cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [09/20] cxf git commit: Renaming jose module
Date Wed, 21 Oct 2015 15:13:05 GMT
http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose-parent/pom.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/pom.xml b/rt/rs/security/jose-parent/pom.xml
new file mode 100644
index 0000000..e58f7a9
--- /dev/null
+++ b/rt/rs/security/jose-parent/pom.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>cxf-rt-rs-security-jose-parent</artifactId>
+    <packaging>pom</packaging>
+    <name>Apache CXF JOSE Security parent</name>
+    <description>Apache CXF JOSE Security parent</description>
+    <url>http://cxf.apache.org</url>
+    <parent>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-parent</artifactId>
+        <version>3.0.7-SNAPSHOT</version>
+        <relativePath>../../../../parent/pom.xml</relativePath>
+    </parent>
+    <modules>
+        <module>jose</module>
+        <module>jose-jaxrs</module>
+    </modules>
+</project>

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/pom.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/pom.xml b/rt/rs/security/jose/jose-core/pom.xml
deleted file mode 100644
index e1d878b..0000000
--- a/rt/rs/security/jose/jose-core/pom.xml
+++ /dev/null
@@ -1,63 +0,0 @@
-<?xml version="1.0"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <artifactId>cxf-rt-rs-security-jose</artifactId>
-    <packaging>bundle</packaging>
-    <name>Apache CXF Runtime JOSE Core</name>
-    <description>Apache CXF Runtime JOSE Core</description>
-    <url>http://cxf.apache.org</url>
-    <parent>
-        <groupId>org.apache.cxf</groupId>
-        <artifactId>cxf-parent</artifactId>
-        <version>3.0.7-SNAPSHOT</version>
-        <relativePath>../../../../../parent/pom.xml</relativePath>
-    </parent>
-    <dependencies>
-        <dependency>
-            <groupId>org.apache.cxf</groupId>
-            <artifactId>cxf-core</artifactId>
-            <version>${project.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.cxf</groupId>
-            <artifactId>cxf-rt-security</artifactId>
-            <version>${project.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.cxf</groupId>
-            <artifactId>cxf-rt-rs-json-basic</artifactId>
-            <version>${project.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcprov-ext-jdk15on</artifactId>
-            <version>${cxf.bcprov.version}</version>
-            <scope>provided</scope>
-            <optional>true</optional> 
-        </dependency>
-        <!--test dependencies-->
-        <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <scope>test</scope>
-        </dependency>
-    </dependencies>
-</project>

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/AbstractJoseConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/AbstractJoseConsumer.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/AbstractJoseConsumer.java
deleted file mode 100644
index ddf1d4f..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/AbstractJoseConsumer.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.common;
-
-import org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider;
-import org.apache.cxf.rs.security.jose.jwe.JweUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-
-public abstract class AbstractJoseConsumer {
-    private JweDecryptionProvider jweDecryptor;
-    private JwsSignatureVerifier jwsVerifier;
-    
-    public void setJweDecryptor(JweDecryptionProvider jweDecryptor) {
-        this.jweDecryptor = jweDecryptor;
-    }
-    
-    public JweDecryptionProvider getJweDecryptor() {
-        return jweDecryptor;
-    }
-
-    public void setJwsVerifier(JwsSignatureVerifier theJwsVerifier) {
-        this.jwsVerifier = theJwsVerifier;
-    }
-    
-    public JwsSignatureVerifier getJwsVerifier() {
-        return jwsVerifier;
-    }
-
-    protected JweDecryptionProvider getInitializedDecryptionProvider() {
-        if (jweDecryptor != null) {
-            return jweDecryptor;    
-        } 
-        return JweUtils.loadDecryptionProvider(false);
-    }
-    protected JwsSignatureVerifier getInitializedSignatureVerifier() {
-        if (jwsVerifier != null) {
-            return jwsVerifier;    
-        }
-        
-        return JwsUtils.loadSignatureVerifier(false);
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/AbstractJoseProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/AbstractJoseProducer.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/AbstractJoseProducer.java
deleted file mode 100644
index fe9832f..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/AbstractJoseProducer.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.common;
-
-import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
-import org.apache.cxf.rs.security.jose.jwe.JweUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-
-public abstract class AbstractJoseProducer {
-    private JwsSignatureProvider sigProvider;
-    private JweEncryptionProvider encryptionProvider;
-    
-    protected JwsSignatureProvider getInitializedSignatureProvider() {
-        if (sigProvider != null) {
-            return sigProvider;    
-        } 
-        
-        return JwsUtils.loadSignatureProvider(false);
-    }
-    protected JweEncryptionProvider getInitializedEncryptionProvider() {
-        if (encryptionProvider != null) {
-            return encryptionProvider;    
-        }
-        return JweUtils.loadEncryptionProvider(false);
-    }
-
-    public void setEncryptionProvider(JweEncryptionProvider encryptionProvider) {
-        this.encryptionProvider = encryptionProvider;
-    }
-
-    public void setSignatureProvider(JwsSignatureProvider signatureProvider) {
-        this.sigProvider = signatureProvider;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
deleted file mode 100644
index f2c0b75..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
+++ /dev/null
@@ -1,229 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.common;
-
-public final class JoseConstants {
-    public static final String HEADER_TYPE = "typ";
-    public static final String HEADER_ALGORITHM = "alg";
-    public static final String HEADER_CONTENT_TYPE = "cty";
-    public static final String HEADER_CRITICAL = "crit";
-    
-    public static final String HEADER_KEY_ID = "kid";
-    public static final String HEADER_X509_URL = "x5u";
-    public static final String HEADER_X509_CHAIN = "x5c";
-    public static final String HEADER_X509_THUMBPRINT = "x5t";
-    public static final String HEADER_X509_THUMBPRINT_SHA256 = "x5t#S256";
-    public static final String HEADER_JSON_WEB_KEY = "jwk";
-    public static final String HEADER_JSON_WEB_KEY_SET = "jku";
-    
-    public static final String JWE_HEADER_KEY_ENC_ALGORITHM = HEADER_ALGORITHM;
-    public static final String JWE_HEADER_CONTENT_ENC_ALGORITHM = "enc";
-    public static final String JWE_HEADER_ZIP_ALGORITHM = "zip";
-    public static final String JWE_DEFLATE_ZIP_ALGORITHM = "DEF";
-    
-    public static final String JWS_HEADER_B64_STATUS_HEADER = "b64";
-    
-    public static final String TYPE_JWT = "JWT";
-    public static final String TYPE_JOSE = "JOSE";
-    public static final String TYPE_JOSE_JSON = "JOSE+JSON";
-    public static final String MEDIA_TYPE_JOSE = "application/jose";
-    public static final String MEDIA_TYPE_JOSE_JSON = "application/jose+json";
-    
-    public static final String JOSE_CONTEXT_PROPERTY = "org.apache.cxf.jose.context";
-    
-    //
-    // JOSE Configuration constants
-    //
-    
-    // 
-    // Shared Keys/keystore configuration
-    //
-    
-    /**
-     * The keystore type. Suitable values are "jks" or "jwk".
-     */
-    public static final String RSSEC_KEY_STORE_TYPE = "rs.security.keystore.type";
-    
-    /**
-     * The password required to access the keystore.
-     */
-    public static final String RSSEC_KEY_STORE_PSWD = "rs.security.keystore.password";
-    
-    /**
-     * The password required to access the private key (in the keystore).
-     */
-    public static final String RSSEC_KEY_PSWD = "rs.security.key.password";
-    
-    /**
-     * The keystore alias corresponding to the key to use
-     */
-    public static final String RSSEC_KEY_STORE_ALIAS = "rs.security.keystore.alias";
-    
-    /**
-     * The keystore aliases corresponding to the keys to use, when using the JSON serialization form.
-     */
-    public static final String RSSEC_KEY_STORE_ALIASES = "rs.security.keystore.aliases";
-    
-    /**
-     * The path to the keystore file.
-     */
-    public static final String RSSEC_KEY_STORE_FILE = "rs.security.keystore.file";
-    
-    /**
-     * A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys.
-     */
-    public static final String RSSEC_KEY_PSWD_PROVIDER = "rs.security.key.password.provider";
-    
-    /**
-     * TODO documentation for these
-     */
-    public static final String RSSEC_REPORT_KEY_PROP = "rs.security.report.public.key";
-    public static final String RSSEC_REPORT_KEY_ID_PROP = "rs.security.report.public.key.id";
-    public static final String RSSEC_ACCEPT_PUBLIC_KEY_PROP = "rs.security.accept.public.key.properties";
-    public static final String RSSEC_KEY_STORE_JWKSET = "rs.security.keystore.jwkset";
-    public static final String RSSEC_KEY_STORE_JWKKEY = "rs.security.keystore.jwkkey";
-    
-    //
-    // JWS specific Configuration
-    //
-    
-    /**
-     * A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys
-     * for signature. If this is not specified it falls back to use the RSSEC_KEY_PSWD_PROVIDER.
