You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/02/27 14:55:24 UTC
[2/4] cxf git commit: [CXF-6220] JWA algorithm cleanup with a lot of
cosmetic changes
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
index 55ec94e..c02ee70 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
@@ -22,26 +22,26 @@ import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import org.apache.cxf.common.util.crypto.HmacUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public class HmacJwsSignatureVerifier implements JwsSignatureVerifier {
private byte[] key;
private AlgorithmParameterSpec hmacSpec;
- private String supportedAlgo;
+ private SignatureAlgorithm supportedAlgo;
public HmacJwsSignatureVerifier(String encodedKey) {
- this(JoseUtils.decode(encodedKey), JoseConstants.HMAC_SHA_256_ALGO);
+ this(JoseUtils.decode(encodedKey), SignatureAlgorithm.HS256);
}
- public HmacJwsSignatureVerifier(String encodedKey, String supportedAlgo) {
+ public HmacJwsSignatureVerifier(String encodedKey, SignatureAlgorithm supportedAlgo) {
this(JoseUtils.decode(encodedKey), supportedAlgo);
}
- public HmacJwsSignatureVerifier(byte[] key, String supportedAlgo) {
+ public HmacJwsSignatureVerifier(byte[] key, SignatureAlgorithm supportedAlgo) {
this(key, null, supportedAlgo);
}
- public HmacJwsSignatureVerifier(byte[] key, AlgorithmParameterSpec spec, String supportedAlgo) {
+ public HmacJwsSignatureVerifier(byte[] key, AlgorithmParameterSpec spec, SignatureAlgorithm supportedAlgo) {
this.key = key;
this.hmacSpec = spec;
this.supportedAlgo = supportedAlgo;
@@ -56,21 +56,21 @@ public class HmacJwsSignatureVerifier implements JwsSignatureVerifier {
private byte[] computeMac(JoseHeaders headers, String text) {
return HmacUtils.computeHmac(key,
- Algorithm.toJavaName(checkAlgorithm(headers.getAlgorithm())),
+ AlgorithmUtils.toJavaName(checkAlgorithm(headers.getAlgorithm())),
hmacSpec,
text);
}
protected String checkAlgorithm(String algo) {
if (algo == null
- || !Algorithm.isHmacSign(algo)
- || !algo.equals(supportedAlgo)) {
+ || !AlgorithmUtils.isHmacSign(algo)
+ || !algo.equals(supportedAlgo.getJwaName())) {
throw new SecurityException();
}
return algo;
}
@Override
- public String getAlgorithm() {
+ public SignatureAlgorithm getAlgorithm() {
return supportedAlgo;
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
index b8f192b..14b654c 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
@@ -22,9 +22,9 @@ import java.security.interfaces.RSAPrivateKey;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
public class JwsCompactProducer {
@@ -105,7 +105,7 @@ public class JwsCompactProducer {
this.signature = sig;
}
private boolean isPlainText() {
- return JoseConstants.PLAIN_TEXT_ALGO.equals(getAlgorithm());
+ return AlgorithmUtils.PLAIN_TEXT_ALGO.equals(getAlgorithm());
}
private String getAlgorithm() {
return getJoseHeaders().getAlgorithm();
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
index 2b32d9a..ce9bf27 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
@@ -110,7 +110,7 @@ public class JwsJsonConsumer {
}
public boolean verifySignatureWith(JwsSignatureVerifier validator) {
List<JwsJsonSignatureEntry> theSignatureEntries =
- getSignatureEntryMap().get(validator.getAlgorithm());
+ getSignatureEntryMap().get(validator.getAlgorithm().getJwaName());
if (theSignatureEntries != null) {
for (JwsJsonSignatureEntry signatureEntry : theSignatureEntries) {
if (signatureEntry.verifySignatureWith(validator)) {
@@ -143,7 +143,7 @@ public class JwsJsonConsumer {
for (JwsSignatureVerifier validator : validators) {
boolean validated = false;
List<JwsJsonSignatureEntry> theSignatureEntries =
- getSignatureEntryMap().get(validator.getAlgorithm());
+ getSignatureEntryMap().get(validator.getAlgorithm().getJwaName());
if (theSignatureEntries != null) {
for (JwsJsonSignatureEntry sigEntry : theSignatureEntries) {
if (sigEntry.verifySignatureWith(validator)) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
index bd72a53..5620232 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
@@ -96,7 +96,7 @@ public class JwsJsonProducer {
}
public String signWith(JwsSignatureProvider signer) {
JoseHeaders headers = new JoseHeaders();
- headers.setAlgorithm(signer.getAlgorithm());
+ headers.setAlgorithm(signer.getAlgorithm().getJwaName());
return signWith(signer, headers);
}
public String signWith(JwsSignatureProvider signer,
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
index c6f60b9..9ca48cb 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
@@ -19,10 +19,11 @@
package org.apache.cxf.rs.security.jose.jws;
import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public interface JwsSignatureProvider {
- String getAlgorithm();
+ SignatureAlgorithm getAlgorithm();
byte[] sign(JoseHeaders headers, byte[] content);
/**
* Create a signature handler capable of updating the signature input (optional operation)
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
index 492c676..26f9597 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
@@ -19,8 +19,9 @@
package org.apache.cxf.rs.security.jose.jws;
import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public interface JwsSignatureVerifier {
+ SignatureAlgorithm getAlgorithm();
boolean verify(JoseHeaders headers, String unsignedText, byte[] signature);
- String getAlgorithm();
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
index 1e8e6d4..bca768a 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
@@ -37,7 +37,8 @@ import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseUtils;
import org.apache.cxf.rs.security.jose.jaxrs.KeyManagementUtils;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
@@ -88,16 +89,16 @@ public final class JwsUtils {
theSigProvider = getHmacSignatureProvider(key, rsaSignatureAlgo);
} else if (JsonWebKey.KEY_TYPE_ELLIPTIC.equals(jwk.getKeyType())) {
theSigProvider = new EcDsaJwsSignatureProvider(JwkUtils.toECPrivateKey(jwk),
- rsaSignatureAlgo);
+ SignatureAlgorithm.getAlgorithm(rsaSignatureAlgo));
}
return theSigProvider;
}
public static JwsSignatureProvider getRSAKeySignatureProvider(RSAPrivateKey key, String algo) {
- return new PrivateKeyJwsSignatureProvider(key, algo);
+ return new PrivateKeyJwsSignatureProvider(key, SignatureAlgorithm.getAlgorithm(algo));
}
public static JwsSignatureProvider getHmacSignatureProvider(byte[] key, String algo) {
- if (Algorithm.isHmacSign(algo)) {
- return new HmacJwsSignatureProvider(key, algo);
+ if (AlgorithmUtils.isHmacSign(algo)) {
+ return new HmacJwsSignatureProvider(key, SignatureAlgorithm.getAlgorithm(algo));
}
return null;
}
@@ -113,16 +114,17 @@ public final class JwsUtils {
byte[] key = JoseUtils.decode((String)jwk.getProperty(JsonWebKey.OCTET_KEY_VALUE));
theVerifier = getHmacSignatureVerifier(key, rsaSignatureAlgo);
} else if (JsonWebKey.KEY_TYPE_ELLIPTIC.equals(jwk.getKeyType())) {
- theVerifier = new EcDsaJwsSignatureVerifier(JwkUtils.toECPublicKey(jwk), rsaSignatureAlgo);
