You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Christopher Cheng <ch...@gmail.com> on 2015/02/11 13:03:10 UTC
How could I encrypt/decrypt REST JSON message with
AES/CBC/PKCS5Padding, AES and Base64?
This is how I did in POJO. Could somebody help me how to do it with
CXF configuration?
String password = "1234567890123456";
String content = “abcdefghigklmnopqrstuvwxyz0123456789”;
byte[] raw = password.getBytes(Charsets.UTF_8);
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new
byte[16])); // zero IV
String encrypted = new
String(Base64.encodeBase64(cipher.doFinal(content.getBytes(Charsets.UTF_8))))
Re: How could I encrypt/decrypt REST JSON message with AES/CBC/PKCS5Padding,
AES and Base64?
Posted by Sergey Beryozkin <sb...@gmail.com>.
I believe, as far as JWE is concerned, you can use this specific
algorithm only to get a content encryption key encrypted with a derived
key based on the provided password:
https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-4.8
The tests are here:
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java;h=4025cda93b58ab184c602874b8104cd38d4069a2;hb=HEAD
Most of the algorithms can be supported directly with the JAX-RS JOSE
filters but not this one yet. The test code shows the only way it can be
used for now
This page:
http://cxf.apache.org/docs/jax-rs-jose.html
will be completed in the next few weeks.
You can also try Jose4J
HTH, Sergey
On 11/02/15 12:11, Christopher Cheng wrote:
> Thanks Sergey... You save my day if you do
>
> On Wed, Feb 11, 2015 at 8:06 PM, Sergey Beryozkin <sb...@gmail.com> wrote:
>> Hi
>>
>> On 11/02/15 12:03, Christopher Cheng wrote:
>>>
>>> This is how I did in POJO. Could somebody help me how to do it with
>>> CXF configuration?
>>>
>>>
>>> String password = "1234567890123456";
>>> String content = “abcdefghigklmnopqrstuvwxyz0123456789”;
>>>
>>> byte[] raw = password.getBytes(Charsets.UTF_8);
>>> SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
>>> Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
>>> cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new
>>> byte[16])); // zero IV
>>> String encrypted = new
>>>
>>> String(Base64.encodeBase64(cipher.doFinal(content.getBytes(Charsets.UTF_8))))
>>>
>> Are you trying to do JWE by any chance ?
>> I'll post you a code example shortly, working with a release issue right now
>>
>> Sergey
>>
Re: How could I encrypt/decrypt REST JSON message with
AES/CBC/PKCS5Padding, AES and Base64?
Posted by Christopher Cheng <ch...@gmail.com>.
Thanks Sergey... You save my day if you do
On Wed, Feb 11, 2015 at 8:06 PM, Sergey Beryozkin <sb...@gmail.com> wrote:
> Hi
>
> On 11/02/15 12:03, Christopher Cheng wrote:
>>
>> This is how I did in POJO. Could somebody help me how to do it with
>> CXF configuration?
>>
>>
>> String password = "1234567890123456";
>> String content = “abcdefghigklmnopqrstuvwxyz0123456789”;
>>
>> byte[] raw = password.getBytes(Charsets.UTF_8);
>> SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
>> Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
>> cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new
>> byte[16])); // zero IV
>> String encrypted = new
>>
>> String(Base64.encodeBase64(cipher.doFinal(content.getBytes(Charsets.UTF_8))))
>>
> Are you trying to do JWE by any chance ?
> I'll post you a code example shortly, working with a release issue right now
>
> Sergey
>
Re: How could I encrypt/decrypt REST JSON message with AES/CBC/PKCS5Padding,
AES and Base64?
Posted by Sergey Beryozkin <sb...@gmail.com>.
On 11/02/15 12:53, Jose María Zaragoza wrote:
> 2015-02-11 13:06 GMT+01:00 Sergey Beryozkin <sb...@gmail.com>:
>> Hi
>>
>> Are you trying to do JWE by any chance ?
>> I'll post you a code example shortly, working with a release issue right now
>>
>> Sergey
>>
>
> One question
>
> does CXF 2.7.x support JOSE spec ?
>
> I would like to sign JSON requests , but I still use CXF 2.7.8
> I could use jose4j and it implements some filter , are you going to
> write some tips to do it ? can I copy them from CXF 3.x ?
No it is only in 3.0.x and 3.1.0.
Jose4J can be used too.
Also have a look at JSON Clear Signature project:
https://openkeystore.googlecode.com/svn/resources/trunk/docs/jcs.html
(not a standard but I believe it is getting the momentum too)
Sergey
>
>
> Regards
>
Re: How could I encrypt/decrypt REST JSON message with
AES/CBC/PKCS5Padding, AES and Base64?
Posted by Jose María Zaragoza <de...@gmail.com>.
2015-02-11 13:06 GMT+01:00 Sergey Beryozkin <sb...@gmail.com>:
> Hi
>
> Are you trying to do JWE by any chance ?
> I'll post you a code example shortly, working with a release issue right now
>
> Sergey
>
One question
does CXF 2.7.x support JOSE spec ?
I would like to sign JSON requests , but I still use CXF 2.7.8
I could use jose4j and it implements some filter , are you going to
write some tips to do it ? can I copy them from CXF 3.x ?
Regards
Re: How could I encrypt/decrypt REST JSON message with AES/CBC/PKCS5Padding,
AES and Base64?
Posted by Sergey Beryozkin <sb...@gmail.com>.
Hi
On 11/02/15 12:03, Christopher Cheng wrote:
> This is how I did in POJO. Could somebody help me how to do it with
> CXF configuration?
>
>
> String password = "1234567890123456";
> String content = “abcdefghigklmnopqrstuvwxyz0123456789”;
>
> byte[] raw = password.getBytes(Charsets.UTF_8);
> SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
> Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
> cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new
> byte[16])); // zero IV
> String encrypted = new
> String(Base64.encodeBase64(cipher.doFinal(content.getBytes(Charsets.UTF_8))))
>
Are you trying to do JWE by any chance ?
I'll post you a code example shortly, working with a release issue right now
Sergey