-     */
-    public static final String RSSEC_SIGNATURE_KEY_PSWD_PROVIDER = "rs.security.signature.key.password.provider";
-    
-    /**
-     * The signature algorithm to use. The default algorithm if not specified is 'RS256'.
-     */
-    public static final String RSSEC_SIGNATURE_ALGORITHM = "rs.security.signature.algorithm";
-    
-    /**
-     * The OLD signature algorithm identifier. Use RSSEC_SIGNATURE_ALGORITHM instead.
-     */
-    @Deprecated
-    public static final String DEPR_RSSEC_SIGNATURE_ALGORITHM = "rs.security.jws.content.signature.algorithm";
-    
-    /**
-     * The signature properties file for signature creation. If not specified then it falls back to 
-     * RSSEC_SIGNATURE_PROPS.
-     */
-    public static final String RSSEC_SIGNATURE_OUT_PROPS = "rs.security.signature.out.properties";
-    
-    /**
-     * The signature properties file for signature verification. If not specified then it falls back to 
-     * RSSEC_SIGNATURE_PROPS.
-     */
-    public static final String RSSEC_SIGNATURE_IN_PROPS = "rs.security.signature.in.properties";
-    
-    /**
-     * The signature properties file for signature creation/verification.
-     */
-    public static final String RSSEC_SIGNATURE_PROPS = "rs.security.signature.properties";
-    
-    /**
-     * TODO documentation for these
-     */
-    public static final String RSSEC_SIGNATURE_REPORT_KEY_PROP = "rs.security.signature.report.public.key";
-    public static final String RSSEC_SIGNATURE_REPORT_KEY_ID_PROP = "rs.security.signature.report.public.key.id";
-    
-    //
-    // JWE specific Configuration
-    //
-    
-    /**
-     * A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys
-     * for decryption. If this is not specified it falls back to use the RSSEC_KEY_PSWD_PROVIDER.
-     */
-    public static final String RSSEC_DECRYPTION_KEY_PSWD_PROVIDER = "rs.security.decryption.key.password.provider";
-    
-    /**
-     * The encryption content algorithm to use. The default algorithm if not specified is 'A128GCM'.
-     */
-    public static final String RSSEC_ENCRYPTION_CONTENT_ALGORITHM = "rs.security.encryption.content.algorithm";
-    
-    /**
-     * The OLD encryption content algorithm to use. Use RSSEC_ENCRYPTION_CONTENT_ALGORITHM instead.
-     */
-    @Deprecated
-    public static final String DEPR_RSSEC_ENCRYPTION_CONTENT_ALGORITHM = 
-        "rs.security.jwe.content.encryption.algorithm";
-    
-    /**
-     * The encryption key algorithm to use. The default algorithm if not specified is 'RSA-OAEP' if the key is an
-     * RSA key, and 'A128GCMKW' if it is an octet sequence.
-     */
-    public static final String RSSEC_ENCRYPTION_KEY_ALGORITHM = "rs.security.encryption.key.algorithm";
-    
-    /**
-     * The OLD encryption key algorithm to use. Use RSSEC_ENCRYPTION_KEY_ALGORITHM instead.
-     */
-    @Deprecated
-    public static final String DEPR_RSSEC_ENCRYPTION_KEY_ALGORITHM = "rs.security.jwe.key.encryption.algorithm";
-    
-    /**
-     * The encryption zip algorithm to use.
-     */
-    public static final String RSSEC_ENCRYPTION_ZIP_ALGORITHM = "rs.security.encryption.zip.algorithm";
-    
-    /**
-     * The OLD encryption zip algorithm to use. Use RSSEC_ENCRYPTION_ZIP_ALGORITHM instead.
-     */
-    @Deprecated
-    public static final String DEPR_RSSEC_ENCRYPTION_ZIP_ALGORITHM = "rs.security.jwe.zip.algorithm";
-    
-    /**
-     * The encryption properties file for encryption creation. If not specified then it falls back to 
-     * RSSEC_ENCRYPTION_PROPS.
-     */
-    public static final String RSSEC_ENCRYPTION_OUT_PROPS = "rs.security.encryption.out.properties";
-    
-    /**
-     * The decryption properties file for decryption. If not specified then it falls back to 
-     * RSSEC_ENCRYPTION_PROPS.
-     */
-    public static final String RSSEC_ENCRYPTION_IN_PROPS = "rs.security.encryption.in.properties";
-    
-    /**
-     * The encryption/decryption properties file
-     */
-    public static final String RSSEC_ENCRYPTION_PROPS = "rs.security.encryption.properties";
-    
-    /**
-     * TODO documentation for these
-     */
-    public static final String RSSEC_ENCRYPTION_REPORT_KEY_PROP = "rs.security.encryption.report.public.key";
-    public static final String RSSEC_ENCRYPTION_REPORT_KEY_ID_PROP = "rs.security.encryption.report.public.key.id";
-    
-    //
-    // JWT specific configuration
-    //
-    
-    /**
-     * Whether to allow unsigned JWT tokens as SecurityContext Principals. The default is false.
-     */
-    public static final String ENABLE_UNSIGNED_JWT_PRINCIPAL = "rs.security.enable.unsigned-jwt.principal";
-    
-    
-    
-    private JoseConstants() {
-        
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseException.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseException.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseException.java
deleted file mode 100644
index ffaf2d1..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseException.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.common;
-
-public class JoseException extends RuntimeException {
-
-    private static final long serialVersionUID = 4118589816228511524L;
-    public JoseException() {
-
-    }
-    public JoseException(String error) {
-        super(error);
-    }
-    public JoseException(Throwable cause) {
-        super(cause);
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseHeaders.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseHeaders.java
deleted file mode 100644
index 3160232..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseHeaders.java
+++ /dev/null
@@ -1,179 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.common;
-
-import java.util.List;
-import java.util.Map;
-
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.jaxrs.json.basic.JsonMapObject;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-
-public abstract class JoseHeaders extends JsonMapObject {
-    public JoseHeaders() {
-    }
-    
-    public JoseHeaders(JoseType type) {
-        init(type);
-    }
-    
-    public JoseHeaders(JoseHeaders headers) {
-        this(headers.asMap());
-    }
-    
-    public JoseHeaders(Map<String, Object> values) {
-        super(values);
-    }
-    private void init(JoseType type) {
-        setType(type);
-    }
-    public void setType(JoseType type) {
-        setHeader(JoseConstants.HEADER_TYPE, type.toString());
-    }
-    
-    public JoseType getType() {
-        Object prop = getHeader(JoseConstants.HEADER_TYPE);
-        return prop == null ? null : JoseType.getType(prop.toString());
-    }
-    
-    public void setContentType(String type) {
-        setHeader(JoseConstants.HEADER_CONTENT_TYPE, type);
-    }
-    
-    public String getContentType() {
-        return (String)getHeader(JoseConstants.HEADER_CONTENT_TYPE);
-    }
-    
-    public void setAlgorithm(String algo) {
-        setHeader(JoseConstants.HEADER_ALGORITHM, algo);
-    }
-    
-    public String getAlgorithm() {
-        Object prop = getHeader(JoseConstants.HEADER_ALGORITHM);
-        return prop == null ? null : prop.toString();
-    }
-    
-    public void setKeyId(String kid) {
-        setHeader(JoseConstants.HEADER_KEY_ID, kid);
-    }
-    
-    public String getKeyId() {
-        return (String)getHeader(JoseConstants.HEADER_KEY_ID);
-    }
-    
-    public void setX509Url(String x509Url) {
-        setHeader(JoseConstants.HEADER_X509_URL, x509Url);
-    }
-
-    public String getX509Url() {
-        return (String)getHeader(JoseConstants.HEADER_X509_URL);
-    }
-    
-    public void setX509Chain(List<String> x509Chain) {
-        setProperty(JoseConstants.HEADER_X509_CHAIN, x509Chain);
-    }
-
-    public List<String> getX509Chain() {
-        return CastUtils.cast((List<?>)getProperty(JoseConstants.HEADER_X509_CHAIN));
-    }
-    
-    public void setX509Thumbprint(String x509Thumbprint) {
-        setHeader(JoseConstants.HEADER_X509_THUMBPRINT, x509Thumbprint);
-    }
-    
-    public String getX509Thumbprint() {
-        return (String)getHeader(JoseConstants.HEADER_X509_THUMBPRINT);
-    }
-    
-    public void setX509ThumbprintSHA256(String x509Thumbprint) {
-        setHeader(JoseConstants.HEADER_X509_THUMBPRINT_SHA256, x509Thumbprint);
-    }
-    
-    public String getX509ThumbprintSHA256() {
