cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-6085] Avoiding passing JweHeaders directly to JWE encryptor constructors as the same is possible with interface methods and thus avoiding possible ambiguities that may arise with JWE JSON union headers
Date Fri, 06 Feb 2015 17:27:40 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes f019b583f -> 60b084a58


[CXF-6085] Avoiding passing JweHeaders directly to JWE encryptor constructors as the same
is possible with interface methods and thus avoiding possible ambiguities that may arise with
JWE JSON union headers


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/60b084a5
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/60b084a5
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/60b084a5

Branch: refs/heads/3.0.x-fixes
Commit: 60b084a5892b615acd66948b3daf5ad404b12016
Parents: f019b58
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Fri Feb 6 17:25:47 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Fri Feb 6 17:27:22 2015 +0000

----------------------------------------------------------------------
 .../jose/jwe/AbstractJweEncryption.java         | 52 ++++++++++----------
 .../jose/jwe/AesCbcHmacJweEncryption.java       | 20 +++-----
 .../jose/jwe/DirectKeyJweEncryption.java        | 15 +++---
 .../jose/jwe/EcdhDirectKeyJweEncryption.java    |  3 +-
 .../cxf/rs/security/jose/jwe/JweUtils.java      |  7 ++-
 .../jose/jwe/WrappedKeyJweEncryption.java       |  8 +--
 .../jose/jwe/JweCompactReaderWriterTest.java    | 15 ++----
 .../jose/jwe/JwePbeHmacAesWrapTest.java         |  9 ++--
 8 files changed, 51 insertions(+), 78 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/60b084a5/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
index 37991d9..66d0a51 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
@@ -31,14 +31,11 @@ import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 
 public abstract class AbstractJweEncryption implements JweEncryptionProvider {
     protected static final int DEFAULT_AUTH_TAG_LENGTH = 128;
-    private JweHeaders headers;
     private ContentEncryptionAlgorithm contentEncryptionAlgo;
     private KeyEncryptionAlgorithm keyEncryptionAlgo;
     private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
-    protected AbstractJweEncryption(JweHeaders headers, 
-                                    ContentEncryptionAlgorithm contentEncryptionAlgo,
+    protected AbstractJweEncryption(ContentEncryptionAlgorithm contentEncryptionAlgo,
                                     KeyEncryptionAlgorithm keyEncryptionAlgo) {
-        this.headers = headers;
         this.keyEncryptionAlgo = keyEncryptionAlgo;
         this.contentEncryptionAlgo = contentEncryptionAlgo;
     }
@@ -49,8 +46,8 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider
{
         return getContentEncryptionAlgorithm().getAlgorithmParameterSpec(theIv);
     }
     
-    protected byte[] getContentEncryptionKey() {
-        byte[] cek = getProvidedContentEncryptionKey();
+    protected byte[] getContentEncryptionKey(JweHeaders headers) {
+        byte[] cek = getProvidedContentEncryptionKey(headers);
         if (cek == null) {
             String algoJava = getContentEncryptionAlgoJava();
             String algoJwt = getContentEncryptionAlgoJwt();
@@ -64,16 +61,16 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider
{
         return Algorithm.valueOf(algoJwt.replace('-', '_')).getKeySizeBits();
     }
     
-    protected byte[] getProvidedContentEncryptionKey() {
+    protected byte[] getProvidedContentEncryptionKey(JweHeaders headers) {
         return getContentEncryptionAlgorithm().getContentEncryptionKey(headers);
     }
     
