cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-6641] Making sure EcdhAesWrapKeyEncryptionAlgorithm can get ContentAlgorithm property configurable when loaded by JWE writers
Date Wed, 28 Oct 2015 12:03:31 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 6424b876c -> 5df9846b8


[CXF-6641] Making sure EcdhAesWrapKeyEncryptionAlgorithm can get ContentAlgorithm property
configurable when loaded by JWE writers


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5df9846b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5df9846b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5df9846b

Branch: refs/heads/3.0.x-fixes
Commit: 5df9846b8f648b0c1984d3bd56e0149c953b4430
Parents: 6424b87
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Oct 28 12:01:07 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Oct 28 12:03:13 2015 +0000

----------------------------------------------------------------------
 .../cxf/rs/security/jose/jwe/JweUtils.java       | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/5df9846b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index e936359..211c076 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -137,9 +137,15 @@ public final class JweUtils {
             keyEncryptionProvider = getSecretKeyEncryptionAlgorithm(JwkUtils.toSecretKey(jwk),

                                                                     keyAlgo);
         } else {
+            ContentAlgorithm ctAlgo = null;
+            Message m = PhaseInterceptorChain.getCurrentMessage();
+            if (m != null) {
+                ctAlgo = getContentAlgo((String)m.get(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM));
+            }
             keyEncryptionProvider = new EcdhAesWrapKeyEncryptionAlgorithm(JwkUtils.toECPublicKey(jwk),
                                         jwk.getStringProperty(JsonWebKey.EC_CURVE),
-                                        keyAlgo);
+                                        keyAlgo,
+                                        ctAlgo == null ? ContentAlgorithm.A128GCM : ctAlgo);
         }
         return keyEncryptionProvider;
     }
@@ -147,7 +153,15 @@ public final class JweUtils {
         if (key instanceof RSAPublicKey) {
             return new RSAKeyEncryptionAlgorithm((RSAPublicKey)key, algo);
         } else if (key instanceof ECPublicKey) {
-            return new EcdhAesWrapKeyEncryptionAlgorithm((ECPublicKey)key, algo);
+            ContentAlgorithm ctAlgo = null;
+            Message m = PhaseInterceptorChain.getCurrentMessage();
+            if (m != null) {
+                ctAlgo = getContentAlgo((String)m.get(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM));
+            }
+            return new EcdhAesWrapKeyEncryptionAlgorithm((ECPublicKey)key, 
+                                                         JsonWebKey.EC_CURVE_P256, 
+                                                         algo, 
+                                                         ctAlgo == null ? ContentAlgorithm.A128GCM
: ctAlgo);
         }
         
         return null;
@@ -291,6 +305,7 @@ public final class JweUtils {
         String keyEncryptionAlgo = getKeyEncryptionAlgo(m, props, null, null);
         KeyAlgorithm keyAlgo = KeyAlgorithm.getAlgorithm(keyEncryptionAlgo); 
         String contentEncryptionAlgo = getContentEncryptionAlgo(m, props, null);
+        m.put(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM, contentEncryptionAlgo);
         ContentEncryptionProvider ctEncryptionProvider = null;
         if (JoseConstants.HEADER_JSON_WEB_KEY.equals(props.get(JoseConstants.RSSEC_KEY_STORE_TYPE)))
{
             JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.ENCRYPT);


Mime
View raw message