-        return (String)getHeader(JoseConstants.HEADER_X509_THUMBPRINT_SHA256);
-    }
-    
-    public void setCritical(List<String> crit) {
-        setHeader(JoseConstants.HEADER_CRITICAL, crit);
-    }
-    
-    public List<String> getCritical() {
-        return CastUtils.cast((List<?>)getHeader(JoseConstants.HEADER_CRITICAL));
-    }
-    
-    public void setJsonWebKey(JsonWebKey key) {
-        setJsonWebKey(JoseConstants.HEADER_JSON_WEB_KEY, key);
-    }
-    
-    public void setJsonWebKey(String headerName, JsonWebKey key) {
-        setHeader(headerName, key);
-    }
-    
-    public void setJsonWebKeysUrl(String url) {
-        setHeader(JoseConstants.HEADER_JSON_WEB_KEY_SET, url);
-    }
-    
-    public String getJsonWebKeysUrl() {
-        return (String)getHeader(JoseConstants.HEADER_JSON_WEB_KEY_SET);
-    }
-    
-    public JsonWebKey getJsonWebKey() {
-        return getJsonWebKey(JoseConstants.HEADER_JSON_WEB_KEY);
-    }
-    public JsonWebKey getJsonWebKey(String headerName) {
-        Object jsonWebKey = getHeader(headerName);
-        if (jsonWebKey == null || jsonWebKey instanceof JsonWebKey) {
-            return (JsonWebKey)jsonWebKey;
-        }  
-        Map<String, Object> map = CastUtils.cast((Map<?, ?>)jsonWebKey);
-        return new JsonWebKey(map);
-    }
-    
-    public JoseHeaders setHeader(String name, Object value) {
-        setProperty(name, value);
-        return this;
-    }
-    
-    public Object getHeader(String name) {
-        return getProperty(name);
-    }
-    
-    public JoseHeaders setIntegerHeader(String name, Integer value) {
-        setHeader(name, value);
-        return this;
-    }
-    
-    public Integer getIntegerHeader(String name) {
-        return getIntegerProperty(name);
-    }
-    public JoseHeaders setLongHeader(String name, Long value) {
-        setHeader(name, value);
-        return this;
-    }
-    
-    public Long getLongHeader(String name) {
-        return getLongProperty(name);
-    }
-    
-    public boolean containsHeader(String name) {
-        return containsProperty(name);
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseType.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseType.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseType.java
deleted file mode 100644
index 595a3f7..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseType.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.common;
-
-
-public enum JoseType {
-    JOSE(JoseConstants.TYPE_JOSE),
-    JOSE_JSON(JoseConstants.TYPE_JOSE_JSON),
-    JWT(JoseConstants.TYPE_JWT);
-    
-    private final String type;
-    private JoseType(String type) {
-        this.type = type;
-    }
-    public static JoseType getType(String type) {
-        if (type == null) {
-            return null;
-        } else if (JoseConstants.TYPE_JOSE_JSON.equals(type)) {
-            return JOSE_JSON;    
-        } else {
-            return valueOf(type);
-        }
-    }
-    public String toString() {
-        return type;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java
deleted file mode 100644
index 7c2f4eb..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java
+++ /dev/null
@@ -1,200 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.common;
-
-import java.io.File;
-import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
-import java.net.URL;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Properties;
-import java.util.Set;
-import java.util.logging.Logger;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.common.classloader.ClassLoaderUtils;
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.phase.PhaseInterceptorChain;
-import org.apache.cxf.resource.ResourceManager;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-
-public final class JoseUtils {
-    private static final Logger LOG = LogUtils.getL7dLogger(JoseUtils.class);
-    private static final String CLASSPATH_PREFIX = "classpath:";
-    
-    private JoseUtils() {
-        
-    }
-    public static String[] getCompactParts(String compactContent) {
-        if (compactContent.startsWith("\"") && compactContent.endsWith("\"")) {
-            compactContent = compactContent.substring(1, compactContent.length() - 1);
-        }
-        return StringUtils.split(compactContent, "\\.");    
-    }
-    public static void setJoseContextProperty(JoseHeaders headers) {    
-        Message message = PhaseInterceptorChain.getCurrentMessage();
-        String context = (String)message.get(JoseConstants.JOSE_CONTEXT_PROPERTY);
-        if (context != null) {
-            headers.setHeader(JoseConstants.JOSE_CONTEXT_PROPERTY, context);
-        }
-    }
-    public static void setJoseMessageContextProperty(JoseHeaders headers, String value) {    
-        headers.setHeader(JoseConstants.JOSE_CONTEXT_PROPERTY, value);
-        Message message = PhaseInterceptorChain.getCurrentMessage();
-        message.put(JoseConstants.JOSE_CONTEXT_PROPERTY, value);
-    }
-    public static void setMessageContextProperty(JoseHeaders headers) {    
-        String context = (String)headers.getHeader(JoseConstants.JOSE_CONTEXT_PROPERTY);
-        if (context != null) {
-            Message message = PhaseInterceptorChain.getCurrentMessage();
-            message.put(JoseConstants.JOSE_CONTEXT_PROPERTY, context);
-        }
-    }
-    public static void validateRequestContextProperty(JoseHeaders headers) {
-        Message message = PhaseInterceptorChain.getCurrentMessage();
-        Object requestContext = message.get(JoseConstants.JOSE_CONTEXT_PROPERTY);
-        Object headerContext = headers.getHeader(JoseConstants.JOSE_CONTEXT_PROPERTY);
-        if (requestContext == null && headerContext == null) {
-            return;
-        }
-        if (requestContext == null && headerContext != null
-            || requestContext != null && headerContext == null
-            || !requestContext.equals(headerContext)) {
-            LOG.warning("Invalid JOSE context property");
-            throw new JoseException();
-        }
-    }
-    
-    public static String checkContentType(String contentType, String defaultType) {
-        if (contentType != null) {
-            int paramIndex = contentType.indexOf(';');
-            String typeWithoutParams = paramIndex == -1 ? contentType : contentType.substring(0, paramIndex);
-            if (typeWithoutParams.indexOf('/') == -1) {
-                contentType = "application/" + contentType;
-            }
-        } else {
-            contentType = defaultType;
-        }
-        return contentType;
-    }
-    public static String expandContentType(String contentType) {
-        int paramIndex = contentType.indexOf(';');
-        String typeWithoutParams = paramIndex == -1 ? contentType : contentType.substring(0, paramIndex);
-        if (typeWithoutParams.indexOf('/') == -1) {
-            contentType = "application/" + contentType;
-        }
-        return contentType;
-    }
-    
-    public static String decodeToString(String encoded) {
-        try {
-            return new String(decode(encoded), "UTF-8");
-        } catch (UnsupportedEncodingException ex) {
-            throw new JoseException(ex);
-        }
-        
-    }
-    public static byte[] decode(String encoded) {
-        return CryptoUtils.decodeSequence(encoded);
-    }
-    
-    public static boolean validateCriticalHeaders(JoseHeaders headers) {
-        List<String> critical = headers.getCritical();
-        if (critical == null) {
-            return true;
-        }
-        // The "crit" value MUST NOT be empty "[]" or contain either duplicate values or "crit"
-        if (critical.isEmpty() 
-            || detectDoubleEntry(critical)
-            || critical.contains(JoseConstants.HEADER_CRITICAL)) {
-            return false;
-        }
-        
-        // Check that the headers contain these critical headers
-        return headers.asMap().keySet().containsAll(critical);
-    }
-    private static boolean detectDoubleEntry(List<?> list) {
-        Set<Object> inputSet = new HashSet<Object>(list);
-        return list.size() > inputSet.size();
-    }
-    
-    //
-    // <Start> Copied from JAX-RS RT FRONTEND ResourceUtils
-    //
-    
-    public static InputStream getResourceStream(String loc, Bus bus) throws Exception {
-        URL url = getResourceURL(loc, bus);
