cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-6085] Just prototyping JweJsonProducerTest and fixing few typos
Date Wed, 11 Feb 2015 17:41:28 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 69da964ce -> 76e1cd86b


[CXF-6085] Just prototyping JweJsonProducerTest and fixing few typos


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/76e1cd86
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/76e1cd86
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/76e1cd86

Branch: refs/heads/master
Commit: 76e1cd86bf15145a3a5d6942d5b36567a98b54fd
Parents: 69da964
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Feb 11 17:41:09 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Feb 11 17:41:09 2015 +0000

----------------------------------------------------------------------
 .../jose/jwe/AbstractJweEncryption.java         |  2 +-
 .../rs/security/jose/jwe/JweJsonProducer.java   | 28 ++++++---
 .../jose/jwe/JweCompactReaderWriterTest.java    |  6 +-
 .../security/jose/jwe/JweJsonProducerTest.java  | 66 ++++++++++++++++++++
 4 files changed, 88 insertions(+), 14 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/76e1cd86/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
index e0d7cf6..ba805938 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
@@ -143,7 +143,7 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider
{
                 && (getKeyAlgorithm() == null 
                     || !getKeyAlgorithm().equals(jweInHeaders.getKeyEncryptionAlgorithm()))
                 || jweInHeaders.getAlgorithm() != null 
-                    && !getContentAlgorithm().equals(jweInHeaders.getAlgorithm()))
{
+                    && !getContentAlgorithm().equals(jweInHeaders.getContentEncryptionAlgorithm()))
{
                 throw new SecurityException();
             }
             theHeaders.asMap().putAll(jweInHeaders.asMap());

http://git-wip-us.apache.org/repos/asf/cxf/blob/76e1cd86/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
index 8879e24..ede3a0a 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
@@ -50,22 +50,27 @@ public class JweJsonProducer {
         this(protectedHeader, content, aad);
         this.unprotectedHeader = unprotectedHeader;
     }
-    
+    public String encryptWith(JweEncryptionProvider encryptor) {
+        return encryptWith(Collections.singletonList(encryptor), null);
+    }
+    public String encryptWith(JweEncryptionProvider encryptor, JweHeaders recipientUnprotected)
{
+        return encryptWith(Collections.singletonList(encryptor), 
+                           Collections.singletonList(recipientUnprotected));
+    }
     public String encryptWith(List<JweEncryptionProvider> encryptors) {
         return encryptWith(encryptors, null);
     }
     public String encryptWith(List<JweEncryptionProvider> encryptors, 
-                              List<JweHeaders> recepientUnprotected) {
+                              List<JweHeaders> recipientUnprotected) {
         checkAndGetContentAlgorithm(encryptors);
-        if (recepientUnprotected != null 
-            && recepientUnprotected.size() != encryptors.size()) {
+        if (recipientUnprotected != null 
+            && recipientUnprotected.size() != encryptors.size()) {
             throw new IllegalArgumentException();
         }
         //TODO: determine the actual cek and iv length based on the algo
         byte[] cek = CryptoUtils.generateSecureRandomBytes(32);
         byte[] iv = CryptoUtils.generateSecureRandomBytes(16);
         JweHeaders unionHeaders = new JweHeaders();
-        unionHeaders.setProtectedHeaders(protectedHeader);
         if (protectedHeader != null) {
             unionHeaders.asMap().putAll(protectedHeader.asMap());
         }
@@ -91,9 +96,9 @@ public class JweJsonProducer {
         for (int i = 0; i < encryptors.size(); i++) {
             JweEncryptionProvider encryptor = encryptors.get(i);
             JweHeaders perRecipientUnprotected = 
-                recepientUnprotected == null ? null : recepientUnprotected.get(i);
+                recipientUnprotected == null ? null : recipientUnprotected.get(i);
             JweHeaders jsonHeaders = null;
-            if (recepientUnprotected != null) {
+            if (recipientUnprotected != null) {
                 if (!Collections.disjoint(unionHeaders.asMap().keySet(), 
                                           perRecipientUnprotected.asMap().keySet())) {
                     throw new SecurityException("Protected and unprotected headers have duplicate
values");
@@ -101,9 +106,11 @@ public class JweJsonProducer {
                 jsonHeaders = new JweHeaders(unionHeaders.asMap());
                 jsonHeaders.asMap().putAll(unprotectedHeader.asMap());
             } else {  
-                jsonHeaders = null;
+                jsonHeaders = unionHeaders;
             }
-            JweEncryptionInput input = new JweEncryptionInput(unionHeaders,
+            jsonHeaders.setProtectedHeaders(protectedHeader);
+            
+            JweEncryptionInput input = new JweEncryptionInput(jsonHeaders,
                                                               cek,
                                                               iv,
                                                               aad);
@@ -121,7 +128,8 @@ public class JweJsonProducer {
                     final int authTagLengthBits = 128;
                     final int cipherTextLen = currentCipherOutput.length - authTagLengthBits
/ 8;
                     currentCipherText = Arrays.copyOf(currentCipherOutput, cipherTextLen);
-                    currentAuthTag = Arrays.copyOfRange(currentCipherOutput, cipherTextLen,
authTagLengthBits / 8);
+                    currentAuthTag = Arrays.copyOfRange(currentCipherOutput, cipherTextLen,