+ theVerifier = new EcDsaJwsSignatureVerifier(JwkUtils.toECPublicKey(jwk),
+ SignatureAlgorithm.getAlgorithm(rsaSignatureAlgo));
}
return theVerifier;
}
public static JwsSignatureVerifier getRSAKeySignatureVerifier(RSAPublicKey key, String algo) {
- return new PublicKeyJwsSignatureVerifier(key, algo);
+ return new PublicKeyJwsSignatureVerifier(key, SignatureAlgorithm.getAlgorithm(algo));
}
public static JwsSignatureVerifier getHmacSignatureVerifier(byte[] key, String algo) {
- if (Algorithm.isHmacSign(algo)) {
- return new HmacJwsSignatureVerifier(key, algo);
+ if (AlgorithmUtils.isHmacSign(algo)) {
+ return new HmacJwsSignatureVerifier(key, SignatureAlgorithm.getAlgorithm(algo));
}
return null;
}
@@ -146,7 +148,7 @@ public final class JwsUtils {
}
JwsSignatureProvider theSigProvider = loadSignatureProvider(m, props, headers, false);
if (headers != null) {
- headers.setAlgorithm(theSigProvider.getAlgorithm());
+ headers.setAlgorithm(theSigProvider.getAlgorithm().getJwaName());
}
return theSigProvider;
}
@@ -287,7 +289,7 @@ public final class JwsUtils {
private static String getSignatureAlgo(Message m, Properties props, String algo, String defaultAlgo) {
if (algo == null) {
if (defaultAlgo == null) {
- defaultAlgo = JoseConstants.RS_SHA_256_ALGO;
+ defaultAlgo = AlgorithmUtils.RS_SHA_256_ALGO;
}
return KeyManagementUtils.getKeyAlgorithm(m, props, JSON_WEB_SIGNATURE_ALGO_PROP, defaultAlgo);
}
@@ -295,11 +297,11 @@ public final class JwsUtils {
}
private static String getDefaultKeyAlgo(JsonWebKey jwk) {
if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) {
- return JoseConstants.HMAC_SHA_256_ALGO;
+ return AlgorithmUtils.HMAC_SHA_256_ALGO;
} else if (JsonWebKey.KEY_TYPE_ELLIPTIC.equals(jwk.getKeyType())) {
- return JoseConstants.ES_SHA_256_ALGO;
+ return AlgorithmUtils.ES_SHA_256_ALGO;
} else {
- return JoseConstants.RS_SHA_256_ALGO;
+ return AlgorithmUtils.RS_SHA_256_ALGO;
}
}
public static JwsCompactConsumer verify(JwsSignatureVerifier v, String content) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
index 6226102..d442677 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
@@ -19,12 +19,13 @@
package org.apache.cxf.rs.security.jose.jws;
import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public class NoneJwsSignatureProvider implements JwsSignatureProvider {
@Override
- public String getAlgorithm() {
- return "none";
+ public SignatureAlgorithm getAlgorithm() {
+ return SignatureAlgorithm.PLAIN;
}
@Override
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
index 99cb770..270234e 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
@@ -19,6 +19,7 @@
package org.apache.cxf.rs.security.jose.jws;
import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public class NoneJwsSignatureVerifier implements JwsSignatureVerifier {
@@ -28,8 +29,8 @@ public class NoneJwsSignatureVerifier implements JwsSignatureVerifier {
}
@Override
- public String getAlgorithm() {
- return "none";
+ public SignatureAlgorithm getAlgorithm() {
+ return SignatureAlgorithm.PLAIN;
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
index 2f84f54..292ecf6 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
@@ -26,21 +26,22 @@ import java.security.spec.AlgorithmParameterSpec;
import org.apache.cxf.common.util.crypto.CryptoUtils;
import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public class PrivateKeyJwsSignatureProvider extends AbstractJwsSignatureProvider {
private PrivateKey key;
private SecureRandom random;
private AlgorithmParameterSpec signatureSpec;
- public PrivateKeyJwsSignatureProvider(PrivateKey key, String algo) {
+ public PrivateKeyJwsSignatureProvider(PrivateKey key, SignatureAlgorithm algo) {
this(key, null, algo);
}
- public PrivateKeyJwsSignatureProvider(PrivateKey key, AlgorithmParameterSpec spec, String algo) {
+ public PrivateKeyJwsSignatureProvider(PrivateKey key, AlgorithmParameterSpec spec, SignatureAlgorithm algo) {
this(key, null, spec, algo);
}
public PrivateKeyJwsSignatureProvider(PrivateKey key, SecureRandom random,
- AlgorithmParameterSpec spec, String algo) {
+ AlgorithmParameterSpec spec, SignatureAlgorithm algo) {
super(algo);
this.key = key;
this.random = random;
@@ -48,7 +49,7 @@ public class PrivateKeyJwsSignatureProvider extends AbstractJwsSignatureProvider
}
protected JwsSignature doCreateJwsSignature(JoseHeaders headers) {
final Signature s = CryptoUtils.getSignature(key,
- Algorithm.toJavaName(headers.getAlgorithm()),
+ AlgorithmUtils.toJavaName(headers.getAlgorithm()),
random,
signatureSpec);
return doCreateJwsSignature(s);
@@ -66,7 +67,7 @@ public class PrivateKeyJwsSignatureProvider extends AbstractJwsSignatureProvider
}
protected boolean isValidAlgorithmFamily(String algo) {
- return Algorithm.isRsaSign(algo);
+ return AlgorithmUtils.isRsaSign(algo);
}
protected static class PrivateKeyJwsSignature implements JwsSignature {
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
index 70842cf..7e8fd80 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
@@ -24,17 +24,18 @@ import java.security.spec.AlgorithmParameterSpec;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.common.util.crypto.CryptoUtils;
import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public class PublicKeyJwsSignatureVerifier implements JwsSignatureVerifier {
private PublicKey key;
private AlgorithmParameterSpec signatureSpec;
- private String supportedAlgo;
+ private SignatureAlgorithm supportedAlgo;
- public PublicKeyJwsSignatureVerifier(PublicKey key, String supportedAlgorithm) {
+ public PublicKeyJwsSignatureVerifier(PublicKey key, SignatureAlgorithm supportedAlgorithm) {
this(key, null, supportedAlgorithm);
}
- public PublicKeyJwsSignatureVerifier(PublicKey key, AlgorithmParameterSpec spec, String supportedAlgo) {
+ public PublicKeyJwsSignatureVerifier(PublicKey key, AlgorithmParameterSpec spec, SignatureAlgorithm supportedAlgo) {
this.key = key;
this.signatureSpec = spec;
this.supportedAlgo = supportedAlgo;
@@ -45,7 +46,7 @@ public class PublicKeyJwsSignatureVerifier implements JwsSignatureVerifier {
return CryptoUtils.verifySignature(StringUtils.toBytesUTF8(unsignedText),
signature,
key,
- Algorithm.toJavaName(checkAlgorithm(headers.getAlgorithm())),
+ AlgorithmUtils.toJavaName(checkAlgorithm(headers.getAlgorithm())),
signatureSpec);
} catch (Exception ex) {
throw new SecurityException(ex);
@@ -54,16 +55,16 @@ public class PublicKeyJwsSignatureVerifier implements JwsSignatureVerifier {
protected String checkAlgorithm(String algo) {
if (algo == null
|| !isValidAlgorithmFamily(algo)
- || !algo.equals(supportedAlgo)) {
+ || !algo.equals(supportedAlgo.getJwaName())) {
throw new SecurityException();
}
return algo;
}
protected boolean isValidAlgorithmFamily(String algo) {
- return Algorithm.isRsaSign(algo);
+ return AlgorithmUtils.isRsaSign(algo);
}
@Override
- public String getAlgorithm() {
+ public SignatureAlgorithm getAlgorithm() {
return supportedAlgo;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java