-        return url == null ? null : url.openStream();
-    }
-    
-    public static URL getResourceURL(String loc, Bus bus) throws Exception {
-        URL url = null;
-        if (loc.startsWith(CLASSPATH_PREFIX)) {
-            String path = loc.substring(CLASSPATH_PREFIX.length());
-            url = JoseUtils.getClasspathResourceURL(path, JoseUtils.class, bus);
-        } else {
-            try {
-                url = new URL(loc);
-            } catch (Exception ex) {
-                // it can be either a classpath or file resource without a scheme
-                url = JoseUtils.getClasspathResourceURL(loc, JoseUtils.class, bus);
-                if (url == null) {
-                    File file = new File(loc);
-                    if (file.exists()) {
-                        url = file.toURI().toURL();
-                    }
-                }
-            }
-        }
-        if (url == null) {
-            LOG.warning("No resource " + loc + " is available");
-        }
-        return url;
-    }
-    
-    public static URL getClasspathResourceURL(String path, Class<?> callingClass, Bus bus) {
-        URL url = ClassLoaderUtils.getResource(path, callingClass);
-        return url == null ? getResource(path, URL.class, bus) : url;
-    }
-    
-    public static <T> T getResource(String path, Class<T> resourceClass, Bus bus) {
-        if (bus != null) {
-            ResourceManager rm = bus.getExtension(ResourceManager.class);
-            if (rm != null) {
-                return rm.resolveResource(path, resourceClass);
-            }
-        }
-        return null;
-    }
-    
-    public static Properties loadProperties(String propertiesLocation, Bus bus) throws Exception {
-        Properties props = new Properties();
-        InputStream is = getResourceStream(propertiesLocation, bus);
-        props.load(is);
-        return props;
-    }
-    
-    //
-    // <End> Copied from JAX-RS RT FRONTEND ResourceUtils
-    //
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
deleted file mode 100644
index 0c32919..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
+++ /dev/null
@@ -1,366 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.common;
-
-import java.io.InputStream;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertPathBuilderResult;
-import java.security.cert.CertPathValidator;
-import java.security.cert.CertStore;
-import java.security.cert.Certificate;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.Properties;
-import java.util.logging.Logger;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageUtils;
-import org.apache.cxf.phase.PhaseInterceptorChain;
-import org.apache.cxf.rs.security.jose.jwk.KeyOperation;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-
-/**
- * Encryption helpers
- */
-public final class KeyManagementUtils {
-    private static final Logger LOG = LogUtils.getL7dLogger(KeyManagementUtils.class);
-    
-    private KeyManagementUtils() {
-    }
-    public static List<String> loadAndEncodeX509CertificateOrChain(Message m, Properties props) {
-        X509Certificate[] chain = loadX509CertificateOrChain(m, props);
-        return encodeX509CertificateChain(chain);
-    }
-    public static X509Certificate[] loadX509CertificateOrChain(Message m, Properties props) {
-        KeyStore keyStore = KeyManagementUtils.loadPersistKeyStore(m, props);
-        String alias = props.getProperty(JoseConstants.RSSEC_KEY_STORE_ALIAS);
-        return loadX509CertificateOrChain(keyStore, alias);
-    }
-    private static X509Certificate[] loadX509CertificateOrChain(KeyStore keyStore, String alias) {
-        try {
-            Certificate[] certs = keyStore.getCertificateChain(alias);
-            if (certs != null) {
-                return Arrays.copyOf(certs, certs.length, X509Certificate[].class);
-            } else {
-                return new X509Certificate[]{(X509Certificate)CryptoUtils.loadCertificate(keyStore, alias)};
-            }
-        } catch (Exception ex) {
-            LOG.warning("X509 Certificates can not be created");
-            throw new JoseException(ex);
-        }    
-    }
-    
-    public static PublicKey loadPublicKey(Message m, Properties props) {
-        KeyStore keyStore = KeyManagementUtils.loadPersistKeyStore(m, props);
-        return CryptoUtils.loadPublicKey(keyStore, props.getProperty(JoseConstants.RSSEC_KEY_STORE_ALIAS));
-    }
-    public static PublicKey loadPublicKey(Message m, String keyStoreLocProp) {
-        return loadPublicKey(m, keyStoreLocProp, null);
-    }
-    public static PublicKey loadPublicKey(Message m, String keyStoreLocPropPreferred, String keyStoreLocPropDefault) {
-        String keyStoreLoc = getMessageProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault);
-        Bus bus = m.getExchange().getBus();
-        try {
-            Properties props = JoseUtils.loadProperties(keyStoreLoc, bus);
-            return KeyManagementUtils.loadPublicKey(m, props);
-        } catch (Exception ex) {
-            LOG.warning("Public key can not be loaded");
-            throw new JoseException(ex);
-        }
-    }
-    private static String getMessageProperty(Message m, String keyStoreLocPropPreferred, 
-                                             String keyStoreLocPropDefault) {
-        String propLoc = 
-            (String)MessageUtils.getContextualProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault);
-        if (propLoc == null) {
-            LOG.warning("Properties resource is not identified");
-            throw new JoseException();
-        }
-        return propLoc;
-    }
-    private static PrivateKey loadPrivateKey(KeyStore keyStore, 
-                                            Message m,
-                                            Properties props, 
-                                            Bus bus, 
-                                            PrivateKeyPasswordProvider provider,
-                                            KeyOperation keyOper,
-                                            String alias) {
-        
-        String keyPswd = props.getProperty(JoseConstants.RSSEC_KEY_PSWD);
-        String theAlias = alias != null ? alias : getKeyId(m, props, JoseConstants.RSSEC_KEY_STORE_ALIAS, keyOper);
-        char[] keyPswdChars = provider != null ? provider.getPassword(props) 
-            : keyPswd != null ? keyPswd.toCharArray() : null;    
-        return CryptoUtils.loadPrivateKey(keyStore, keyPswdChars, theAlias);
-    }
-    
-    public static PrivateKey loadPrivateKey(Message m, String keyStoreLocProp, KeyOperation keyOper) {
-        return loadPrivateKey(m, keyStoreLocProp, null, keyOper);
-    }
-    public static PrivateKey loadPrivateKey(Message m, String keyStoreLocPropPreferred,
-                                            String keyStoreLocPropDefault, KeyOperation keyOper) {
-        String keyStoreLoc = getMessageProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault);
-        Bus bus = m.getExchange().getBus();
-        try {
-            Properties props = JoseUtils.loadProperties(keyStoreLoc, bus);
-            return loadPrivateKey(m, props, keyOper);
-        } catch (Exception ex) {
-            throw new SecurityException(ex);
-        }
-    }
-    
-    public static String getKeyId(Message m, Properties props, 
-                                  String preferredPropertyName, 
-                                  KeyOperation keyOper) {
-        String kid = null;
-        String altPropertyName = null;
-        if (keyOper != null) {
-            if (keyOper == KeyOperation.ENCRYPT || keyOper == KeyOperation.DECRYPT) {
-                altPropertyName = preferredPropertyName + ".jwe";
-            } else if (keyOper == KeyOperation.SIGN || keyOper == KeyOperation.VERIFY) {
-                altPropertyName = preferredPropertyName + ".jws";
-            }
-            String direction = m.getExchange().getOutMessage() == m ? ".out" : ".in";
-            kid = (String)MessageUtils.getContextualProperty(m, preferredPropertyName, altPropertyName + direction);
-            // Check whether the direction is not set for the altPropertyName
-            if (kid == null && altPropertyName != null) {
-                kid = (String)m.getContextualProperty(altPropertyName);
-            }
-        }
-        
