Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8CDBE18D8C for ; Thu, 18 Jun 2015 16:40:16 +0000 (UTC) Received: (qmail 41888 invoked by uid 500); 18 Jun 2015 16:40:16 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 41813 invoked by uid 500); 18 Jun 2015 16:40:16 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 41804 invoked by uid 99); 18 Jun 2015 16:40:16 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Jun 2015 16:40:16 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 4EF24E3CA7; Thu, 18 Jun 2015 16:40:16 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: <31c7348ce50a409ab2beccae8cb92aa5@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: Minor update to JWE headers Date: Thu, 18 Jun 2015 16:40:16 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 38c2b4181 -> c9c02834d Minor update to JWE headers Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c9c02834 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c9c02834 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c9c02834 Branch: refs/heads/3.0.x-fixes Commit: c9c02834d9cda41699eb1d8b5e43436fafd7823c Parents: 38c2b41 Author: Sergey Beryozkin Authored: Thu Jun 18 17:30:26 2015 +0100 Committer: Sergey Beryozkin Committed: Thu Jun 18 17:39:56 2015 +0100 ---------------------------------------------------------------------- .../cxf/rs/security/jose/jwe/JweHeaders.java | 14 ++++++------ .../cxf/rs/security/jose/jws/JwsHeaders.java | 6 ++--- .../security/jose/jwe/JweJsonProducerTest.java | 24 +++++++++++--------- 3 files changed, 23 insertions(+), 21 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/c9c02834/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java index 4b98cb7..cda481b 100644 --- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java +++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java @@ -44,23 +44,23 @@ public class JweHeaders extends JoseHeaders { public JweHeaders(Map values) { super(values); } - public JweHeaders(String keyEncAlgo, String ctEncAlgo) { + public JweHeaders(KeyAlgorithm keyEncAlgo, ContentAlgorithm ctEncAlgo) { this(keyEncAlgo, ctEncAlgo, false); } - public JweHeaders(String ctEncAlgo) { + public JweHeaders(ContentAlgorithm ctEncAlgo) { this(null, ctEncAlgo, false); } - public JweHeaders(String ctEncAlgo, boolean deflate) { + public JweHeaders(ContentAlgorithm ctEncAlgo, boolean deflate) { this(null, ctEncAlgo, deflate); } - public JweHeaders(String keyEncAlgo, String ctEncAlgo, boolean deflate) { + public JweHeaders(KeyAlgorithm keyEncAlgo, ContentAlgorithm ctEncAlgo, boolean deflate) { init(keyEncAlgo, ctEncAlgo, deflate); } - private void init(String keyEncAlgo, String ctEncAlgo, boolean deflate) { + private void init(KeyAlgorithm keyEncAlgo, ContentAlgorithm ctEncAlgo, boolean deflate) { if (keyEncAlgo != null) { - setKeyEncryptionAlgorithm(KeyAlgorithm.getAlgorithm(keyEncAlgo)); + setKeyEncryptionAlgorithm(keyEncAlgo); } - setContentEncryptionAlgorithm(ContentAlgorithm.getAlgorithm(ctEncAlgo)); + setContentEncryptionAlgorithm(ctEncAlgo); if (deflate) { setZipAlgorithm(JoseConstants.DEFLATE_ZIP_ALGORITHM); } http://git-wip-us.apache.org/repos/asf/cxf/blob/c9c02834/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java index d0f34a3..6e19eaf 100644 --- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java +++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java @@ -34,11 +34,11 @@ public class JwsHeaders extends JoseHeaders { public JwsHeaders(Map values) { super(values); } - public JwsHeaders(String sigAlgo) { + public JwsHeaders(SignatureAlgorithm sigAlgo) { init(sigAlgo); } - private void init(String sigAlgo) { - setAlgorithm(sigAlgo); + private void init(SignatureAlgorithm sigAlgo) { + setSignatureAlgorithm(sigAlgo); } public void setSignatureAlgorithm(SignatureAlgorithm algo) { http://git-wip-us.apache.org/repos/asf/cxf/blob/c9c02834/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java index 1301d93..397d10a 100644 --- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java +++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java @@ -28,9 +28,11 @@ import javax.crypto.SecretKey; import org.apache.cxf.common.util.Base64UrlUtility; import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm; import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm; import org.apache.cxf.rt.security.crypto.CryptoUtils; import org.bouncycastle.jce.provider.BouncyCastleProvider; + import org.junit.AfterClass; import org.junit.Assert; import org.junit.BeforeClass; @@ -169,35 +171,35 @@ public class JweJsonProducerTest extends Assert { @Test public void testSingleRecipientGcm() throws Exception { final String text = "The true sign of intelligence is not knowledge but imagination."