cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [02/20] cxf git commit: Splitting current jose module into jose-core + jose-jaxrs
Date Tue, 13 Oct 2015 10:42:02 GMT
http://git-wip-us.apache.org/repos/asf/cxf/blob/5e40ea35/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
deleted file mode 100644
index 1c1bb04..0000000
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
+++ /dev/null
@@ -1,665 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.cookbook;
-
-import java.io.InputStream;
-import java.security.Security;
-import java.util.List;
-
-import javax.crypto.Cipher;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
-import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
-import org.apache.cxf.rs.security.jose.jws.EcDsaJwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import org.junit.Test;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-public class JwsJoseCookBookTest {
-    private static final String PAYLOAD = "It’s a dangerous business, Frodo, going out your door. "
-        + "You step onto the road, and if you don't keep your feet, "
-        + "there’s no knowing where you might be swept off to.";
-    private static final String ENCODED_PAYLOAD = "SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IH"
-        + "lvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBk"
-        + "b24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcm"
-        + "UgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4";
-    private static final String RSA_KID_VALUE = "bilbo.baggins@hobbiton.example";
-    private static final String RSA_V1_5_SIGNATURE_PROTECTED_HEADER =
-          "eyJhbGciOiJSUzI1NiIsImtpZCI6ImJpbGJvLmJhZ2dpbnNAaG9iYml0b24uZX"
-        + "hhbXBsZSJ9";
-    private static final String RSA_V1_5_SIGNATURE_PROTECTED_HEADER_JSON = ("{"
-        + "\"alg\": \"RS256\","
-        + "\"kid\": \"bilbo.baggins@hobbiton.example\""
-        + "}").replaceAll(" ", "");
-    private static final String RSA_V1_5_SIGNATURE_VALUE =
-          "MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2e5CZ5NlKtainoFmK"
-        + "ZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84wnB-BDkoBwA78185hX-Es4J"
-        + "IwmDLJK3lfWRa-XtL0RnltuYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8w"
-        + "W1Kt9eRo4QPocSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluP"
-        + "xUAhb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_f"
-        + "cIe8u9ipH84ogoree7vjbU5y18kDquDg";
-    private static final String RSA_V1_5_JSON_GENERAL_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"signatures\": ["
-        + "{"
-        + "\"protected\": \"eyJhbGciOiJSUzI1NiIsImtpZCI6ImJpbGJvLmJhZ2"
-        + "dpbnNAaG9iYml0b24uZXhhbXBsZSJ9\","
-        + "\"signature\": \"MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHo"
-        + "xnW2e5CZ5NlKtainoFmKZopdHM1O2U4mwzJdQx996ivp83xuglII"
-        + "7PNDi84wnB-BDkoBwA78185hX-Es4JIwmDLJK3lfWRa-XtL0Rnlt"
-        + "uYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8wW1Kt9eRo4QPo"
-        + "cSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluPxU"
-        + "Ahb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJush"
-        + "Z41Axf_fcIe8u9ipH84ogoree7vjbU5y18kDquDg\""
-        + "}"
-        + "]"
-        + "}").replaceAll(" ", "");
-    private static final String RSA_V1_5_JSON_FLATTENED_SERIALIZATION =  ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"protected\": \"eyJhbGciOiJSUzI1NiIsImtpZCI6ImJpbGJvLmJhZ2dpbn"
-        + "NAaG9iYml0b24uZXhhbXBsZSJ9\","
-        + "\"signature\": \"MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2"
-        + "e5CZ5NlKtainoFmKZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84w"
-        + "nB-BDkoBwA78185hX-Es4JIwmDLJK3lfWRa-XtL0RnltuYv746iYTh_q"
-        + "HRD68BNt1uSNCrUCTJDt5aAE6x8wW1Kt9eRo4QPocSadnHXFxnt8Is9U"
-        + "zpERV0ePPQdLuW3IS_de3xyIrDaLGdjluPxUAhb6L2aXic1U12podGU0"
-        + "KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_fcIe8u9ipH84ogore"
-        + "e7vjbU5y18kDquDg\""
-        + "}").replaceAll(" ", "");
-    private static final String RSA_PSS_SIGNATURE_PROTECTED_HEADER_JSON = ("{"
-        + "\"alg\": \"PS384\","
-        + "\"kid\": \"bilbo.baggins@hobbiton.example\""
-        + "}").replaceAll(" ", "");
-    private static final String RSA_PSS_SIGNATURE_PROTECTED_HEADER =
-          "eyJhbGciOiJQUzM4NCIsImtpZCI6ImJpbGJvLmJhZ2dpbnNAaG9iYml0b24uZX"
-        + "hhbXBsZSJ9";
-    private static final String RSA_PSS_SIGNATURE_VALUE =
-          "cu22eBqkYDKgIlTpzDXGvaFfz6WGoz7fUDcfT0kkOy42miAh2qyBzk1xEsnk2I"
-        + "pN6-tPid6VrklHkqsGqDqHCdP6O8TTB5dDDItllVo6_1OLPpcbUrhiUSMxbbXU"
-        + "vdvWXzg-UD8biiReQFlfz28zGWVsdiNAUf8ZnyPEgVFn442ZdNqiVJRmBqrYRX"
-        + "e8P_ijQ7p8Vdz0TTrxUeT3lm8d9shnr2lfJT8ImUjvAA2Xez2Mlp8cBE5awDzT"
-        + "0qI0n6uiP1aCN_2_jLAeQTlqRHtfa64QQSUmFAAjVKPbByi7xho0uTOcbH510a"
-        + "6GYmJUAfmWjwZ6oD4ifKo8DYM-X72Eaw";
-    private static final String RSA_PSS_JSON_GENERAL_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"signatures\": ["
-        + "{"
-        + "\"protected\": \"eyJhbGciOiJQUzM4NCIsImtpZCI6ImJpbGJvLmJhZ2"
-        + "dpbnNAaG9iYml0b24uZXhhbXBsZSJ9\","
-        + "\"signature\": \"cu22eBqkYDKgIlTpzDXGvaFfz6WGoz7fUDcfT0kkOy"
-        + "42miAh2qyBzk1xEsnk2IpN6-tPid6VrklHkqsGqDqHCdP6O8TTB5"
-        + "dDDItllVo6_1OLPpcbUrhiUSMxbbXUvdvWXzg-UD8biiReQFlfz2"
-        + "8zGWVsdiNAUf8ZnyPEgVFn442ZdNqiVJRmBqrYRXe8P_ijQ7p8Vd"
-        + "z0TTrxUeT3lm8d9shnr2lfJT8ImUjvAA2Xez2Mlp8cBE5awDzT0q"
-        + "I0n6uiP1aCN_2_jLAeQTlqRHtfa64QQSUmFAAjVKPbByi7xho0uT"
-        + "OcbH510a6GYmJUAfmWjwZ6oD4ifKo8DYM-X72Eaw\""
-        + "}"
-        + "]"
-        + "}").replace(" ", "");
-    private static final String RSA_PSS_JSON_FLATTENED_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"protected\": \"eyJhbGciOiJQUzM4NCIsImtpZCI6ImJpbGJvLmJhZ2dpbn"
-        + "NAaG9iYml0b24uZXhhbXBsZSJ9\","
-        + "\"signature\": \"cu22eBqkYDKgIlTpzDXGvaFfz6WGoz7fUDcfT0kkOy42mi"
-        + "Ah2qyBzk1xEsnk2IpN6-tPid6VrklHkqsGqDqHCdP6O8TTB5dDDItllV"
-        + "o6_1OLPpcbUrhiUSMxbbXUvdvWXzg-UD8biiReQFlfz28zGWVsdiNAUf"
-        + "8ZnyPEgVFn442ZdNqiVJRmBqrYRXe8P_ijQ7p8Vdz0TTrxUeT3lm8d9s"
-        + "hnr2lfJT8ImUjvAA2Xez2Mlp8cBE5awDzT0qI0n6uiP1aCN_2_jLAeQT"
-        + "lqRHtfa64QQSUmFAAjVKPbByi7xho0uTOcbH510a6GYmJUAfmWjwZ6oD"
-        + "4ifKo8DYM-X72Eaw\""
-        + "}").replace(" ", "");
-    private static final String ECDSA_KID_VALUE = "bilbo.baggins@hobbiton.example";
-    private static final String ECDSA_SIGNATURE_PROTECTED_HEADER_JSON = ("{"
-        + "\"alg\": \"ES512\","
-        + "\"kid\": \"bilbo.baggins@hobbiton.example\""
-        + "}").replace(" ", "");
-    private static final String ECSDA_SIGNATURE_PROTECTED_HEADER =
-              "eyJhbGciOiJFUzUxMiIsImtpZCI6ImJpbGJvLmJhZ2dpbnNAaG9iYml0b24uZX"
-            + "hhbXBsZSJ9";
-    private static final String HMAC_KID_VALUE = "018c0ae5-4d9b-471b-bfd6-eef314bc7037";
-    private static final String HMAC_SIGNATURE_PROTECTED_HEADER_JSON = ("{"
-        + "\"alg\": \"HS256\","
-        + "\"kid\": \"018c0ae5-4d9b-471b-bfd6-eef314bc7037\""
-        + "}").replaceAll(" ", "");
-    private static final String HMAC_SIGNATURE_PROTECTED_HEADER =
-          "eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOWItNDcxYi1iZmQ2LW"
-        + "VlZjMxNGJjNzAzNyJ9";
-    private static final String HMAC_SIGNATURE_VALUE = "s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0";
-    private static final String HMAC_JSON_GENERAL_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"signatures\": ["
-        + "{"
-        + "\"protected\": \"eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LT"
-        + "RkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9\","
-        + "\"signature\": \"s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p"
-        + "0\""
-        + "}"
-        + "]"
-        + "}").replaceAll(" ", "");
-    private static final String HMAC_JSON_FLATTENED_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"protected\": \"eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOW"
-        + "ItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9\","
-        + "\"signature\": \"s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0\""
-        + "}").replaceAll(" ", "");
-    private static final String DETACHED_HMAC_JWS =
-          ("eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOWItNDcxYi1iZmQ2LW"
-        + "VlZjMxNGJjNzAzNyJ9"
-        + "."
