-        return verifySignature(data, signature, key, signAlgo, null);
-    }
-    
-    public static boolean verifySignature(byte[] data, byte[] signature, PublicKey key, String signAlgo, 
-                                AlgorithmParameterSpec params) {
-        try {
-            Signature s = Signature.getInstance(signAlgo);
-            s.initVerify(key);
-            if (params != null) {
-                s.setParameter(params);
-            }
-            s.update(data);
-            return s.verify(signature);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static SecretKey getSecretKey(String symEncAlgo) throws SecurityException {
-        return getSecretKey(new KeyProperties(symEncAlgo));
-    }
-    
-    public static SecretKey getSecretKey(String symEncAlgo, int keySize) throws SecurityException {
-        return getSecretKey(new KeyProperties(symEncAlgo, keySize));
-    }
-    
-    public static SecretKey getSecretKey(KeyProperties props) throws SecurityException {
-        try {
-            KeyGenerator keyGen = KeyGenerator.getInstance(props.getKeyAlgo());
-            AlgorithmParameterSpec algoSpec = props.getAlgoSpec();
-            SecureRandom random = props.getSecureRandom();
-            if (algoSpec != null) {
-                if (random != null) {
-                    keyGen.init(algoSpec, random);
-                } else {
-                    keyGen.init(algoSpec);
-                }
-            } else {
-                int keySize = props.getKeySize();
-                if (keySize == -1) {
-                    keySize = 128;
-                }
-                if (random != null) {
-                    keyGen.init(keySize, random);
-                } else {
-                    keyGen.init(keySize);
-                }
-            }
-            
-            return keyGen.generateKey();
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static String decryptSequence(String encodedToken, String encodedSecretKey)
-        throws SecurityException {
-        return decryptSequence(encodedToken, encodedSecretKey, new KeyProperties("AES"));
-    }
-    
-    public static String decryptSequence(String encodedData, String encodedSecretKey, 
-        KeyProperties props) throws SecurityException {
-        SecretKey key = decodeSecretKey(encodedSecretKey, props.getKeyAlgo());
-        return decryptSequence(encodedData, key, props);
-    }
-    
-    public static String decryptSequence(String encodedData, Key secretKey) throws SecurityException {
-        return decryptSequence(encodedData, secretKey, null);
-    }
-    
-    public static String decryptSequence(String encodedData, Key secretKey,
-        KeyProperties props) throws SecurityException {
-        byte[] encryptedBytes = decodeSequence(encodedData);
-        byte[] bytes = decryptBytes(encryptedBytes, secretKey, props);
-        try {
-            return new String(bytes, "UTF-8");
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static String encryptSequence(String sequence, Key secretKey) throws SecurityException {
-        return encryptSequence(sequence, secretKey, null);
-    }
-    
-    public static String encryptSequence(String sequence, Key secretKey,
-        KeyProperties keyProps) throws SecurityException {
-        try {
-            byte[] bytes = encryptBytes(sequence.getBytes("UTF-8"), secretKey, keyProps);
-            return encodeBytes(bytes);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static String encodeBytes(byte[] bytes) throws SecurityException {
-        try {
-            return Base64UrlUtility.encode(bytes);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static byte[] encryptBytes(byte[] bytes, Key secretKey) throws SecurityException {
-        return encryptBytes(bytes, secretKey, null);
-    }
-    
-    public static byte[] encryptBytes(byte[] bytes, Key secretKey,
-        KeyProperties keyProps) throws SecurityException {
-        return processBytes(bytes, secretKey, keyProps, Cipher.ENCRYPT_MODE);
-    }
-    
-    public static byte[] decryptBytes(byte[] bytes, Key secretKey) throws SecurityException {
-        return decryptBytes(bytes, secretKey, null);
-    }
-    
-    public static byte[] decryptBytes(byte[] bytes, Key secretKey, 
-        KeyProperties keyProps) throws SecurityException {
-        return processBytes(bytes, secretKey, keyProps, Cipher.DECRYPT_MODE);
-    }
-    
-    public static byte[] wrapSecretKey(byte[] keyBytes, 
-                                       String keyAlgo,
-                                       Key wrapperKey,
-                                       KeyProperties wrapperKeyProps)  throws SecurityException {
-        return wrapSecretKey(new SecretKeySpec(keyBytes, convertJCECipherToSecretKeyName(keyAlgo)), 
-                             wrapperKey, 
-                             wrapperKeyProps);
-    }
-    
-    public static byte[] wrapSecretKey(Key secretKey,
-                                       Key wrapperKey,
-                                       KeyProperties keyProps)  throws SecurityException {
-        try {
-            Cipher c = initCipher(wrapperKey, keyProps, Cipher.WRAP_MODE);
-            return c.wrap(secretKey);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }    
-    }
-    
-    public static SecretKey unwrapSecretKey(byte[] wrappedBytes,
-                                            String wrappedKeyAlgo,
-                                            Key unwrapperKey,
-                                            String unwrapperKeyAlgo)  throws SecurityException {
-        return unwrapSecretKey(wrappedBytes, wrappedKeyAlgo, unwrapperKey, 
-                               new KeyProperties(unwrapperKeyAlgo));
-    }
-    
-    public static SecretKey unwrapSecretKey(byte[] wrappedBytes,
-                                            String wrappedKeyAlgo,
-                                            Key unwrapperKey,
-                                            KeyProperties keyProps)  throws SecurityException {
-        return (SecretKey)unwrapKey(wrappedBytes, wrappedKeyAlgo, unwrapperKey, keyProps, Cipher.SECRET_KEY);    
-    }
-    
-    public static Key unwrapKey(byte[] wrappedBytes,
-                                            String wrappedKeyAlgo,
-                                            Key unwrapperKey,
-                                            KeyProperties keyProps,
-                                            int wrappedKeyType)  throws SecurityException {
-        try {
-            Cipher c = initCipher(unwrapperKey, keyProps, Cipher.UNWRAP_MODE);
-            return c.unwrap(wrappedBytes, wrappedKeyAlgo, wrappedKeyType);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }    
-    }
-    
-    private static byte[] processBytes(byte[] bytes, 
-                                      Key secretKey, 
