Repository: cxf Updated Branches: refs/heads/master 25d02a2a0 -> 7272ebcaa
Minor update to JWE headers Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7272ebca Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7272ebca Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7272ebca Branch: refs/heads/master Commit: 7272ebcaa16544c779cd1ff2725b5b8efdea7b02 Parents: 25d02a2 Author: Sergey Beryozkin <sberyoz...@talend.com> Authored: Thu Jun 18 17:30:26 2015 +0100 Committer: Sergey Beryozkin <sberyoz...@talend.com> Committed: Thu Jun 18 17:30:26 2015 +0100 ---------------------------------------------------------------------- .../cxf/rs/security/jose/jwe/JweHeaders.java | 14 ++++++------ .../cxf/rs/security/jose/jws/JwsHeaders.java | 6 ++--- .../security/jose/jwe/JweJsonProducerTest.java | 24 +++++++++++--------- 3 files changed, 23 insertions(+), 21 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/7272ebca/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java index 4b98cb7..cda481b 100644 --- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java +++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java @@ -44,23 +44,23 @@ public class JweHeaders extends JoseHeaders { public JweHeaders(Map<String, Object> values) { super(values); } - public JweHeaders(String keyEncAlgo, String ctEncAlgo) { + public JweHeaders(KeyAlgorithm keyEncAlgo, ContentAlgorithm ctEncAlgo) { this(keyEncAlgo, ctEncAlgo, false); } - public JweHeaders(String ctEncAlgo) { + public JweHeaders(ContentAlgorithm ctEncAlgo) { this(null, ctEncAlgo, false); } - public JweHeaders(String ctEncAlgo, boolean deflate) { + public JweHeaders(ContentAlgorithm ctEncAlgo, boolean deflate) { this(null, ctEncAlgo, deflate); } - public JweHeaders(String keyEncAlgo, String ctEncAlgo, boolean deflate) { + public JweHeaders(KeyAlgorithm keyEncAlgo, ContentAlgorithm ctEncAlgo, boolean deflate) { init(keyEncAlgo, ctEncAlgo, deflate); } - private void init(String keyEncAlgo, String ctEncAlgo, boolean deflate) { + private void init(KeyAlgorithm keyEncAlgo, ContentAlgorithm ctEncAlgo, boolean deflate) { if (keyEncAlgo != null) { - setKeyEncryptionAlgorithm(KeyAlgorithm.getAlgorithm(keyEncAlgo)); + setKeyEncryptionAlgorithm(keyEncAlgo); } - setContentEncryptionAlgorithm(ContentAlgorithm.getAlgorithm(ctEncAlgo)); + setContentEncryptionAlgorithm(ctEncAlgo); if (deflate) { setZipAlgorithm(JoseConstants.DEFLATE_ZIP_ALGORITHM); } http://git-wip-us.apache.org/repos/asf/cxf/blob/7272ebca/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java index d0f34a3..6e19eaf 100644 --- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java +++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java @@ -34,11 +34,11 @@ public class JwsHeaders extends JoseHeaders { public JwsHeaders(Map<String, Object> values) { super(values); } - public JwsHeaders(String sigAlgo) { + public JwsHeaders(SignatureAlgorithm sigAlgo) { init(sigAlgo); } - private void init(String sigAlgo) { - setAlgorithm(sigAlgo); + private void init(SignatureAlgorithm sigAlgo) { + setSignatureAlgorithm(sigAlgo); } public void setSignatureAlgorithm(SignatureAlgorithm algo) { http://git-wip-us.apache.org/repos/asf/cxf/blob/7272ebca/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java index ba51999..ed18b96 100644 --- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java +++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java @@ -28,9 +28,11 @@ import javax.crypto.SecretKey; import org.apache.cxf.common.util.Base64UrlUtility; import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm; import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm; import org.apache.cxf.rt.security.crypto.CryptoUtils; import org.bouncycastle.jce.provider.BouncyCastleProvider; + import org.junit.AfterClass; import org.junit.Assert; import org.junit.BeforeClass; @@ -160,35 +162,35 @@ public class JweJsonProducerTest extends Assert { @Test public void testSingleRecipientGcm() throws Exception { final String text = "The true sign of intelligence is not knowledge but imagination."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_OUTPUT, AlgorithmUtils.A128GCM_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_OUTPUT, ContentAlgorithm.A128GCM, WRAPPER_BYTES1, JweCompactReaderWriterTest.INIT_VECTOR_A1, CEK_BYTES, false); } @Test public void testSingleRecipientDirectGcm() throws Exception { final String text = "The true sign of intelligence is not knowledge but imagination."