-        + "."
-        + "s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0").replaceAll(" ", "");
-    private static final String HMAC_DETACHED_JSON_GENERAL_SERIALIZATION = ("{"
-        + "\"signatures\": ["
-        + "{"
-        + "\"protected\": \"eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LT"
-        + "RkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9\","
-        + "\"signature\": \"s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p"
-        + "0\""
-        + "}"
-        + "]"
-        + "}").replaceAll(" ", "");
-    private static final String HMAC_DETACHED_JSON_FLATTENED_SERIALIZATION = ("{"
-        + "\"protected\": \"eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOW"
-        + "ItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9\","
-        + "\"signature\": \"s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0\""
-        + "}").replaceAll(" ", "");
-    private static final String PROTECTING_SPECIFIC_HEADER_FIELDS_JSON_GENERAL_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"signatures\": ["
-        + "{"
-        + "\"protected\": \"eyJhbGciOiJIUzI1NiJ9\","
-        + "\"header\": {"
-        + "\"kid\": \"018c0ae5-4d9b-471b-bfd6-eef314bc7037\""
-        + "},"
-        + "\"signature\": \"bWUSVaxorn7bEF1djytBd0kHv70Ly5pvbomzMWSOr2"
-        + "0\""
-        + "}"
-        + "]"
-        + "}").replace(" ", "");
-    private static final String PROTECTING_SPECIFIC_HEADER_FIELDS_JSON_FLATTENED_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"protected\": \"eyJhbGciOiJIUzI1NiJ9\","
-        + "\"header\": {"
-        + "\"kid\": \"018c0ae5-4d9b-471b-bfd6-eef314bc7037\""
-        + "},"
-        + "\"signature\": \"bWUSVaxorn7bEF1djytBd0kHv70Ly5pvbomzMWSOr20\""
-        + "}").replace(" ", "");
-    private static final String PROTECTING_CONTENT_ONLY_JSON_GENERAL_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"signatures\": ["
-        + "{"
-        + "\"header\": {"
-        + "\"alg\": \"HS256\","
-        + "\"kid\": \"018c0ae5-4d9b-471b-bfd6-eef314bc7037\""
-        + "},"
-        + "\"signature\": \"xuLifqLGiblpv9zBpuZczWhNj1gARaLV3UxvxhJxZu"
-        + "k\""
-        + "}"
-        + "]"
-        + "}").replace(" ", "");
-    private static final String PROTECTING_CONTENT_ONLY_JSON_FLATTENED_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"header\": {"
-        + "\"alg\": \"HS256\","
-        + "\"kid\": \"018c0ae5-4d9b-471b-bfd6-eef314bc7037\""
-        + "},"
-        + "\"signature\": \"xuLifqLGiblpv9zBpuZczWhNj1gARaLV3UxvxhJxZuk\""
-        + "}").replace(" ", "");
-    private static final String FIRST_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES = ("{"
-        + "\"protected\": \"eyJhbGciOiJSUzI1NiJ9\","
-        + "\"header\": {"
-        + "\"kid\": \"bilbo.baggins@hobbiton.example\""
-        + "},"
-        + "\"signature\": \"MIsjqtVlOpa71KE-Mss8_Nq2YH4FGhiocsqrgi5NvyG53u"
-        + "oimic1tcMdSg-qptrzZc7CG6Svw2Y13TDIqHzTUrL_lR2ZFcryNFiHkS"
-        + "w129EghGpwkpxaTn_THJTCglNbADko1MZBCdwzJxwqZc-1RlpO2HibUY"
-        + "yXSwO97BSe0_evZKdjvvKSgsIqjytKSeAMbhMBdMma622_BG5t4sdbuC"
-        + "HtFjp9iJmkio47AIwqkZV1aIZsv33uPUqBBCXbYoQJwt7mxPftHmNlGo"
-        + "OSMxR_3thmXTCm4US-xiNOyhbm8afKK64jU6_TPtQHiJeQJxz9G3Tx-0"
-        + "83B745_AfYOnlC9w\""
-        + "}").replace(" ", "");
-    private static final String SECOND_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES = ("{"
-        + "\"header\": {"
-        + "\"alg\": \"ES512\","
-        + "\"kid\": \"bilbo.baggins@hobbiton.example\""
-        + "},"
-        + "\"signature\": \"ARcVLnaJJaUWG8fG-8t5BREVAuTY8n8YHjwDO1muhcdCoF"
-        + "ZFFjfISu0Cdkn9Ybdlmi54ho0x924DUz8sK7ZXkhc7AFM8ObLfTvNCrq"
-        + "cI3Jkl2U5IX3utNhODH6v7xgy1Qahsn0fyb4zSAkje8bAWz4vIfj5pCM"
-        + "Yxxm4fgV3q7ZYhm5eD\""
-        + "}").replace(" ", "");
-    private static final String SECOND_SIGNATURE_UNPROTECTED_HEADER_MULTIPLE_SIGNATURES = ("{"
-        + "\"alg\": \"ES512\","
-        + "\"kid\": \"bilbo.baggins@hobbiton.example\""
-        + "}").replace(" ", "");
-    private static final String THIRD_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES = ("{"
-        + "\"protected\": \"eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LTRkOW"
-        + "ItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9\","
-        + "\"signature\": \"s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p0\""
-        + "}").replace(" ", "");
-    private static final String MULTIPLE_SIGNATURES_JSON_GENERAL_SERIALIZATION = ("{"
-        + "\"payload\": \"SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywg"
-        + "Z29pbmcgb3V0IHlvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9h"
-        + "ZCwgYW5kIGlmIHlvdSBkb24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXi"
-        + "gJlzIG5vIGtub3dpbmcgd2hlcmUgeW91IG1pZ2h0IGJlIHN3ZXB0IG9m"
-        + "ZiB0by4\","
-        + "\"signatures\": ["
-        + "{"
-        + "\"protected\": \"eyJhbGciOiJSUzI1NiJ9\","
-        + "\"header\": {"
-        + "\"kid\": \"bilbo.baggins@hobbiton.example\""
-        + "},"
-        + "\"signature\": \"MIsjqtVlOpa71KE-Mss8_Nq2YH4FGhiocsqrgi5Nvy"
-        + "G53uoimic1tcMdSg-qptrzZc7CG6Svw2Y13TDIqHzTUrL_lR2ZFc"
-        + "ryNFiHkSw129EghGpwkpxaTn_THJTCglNbADko1MZBCdwzJxwqZc"
-        + "-1RlpO2HibUYyXSwO97BSe0_evZKdjvvKSgsIqjytKSeAMbhMBdM"
-        + "ma622_BG5t4sdbuCHtFjp9iJmkio47AIwqkZV1aIZsv33uPUqBBC"
-        + "XbYoQJwt7mxPftHmNlGoOSMxR_3thmXTCm4US-xiNOyhbm8afKK6"
-        + "4jU6_TPtQHiJeQJxz9G3Tx-083B745_AfYOnlC9w\""
-        + "},"
-        + "{"
-        + "\"header\": {"
-        + "\"alg\": \"ES512\","
-        + "\"kid\": \"bilbo.baggins@hobbiton.example\""
-        + "},"
-        + "\"signature\": \"ARcVLnaJJaUWG8fG-8t5BREVAuTY8n8YHjwDO1muhc"
-        + "dCoFZFFjfISu0Cdkn9Ybdlmi54ho0x924DUz8sK7ZXkhc7AFM8Ob"
-        + "LfTvNCrqcI3Jkl2U5IX3utNhODH6v7xgy1Qahsn0fyb4zSAkje8b"
-        + "AWz4vIfj5pCMYxxm4fgV3q7ZYhm5eD\""
-        + "},"
-        + "{"
-        + "\"protected\": \"eyJhbGciOiJIUzI1NiIsImtpZCI6IjAxOGMwYWU1LT"
-        + "RkOWItNDcxYi1iZmQ2LWVlZjMxNGJjNzAzNyJ9\","
-        + "\"signature\": \"s0h6KThzkfBBBkLspW1h84VsJZFTsPPqMDA7g1Md7p"
-        + "0\""
-        + "}"
-        + "]"
-        + "}").replace(" ", "");;
-    @Test
-    public void testEncodedPayload() throws Exception {
-        assertEquals(Base64UrlUtility.encode(PAYLOAD), ENCODED_PAYLOAD);
-    }
-    @Test
-    public void testRSAv15Signature() throws Exception {
-        JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
-        compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.RS256);
-        compactProducer.getJwsHeaders().setKeyId(RSA_KID_VALUE);
-        JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
-        assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), RSA_V1_5_SIGNATURE_PROTECTED_HEADER_JSON);
-        assertEquals(compactProducer.getUnsignedEncodedJws(),
-                RSA_V1_5_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD);
-        JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt");
-        List<JsonWebKey> keys = jwks.getKeys();
-        JsonWebKey rsaKey = keys.get(1);
-        compactProducer.signWith(rsaKey);
-        assertEquals(compactProducer.getSignedEncodedJws(),
-                RSA_V1_5_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD + "." + RSA_V1_5_SIGNATURE_VALUE);
-        JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws());
-        JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt");
-        List<JsonWebKey> publicKeys = publicJwks.getKeys();
-        JsonWebKey rsaPublicKey = publicKeys.get(1);
-        assertTrue(compactConsumer.verifySignatureWith(rsaPublicKey, 
-                                                       SignatureAlgorithm.RS256));
-
-        JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
-        assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
-        assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JwsHeaders protectedHeader = new JwsHeaders();
-        protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.RS256);
-        protectedHeader.setKeyId(RSA_KID_VALUE);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, 
-                                                            SignatureAlgorithm.RS256), protectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(), RSA_V1_5_JSON_GENERAL_SERIALIZATION);
-        JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.RS256));
-
-        jsonProducer = new JwsJsonProducer(PAYLOAD, true);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.RS256), protectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(), RSA_V1_5_JSON_FLATTENED_SERIALIZATION);
-        jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.RS256));
-    }
-    @Test
-    public void testRSAPSSSignature() throws Exception {
-        try {
-            Cipher.getInstance(AlgorithmUtils.PS_SHA_384_JAVA);
-        } catch (Throwable t) {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