index 0b47927..68775fc 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java
@@ -23,10 +23,11 @@ import java.util.List;
import java.util.Map;
import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
+
import org.junit.Assert;
import org.junit.Test;
@@ -138,13 +139,13 @@ public class JwkJoseCookBookTest extends Assert {
assertEquals(SIGN_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
assertEquals(SIGN_KID_VALUE, key.getKid());
assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
- assertEquals(JoseConstants.HMAC_SHA_256_ALGO, key.getAlgorithm());
+ assertEquals(AlgorithmUtils.HMAC_SHA_256_ALGO, key.getAlgorithm());
}
private void validateSecretEncKey(JsonWebKey key) {
assertEquals(ENCRYPTION_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
assertEquals(ENCRYPTION_KID_VALUE, key.getKid());
assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
- assertEquals(JoseConstants.A256GCM_ALGO, key.getAlgorithm());
+ assertEquals(AlgorithmUtils.A256GCM_ALGO, key.getAlgorithm());
}
private void validatePublicRsaKey(JsonWebKey key) {
assertEquals(RSA_MODULUS_VALUE, key.getProperty(JsonWebKey.RSA_MODULUS));
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
index 52088d8..c31ba44 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
@@ -27,10 +27,10 @@ import javax.crypto.Cipher;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.helpers.IOUtils;
import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
@@ -354,7 +354,7 @@ public class JwsJoseCookBookTest {
@Test
public void testRSAv15Signature() throws Exception {
JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
- compactProducer.getJoseHeaders().setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
+ compactProducer.getJoseHeaders().setAlgorithm(AlgorithmUtils.RS_SHA_256_ALGO);
compactProducer.getJoseHeaders().setKeyId(RSA_KID_VALUE);
JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
assertEquals(reader.toJson(compactProducer.getJoseHeaders().asMap()), RSA_V1_5_SIGNATURE_PROTECTED_HEADER_JSON);
@@ -370,35 +370,35 @@ public class JwsJoseCookBookTest {
JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt");
List<JsonWebKey> publicKeys = publicJwks.getKeys();
JsonWebKey rsaPublicKey = publicKeys.get(1);
- assertTrue(compactConsumer.verifySignatureWith(rsaPublicKey, JoseConstants.RS_SHA_256_ALGO));
+ assertTrue(compactConsumer.verifySignatureWith(rsaPublicKey, AlgorithmUtils.RS_SHA_256_ALGO));
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
JoseHeaders protectedHeader = new JoseHeaders();
- protectedHeader.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
+ protectedHeader.setAlgorithm(AlgorithmUtils.RS_SHA_256_ALGO);
protectedHeader.setKeyId(RSA_KID_VALUE);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.RS_SHA_256_ALGO), protectedHeader);
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, AlgorithmUtils.RS_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(), RSA_V1_5_JSON_GENERAL_SERIALIZATION);
JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, JoseConstants.RS_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, AlgorithmUtils.RS_SHA_256_ALGO));
jsonProducer = new JwsJsonProducer(PAYLOAD, true);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.RS_SHA_256_ALGO), protectedHeader);
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, AlgorithmUtils.RS_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(), RSA_V1_5_JSON_FLATTENED_SERIALIZATION);
jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, JoseConstants.RS_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, AlgorithmUtils.RS_SHA_256_ALGO));
}
@Test
public void testRSAPSSSignature() throws Exception {
try {
- Cipher.getInstance(Algorithm.PS_SHA_384_JAVA);
+ Cipher.getInstance(AlgorithmUtils.PS_SHA_384_JAVA);
} catch (Throwable t) {
Security.addProvider(new BouncyCastleProvider());
}
JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
- compactProducer.getJoseHeaders().setAlgorithm(JoseConstants.PS_SHA_384_ALGO);
+ compactProducer.getJoseHeaders().setAlgorithm(AlgorithmUtils.PS_SHA_384_ALGO);
compactProducer.getJoseHeaders().setKeyId(RSA_KID_VALUE);
JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
assertEquals(reader.toJson(compactProducer.getJoseHeaders().asMap()), RSA_PSS_SIGNATURE_PROTECTED_HEADER_JSON);
@@ -414,24 +414,24 @@ public class JwsJoseCookBookTest {
JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt");
List<JsonWebKey> publicKeys = publicJwks.getKeys();
JsonWebKey rsaPublicKey = publicKeys.get(1);
- assertTrue(compactConsumer.verifySignatureWith(rsaPublicKey, JoseConstants.PS_SHA_384_ALGO));
+ assertTrue(compactConsumer.verifySignatureWith(rsaPublicKey, AlgorithmUtils.PS_SHA_384_ALGO));
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
JoseHeaders protectedHeader = new JoseHeaders();
- protectedHeader.setAlgorithm(JoseConstants.PS_SHA_384_ALGO);
+ protectedHeader.setAlgorithm(AlgorithmUtils.PS_SHA_384_ALGO);
protectedHeader.setKeyId(RSA_KID_VALUE);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.PS_SHA_384_ALGO), protectedHeader);
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, AlgorithmUtils.PS_SHA_384_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), RSA_PSS_JSON_GENERAL_SERIALIZATION.length());
JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, JoseConstants.PS_SHA_384_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, AlgorithmUtils.PS_SHA_384_ALGO));
jsonProducer = new JwsJsonProducer(PAYLOAD, true);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.PS_SHA_384_ALGO), protectedHeader);
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, AlgorithmUtils.PS_SHA_384_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), RSA_PSS_JSON_FLATTENED_SERIALIZATION.length());
jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, JoseConstants.PS_SHA_384_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, AlgorithmUtils.PS_SHA_384_ALGO));
Security.removeProvider(BouncyCastleProvider.class.getName());
}
@@ -439,13 +439,13 @@ public class JwsJoseCookBookTest {
public void testECDSASignature() throws Exception {
try {
- Cipher.getInstance(Algorithm.ES_SHA_512_JAVA);
+ Cipher.getInstance(AlgorithmUtils.ES_SHA_512_JAVA);
} catch (Throwable t) {
Security.addProvider(new BouncyCastleProvider());
}
try {
JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
- compactProducer.getJoseHeaders().setAlgorithm(JoseConstants.ES_SHA_512_ALGO);
+ compactProducer.getJoseHeaders().setAlgorithm(AlgorithmUtils.ES_SHA_512_ALGO);
compactProducer.getJoseHeaders().setKeyId(ECDSA_KID_VALUE);
JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
assertEquals(reader.toJson(compactProducer.getJoseHeaders().asMap()),
@@ -456,7 +456,7 @@ public class JwsJoseCookBookTest {
List<JsonWebKey> keys = jwks.getKeys();
JsonWebKey ecKey = keys.get(0);
compactProducer.signWith(new EcDsaJwsSignatureProvider(JwkUtils.toECPrivateKey(ecKey),
- JoseConstants.ES_SHA_512_ALGO));
