cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-7420] Aligning JweCompactProducer with other JOSE helpers
Date Wed, 21 Jun 2017 14:51:35 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 662e4b1ee -> b31b0a77b


[CXF-7420] Aligning JweCompactProducer with other JOSE helpers


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b31b0a77
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b31b0a77
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b31b0a77

Branch: refs/heads/3.1.x-fixes
Commit: b31b0a77bf45e36c9ff56c500df4c0db844114a0
Parents: 662e4b1
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Jun 21 15:44:40 2017 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Jun 21 15:51:18 2017 +0100

----------------------------------------------------------------------
 .../jose/jaxrs/JweWriterInterceptor.java        |   8 +-
 .../jose/jwe/AbstractJweEncryption.java         |   2 +-
 .../security/jose/jwe/JweCompactProducer.java   | 121 ++++-------------
 .../jose/jwe/JweCompactProducerBuilder.java     | 129 +++++++++++++++++++
 .../jose/jwe/JweJwtCompactProducer.java         |  29 +----
 5 files changed, 159 insertions(+), 130 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/b31b0a77/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
index beb12f1..5f34768 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
@@ -38,7 +38,7 @@ import org.apache.cxf.io.CachedOutputStream;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.common.JoseConstants;
 import org.apache.cxf.rs.security.jose.common.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwe.JweCompactProducer;
+import org.apache.cxf.rs.security.jose.jwe.JweCompactProducerBuilder;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionInput;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionOutput;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
@@ -83,9 +83,9 @@ public class JweWriterInterceptor implements WriterInterceptor {
                 theEncryptionProvider.getEncryptionOutput(new JweEncryptionInput(jweHeaders));
             JoseUtils.traceHeaders(encryption.getHeaders());
             try {
-                JweCompactProducer.startJweContent(actualOs,
-                                                   encryption.getHeaders(), 
-                                                   encryption.getContentEncryptionKey(),

+                JweCompactProducerBuilder.startJweContent(actualOs,
+                                                   encryption.getHeaders(),
+                                                   encryption.getContentEncryptionKey(),
                                                    encryption.getIv());
             } catch (IOException ex) {
                 LOG.warning("JWE encryption error");

http://git-wip-us.apache.org/repos/asf/cxf/blob/b31b0a77/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
index 1660671..4435fb9 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
@@ -76,7 +76,7 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider
{
         byte[] encryptedContent = encryptInternal(state, content);
         byte[] cipher = getActualCipher(encryptedContent);
         byte[] authTag = getAuthenticationTag(state, encryptedContent);
-        JweCompactProducer producer = new JweCompactProducer(state.protectedHeadersJson,

+        JweCompactProducerBuilder producer = new JweCompactProducerBuilder(state.protectedHeadersJson,
                                                              state.jweContentEncryptionKey,
                                                              state.theIv,
                                                              cipher,

http://git-wip-us.apache.org/repos/asf/cxf/blob/b31b0a77/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
index b7d8e2c..c2aed7f 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
@@ -16,114 +16,39 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-
 package org.apache.cxf.rs.security.jose.jwe;
+import java.security.PublicKey;
 
-import java.io.IOException;
-import java.io.OutputStream;
+import javax.crypto.SecretKey;
 
-import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
+import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 
 
-public class JweCompactProducer {
-    private StringBuilder jweContentBuilder;
-    private String encodedEncryptedContent;
-    private String encodedAuthTag;
-    public JweCompactProducer(JweHeaders headers,
-                       byte[] encryptedContentEncryptionKey,
-                       byte[] cipherInitVector,
-                       byte[] encryptedContentNoTag,
-                       byte[] authenticationTag) {    
-        this(getHeadersJson(headers), encryptedContentEncryptionKey, 
-             cipherInitVector, encryptedContentNoTag, authenticationTag);
-    }
-    
-    public JweCompactProducer(String headersJson,
-                              byte[] encryptedContentEncryptionKey,
-                              byte[] cipherInitVector,
-                              byte[] encryptedContentNoTag,
-                              byte[] authenticationTag) {
-        jweContentBuilder = startJweContent(new StringBuilder(), headersJson, 
-                                  encryptedContentEncryptionKey, cipherInitVector);
-        this.encodedEncryptedContent = Base64UrlUtility.encode(encryptedContentNoTag);
-        this.encodedAuthTag = Base64UrlUtility.encode(authenticationTag);
-       
-    }
-    
-    public JweCompactProducer(JweHeaders headers,
-                       byte[] encryptedContentEncryptionKey,
-                       byte[] cipherInitVector,
-                       byte[] encryptedContentWithTag,
-                       int authTagLengthBits) {    
-        jweContentBuilder = startJweContent(new StringBuilder(), headers, 
-                                   encryptedContentEncryptionKey, cipherInitVector);
-        this.encodedEncryptedContent = Base64UrlUtility.encodeChunk(
-            encryptedContentWithTag, 
-            0, 
-            encryptedContentWithTag.length - authTagLengthBits / 8);
-        this.encodedAuthTag = Base64UrlUtility.encodeChunk(
-            encryptedContentWithTag, 
-            encryptedContentWithTag.length - authTagLengthBits / 8, 
-            authTagLengthBits / 8);
-        
+public class JweCompactProducer  {
+    private JweHeaders headers;
+    private String data;
+    public JweCompactProducer(String data) {
+        this(new JweHeaders(), data);
     }
-    public static String startJweContent(JweHeaders headers,
-                                                byte[] encryptedContentEncryptionKey,
-                                                byte[] cipherInitVector) {
-        return startJweContent(new StringBuilder(), 
-                               headers, encryptedContentEncryptionKey, cipherInitVector).toString();
      