-        compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.PS384);
-        compactProducer.getJwsHeaders().setKeyId(RSA_KID_VALUE);
-        JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
-        assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), RSA_PSS_SIGNATURE_PROTECTED_HEADER_JSON);
-        assertEquals(compactProducer.getUnsignedEncodedJws(),
-                RSA_PSS_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD);
-        JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt");
-        List<JsonWebKey> keys = jwks.getKeys();
-        JsonWebKey rsaKey = keys.get(1);
-        compactProducer.signWith(rsaKey);
-        assertEquals(compactProducer.getSignedEncodedJws().length(),
-                (RSA_PSS_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD + "." + RSA_PSS_SIGNATURE_VALUE).length());
-        JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws());
-        JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt");
-        List<JsonWebKey> publicKeys = publicJwks.getKeys();
-        JsonWebKey rsaPublicKey = publicKeys.get(1);
-        assertTrue(compactConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.PS384));
-
-        JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
-        assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
-        assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JwsHeaders protectedHeader = new JwsHeaders();
-        protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.PS384);
-        protectedHeader.setKeyId(RSA_KID_VALUE);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.PS384), protectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), RSA_PSS_JSON_GENERAL_SERIALIZATION.length());
-        JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.PS384));
-
-        jsonProducer = new JwsJsonProducer(PAYLOAD, true);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.PS384), protectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), RSA_PSS_JSON_FLATTENED_SERIALIZATION.length());
-        jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.PS384));
-
-        Security.removeProvider(BouncyCastleProvider.class.getName());
-    }
-    @Test
-    public void testECDSASignature() throws Exception {
-        
-        try {
-            Cipher.getInstance(AlgorithmUtils.ES_SHA_512_JAVA);
-        } catch (Throwable t) {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-        try {
-            JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
-            compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.ES512);
-            compactProducer.getJwsHeaders().setKeyId(ECDSA_KID_VALUE);
-            JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
-            assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), 
-                         ECDSA_SIGNATURE_PROTECTED_HEADER_JSON);
-            assertEquals(compactProducer.getUnsignedEncodedJws(),
-                    ECSDA_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD);
-            JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt");
-            List<JsonWebKey> keys = jwks.getKeys();
-            JsonWebKey ecKey = keys.get(0);
-            compactProducer.signWith(new EcDsaJwsSignatureProvider(JwkUtils.toECPrivateKey(ecKey),
-                                                                   SignatureAlgorithm.ES512));
-            assertEquals(compactProducer.getUnsignedEncodedJws(), 
-                         ECSDA_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD);
-            assertEquals(132, Base64UrlUtility.decode(compactProducer.getEncodedSignature()).length);
-            
-            JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws());
-            JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt");
-            List<JsonWebKey> publicKeys = publicJwks.getKeys();
-            JsonWebKey ecPublicKey = publicKeys.get(0);
-            assertTrue(compactConsumer.verifySignatureWith(ecPublicKey, SignatureAlgorithm.ES512));
-        } finally {
-            Security.removeProvider(BouncyCastleProvider.class.getName());
-        }
-    }
-    @Test
-    public void testHMACSignature() throws Exception {
-        JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
-        compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.HS256);
-        compactProducer.getJwsHeaders().setKeyId(HMAC_KID_VALUE);
-        JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
-        assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), HMAC_SIGNATURE_PROTECTED_HEADER_JSON);
-        assertEquals(compactProducer.getUnsignedEncodedJws(),
-                HMAC_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD);
-        JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
-        List<JsonWebKey> keys = jwks.getKeys();
-        JsonWebKey key = keys.get(0);
-        compactProducer.signWith(key);
-        assertEquals(compactProducer.getSignedEncodedJws(),
-                HMAC_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD + "." + HMAC_SIGNATURE_VALUE);
-        JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws());
-        assertTrue(compactConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-
-        JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
-        assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
-        assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JwsHeaders protectedHeader = new JwsHeaders();
-        protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.HS256);
-        protectedHeader.setKeyId(HMAC_KID_VALUE);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256), protectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(), HMAC_JSON_GENERAL_SERIALIZATION);
-        JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-
-        jsonProducer = new JwsJsonProducer(PAYLOAD, true);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256), protectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(), HMAC_JSON_FLATTENED_SERIALIZATION);
-        jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-    }
-    @Test
-    public void testDetachedHMACSignature() throws Exception {
-        JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD, true);
-        compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.HS256);
-        compactProducer.getJwsHeaders().setKeyId(HMAC_KID_VALUE);
-        JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
-        assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), HMAC_SIGNATURE_PROTECTED_HEADER_JSON);
-        assertEquals(compactProducer.getUnsignedEncodedJws(),
-                HMAC_SIGNATURE_PROTECTED_HEADER + ".");
-        JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
-        List<JsonWebKey> keys = jwks.getKeys();
-        JsonWebKey key = keys.get(0);
-        compactProducer.signWith(key);
-        assertEquals(compactProducer.getSignedEncodedJws(), DETACHED_HMAC_JWS);
-        JwsCompactConsumer compactConsumer =
-                new JwsCompactConsumer(compactProducer.getSignedEncodedJws(), ENCODED_PAYLOAD);
-        assertTrue(compactConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-
-        JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
-        assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
-        assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JwsHeaders protectedHeader = new JwsHeaders();
-        protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.HS256);
-        protectedHeader.setKeyId(HMAC_KID_VALUE);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256), protectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(true), HMAC_DETACHED_JSON_GENERAL_SERIALIZATION);
-        JwsJsonConsumer jsonConsumer =
-                new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument(true), ENCODED_PAYLOAD);
-        assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-
-        jsonProducer = new JwsJsonProducer(PAYLOAD, true);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256), protectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(true), HMAC_DETACHED_JSON_FLATTENED_SERIALIZATION);
-        jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument(true), ENCODED_PAYLOAD);
-        assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-    }
-    @Test
-    public void testProtectingSpecificHeaderFieldsSignature() throws Exception {
-        JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
-        assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
-        assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JwsHeaders protectedHeader = new JwsHeaders();
-        protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.HS256);
-        JwsHeaders unprotectedHeader = new JwsHeaders();
-        unprotectedHeader.setKeyId(HMAC_KID_VALUE);
-        JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
-        List<JsonWebKey> keys = jwks.getKeys();
-        JsonWebKey key = keys.get(0);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256),