-        if (kid == null) {
-            kid = props.getProperty(preferredPropertyName);
-        }
-        if (kid == null && altPropertyName != null) {
-            kid = props.getProperty(altPropertyName);
-        }
-        return kid;
-    }
-    public static PrivateKeyPasswordProvider loadPasswordProvider(Message m, Properties props, KeyOperation keyOper) {
-        PrivateKeyPasswordProvider cb = null;
-        if (keyOper != null) {
-            String propName = keyOper == KeyOperation.SIGN ? JoseConstants.RSSEC_SIGNATURE_KEY_PSWD_PROVIDER
-                : keyOper == KeyOperation.DECRYPT 
-                ? JoseConstants.RSSEC_DECRYPTION_KEY_PSWD_PROVIDER : null;
-            if (propName != null) {
-                cb = (PrivateKeyPasswordProvider)m.getContextualProperty(propName);
-            }
-        }
-        if (cb == null) {
-            cb = (PrivateKeyPasswordProvider)m.getContextualProperty(JoseConstants.RSSEC_KEY_PSWD_PROVIDER);
-        }
-        return cb;
-    }
-    
-    public static PrivateKey loadPrivateKey(Message m, Properties props, KeyOperation keyOper) {
-        KeyStore keyStore = loadPersistKeyStore(m, props);
-        return loadPrivateKey(keyStore, m, props, keyOper, null);
-    }
-    private static PrivateKey loadPrivateKey(KeyStore keyStore, Message m, Properties props, KeyOperation keyOper, 
-                                                String alias) {
-        Bus bus = m.getExchange().getBus();
-        PrivateKeyPasswordProvider cb = loadPasswordProvider(m, props, keyOper);
-        return loadPrivateKey(keyStore, m, props, bus, cb, keyOper, alias);
-    }
-    public static KeyStore loadPersistKeyStore(Message m, Properties props) {
-        if (!props.containsKey(JoseConstants.RSSEC_KEY_STORE_FILE)) {
-            LOG.warning("No keystore file has been configured");
-            throw new JoseException("No keystore file has been configured");
-        }
-        KeyStore keyStore = (KeyStore)m.getExchange().get(props.get(JoseConstants.RSSEC_KEY_STORE_FILE));
-        if (keyStore == null) {
-            keyStore = loadKeyStore(props, m.getExchange().getBus());
-            m.getExchange().put((String)props.get(JoseConstants.RSSEC_KEY_STORE_FILE), keyStore);
-        }
-        return keyStore;
-    }
-    public static KeyStore loadKeyStore(Properties props, Bus bus) {
-        String keyStoreType = props.getProperty(JoseConstants.RSSEC_KEY_STORE_TYPE);
-        String keyStoreLoc = props.getProperty(JoseConstants.RSSEC_KEY_STORE_FILE);
-        String keyStorePswd = props.getProperty(JoseConstants.RSSEC_KEY_STORE_PSWD);
-        
-        if (keyStorePswd == null) {
-            throw new JoseException("No keystore password was defined");
-        }
-        try {
-            InputStream is = JoseUtils.getResourceStream(keyStoreLoc, bus);
-            return CryptoUtils.loadKeyStore(is, keyStorePswd.toCharArray(), keyStoreType);
-        } catch (Exception ex) {
-            LOG.warning("Key store can not be loaded");
-            throw new JoseException(ex);
-        }
-    }
-    public static List<String> encodeX509CertificateChain(X509Certificate[] chain) {
-        return encodeX509CertificateChain(Arrays.asList(chain));
-    }
-    public static List<String> encodeX509CertificateChain(List<X509Certificate> chain) {
-        List<String> encodedChain = new ArrayList<String>(chain.size());
-        for (X509Certificate cert : chain) {
-            try {
-                encodedChain.add(CryptoUtils.encodeCertificate(cert));
-            } catch (Exception ex) {
-                LOG.warning("X509 Certificate can not be encoded");
-                throw new JoseException(ex);
-            }    
-        }
-        return encodedChain;
-    }
-    public static List<X509Certificate> toX509CertificateChain(List<String> base64EncodedChain) {
-        if (base64EncodedChain != null) {
-            List<X509Certificate> certs = new ArrayList<X509Certificate>(base64EncodedChain.size());
-            for (String encodedCert : base64EncodedChain) {
-                try {
-                    certs.add((X509Certificate)CryptoUtils.decodeCertificate(encodedCert));
-                } catch (Exception ex) {
-                    LOG.warning("X509 Certificate can not be decoded");
-                    throw new JoseException(ex);
-                }
-            }
-            return certs;
-        } else {
-            return null;
-        }
-    }
-    //TODO: enhance the certificate validation code
-    public static void validateCertificateChain(Properties storeProperties, List<X509Certificate> inCerts) {
-        Message message = PhaseInterceptorChain.getCurrentMessage();
-        KeyStore ks = loadPersistKeyStore(message, storeProperties);
-        validateCertificateChain(ks, inCerts);
-    }
-    public static void validateCertificateChain(KeyStore ks, List<X509Certificate> inCerts) {
-        // Initial chain validation, to be enhanced as needed
-        try {
-            X509CertSelector certSelect = new X509CertSelector();
-            certSelect.setCertificate((X509Certificate) inCerts.get(0));
-            PKIXBuilderParameters pbParams = new PKIXBuilderParameters(ks, certSelect);
-            pbParams.addCertStore(CertStore.getInstance("Collection", 
-                                                        new CollectionCertStoreParameters(inCerts)));
-            pbParams.setMaxPathLength(-1);
-            pbParams.setRevocationEnabled(false);
-            CertPathBuilderResult buildResult = CertPathBuilder.getInstance("PKIX").build(pbParams);               
-            CertPath certPath = buildResult.getCertPath();
-            CertPathValidator.getInstance("PKIX").validate(certPath, pbParams);
-        } catch (Exception ex) {
-            LOG.warning("Certificate path validation error");
-            throw new JoseException(ex);
-        }
-    }
-    public static X509Certificate[] toX509CertificateChainArray(List<String> base64EncodedChain) {
-        List<X509Certificate> chain = toX509CertificateChain(base64EncodedChain);
-        return chain == null ? null : chain.toArray(new X509Certificate[]{});
-    }
-    public static String getKeyAlgorithm(Message m, Properties props, String propName, String defaultAlg) {
-        String algo = props.getProperty(propName);
-        if (algo == null) {
-            algo = (String)m.getContextualProperty(propName);
-        }
-        if (algo == null) {
-            algo = defaultAlg;
-        }
-        return algo;
-    }
-
-    public static Properties loadStoreProperties(Message m, boolean required, 
-                                                 String storeProp1, String storeProp2) {
-        if (m == null) {
-            if (required) {
-                throw new JoseException();
-            }
-            return null;
-        }
-        Properties props = null;
-        String propLoc = 
-            (String)MessageUtils.getContextualProperty(m, storeProp1, storeProp2);
-        if (propLoc != null) {
-            try {
-                props = JoseUtils.loadProperties(propLoc, m.getExchange().getBus());
-            } catch (Exception ex) {
-                LOG.warning("Properties resource is not identified");
-                throw new JoseException(ex);
-            }
-        } else {
-            String keyFile = (String)m.getContextualProperty(JoseConstants.RSSEC_KEY_STORE_FILE);
-            if (keyFile != null) {
-                props = new Properties();
-                props.setProperty(JoseConstants.RSSEC_KEY_STORE_FILE, keyFile);
-                String type = (String)m.getContextualProperty(JoseConstants.RSSEC_KEY_STORE_TYPE);
-                if (type == null) {
-                    type = "jwk";
-                }
-                props.setProperty(JoseConstants.RSSEC_KEY_STORE_TYPE, type);
-                String alias = (String)m.getContextualProperty(JoseConstants.RSSEC_KEY_STORE_ALIAS);
-                if (alias != null) {
-                    props.setProperty(JoseConstants.RSSEC_KEY_STORE_ALIAS, alias);
-                }
-                String keystorePassword = (String)m.getContextualProperty(JoseConstants.RSSEC_KEY_STORE_PSWD);
-                if (keystorePassword != null) {
-                    props.setProperty(JoseConstants.RSSEC_KEY_STORE_PSWD, keystorePassword);
