You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/12/09 19:11:09 UTC

cxf git commit: Tweaking the at_hash code a bit

Repository: cxf
Updated Branches:
  refs/heads/master 071cbd6b1 -> 90e0b97b2


Tweaking the at_hash code a bit


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/90e0b97b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/90e0b97b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/90e0b97b

Branch: refs/heads/master
Commit: 90e0b97b2d8a33b4367c33ce43cb119e47640621
Parents: 071cbd6
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Dec 9 18:10:47 2015 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Dec 9 18:10:47 2015 +0000

----------------------------------------------------------------------
 .../org/apache/cxf/rs/security/oidc/utils/OidcUtils.java     | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/90e0b97b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
index e2b7e6e..19534f5 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
@@ -127,11 +127,13 @@ public final class OidcUtils {
         if (sigAlgo == SignatureAlgorithm.NONE) {
             throw new JwsException(JwsException.Error.INVALID_ALGORITHM);
         }
-        int algoShaSize = Integer.valueOf(sigAlgo.getJwaName().substring(2));
-        int valueHashSize = algoShaSize / 16;
+        String algoShaSizeString = sigAlgo.getJwaName().substring(2);
+        String javaShaAlgo = "SHA-" + algoShaSizeString;
+        int algoShaSize = Integer.valueOf(algoShaSizeString);
+        int valueHashSize = (algoShaSize / 8) / 2;
         try {
             byte[] atBytes = StringUtils.toBytesASCII(value);
-            byte[] digest = MessageDigestUtils.createDigest(atBytes,  MessageDigestUtils.ALGO_SHA_256);
+            byte[] digest = MessageDigestUtils.createDigest(atBytes,  javaShaAlgo);
             return Base64UrlUtility.encodeChunk(digest, 0, valueHashSize);
         } catch (NoSuchAlgorithmException ex) {
             throw new SecurityException(ex);