-                protectedHeader, unprotectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(),
-                PROTECTING_SPECIFIC_HEADER_FIELDS_JSON_GENERAL_SERIALIZATION);
-        JwsJsonConsumer jsonConsumer =
-                new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-
-        jsonProducer = new JwsJsonProducer(PAYLOAD, true);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256),
-                protectedHeader, unprotectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(),
-                PROTECTING_SPECIFIC_HEADER_FIELDS_JSON_FLATTENED_SERIALIZATION);
-        jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-    }
-    @Test
-    public void testProtectingContentOnlySignature() throws Exception {
-        JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
-        assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
-        assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JwsHeaders unprotectedHeader = new JwsHeaders();
-        unprotectedHeader.setSignatureAlgorithm(SignatureAlgorithm.HS256);
-        unprotectedHeader.setKeyId(HMAC_KID_VALUE);
-        JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
-        List<JsonWebKey> keys = jwks.getKeys();
-        JsonWebKey key = keys.get(0);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256),
-                null, unprotectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(),
-                PROTECTING_CONTENT_ONLY_JSON_GENERAL_SERIALIZATION);
-        JwsJsonConsumer jsonConsumer =
-                new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-
-        jsonProducer = new JwsJsonProducer(PAYLOAD, true);
-        jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256),
-                null, unprotectedHeader);
-        assertEquals(jsonProducer.getJwsJsonSignedDocument(),
-                PROTECTING_CONTENT_ONLY_JSON_FLATTENED_SERIALIZATION);
-        jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-        assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
-    }
-    @Test
-    public void testMultipleSignatures() throws Exception {
-        try {
-            Cipher.getInstance(AlgorithmUtils.ES_SHA_512_JAVA);
-        } catch (Throwable t) {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-        try {
-            JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
-            assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
-            assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-            JwsHeaders firstSignerProtectedHeader = new JwsHeaders();
-            firstSignerProtectedHeader.setSignatureAlgorithm(SignatureAlgorithm.RS256);
-            JwsHeaders firstSignerUnprotectedHeader = new JwsHeaders();
-            firstSignerUnprotectedHeader.setKeyId(RSA_KID_VALUE);
-            JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt");
-            List<JsonWebKey> keys = jwks.getKeys();
-            JsonWebKey rsaKey = keys.get(1);
-            jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.RS256),
-                    firstSignerProtectedHeader, firstSignerUnprotectedHeader);
-            assertEquals(jsonProducer.getSignatureEntries().get(0).toJson(),
-                    FIRST_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES);
-
-            JwsHeaders secondSignerUnprotectedHeader = new JwsHeaders();
-            secondSignerUnprotectedHeader.setSignatureAlgorithm(SignatureAlgorithm.ES512);
-            secondSignerUnprotectedHeader.setKeyId(ECDSA_KID_VALUE);
-            JsonWebKey ecKey = keys.get(0);
-            jsonProducer.signWith(JwsUtils.getSignatureProvider(ecKey, SignatureAlgorithm.ES512),
-                    null, secondSignerUnprotectedHeader);
-            assertEquals(new JsonMapObjectReaderWriter().toJson(
-                jsonProducer.getSignatureEntries().get(1).getUnprotectedHeader()),
-                    SECOND_SIGNATURE_UNPROTECTED_HEADER_MULTIPLE_SIGNATURES);
-            assertEquals(jsonProducer.getSignatureEntries().get(1).toJson().length(),
-                    SECOND_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES.length());
-
-            JwsHeaders thirdSignerProtectedHeader = new JwsHeaders();
-            thirdSignerProtectedHeader.setSignatureAlgorithm(SignatureAlgorithm.HS256);
-            thirdSignerProtectedHeader.setKeyId(HMAC_KID_VALUE);
-            JsonWebKeys secretJwks = readKeySet("cookbookSecretSet.txt");
-            List<JsonWebKey> secretKeys = secretJwks.getKeys();
-            JsonWebKey hmacKey = secretKeys.get(0);
-            jsonProducer.signWith(JwsUtils.getSignatureProvider(hmacKey, SignatureAlgorithm.HS256),
-                    thirdSignerProtectedHeader);
-            assertEquals(jsonProducer.getSignatureEntries().get(2).toJson(),
-                    THIRD_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES);
-            assertEquals(jsonProducer.getJwsJsonSignedDocument().length(),
-                    MULTIPLE_SIGNATURES_JSON_GENERAL_SERIALIZATION.length());
-            JwsJsonConsumer jsonConsumer =
-                    new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
-            JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt");
-            List<JsonWebKey> publicKeys = publicJwks.getKeys();
-            JsonWebKey rsaPublicKey = publicKeys.get(1);
-            JsonWebKey ecPublicKey = publicKeys.get(0);
-            assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.RS256));
-            assertTrue(jsonConsumer.verifySignatureWith(ecPublicKey, SignatureAlgorithm.ES512));
-            assertTrue(jsonConsumer.verifySignatureWith(hmacKey, SignatureAlgorithm.HS256));
-        } finally {
-            Security.removeProvider(BouncyCastleProvider.class.getName());
-        }
-    }
-    public JsonWebKeys readKeySet(String fileName) throws Exception {
-        InputStream is = JwsJoseCookBookTest.class.getResourceAsStream(fileName);
-        String s = IOUtils.readStringFromStream(is);
-        return JwkUtils.readJwkSet(s);
-    }
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/5e40ea35/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookPrivateSet.txt
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookPrivateSet.txt b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookPrivateSet.txt
deleted file mode 100644
index 03e2704..0000000
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookPrivateSet.txt
+++ /dev/null
@@ -1,24 +0,0 @@
-{"keys":
-       [
-         {"kty": "EC",
-          "kid": "bilbo.baggins@hobbiton.example",
-          "use": "sig",
-          "crv": "P-521",
-          "x": "AHKZLLOsCOzz5cY97ewNUajB957y-C-U88c3v13nmGZx6sYl_oJXu9A5RkTKqjqvjyekWF-7ytDyRXYgCF5cj0Kt",
-          "y": "AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1",
-          "d": "AAhRON2r9cqXX1hg-RoI6R1tX5p2rUAYdmpHZoC1XNM56KtscrX6zbKipQrCW9CGZH3T4ubpnoTKLDYJ_fF3_rJt"
-         },
-         {"kty": "RSA",
-          "kid": "bilbo.baggins@hobbiton.example",
-          "use": "sig",
-          "n": "n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw",
-          "e": "AQAB",
-          "d": "bWUC9B-EFRIo8kpGfh0ZuyGPvMNKvYWNtB_ikiH9k20eT-O1q_I78eiZkpXxXQ0UTEs2LsNRS-8uJbvQ-A1irkwMSMkK1J3XTGgdrhCku9gRldY7sNA_AKZGh-Q661_42rINLRCe8W-nZ34ui_qOfkLnK9QWDDqpaIsA-bMwWWSDFu2MUBYwkHTMEzLYGqOe04noqeq1hExBTHBOBdkMXiuFhUq1BU6l-DqEiWxqg82sXt2h-LMnT3046AOYJoRioz75tSUQfGCshWTBnP5uDjd18kKhyv07lhfSJdrPdM5Plyl21hsFf4L_mHCuoFau7gdsPfHPxxjVOcOpBrQzwQ",
-          "p": "3Slxg_DwTXJcb6095RoXygQCAZ5RnAvZlno1yhHtnUex_fp7AZ_9nRaO7HX_-SFfGQeutao2TDjDAWU4Vupk8rw9JR0AzZ0N2fvuIAmr_WCsmGpeNqQnev1T7IyEsnh8UMt-n5CafhkikzhEsrmndH6LxOrvRJlsPp6Zv8bUq0k",
-          "q": "uKE2dh-cTf6ERF4k4e_jy78GfPYUIaUyoSSJuBzp3Cubk3OCqs6grT8bR_cu0Dm1MZwWmtdqDyI95HrUeq3MP15vMMON8lHTeZu2lmKvwqW7anV5UzhM1iZ7z4yMkuUwFWoBvyY898EXvRD-hdqRxHlSqAZ192zB3pVFJ0s7pFc",
-          "dp": "B8PVvXkvJrj2L-GYQ7v3y9r6Kw5g9SahXBwsWUzp19TVlgI-YV85q1NIb1rxQtD-IsXXR3-TanevuRPRt5OBOdiMGQp8pbt26gljYfKU_E9xn-RULHz0-ed9E9gXLKD4VGngpz-PfQ_q29pk5xWHoJp009Qf1HvChixRX59ehik",
-          "dq": "CLDmDGduhylc9o7r84rEUVn7pzQ6PF83Y-iBZx5NT-TpnOZKF1pErAMVeKzFEl41DlHHqqBLSM0W1sOFbwTxYWZDm6sI6og5iTbwQGIC3gnJKbi_7k_vJgGHwHxgPaX2PnvP-zyEkDERuf-ry4c_Z11Cq9AqC2yeL6kdKT1cYF8",
-          "qi": "3PiqvXQN0zwMeE-sBvZgi289XP9XCQF3VWqPzMKnIgQp7_Tugo6-NZBKCQsMf3HaEGBjTVJs_jcK8-TRXvaKe-7ZMaQj8VfBdYkssbu0NKDDhjJ-GtiseaDVWt7dcH0cfwxgFUHpQh7FoCrjFJ6h6ZEpMF6xmujs4qMpPz8aaI4"
-          }
-       ]
-     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/5e40ea35/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookPublicSet.txt
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookPublicSet.txt b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookPublicSet.txt
deleted file mode 100644
index 15b4808..0000000
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookPublicSet.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-{"keys":
-       [
-         {"kty": "EC",
-          "kid": "bilbo.baggins@hobbiton.example",
-          "use": "sig",
-          "crv": "P-521",
-          "x": "AHKZLLOsCOzz5cY97ewNUajB957y-C-U88c3v13nmGZx6sYl_oJXu9A5RkTKqjqvjyekWF-7ytDyRXYgCF5cj0Kt",
