cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-6085] Fixing the tests, adding one more that can run on Java6
Date Thu, 12 Feb 2015 17:21:32 GMT
Repository: cxf
Updated Branches:
  refs/heads/master d3c194bd0 -> 2e701bcd1


[CXF-6085] Fixing the tests, adding one more that can run on Java6


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2e701bcd
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2e701bcd
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2e701bcd

Branch: refs/heads/master
Commit: 2e701bcd1cabcc7ae4cb69346eacb8ab278e2827
Parents: d3c194b
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Thu Feb 12 17:21:18 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Thu Feb 12 17:21:18 2015 +0000

----------------------------------------------------------------------
 .../jose/jwe/AbstractJweEncryption.java         |  4 -
 .../rs/security/jose/jwe/JweJsonProducer.java   | 23 +++---
 .../jose/jwe/JweCompactReaderWriterTest.java    |  6 +-
 .../security/jose/jwe/JweJsonProducerTest.java  | 80 ++++++++++++++------
 4 files changed, 71 insertions(+), 42 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2e701bcd/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
index ba805938..ac545dc 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
@@ -147,10 +147,6 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider
{
                 throw new SecurityException();
             }
             theHeaders.asMap().putAll(jweInHeaders.asMap());
-            if (jweInHeaders.getProtectedHeaders() != null 
-                && !jweInHeaders.asMap().entrySet().containsAll(theHeaders.asMap().entrySet()))
{
-                jweInHeaders.getProtectedHeaders().asMap().putAll(theHeaders.asMap());
-            }
             protectedHeaders = jweInHeaders.getProtectedHeaders() != null 
                 ? jweInHeaders.getProtectedHeaders() : theHeaders;
         } else {

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e701bcd/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
index 7dc3357..a53b8fa 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
@@ -92,13 +92,6 @@ public class JweJsonProducer {
         
         List<JweJsonEncryptionEntry> entries = new ArrayList<JweJsonEncryptionEntry>(encryptors.size());
         Map<String, Object> jweJsonMap = new LinkedHashMap<String, Object>();
-        if (protectedHeader != null) {
-            jweJsonMap.put("protected", 
-                        Base64UrlUtility.encode(writer.toJson(protectedHeader)));
-        }
-        if (unprotectedHeader != null) {
-            jweJsonMap.put("unprotected", unprotectedHeader);
-        }
         byte[] cipherText = null;
         byte[] authTag = null;
         for (int i = 0; i < encryptors.size(); i++) {
@@ -126,13 +119,14 @@ public class JweJsonProducer {
             JweEncryptionState state = encryptor.createJweEncryptionState(input);
             try {
                 byte[] currentCipherOutput = state.getCipher().doFinal(content);
-                byte[] currentCipherText = null;
-                byte[] currentAuthTag = null;
                 if (state.getAuthTagProducer() != null) {
-                    currentCipherText = currentCipherOutput;
+                    cipherText = currentCipherOutput;
                     state.getAuthTagProducer().update(content, 0, content.length);
-                    currentAuthTag = state.getAuthTagProducer().getTag();
+                    authTag = state.getAuthTagProducer().getTag();
                 } else {
+                    byte[] currentCipherText = null;
+                    byte[] currentAuthTag = null;
+                    
                     final int authTagLengthBits = 128;
                     final int cipherTextLen = currentCipherOutput.length - authTagLengthBits
/ 8;
                     currentCipherText = Arrays.copyOf(currentCipherOutput, cipherTextLen);
@@ -161,6 +155,13 @@ public class JweJsonProducer {
                 throw new SecurityException(ex);
             }
         }
+        if (protectedHeader != null) {
+            jweJsonMap.put("protected", 
+                        Base64UrlUtility.encode(writer.toJson(protectedHeader)));
+        }
+        if (unprotectedHeader != null) {
+            jweJsonMap.put("unprotected", unprotectedHeader);
+        }
         if (entries.size() == 1 && canBeFlat) {
             JweHeaders unprotectedEntryHeader = entries.get(0).getUnprotectedHeader();
             if (unprotectedEntryHeader != null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e701bcd/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
index e48e423..0f32318 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
@@ -66,14 +66,14 @@ public class JweCompactReaderWriterTest extends Assert {
         (byte)233, 68, (byte)180, (byte)225, 77, (byte)219};
     
