You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/12/29 13:11:26 UTC
cxf git commit: Disabling Jwe AesGcm tests on Java 6 due to the
additional AAD being ignored even with BC
Repository: cxf
Updated Branches:
refs/heads/3.0.x-fixes 9813df38f -> c2f576983
Disabling Jwe AesGcm tests on Java 6 due to the additional AAD being ignored even with BC
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c2f57698
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c2f57698
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c2f57698
Branch: refs/heads/3.0.x-fixes
Commit: c2f57698318f7a418b51a3baa4c469e47a83b76e
Parents: 9813df3
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Mon Dec 29 12:11:01 2014 +0000
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Mon Dec 29 12:11:01 2014 +0000
----------------------------------------------------------------------
.../cxf/common/util/crypto/CryptoUtils.java | 10 +++-----
.../jose/jwe/JweCompactReaderWriterTest.java | 27 +++++++++++++++++---
.../jose/jwe/JwePbeHmacAesWrapTest.java | 9 +++++++
.../jaxrs/security/jwt/JAXRSJweJwsTest.java | 27 ++++++++++++++++++++
.../jaxrs/security/jwt/JAXRSJwsJsonTest.java | 8 ++++++
5 files changed, 72 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/c2f57698/core/src/main/java/org/apache/cxf/common/util/crypto/CryptoUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/common/util/crypto/CryptoUtils.java b/core/src/main/java/org/apache/cxf/common/util/crypto/CryptoUtils.java
index 6f73896..7410182 100644
--- a/core/src/main/java/org/apache/cxf/common/util/crypto/CryptoUtils.java
+++ b/core/src/main/java/org/apache/cxf/common/util/crypto/CryptoUtils.java
@@ -48,14 +48,14 @@ import java.security.spec.ECPublicKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
-import java.util.logging.Logger;
+
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
+
import org.apache.cxf.common.classloader.ClassLoaderUtils;
-import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.common.util.CompressionUtils;
@@ -67,8 +67,6 @@ import org.apache.cxf.helpers.IOUtils;
*/
public final class CryptoUtils {
- private static final Logger LOG = LogUtils.getL7dLogger(CryptoUtils.class);
-
private CryptoUtils() {
}
@@ -283,7 +281,7 @@ public final class CryptoUtils {
Constructor<?> ctr = c.getConstructor(new Class[]{int.class, byte[].class});
return (AlgorithmParameterSpec)ctr.newInstance(new Object[]{authTagLength, iv});
} catch (Throwable t) {
- return new IvParameterSpec(iv);
+ throw new SecurityException(t);
}
}
@@ -554,7 +552,7 @@ public final class CryptoUtils {
Method m = Cipher.class.getMethod("updateAAD", new Class[]{byte[].class});
m.invoke(c, new Object[]{keyProps.getAdditionalData()});
} catch (NoSuchMethodException ex) {
- LOG.fine(ex.getMessage());
+ throw new SecurityException(ex);
}
}
return c;
http://git-wip-us.apache.org/repos/asf/cxf/blob/c2f57698/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
index b3be0a6..ca3f24a 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
@@ -78,14 +78,25 @@ public class JweCompactReaderWriterTest extends Assert {
+ ".KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY"
+ ".U0m_YmjN04DJvceFICbCVQ";
+ private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
+
+ private static boolean isJava6() {
+ String version = System.getProperty("java.version");
+ return 1.6D == Double.parseDouble(version.substring(0, 3));
+ }
+
@BeforeClass
public static void registerBouncyCastleIfNeeded() throws Exception {
+
try {
- Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA);
+ if (!SKIP_AES_GCM_TESTS) {
+ Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA);
+ }
Cipher.getInstance(Algorithm.AES_CBC_ALGO_JAVA);
} catch (Throwable t) {
Security.addProvider(new BouncyCastleProvider());
}
+
}
@AfterClass
public static void unregisterBouncyCastleIfNeeded() throws Exception {
@@ -145,9 +156,10 @@ public class JweCompactReaderWriterTest extends Assert {
@Test
public void testEncryptDecryptAesGcmWrapA128CBCHS256() throws Exception {
//
- // This test fails with the IBM JDK
+ // This test fails with the IBM JDK and on Java 6
//
- if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
+ if ("IBM Corporation".equals(System.getProperty("java.vendor"))
+ || SKIP_AES_GCM_TESTS) {
return;
}
final String specPlainText = "Live long and prosper.";
@@ -173,6 +185,9 @@ public class JweCompactReaderWriterTest extends Assert {
@Test
public void testEncryptDecryptSpecExample() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
final String specPlainText = "The true sign of intelligence is not knowledge but imagination.";
String jweContent = encryptContent(specPlainText, true);
@@ -181,6 +196,9 @@ public class JweCompactReaderWriterTest extends Assert {
@Test
public void testDirectKeyEncryptDecrypt() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
final String specPlainText = "The true sign of intelligence is not knowledge but imagination.";
SecretKey key = createSecretKey(true);
String jweContent = encryptContentDirect(key, specPlainText);
@@ -190,6 +208,9 @@ public class JweCompactReaderWriterTest extends Assert {
@Test
public void testEncryptDecryptJwsToken() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String jweContent = encryptContent(JwsCompactReaderWriterTest.ENCODED_TOKEN_SIGNED_BY_MAC, false);