-          "y": "AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1"
-          },
-          {"kty": "RSA",
-          "kid": "bilbo.baggins@hobbiton.example",
-          "use": "sig",
-          "n": "n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw",
-          "e": "AQAB"}
-       ]
-     }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/5e40ea35/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookSecretSet.txt
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookSecretSet.txt b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookSecretSet.txt
deleted file mode 100644
index 2f4bc08..0000000
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/cookbookSecretSet.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-{"keys":
-       [
-          {"kty": "oct",
-           "kid": "018c0ae5-4d9b-471b-bfd6-eef314bc7037",
-           "use": "sig",
-           "alg": "HS256",
-           "k": "hJtXIZ2uSN5kbQfbtTNWbpdmhkV8FJG-Onbc6mxCcYg"
-          },
-          {"kty": "oct",
-           "kid": "1e571774-2e08-40da-8308-e8d68773842d",
-           "use": "enc",
-           "alg": "A256GCM",
-           "k": "AAPapAv4LbFbiVawEjagUBluYqN5rhna-8nuldDvOx8"
-          }
-       ]
-     }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/5e40ea35/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
deleted file mode 100644
index 8f8c147..0000000
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
+++ /dev/null
@@ -1,288 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwe;
-
-import java.security.Security;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
-import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
-import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactReaderWriterTest;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class JweCompactReaderWriterTest extends Assert {
-    // A1 example
-    static final byte[] CONTENT_ENCRYPTION_KEY_A1 = {
-        (byte)177, (byte)161, (byte)244, (byte)128, 84, (byte)143, (byte)225,
-        115, 63, (byte)180, 3, (byte)255, 107, (byte)154, (byte)212, (byte)246,
-        (byte)138, 7, 110, 91, 112, 46, 34, 105, 47, 
-        (byte)130, (byte)203, 46, 122, (byte)234, 64, (byte)252};
-    static final String RSA_MODULUS_ENCODED_A1 = "oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUW"
-           + "cJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3S"
-           + "psk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2a"
-           + "sbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMS"
-           + "tPs6mS6XrgxnxbWhojf663tuEQueGC-FCMfra36C9knDFGzKsNa7LZK2dj"
-           + "YgyD3JR_MB_4NUJW_TqOQtwHYbxevoJArm-L5StowjzGy-_bq6Gw";
-    static final String RSA_PUBLIC_EXPONENT_ENCODED_A1 = "AQAB";
-    static final String RSA_PRIVATE_EXPONENT_ENCODED_A1 = 
-        "kLdtIj6GbDks_ApCSTYQtelcNttlKiOyPzMrXHeI-yk1F7-kpDxY4-WY5N"
-        + "WV5KntaEeXS1j82E375xxhWMHXyvjYecPT9fpwR_M9gV8n9Hrh2anTpTD9"
-        + "3Dt62ypW3yDsJzBnTnrYu1iwWRgBKrEYY46qAZIrA2xAwnm2X7uGR1hghk"
-        + "qDp0Vqj3kbSCz1XyfCs6_LehBwtxHIyh8Ripy40p24moOAbgxVw3rxT_vl"
-        + "t3UVe4WO3JkJOzlpUf-KTVI2Ptgm-dARxTEtE-id-4OJr0h-K-VFs3VSnd"
-        + "VTIznSxfyrj8ILL6MG_Uv8YAu7VILSB3lOW085-4qE3DzgrTjgyQ";
-    
-    static final byte[] INIT_VECTOR_A1 = {(byte)227, (byte)197, 117, (byte)252, 2, (byte)219, 
-        (byte)233, 68, (byte)180, (byte)225, 77, (byte)219};
-    
-    // A3 example
-    static final byte[] CONTENT_ENCRYPTION_KEY_A3 = {
-        4, (byte)211, 31, (byte)197, 84, (byte)157, (byte)252, (byte)254, 11, 100, 
-        (byte)157, (byte)250, 63, (byte)170, 106, (byte)206, 107, 124, (byte)212, 
-        45, 111, 107, 9, (byte)219, (byte)200, (byte)177, 0, (byte)240, (byte)143, 
-        (byte)156, 44, (byte)207};
-    static final byte[] INIT_VECTOR_A3 = {
-        3, 22, 60, 12, 43, 67, 104, 105, 108, 108, 105, 99, 111, 116, 104, 101};
-    static final String KEY_ENCRYPTION_KEY_A3 = "GawgguFyGrWKav7AX4VKUg";
-    private static final String JWE_OUTPUT_A3 = 
-        "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0" 
-        + ".6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ" 
-        + ".AxY8DCtDaGlsbGljb3RoZQ" 
-        + ".KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY" 
-        + ".U0m_YmjN04DJvceFICbCVQ";
-    
-    private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
-    
-    private static boolean isJava6() {
-        String version = System.getProperty("java.version");
-        return 1.6D == Double.parseDouble(version.substring(0, 3));    
-    }
-    
-    @BeforeClass
-    public static void registerBouncyCastleIfNeeded() throws Exception {
-        
-        try {
-            if (!SKIP_AES_GCM_TESTS) {
-                Cipher.getInstance(AlgorithmUtils.AES_GCM_ALGO_JAVA);
-            }
-            Cipher.getInstance(AlgorithmUtils.AES_CBC_ALGO_JAVA);
-        } catch (Throwable t) {
-            Security.addProvider(new BouncyCastleProvider());    
-        }
-        
-    }
-    @AfterClass
-    public static void unregisterBouncyCastleIfNeeded() throws Exception {
-        Security.removeProvider(BouncyCastleProvider.class.getName());    
-    }
-    
-    @Test
-    public void testEncryptDecryptAesWrapA128CBCHS256() throws Exception {
-        final String specPlainText = "Live long and prosper.";
-        
-        byte[] cekEncryptionKey = Base64UrlUtility.decode(KEY_ENCRYPTION_KEY_A3);
-        
-        AesWrapKeyEncryptionAlgorithm keyEncryption = 
-            new AesWrapKeyEncryptionAlgorithm(cekEncryptionKey, KeyAlgorithm.A128KW);
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256,
-                                                           CONTENT_ENCRYPTION_KEY_A3, 
-                                                           INIT_VECTOR_A3,
-                                                           keyEncryption);
-        String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
-        assertEquals(JWE_OUTPUT_A3, jweContent);
-        
-        AesWrapKeyDecryptionAlgorithm keyDecryption = new AesWrapKeyDecryptionAlgorithm(cekEncryptionKey);
-        JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
-        String decryptedText = decryption.decrypt(jweContent).getContentText();
-        assertEquals(specPlainText, decryptedText);
-    }
-    
-    @Test
-    public void testECDHESDirectKeyEncryption() throws Exception {
-        if (SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        ECPrivateKey bobPrivateKey = 
-            CryptoUtils.getECPrivateKey(JsonWebKey.EC_CURVE_P256, 
-                                        "VEmDZpDXXK8p8N0Cndsxs924q6nS1RXFASRl6BfUqdw");
-        
-        final ECPublicKey bobPublicKey = 
-            CryptoUtils.getECPublicKey(JsonWebKey.EC_CURVE_P256, 
-                                       "weNJy2HscCSM6AEDTDg04biOvhFhyyWvOHQfeF_PxMQ",
-                                       "e8lnCO-AlStT-NJVX-crhB7QRYhiix03illJOVAOyck");
-        JweEncryptionProvider jweOut = 
-            new EcdhDirectKeyJweEncryption(bobPublicKey, 
-                                           JsonWebKey.EC_CURVE_P256, 
-                                           "Alice", 
-                                           "Bob", 
-                                           ContentAlgorithm.A128GCM);
-    
-        String jweOutput = jweOut.encrypt("Hello".getBytes(), null);
-        JweDecryptionProvider jweIn = 
-            new EcdhDirectKeyJweDecryption(bobPrivateKey, ContentAlgorithm.A128GCM);
-        assertEquals("Hello", jweIn.decrypt(jweOutput).getContentText());
-    }
-    @Test
-    public void testEncryptDecryptRSA15WrapA128CBCHS256() throws Exception {
-        final String specPlainText = "Live long and prosper.";
-        
-        RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED_A1, 
-                                                             RSA_PUBLIC_EXPONENT_ENCODED_A1);
-        
-        KeyEncryptionProvider keyEncryption = new RSAKeyEncryptionAlgorithm(publicKey, 
-                                                                             KeyAlgorithm.RSA1_5);
-        
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256,
-                                                           CONTENT_ENCRYPTION_KEY_A3, 
-                                                           INIT_VECTOR_A3,
-                                                           keyEncryption);
-        String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
-        
-        RSAPrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED_A1, 
-                                                                RSA_PRIVATE_EXPONENT_ENCODED_A1);
-        KeyDecryptionProvider keyDecryption = new RSAKeyDecryptionAlgorithm(privateKey,
-                                                                             KeyAlgorithm.RSA1_5);
-        JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
-        String decryptedText = decryption.decrypt(jweContent).getContentText();
-        assertEquals(specPlainText, decryptedText);