-    protected byte[] getEncryptedContentEncryptionKey(byte[] theCek) {
+    protected byte[] getEncryptedContentEncryptionKey(JweHeaders headers, byte[] theCek)
{
         return getKeyEncryptionAlgo().getEncryptedContentEncryptionKey(headers, theCek);
     }
     
     protected String getContentEncryptionAlgoJwt() {
-        return headers.getContentEncryptionAlgorithm();
+        return getContentEncryptionAlgorithm().getAlgorithm();
     }
     protected String getContentEncryptionAlgoJava() {
         return Algorithm.toJavaName(getContentEncryptionAlgoJwt());
@@ -98,9 +95,6 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider
{
                                       cipher,
                                       DEFAULT_AUTH_TAG_LENGTH);
     }
-    protected JweHeaders getJweHeaders() {
-        return headers;
-    }
     @Override
     public String getKeyAlgorithm() {
         return getKeyEncryptionAlgo().getAlgorithm();
@@ -137,29 +131,37 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider
{
     }
     
     private JweEncryptionInternal getInternalState(JweHeaders jweHeaders, byte[] aad) {
-        byte[] theCek = getContentEncryptionKey();
-        String contentEncryptionAlgoJavaName = Algorithm.toJavaName(headers.getContentEncryptionAlgorithm());
-        KeyProperties keyProps = new KeyProperties(contentEncryptionAlgoJavaName);
-        keyProps.setCompressionSupported(compressionRequired(headers));
-        
-        byte[] theIv = getContentEncryptionAlgorithm().getInitVector();
-        AlgorithmParameterSpec specParams = getAlgorithmParameterSpec(theIv);
-        keyProps.setAlgoSpec(specParams);
-        byte[] jweContentEncryptionKey = getEncryptedContentEncryptionKey(theCek);
+        JweHeaders theHeaders = new JweHeaders();
+        if (getKeyAlgorithm() != null) {
+            theHeaders.setKeyEncryptionAlgorithm(getKeyAlgorithm());
+        }
+        theHeaders.setContentEncryptionAlgorithm(getContentAlgorithm());
         
-        JweHeaders theHeaders = headers;
         if (jweHeaders != null) {
             if (jweHeaders.getKeyEncryptionAlgorithm() != null 
-                && !getKeyAlgorithm().equals(jweHeaders.getKeyEncryptionAlgorithm())
+                && (getKeyAlgorithm() == null 
+                    || !getKeyAlgorithm().equals(jweHeaders.getKeyEncryptionAlgorithm()))
                 || jweHeaders.getAlgorithm() != null 
                     && !getContentAlgorithm().equals(jweHeaders.getAlgorithm()))
{
                 throw new SecurityException();
             }
-            theHeaders = new JweHeaders(theHeaders.asMap());
             theHeaders.asMap().putAll(jweHeaders.asMap());
         }
+        
+        
+        
+        byte[] theCek = getContentEncryptionKey(theHeaders);
+        String contentEncryptionAlgoJavaName = Algorithm.toJavaName(getContentEncryptionAlgoJwt());
+        KeyProperties keyProps = new KeyProperties(contentEncryptionAlgoJavaName);
+        keyProps.setCompressionSupported(compressionRequired(theHeaders));
+        
+        byte[] theIv = getContentEncryptionAlgorithm().getInitVector();
+        AlgorithmParameterSpec specParams = getAlgorithmParameterSpec(theIv);
+        keyProps.setAlgoSpec(specParams);
+        byte[] jweContentEncryptionKey = 
+            getEncryptedContentEncryptionKey(theHeaders, theCek);
+        
         JweHeaders protectedHeaders = theHeaders;
-            
         String protectedHeadersJson = writer.headersToJson(protectedHeaders);
         
         byte[] additionalEncryptionParam = getAAD(protectedHeadersJson, aad);

http://git-wip-us.apache.org/repos/asf/cxf/blob/60b084a5/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
index 488466c..a673540 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
@@ -45,18 +45,12 @@ public class AesCbcHmacJweEncryption extends AbstractJweEncryption {
     }
     public AesCbcHmacJweEncryption(String cekAlgoJwt, 
                                    KeyEncryptionAlgorithm keyEncryptionAlgorithm) {
-        this(new JweHeaders(keyEncryptionAlgorithm.getAlgorithm(), cekAlgoJwt), null, null,