decrypt(jweContent, JwsCompactReaderWriterTest.ENCODED_TOKEN_SIGNED_BY_MAC, false);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/c2f57698/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
index e21cde0..2914b81 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
@@ -30,6 +30,12 @@ import org.junit.Before;
import org.junit.Test;
public class JwePbeHmacAesWrapTest extends Assert {
+ private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
+
+ private static boolean isJava6() {
+ String version = System.getProperty("java.version");
+ return 1.6D == Double.parseDouble(version.substring(0, 3));
+ }
@Before
public void registerBouncyCastleIfNeeded() throws Exception {
Security.addProvider(new BouncyCastleProvider());
@@ -58,6 +64,9 @@ public class JwePbeHmacAesWrapTest extends Assert {
}
@Test
public void testEncryptDecryptPbesHmacAesWrapAesGcm() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
final String specPlainText = "Live long and prosper.";
JweHeaders headers = new JweHeaders();
headers.setAlgorithm(JoseConstants.PBES2_HS256_A128KW_ALGO);
http://git-wip-us.apache.org/repos/asf/cxf/blob/c2f57698/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
index cd113ae..5178c91 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
@@ -62,6 +62,12 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
"org/apache/cxf/systest/jaxrs/security/alice.rs.properties";
private static final String ENCODED_MAC_KEY = "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75"
+ "aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow";
+ private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
+
+ private static boolean isJava6() {
+ String version = System.getProperty("java.version");
+ return 1.6D == Double.parseDouble(version.substring(0, 3));
+ }
@BeforeClass
public static void startServers() throws Exception {
assertTrue("server did not launch correctly",
@@ -84,6 +90,9 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
}
@Test
public void testJweJwkPlainTextRSA() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String address = "https://localhost:" + PORT + "/jwejwkrsa";
BookStore bs = createJweBookStore(address, null);
String text = bs.echoText("book");
@@ -91,6 +100,9 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
}
@Test
public void testJweJwkBookBeanRSA() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String address = "https://localhost:" + PORT + "/jwejwkrsa";
BookStore bs = createJweBookStore(address,
Collections.singletonList(new JacksonJsonProvider()));
@@ -125,6 +137,9 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
@Test
public void testJweJwkAesWrap() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String address = "https://localhost:" + PORT + "/jwejwkaeswrap";
JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
SpringBusFactory bf = new SpringBusFactory();
@@ -177,6 +192,9 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
}
@Test
public void testJweRsaJwsRsa() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String address = "https://localhost:" + PORT + "/jwejwsrsa";
BookStore bs = createJweJwsBookStore(address, null, null);
String text = bs.echoText("book");
@@ -184,6 +202,9 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
}
@Test
public void testJweRsaJwsRsaCert() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String address = "https://localhost:" + PORT + "/jwejwsrsacert";
JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
@@ -221,6 +242,9 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
}
@Test
public void testJweRsaJwsPlainTextHMac() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String address = "https://localhost:" + PORT + "/jwejwshmac";
HmacJwsSignatureProvider hmacProvider =
new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName());
@@ -230,6 +254,9 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
}
@Test
public void testJweRsaJwsBookHMac() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String address = "https://localhost:" + PORT + "/jwejwshmac";
HmacJwsSignatureProvider hmacProvider =
new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName());
http://git-wip-us.apache.org/repos/asf/cxf/blob/c2f57698/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
index 45602d9..5ad6401 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java
@@ -51,7 +51,12 @@ import org.junit.Test;
public class JAXRSJwsJsonTest extends AbstractBusClientServerTestBase {
public static final String PORT = BookServerJwsJson.PORT;
+ private static final Boolean SKIP_AES_GCM_TESTS = isJava6();
+ private static boolean isJava6() {
+ String version = System.getProperty("java.version");
+ return 1.6D == Double.parseDouble(version.substring(0, 3));
+ }
@BeforeClass
public static void startServers() throws Exception {
assertTrue("server did not launch correctly",
@@ -94,6 +99,9 @@ public class JAXRSJwsJsonTest extends AbstractBusClientServerTestBase {
}
@Test
public void testJweCompactJwsJsonBookBeanHmac() throws Exception {
+ if (SKIP_AES_GCM_TESTS) {
+ return;
+ }
String address = "https://localhost:" + PORT + "/jwejwsjsonhmac";
List<?> extraProviders = Arrays.asList(new JacksonJsonProvider(),
new JweWriterInterceptor(),