+ SignatureAlgorithm.ES512));
assertEquals(compactProducer.getUnsignedEncodedJws(),
ECSDA_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD);
assertEquals(132, Base64UrlUtility.decode(compactProducer.getEncodedSignature()).length);
@@ -465,7 +465,7 @@ public class JwsJoseCookBookTest {
JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt");
List<JsonWebKey> publicKeys = publicJwks.getKeys();
JsonWebKey ecPublicKey = publicKeys.get(0);
- assertTrue(compactConsumer.verifySignatureWith(ecPublicKey, JoseConstants.ES_SHA_512_ALGO));
+ assertTrue(compactConsumer.verifySignatureWith(ecPublicKey, AlgorithmUtils.ES_SHA_512_ALGO));
} finally {
Security.removeProvider(BouncyCastleProvider.class.getName());
}
@@ -473,7 +473,7 @@ public class JwsJoseCookBookTest {
@Test
public void testHMACSignature() throws Exception {
JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
- compactProducer.getJoseHeaders().setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ compactProducer.getJoseHeaders().setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO);
compactProducer.getJoseHeaders().setKeyId(HMAC_KID_VALUE);
JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
assertEquals(reader.toJson(compactProducer.getJoseHeaders().asMap()), HMAC_SIGNATURE_PROTECTED_HEADER_JSON);
@@ -486,29 +486,29 @@ public class JwsJoseCookBookTest {
assertEquals(compactProducer.getSignedEncodedJws(),
HMAC_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD + "." + HMAC_SIGNATURE_VALUE);
JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws());
- assertTrue(compactConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(compactConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
JoseHeaders protectedHeader = new JoseHeaders();
- protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ protectedHeader.setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO);
protectedHeader.setKeyId(HMAC_KID_VALUE);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO), protectedHeader);
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(key, AlgorithmUtils.HMAC_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(), HMAC_JSON_GENERAL_SERIALIZATION);
JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
jsonProducer = new JwsJsonProducer(PAYLOAD, true);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO), protectedHeader);
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(key, AlgorithmUtils.HMAC_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(), HMAC_JSON_FLATTENED_SERIALIZATION);
jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
}
@Test
public void testDetachedHMACSignature() throws Exception {
JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
- compactProducer.getJoseHeaders().setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ compactProducer.getJoseHeaders().setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO);
compactProducer.getJoseHeaders().setKeyId(HMAC_KID_VALUE);
JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
assertEquals(reader.toJson(compactProducer.getJoseHeaders().asMap()), HMAC_SIGNATURE_PROTECTED_HEADER_JSON);
@@ -521,25 +521,25 @@ public class JwsJoseCookBookTest {
assertEquals(compactProducer.getSignedEncodedJws(true), DETACHED_HMAC_JWS);
JwsCompactConsumer compactConsumer =
new JwsCompactConsumer(compactProducer.getSignedEncodedJws(true), ENCODED_PAYLOAD);
- assertTrue(compactConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(compactConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
JoseHeaders protectedHeader = new JoseHeaders();
- protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ protectedHeader.setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO);
protectedHeader.setKeyId(HMAC_KID_VALUE);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO), protectedHeader);
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(key, AlgorithmUtils.HMAC_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(true), HMAC_DETACHED_JSON_GENERAL_SERIALIZATION);
JwsJsonConsumer jsonConsumer =
new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument(true), ENCODED_PAYLOAD);
- assertTrue(jsonConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
jsonProducer = new JwsJsonProducer(PAYLOAD, true);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO), protectedHeader);
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(key, AlgorithmUtils.HMAC_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(true), HMAC_DETACHED_JSON_FLATTENED_SERIALIZATION);
jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument(true), ENCODED_PAYLOAD);
- assertTrue(jsonConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
}
@Test
public void testProtectingSpecificHeaderFieldsSignature() throws Exception {
@@ -547,27 +547,27 @@ public class JwsJoseCookBookTest {
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
JoseHeaders protectedHeader = new JoseHeaders();
- protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ protectedHeader.setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO);
JoseHeaders unprotectedHeader = new JoseHeaders();
unprotectedHeader.setKeyId(HMAC_KID_VALUE);
JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
List<JsonWebKey> keys = jwks.getKeys();
JsonWebKey key = keys.get(0);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO),
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(key, AlgorithmUtils.HMAC_SHA_256_ALGO),
protectedHeader, unprotectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(),
PROTECTING_SPECIFIC_HEADER_FIELDS_JSON_GENERAL_SERIALIZATION);
JwsJsonConsumer jsonConsumer =
new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
jsonProducer = new JwsJsonProducer(PAYLOAD, true);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO),
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(key, AlgorithmUtils.HMAC_SHA_256_ALGO),
protectedHeader, unprotectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(),
PROTECTING_SPECIFIC_HEADER_FIELDS_JSON_FLATTENED_SERIALIZATION);
jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
}
@Test
public void testProtectingContentOnlySignature() throws Exception {
@@ -575,31 +575,31 @@ public class JwsJoseCookBookTest {
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
JoseHeaders unprotectedHeader = new JoseHeaders();
- unprotectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ unprotectedHeader.setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO);
unprotectedHeader.setKeyId(HMAC_KID_VALUE);
JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
List<JsonWebKey> keys = jwks.getKeys();
JsonWebKey key = keys.get(0);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO),
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(key, AlgorithmUtils.HMAC_SHA_256_ALGO),
null, unprotectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(),
PROTECTING_CONTENT_ONLY_JSON_GENERAL_SERIALIZATION);
JwsJsonConsumer jsonConsumer =
new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