-             keyEncryptionAlgorithm);
+        this(cekAlgoJwt, null, null, keyEncryptionAlgorithm);
     }
-    public AesCbcHmacJweEncryption(JweHeaders headers, 
-                                   KeyEncryptionAlgorithm keyEncryptionAlgorithm) {
-        this(headers, null, null, keyEncryptionAlgorithm);
-    }
-    public AesCbcHmacJweEncryption(JweHeaders headers, byte[] cek, 
+    public AesCbcHmacJweEncryption(String cekAlgoJwt, byte[] cek, 
                                    byte[] iv, KeyEncryptionAlgorithm keyEncryptionAlgorithm)
{
-        super(headers, 
-              new AesCbcContentEncryptionAlgorithm(cek, iv, 
-                                                   validateCekAlgorithm(headers.getContentEncryptionAlgorithm())),
+        super(new AesCbcContentEncryptionAlgorithm(cek, iv, 
+                                                   validateCekAlgorithm(cekAlgoJwt)),
               keyEncryptionAlgorithm);
         
     }
@@ -146,9 +140,9 @@ public class AesCbcHmacJweEncryption extends AbstractJweEncryption {
             }
         };
     }
-    
-    protected byte[] getEncryptedContentEncryptionKey(byte[] theCek) {
-        return getKeyEncryptionAlgo().getEncryptedContentEncryptionKey(getJweHeaders(), theCek);
+    @Override
+    protected byte[] getEncryptedContentEncryptionKey(JweHeaders headers, byte[] theCek)
{
+        return getKeyEncryptionAlgo().getEncryptedContentEncryptionKey(headers, theCek);
     }
     
     private static class AesCbcContentEncryptionAlgorithm extends AbstractContentEncryptionAlgorithm
{

http://git-wip-us.apache.org/repos/asf/cxf/blob/60b084a5/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java
index ada89a8..0017689 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java
@@ -22,18 +22,15 @@ package org.apache.cxf.rs.security.jose.jwe;
 public class DirectKeyJweEncryption extends AbstractJweEncryption {
     
     public DirectKeyJweEncryption(ContentEncryptionAlgorithm ceAlgo) {
-        this(new JweHeaders(ceAlgo.getAlgorithm()), ceAlgo);
+        this(ceAlgo, new DirectKeyEncryptionAlgorithm());
     }
-    public DirectKeyJweEncryption(JweHeaders headers, ContentEncryptionAlgorithm ceAlgo)
{
-        this(headers, ceAlgo, new DirectKeyEncryptionAlgorithm());
-    }
-    protected DirectKeyJweEncryption(JweHeaders headers, 
-                                     ContentEncryptionAlgorithm ceAlgo,
+    protected DirectKeyJweEncryption(ContentEncryptionAlgorithm ceAlgo,
                                      DirectKeyEncryptionAlgorithm direct) {
-        super(headers, ceAlgo, direct);
+        super(ceAlgo, direct);
     }
-    protected byte[] getProvidedContentEncryptionKey() {
-        return validateCek(super.getProvidedContentEncryptionKey());
+    @Override
+    protected byte[] getProvidedContentEncryptionKey(JweHeaders headers) {
+        return validateCek(super.getProvidedContentEncryptionKey(headers));
     }
     private static byte[] validateCek(byte[] cek) {
         if (cek == null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/60b084a5/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
index 07ce2f4..aa18988 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
@@ -36,8 +36,7 @@ public class EcdhDirectKeyJweEncryption extends DirectKeyJweEncryption {
                                       String apuString,
                                       String apvString,
                                       String ctAlgo) {
-        super(new JweHeaders(ctAlgo), 
-              new EcdhAesGcmContentEncryptionAlgorithm(peerPublicKey,
+        super(new EcdhAesGcmContentEncryptionAlgorithm(peerPublicKey,
                                                        curve,
                                                        apuString,
                                                        apvString,