-                                      KeyProperties keyProps, 
-                                      int mode)  throws SecurityException {
-        boolean compressionSupported = keyProps != null && keyProps.isCompressionSupported();
-        if (compressionSupported && mode == Cipher.ENCRYPT_MODE) {
-            bytes = CompressionUtils.deflate(bytes, false);
-        }
-        try {
-            Cipher c = initCipher(secretKey, keyProps, mode);
-            byte[] result = new byte[0];
-            int blockSize = keyProps != null ? keyProps.getBlockSize() : -1;
-            if (secretKey instanceof SecretKey && blockSize == -1) {
-                result = c.doFinal(bytes);
-            } else {
-                if (blockSize == -1) {
-                    blockSize = secretKey instanceof PublicKey ? 117 : 128;
-                }
-                boolean updateRequired = keyProps != null && keyProps.getAdditionalData() != null;
-                int offset = 0;
-                for (; offset + blockSize < bytes.length; offset += blockSize) {
-                    byte[] next = !updateRequired ? c.doFinal(bytes, offset, blockSize) 
-                        : c.update(bytes, offset, blockSize);
-                    result = addToResult(result, next);
-                }
-                if (offset < bytes.length) {
-                    result = addToResult(result, c.doFinal(bytes, offset, bytes.length - offset));
-                } else {
-                    result = addToResult(result, c.doFinal());
-                }
-            }
-            if (compressionSupported && mode == Cipher.DECRYPT_MODE) {
-                result = IOUtils.readBytesFromStream(CompressionUtils.inflate(result, false));
-            }
-            return result;
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static Cipher initCipher(Key secretKey, KeyProperties keyProps, int mode)  throws SecurityException {
-        try {
-            String algorithm = keyProps != null && keyProps.getKeyAlgo() != null 
-                ? keyProps.getKeyAlgo() : secretKey.getAlgorithm();
-            Cipher c = Cipher.getInstance(algorithm);
-            if (keyProps == null || keyProps.getAlgoSpec() == null && keyProps.getSecureRandom() == null) {
-                c.init(mode, secretKey);
-            } else {
-                AlgorithmParameterSpec algoSpec = keyProps.getAlgoSpec();
-                SecureRandom random = keyProps.getSecureRandom();
-                if (algoSpec == null) {
-                    c.init(mode, secretKey, random);
-                } else if (random == null) {
-                    c.init(mode, secretKey, algoSpec);
-                } else {
-                    c.init(mode, secretKey, algoSpec, random);
-                }
-            }
-            if (keyProps != null && keyProps.getAdditionalData() != null) {
-                // TODO: call updateAAD directly after switching to Java7
-                try {
-                    Method m = Cipher.class.getMethod("updateAAD", new Class[]{byte[].class});
-                    m.invoke(c, new Object[]{keyProps.getAdditionalData()});
-                } catch (NoSuchMethodException ex) {
-                    LOG.fine(ex.getMessage());
-                }
-            }
-            return c;
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    private static byte[] addToResult(byte[] prefix, byte[] suffix) {
-        if (suffix == null || suffix.length == 0) {
-            return prefix;    
-        } else if (prefix.length == 0) {
-            return suffix;
-        } else {
-            byte[] result = new byte[prefix.length + suffix.length];
-            System.arraycopy(prefix, 0, result, 0, prefix.length);
-            System.arraycopy(suffix, 0, result, prefix.length, suffix.length);
-            return result;
-        }
-    }
-    
-    public static SecretKey decodeSecretKey(String encodedSecretKey) throws SecurityException {
-        return decodeSecretKey(encodedSecretKey, "AES");
-    }
-    
-    public static SecretKey decodeSecretKey(String encodedSecretKey, String secretKeyAlgo) 
-        throws SecurityException {
-        byte[] secretKeyBytes = decodeSequence(encodedSecretKey);
-        return createSecretKeySpec(secretKeyBytes, secretKeyAlgo);
-    }
-    
-    public static SecretKey decryptSecretKey(String encodedEncryptedSecretKey,
-                                             PrivateKey privateKey) {
-        return decryptSecretKey(encodedEncryptedSecretKey, "AES", privateKey);
-    }
-    
-    
-    public static SecretKey decryptSecretKey(String encodedEncryptedSecretKey,
-                                             String secretKeyAlgo,
-                                             PrivateKey privateKey)
-        throws SecurityException {
-        KeyProperties props = new KeyProperties(privateKey.getAlgorithm());
-        return decryptSecretKey(encodedEncryptedSecretKey, secretKeyAlgo, props, privateKey);
-    }
-    
-    public static SecretKey decryptSecretKey(String encodedEncryptedSecretKey,
-                                             String secretKeyAlgo,
-                                             KeyProperties props,
-                                             PrivateKey privateKey) throws SecurityException {
-        byte[] encryptedBytes = decodeSequence(encodedEncryptedSecretKey);
-        byte[] descryptedBytes = decryptBytes(encryptedBytes, privateKey, props);
-        return createSecretKeySpec(descryptedBytes, secretKeyAlgo);
-    }
-    
-    public static SecretKey createSecretKeySpec(String encodedBytes, String algo) {
-        return new SecretKeySpec(decodeSequence(encodedBytes), algo);
-    }
-    public static SecretKey createSecretKeySpec(byte[] bytes, String algo) {
-        return new SecretKeySpec(bytes, convertJCECipherToSecretKeyName(algo));
-    }
-    public static byte[] decodeSequence(String encodedSequence) throws SecurityException {
-        try {
-            return Base64UrlUtility.decode(encodedSequence);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    private static String convertJCECipherToSecretKeyName(String jceCipherName) {
-        if (jceCipherName != null) {
-            if (jceCipherName.startsWith("AES")) {
-                return "AES";
-            } else if (jceCipherName.startsWith("DESede")) {
-                return "DESede";
-            } else if (jceCipherName.startsWith("SEED")) {
-                return "SEED";
-            } else if (jceCipherName.startsWith("Camellia")) {
-                return "Camellia";
-            }
-        }
-        return null;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/HmacUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/HmacUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/HmacUtils.java
deleted file mode 100644
index 6dd310d..0000000
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/HmacUtils.java