jsonProducer = new JwsJsonProducer(PAYLOAD, true);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO),
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(key, AlgorithmUtils.HMAC_SHA_256_ALGO),
null, unprotectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(),
PROTECTING_CONTENT_ONLY_JSON_FLATTENED_SERIALIZATION);
jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
- assertTrue(jsonConsumer.verifySignatureWith(key, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(key, AlgorithmUtils.HMAC_SHA_256_ALGO));
}
@Test
public void testMultipleSignatures() throws Exception {
try {
- Cipher.getInstance(Algorithm.ES_SHA_512_JAVA);
+ Cipher.getInstance(AlgorithmUtils.ES_SHA_512_JAVA);
} catch (Throwable t) {
Security.addProvider(new BouncyCastleProvider());
}
@@ -608,22 +608,22 @@ public class JwsJoseCookBookTest {
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
JoseHeaders firstSignerProtectedHeader = new JoseHeaders();
- firstSignerProtectedHeader.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
+ firstSignerProtectedHeader.setAlgorithm(AlgorithmUtils.RS_SHA_256_ALGO);
JoseHeaders firstSignerUnprotectedHeader = new JoseHeaders();
firstSignerUnprotectedHeader.setKeyId(RSA_KID_VALUE);
JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt");
List<JsonWebKey> keys = jwks.getKeys();
JsonWebKey rsaKey = keys.get(1);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.RS_SHA_256_ALGO),
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, AlgorithmUtils.RS_SHA_256_ALGO),
firstSignerProtectedHeader, firstSignerUnprotectedHeader);
assertEquals(jsonProducer.getSignatureEntries().get(0).toJson(),
FIRST_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES);
JoseHeaders secondSignerUnprotectedHeader = new JoseHeaders();
- secondSignerUnprotectedHeader.setAlgorithm(JoseConstants.ES_SHA_512_ALGO);
+ secondSignerUnprotectedHeader.setAlgorithm(AlgorithmUtils.ES_SHA_512_ALGO);
secondSignerUnprotectedHeader.setKeyId(ECDSA_KID_VALUE);
JsonWebKey ecKey = keys.get(0);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(ecKey, JoseConstants.ES_SHA_512_ALGO),
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(ecKey, AlgorithmUtils.ES_SHA_512_ALGO),
null, secondSignerUnprotectedHeader);
assertEquals(new JoseHeadersReaderWriter().toJson(
jsonProducer.getSignatureEntries().get(1).getUnprotectedHeader()),
@@ -632,12 +632,12 @@ public class JwsJoseCookBookTest {
SECOND_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES.length());
JoseHeaders thirdSignerProtectedHeader = new JoseHeaders();
- thirdSignerProtectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ thirdSignerProtectedHeader.setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO);
thirdSignerProtectedHeader.setKeyId(HMAC_KID_VALUE);
JsonWebKeys secretJwks = readKeySet("cookbookSecretSet.txt");
List<JsonWebKey> secretKeys = secretJwks.getKeys();
JsonWebKey hmacKey = secretKeys.get(0);
- jsonProducer.signWith(JwsUtils.getSignatureProvider(hmacKey, JoseConstants.HMAC_SHA_256_ALGO),
+ jsonProducer.signWith(JwsUtils.getSignatureProvider(hmacKey, AlgorithmUtils.HMAC_SHA_256_ALGO),
thirdSignerProtectedHeader);
assertEquals(jsonProducer.getSignatureEntries().get(2).toJson(),
THIRD_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES);
@@ -649,9 +649,9 @@ public class JwsJoseCookBookTest {
List<JsonWebKey> publicKeys = publicJwks.getKeys();
JsonWebKey rsaPublicKey = publicKeys.get(1);
JsonWebKey ecPublicKey = publicKeys.get(0);
- assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, JoseConstants.RS_SHA_256_ALGO));
- assertTrue(jsonConsumer.verifySignatureWith(ecPublicKey, JoseConstants.ES_SHA_512_ALGO));
- assertTrue(jsonConsumer.verifySignatureWith(hmacKey, JoseConstants.HMAC_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, AlgorithmUtils.RS_SHA_256_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(ecPublicKey, AlgorithmUtils.ES_SHA_512_ALGO));
+ assertTrue(jsonConsumer.verifySignatureWith(hmacKey, AlgorithmUtils.HMAC_SHA_256_ALGO));
} finally {
Security.removeProvider(BouncyCastleProvider.class.getName());
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
index 50d8d3d..21a45ae 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
@@ -29,8 +29,9 @@ import javax.crypto.SecretKey;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.crypto.CryptoUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
+import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jws.JwsCompactReaderWriterTest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -84,8 +85,8 @@ public class JweCompactReaderWriterTest extends Assert {
@BeforeClass
public static void registerBouncyCastleIfNeeded() throws Exception {
try {
- Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA);
- Cipher.getInstance(Algorithm.AES_CBC_ALGO_JAVA);
+ Cipher.getInstance(AlgorithmUtils.AES_GCM_ALGO_JAVA);
+ Cipher.getInstance(AlgorithmUtils.AES_CBC_ALGO_JAVA);
} catch (Throwable t) {
Security.addProvider(new BouncyCastleProvider());
}
@@ -102,8 +103,8 @@ public class JweCompactReaderWriterTest extends Assert {
byte[] cekEncryptionKey = Base64UrlUtility.decode(KEY_ENCRYPTION_KEY_A3);
AesWrapKeyEncryptionAlgorithm keyEncryption =
- new AesWrapKeyEncryptionAlgorithm(cekEncryptionKey, Algorithm.A128KW.getJwtName());
- JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(),
+ new AesWrapKeyEncryptionAlgorithm(cekEncryptionKey, KeyAlgorithm.A128KW);
+ JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256,
CONTENT_ENCRYPTION_KEY_A3,
INIT_VECTOR_A3,
keyEncryption);
@@ -131,11 +132,11 @@ public class JweCompactReaderWriterTest extends Assert {
JsonWebKey.EC_CURVE_P256,
"Alice",
"Bob",
- Algorithm.A128GCM.getJwtName());
+ ContentAlgorithm.A128GCM);
String jweOutput = jweOut.encrypt("Hello".getBytes(), null);
JweDecryptionProvider jweIn =
- new EcdhDirectKeyJweDecryption(bobPrivateKey, Algorithm.A128GCM.getJwtName());
+ new EcdhDirectKeyJweDecryption(bobPrivateKey, ContentAlgorithm.A128GCM);
assertEquals("Hello", jweIn.decrypt(jweOutput).getContentText());
}
@Test
@@ -145,10 +146,10 @@ public class JweCompactReaderWriterTest extends Assert {
RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED_A1,
RSA_PUBLIC_EXPONENT_ENCODED_A1);
- KeyEncryptionAlgorithm keyEncryption = new RSAKeyEncryptionAlgorithm(publicKey,
- Algorithm.RSA_1_5.getJwtName());
+ KeyEncryptionProvider keyEncryption = new RSAKeyEncryptionAlgorithm(publicKey,
+ KeyAlgorithm.RSA_1_5);
- JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(),
+ JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256,
CONTENT_ENCRYPTION_KEY_A3,
INIT_VECTOR_A3,
keyEncryption);
@@ -157,7 +158,7 @@ public class JweCompactReaderWriterTest extends Assert {
RSAPrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED_A1,
RSA_PRIVATE_EXPONENT_ENCODED_A1);
KeyDecryptionAlgorithm keyDecryption = new RSAKeyDecryptionAlgorithm(privateKey,
- Algorithm.RSA_1_5.getJwtName());
+ KeyAlgorithm.RSA_1_5);
JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
String decryptedText = decryption.decrypt(jweContent).getContentText();
assertEquals(specPlainText, decryptedText);
@@ -175,8 +176,8 @@ public class JweCompactReaderWriterTest extends Assert {
byte[] cekEncryptionKey = Base64UrlUtility.decode(KEY_ENCRYPTION_KEY_A3);
AesGcmWrapKeyEncryptionAlgorithm keyEncryption =
- new AesGcmWrapKeyEncryptionAlgorithm(cekEncryptionKey, JoseConstants.A128GCMKW_ALGO);
- JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(),
+ new AesGcmWrapKeyEncryptionAlgorithm(cekEncryptionKey, KeyAlgorithm.A128GCMKW);
+ JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256,
CONTENT_ENCRYPTION_KEY_A3,
INIT_VECTOR_A3,
keyEncryption);
@@ -218,27 +219,28 @@ public class JweCompactReaderWriterTest extends Assert {
String jwtKeyName = null;
if (key == null) {
// the encryptor will generate it
- jwtKeyName = Algorithm.A128GCM.getJwtName();
+ jwtKeyName = ContentAlgorithm.A128GCM.getJwaName();
} else {
- jwtKeyName = Algorithm.toJwtName(key.getAlgorithm(), key.getEncoded().length * 8);
+ jwtKeyName = AlgorithmUtils.toJwaName(key.getAlgorithm(), key.getEncoded().length * 8);
}
- KeyEncryptionAlgorithm keyEncryptionAlgo = new RSAKeyEncryptionAlgorithm(publicKey,
- Algorithm.RSA_OAEP.getJwtName());
- ContentEncryptionAlgorithm contentEncryptionAlgo =
- new AesGcmContentEncryptionAlgorithm(key == null ? null : key.getEncoded(), INIT_VECTOR_A1, jwtKeyName);
+ KeyEncryptionProvider keyEncryptionAlgo = new RSAKeyEncryptionAlgorithm(publicKey,
+ KeyAlgorithm.RSA_OAEP);
+ ContentEncryptionProvider contentEncryptionAlgo =
+ new AesGcmContentEncryptionAlgorithm(key == null ? null : key.getEncoded(), INIT_VECTOR_A1,
+ ContentAlgorithm.getAlgorithm(jwtKeyName));
JweEncryptionProvider encryptor = new JweEncryption(keyEncryptionAlgo, contentEncryptionAlgo);
return encryptor.encrypt(content.getBytes("UTF-8"), null);
}
private String encryptContentDirect(SecretKey key, String content) throws Exception {
JweEncryption encryptor = new JweEncryption(new DirectKeyEncryptionAlgorithm(),
- new AesGcmContentEncryptionAlgorithm(key, INIT_VECTOR_A1, JoseConstants.A128GCM_ALGO));
+ new AesGcmContentEncryptionAlgorithm(key, INIT_VECTOR_A1, ContentAlgorithm.A128GCM));
return encryptor.encrypt(content.getBytes("UTF-8"), null);
}
private void decrypt(String jweContent, String plainContent, boolean unwrap) throws Exception {
RSAPrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED_A1,
RSA_PRIVATE_EXPONENT_ENCODED_A1);
- String algo = Cipher.getMaxAllowedKeyLength("AES") > 128
- ? JoseConstants.A256GCM_ALGO : JoseConstants.A128GCM_ALGO;
+ ContentAlgorithm algo = Cipher.getMaxAllowedKeyLength("AES") > 128
+ ? ContentAlgorithm.A256GCM : ContentAlgorithm.A128GCM;
JweDecryptionProvider decryptor = new JweDecryption(new RSAKeyDecryptionAlgorithm(privateKey),
new AesGcmContentDecryptionAlgorithm(algo));
String decryptedText = decryptor.decrypt(jweContent).getContentText();
@@ -246,7 +248,7 @@ public class JweCompactReaderWriterTest extends Assert {
}
private void decryptDirect(SecretKey key, String jweContent, String plainContent) throws Exception {
JweDecryption decryptor = new JweDecryption(new DirectKeyDecryptionAlgorithm(key),
- new AesGcmContentDecryptionAlgorithm(JoseConstants.A128GCM_ALGO));
+ new AesGcmContentDecryptionAlgorithm(ContentAlgorithm.A128GCM));
String decryptedText = decryptor.decrypt(jweContent).getContentText();
assertEquals(decryptedText, plainContent);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java
index 0fcdece..5b1c9f3 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonConsumerTest.java
@@ -25,8 +25,7 @@ import javax.crypto.SecretKey;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.crypto.CryptoUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.AfterClass;
@@ -56,8 +55,8 @@ public class JweJsonConsumerTest extends Assert {
@BeforeClass
public static void registerBouncyCastleIfNeeded() throws Exception {
try {
- Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA);
- Cipher.getInstance(Algorithm.AES_CBC_ALGO_JAVA);
+ Cipher.getInstance(AlgorithmUtils.AES_GCM_ALGO_JAVA);
+ Cipher.getInstance(AlgorithmUtils.AES_CBC_ALGO_JAVA);
} catch (Throwable t) {
Security.addProvider(new BouncyCastleProvider());
}
@@ -72,7 +71,7 @@ public class JweJsonConsumerTest extends Assert {
final String text = "The true sign of intelligence is not knowledge but imagination.";
doTestSingleRecipient(text,
JweJsonProducerTest.SINGLE_RECIPIENT_OUTPUT,
- JoseConstants.A128GCM_ALGO,
+ AlgorithmUtils.A128GCM_ALGO,
JweJsonProducerTest.WRAPPER_BYTES1,
null);
}
@@ -81,7 +80,7 @@ public class JweJsonConsumerTest extends Assert {
final String text = "The true sign of intelligence is not knowledge but imagination.";
doTestSingleRecipient(text,
JweJsonProducerTest.SINGLE_RECIPIENT_FLAT_OUTPUT,
- JoseConstants.A128GCM_ALGO,
+ AlgorithmUtils.A128GCM_ALGO,
JweJsonProducerTest.WRAPPER_BYTES1,
null);
}
@@ -90,7 +89,7 @@ public class JweJsonConsumerTest extends Assert {
final String text = "The true sign of intelligence is not knowledge but imagination.";
doTestSingleRecipient(text,
JweJsonProducerTest.SINGLE_RECIPIENT_DIRECT_OUTPUT,
- JoseConstants.A128GCM_ALGO,
+ AlgorithmUtils.A128GCM_ALGO,
null,
JweJsonProducerTest.CEK_BYTES);
}
@@ -99,7 +98,7 @@ public class JweJsonConsumerTest extends Assert {
String text = "Live long and prosper.";
doTestSingleRecipient(text,
JweJsonProducerTest.SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT,
- JoseConstants.A128CBC_HS256_ALGO,
+ AlgorithmUtils.A128CBC_HS256_ALGO,
null,
JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3);
}
@@ -108,7 +107,7 @@ public class JweJsonConsumerTest extends Assert {
String text = "Live long and prosper.";
doTestSingleRecipient(text,
JweJsonProducerTest.SINGLE_RECIPIENT_A128CBCHS256_OUTPUT,
- JoseConstants.A128CBC_HS256_ALGO,
+ AlgorithmUtils.A128CBC_HS256_ALGO,
Base64UrlUtility.decode(JweCompactReaderWriterTest.KEY_ENCRYPTION_KEY_A3),
null);
}
@@ -118,8 +117,8 @@ public class JweJsonConsumerTest extends Assert {
SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(JweJsonProducerTest.WRAPPER_BYTES1,
"AES");
- JweDecryptionProvider jwe = JweUtils.createJweDecryptionProvider(wrapperKey, JoseConstants.A128KW_ALGO,
- JoseConstants.A128GCM_ALGO);
+ JweDecryptionProvider jwe = JweUtils.createJweDecryptionProvider(wrapperKey, AlgorithmUtils.A128KW_ALGO,
+ AlgorithmUtils.A128GCM_ALGO);
JweJsonConsumer consumer = new JweJsonConsumer(JweJsonProducerTest.SINGLE_RECIPIENT_ALL_HEADERS_AAD_OUTPUT);
JweDecryptionOutput out = consumer.decryptWith(jwe);
assertEquals(text, out.getContentText());
@@ -129,8 +128,8 @@ public class JweJsonConsumerTest extends Assert {
public void testSingleRecipientAllTypeOfHeadersAndAadModified() {
SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(JweJsonProducerTest.WRAPPER_BYTES1,
"AES");
- JweDecryptionProvider jwe = JweUtils.createJweDecryptionProvider(wrapperKey, JoseConstants.A128KW_ALGO,