http://git-wip-us.apache.org/repos/asf/cxf/blob/60b084a5/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index accd8a3..a28c859 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -360,10 +360,9 @@ public final class JweUtils {
                                                                     JweHeaders headers) {
         String contentEncryptionAlgo = headers.getContentEncryptionAlgorithm();
         if (Algorithm.isAesCbcHmac(contentEncryptionAlgo)) { 
-            return new AesCbcHmacJweEncryption(headers, keyEncryptionProvider);
+            return new AesCbcHmacJweEncryption(contentEncryptionAlgo, keyEncryptionProvider);
         } else {
-            return new WrappedKeyJweEncryption(headers, 
-                                               keyEncryptionProvider,
+            return new WrappedKeyJweEncryption(keyEncryptionProvider,
                                                getContentEncryptionAlgorithm(contentEncryptionAlgo));
         }
     }
@@ -509,7 +508,7 @@ public final class JweUtils {
         if (keyEncryptionProvider != null) {
             return createJweEncryptionProvider(keyEncryptionProvider, headers);
         } else {
-            return new DirectKeyJweEncryption(headers, ctEncryptionProvider);
+            return new DirectKeyJweEncryption(ctEncryptionProvider);
         }
     }
     private static JweDecryptionProvider createJweDecryptionProvider(KeyDecryptionAlgorithm
keyDecryptionProvider,

http://git-wip-us.apache.org/repos/asf/cxf/blob/60b084a5/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweEncryption.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweEncryption.java
index ff34730..04c5a8b 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweEncryption.java
@@ -22,13 +22,7 @@ package org.apache.cxf.rs.security.jose.jwe;
 public class WrappedKeyJweEncryption extends AbstractJweEncryption {
     public WrappedKeyJweEncryption(KeyEncryptionAlgorithm keyEncryptionAlgorithm,
                                    ContentEncryptionAlgorithm contentEncryptionAlgo) {
-        this(new JweHeaders(keyEncryptionAlgorithm.getAlgorithm(), contentEncryptionAlgo.getAlgorithm()),

-             keyEncryptionAlgorithm, contentEncryptionAlgo);
-    }
-    public WrappedKeyJweEncryption(JweHeaders headers, 
-                                   KeyEncryptionAlgorithm keyEncryptionAlgorithm,
-                                   ContentEncryptionAlgorithm contentEncryptionAlgo) {
-        super(headers, contentEncryptionAlgo, keyEncryptionAlgorithm);
+        super(contentEncryptionAlgo, keyEncryptionAlgorithm);
     }
     
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/60b084a5/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
index 07cd846..4afbb26 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
@@ -109,15 +109,12 @@ public class JweCompactReaderWriterTest extends Assert {
     @Test
     public void testEncryptDecryptAesWrapA128CBCHS256() throws Exception {
         final String specPlainText = "Live long and prosper.";
-        JweHeaders headers = new JweHeaders();
-        headers.setAlgorithm(Algorithm.A128KW.getJwtName());
-        headers.setContentEncryptionAlgorithm(Algorithm.A128CBC_HS256.getJwtName());
         
         byte[] cekEncryptionKey = Base64UrlUtility.decode(KEY_ENCRYPTION_KEY_A3);
         
         AesWrapKeyEncryptionAlgorithm keyEncryption = 
             new AesWrapKeyEncryptionAlgorithm(cekEncryptionKey, Algorithm.A128KW.getJwtName());
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(headers,
+        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(),
                                                            CONTENT_ENCRYPTION_KEY_A3, 
                                                            INIT_VECTOR_A3,
                                                            keyEncryption);
@@ -158,9 +155,6 @@ public class JweCompactReaderWriterTest extends Assert {
     @Test
     public void testEncryptDecryptRSA15WrapA128CBCHS256() throws Exception {
         final String specPlainText = "Live long and prosper.";
-        JweHeaders headers = new JweHeaders();
-        headers.setAlgorithm(Algorithm.RSA_1_5.getJwtName());
-        headers.setContentEncryptionAlgorithm(Algorithm.A128CBC_HS256.getJwtName());
         
         RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED_A1, 
                                                              RSA_PUBLIC_EXPONENT_ENCODED_A1);
@@ -168,7 +162,7 @@ public class JweCompactReaderWriterTest extends Assert {
         KeyEncryptionAlgorithm keyEncryption = new RSAKeyEncryptionAlgorithm(publicKey, 
                                                        Algorithm.RSA_1_5.getJwtName());
         
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(headers,
+        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(),
                                                            CONTENT_ENCRYPTION_KEY_A3, 
                                                            INIT_VECTOR_A3,
                                                            keyEncryption);
@@ -192,15 +186,12 @@ public class JweCompactReaderWriterTest extends Assert {
             return;
         }
         final String specPlainText = "Live long and prosper.";
-        JweHeaders headers = new JweHeaders();
-        headers.setAlgorithm(JoseConstants.A128GCMKW_ALGO);
-        headers.setContentEncryptionAlgorithm(Algorithm.A128CBC_HS256.getJwtName());
         
         byte[] cekEncryptionKey = Base64UrlUtility.decode(KEY_ENCRYPTION_KEY_A3);
         
         AesGcmWrapKeyEncryptionAlgorithm keyEncryption = 
             new AesGcmWrapKeyEncryptionAlgorithm(cekEncryptionKey, JoseConstants.A128GCMKW_ALGO);
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(headers,
+        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(),
                                                            CONTENT_ENCRYPTION_KEY_A3, 
                                                            INIT_VECTOR_A3,
                                                            keyEncryption);

http://git-wip-us.apache.org/repos/asf/cxf/blob/60b084a5/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
index 2914b81..8d9f5a2 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
@@ -47,13 +47,11 @@ public class JwePbeHmacAesWrapTest extends Assert {
     @Test
     public void testEncryptDecryptPbesHmacAesWrapA128CBCHS256() throws Exception {
         final String specPlainText = "Live long and prosper.";
-        JweHeaders headers = new JweHeaders();
-        headers.setAlgorithm(JoseConstants.PBES2_HS256_A128KW_ALGO);
-        headers.setContentEncryptionAlgorithm(Algorithm.A128CBC_HS256.getJwtName());
         final String password = "Thus from my lips, by yours, my sin is purged."; 
         KeyEncryptionAlgorithm keyEncryption = 
             new PbesHmacAesWrapKeyEncryptionAlgorithm(password, JoseConstants.PBES2_HS256_A128KW_ALGO);
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(headers, keyEncryption);
+        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(),
+                                                                       keyEncryption);
         String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
         
         PbesHmacAesWrapKeyDecryptionAlgorithm keyDecryption = new PbesHmacAesWrapKeyDecryptionAlgorithm(password);
@@ -74,8 +72,7 @@ public class JwePbeHmacAesWrapTest extends Assert {
         final String password = "Thus from my lips, by yours, my sin is purged."; 
         KeyEncryptionAlgorithm keyEncryption = 
             new PbesHmacAesWrapKeyEncryptionAlgorithm(password, JoseConstants.PBES2_HS256_A128KW_ALGO);
-        JweEncryptionProvider encryption = new WrappedKeyJweEncryption(headers, 
-                                                                       keyEncryption,
+        JweEncryptionProvider encryption = new WrappedKeyJweEncryption(keyEncryption,
             new AesGcmContentEncryptionAlgorithm(Algorithm.A128GCM.getJwtName()));
         String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
         PbesHmacAesWrapKeyDecryptionAlgorithm keyDecryption = new PbesHmacAesWrapKeyDecryptionAlgorithm(password);


Mime
View raw message