cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [04/22] cxf git commit: Splitting current jose module into jose-core + jose-jaxrs
Date Tue, 13 Oct 2015 10:34:57 GMT
http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java
deleted file mode 100644
index 025cd21..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.security.PublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-
-public class EcDsaJwsSignatureVerifier extends PublicKeyJwsSignatureVerifier {
-    static final Map<String, Integer> SIGNATURE_LENGTH_MAP;
-    static {
-        SIGNATURE_LENGTH_MAP = new HashMap<String, Integer>();
-        SIGNATURE_LENGTH_MAP.put(SignatureAlgorithm.ES256.getJwaName(), 64);
-        SIGNATURE_LENGTH_MAP.put(SignatureAlgorithm.ES384.getJwaName(), 96);
-        SIGNATURE_LENGTH_MAP.put(SignatureAlgorithm.ES512.getJwaName(), 132);
-    }
-    public EcDsaJwsSignatureVerifier(PublicKey key, SignatureAlgorithm supportedAlgo) {
-        this(key, null, supportedAlgo);
-    }
-    public EcDsaJwsSignatureVerifier(PublicKey key, AlgorithmParameterSpec spec, SignatureAlgorithm supportedAlgo) {
-        super(key, spec, supportedAlgo);
-    }
-    @Override
-    public boolean verify(JwsHeaders headers, String unsignedText, byte[] signature) {
-        final String algoName = super.getAlgorithm().getJwaName();
-        if (SIGNATURE_LENGTH_MAP.get(algoName) != signature.length) {
-            LOG.warning("Algorithm " + algoName + " signature length is " + SIGNATURE_LENGTH_MAP.get(algoName) 
-                        + ", actual length is " + signature.length);
-            throw new JwsException(JwsException.Error.INVALID_SIGNATURE);
-        }
-        byte[] der = signatureToDer(signature);
-        return super.verify(headers, unsignedText, der);
-    }
-    @Override
-    protected boolean isValidAlgorithmFamily(String algo) {
-        return AlgorithmUtils.isEcDsaSign(algo);
-    }
-    private static byte[] signatureToDer(byte joseSig[]) {
-        int partLen = joseSig.length / 2;
-        int rOffset = joseSig[0] < 0 ? 1 : 0;
-        int sOffset = joseSig[partLen] < 0 ? 1 : 0;
-        int rPartLen = partLen + rOffset;
-        int sPartLen = partLen + sOffset;
-        int totalLenBytesCount = joseSig.length > 127 ? 2 : 1;
-        int rPartStart = 1 + totalLenBytesCount + 2;
-        byte[] der = new byte[rPartStart + 2 + rPartLen + sPartLen];
-        der[0] = 48;
-        if (totalLenBytesCount == 2) {
-            der[1] = -127;
-        }
-        der[totalLenBytesCount] = (byte)(der.length - (1 + totalLenBytesCount));
-        der[totalLenBytesCount + 1] = 2;
-        der[totalLenBytesCount + 2] = (byte)rPartLen;
-        int sPartStart = rPartStart + rPartLen;
-        der[sPartStart] = 2;
-        der[sPartStart + 1] = (byte)sPartLen;
-        System.arraycopy(joseSig, 0, der, rPartStart + rOffset, partLen);
-        System.arraycopy(joseSig, partLen, der, sPartStart + 2 + sOffset, partLen);
-        return der;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
deleted file mode 100644
index ce1db97..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.Mac;
-
-import org.apache.cxf.common.util.Base64Exception;
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rt.security.crypto.HmacUtils;
-
-public class HmacJwsSignatureProvider extends AbstractJwsSignatureProvider {
-    private byte[] key;
-    private AlgorithmParameterSpec hmacSpec;
-    
-    public HmacJwsSignatureProvider(byte[] key, SignatureAlgorithm algo) {
-        this(key, null, algo);
-    }
-    public HmacJwsSignatureProvider(byte[] key, AlgorithmParameterSpec spec, SignatureAlgorithm algo) {
-        super(algo);
-        this.key = key;
-        this.hmacSpec = spec;
-    }
-    public HmacJwsSignatureProvider(String encodedKey, SignatureAlgorithm algo) {
-        super(algo);
-        try {
-            this.key = Base64UrlUtility.decode(encodedKey);
-        } catch (Base64Exception ex) {
-            LOG.warning("Hmac key can not be decoded");
-            throw new JwsException(JwsException.Error.INVALID_KEY, ex);
-        }
-    }
-    
-    protected JwsSignature doCreateJwsSignature(JwsHeaders headers) {
-        final String sigAlgo = headers.getSignatureAlgorithm().getJwaName();
-        final Mac mac = HmacUtils.getInitializedMac(key, 
-                                                    AlgorithmUtils.toJavaName(sigAlgo),
-                                                    hmacSpec);
-        return new JwsSignature() {
-
-            @Override
-            public void update(byte[] src, int off, int len) {
-                mac.update(src, off, len);
-            }
-
-            @Override
-            public byte[] sign() {
-                return mac.doFinal();
-            }
-            
-        };
-    }
-    @Override
-    protected boolean isValidAlgorithmFamily(String algo) {
-        return AlgorithmUtils.isHmacSign(algo);
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
deleted file mode 100644
index 69643da..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.security.spec.AlgorithmParameterSpec;
-import java.util.Arrays;
-import java.util.logging.Logger;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rt.security.crypto.HmacUtils;
-
-public class HmacJwsSignatureVerifier implements JwsSignatureVerifier {
-    protected static final Logger LOG = LogUtils.getL7dLogger(HmacJwsSignatureVerifier.class);
-    private byte[] key;
-    private AlgorithmParameterSpec hmacSpec;
-    private SignatureAlgorithm supportedAlgo;
-    
-    public HmacJwsSignatureVerifier(String encodedKey) {
-        this(JoseUtils.decode(encodedKey), SignatureAlgorithm.HS256);
-    }
-    public HmacJwsSignatureVerifier(String encodedKey, SignatureAlgorithm supportedAlgo) {
-        this(JoseUtils.decode(encodedKey), supportedAlgo);
-    }
-    public HmacJwsSignatureVerifier(byte[] key, SignatureAlgorithm supportedAlgo) {