-                }
-                String keyPassword = (String)m.getContextualProperty(JoseConstants.RSSEC_KEY_PSWD);
-                if (keyPassword != null) {
-                    props.setProperty(JoseConstants.RSSEC_KEY_PSWD, keyPassword);
-                }
-            }
-        }
-        if (props == null) {
-            if (required) {
-                LOG.warning("Properties resource is not identified");
-                throw new JoseException();
-            }
-            props = new Properties();
-        }
-        return props; 
-    }
-    public static PrivateKey loadPrivateKey(Message m, Properties props, 
-                                            List<X509Certificate> inCerts, 
-                                            KeyOperation keyOper) {
-        KeyStore ks = loadPersistKeyStore(m, props);
-        
-        try {
-            String alias = ks.getCertificateAlias(inCerts.get(0));
-            if (alias != null) {
-                for (Enumeration<String> e = ks.aliases(); e.hasMoreElements();) {
-                    String currentAlias = e.nextElement();
-                    X509Certificate[] currentCertArray = loadX509CertificateOrChain(ks, currentAlias);
-                    if (currentCertArray != null) {
-                        alias = currentAlias;
-                        break;
-                    }
-                }
-            }
-            return loadPrivateKey(ks, m, props, keyOper, alias);
-            
-        } catch (Exception ex) {
-            LOG.warning("Private key can not be loaded");
-            throw new JoseException(ex);
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/PrivateKeyPasswordProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/PrivateKeyPasswordProvider.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/PrivateKeyPasswordProvider.java
deleted file mode 100644
index fc58ee5..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/common/PrivateKeyPasswordProvider.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.common;
-
-import java.util.Properties;
-
-public interface PrivateKeyPasswordProvider {
-    char[] getPassword(Properties storeProperties); 
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
deleted file mode 100644
index 76854ca..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
+++ /dev/null
@@ -1,271 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.jwa;
-
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-
-
-
-public final class AlgorithmUtils {
-    public static final String AES = "AES";
-    
-    // Key Encryption
-    // JWA
-    public static final String RSA_OAEP_ALGO = "RSA-OAEP";
-    public static final String RSA_OAEP_256_ALGO = "RSA-OAEP-256";
-    public static final String RSA1_5_ALGO = "RSA1_5";
-    public static final String A128KW_ALGO = "A128KW";
-    public static final String A192KW_ALGO = "A192KW";
-    public static final String A256KW_ALGO = "A256KW";
-    public static final String A128GCMKW_ALGO = "A128GCMKW";
-    public static final String A192GCMKW_ALGO = "A192GCMKW";
-    public static final String A256GCMKW_ALGO = "A256GCMKW";
-    public static final String ECDH_ES_A128KW_ALGO = "ECDH-ES+A128KW";
-    public static final String ECDH_ES_A192KW_ALGO = "ECDH-ES+A192KW";
-    public static final String ECDH_ES_A256KW_ALGO = "ECDH-ES+A256KW";
-    public static final String PBES2_HS256_A128KW_ALGO = "PBES2-HS256+A128KW";
-    public static final String PBES2_HS384_A192KW_ALGO = "PBES2-HS384+A192KW";
-    public static final String PBES2_HS512_A256KW_ALGO = "PBES2-HS512+A256KW";
-    public static final String ECDH_ES_DIRECT_ALGO = "ECDH-ES";
-    // Java
-    public static final String RSA_OAEP_ALGO_JAVA = "RSA/ECB/OAEPWithSHA-1AndMGF1Padding";
-    public static final String RSA_OAEP_256_ALGO_JAVA = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding";
-    public static final String RSA_1_5_ALGO_JAVA = "RSA/ECB/PKCS1Padding";
-    public static final String AES_WRAP_ALGO_JAVA = AES + "Wrap";
-    // Content Encryption
-    // JWA
-    public static final String A128CBC_HS256_ALGO = "A128CBC-HS256";
-    public static final String A192CBC_HS384_ALGO = "A192CBC-HS384";
-    public static final String A256CBC_HS512_ALGO = "A256CBC-HS512";
-    public static final String A128GCM_ALGO = "A128GCM";
-    public static final String A192GCM_ALGO = "A192GCM";
-    public static final String A256GCM_ALGO = "A256GCM";
-    // Java
-    public static final String AES_GCM_ALGO_JAVA = AES + "/GCM/NoPadding";
-    public static final String AES_CBC_ALGO_JAVA = AES + "/CBC/PKCS7Padding";
-    // Signature
-    // JWA
-    public static final String HMAC_SHA_256_ALGO = "HS256";
-    public static final String HMAC_SHA_384_ALGO = "HS384";
-    public static final String HMAC_SHA_512_ALGO = "HS512";
-    public static final String RS_SHA_256_ALGO = "RS256";
-    public static final String RS_SHA_384_ALGO = "RS384";
-    public static final String RS_SHA_512_ALGO = "RS512";
-    public static final String PS_SHA_256_ALGO = "PS256";
-    public static final String PS_SHA_384_ALGO = "PS384";
-    public static final String PS_SHA_512_ALGO = "PS512";
-    public static final String ES_SHA_256_ALGO = "ES256";
-    public static final String ES_SHA_384_ALGO = "ES384";
-    public static final String ES_SHA_512_ALGO = "ES512";
-    public static final String NONE_TEXT_ALGO = "none";
-    // Java
-    public static final String HMAC_SHA_256_JAVA = "HmacSHA256";
-    public static final String HMAC_SHA_384_JAVA = "HmacSHA384";
-    public static final String HMAC_SHA_512_JAVA = "HmacSHA512";
-    public static final String RS_SHA_256_JAVA = "SHA256withRSA";
-    public static final String RS_SHA_384_JAVA = "SHA384withRSA";
-    public static final String RS_SHA_512_JAVA = "SHA512withRSA";
-    public static final String PS_SHA_256_JAVA = "SHA256withRSAandMGF1";
-    public static final String PS_SHA_384_JAVA = "SHA384withRSAandMGF1";
-    public static final String PS_SHA_512_JAVA = "SHA512withRSAandMGF1";
-    public static final String ES_SHA_256_JAVA = "SHA256withECDSA";
-    public static final String ES_SHA_384_JAVA = "SHA384withECDSA";
-    public static final String ES_SHA_512_JAVA = "SHA512withECDSA";
-    
-    public static final Set<String> HMAC_SIGN_SET = new HashSet<String>(Arrays.asList(HMAC_SHA_256_ALGO,
-                                                                                      HMAC_SHA_384_ALGO,
-                                                                                      HMAC_SHA_512_ALGO));
-    public static final Set<String> RSA_SHA_SIGN_SET = new HashSet<String>(Arrays.asList(RS_SHA_256_ALGO,
-                                                                      RS_SHA_384_ALGO,
-                                                                      RS_SHA_512_ALGO));
-    public static final Set<String> RSA_SHA_PS_SIGN_SET = new HashSet<String>(Arrays.asList(PS_SHA_256_ALGO,
-                                        PS_SHA_384_ALGO,
-                                        PS_SHA_512_ALGO));
-    public static final Set<String> EC_SHA_SIGN_SET = new HashSet<String>(Arrays.asList(ES_SHA_256_ALGO,
-                                                                       ES_SHA_384_ALGO,
-                                                                       ES_SHA_512_ALGO));
-    public static final Set<String> RSA_CEK_SET = new HashSet<String>(Arrays.asList(RSA_OAEP_ALGO,
-                                                                                  RSA_OAEP_256_ALGO,
-                                                                                  RSA1_5_ALGO));
-    public static final Set<String> AES_GCM_CEK_SET = new HashSet<String>(Arrays.asList(A128GCM_ALGO,
-                                                                                      A192GCM_ALGO,
-                                                                                      A256GCM_ALGO));
-    public static final Set<String> AES_GCM_KW_SET = new HashSet<String>(Arrays.asList(A128GCMKW_ALGO,
-                                                                                      A192GCMKW_ALGO,
-                                                                                      A256GCMKW_ALGO));
-    public static final Set<String> AES_KW_SET = new HashSet<String>(Arrays.asList(A128KW_ALGO,