     // A3 example
-    private static final byte[] CONTENT_ENCRYPTION_KEY_A3 = {
+    static final byte[] CONTENT_ENCRYPTION_KEY_A3 = {
         4, (byte)211, 31, (byte)197, 84, (byte)157, (byte)252, (byte)254, 11, 100, 
         (byte)157, (byte)250, 63, (byte)170, 106, (byte)206, 107, 124, (byte)212, 
         45, 111, 107, 9, (byte)219, (byte)200, (byte)177, 0, (byte)240, (byte)143, 
         (byte)156, 44, (byte)207};
-    private static final byte[] INIT_VECTOR_A3 = {
+    static final byte[] INIT_VECTOR_A3 = {
         3, 22, 60, 12, 43, 67, 104, 105, 108, 108, 105, 99, 111, 116, 104, 101};
-    private static final String KEY_ENCRYPTION_KEY_A3 = "GawgguFyGrWKav7AX4VKUg";
+    static final String KEY_ENCRYPTION_KEY_A3 = "GawgguFyGrWKav7AX4VKUg";
     private static final String JWE_OUTPUT_A3 = 
         "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0" 
         + ".6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ" 

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e701bcd/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
index 9fb7b3f..a17b24f 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
@@ -23,6 +23,7 @@ import java.security.Security;
 import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 
+import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.common.util.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.jose.JoseConstants;
@@ -35,25 +36,26 @@ import org.junit.BeforeClass;
 import org.junit.Test;
 
 public class JweJsonProducerTest extends Assert {
-    private static final byte[] SECRET_BYTES = {91, 96, 105, 38, 99, 108, 110, 8, -93, 50,
-15, 62, 0, -115, 73, -39};
+    private static final byte[] WRAPPER_BYTES = {91, 96, 105, 38, 99, 108, 110, 8, -93, 50,
-15, 62, 0, -115, 73, -39};
+    private static final byte[] CEK_BYTES = {-43, 123, 77, 115, 40, 49, -4, -9, -48, -74,
62, 59, 60, 102, -22, -100};
     private static final String SINGLE_RECIPIENT_OUTPUT = 
         "{" 
         + "\"protected\":\"eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0\","
         + "\"recipients\":" 
         + "["
-        + "{\"encrypted_key\":\"fO3KxJioD3Hj1V5E1pjWNNt-3vNl23oc2xgVI1Zu-82fsZ83hQLXrg\"}"
+        + "{\"encrypted_key\":\"b3-M9_CRgT3wEBhhXlpb-BoY7vtA4W_N\"}"
         + "],"
         + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A\","
-        + "\"tag\":\"5UuOareuoUxY2iCS50WJgg\""
+        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
+        + "\"tag\":\"GxWlwvTPmHi4ZnQgafiHew\""
         + "}";
     private static final String SINGLE_RECIPIENT_FLAT_OUTPUT = 
         "{" 
         + "\"protected\":\"eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0\","
-        + "\"encrypted_key\":\"fO3KxJioD3Hj1V5E1pjWNNt-3vNl23oc2xgVI1Zu-82fsZ83hQLXrg\","
+        + "\"encrypted_key\":\"b3-M9_CRgT3wEBhhXlpb-BoY7vtA4W_N\","
         + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A\","
-        + "\"tag\":\"5UuOareuoUxY2iCS50WJgg\""
+        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
+        + "\"tag\":\"GxWlwvTPmHi4ZnQgafiHew\""
         + "}";
     private static final String SINGLE_RECIPIENT_ALL_HEADERS_AAD_OUTPUT = 
         "{" 
@@ -63,15 +65,15 @@ public class JweJsonProducerTest extends Assert {
         + "["
         + "{"
         + "\"header\":{\"alg\":\"A128KW\"},"
-        + "\"encrypted_key\":\"fO3KxJioD3Hj1V5E1pjWNNt-3vNl23oc2xgVI1Zu-82fsZ83hQLXrg\""
+        + "\"encrypted_key\":\"b3-M9_CRgT3wEBhhXlpb-BoY7vtA4W_N\""
         + "}"
         + "],"
         + "\"aad\":\"WyJ2Y2FyZCIsW1sidmVyc2lvbiIse30sInRleHQiLCI0LjAiXSxbImZuIix7fSwidGV4dCIsIk1lcmlhZG9jIEJyYW5keWJ1Y"
                     + "2siXSxbIm4iLHt9LCJ0ZXh0IixbIkJyYW5keWJ1Y2siLCJNZXJpYWRvYyIsIk1yLiIsIiJdXSxbImJkYXkiLHt9LCJ0ZXh0"
                     + "IiwiVEEgMjk4MiJdLFsiZ2VuZGVyIix7fSwidGV4dCIsIk0iXV1d\","
         + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A\","
-        + "\"tag\":\"4UXkQQGddmRB_df95kvhzA\""
+        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
+        + "\"tag\":\"oVUQGS9608D-INq61-vOaA\""
         + "}";
     private static final String EXTRA_AAD_SOURCE = 
         "[\"vcard\",["
@@ -81,7 +83,17 @@ public class JweJsonProducerTest extends Assert {
         + "[\"bday\",{},\"text\",\"TA 2982\"],"
         + "[\"gender\",{},\"text\",\"M\"]"
         + "]]";
-    
+    private static final String SINGLE_RECIPIENT_A128CBCHS256_OUTPUT = 
+        "{" 
+        + "\"protected\":\"eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0\","
+        + "\"recipients\":" 
+        + "["
+        + "{\"encrypted_key\":\"6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ\"}"
+        + "],"
+        + "\"iv\":\"AxY8DCtDaGlsbGljb3RoZQ\","
+        + "\"ciphertext\":\"KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY\","
+        + "\"tag\":\"vmz4ZlGcZHWBlSMbwtP_Jg\""
+        + "}";
     @BeforeClass
     public static void registerBouncyCastleIfNeeded() throws Exception {
         try {
@@ -97,36 +109,56 @@ public class JweJsonProducerTest extends Assert {
     }
     