-        this(key, null, supportedAlgo);
-    }
-    public HmacJwsSignatureVerifier(byte[] key, AlgorithmParameterSpec spec, SignatureAlgorithm supportedAlgo) {
-        this.key = key;
-        this.hmacSpec = spec;
-        this.supportedAlgo = supportedAlgo;
-    }
-    
-    
-    @Override
-    public boolean verify(JwsHeaders headers, String unsignedText, byte[] signature) {
-        byte[] expected = computeMac(headers, unsignedText);
-        return Arrays.equals(expected, signature);
-    }
-    
-    private byte[] computeMac(JwsHeaders headers, String text) {
-        final String sigAlgo = checkAlgorithm(headers.getSignatureAlgorithm());
-        return HmacUtils.computeHmac(key, 
-                                     AlgorithmUtils.toJavaName(sigAlgo),
-                                     hmacSpec,
-                                     text);
-    }
-    
-    protected String checkAlgorithm(SignatureAlgorithm sigAlgo) {
-        
-        if (sigAlgo == null) {
-            LOG.warning("Signature algorithm is not set");
-            throw new JwsException(JwsException.Error.ALGORITHM_NOT_SET);
-        }
-        String algo = sigAlgo.getJwaName();
-        if (!AlgorithmUtils.isHmacSign(algo)
-            || !algo.equals(supportedAlgo.getJwaName())) {
-            LOG.warning("Invalid signature algorithm: " + algo);
-            throw new JwsException(JwsException.Error.INVALID_ALGORITHM);
-        }
-        return algo;
-    }
-    @Override
-    public SignatureAlgorithm getAlgorithm() {
-        return supportedAlgo;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
deleted file mode 100644
index 93f6d89..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
+++ /dev/null
@@ -1,149 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.security.PublicKey;
-import java.security.cert.X509Certificate;
-import java.util.logging.Logger;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-
-public class JwsCompactConsumer {
-    protected static final Logger LOG = LogUtils.getL7dLogger(JwsCompactConsumer.class);
-    private JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
-    private String encodedSequence;
-    private String encodedSignature;
-    private String headersJson;
-    private String jwsPayload;
-    private String decodedJwsPayload;
-    private JwsHeaders jwsHeaders;
-    private boolean detached;
-    public JwsCompactConsumer(String encodedJws) {
-        this(encodedJws, null, null);
-    }
-    public JwsCompactConsumer(String encodedJws, String detachedPayload) {
-        this(encodedJws, detachedPayload, null);
-    }
-    protected JwsCompactConsumer(String encodedJws, String detachedPayload, JsonMapObjectReaderWriter r) {
-        if (r != null) {
-            this.reader = r;
-        }
-        String[] parts = JoseUtils.getCompactParts(encodedJws);
-        if (parts.length != 3) {
-            if (parts.length == 2 && encodedJws.endsWith(".")) {
-                encodedSignature = "";
-            } else {
-                LOG.warning("Compact JWS does not have 3 parts");
-                throw new JwsException(JwsException.Error.INVALID_COMPACT_JWS);
-            }
-        } else {
-            encodedSignature = parts[2];
-        }
-        jwsPayload = parts[1];
-        if (detachedPayload != null) {
-            if (!StringUtils.isEmpty(jwsPayload)) {
-                LOG.warning("Compact JWS includes a payload expected to be detached");
-                throw new JwsException(JwsException.Error.INVALID_COMPACT_JWS);
-            }
-            detached = true;
-            jwsPayload = detachedPayload;
-        }
-        encodedSequence = parts[0] + "." + jwsPayload;
-        headersJson = JoseUtils.decodeToString(parts[0]);
-    }
-    public String getUnsignedEncodedSequence() {
-        return encodedSequence;
-    }
-    public String getEncodedSignature() {
-        return encodedSignature;
-    }
-    public String getDecodedJsonHeaders() {
-        return headersJson;
-    }
-    public String getDecodedJwsPayload() {
-        if (decodedJwsPayload == null) {
-            if (JwsUtils.isPayloadUnencoded(jwsHeaders)) {
-                decodedJwsPayload = jwsPayload;
-            } else {
-                decodedJwsPayload = JoseUtils.decodeToString(jwsPayload);
-            }
-        }
-        return decodedJwsPayload;
-    }
-    public byte[] getDecodedJwsPayloadBytes() {
-        return StringUtils.toBytesUTF8(getDecodedJwsPayload());
-    }
-    public byte[] getDecodedSignature() {
-        return encodedSignature.isEmpty() ? new byte[]{} : JoseUtils.decode(encodedSignature);
-    }
-    public JwsHeaders getJwsHeaders() {
-        if (jwsHeaders == null) {
-            JsonMapObject joseHeaders = reader.fromJsonToJsonObject(headersJson);
-            if (joseHeaders.getUpdateCount() != null) {
-                LOG.warning("Duplicate headers have been detected");
-                throw new JwsException(JwsException.Error.INVALID_COMPACT_JWS);
-            }
-            jwsHeaders = new JwsHeaders(joseHeaders.asMap());
-            if (JwsUtils.isPayloadUnencoded(jwsHeaders) && !detached) {
-                LOG.warning("Only detached payload can be unencoded");
-                throw new JwsException(JwsException.Error.INVALID_COMPACT_JWS);
-            }
-        }
-        return jwsHeaders;
-    }
-    public boolean verifySignatureWith(JwsSignatureVerifier validator) {
-        try {
-            if (validator.verify(getJwsHeaders(), getUnsignedEncodedSequence(), getDecodedSignature())) {
-                return true;
-            }
-        } catch (JwsException ex) {
-            // ignore
-        }
-        LOG.warning("Invalid Signature");
-        return false;
-    }
-    public boolean verifySignatureWith(JsonWebKey key) {
-        return verifySignatureWith(JwsUtils.getSignatureVerifier(key));
-    }