-                                                                                   A192KW_ALGO,
-                                                                                   A256KW_ALGO));
-    public static final Set<String> ACBC_HS_SET = new HashSet<String>(Arrays.asList(A128CBC_HS256_ALGO,
-                                        A192CBC_HS384_ALGO,
-                                        A256CBC_HS512_ALGO));
-    public static final Set<String> PBES_HS_SET = new HashSet<String>(Arrays.asList(PBES2_HS256_A128KW_ALGO,
-                                          PBES2_HS384_A192KW_ALGO,
-                                          PBES2_HS512_A256KW_ALGO));
-    public static final Set<String> ECDH_ES_WRAP_SET = new HashSet<String>(Arrays.asList(ECDH_ES_A128KW_ALGO,
-                      ECDH_ES_A192KW_ALGO,
-                      ECDH_ES_A256KW_ALGO));
-    
-    private static final Map<String, String> JAVA_TO_JWA_NAMES;
-    private static final Map<String, String> JWA_TO_JAVA_NAMES;
-    static {
-        JAVA_TO_JWA_NAMES = new HashMap<String, String>();
-        JAVA_TO_JWA_NAMES.put(HMAC_SHA_256_JAVA, HMAC_SHA_256_ALGO);
-        JAVA_TO_JWA_NAMES.put(HMAC_SHA_384_JAVA, HMAC_SHA_384_ALGO);
-        JAVA_TO_JWA_NAMES.put(HMAC_SHA_512_JAVA, HMAC_SHA_512_ALGO);
-        JAVA_TO_JWA_NAMES.put(RS_SHA_256_JAVA, RS_SHA_256_ALGO);
-        JAVA_TO_JWA_NAMES.put(RS_SHA_384_JAVA, RS_SHA_384_ALGO);
-        JAVA_TO_JWA_NAMES.put(RS_SHA_512_JAVA, RS_SHA_512_ALGO);
-        JAVA_TO_JWA_NAMES.put(PS_SHA_256_JAVA, PS_SHA_256_ALGO);
-        JAVA_TO_JWA_NAMES.put(PS_SHA_384_JAVA, PS_SHA_384_ALGO);
-        JAVA_TO_JWA_NAMES.put(PS_SHA_512_JAVA, PS_SHA_512_ALGO);
-        JAVA_TO_JWA_NAMES.put(ES_SHA_256_JAVA, ES_SHA_256_ALGO);
-        JAVA_TO_JWA_NAMES.put(ES_SHA_384_JAVA, ES_SHA_384_ALGO);
-        JAVA_TO_JWA_NAMES.put(ES_SHA_512_JAVA, ES_SHA_512_ALGO);
-        JAVA_TO_JWA_NAMES.put(RSA_OAEP_ALGO_JAVA, RSA_OAEP_ALGO);
-        JAVA_TO_JWA_NAMES.put(RSA_OAEP_256_ALGO_JAVA, RSA_OAEP_256_ALGO);
-        JAVA_TO_JWA_NAMES.put(RSA_1_5_ALGO_JAVA, RSA1_5_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_GCM_ALGO_JAVA, A256GCM_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_GCM_ALGO_JAVA, A192GCM_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_GCM_ALGO_JAVA, A128GCM_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_WRAP_ALGO_JAVA, A128KW_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_WRAP_ALGO_JAVA, A192KW_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_WRAP_ALGO_JAVA, A256KW_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_CBC_ALGO_JAVA, A128CBC_HS256_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_CBC_ALGO_JAVA, A192CBC_HS384_ALGO);
-        JAVA_TO_JWA_NAMES.put(AES_CBC_ALGO_JAVA, A256CBC_HS512_ALGO);
-        JWA_TO_JAVA_NAMES = new HashMap<String, String>();
-        JWA_TO_JAVA_NAMES.put(HMAC_SHA_256_ALGO, HMAC_SHA_256_JAVA);
-        JWA_TO_JAVA_NAMES.put(HMAC_SHA_384_ALGO, HMAC_SHA_384_JAVA);
-        JWA_TO_JAVA_NAMES.put(HMAC_SHA_512_ALGO, HMAC_SHA_512_JAVA);
-        JWA_TO_JAVA_NAMES.put(RS_SHA_256_ALGO, RS_SHA_256_JAVA);
-        JWA_TO_JAVA_NAMES.put(RS_SHA_384_ALGO, RS_SHA_384_JAVA);
-        JWA_TO_JAVA_NAMES.put(RS_SHA_512_ALGO, RS_SHA_512_JAVA);
-        JWA_TO_JAVA_NAMES.put(PS_SHA_256_ALGO, PS_SHA_256_JAVA);
-        JWA_TO_JAVA_NAMES.put(PS_SHA_384_ALGO, PS_SHA_384_JAVA);
-        JWA_TO_JAVA_NAMES.put(PS_SHA_512_ALGO, PS_SHA_512_JAVA);
-        JWA_TO_JAVA_NAMES.put(ES_SHA_256_ALGO, ES_SHA_256_JAVA);
-        JWA_TO_JAVA_NAMES.put(ES_SHA_384_ALGO, ES_SHA_384_JAVA);
-        JWA_TO_JAVA_NAMES.put(ES_SHA_512_ALGO, ES_SHA_512_JAVA);
-        JWA_TO_JAVA_NAMES.put(RSA_OAEP_ALGO, RSA_OAEP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(RSA_OAEP_256_ALGO, RSA_OAEP_256_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(RSA1_5_ALGO, RSA_1_5_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A128KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A192KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A256KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A256GCM_ALGO, AES_GCM_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A192GCM_ALGO, AES_GCM_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A128GCM_ALGO, AES_GCM_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A256GCMKW_ALGO, AES_GCM_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A192GCMKW_ALGO, AES_GCM_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A128GCMKW_ALGO, AES_GCM_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A128CBC_HS256_ALGO, AES_CBC_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A192CBC_HS384_ALGO, AES_CBC_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(A256CBC_HS512_ALGO, AES_CBC_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(PBES2_HS256_A128KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(PBES2_HS384_A192KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(PBES2_HS512_A256KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(ECDH_ES_A128KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(ECDH_ES_A192KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWA_TO_JAVA_NAMES.put(ECDH_ES_A256KW_ALGO, AES_WRAP_ALGO_JAVA);
-    }
-    
-    private AlgorithmUtils() {
-    }
-    public static boolean isRsa(String algo) {
-        return isRsaKeyWrap(algo) || isRsaSign(algo);
-    }
-    public static boolean isRsaKeyWrap(String algo) {
-        return RSA_CEK_SET.contains(algo);
-    }
-    public static boolean isAesKeyWrap(String algo) {
-        return AES_KW_SET.contains(algo);
-    }
-    public static boolean isAesGcmKeyWrap(String algo) {
-        return AES_GCM_KW_SET.contains(algo);
-    }
-    public static boolean isPbesHsWrap(String algo) {
-        return PBES_HS_SET.contains(algo); 
-    }
-    public static boolean isEcdhEsWrap(String algo) {
-        return ECDH_ES_WRAP_SET.contains(algo); 
-    }
-    public static boolean isEcdhEsDirect(String algo) {
-        return ECDH_ES_DIRECT_ALGO.equals(algo); 
-    }
-    public static boolean isAesGcm(String algo) {
-        return AES_GCM_CEK_SET.contains(algo);
-    }
-    public static boolean isAesCbcHmac(String algo) {
-        return ACBC_HS_SET.contains(algo); 
-    }
-    public static boolean isHmacSign(String algo) {
-        return HMAC_SIGN_SET.contains(algo); 
-    }
-    public static boolean isOctet(String algo) {
-        return isHmacSign(algo)
-            || isAesCbcHmac(algo)
-            || isAesGcm(algo)
-            || isAesGcmKeyWrap(algo)
-            || isAesKeyWrap(algo); 
-    }
-    public static boolean isRsaSign(String algo) {
-        return isRsaShaSign(algo) || isRsaShaPsSign(algo); 
-    }
-    public static boolean isRsaShaSign(String algo) {
-        return RSA_SHA_SIGN_SET.contains(algo); 
-    }
-    public static boolean isRsaShaPsSign(String algo) {
-        return RSA_SHA_PS_SIGN_SET.contains(algo); 
-    }
-    public static boolean isEcDsaSign(String algo) {
-        return EC_SHA_SIGN_SET.contains(algo); 
-    }
-    
-    public static String toJwaName(String javaName, int keyBitSize) {
-        //TODO: perhaps a key should be a name+keysize pair
-        String name = JAVA_TO_JWA_NAMES.get(javaName);
-        if (name == null && javaName.startsWith(AES)) {
-            name = "A" + keyBitSize + "GCM";
-        } 
-        return name;
-    }
-    public static String toJavaName(String jwtName) {    
-        return JWA_TO_JAVA_NAMES.get(jwtName);
-    }
-    public static String toJavaAlgoNameOnly(String jwtName) {    
-        return stripAlgoProperties(toJavaName(jwtName));
-    }
-    public static String stripAlgoProperties(String javaName) {    
-        if (javaName != null) {
-            int index = javaName.indexOf('/');
-            if (index != -1) {
-                javaName = javaName.substring(0, index);
-            }
-        }
-        return javaName;
-    }
-    
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java
deleted file mode 100644
index 1a8b9bc..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.jwa;
-
-
-
-
-public enum ContentAlgorithm {
-    A128GCM(AlgorithmUtils.A128GCM_ALGO, "AES/GCM/NoPadding", 128),
-    A192GCM(AlgorithmUtils.A192GCM_ALGO, "AES/GCM/NoPadding", 192),
-    A256GCM(AlgorithmUtils.A256GCM_ALGO, "AES/GCM/NoPadding", 256),