     @Test
-    public void testSingleRecipient() throws Exception {
-        doTestSingleRecipientFlat(SINGLE_RECIPIENT_OUTPUT, false);
-        
+    public void testSingleRecipientGcm() throws Exception {
+        final String text = "The true sign of intelligence is not knowledge but imagination.";
+        doTestSingleRecipient(text, SINGLE_RECIPIENT_OUTPUT, JoseConstants.A128GCM_ALGO,

+                              WRAPPER_BYTES, JweCompactReaderWriterTest.INIT_VECTOR_A1, 
+                              CEK_BYTES, false);
+    }
+    @Test
+    public void testSingleRecipientFlatGcm() throws Exception {
+        final String text = "The true sign of intelligence is not knowledge but imagination.";
+        doTestSingleRecipient(text, SINGLE_RECIPIENT_FLAT_OUTPUT, JoseConstants.A128GCM_ALGO,

+                              WRAPPER_BYTES, JweCompactReaderWriterTest.INIT_VECTOR_A1, 
+                              CEK_BYTES, true);
     }
     @Test
-    public void testSingleRecipientFlat() throws Exception {
-        doTestSingleRecipientFlat(SINGLE_RECIPIENT_FLAT_OUTPUT, true);
+    public void testSingleRecipientA128CBCHS256() throws Exception {
+        String text = "Live long and prosper.";
+        doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, JoseConstants.A128CBC_HS256_ALGO,

+                              Base64UrlUtility.decode(JweCompactReaderWriterTest.KEY_ENCRYPTION_KEY_A3),
+                              JweCompactReaderWriterTest.INIT_VECTOR_A3,
+                              JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3,
+                              false);
     }
     
-    private void doTestSingleRecipientFlat(String expectedOutput, boolean canBeFlat) throws
Exception {
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(SECRET_BYTES, "AES");
+    private String doTestSingleRecipient(String text,
+                                         String expectedOutput, 
+                                         String contentEncryptionAlgo,
+                                         byte[] wrapperKeyBytes,
+                                         final byte[] iv,
+                                         final byte[] cek,
+                                         boolean canBeFlat) throws Exception {
+        SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(wrapperKeyBytes, "AES");
         JweHeaders headers = new JweHeaders(JoseConstants.A128KW_ALGO,
-                                            JoseConstants.A128GCM_ALGO);
+                                            contentEncryptionAlgo);
         JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(wrapperKey, headers);
         JweJsonProducer p = new JweJsonProducer(headers, StringUtils.toBytesUTF8(text), canBeFlat)
{
             protected byte[] generateIv() {
-                return JweCompactReaderWriterTest.INIT_VECTOR_A1;
+                return iv;
             }
             protected byte[] generateCek() {
-                return JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A1;
+                return cek;
             }    
         };
         String jweJson = p.encryptWith(jwe);
         assertEquals(expectedOutput, jweJson);
+        return jweJson;
     }
     @Test
     public void testSingleRecipientAllTypeOfHeadersAndAad() {
         final String text = "The true sign of intelligence is not knowledge but imagination.";
-        SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(SECRET_BYTES, "AES");
+        SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES, "AES");
         
         JweHeaders protectedHeaders = new JweHeaders(JoseConstants.A128GCM_ALGO);
         JweHeaders sharedUnprotectedHeaders = new JweHeaders();
@@ -145,7 +177,7 @@ public class JweJsonProducerTest extends Assert {
                 return JweCompactReaderWriterTest.INIT_VECTOR_A1;
             }
             protected byte[] generateCek() {
-                return JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A1;
+                return CEK_BYTES;
             }    
         };
         JweHeaders recepientUnprotectedHeaders = new JweHeaders();


Mime
View raw message