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_OUTPUT, AlgorithmUtils.A128GCM_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_OUTPUT, ContentAlgorithm.A128GCM, WRAPPER_BYTES1, JweCompactReaderWriterTest.INIT_VECTOR_A1, CEK_BYTES, false); } @Test public void testSingleRecipientDirectGcm() throws Exception { final String text = "The true sign of intelligence is not knowledge but imagination."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_OUTPUT, AlgorithmUtils.A128GCM_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_OUTPUT, ContentAlgorithm.A128GCM, null, JweCompactReaderWriterTest.INIT_VECTOR_A1, CEK_BYTES, false); } @Test public void testSingleRecipientDirectFlatGcm() throws Exception { final String text = "The true sign of intelligence is not knowledge but imagination."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_FLAT_OUTPUT, AlgorithmUtils.A128GCM_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_FLAT_OUTPUT, ContentAlgorithm.A128GCM, null, JweCompactReaderWriterTest.INIT_VECTOR_A1, CEK_BYTES, true); } @Test public void testSingleRecipientFlatGcm() throws Exception { final String text = "The true sign of intelligence is not knowledge but imagination."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_FLAT_OUTPUT, AlgorithmUtils.A128GCM_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_FLAT_OUTPUT, ContentAlgorithm.A128GCM, WRAPPER_BYTES1, JweCompactReaderWriterTest.INIT_VECTOR_A1, CEK_BYTES, true); } @Test public void testSingleRecipientA128CBCHS256() throws Exception { String text = "Live long and prosper."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, AlgorithmUtils.A128CBC_HS256_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, ContentAlgorithm.A128CBC_HS256, Base64UrlUtility.decode(JweCompactReaderWriterTest.KEY_ENCRYPTION_KEY_A3), JweCompactReaderWriterTest.INIT_VECTOR_A3, JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3, @@ -206,7 +208,7 @@ public class JweJsonProducerTest extends Assert { @Test public void testSingleRecipientDirectA128CBCHS256() throws Exception { String text = "Live long and prosper."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT, AlgorithmUtils.A128CBC_HS256_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT, ContentAlgorithm.A128CBC_HS256, null, JweCompactReaderWriterTest.INIT_VECTOR_A3, JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3, @@ -215,7 +217,7 @@ public class JweJsonProducerTest extends Assert { private String doTestSingleRecipient(String text, String expectedOutput, - String contentEncryptionAlgo, + ContentAlgorithm contentEncryptionAlgo, final byte[] wrapperKeyBytes, final byte[] iv, final byte[] cek, @@ -223,13 +225,13 @@ public class JweJsonProducerTest extends Assert { if (contentEncryptionAlgo.equals(AlgorithmUtils.A128GCM_ALGO) && SKIP_AES_GCM_TESTS) { return null; } - JweHeaders headers = new JweHeaders(AlgorithmUtils.A128KW_ALGO, + JweHeaders headers = new JweHeaders(KeyAlgorithm.A128KW, contentEncryptionAlgo); JweEncryptionProvider jwe = null; if (wrapperKeyBytes == null) { headers.asMap().remove("alg"); SecretKey cekKey = CryptoUtils.createSecretKeySpec(cek, "AES"); - jwe = JweUtils.getDirectKeyJweEncryption(cekKey, contentEncryptionAlgo); + jwe = JweUtils.getDirectKeyJweEncryption(cekKey, contentEncryptionAlgo.getJwaName()); } else { SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(wrapperKeyBytes, "AES"); jwe = JweUtils.createJweEncryptionProvider(wrapperKey, headers); @@ -254,7 +256,7 @@ public class JweJsonProducerTest extends Assert { final String text = "The true sign of intelligence is not knowledge but imagination."; SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES1, "AES"); - JweHeaders protectedHeaders = new JweHeaders(AlgorithmUtils.A128GCM_ALGO); + JweHeaders protectedHeaders = new JweHeaders(ContentAlgorithm.A128GCM); JweHeaders sharedUnprotectedHeaders = new JweHeaders(); sharedUnprotectedHeaders.setJsonWebKeysUrl("https://server.example.com/keys.jwks"); @@ -288,7 +290,7 @@ public class JweJsonProducerTest extends Assert { SecretKey wrapperKey1 = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES1, "AES"); SecretKey wrapperKey2 = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES2, "AES"); - JweHeaders protectedHeaders = new JweHeaders(AlgorithmUtils.A128GCM_ALGO); + JweHeaders protectedHeaders = new JweHeaders(ContentAlgorithm.A128GCM); JweHeaders sharedUnprotectedHeaders = new JweHeaders(); sharedUnprotectedHeaders.setJsonWebKeysUrl("https://server.example.com/keys.jwks"); sharedUnprotectedHeaders.setKeyEncryptionAlgorithm(KeyAlgorithm.A128KW);