[ https://issues.apache.org/jira/browse/CXF-8162?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16978441#comment-16978441 ]
Frederik Libert commented on CXF-8162: -------------------------------------- org.apache.cxf.rs.security.jose.jwe.AesCbcHmacJweEncryption should get an extra constructor to pass a reference to an object of type AesCbcContentEncryptionAlgorithm, which should be externalized from that class or at least become public (as its constructors). > JWE with multiple recipients does not work for AES CBC Encryption > ----------------------------------------------------------------- > > Key: CXF-8162 > URL: https://issues.apache.org/jira/browse/CXF-8162 > Project: CXF > Issue Type: Bug > Components: JAX-RS Security > Affects Versions: 3.3.4 > Reporter: Frederik Libert > Priority: Major > > When encrypting for multiple recipients, the plaintext, the CEK, JWE > Initialization Vector, and JWE Protected Header are shared by all recipients > (which must be the case, since > the ciphertext and Authentication Tag are also shared). > The Apache CXF API for encrypting the content with AES GCM allows this by > initializing a ContentEncryptionProvider of type > AesGcmContentEncryptionAlgorithm which can be used as reference when > initializing the list of JweEncryptionProviders (which take a > KeyEncryptionProvider and an ContentEncryptionProvider). > When using AES CBC, the API is different. > The class AesCbcContentEncryptionAlgorithm is a private innerclass of > JweEncryptionProvider AesCbcHmacJweEncryption so you can't initialize it once > and reuse it in all JweEncryptionProviders of the list. > There is a workaround as the API allows to build the CEK and > InitializationVector yourself (not very nice) but this method leads to an > ArrayIndexOutOfBoundsException as there is a typo in the > AesCbcHmacJweEncryption when copying the CEK byte by byte internally. > This typo should be fixed but more importantly, the API for AES CBC > encryption should allow the initialization of the ContentEncryptionProvider > from outside the JweEncryptionProvider so it can be referenced in all > JweEncryptionProviders. > Without that, you can only encrypt for 1 recipient or the validation will > fail (invalid authentication tag) for all but 1 recipient. -- This message was sent by Atlassian Jira (v8.3.4#803005)