-    }
-    @Test
-    public void testEncryptDecryptAesGcmWrapA128CBCHS256() throws Exception {
-        //
-        // This test fails with the IBM JDK and on Java 6
-        //
-        if ("IBM Corporation".equals(System.getProperty("java.vendor"))
-            || SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        final String specPlainText = "Live long and prosper.";
-        
-        byte[] cekEncryptionKey = Base64UrlUtility.decode(KEY_ENCRYPTION_KEY_A3);
-        
-        AesGcmWrapKeyEncryptionAlgorithm keyEncryption = 
-            new AesGcmWrapKeyEncryptionAlgorithm(cekEncryptionKey, KeyAlgorithm.A128GCMKW);
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256,
-                                                           CONTENT_ENCRYPTION_KEY_A3, 
-                                                           INIT_VECTOR_A3,
-                                                           keyEncryption);
-        String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
-        
-        AesGcmWrapKeyDecryptionAlgorithm keyDecryption = new AesGcmWrapKeyDecryptionAlgorithm(cekEncryptionKey);
-        JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
-        String decryptedText = decryption.decrypt(jweContent).getContentText();
-        assertEquals(specPlainText, decryptedText);
-    }
-    
-    @Test
-    public void testEncryptDecryptSpecExample() throws Exception {
-        if (SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        final String specPlainText = "The true sign of intelligence is not knowledge but imagination.";
-        String jweContent = encryptContent(specPlainText, true);
-        
-        decrypt(jweContent, specPlainText, true);
-    }
-    
-    @Test
-    public void testDirectKeyEncryptDecrypt() throws Exception {
-        if (SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        final String specPlainText = "The true sign of intelligence is not knowledge but imagination.";
-        SecretKey key = createSecretKey(true);
-        String jweContent = encryptContentDirect(key, specPlainText);
-        
-        decryptDirect(key, jweContent, specPlainText);
-    }
-    
-    @Test
-    public void testEncryptDecryptJwsToken() throws Exception {
-        if (SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        String jweContent = encryptContent(JwsCompactReaderWriterTest.ENCODED_TOKEN_SIGNED_BY_MAC, false);
-        decrypt(jweContent, JwsCompactReaderWriterTest.ENCODED_TOKEN_SIGNED_BY_MAC, false);
-    }
-    
-    private String encryptContent(String content, boolean createIfException) throws Exception {
-        RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED_A1, 
-                                                             RSA_PUBLIC_EXPONENT_ENCODED_A1);
-        SecretKey key = createSecretKey(createIfException);
-        String jwtKeyName = null;
-        if (key == null) {
-            // the encryptor will generate it
-            jwtKeyName = ContentAlgorithm.A128GCM.getJwaName();
-        } else {
-            jwtKeyName = AlgorithmUtils.toJwaName(key.getAlgorithm(), key.getEncoded().length * 8);
-        }
-        KeyEncryptionProvider keyEncryptionAlgo = new RSAKeyEncryptionAlgorithm(publicKey, 
-                                                                                 KeyAlgorithm.RSA_OAEP); 
-        ContentEncryptionProvider contentEncryptionAlgo = 
-            new AesGcmContentEncryptionAlgorithm(key == null ? null : key.getEncoded(), INIT_VECTOR_A1, 
-                ContentAlgorithm.getAlgorithm(jwtKeyName));
-        JweEncryptionProvider encryptor = new JweEncryption(keyEncryptionAlgo, contentEncryptionAlgo);
-        return encryptor.encrypt(content.getBytes("UTF-8"), null);
-    }
-    private String encryptContentDirect(SecretKey key, String content) throws Exception {
-        JweEncryption encryptor = new JweEncryption(new DirectKeyEncryptionAlgorithm(),
-            new AesGcmContentEncryptionAlgorithm(key, INIT_VECTOR_A1, ContentAlgorithm.A128GCM));
-        return encryptor.encrypt(content.getBytes("UTF-8"), null);
-    }
-    private void decrypt(String jweContent, String plainContent, boolean unwrap) throws Exception {
-        RSAPrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED_A1, 
-                                                                RSA_PRIVATE_EXPONENT_ENCODED_A1);
-        ContentAlgorithm algo = Cipher.getMaxAllowedKeyLength("AES") > 128 
-            ? ContentAlgorithm.A256GCM : ContentAlgorithm.A128GCM; 
-        JweDecryptionProvider decryptor = new JweDecryption(new RSAKeyDecryptionAlgorithm(privateKey),
-                                              new AesGcmContentDecryptionAlgorithm(algo));
-        String decryptedText = decryptor.decrypt(jweContent).getContentText();
-        assertEquals(decryptedText, plainContent);
-    }
-    private void decryptDirect(SecretKey key, String jweContent, String plainContent) throws Exception {
-        JweDecryption decryptor = new JweDecryption(new DirectKeyDecryptionAlgorithm(key), 
-                                               new AesGcmContentDecryptionAlgorithm(ContentAlgorithm.A128GCM));
-        String decryptedText = decryptor.decrypt(jweContent).getContentText();
-        assertEquals(decryptedText, plainContent);
-    }
-    private SecretKey createSecretKey(boolean createIfException) throws Exception {
-        SecretKey key = null;
-        if (Cipher.getMaxAllowedKeyLength("AES") > 128) { 
-            key = CryptoUtils.createSecretKeySpec(CONTENT_ENCRYPTION_KEY_A1, "AES");
-        } else if (createIfException) {
-            key = CryptoUtils.createSecretKeySpec(CryptoUtils.generateSecureRandomBytes(128 / 8), "AES");
-        }
-        return key;
-    }
-}
-

http://git-wip-us.apache.org/repos/asf/cxf/blob/5e40ea35/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java
deleted file mode 100644
index 580c886..0000000
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java
+++ /dev/null
@@ -1,184 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwe;
-
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
-import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
-import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class JweJsonConsumerTest extends Assert {
-
-    static final String SINGLE_RECIPIENT_ALL_HEADERS_AAD_MODIFIED_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJlbmMiOiJBMTI4R0NNIn0\","
-        + "\"unprotected\":{\"jku\":\"https://server.example.com/keys.jwks\"},"    
-        + "\"recipients\":" 
-        + "["
-        + "{"
-        + "\"header\":{\"alg\":\"A128KW\"},"
-        + "\"encrypted_key\":\"b3-M9_CRgT3wEBhhXlpb-BoY7vtA4W_N\""
-        + "}"
-        + "],"
-        + "\"aad\":\"" + Base64UrlUtility.encode(JweJsonProducerTest.EXTRA_AAD_SOURCE + ".") + "\","
-        + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
-        + "\"tag\":\"oVUQGS9608D-INq61-vOaA\""
-        + "}";
-    
-    private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
-    
-    private static boolean isJava6() {
-        String version = System.getProperty("java.version");
-        return 1.6D == Double.parseDouble(version.substring(0, 3));    
-    }
-
-
-    @BeforeClass
-    public static void registerBouncyCastleIfNeeded() throws Exception {
-        try {
-            Cipher.getInstance(AlgorithmUtils.AES_GCM_ALGO_JAVA);
-            Cipher.getInstance(AlgorithmUtils.AES_CBC_ALGO_JAVA);
-        } catch (Throwable t) {
-            Security.addProvider(new BouncyCastleProvider());    
-        }
-    }
-    @AfterClass
-    public static void unregisterBouncyCastleIfNeeded() throws Exception {
-        Security.removeProvider(BouncyCastleProvider.class.getName());    
-    }
-    
-    @Test
-    public void testSingleRecipientGcm() throws Exception {
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        doTestSingleRecipient(text, 
-                              JweJsonProducerTest.SINGLE_RECIPIENT_OUTPUT, 
-                              ContentAlgorithm.A128GCM, 
-                              JweJsonProducerTest.WRAPPER_BYTES1,
-                              null);
-    }
-    @Test
-    public void testSingleRecipientFlatGcm() throws Exception {
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        doTestSingleRecipient(text, 
-                              JweJsonProducerTest.SINGLE_RECIPIENT_FLAT_OUTPUT, 
-                              ContentAlgorithm.A128GCM, 
-                              JweJsonProducerTest.WRAPPER_BYTES1,
-                              null);
-    }
-    @Test
-    public void testSingleRecipientDirectGcm() throws Exception {
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        doTestSingleRecipient(text, 
-                              JweJsonProducerTest.SINGLE_RECIPIENT_DIRECT_OUTPUT, 
-                              ContentAlgorithm.A128GCM, 
-                              null, 
-                              JweJsonProducerTest.CEK_BYTES);
-    }
-    @Test
-    public void testSingleRecipientDirectA128CBCHS256() throws Exception {
