You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/12/09 19:11:09 UTC
cxf git commit: Tweaking the at_hash code a bit
Repository: cxf
Updated Branches:
refs/heads/master 071cbd6b1 -> 90e0b97b2
Tweaking the at_hash code a bit
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/90e0b97b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/90e0b97b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/90e0b97b
Branch: refs/heads/master
Commit: 90e0b97b2d8a33b4367c33ce43cb119e47640621
Parents: 071cbd6
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Dec 9 18:10:47 2015 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Dec 9 18:10:47 2015 +0000
----------------------------------------------------------------------
.../org/apache/cxf/rs/security/oidc/utils/OidcUtils.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/90e0b97b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
index e2b7e6e..19534f5 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
@@ -127,11 +127,13 @@ public final class OidcUtils {
if (sigAlgo == SignatureAlgorithm.NONE) {
throw new JwsException(JwsException.Error.INVALID_ALGORITHM);
}
- int algoShaSize = Integer.valueOf(sigAlgo.getJwaName().substring(2));
- int valueHashSize = algoShaSize / 16;
+ String algoShaSizeString = sigAlgo.getJwaName().substring(2);
+ String javaShaAlgo = "SHA-" + algoShaSizeString;
+ int algoShaSize = Integer.valueOf(algoShaSizeString);
+ int valueHashSize = (algoShaSize / 8) / 2;
try {
byte[] atBytes = StringUtils.toBytesASCII(value);
- byte[] digest = MessageDigestUtils.createDigest(atBytes, MessageDigestUtils.ALGO_SHA_256);
+ byte[] digest = MessageDigestUtils.createDigest(atBytes, javaShaAlgo);
return Base64UrlUtility.encodeChunk(digest, 0, valueHashSize);
} catch (NoSuchAlgorithmException ex) {
throw new SecurityException(ex);