+++ /dev/null
@@ -1,146 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.oauth2.utils.crypto;
-
-import java.io.UnsupportedEncodingException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.Base64Utility;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-
-public final class HmacUtils {
-    
-    private HmacUtils() {
-        
-    }
-    
-    public static String encodeHmacString(String macSecret, String macAlgoJavaName, String data) {
-        return Base64Utility.encode(computeHmac(macSecret, macAlgoJavaName, data));
-    }
-    
-    public static String encodeHmacString(String macSecret, String macAlgoJavaName, String data, boolean urlSafe) {
-        byte[] bytes = computeHmac(macSecret, macAlgoJavaName, data);
-        return urlSafe ? Base64UrlUtility.encode(bytes) : Base64Utility.encode(bytes);
-    }
-    
-    public static Mac getMac(String macAlgoJavaName) {
-        return getMac(macAlgoJavaName, (String)null);
-    }
-    
-    public static Mac getMac(String macAlgoJavaName, String provider) {
-        try {
-            return provider == null ? Mac.getInstance(macAlgoJavaName) : Mac.getInstance(macAlgoJavaName, provider);
-        } catch (NoSuchAlgorithmException e) {
-            throw new OAuthServiceException(e);
-        } catch (NoSuchProviderException e) {
-            throw new OAuthServiceException(e);
-        }
-    }
-    
-    public static Mac getMac(String macAlgoJavaName, Provider provider) {
-        try {
-            return Mac.getInstance(macAlgoJavaName, provider);
-        } catch (NoSuchAlgorithmException e) {
-            throw new OAuthServiceException(e);
-        }
-    }
-    
-    public static byte[] computeHmac(String key, String macAlgoJavaName, String data) {
-        Mac mac = getMac(macAlgoJavaName);
-        return computeHmac(key, mac, data);
-    }
-    
-    public static byte[] computeHmac(byte[] key, String macAlgoJavaName, String data) {
-        return computeHmac(key, macAlgoJavaName, null, data);
-    }
-    public static byte[] computeHmac(byte[] key, String macAlgoJavaName, AlgorithmParameterSpec spec, 
-                                     String data) {
-        Mac mac = getMac(macAlgoJavaName);
-        return computeHmac(new SecretKeySpec(key, mac.getAlgorithm()), mac, spec, data);
-    }
-    
-    public static byte[] computeHmac(String key, Mac hmac, String data) {
-        try {
-            return computeHmac(key.getBytes("UTF-8"), hmac, data);
-        } catch (UnsupportedEncodingException e) {
-            throw new OAuthServiceException(e);
-        }
-    }
-    
-    public static byte[] computeHmac(byte[] key, Mac hmac, String data) {
-        SecretKeySpec secretKey = new SecretKeySpec(key, hmac.getAlgorithm());
-        return computeHmac(secretKey, hmac, data);
-    }
-    
-    public static byte[] computeHmac(Key secretKey, Mac hmac, String data) {
-        return computeHmac(secretKey, hmac, null, data);
-    }
-    
-    public static byte[] computeHmac(Key secretKey, Mac hmac, AlgorithmParameterSpec spec, String data) {
-        initMac(hmac, secretKey, spec);
-        return hmac.doFinal(data.getBytes());
-    }
-    
-    public static Mac getInitializedMac(byte[] key, String algo, AlgorithmParameterSpec spec) {
-        Mac hmac = getMac(algo);
-        initMac(hmac, key, spec);
-        return hmac;
-    }
-    
-    private static void initMac(Mac hmac, byte[] key, AlgorithmParameterSpec spec) {
-        initMac(hmac, new SecretKeySpec(key, hmac.getAlgorithm()), spec);
-        
-    }
-    private static void initMac(Mac hmac, Key secretKey, AlgorithmParameterSpec spec) {
-        try {
-            if (spec == null) {
-                hmac.init(secretKey);
-            } else {
-                hmac.init(secretKey, spec);
-            }
-        } catch (InvalidKeyException e) {
-            throw new OAuthServiceException(e);
-        } catch (InvalidAlgorithmParameterException e) {
-            throw new OAuthServiceException(e);
-        }
-    }
-    
-    public static String generateKey(String algo) {
-        try {
-            KeyGenerator keyGen = KeyGenerator.getInstance(algo);
-            return Base64Utility.encode(keyGen.generateKey().getEncoded());
-        } catch (NoSuchAlgorithmException e) {
-            throw new OAuthServiceException(e);
-        }
-    }
-    
-       
-       
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/KeyProperties.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/KeyProperties.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/KeyProperties.java
deleted file mode 100644
index 8a473d8..0000000
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/KeyProperties.java
+++ /dev/null
@@ -1,88 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.oauth2.utils.crypto;
-
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-public class KeyProperties {
-    private String keyAlgo;
-    private int keySize;
-    private int blockSize = -1;
-    private byte[] additionalData;
-    private SecureRandom secureRandom;
-    private AlgorithmParameterSpec algoSpec;
-    private boolean compressionSupported;
-    
-    public KeyProperties() {
-    }
-    
-    public KeyProperties(String keyAlgo) {
-        this(keyAlgo, -1);
-    }
-    public KeyProperties(String keyAlgo, int keySize) {
-        this.keyAlgo = keyAlgo;
-        this.keySize = keySize;
-    }
-    public String getKeyAlgo() {
-        return keyAlgo;
-    }
-    public void setKeyAlgo(String keyAlgo) {
-        this.keyAlgo = keyAlgo;
-    }
-    public int getKeySize() {
-        return keySize;
-    }
-    public void setKeySize(int keySize) {
-        this.keySize = keySize;
-    }
-    public SecureRandom getSecureRandom() {
-        return secureRandom;
-    }
-    public void setSecureRandom(SecureRandom secureRandom) {
-        this.secureRandom = secureRandom;
-    }
-    public AlgorithmParameterSpec getAlgoSpec() {
-        return algoSpec;
-    }
-    public void setAlgoSpec(AlgorithmParameterSpec algoSpec) {
-        this.algoSpec = algoSpec;
-    }
-    public int getBlockSize() {
-        return blockSize;
-    }
-    public void setBlockSize(int blockSize) {
-        this.blockSize = blockSize;
-    }
-    public boolean isCompressionSupported() {
-        return compressionSupported;
-    }
-    public void setCompressionSupported(boolean compressionSupported) {
-        this.compressionSupported = compressionSupported;
-    }
-    public byte[] getAdditionalData() {
-        return additionalData;
-    }
-    public void setAdditionalData(byte[] additionalData) {
-        this.additionalData = additionalData;
-    }
-    
-    
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java
index cfd510f..e0a5730 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java
@@ -29,6 +29,8 @@ import java.util.Map;
 