+                                                        cipherTextLen + authTagLengthBits
/ 8);
                     if (cipherText == null) {
                         cipherText = currentCipherText;
                     } else if (!Arrays.equals(cipherText, currentCipherText)) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/76e1cd86/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
index 029e164..c3f52f3 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
@@ -42,18 +42,18 @@ import org.junit.Test;
 
 public class JweCompactReaderWriterTest extends Assert {
     // A1 example
-    private static final byte[] CONTENT_ENCRYPTION_KEY_A1 = {
+    static final byte[] CONTENT_ENCRYPTION_KEY_A1 = {
         (byte)177, (byte)161, (byte)244, (byte)128, 84, (byte)143, (byte)225,
         115, 63, (byte)180, 3, (byte)255, 107, (byte)154, (byte)212, (byte)246,
         (byte)138, 7, 110, 91, 112, 46, 34, 105, 47, 
         (byte)130, (byte)203, 46, 122, (byte)234, 64, (byte)252};
-    private static final String RSA_MODULUS_ENCODED_A1 = "oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUW"
+    static final String RSA_MODULUS_ENCODED_A1 = "oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUW"
            + "cJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3S"
            + "psk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2a"
            + "sbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMS"
            + "tPs6mS6XrgxnxbWhojf663tuEQueGC-FCMfra36C9knDFGzKsNa7LZK2dj"
            + "YgyD3JR_MB_4NUJW_TqOQtwHYbxevoJArm-L5StowjzGy-_bq6Gw";
-    private static final String RSA_PUBLIC_EXPONENT_ENCODED_A1 = "AQAB";
+    static final String RSA_PUBLIC_EXPONENT_ENCODED_A1 = "AQAB";
     private static final String RSA_PRIVATE_EXPONENT_ENCODED_A1 = 
         "kLdtIj6GbDks_ApCSTYQtelcNttlKiOyPzMrXHeI-yk1F7-kpDxY4-WY5N"
         + "WV5KntaEeXS1j82E375xxhWMHXyvjYecPT9fpwR_M9gV8n9Hrh2anTpTD9"

http://git-wip-us.apache.org/repos/asf/cxf/blob/76e1cd86/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
new file mode 100644
index 0000000..166c326
--- /dev/null
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose.jwe;
+
+import java.security.Security;
+import java.security.interfaces.RSAPublicKey;
+
+import javax.crypto.Cipher;
+
+import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.common.util.crypto.CryptoUtils;
+import org.apache.cxf.rs.security.jose.JoseConstants;
+import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class JweJsonProducerTest extends Assert {
+    @BeforeClass
+    public static void registerBouncyCastleIfNeeded() throws Exception {
+        try {
+            Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA);
+            Cipher.getInstance(Algorithm.AES_CBC_ALGO_JAVA);
+        } catch (Throwable t) {
+            Security.addProvider(new BouncyCastleProvider());    
+        }
+    }
+    @AfterClass
+    public static void unregisterBouncyCastleIfNeeded() throws Exception {
+        Security.removeProvider(BouncyCastleProvider.class.getName());    
+    }
+    
+    @Test
+    public void testSingleRecipient() throws Exception {
+        final String text = "The true sign of intelligence is not knowledge but imagination.";
+        RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(JweCompactReaderWriterTest.RSA_MODULUS_ENCODED_A1,

+                                                             JweCompactReaderWriterTest.RSA_PUBLIC_EXPONENT_ENCODED_A1);
+        JweHeaders headers = new JweHeaders(Algorithm.RSA_OAEP.getJwtName(),
+                                            JoseConstants.A128GCM_ALGO);
+        JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(publicKey, headers);
+        JweJsonProducer p = new JweJsonProducer(headers, StringUtils.toBytesUTF8(text));
+        String jweJws = p.encryptWith(jwe);
+        assertNotNull(jweJws);
+        
+    }
+}
+


Mime
View raw message