-    //TODO: default to "AES/CBC/PKCS5Padding" if Cipher "AES/CBC/PKCS7Padding" 
-    // can not be initialized, apparently Java 8 has decided to settle on PKCS5Padding only 
-    A128CBC_HS256(AlgorithmUtils.A128CBC_HS256_ALGO, "AES/CBC/PKCS7Padding", 128),
-    A192CBC_HS384(AlgorithmUtils.A192CBC_HS384_ALGO, "AES/CBC/PKCS7Padding", 192),
-    A256CBC_HS512(AlgorithmUtils.A256CBC_HS512_ALGO, "AES/CBC/PKCS7Padding", 256);
-    
-    private final String jwaName;
-    private final String javaName;
-    private final int keySizeBits;
-    
-    private ContentAlgorithm(String jwaName, String javaName, int keySizeBits) {
-        this.jwaName = jwaName;
-        this.javaName = javaName;
-        this.keySizeBits = keySizeBits;
-    }
-
-    public String getJwaName() {
-        return jwaName;
-    }
-
-    public String getJavaName() {
-        return javaName == null ? name() : javaName;
-    }
-    
-    public String getJavaAlgoName() {
-        return AlgorithmUtils.stripAlgoProperties(getJavaName());
-    }
-
-    public int getKeySizeBits() {
-        return keySizeBits;
-    }
-    
-    public static ContentAlgorithm getAlgorithm(String algo) {
-        if (algo == null) {
-            return null;
-        }
-        return ContentAlgorithm.valueOf(algo.replace('-', '_')
-                                        .replace('+', '_'));
-        
-    }
-    
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java
deleted file mode 100644
index 446f039..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.jwa;
-
-
-
-
-public enum KeyAlgorithm {
-    RSA_OAEP(AlgorithmUtils.RSA_OAEP_ALGO, "RSA/ECB/OAEPWithSHA-1AndMGF1Padding", -1),
-    RSA_OAEP_256(AlgorithmUtils.RSA_OAEP_256_ALGO, "RSA/ECB/OAEPWithSHA-256AndMGF1Padding", -1),
-    RSA1_5(AlgorithmUtils.RSA1_5_ALGO, "RSA/ECB/PKCS1Padding", -1),
-    A128KW(AlgorithmUtils.A128KW_ALGO, "AESWrap", 128),
-    A192KW(AlgorithmUtils.A192KW_ALGO, "AESWrap", 192),
-    A256KW(AlgorithmUtils.A256KW_ALGO, "AESWrap", 256),
-    A128GCMKW(AlgorithmUtils.A128GCMKW_ALGO, "AES/GCM/NoPadding", 128),
-    A192GCMKW(AlgorithmUtils.A192GCMKW_ALGO, "AES/GCM/NoPadding", 192),
-    A256GCMKW(AlgorithmUtils.A256GCMKW_ALGO, "AES/GCM/NoPadding", 256),
-    PBES2_HS256_A128KW(AlgorithmUtils.PBES2_HS256_A128KW_ALGO, "AESWrap", 128),
-    PBES2_HS384_A192KW(AlgorithmUtils.PBES2_HS384_A192KW_ALGO, "AESWrap", 192),
-    PBES2_HS512_A256KW(AlgorithmUtils.PBES2_HS512_A256KW_ALGO, "AESWrap", 256),
-    ECDH_ES_A128KW(AlgorithmUtils.ECDH_ES_A128KW_ALGO, "AESWrap", 128),
-    ECDH_ES_A192KW(AlgorithmUtils.ECDH_ES_A192KW_ALGO, "AESWrap", 192),
-    ECDH_ES_A256KW(AlgorithmUtils.ECDH_ES_A256KW_ALGO, "AESWrap", 256),
-    ECDH_ES_DIRECT(AlgorithmUtils.ECDH_ES_DIRECT_ALGO, null, -1);
-        
-    private final String jwaName;
-    private final String javaName;
-    private final int keySizeBits;
-    
-    private KeyAlgorithm(String jwaName, String javaName, int keySizeBits) {
-        this.jwaName = jwaName;
-        this.javaName = javaName;
-        this.keySizeBits = keySizeBits;
-    }
-
-    public String getJwaName() {
-        return jwaName;
-    }
-
-    public String getJavaName() {
-        return javaName == null ? name() : javaName;
-    }
-    
-    public String getJavaAlgoName() {
-        return AlgorithmUtils.stripAlgoProperties(getJavaName());
-    }
-
-    public int getKeySizeBits() {
-        return keySizeBits;
-    }
-    public static KeyAlgorithm getAlgorithm(String algo) {
-        if (algo == null) {
-            return null;
-        }
-        return KeyAlgorithm.valueOf(algo.replace('-', '_')
-                                    .replace('+', '_'));
-        
-    }
-    
-    
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
deleted file mode 100644
index 920e2fe..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
+++ /dev/null
@@ -1,92 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.jwa;
-
-
-
-
-public enum SignatureAlgorithm {
-    HS256(AlgorithmUtils.HMAC_SHA_256_ALGO, AlgorithmUtils.HMAC_SHA_256_JAVA, 256),
-    HS384(AlgorithmUtils.HMAC_SHA_384_ALGO, AlgorithmUtils.HMAC_SHA_384_JAVA, 384),
-    HS512(AlgorithmUtils.HMAC_SHA_512_ALGO, AlgorithmUtils.HMAC_SHA_512_JAVA, 512),
-    
-    RS256(AlgorithmUtils.RS_SHA_256_ALGO, AlgorithmUtils.RS_SHA_256_JAVA, 256),
-    RS384(AlgorithmUtils.RS_SHA_384_ALGO, AlgorithmUtils.RS_SHA_384_JAVA, 384),
-    RS512(AlgorithmUtils.RS_SHA_512_ALGO, AlgorithmUtils.RS_SHA_512_JAVA, 512),
-    
-    PS256(AlgorithmUtils.PS_SHA_256_ALGO, AlgorithmUtils.PS_SHA_256_JAVA, 256),
-    PS384(AlgorithmUtils.PS_SHA_384_ALGO, AlgorithmUtils.PS_SHA_384_JAVA, 384),
-    PS512(AlgorithmUtils.PS_SHA_512_ALGO, AlgorithmUtils.PS_SHA_512_JAVA, 512),
-    
-    ES256(AlgorithmUtils.ES_SHA_256_ALGO, AlgorithmUtils.ES_SHA_256_JAVA, 256),
-    ES384(AlgorithmUtils.ES_SHA_384_ALGO, AlgorithmUtils.ES_SHA_384_JAVA, 384),
-    ES512(AlgorithmUtils.ES_SHA_512_ALGO, AlgorithmUtils.ES_SHA_512_JAVA, 512),
-    
-    NONE(AlgorithmUtils.NONE_TEXT_ALGO, null, -1);
-    
-    
-    private final String jwaName;
-    private final String javaName;
-    private final int keySizeBits;
-    
-    private SignatureAlgorithm(String jwaName, String javaName, int keySizeBits) {
-        this.jwaName = jwaName;
-        this.javaName = javaName;
-        this.keySizeBits = keySizeBits;
-    }
-
-    public String getJwaName() {
-        return jwaName;
-    }
-
-    public String getJavaName() {
-        return javaName == null ? name() : javaName;
-    }
-    
-    public String getJavaAlgoName() {
-        return AlgorithmUtils.stripAlgoProperties(getJavaName());
-    }
-
-    public int getKeySizeBits() {
-        return keySizeBits;
-    }
-    
-    public static SignatureAlgorithm getAlgorithm(String algo) {
-        if (algo == null) {
-            return null;
-        }
-        if (AlgorithmUtils.NONE_TEXT_ALGO.equals(algo)) {
-            return NONE;
-        }
-        return SignatureAlgorithm.valueOf(algo.replace('-', '_')
-                                        .replace('+', '_'));
-        
-    }
-    
-    public static boolean isPublicKeyAlgorithm(SignatureAlgorithm sigAlgorithm) {
-        if (sigAlgorithm == null || sigAlgorithm.getJwaName() == null) {
-            return false;
-        }
-        
-        return sigAlgorithm.getJwaName().startsWith("RS") || sigAlgorithm.getJwaName().startsWith("PS")
-            || sigAlgorithm.getJwaName().startsWith("ES");
-    }
-    
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/532c52a7/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractContentEncryptionAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractContentEncryptionAlgorithm.java b/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractContentEncryptionAlgorithm.java
deleted file mode 100644
index 355a21b..0000000
--- a/rt/rs/security/jose/jose-core/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractContentEncryptionAlgorithm.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwe;
-
-import java.util.concurrent.atomic.AtomicInteger;
-
-import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-
-
-public abstract class AbstractContentEncryptionAlgorithm extends AbstractContentEncryptionCipherProperties
-    implements ContentEncryptionProvider {
-    private static final int DEFAULT_IV_SIZE = 128;
-    private byte[] cek;
-    private byte[] iv;
-    private AtomicInteger providedIvUsageCount;
-    
-    
-    protected AbstractContentEncryptionAlgorithm(byte[] cek, byte[] iv, ContentAlgorithm algo) { 
-        super(algo);
-        this.cek = cek;
-        this.iv = iv;
-        if (iv != null && iv.length > 0) {
-            providedIvUsageCount = new AtomicInteger();
-        }    
-    }
-    
-    public byte[] getContentEncryptionKey(JweHeaders headers) {
-        return cek;
-    }
-    public byte[] getInitVector() {
-        if (iv == null) {
-            return CryptoUtils.generateSecureRandomBytes(getIvSize() / 8);
-        } else if (iv.length > 0 && providedIvUsageCount.addAndGet(1) > 1) {
-            LOG.warning("Custom IV is recommeded to be used once");
-            throw new JweException(JweException.Error.CUSTOM_IV_REUSED);
-        } else {
-            return iv;
-        }
-    }
-    protected int getIvSize() { 
-        return DEFAULT_IV_SIZE;
-    }
-}


Mime
View raw message