- JoseConstants.A128GCM_ALGO);
+ JweDecryptionProvider jwe = JweUtils.createJweDecryptionProvider(wrapperKey, AlgorithmUtils.A128KW_ALGO,
+ AlgorithmUtils.A128GCM_ALGO);
JweJsonConsumer consumer = new JweJsonConsumer(SINGLE_RECIPIENT_ALL_HEADERS_AAD_MODIFIED_OUTPUT);
try {
consumer.decryptWith(jwe);
@@ -148,7 +147,7 @@ public class JweJsonConsumerTest extends Assert {
JweDecryptionProvider jwe = null;
if (wrapperKeyBytes != null) {
SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(wrapperKeyBytes, "AES");
- jwe = JweUtils.createJweDecryptionProvider(wrapperKey, JoseConstants.A128KW_ALGO, contentEncryptionAlgo);
+ jwe = JweUtils.createJweDecryptionProvider(wrapperKey, AlgorithmUtils.A128KW_ALGO, contentEncryptionAlgo);
} else {
SecretKey cekKey = CryptoUtils.createSecretKeySpec(cek, "AES");
jwe = JweUtils.getDirectKeyJweDecryption(cekKey, contentEncryptionAlgo);
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
index 1fa0c9f..5e11159 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java
@@ -28,8 +28,7 @@ import javax.crypto.SecretKey;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.common.util.crypto.CryptoUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.AfterClass;
@@ -147,8 +146,8 @@ public class JweJsonProducerTest extends Assert {
@BeforeClass
public static void registerBouncyCastleIfNeeded() throws Exception {
try {
- Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA);
- Cipher.getInstance(Algorithm.AES_CBC_ALGO_JAVA);
+ Cipher.getInstance(AlgorithmUtils.AES_GCM_ALGO_JAVA);
+ Cipher.getInstance(AlgorithmUtils.AES_CBC_ALGO_JAVA);
} catch (Throwable t) {
Security.addProvider(new BouncyCastleProvider());
}
@@ -161,35 +160,35 @@ public class JweJsonProducerTest extends Assert {
@Test
public void testSingleRecipientGcm() throws Exception {
final String text = "The true sign of intelligence is not knowledge but imagination.";
- doTestSingleRecipient(text, SINGLE_RECIPIENT_OUTPUT, JoseConstants.A128GCM_ALGO,
+ doTestSingleRecipient(text, SINGLE_RECIPIENT_OUTPUT, AlgorithmUtils.A128GCM_ALGO,
WRAPPER_BYTES1, JweCompactReaderWriterTest.INIT_VECTOR_A1,
CEK_BYTES, false);
}
@Test
public void testSingleRecipientDirectGcm() throws Exception {
final String text = "The true sign of intelligence is not knowledge but imagination.";
- doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_OUTPUT, JoseConstants.A128GCM_ALGO,
+ doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_OUTPUT, AlgorithmUtils.A128GCM_ALGO,
null, JweCompactReaderWriterTest.INIT_VECTOR_A1,
CEK_BYTES, false);
}
@Test
public void testSingleRecipientDirectFlatGcm() throws Exception {
final String text = "The true sign of intelligence is not knowledge but imagination.";
- doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_FLAT_OUTPUT, JoseConstants.A128GCM_ALGO,
+ doTestSingleRecipient(text, SINGLE_RECIPIENT_DIRECT_FLAT_OUTPUT, AlgorithmUtils.A128GCM_ALGO,
null, JweCompactReaderWriterTest.INIT_VECTOR_A1,
CEK_BYTES, true);
}
@Test
public void testSingleRecipientFlatGcm() throws Exception {
final String text = "The true sign of intelligence is not knowledge but imagination.";
- doTestSingleRecipient(text, SINGLE_RECIPIENT_FLAT_OUTPUT, JoseConstants.A128GCM_ALGO,
+ doTestSingleRecipient(text, SINGLE_RECIPIENT_FLAT_OUTPUT, AlgorithmUtils.A128GCM_ALGO,
WRAPPER_BYTES1, JweCompactReaderWriterTest.INIT_VECTOR_A1,
CEK_BYTES, true);
}
@Test
public void testSingleRecipientA128CBCHS256() throws Exception {
String text = "Live long and prosper.";
- doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, JoseConstants.A128CBC_HS256_ALGO,
+ doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_OUTPUT, AlgorithmUtils.A128CBC_HS256_ALGO,
Base64UrlUtility.decode(JweCompactReaderWriterTest.KEY_ENCRYPTION_KEY_A3),
JweCompactReaderWriterTest.INIT_VECTOR_A3,
JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3,
@@ -198,7 +197,7 @@ public class JweJsonProducerTest extends Assert {
@Test
public void testSingleRecipientDirectA128CBCHS256() throws Exception {
String text = "Live long and prosper.";
- doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT, JoseConstants.A128CBC_HS256_ALGO,
+ doTestSingleRecipient(text, SINGLE_RECIPIENT_A128CBCHS256_DIRECT_OUTPUT, AlgorithmUtils.A128CBC_HS256_ALGO,
null,
JweCompactReaderWriterTest.INIT_VECTOR_A3,
JweCompactReaderWriterTest.CONTENT_ENCRYPTION_KEY_A3,
@@ -212,7 +211,7 @@ public class JweJsonProducerTest extends Assert {
final byte[] iv,
final byte[] cek,
boolean canBeFlat) throws Exception {
- JweHeaders headers = new JweHeaders(JoseConstants.A128KW_ALGO,
+ JweHeaders headers = new JweHeaders(AlgorithmUtils.A128KW_ALGO,
contentEncryptionAlgo);
JweEncryptionProvider jwe = null;
if (wrapperKeyBytes == null) {
@@ -240,13 +239,13 @@ public class JweJsonProducerTest extends Assert {
final String text = "The true sign of intelligence is not knowledge but imagination.";
SecretKey wrapperKey = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES1, "AES");
- JweHeaders protectedHeaders = new JweHeaders(JoseConstants.A128GCM_ALGO);
+ JweHeaders protectedHeaders = new JweHeaders(AlgorithmUtils.A128GCM_ALGO);
JweHeaders sharedUnprotectedHeaders = new JweHeaders();
sharedUnprotectedHeaders.setJsonWebKeysUrl("https://server.example.com/keys.jwks");
JweEncryptionProvider jwe = JweUtils.createJweEncryptionProvider(wrapperKey,
- JoseConstants.A128KW_ALGO,
- JoseConstants.A128GCM_ALGO,
+ AlgorithmUtils.A128KW_ALGO,
+ AlgorithmUtils.A128GCM_ALGO,
null);
JweJsonProducer p = new JweJsonProducer(protectedHeaders,
sharedUnprotectedHeaders,
@@ -261,7 +260,7 @@ public class JweJsonProducerTest extends Assert {
}
};
JweHeaders recepientUnprotectedHeaders = new JweHeaders();
- recepientUnprotectedHeaders.setKeyEncryptionAlgorithm(JoseConstants.A128KW_ALGO);
+ recepientUnprotectedHeaders.setKeyEncryptionAlgorithm(AlgorithmUtils.A128KW_ALGO);
String jweJson = p.encryptWith(jwe, recepientUnprotectedHeaders);
assertEquals(SINGLE_RECIPIENT_ALL_HEADERS_AAD_OUTPUT, jweJson);
}
@@ -271,20 +270,20 @@ public class JweJsonProducerTest extends Assert {
SecretKey wrapperKey1 = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES1, "AES");
SecretKey wrapperKey2 = CryptoUtils.createSecretKeySpec(WRAPPER_BYTES2, "AES");
- JweHeaders protectedHeaders = new JweHeaders(JoseConstants.A128GCM_ALGO);
+ JweHeaders protectedHeaders = new JweHeaders(AlgorithmUtils.A128GCM_ALGO);
JweHeaders sharedUnprotectedHeaders = new JweHeaders();
sharedUnprotectedHeaders.setJsonWebKeysUrl("https://server.example.com/keys.jwks");
- sharedUnprotectedHeaders.setKeyEncryptionAlgorithm(JoseConstants.A128KW_ALGO);
+ sharedUnprotectedHeaders.setKeyEncryptionAlgorithm(AlgorithmUtils.A128KW_ALGO);
List<JweEncryptionProvider> jweList = new LinkedList<JweEncryptionProvider>();
- KeyEncryptionAlgorithm keyEncryption1 =
- JweUtils.getSecretKeyEncryptionAlgorithm(wrapperKey1, JoseConstants.A128KW_ALGO);