+    public JweCompactProducer(JweHeaders joseHeaders, String data) {
+        this.headers = joseHeaders;
+        this.data = data;
     }
-    public static StringBuilder startJweContent(StringBuilder sb,
-                                        JweHeaders headers,
-                                        byte[] encryptedContentEncryptionKey,
-                                        byte[] cipherInitVector) {
-        return startJweContent(sb, 
-                               getHeadersJson(headers), 
-                               encryptedContentEncryptionKey, 
-                               cipherInitVector);
-    }
-    private static String getHeadersJson(JweHeaders headers) {
-        return new JsonMapObjectReaderWriter().toJson(headers);
-        
+
+    public String encryptWith(JsonWebKey key) {
+        JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(key, headers);
+        return encryptWith(jwe);
     }
-    public static StringBuilder startJweContent(StringBuilder sb,
-                                                String headersJson,
-                                                byte[] encryptedContentEncryptionKey,
-                                                byte[] cipherInitVector) {
-        String encodedHeaders = Base64UrlUtility.encode(headersJson);
-        String encodedContentEncryptionKey = Base64UrlUtility.encode(encryptedContentEncryptionKey);
-        String encodedInitVector = Base64UrlUtility.encode(cipherInitVector);
-        sb.append(encodedHeaders)
-            .append('.')
-            .append(encodedContentEncryptionKey == null ? "" : encodedContentEncryptionKey)
-            .append('.')
-            .append(encodedInitVector == null ? "" : encodedInitVector)
-            .append('.');
-        return sb;
+    public String encryptWith(PublicKey key) {
+        JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(key, headers);
+        return encryptWith(jwe);
     }
-    
-    public static void startJweContent(OutputStream os,
-                                       JweHeaders headers,
-                                       byte[] encryptedContentEncryptionKey,
-                                       byte[] cipherInitVector) throws IOException {
-        byte[] jsonBytes = StringUtils.toBytesUTF8(getHeadersJson(headers));
-        Base64UrlUtility.encodeAndStream(jsonBytes, 0, jsonBytes.length, os);
-        byte[] dotBytes = new byte[]{'.'};
-        os.write(dotBytes);
-        Base64UrlUtility.encodeAndStream(encryptedContentEncryptionKey, 0, 
-                                         encryptedContentEncryptionKey.length, os);
-        os.write(dotBytes);
-        Base64UrlUtility.encodeAndStream(cipherInitVector, 0, cipherInitVector.length, os);
-        os.write(dotBytes);        
-        os.flush();
+    public String encryptWith(SecretKey key) {
+        JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(key, headers);
+        return encryptWith(jwe);
     }
-    
-    public String getJweContent() {
-        return jweContentBuilder.append(encodedEncryptedContent)
-                 .append('.')
-                 .append(encodedAuthTag)
-                 .toString();
+    public String encryptWith(JweEncryptionProvider jwe) {
+        return jwe.encrypt(StringUtils.toBytesUTF8(data), headers);
     }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/b31b0a77/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducerBuilder.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducerBuilder.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducerBuilder.java
new file mode 100644
index 0000000..93f15bf
--- /dev/null
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducerBuilder.java
@@ -0,0 +1,129 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.jose.jwe;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+import org.apache.cxf.common.util.Base64UrlUtility;
+import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
+
+
+public class JweCompactProducerBuilder {
+    private StringBuilder jweContentBuilder;
+    private String encodedEncryptedContent;
+    private String encodedAuthTag;
+    public JweCompactProducerBuilder(JweHeaders headers,
+                       byte[] encryptedContentEncryptionKey,
+                       byte[] cipherInitVector,
+                       byte[] encryptedContentNoTag,
+                       byte[] authenticationTag) {
+        this(getHeadersJson(headers), encryptedContentEncryptionKey,
+             cipherInitVector, encryptedContentNoTag, authenticationTag);
+    }
+
+    public JweCompactProducerBuilder(String headersJson,
+                              byte[] encryptedContentEncryptionKey,
+                              byte[] cipherInitVector,
+                              byte[] encryptedContentNoTag,
+                              byte[] authenticationTag) {
+        jweContentBuilder = startJweContent(new StringBuilder(), headersJson,
+                                  encryptedContentEncryptionKey, cipherInitVector);
+        this.encodedEncryptedContent = Base64UrlUtility.encode(encryptedContentNoTag);
+        this.encodedAuthTag = Base64UrlUtility.encode(authenticationTag);
+
+    }
+
+    public JweCompactProducerBuilder(JweHeaders headers,
+                       byte[] encryptedContentEncryptionKey,
+                       byte[] cipherInitVector,
+                       byte[] encryptedContentWithTag,
+                       int authTagLengthBits) {
+        jweContentBuilder = startJweContent(new StringBuilder(), headers,
+                                   encryptedContentEncryptionKey, cipherInitVector);
+        this.encodedEncryptedContent = Base64UrlUtility.encodeChunk(
+            encryptedContentWithTag,
+            0,
+            encryptedContentWithTag.length - authTagLengthBits / 8);
+        this.encodedAuthTag = Base64UrlUtility.encodeChunk(
+            encryptedContentWithTag,
+            encryptedContentWithTag.length - authTagLengthBits / 8,
+            authTagLengthBits / 8);
+
+    }
+    public static String startJweContent(JweHeaders headers,
+                                                byte[] encryptedContentEncryptionKey,
+                                                byte[] cipherInitVector) {
+        return startJweContent(new StringBuilder(),
+                               headers, encryptedContentEncryptionKey, cipherInitVector).toString();
+    }
+    public static StringBuilder startJweContent(StringBuilder sb,
+                                        JweHeaders headers,
+                                        byte[] encryptedContentEncryptionKey,
+                                        byte[] cipherInitVector) {
+        return startJweContent(sb,
+                               getHeadersJson(headers),
+                               encryptedContentEncryptionKey,
+                               cipherInitVector);
+    }
+    private static String getHeadersJson(JweHeaders headers) {
+        return new JsonMapObjectReaderWriter().toJson(headers);
+
+    }
+    public static StringBuilder startJweContent(StringBuilder sb,
+                                                String headersJson,
+                                                byte[] encryptedContentEncryptionKey,
+                                                byte[] cipherInitVector) {
+        String encodedHeaders = Base64UrlUtility.encode(headersJson);
+        String encodedContentEncryptionKey = Base64UrlUtility.encode(encryptedContentEncryptionKey);
+        String encodedInitVector = Base64UrlUtility.encode(cipherInitVector);
+        sb.append(encodedHeaders)
+            .append('.')
+            .append(encodedContentEncryptionKey == null ? "" : encodedContentEncryptionKey)
+            .append('.')
+            .append(encodedInitVector == null ? "" : encodedInitVector)
+            .append('.');
+        return sb;
+    }
+
+    public static void startJweContent(OutputStream os,
+                                       JweHeaders headers,
+                                       byte[] encryptedContentEncryptionKey,
+                                       byte[] cipherInitVector) throws IOException {
+        byte[] jsonBytes = StringUtils.toBytesUTF8(getHeadersJson(headers));
+        Base64UrlUtility.encodeAndStream(jsonBytes, 0, jsonBytes.length, os);
+        byte[] dotBytes = new byte[]{'.'};
+        os.write(dotBytes);
+        Base64UrlUtility.encodeAndStream(encryptedContentEncryptionKey, 0,
+                                         encryptedContentEncryptionKey.length, os);
+        os.write(dotBytes);
+        Base64UrlUtility.encodeAndStream(cipherInitVector, 0, cipherInitVector.length, os);
+        os.write(dotBytes);
+        os.flush();
+    }
+
+    public String getJweContent() {
+        return jweContentBuilder.append(encodedEncryptedContent)
+                 .append('.')
+                 .append(encodedAuthTag)
+                 .toString();
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/b31b0a77/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
index d35cd0a..3020d8e 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
@@ -17,20 +17,12 @@
  * under the License.
  */
 package org.apache.cxf.rs.security.jose.jwe;
-import java.security.PublicKey;
-
-import javax.crypto.SecretKey;
-
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
 