-    public boolean verifySignatureWith(JsonWebKey key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getSignatureVerifier(key, algo));
-    }
-    public boolean verifySignatureWith(X509Certificate cert, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getPublicKeySignatureVerifier(cert, algo));
-    }
-    public boolean verifySignatureWith(PublicKey key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getPublicKeySignatureVerifier(key, algo));
-    }
-    public boolean verifySignatureWith(byte[] key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getHmacSignatureVerifier(key, algo));
-    }
-    public boolean validateCriticalHeaders() {
-        return JwsUtils.validateCriticalHeaders(getJwsHeaders());
-    }
-    protected JsonMapObjectReaderWriter getReader() {
-        return reader;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
deleted file mode 100644
index 9795c10..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.security.PrivateKey;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-
-public class JwsCompactProducer {
-    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
-    private JwsHeaders headers;
-    private String plainJwsPayload;
-    private String signature;
-    private boolean detached;
-    public JwsCompactProducer(String plainJwsPayload) {
-        this(plainJwsPayload, false);
-    }
-    public JwsCompactProducer(String plainJwsPayload, boolean detached) {
-        this(null, null, plainJwsPayload, detached);
-    }
-    public JwsCompactProducer(JwsHeaders headers, String plainJwsPayload) {
-        this(headers, plainJwsPayload, false);
-    }
-    public JwsCompactProducer(JwsHeaders headers, String plainJwsPayload, boolean detached) {
-        this(headers, null, plainJwsPayload, detached);
-    }
-    protected JwsCompactProducer(JwsHeaders headers, JsonMapObjectReaderWriter w, String plainJwsPayload) {
-        this(headers, w, plainJwsPayload, false);
-    }    
-    protected JwsCompactProducer(JwsHeaders headers, JsonMapObjectReaderWriter w, String plainJwsPayload, 
-                                 boolean detached) {    
-        this.headers = headers;
-        if (w != null) {
-            this.writer = w;
-        }
-        this.plainJwsPayload = plainJwsPayload;
-        this.detached = detached;
-    }
-    public JwsHeaders getJwsHeaders() {
-        if (headers == null) {
-            headers = new JwsHeaders();
-        }
-        return headers;
-    }
-    public String getUnsignedEncodedJws() {
-        checkAlgorithm();
-        return Base64UrlUtility.encode(writer.toJson(getJwsHeaders())) 
-               + "." 
-               + (detached ? "" : Base64UrlUtility.encode(plainJwsPayload));
-    }
-    private String getSigningInput() {
-        checkAlgorithm();
-        boolean unencoded = JwsUtils.isPayloadUnencoded(getJwsHeaders());
-        if (unencoded && !detached) {
-            throw new JwsException(JwsException.Error.INVALID_COMPACT_JWS);
-        }
-        return Base64UrlUtility.encode(writer.toJson(getJwsHeaders())) 
-               + "." 
-               + (unencoded ? plainJwsPayload : Base64UrlUtility.encode(plainJwsPayload));
-    }
-    public String getEncodedSignature() {
-        return signature;
-    }
-    public String getSignedEncodedJws() {
-        checkAlgorithm();
-        boolean noSignature = StringUtils.isEmpty(signature);
-        if (noSignature && !isPlainText()) {
-            throw new IllegalStateException("Signature is not available");
-        }
-        return getUnsignedEncodedJws() + "." + (noSignature ? "" : signature);
-    }
-    public String signWith(JsonWebKey jwk) {
-        return signWith(JwsUtils.getSignatureProvider(jwk, 
-                        headers.getSignatureAlgorithm()));
-    }
-    
-    public String signWith(PrivateKey key) {
-        return signWith(JwsUtils.getPrivateKeySignatureProvider(key, 
-                                   headers.getSignatureAlgorithm()));
-    }
-    public String signWith(byte[] key) {
-        return signWith(JwsUtils.getHmacSignatureProvider(key, 
-                   headers.getSignatureAlgorithm()));
-    }
-    
-    public String signWith(JwsSignatureProvider signer) {
-        byte[] bytes = StringUtils.toBytesUTF8(getSigningInput());
-        byte[] sig = signer.sign(getJwsHeaders(), bytes);
-        return setSignatureBytes(sig);
-    }
-    
-    public String setSignatureText(String signatureText) {
-        setEncodedSignature(Base64UrlUtility.encode(signatureText));
-        return getSignedEncodedJws();
-    }
-    
-    public String setSignatureBytes(byte[] signatureOctets) {
-        setEncodedSignature(Base64UrlUtility.encode(signatureOctets));
-        return getSignedEncodedJws();
-    }
-    
-    private void setEncodedSignature(String sig) {
-        this.signature = sig;
-    }
-    private boolean isPlainText() {
-        return SignatureAlgorithm.NONE == getAlgorithm();
-    }
-    private SignatureAlgorithm getAlgorithm() {
-        return getJwsHeaders().getSignatureAlgorithm();
-    }
-    private void checkAlgorithm() {
-        if (getAlgorithm() == null) {
-            throw new JwsException(JwsException.Error.INVALID_ALGORITHM);
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsException.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsException.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsException.java
deleted file mode 100644
index 2832452..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsException.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import org.apache.cxf.rs.security.jose.JoseException;
-
-public class JwsException extends JoseException {
-
-    private static final long serialVersionUID = 4118589816228511524L;
-    private Error status;
-    public JwsException(Error status) {
-        this(status, null);
-    }
-    public JwsException(Error status, Throwable cause) {
-        super(cause);
-        this.status = status;
-    }