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_OUTPUT, AlgorithmUtils.A128GCM_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_OUTPUT, ContentAlgorithm.A128GCM, null, JweCompactReaderWriterTest.INIT_VECTOR_A1, CEK_BYTES, false); } @Test public void testSingleRecipientDirectFlatGcm() throws Exception { final String text = "The true sign of intelligence is not knowledge but imagination."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_FLAT_OUTPUT, AlgorithmUtils.A128GCM_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_FLAT_OUTPUT, ContentAlgorithm.A128GCM, null, JweCompactReaderWriterTest.INIT_VECTOR_A1, CEK_BYTES, true); } @Test public void testSingleRecipientFlatGcm() throws Exception { final String text = "The true sign of intelligence is not knowledge but imagination."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_FLAT_OUTPUT, AlgorithmUtils.A128GCM_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_FLAT_OUTPUT, ContentAlgorithm.A128GCM, WRAPPER_BYTES1, JweCompactReaderWriterTest.INIT_VECTOR_A1, CEK_BYTES, true); } @Test public void testSingleRecipientA128CBCHS256() throws Exception { String text = "Live long and prosper."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, AlgorithmUtils.A128CBC_HS256_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, ContentAlgorithm.A128CBC_HS256, Base64UrlUtility.decode(JweCompactReaderWriterTest.KEY_ENCRYPTION_KEY_A3), JweCompactReaderWriterTest.INIT_VECTOR_A3, JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3, @@ -197,7 +199,7 @@ public class JweJsonProducerTest extends Assert { @Test public void testSingleRecipientDirectA128CBCHS256() throws Exception { String text = "Live long and prosper."; - doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT, AlgorithmUtils.A128CBC_HS256_ALGO, + doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT, ContentAlgorithm.A128CBC_HS256, null, JweCompactReaderWriterTest.INIT_VECTOR_A3, JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3, @@ -206,18 +208,18 @@ public class JweJsonProducerTest extends Assert { private String doTestSingleRecipient(String text, String expectedOutput, - String contentEncryptionAlgo, + ContentAlgorithm contentEncryptionAlgo, final byte[] wrapperKeyBytes, final byte[] iv, final byte[] cek, boolean canBeFlat) throws Exception { - JweHeaders headers = new JweHeaders(AlgorithmUtils.A128KW_ALGO, + JweHeaders headers = new JweHeaders(KeyAlgorithm.A128KW, contentEncryptionAlgo); JweEncryptionProvider jwe = null; if (wrapperKeyBytes == null) { headers.asMap().remove("alg"); SecretKey cekKey = CryptoUtils.createSecretKeySpec(cek, "AES"); - jwe = JweUtils.getDirectKeyJweEncryption(cekKey, contentEncryptionAlgo); + jwe = JweUtils.getDirectKeyJweEncryption(cekKey, contentEncryptionAlgo.getJwaName()); } else { SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(wrapperKeyBytes, "AES"); jwe = JweUtils.createJweEncryptionProvider(wrapperKey, headers); @@ -239,7 +241,7 @@ public class JweJsonProducerTest extends Assert { final String text = "The true sign of intelligence is not knowledge but imagination."; SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES1, "AES"); - JweHeaders protectedHeaders = new JweHeaders(AlgorithmUtils.A128GCM_ALGO); + JweHeaders protectedHeaders = new JweHeaders(ContentAlgorithm.A128GCM); JweHeaders sharedUnprotectedHeaders = new JweHeaders(); sharedUnprotectedHeaders.setJsonWebKeysUrl("https://server.example.com/keys.jwks"); @@ -270,7 +272,7 @@ public class JweJsonProducerTest extends Assert { SecretKey wrapperKey1 = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES1, "AES"); SecretKey wrapperKey2 = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES2, "AES"); - JweHeaders protectedHeaders = new JweHeaders(AlgorithmUtils.A128GCM_ALGO); + JweHeaders protectedHeaders = new JweHeaders(ContentAlgorithm.A128GCM); JweHeaders sharedUnprotectedHeaders = new JweHeaders(); sharedUnprotectedHeaders.setJsonWebKeysUrl("https://server.example.com/keys.jwks"); sharedUnprotectedHeaders.setKeyEncryptionAlgorithm(KeyAlgorithm.A128KW);