 import javax.crypto.SecretKey;
 
+import org.apache.cxf.common.util.crypto.CryptoUtils;
+import org.apache.cxf.common.util.crypto.KeyProperties;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/PrivateKeyPasswordProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/PrivateKeyPasswordProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/PrivateKeyPasswordProvider.java
deleted file mode 100644
index e727464..0000000
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/PrivateKeyPasswordProvider.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.oauth2.utils.crypto;
-
-import java.util.Properties;
-
-public interface PrivateKeyPasswordProvider {
-    char[] getPassword(Properties storeProperties); 
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtilsTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtilsTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtilsTest.java
index 159a524..bf05c13 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtilsTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtilsTest.java
@@ -31,6 +31,8 @@ import java.util.List;
 import javax.crypto.SecretKey;
 import javax.ws.rs.core.MediaType;
 
+import org.apache.cxf.common.util.crypto.CryptoUtils;
+import org.apache.cxf.common.util.crypto.KeyProperties;
 import org.apache.cxf.jaxrs.impl.MetadataMap;
 import org.apache.cxf.jaxrs.provider.json.JSONProvider;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/EncryptingDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/EncryptingDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/EncryptingDataProvider.java
index 4b3c44f..fdd3f1b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/EncryptingDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/crypto/EncryptingDataProvider.java
@@ -27,6 +27,7 @@ import java.util.Set;
 