-    public Error getError() {
-        return status;
-    }
-    public enum Error {
-        NO_PROVIDER,
-        NO_VERIFIER,
-        NO_INIT_PROPERTIES,
-        ALGORITHM_NOT_SET,
-        INVALID_ALGORITHM,
-        INVALID_KEY,
-        SIGNATURE_FAILURE,
-        INVALID_SIGNATURE,
-        INVALID_COMPACT_JWS,
-        INVALID_JSON_JWS
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
deleted file mode 100644
index c883a9c..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.util.Map;
-
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseType;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-
-public class JwsHeaders extends JoseHeaders {
-    public JwsHeaders() {
-    }
-    public JwsHeaders(JoseType type) {
-        super(type);
-    }
-    public JwsHeaders(JoseHeaders headers) {
-        super(headers.asMap());
-    }
-    
-    public JwsHeaders(Map<String, Object> values) {
-        super(values);
-    }
-    public JwsHeaders(SignatureAlgorithm sigAlgo) {
-        init(sigAlgo);
-    }
-    public JwsHeaders(JoseType type, SignatureAlgorithm sigAlgo) {
-        super(type);
-        init(sigAlgo);
-    }
-    private void init(SignatureAlgorithm sigAlgo) {
-        setSignatureAlgorithm(sigAlgo);
-    }
-    
-    public void setSignatureAlgorithm(SignatureAlgorithm algo) {
-        super.setAlgorithm(algo.getJwaName());
-    }
-    
-    public SignatureAlgorithm getSignatureAlgorithm() {
-        String algo = super.getAlgorithm();
-        return algo == null ? null : SignatureAlgorithm.getAlgorithm(algo);
-    }
-    public void setPayloadEncodingStatus(Boolean status) {
-        super.setProperty(JoseConstants.JWS_HEADER_B64_STATUS_HEADER, status);
-    }
-    public Boolean getPayloadEncodingStatus() {
-        return super.getBooleanProperty(JoseConstants.JWS_HEADER_B64_STATUS_HEADER);
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
deleted file mode 100644
index f03e0e5..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
+++ /dev/null
@@ -1,191 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.security.PublicKey;
-import java.util.Collections;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.logging.Logger;
-
-import javax.ws.rs.core.MultivaluedMap;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-
-public class JwsJsonConsumer {
-    protected static final Logger LOG = LogUtils.getL7dLogger(JwsJsonConsumer.class);
-    private String jwsSignedDocument;
-    private String jwsPayload;
-    private List<JwsJsonSignatureEntry> signatures = new LinkedList<JwsJsonSignatureEntry>();
-    /**
-     * @param jwsSignedDocument
-     *            signed JWS Document
-     */
-    public JwsJsonConsumer(String jwsSignedDocument) {
-        this(jwsSignedDocument, null);
-    }
-    public JwsJsonConsumer(String jwsSignedDocument, String detachedPayload) {
-        this.jwsSignedDocument = jwsSignedDocument;
-        prepare(detachedPayload);
-    }
-
-    private void prepare(String detachedPayload) {
-        JsonMapObject jsonObject = new JsonMapObject();
-        new JsonMapObjectReaderWriter().fromJson(jsonObject, jwsSignedDocument);
-        
-        Map<String, Object> jsonObjectMap = jsonObject.asMap(); 
-        jwsPayload = (String)jsonObjectMap.get("payload");
-        if (jwsPayload == null) {
-            jwsPayload = detachedPayload;
-        } else if (detachedPayload != null) {
-            LOG.warning("JSON JWS includes a payload expected to be detached");
-            throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-        }
-        if (jwsPayload == null) {
-            LOG.warning("JSON JWS has no payload");
-            throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-        }
-        List<Map<String, Object>> signatureArray = CastUtils.cast((List<?>)jsonObjectMap.get("signatures"));
-        if (signatureArray != null) {
-            if (jsonObjectMap.containsKey("signature")) {
-                LOG.warning("JSON JWS has a flattened 'signature' element and a 'signatures' object");
-                throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-            }
-            for (Map<String, Object> signatureEntry : signatureArray) {
-                this.signatures.add(getSignatureObject(signatureEntry));
-            }
-        } else {
-            this.signatures.add(getSignatureObject(jsonObjectMap));
-        }
-        if (signatures.isEmpty()) {
-            LOG.warning("JSON JWS has no signatures");
-            throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-        }
-        validateB64Status();
-        
-        
-    }
-    private Boolean validateB64Status() {
-        return JwsJsonProducer.validateB64Status(signatures);    
-    }
-    protected JwsJsonSignatureEntry getSignatureObject(Map<String, Object> signatureEntry) {
-        String protectedHeader = (String)signatureEntry.get("protected");
-        Map<String, Object> header = CastUtils.cast((Map<?, ?>)signatureEntry.get("header"));
-        String signature = (String)signatureEntry.get("signature");
-        return 
-            new JwsJsonSignatureEntry(jwsPayload, 
-                                      protectedHeader, 
-                                      signature, 
-                                      header != null ? new JwsHeaders(header) : null);
-    }
-    public String getSignedDocument() {
-        return this.jwsSignedDocument;
-    }
-    public String getJwsPayload() {
-        return this.jwsPayload;
-    }
-    public String getDecodedJwsPayload() {
-        if (validateB64Status()) {
-            return JoseUtils.decodeToString(jwsPayload);
-        } else {
-            return jwsPayload;
-        }
-    }
-    public byte[] getDecodedJwsPayloadBytes() {
-        return StringUtils.toBytesUTF8(getDecodedJwsPayload());
-    }
-    public List<JwsJsonSignatureEntry> getSignatureEntries() {
-        return Collections.unmodifiableList(signatures);