-        String text = "Live long and prosper.";
-        doTestSingleRecipient(text, 
-                              JweJsonProducerTest.SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT, 
-                              ContentAlgorithm.A128CBC_HS256, 
-                              null,
-                              JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3);
-    }
-    @Test
-    public void testSingleRecipientA128CBCHS256() throws Exception {
-        String text = "Live long and prosper.";
-        doTestSingleRecipient(text, 
-                              JweJsonProducerTest.SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, 
-                              ContentAlgorithm.A128CBC_HS256, 
-                              Base64UrlUtility.decode(JweCompactReaderWriterTest.KEY_ENCRYPTION_KEY_A3),
-                              null);
-    }
-    @Test
-    public void testSingleRecipientAllTypeOfHeadersAndAad() {
-        if (SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        
-        SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(JweJsonProducerTest.WRAPPER_BYTES1, 
-                                                               "AES");
-        JweDecryptionProvider jwe = JweUtils.createJweDecryptionProvider(wrapperKey, 
-                                                                         KeyAlgorithm.A128KW, 
-                                                                         ContentAlgorithm.A128GCM);
-        JweJsonConsumer consumer = new JweJsonConsumer(JweJsonProducerTest.SINGLE_RECIPIENT_ALL_HEADERS_AAD_OUTPUT);
-        JweDecryptionOutput out = consumer.decryptWith(jwe);
-        assertEquals(text, out.getContentText());
-        assertEquals(JweJsonProducerTest.EXTRA_AAD_SOURCE, consumer.getAadText());
-    }
-    @Test
-    public void testSingleRecipientAllTypeOfHeadersAndAadModified() {
-        if (SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(JweJsonProducerTest.WRAPPER_BYTES1, 
-                                                               "AES");
-        JweDecryptionProvider jwe = JweUtils.createJweDecryptionProvider(wrapperKey, 
-                                                                         KeyAlgorithm.A128KW, 
-                                                                         ContentAlgorithm.A128GCM);
-        JweJsonConsumer consumer = new JweJsonConsumer(SINGLE_RECIPIENT_ALL_HEADERS_AAD_MODIFIED_OUTPUT);
-        try {
-            consumer.decryptWith(jwe);
-            fail("AAD check has passed unexpectedly");
-        } catch (SecurityException ex) {
-            // expected
-        }
-        
-    }
-    private void doTestSingleRecipient(String text,
-                                       String input, 
-                                       ContentAlgorithm contentEncryptionAlgo,
-                                       final byte[] wrapperKeyBytes,
-                                       final byte[] cek) throws Exception {
-        if (AlgorithmUtils.A128GCM_ALGO.equals(contentEncryptionAlgo.getJwaName()) && SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        JweDecryptionProvider jwe = null;
-        if (wrapperKeyBytes != null) {
-            SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(wrapperKeyBytes, "AES");
-            jwe = JweUtils.createJweDecryptionProvider(wrapperKey, 
-                                                       KeyAlgorithm.A128KW, 
-                                                       contentEncryptionAlgo);
-        } else {
-            SecretKey cekKey = CryptoUtils.createSecretKeySpec(cek, "AES");
-            jwe = JweUtils.getDirectKeyJweDecryption(cekKey, contentEncryptionAlgo);
-        }
-        JweJsonConsumer consumer = new JweJsonConsumer(input);
-        JweDecryptionOutput out = consumer.decryptWith(jwe);
-        assertEquals(text, out.getContentText());
-    }
-    
-}
-

http://git-wip-us.apache.org/repos/asf/cxf/blob/5e40ea35/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
deleted file mode 100644
index fda8879..0000000
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
+++ /dev/null
@@ -1,328 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwe;
-
-import java.security.Security;
-import java.util.LinkedList;
-import java.util.List;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
-import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
-import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class JweJsonProducerTest extends Assert {
-    static final byte[] WRAPPER_BYTES1 = {91, 96, 105, 38, 99, 108, 110, 8, -93, 50, -15, 62, 0, -115, 73, -39};
-    static final byte[] WRAPPER_BYTES2 = {-39, 96, 105, 38, 99, 108, 110, 8, -93, 50, -15, 62, 0, -115, 73, 91};
-    static final byte[] CEK_BYTES = {-43, 123, 77, 115, 40, 49, -4, -9, -48, -74, 62, 59, 60, 102, -22, -100};
-    static final String SINGLE_RECIPIENT_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0\","
-        + "\"recipients\":" 
-        + "["
-        + "{\"encrypted_key\":\"b3-M9_CRgT3wEBhhXlpb-BoY7vtA4W_N\"}"
-        + "],"
-        + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
-        + "\"tag\":\"GxWlwvTPmHi4ZnQgafiHew\""
-        + "}";
-    static final String SINGLE_RECIPIENT_FLAT_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0\","
-        + "\"encrypted_key\":\"b3-M9_CRgT3wEBhhXlpb-BoY7vtA4W_N\","
-        + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
-        + "\"tag\":\"GxWlwvTPmHi4ZnQgafiHew\""
-        + "}";
-    static final String SINGLE_RECIPIENT_DIRECT_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJlbmMiOiJBMTI4R0NNIn0\","
-        + "\"recipients\":" 
-        + "["
-        + "{}"
-        + "],"
-        + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
-        + "\"tag\":\"Te59ApbK8wNBDY_1_dgYSw\""
-        + "}";
-    static final String SINGLE_RECIPIENT_DIRECT_FLAT_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJlbmMiOiJBMTI4R0NNIn0\","
-        + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
-        + "\"tag\":\"Te59ApbK8wNBDY_1_dgYSw\""
-        + "}";
-    static final String SINGLE_RECIPIENT_ALL_HEADERS_AAD_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJlbmMiOiJBMTI4R0NNIn0\","
-        + "\"unprotected\":{\"jku\":\"https://server.example.com/keys.jwks\"},"    
-        + "\"recipients\":" 
-        + "["
-        + "{"
-        + "\"header\":{\"alg\":\"A128KW\"},"
-        + "\"encrypted_key\":\"b3-M9_CRgT3wEBhhXlpb-BoY7vtA4W_N\""
-        + "}"
-        + "],"
-        + "\"aad\":\"" + Base64UrlUtility.encode(JweJsonProducerTest.EXTRA_AAD_SOURCE) + "\","
-        + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
-        + "\"tag\":\"oVUQGS9608D-INq61-vOaA\""
-        + "}";
-    static final String MULTIPLE_RECIPIENTS_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJlbmMiOiJBMTI4R0NNIn0\","
-        + "\"unprotected\":{\"jku\":\"https://server.example.com/keys.jwks\",\"alg\":\"A128KW\"},"    
-        + "\"recipients\":" 
-        + "["
-        + "{"
-        + "\"encrypted_key\":\"b3-M9_CRgT3wEBhhXlpb-BoY7vtA4W_N\""
-        + "},"
-        + "{"
-        + "\"encrypted_key\":\"6a_nnEYO45qB_Vp6N2QbFQ7Cv1uecbiE\""
-        + "}"
-        + "],"
-        + "\"aad\":\"WyJ2Y2FyZCIsW1sidmVyc2lvbiIse30sInRleHQiLCI0LjAiXSxbImZuIix7fSwidGV4dCIsIk1lcmlhZG9jIEJyYW5keWJ1Y"
-                    + "2siXSxbIm4iLHt9LCJ0ZXh0IixbIkJyYW5keWJ1Y2siLCJNZXJpYWRvYyIsIk1yLiIsIiJdXSxbImJkYXkiLHt9LCJ0ZXh0"
-                    + "IiwiVEEgMjk4MiJdLFsiZ2VuZGVyIix7fSwidGV4dCIsIk0iXV1d\","
-        + "\"iv\":\"48V1_ALb6US04U3b\","
-        + "\"ciphertext\":\"KTuJBMk9QG59xPB-c_YLM5-J7VG40_eMPvyHDD7eB-WHj_34YiWgpBOydTBm4RW0zUCJZ09xqorhWJME-DcQ\","
-        + "\"tag\":\"oVUQGS9608D-INq61-vOaA\""
-        + "}";
-    static final String EXTRA_AAD_SOURCE = 
-        "[\"vcard\",["
-        + "[\"version\",{},\"text\",\"4.0\"],"
-        + "[\"fn\",{},\"text\",\"Meriadoc Brandybuck\"],"
-        + "[\"n\",{},\"text\",[\"Brandybuck\",\"Meriadoc\",\"Mr.\",\"\"]],"
-        + "[\"bday\",{},\"text\",\"TA 2982\"],"
-        + "[\"gender\",{},\"text\",\"M\"]"
-        + "]]";
-    static final String SINGLE_RECIPIENT_A128CBCHS256_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0\","
-        + "\"recipients\":" 
-        + "["
-        + "{\"encrypted_key\":\"6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ\"}"
-        + "],"
-        + "\"iv\":\"AxY8DCtDaGlsbGljb3RoZQ\","
-        + "\"ciphertext\":\"KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY\","
-        + "\"tag\":\"U0m_YmjN04DJvceFICbCVQ\""
-        + "}";
-    static final String SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT = 
-        "{" 
-        + "\"protected\":\"eyJlbmMiOiJBMTI4Q0JDLUhTMjU2In0\","
-        + "\"recipients\":" 
-        + "["
-        + "{}"
-        + "],"
-        + "\"iv\":\"AxY8DCtDaGlsbGljb3RoZQ\","
-        + "\"ciphertext\":\"KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY\","
-        + "\"tag\":\"Mz-VPPyU4RlcuYv1IwIvzw\""
-        + "}";
-