- ContentEncryptionAlgorithm contentEncryption =
- JweUtils.getContentEncryptionAlgorithm(JoseConstants.A128GCM_ALGO);
+ KeyEncryptionProvider keyEncryption1 =
+ JweUtils.getSecretKeyEncryptionAlgorithm(wrapperKey1, AlgorithmUtils.A128KW_ALGO);
+ ContentEncryptionProvider contentEncryption =
+ JweUtils.getContentEncryptionAlgorithm(AlgorithmUtils.A128GCM_ALGO);
JweEncryptionProvider jwe1 = new JweEncryption(keyEncryption1, contentEncryption);
- KeyEncryptionAlgorithm keyEncryption2 =
- JweUtils.getSecretKeyEncryptionAlgorithm(wrapperKey2, JoseConstants.A128KW_ALGO);
+ KeyEncryptionProvider keyEncryption2 =
+ JweUtils.getSecretKeyEncryptionAlgorithm(wrapperKey2, AlgorithmUtils.A128KW_ALGO);
JweEncryptionProvider jwe2 = new JweEncryption(keyEncryption2, contentEncryption);
jweList.add(jwe1);
jweList.add(jwe2);
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
index 5f721f5..2e1d942 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
@@ -20,8 +20,9 @@ package org.apache.cxf.rs.security.jose.jwe;
import java.security.Security;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
+import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.After;
@@ -42,9 +43,9 @@ public class JwePbeHmacAesWrapTest extends Assert {
public void testEncryptDecryptPbesHmacAesWrapA128CBCHS256() throws Exception {
final String specPlainText = "Live long and prosper.";
final String password = "Thus from my lips, by yours, my sin is purged.";
- KeyEncryptionAlgorithm keyEncryption =
- new PbesHmacAesWrapKeyEncryptionAlgorithm(password, JoseConstants.PBES2_HS256_A128KW_ALGO);
- JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(),
+ KeyEncryptionProvider keyEncryption =
+ new PbesHmacAesWrapKeyEncryptionAlgorithm(password, KeyAlgorithm.PBES2_HS256_A128KW);
+ JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256,
keyEncryption);
String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
@@ -58,17 +59,17 @@ public class JwePbeHmacAesWrapTest extends Assert {
public void testEncryptDecryptPbesHmacAesWrapAesGcm() throws Exception {
final String specPlainText = "Live long and prosper.";
JweHeaders headers = new JweHeaders();
- headers.setAlgorithm(JoseConstants.PBES2_HS256_A128KW_ALGO);
- headers.setContentEncryptionAlgorithm(Algorithm.A128GCM.getJwtName());
+ headers.setAlgorithm(AlgorithmUtils.PBES2_HS256_A128KW_ALGO);
+ headers.setContentEncryptionAlgorithm(ContentAlgorithm.A128GCM.getJwaName());
final String password = "Thus from my lips, by yours, my sin is purged.";
- KeyEncryptionAlgorithm keyEncryption =
- new PbesHmacAesWrapKeyEncryptionAlgorithm(password, JoseConstants.PBES2_HS256_A128KW_ALGO);
+ KeyEncryptionProvider keyEncryption =
+ new PbesHmacAesWrapKeyEncryptionAlgorithm(password, KeyAlgorithm.PBES2_HS256_A128KW);
JweEncryptionProvider encryption = new JweEncryption(keyEncryption,
- new AesGcmContentEncryptionAlgorithm(Algorithm.A128GCM.getJwtName()));
+ new AesGcmContentEncryptionAlgorithm(ContentAlgorithm.A128GCM));
String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
PbesHmacAesWrapKeyDecryptionAlgorithm keyDecryption = new PbesHmacAesWrapKeyDecryptionAlgorithm(password);
JweDecryptionProvider decryption = new JweDecryption(keyDecryption,
- new AesGcmContentDecryptionAlgorithm(JoseConstants.A128GCM_ALGO));
+ new AesGcmContentDecryptionAlgorithm(ContentAlgorithm.A128GCM));
String decryptedText = decryption.decrypt(jweContent).getContentText();
assertEquals(specPlainText, decryptedText);
http://git-wip-us.apache.org/repos/asf/cxf/blob/8d2b0180/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
index ba92742..6c0f243 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
@@ -25,8 +25,9 @@ import java.util.List;
import java.util.Map;
import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
+import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
import org.apache.cxf.rs.security.jose.jwe.JweCompactConsumer;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -129,8 +130,9 @@ public class JsonWebKeyTest extends Assert {
String encryptedKeySet = JwkUtils.encryptJwkSet(jwks, password.toCharArray());
JweCompactConsumer c = new JweCompactConsumer(encryptedKeySet);
assertEquals("jwk-set+json", c.getJweHeaders().getContentType());
- assertEquals(Algorithm.PBES2_HS256_A128KW.getJwtName(), c.getJweHeaders().getKeyEncryptionAlgorithm());
- assertEquals(Algorithm.A128CBC_HS256.getJwtName(), c.getJweHeaders().getContentEncryptionAlgorithm());
+ assertEquals(KeyAlgorithm.PBES2_HS256_A128KW.getJwaName(), c.getJweHeaders().getKeyEncryptionAlgorithm());
+ assertEquals(ContentAlgorithm.A128CBC_HS256.getJwaName(),
+ c.getJweHeaders().getContentEncryptionAlgorithm());
assertNotNull(c.getJweHeaders().getHeader("p2s"));
assertNotNull(c.getJweHeaders().getHeader("p2c"));
jwks = JwkUtils.decryptJwkSet(encryptedKeySet, password.toCharArray());
@@ -153,8 +155,9 @@ public class JsonWebKeyTest extends Assert {
String encryptedKey = JwkUtils.encryptJwkKey(jwk, password.toCharArray());
JweCompactConsumer c = new JweCompactConsumer(encryptedKey);
assertEquals("jwk+json", c.getJweHeaders().getContentType());
- assertEquals(Algorithm.PBES2_HS256_A128KW.getJwtName(), c.getJweHeaders().getKeyEncryptionAlgorithm());
- assertEquals(Algorithm.A128CBC_HS256.getJwtName(), c.getJweHeaders().getContentEncryptionAlgorithm());
+ assertEquals(KeyAlgorithm.PBES2_HS256_A128KW.getJwaName(), c.getJweHeaders().getKeyEncryptionAlgorithm());
+ assertEquals(ContentAlgorithm.A128CBC_HS256.getJwaName(),
+ c.getJweHeaders().getContentEncryptionAlgorithm());
assertNotNull(c.getJweHeaders().getHeader("p2s"));
assertNotNull(c.getJweHeaders().getHeader("p2c"));
jwk = JwkUtils.decryptJwkKey(encryptedKey, password.toCharArray());
@@ -181,13 +184,13 @@ public class JsonWebKeyTest extends Assert {
assertEquals(AES_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
assertEquals(AES_KID_VALUE, key.getKid());
assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
- assertEquals(JoseConstants.A128KW_ALGO, key.getAlgorithm());
+ assertEquals(AlgorithmUtils.A128KW_ALGO, key.getAlgorithm());
}
private void validateSecretHmacKey(JsonWebKey key) {
assertEquals(HMAC_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
assertEquals(HMAC_KID_VALUE, key.getKid());
assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
- assertEquals(JoseConstants.HMAC_SHA_256_ALGO, key.getAlgorithm());
+ assertEquals(AlgorithmUtils.HMAC_SHA_256_ALGO, key.getAlgorithm());
}
private void validatePublicRsaKey(JsonWebKey key) {
@@ -195,7 +198,7 @@ public class JsonWebKeyTest extends Assert {
assertEquals(RSA_PUBLIC_EXP_VALUE, key.getProperty(JsonWebKey.RSA_PUBLIC_EXP));
assertEquals(RSA_KID_VALUE, key.getKid());
assertEquals(JsonWebKey.KEY_TYPE_RSA, key.getKeyType());
- assertEquals(JoseConstants.RS_SHA_256_ALGO, key.getAlgorithm());
+ assertEquals(AlgorithmUtils.RS_SHA_256_ALGO, key.getAlgorithm());
}
private void validatePrivateRsaKey(JsonWebKey key) {
validatePublicRsaKey(key);