-    }
-    public MultivaluedMap<SignatureAlgorithm, JwsJsonSignatureEntry> getSignatureEntryMap() {
-        return JwsUtils.getJwsJsonSignatureMap(signatures);
-    }
-    public boolean verifySignatureWith(JwsSignatureVerifier validator) {
-        List<JwsJsonSignatureEntry> theSignatureEntries = 
-            getSignatureEntryMap().get(validator.getAlgorithm());
-        if (theSignatureEntries != null) {
-            for (JwsJsonSignatureEntry signatureEntry : theSignatureEntries) {
-                if (signatureEntry.verifySignatureWith(validator)) {
-                    return true;
-                }
-            }
-        }
-        return false;
-    }
-    public boolean verifySignatureWith(PublicKey key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getPublicKeySignatureVerifier(key, algo));
-    }
-    public boolean verifySignatureWith(byte[] key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getHmacSignatureVerifier(key, algo));
-    }
-    public boolean verifySignatureWith(List<JwsSignatureVerifier> validators) {
-        try {
-            if (verifyAndGetNonValidated(validators).isEmpty()) {
-                return true;
-            }
-        } catch (JwsException ex) {
-            // ignore
-        }
-        LOG.warning("One of JSON JWS signatures is invalid");
-        return false;
-    }
-    public List<JwsJsonSignatureEntry> verifyAndGetNonValidated(List<JwsSignatureVerifier> validators) {
-        // TODO: more effective approach is needed
-        List<JwsJsonSignatureEntry> validatedSignatures = new LinkedList<JwsJsonSignatureEntry>();
-        for (JwsSignatureVerifier validator : validators) {
-            List<JwsJsonSignatureEntry> theSignatureEntries = 
-                getSignatureEntryMap().get(validator.getAlgorithm());
-            if (theSignatureEntries != null) {
-                for (JwsJsonSignatureEntry sigEntry : theSignatureEntries) {
-                    if (sigEntry.verifySignatureWith(validator)) {     
-                        validatedSignatures.add(sigEntry);
-                        break;
-                    }
-                }
-            }
-        }
-        List<JwsJsonSignatureEntry> nonValidatedSignatures = new LinkedList<JwsJsonSignatureEntry>();
-        for (JwsJsonSignatureEntry sigEntry : signatures) {
-            if (!validatedSignatures.contains(sigEntry)) {        
-                nonValidatedSignatures.add(sigEntry);
-            }
-        }
-        return nonValidatedSignatures;
-    }
-    
-    public boolean verifySignatureWith(JsonWebKey key) {
-        return verifySignatureWith(JwsUtils.getSignatureVerifier(key));
-    }
-    public boolean verifySignatureWith(JsonWebKey key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getSignatureVerifier(key, algo));
-    }
-    public JwsJsonProducer toProducer() {
-        JwsJsonProducer p = new JwsJsonProducer(getDecodedJwsPayload());
-        p.getSignatureEntries().addAll(signatures);
-        return p;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonOutputStream.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonOutputStream.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonOutputStream.java
deleted file mode 100644
index 7fe6059..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonOutputStream.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.nio.ByteBuffer;
-import java.util.List;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.TimeUnit;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.StringUtils;
-
-public class JwsJsonOutputStream extends FilterOutputStream {
-    private boolean flushed;
-    private List<String> protectedHeaders;
-    private List<JwsSignature> signatures;
-    private ExecutorService executor;
-    public JwsJsonOutputStream(OutputStream out, 
-                               List<String> protectedHeaders,
-                               List<JwsSignature> signatures) {
-        super(out);
-        this.protectedHeaders = protectedHeaders;
-        this.signatures = signatures;
-        // This can be further optimized by having a dedicated thread per signature,
-        // can make a difference if a number of signatures to be created is > 2
-        this.executor = Executors.newSingleThreadExecutor();
-    }
-
-    @Override
-    public void write(int value) throws IOException {
-        byte[] bytes = ByteBuffer.allocate(Integer.SIZE / 8).putInt(value).array();
-        write(bytes, 0, bytes.length);
-    }
-    
-    @Override
-    public void write(final byte b[], final int off, final int len) throws IOException {
-        //TODO: Review if it is at least theoretically possible that a given b[] region
-        // can be modified in a subsequent write which might affect the signature calculation  
-        executor.execute(new Runnable() {
-            public void run() {
-                for (JwsSignature signature : signatures) {
-                    signature.update(b, off, len);
-                }
-            }
-        });
-        out.write(b, off, len);
-        out.flush();
-    }
-    @Override
-    public void flush() throws IOException {
-        if (flushed) {
-            return;
-        }
-        out.write(StringUtils.toBytesUTF8("\",\"signatures\":["));
-        shutdownExecutor();
-        for (int i = 0; i < signatures.size(); i++) {
-            if (i > 0) {
-                out.write(new byte[]{','});
-            }
-            out.write(StringUtils.toBytesUTF8("{\"protected\":\"" 
-                                             + protectedHeaders.get(i) 
-                                             + "\",\"signature\":\""));
-            byte[] sign = signatures.get(i).sign();
-            Base64UrlUtility.encodeAndStream(sign, 0, sign.length, out);
-            out.write(StringUtils.toBytesUTF8("\"}"));
-        }
-        out.write(StringUtils.toBytesUTF8("]}"));
-        flushed = true;
-    }