-    private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
-    
-    private static boolean isJava6() {
-        String version = System.getProperty("java.version");
-        return 1.6D == Double.parseDouble(version.substring(0, 3));    
-    }
-
-
-    @BeforeClass
-    public static void registerBouncyCastleIfNeeded() throws Exception {
-        try {
-            Cipher.getInstance(AlgorithmUtils.AES_GCM_ALGO_JAVA);
-            Cipher.getInstance(AlgorithmUtils.AES_CBC_ALGO_JAVA);
-        } catch (Throwable t) {
-            Security.addProvider(new BouncyCastleProvider());    
-        }
-    }
-    @AfterClass
-    public static void unregisterBouncyCastleIfNeeded() throws Exception {
-        Security.removeProvider(BouncyCastleProvider.class.getName());    
-    }
-    
-    @Test
-    public void testSingleRecipientGcm() throws Exception {
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        doTestSingleRecipient(text, SINGLE_RECIPIENT_OUTPUT, ContentAlgorithm.A128GCM, 
-                              WRAPPER_BYTES1, JweCompactReaderWriterTest.INIT_VECTOR_A1, 
-                              CEK_BYTES, false);
-    }
-    @Test
-    public void testSingleRecipientDirectGcm() throws Exception {
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_OUTPUT, ContentAlgorithm.A128GCM, 
-                              null, JweCompactReaderWriterTest.INIT_VECTOR_A1, 
-                              CEK_BYTES, false);
-    }
-    @Test
-    public void testSingleRecipientDirectFlatGcm() throws Exception {
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_FLAT_OUTPUT, ContentAlgorithm.A128GCM, 
-                              null, JweCompactReaderWriterTest.INIT_VECTOR_A1, 
-                              CEK_BYTES, true);
-    }
-    @Test
-    public void testSingleRecipientFlatGcm() throws Exception {
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        doTestSingleRecipient(text, SINGLE_RECIPIENT_FLAT_OUTPUT, ContentAlgorithm.A128GCM, 
-                              WRAPPER_BYTES1, JweCompactReaderWriterTest.INIT_VECTOR_A1, 
-                              CEK_BYTES, true);
-    }
-    @Test
-    public void testSingleRecipientA128CBCHS256() throws Exception {
-        String text = "Live long and prosper.";
-        doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, ContentAlgorithm.A128CBC_HS256, 
-                              Base64UrlUtility.decode(JweCompactReaderWriterTest.KEY_ENCRYPTION_KEY_A3),
-                              JweCompactReaderWriterTest.INIT_VECTOR_A3,
-                              JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3,
-                              false);
-    }
-    @Test
-    public void testSingleRecipientDirectA128CBCHS256() throws Exception {
-        String text = "Live long and prosper.";
-        doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT, ContentAlgorithm.A128CBC_HS256, 
-                              null,
-                              JweCompactReaderWriterTest.INIT_VECTOR_A3,
-                              JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3,
-                              false);
-    }
-    
-    private String doTestSingleRecipient(String text,
-                                         String expectedOutput, 
-                                         ContentAlgorithm contentEncryptionAlgo,
-                                         final byte[] wrapperKeyBytes,
-                                         final byte[] iv,
-                                         final byte[] cek,
-                                         boolean canBeFlat) throws Exception {
-        if (contentEncryptionAlgo.equals(ContentAlgorithm.A128GCM) && SKIP_AES_GCM_TESTS) {
-            return null;
-        }
-        JweHeaders headers = new JweHeaders(KeyAlgorithm.A128KW,
-                                            contentEncryptionAlgo);
-        JweEncryptionProvider jwe = null;
-        if (wrapperKeyBytes == null) {
-            headers.asMap().remove("alg");
-            SecretKey cekKey = CryptoUtils.createSecretKeySpec(cek, "AES");
-            jwe = JweUtils.getDirectKeyJweEncryption(cekKey, contentEncryptionAlgo);
-        } else {
-            SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(wrapperKeyBytes, "AES");
-            jwe = JweUtils.createJweEncryptionProvider(wrapperKey, headers);
-        }
-        JweJsonProducer p = new JweJsonProducer(headers, StringUtils.toBytesUTF8(text), canBeFlat) {
-            protected JweEncryptionInput createEncryptionInput(JweHeaders jsonHeaders) {
-                JweEncryptionInput input = super.createEncryptionInput(jsonHeaders);
-                input.setCek(cek);
-                input.setIv(iv);
-                return input;
-            }    
-        };
-        String jweJson = p.encryptWith(jwe);
-        assertEquals(expectedOutput, jweJson);
-        return jweJson;
-    }
-    @Test
-    public void testSingleRecipientAllTypeOfHeadersAndAad() {
-        if (SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES1, "AES");
-        
-        JweHeaders protectedHeaders = new JweHeaders(ContentAlgorithm.A128GCM);
-        JweHeaders sharedUnprotectedHeaders = new JweHeaders();
-        sharedUnprotectedHeaders.setJsonWebKeysUrl("https://server.example.com/keys.jwks");
-        
-        JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(wrapperKey, 
-                                                                         KeyAlgorithm.A128KW,
-                                                                         ContentAlgorithm.A128GCM,
-                                                                         null);
-        JweJsonProducer p = new JweJsonProducer(protectedHeaders,
-                                                sharedUnprotectedHeaders,
-                                                StringUtils.toBytesUTF8(text),
-                                                StringUtils.toBytesUTF8(EXTRA_AAD_SOURCE),
-                                                false) {
-            protected JweEncryptionInput createEncryptionInput(JweHeaders jsonHeaders) {
-                JweEncryptionInput input = super.createEncryptionInput(jsonHeaders);
-                input.setCek(CEK_BYTES);
-                input.setIv(JweCompactReaderWriterTest.INIT_VECTOR_A1);
-                return input;
-            }
-        };
-        JweHeaders recepientUnprotectedHeaders = new JweHeaders();
-        recepientUnprotectedHeaders.setKeyEncryptionAlgorithm(KeyAlgorithm.A128KW);
-        String jweJson = p.encryptWith(jwe, recepientUnprotectedHeaders);
-        assertEquals(SINGLE_RECIPIENT_ALL_HEADERS_AAD_OUTPUT, jweJson);
-    }
-    @Test
-    public void testMultipleRecipients() {
-        if (SKIP_AES_GCM_TESTS) {
-            return;
-        }
-        final String text = "The true sign of intelligence is not knowledge but imagination.";
-        SecretKey wrapperKey1 = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES1, "AES");
-        SecretKey wrapperKey2 = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES2, "AES");
-        
-        JweHeaders protectedHeaders = new JweHeaders(ContentAlgorithm.A128GCM);
-        JweHeaders sharedUnprotectedHeaders = new JweHeaders();
-        sharedUnprotectedHeaders.setJsonWebKeysUrl("https://server.example.com/keys.jwks");
-        sharedUnprotectedHeaders.setKeyEncryptionAlgorithm(KeyAlgorithm.A128KW);
-        
-        List<JweEncryptionProvider> jweList = new LinkedList<JweEncryptionProvider>();
-        
-        KeyEncryptionProvider keyEncryption1 = 
-            JweUtils.getSecretKeyEncryptionAlgorithm(wrapperKey1, KeyAlgorithm.A128KW);
-        ContentEncryptionProvider contentEncryption = 
-            JweUtils.getContentEncryptionAlgorithm(AlgorithmUtils.A128GCM_ALGO);
-        JweEncryptionProvider jwe1 = new JweEncryption(keyEncryption1, contentEncryption);
-        KeyEncryptionProvider keyEncryption2 = 
-            JweUtils.getSecretKeyEncryptionAlgorithm(wrapperKey2, KeyAlgorithm.A128KW);
-        JweEncryptionProvider jwe2 = new JweEncryption(keyEncryption2, contentEncryption);
-        jweList.add(jwe1);
-        jweList.add(jwe2);
-        
-        JweJsonProducer p = new JweJsonProducer(protectedHeaders,
-                                                sharedUnprotectedHeaders,
-                                                StringUtils.toBytesUTF8(text),
-                                                StringUtils.toBytesUTF8(EXTRA_AAD_SOURCE),
-                                                false) {
-            protected JweEncryptionInput createEncryptionInput(JweHeaders jsonHeaders) {
-                JweEncryptionInput input = super.createEncryptionInput(jsonHeaders);
-                input.setCek(CEK_BYTES);
-                input.setIv(JweCompactReaderWriterTest.INIT_VECTOR_A1);
-                return input;
-            }
-        };
-        
-        String jweJson = p.encryptWith(jweList);
-        assertEquals(MULTIPLE_RECIPIENTS_OUTPUT, jweJson);
-    }
-}
-


Mime
View raw message