 
-public class JweJwtCompactProducer  {
-    private JweHeaders headers;
-    private String claimsJson;
+public class JweJwtCompactProducer extends JweCompactProducer {
     public JweJwtCompactProducer(JwtToken token) {
         this(new JweHeaders(token.getJweHeaders()), token.getClaims());
     }
@@ -38,23 +30,6 @@ public class JweJwtCompactProducer  {
         this(new JweHeaders(), claims);
     }
     public JweJwtCompactProducer(JweHeaders joseHeaders, JwtClaims claims) {
-        headers = joseHeaders;
-        claimsJson = JwtUtils.claimsToJson(claims);
-    }
-    
-    public String encryptWith(JsonWebKey key) {
-        JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(key, headers);
-        return encryptWith(jwe);
-    }
-    public String encryptWith(PublicKey key) {
-        JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(key, headers);
-        return encryptWith(jwe);
-    }
-    public String encryptWith(SecretKey key) {
-        JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(key, headers);
-        return encryptWith(jwe);
-    }
-    public String encryptWith(JweEncryptionProvider jwe) {
-        return jwe.encrypt(StringUtils.toBytesUTF8(claimsJson), headers);
+        super(joseHeaders, JwtUtils.claimsToJson(claims));
     }
 }


Mime
View raw message