-    private void shutdownExecutor() {
-        executor.shutdown();
-        while (!executor.isTerminated()) {
-            try {
-                executor.awaitTermination(1, TimeUnit.MILLISECONDS);
-            } catch (InterruptedException ex) {
-                throw new RuntimeException(ex);
-            }
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
deleted file mode 100644
index acb6475..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
+++ /dev/null
@@ -1,210 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.security.PrivateKey;
-import java.util.Collections;
-import java.util.LinkedHashSet;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Set;
-import java.util.logging.Logger;
-
-import javax.ws.rs.core.MultivaluedMap;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-public class JwsJsonProducer {
-    protected static final Logger LOG = LogUtils.getL7dLogger(JwsJsonProducer.class);
-    private boolean supportFlattened;
-    private String plainPayload;
-    private String encodedPayload;
-    private List<JwsJsonSignatureEntry> signatures = new LinkedList<JwsJsonSignatureEntry>();
-    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
-    public JwsJsonProducer(String tbsDocument) {
-        this(tbsDocument, false);
-    }
-    public JwsJsonProducer(String tbsDocument, boolean supportFlattened) {
-        this.supportFlattened = supportFlattened;
-        this.plainPayload = tbsDocument;
-    }
-    
-    public String getPlainPayload() {
-        return plainPayload;
-    }
-    public String getUnsignedEncodedPayload() {
-        if (encodedPayload == null) { 
-            encodedPayload = Base64UrlUtility.encode(getPlainPayload());
-        }
-        return encodedPayload;
-    }
-    public String getJwsJsonSignedDocument() {
-        return getJwsJsonSignedDocument(false);
-    }
-    public String getJwsJsonSignedDocument(boolean detached) {
-        if (signatures.isEmpty()) { 
-            return null;
-        }
-        
-        Boolean b64Status = validateB64Status(signatures);
-        StringBuilder sb = new StringBuilder();
-        sb.append("{");
-        if (!detached) {
-            sb.append("\"payload\":\"" + getActualPayload(b64Status) + "\"");
-            sb.append(",");
-        }
-        if (!supportFlattened || signatures.size() > 1) {
-            sb.append("\"signatures\":[");
-            for (int i = 0; i < signatures.size(); i++) {
-                JwsJsonSignatureEntry signature = signatures.get(i);
-                if (i > 0) {
-                    sb.append(",");
-                }
-                sb.append(signature.toJson());
-            }
-            sb.append("]");
-        } else {
-            sb.append(signatures.get(0).toJson(true));
-        }
-        sb.append("}");
-        return sb.toString();
-    }
-    public List<JwsJsonSignatureEntry> getSignatureEntries() {
-        return signatures;
-    }
-    
-    public MultivaluedMap<SignatureAlgorithm, JwsJsonSignatureEntry> getSignatureEntryMap() {
-        return JwsUtils.getJwsJsonSignatureMap(signatures);
-    }
-    public String signWith(List<JwsSignatureProvider> signers) {
-        for (JwsSignatureProvider signer : signers) {
-            signWith(signer);    
-        }
-        return getJwsJsonSignedDocument(); 
-    }
-    public String signWith(JwsSignatureProvider signer) {
-        JwsHeaders headers = new JwsHeaders();
-        headers.setSignatureAlgorithm(signer.getAlgorithm());
-        return signWith(signer, headers);
-    }
-    public String signWith(JwsSignatureProvider signer, 
-                           JwsHeaders protectedHeader) {
-        return signWith(signer, protectedHeader, null);
-    }
-    public String signWith(JsonWebKey jwk) {
-        return signWith(JwsUtils.getSignatureProvider(jwk));
-    }
-    public String signWith(PrivateKey key, SignatureAlgorithm algo) {
-        return signWith(JwsUtils.getPrivateKeySignatureProvider(key, algo));
-    }
-    public String signWith(byte[] key, SignatureAlgorithm algo) {
-        return signWith(JwsUtils.getHmacSignatureProvider(key, algo));
-    }
-    public String signWith(JwsSignatureProvider signer,
-                           JwsHeaders protectedHeader,
-                           JwsHeaders unprotectedHeader) {
-        JwsHeaders unionHeaders = new JwsHeaders();
-         
-        if (protectedHeader != null) {
-            unionHeaders.asMap().putAll(protectedHeader.asMap());
-        }
-        if (unprotectedHeader != null) {
-            checkUnprotectedHeaders(unprotectedHeader, 
-                                    JoseConstants.HEADER_CRITICAL,
-                                    JoseConstants.JWS_HEADER_B64_STATUS_HEADER);
-            if (!Collections.disjoint(unionHeaders.asMap().keySet(), 
-                                     unprotectedHeader.asMap().keySet())) {
-                LOG.warning("Protected and unprotected headers have duplicate values");
-                throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-            }
-            unionHeaders.asMap().putAll(unprotectedHeader.asMap());
-        }
-        if (unionHeaders.getSignatureAlgorithm() == null) {
-            LOG.warning("Algorithm header is not set");
-            throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-        }
-        String sequenceToBeSigned;
-        String actualPayload = protectedHeader != null 
-            ? getActualPayload(protectedHeader.getPayloadEncodingStatus()) 
-            : getUnsignedEncodedPayload();
-        if (protectedHeader != null) {
-            sequenceToBeSigned = Base64UrlUtility.encode(writer.toJson(protectedHeader))
-                    + "." + actualPayload;
-        } else {
-            sequenceToBeSigned = "." + getUnsignedEncodedPayload();
-        }
-        byte[] bytesToBeSigned = StringUtils.toBytesUTF8(sequenceToBeSigned);
-        