 import javax.crypto.SecretKey;
 
+import org.apache.cxf.common.util.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
index 721ef90..740c6a8 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
@@ -34,6 +34,7 @@ import org.apache.cxf.rs.security.jose.jaxrs.JweClientResponseFilter;
 import org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor;
 import org.apache.cxf.rs.security.jose.jaxrs.JwsClientResponseFilter;
 import org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor;
+import org.apache.cxf.rs.security.jose.jaxrs.PrivateKeyPasswordProvider;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 import org.apache.cxf.rs.security.jose.jwe.AesCbcHmacJweDecryption;
 import org.apache.cxf.rs.security.jose.jwe.AesCbcHmacJweEncryption;
@@ -41,7 +42,6 @@ import org.apache.cxf.rs.security.jose.jwe.AesWrapKeyDecryptionAlgorithm;
 import org.apache.cxf.rs.security.jose.jwe.AesWrapKeyEncryptionAlgorithm;
 import org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.PrivateKeyPasswordProvider;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/PrivateKeyPasswordProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/PrivateKeyPasswordProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/PrivateKeyPasswordProviderImpl.java
index c34912c..9fbdc81 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/PrivateKeyPasswordProviderImpl.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/PrivateKeyPasswordProviderImpl.java
@@ -20,7 +20,7 @@ package org.apache.cxf.systest.jaxrs.security.jwt;
 
 import java.util.Properties;
 
-import org.apache.cxf.rs.security.oauth2.utils.crypto.PrivateKeyPasswordProvider;
+import org.apache.cxf.rs.security.jose.jaxrs.PrivateKeyPasswordProvider;
 
 public class PrivateKeyPasswordProviderImpl implements PrivateKeyPasswordProvider {
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/4765a07b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
index bf6d618..ed78743 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
@@ -26,6 +26,7 @@ import java.util.List;
 import java.util.Map;
 
 import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.common.util.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
@@ -35,7 +36,6 @@ import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.saml.Constants;
 import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 
 
 public class OAuthDataProviderImpl implements OAuthDataProvider {
@@ -67,8 +67,6 @@ public class OAuthDataProviderImpl implements OAuthDataProvider {
         return CryptoUtils.loadCertificate(is, new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}, "morpit", null);
     }
 
-    
-    
     @Override
     public Client getClient(String clientId) throws OAuthServiceException {
         return clients.get(clientId);


Mime
View raw message