Make it possible to pass Properties for encryption/decryption
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ab05845f Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ab05845f Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ab05845f Branch: refs/heads/3.1.x-fixes Commit: ab05845f33e5744f9ed9c2b3569a1001c269f923 Parents: fc54f21 Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Nov 11 16:59:50 2015 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Nov 11 17:19:44 2015 +0000 ---------------------------------------------------------------------- .../jose/common/KeyManagementUtils.java | 12 ++++++++-- .../cxf/rs/security/jose/jwe/JweUtils.java | 25 ++++++++++++++++---- 2 files changed, 30 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/ab05845f/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java index a0bfdf8..b18295a 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java @@ -204,11 +204,19 @@ public final class KeyManagementUtils { : keyOper == KeyOperation.DECRYPT ? JoseConstants.RSSEC_DECRYPTION_KEY_PSWD_PROVIDER : null; if (propName != null) { - cb = (PrivateKeyPasswordProvider)m.getContextualProperty(propName); + if (props.containsKey(propName)) { + cb = (PrivateKeyPasswordProvider)props.get(propName); + } else if (m != null) { + cb = (PrivateKeyPasswordProvider)m.getContextualProperty(propName); + } } } if (cb == null) { - cb = (PrivateKeyPasswordProvider)m.getContextualProperty(JoseConstants.RSSEC_KEY_PSWD_PROVIDER); + if (props.containsKey(JoseConstants.RSSEC_KEY_PSWD_PROVIDER)) { + cb = (PrivateKeyPasswordProvider)props.get(JoseConstants.RSSEC_KEY_PSWD_PROVIDER); + } else if (m != null) { + cb = (PrivateKeyPasswordProvider)m.getContextualProperty(JoseConstants.RSSEC_KEY_PSWD_PROVIDER); + } } return cb; } http://git-wip-us.apache.org/repos/asf/cxf/blob/ab05845f/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java index 074dfa5..95ebcb4 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java @@ -285,12 +285,17 @@ public final class JweUtils { public static JweEncryptionProvider loadEncryptionProvider(boolean required) { return loadEncryptionProvider(null, required); } - @SuppressWarnings("deprecation") + public static JweEncryptionProvider loadEncryptionProvider(JweHeaders headers, boolean required) { Properties props = loadEncryptionOutProperties(required); if (props == null) { return null; } + return loadEncryptionProvider(props, headers, required); + } + + @SuppressWarnings("deprecation") + public static JweEncryptionProvider loadEncryptionProvider(Properties props, JweHeaders headers, boolean required) { Message m = PhaseInterceptorChain.getCurrentMessage(); boolean includeCert = @@ -303,7 +308,9 @@ public final class JweUtils { String keyEncryptionAlgo = getKeyEncryptionAlgorithm(m, props, null, null); KeyAlgorithm keyAlgo = KeyAlgorithm.getAlgorithm(keyEncryptionAlgo); String contentEncryptionAlgo = getContentEncryptionAlgo(m, props, null); - m.put(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM, contentEncryptionAlgo); + if (m != null) { + m.put(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM, contentEncryptionAlgo); + } ContentEncryptionProvider ctEncryptionProvider = null; if (JoseConstants.HEADER_JSON_WEB_KEY.equals(props.get(JoseConstants.RSSEC_KEY_STORE_TYPE))) { JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.ENCRYPT); @@ -367,7 +374,15 @@ public final class JweUtils { Properties props = loadEncryptionInProperties(required); if (props == null) { return null; - } + } + + return loadDecryptionProvider(props, inHeaders, required); + } + + public static JweDecryptionProvider loadDecryptionProvider(Properties props, + JweHeaders inHeaders, + boolean required) { + Message m = PhaseInterceptorChain.getCurrentMessage(); KeyDecryptionProvider keyDecryptionProvider = null; String contentEncryptionAlgo = getContentEncryptionAlgo(m, props, null); @@ -648,7 +663,7 @@ public final class JweUtils { if (props != null) { encAlgo = props.getProperty(JoseConstants.DEPR_RSSEC_ENCRYPTION_KEY_ALGORITHM); } - if (encAlgo == null) { + if (encAlgo == null && m != null) { encAlgo = (String)m.getContextualProperty(JoseConstants.DEPR_RSSEC_ENCRYPTION_KEY_ALGORITHM); } if (encAlgo != null) { @@ -681,7 +696,7 @@ public final class JweUtils { if (algo == null) { // Check for deprecated identifier first String encAlgo = props.getProperty(JoseConstants.DEPR_RSSEC_ENCRYPTION_CONTENT_ALGORITHM); - if (encAlgo == null) { + if (encAlgo == null && m != null) { encAlgo = (String)m.getContextualProperty(JoseConstants.DEPR_RSSEC_ENCRYPTION_CONTENT_ALGORITHM); } if (encAlgo != null) {