-        byte[] signatureBytes = signer.sign(unionHeaders, bytesToBeSigned);
-        
-        String encodedSignatureBytes = Base64UrlUtility.encode(signatureBytes);
-        JwsJsonSignatureEntry signature;
-        if (protectedHeader != null) {
-            signature = new JwsJsonSignatureEntry(actualPayload,
-                    Base64UrlUtility.encode(writer.toJson(protectedHeader)),
-                    encodedSignatureBytes,
-                    unprotectedHeader);
-        } else {
-            signature = new JwsJsonSignatureEntry(getUnsignedEncodedPayload(),
-                    null,
-                    encodedSignatureBytes,
-                    unprotectedHeader);
-        }
-        return updateJwsJsonSignedDocument(signature);
-    }
-    private String getActualPayload(Boolean payloadEncodingStatus) {
-        return Boolean.FALSE == payloadEncodingStatus 
-            ? getPlainPayload() : this.getUnsignedEncodedPayload();
-    }
-    private String updateJwsJsonSignedDocument(JwsJsonSignatureEntry signature) {
-        signatures.add(signature);
-        return getJwsJsonSignedDocument();
-    }
-    private static void checkUnprotectedHeaders(JoseHeaders unprotected, String... headerNames) {
-        for (String headerName : headerNames) {
-            if (unprotected.containsHeader(headerName)) {
-                LOG.warning("Unprotected headers contain a header \"" 
-                    + headerName + "\" which must be protected");
-                throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-            }
-        }
-    }
-    static Boolean validateB64Status(List<JwsJsonSignatureEntry> signatures) {
-        Set<Boolean> b64Set = new LinkedHashSet<Boolean>();
-        for (JwsJsonSignatureEntry entry : signatures) {
-            JwsHeaders headers = entry.getProtectedHeader();
-            Boolean status = headers != null ? headers.getPayloadEncodingStatus() : null;
-            if (status == null) {
-                status = Boolean.TRUE;
-            }
-            b64Set.add(status);
-        }
-        if (b64Set.size() > 1) {
-            LOG.warning("Each signature entry can sign only encoded or only unencoded payload");
-            throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-        }
-        return b64Set.iterator().next();
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
deleted file mode 100644
index dd2e590..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
+++ /dev/null
@@ -1,163 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.util.Collections;
-import java.util.logging.Logger;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-
-
-public class JwsJsonSignatureEntry {
-    protected static final Logger LOG = LogUtils.getL7dLogger(JwsJsonSignatureEntry.class);
-    private String jwsPayload;
-    private String encodedProtectedHeader;
-    private String encodedSignature;
-    private JwsHeaders protectedHeader;
-    private JwsHeaders unprotectedHeader;
-    private JwsHeaders unionHeaders;
-    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
-      
-    public JwsJsonSignatureEntry(String jwsPayload,
-                                 String encodedProtectedHeader,
-                                 String encodedSignature,
-                                 JwsHeaders unprotectedHeader) {
-        if (encodedProtectedHeader == null && unprotectedHeader == null || encodedSignature == null) {
-            LOG.warning("Invalid Signature entry");
-            throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-        }
-        
-        this.jwsPayload = jwsPayload;
-        this.encodedProtectedHeader = encodedProtectedHeader;
-        this.encodedSignature = encodedSignature;
-        this.unprotectedHeader = unprotectedHeader;
-        if (encodedProtectedHeader != null) {
-            this.protectedHeader = new JwsHeaders(writer.fromJson(JoseUtils.decodeToString(encodedProtectedHeader)));
-        }
-        prepare();
-    }
-    private void prepare() {
-        unionHeaders = new JwsHeaders();
-        
-        if (protectedHeader != null) {
-            unionHeaders.asMap().putAll(protectedHeader.asMap());
-        }
-        if (unprotectedHeader != null) {
-            if (!Collections.disjoint(unionHeaders.asMap().keySet(), 
-                                     unprotectedHeader.asMap().keySet())) {
-                LOG.warning("Protected and unprotected headers have duplicate values");
-                throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
-            }
-            unionHeaders.asMap().putAll(unprotectedHeader.asMap());
-        }
-    }
-    public String getJwsPayload() {
-        return jwsPayload;
-    }
-    public String getDecodedJwsPayload() {
-        if (protectedHeader == null || !JwsUtils.isPayloadUnencoded(protectedHeader)) {
-            return JoseUtils.decodeToString(jwsPayload);
-        } else {
-            return jwsPayload;
-        }
-    }
-    public byte[] getDecodedJwsPayloadBytes() {
-        return StringUtils.toBytesUTF8(getDecodedJwsPayload());
-    }
-    public String getEncodedProtectedHeader() {
-        return encodedProtectedHeader;
-    }
-    public JwsHeaders getProtectedHeader() {
-        return protectedHeader;
-    }
-    public JwsHeaders getUnprotectedHeader() {
-        return unprotectedHeader;
-    }
-    public JwsHeaders getUnionHeader() {
-        return unionHeaders;
-    }
-    public String getEncodedSignature() {
-        return encodedSignature;
-    }
-    public byte[] getDecodedSignature() {
-        return JoseUtils.decode(getEncodedSignature());
-    }
-    public String getUnsignedSequence() {
-        if (getEncodedProtectedHeader() != null) {
-            return getEncodedProtectedHeader() + "." + getJwsPayload();
-        } else {
-            return "." + getJwsPayload();
-        }
-    }
-    public String getKeyId() {
-        return getUnionHeader().getKeyId();
-    }
-    public boolean verifySignatureWith(JwsSignatureVerifier validator) {
-        try {
-            if (validator.verify(getUnionHeader(),
-                                 getUnsignedSequence(),
-                                 getDecodedSignature())) {
-                return true;
-            }
-        } catch (JwsException ex) {
-            // ignore
-        }
-        LOG.warning("Invalid Signature Entry");
-        return false;
-    }
-    public boolean verifySignatureWith(JsonWebKey key) {
-        return verifySignatureWith(JwsUtils.getSignatureVerifier(key));
-    }
-    public boolean validateCriticalHeaders() {
-        if (this.getUnprotectedHeader().getHeader(JoseConstants.HEADER_CRITICAL) != null) {
-            return false;
-        }
-        return JwsUtils.validateCriticalHeaders(getUnionHeader());
-    }
-    public String toJson() {
-        return toJson(false);
-    }
-    public String toJson(boolean flattenedMode) {
-        StringBuilder sb = new StringBuilder();
-        if (!flattenedMode) {
-            sb.append("{");
-        }
-        if (protectedHeader != null) {
-            sb.append("\"protected\":\"" + Base64UrlUtility.encode(writer.toJson(protectedHeader)) + "\"");
-        }
-        if (unprotectedHeader != null) {
-            if (protectedHeader != null) {
-                sb.append(",");
-            }
-            sb.append("\"header\":" + writer.toJson(unprotectedHeader));
-        }
-        sb.append(",");
-        sb.append("\"signature\":\"" + encodedSignature + "\"");
-        if (!flattenedMode) {
-            sb.append("}");
-        }
-        return sb.toString();
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java
deleted file mode 100644
index e2bcfa8..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
-
-public class JwsJwtCompactConsumer extends JwsCompactConsumer {
-    private JwtToken token;
-    public JwsJwtCompactConsumer(String encodedJws) {
-        super(encodedJws, null, new JwtTokenReaderWriter());
-    }
-    public JwtClaims getJwtClaims() {
-        return getJwtToken().getClaims();
-    }
-    public JwtToken getJwtToken() {
-        if (token == null) {
-            JwsHeaders theHeaders = super.getJwsHeaders();
-            JwtClaims theClaims = 
-                ((JwtTokenReaderWriter)getReader()).fromJsonClaims(getDecodedJwsPayload());
-            token = new JwtToken(theHeaders, theClaims);
-        }
-        return token;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
deleted file mode 100644
index aaaa004..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
-import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
-
-
-public class JwsJwtCompactProducer extends JwsCompactProducer {
-    
-    public JwsJwtCompactProducer(JwtToken token) {
-        this(token, null);
-    }
-    public JwsJwtCompactProducer(JwtClaims claims) {
-        this(new JwtToken(null, claims), null);
-    }
-    public JwsJwtCompactProducer(JoseHeaders headers, JwtClaims claims) {
-        this(new JwtToken(headers, claims), null);
-    }
-    protected JwsJwtCompactProducer(JwtToken token, JwtTokenReaderWriter w) {
-        super(new JwsHeaders(token.getHeaders()), w, 
-              JwtUtils.claimsToJson(token.getClaims(), w));
-    }
-    
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsOutputStream.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsOutputStream.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsOutputStream.java
deleted file mode 100644
index 53b592f..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsOutputStream.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.nio.ByteBuffer;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-
-public class JwsOutputStream extends FilterOutputStream {
-    private boolean flushed;
-    private JwsSignature signature;
-    public JwsOutputStream(OutputStream out, JwsSignature signature) {
-        super(out);
-        this.signature = signature;
-    }
-
-    @Override
-    public void write(int value) throws IOException {
-        byte[] bytes = ByteBuffer.allocate(Integer.SIZE / 8).putInt(value).array();
-        write(bytes, 0, bytes.length);
-    }
-    
-    @Override
-    public void write(byte b[], int off, int len) throws IOException {
-        signature.update(b, off, len);
-        out.write(b, off, len);
-        out.flush();
-    }
-    @Override
-    public void flush() throws IOException {
-        if (flushed) {
-            return;
-        }
-        byte[] finalBytes = signature.sign();
-        out.write(new byte[]{'.'});
-        Base64UrlUtility.encodeAndStream(finalBytes, 0, finalBytes.length, out);
-        flushed = true;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignature.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignature.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignature.java
deleted file mode 100644
index 778b5cb..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignature.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-
-public interface JwsSignature {
-    void update(byte[] src, int off, int len);
-    byte[] sign();
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
deleted file mode 100644
index 00f0c2a..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-
-
-public interface JwsSignatureProvider {
-    SignatureAlgorithm getAlgorithm();
-    byte[] sign(JwsHeaders headers, byte[] content);
-    /**
-     * Create a signature handler capable of updating the signature input (optional operation)
-     */
-    JwsSignature createJwsSignature(JwsHeaders headers);
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
deleted file mode 100644
index c44a678..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-
-public interface JwsSignatureVerifier {
-    SignatureAlgorithm getAlgorithm();
-    boolean verify(JwsHeaders headers, String unsignedText, byte[] signature);
-}


Mime
View raw message