You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/04/29 13:44:02 UTC
cxf git commit: Minor update to JWE code in preparation for
supporting direct ecdh
Repository: cxf
Updated Branches:
refs/heads/master d71a3e76c -> 0ce334ef4
Minor update to JWE code in preparation for supporting direct ecdh
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0ce334ef
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0ce334ef
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0ce334ef
Branch: refs/heads/master
Commit: 0ce334ef4cc93c9252486cfe58fead2c02cf877b
Parents: d71a3e7
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Wed Apr 29 12:43:43 2015 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Wed Apr 29 12:43:43 2015 +0100
----------------------------------------------------------------------
.../rs/security/jose/jwa/AlgorithmUtils.java | 7 +++++--
.../jose/jwe/EcdhDirectKeyJweEncryption.java | 5 +++++
.../cxf/rs/security/jose/jwe/JweUtils.java | 22 ++++----------------
3 files changed, 14 insertions(+), 20 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/0ce334ef/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
index 22d7908..96eb27e 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
@@ -124,7 +124,7 @@ public final class AlgorithmUtils {
public static final Set<String> PBES_HS_SET = new HashSet<String>(Arrays.asList(PBES2_HS256_A128KW_ALGO,
PBES2_HS384_A192KW_ALGO,
PBES2_HS512_A256KW_ALGO));
- public static final Set<String> ECDH_ES_SET = new HashSet<String>(Arrays.asList(ECDH_ES_A128KW_ALGO,
+ public static final Set<String> ECDH_ES_WRAP_SET = new HashSet<String>(Arrays.asList(ECDH_ES_A128KW_ALGO,
ECDH_ES_A192KW_ALGO,
ECDH_ES_A256KW_ALGO));
@@ -210,7 +210,10 @@ public final class AlgorithmUtils {
return PBES_HS_SET.contains(algo);
}
public static boolean isEcdhEsWrap(String algo) {
- return ECDH_ES_SET.contains(algo);
+ return ECDH_ES_WRAP_SET.contains(algo);
+ }
+ public static boolean isEcdhEsDirect(String algo) {
+ return ECDH_ES_DIRECT_ALGO.equals(algo);
}
public static boolean isAesGcm(String algo) {
return AES_GCM_CEK_SET.contains(algo);
http://git-wip-us.apache.org/repos/asf/cxf/blob/0ce334ef/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
index c1e3eef..210c597 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
@@ -33,6 +33,11 @@ import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
public class EcdhDirectKeyJweEncryption extends JweEncryption {
public EcdhDirectKeyJweEncryption(ECPublicKey peerPublicKey,
String curve,
+ ContentAlgorithm ctAlgo) {
+ this(peerPublicKey, curve, null, null, ctAlgo);
+ }
+ public EcdhDirectKeyJweEncryption(ECPublicKey peerPublicKey,
+ String curve,
String apuString,
String apvString,
ContentAlgorithm ctAlgo) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/0ce334ef/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index c4d4764..f8e2f20 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -228,14 +228,7 @@ public final class JweUtils {
return ContentAlgorithm.getAlgorithm(algo);
}
public static JweEncryption getDirectKeyJweEncryption(JsonWebKey key) {
- if (AlgorithmUtils.isAesCbcHmac(key.getAlgorithm())) {
- return new AesCbcHmacJweEncryption(getContentAlgo(key.getAlgorithm()),
- JwkUtils.toSecretKey(key).getEncoded(),
- null, new DirectKeyEncryptionAlgorithm());
- } else {
- return new JweEncryption(new DirectKeyEncryptionAlgorithm(),
- getContentEncryptionAlgorithm(key, key.getAlgorithm()));
- }
+ return getDirectKeyJweEncryption(JwkUtils.toSecretKey(key), key.getAlgorithm());
}
public static JweEncryption getDirectKeyJweEncryption(SecretKey key, String algorithm) {
if (AlgorithmUtils.isAesCbcHmac(algorithm)) {
@@ -246,6 +239,9 @@ public final class JweUtils {
getContentEncryptionAlgorithm(key, algorithm));
}
}
+ public static JweDecryption getDirectKeyJweDecryption(JsonWebKey key) {
+ return getDirectKeyJweDecryption(JwkUtils.toSecretKey(key), key.getAlgorithm());
+ }
public static JweDecryption getDirectKeyJweDecryption(SecretKey key, String algorithm) {
if (AlgorithmUtils.isAesCbcHmac(algorithm)) {
return new AesCbcHmacJweDecryption(new DirectKeyDecryptionAlgorithm(key), getContentAlgo(algorithm));
@@ -254,16 +250,6 @@ public final class JweUtils {
getContentDecryptionAlgorithm(algorithm));
}
}
- public static JweDecryption getDirectKeyJweDecryption(JsonWebKey key) {
- if (AlgorithmUtils.isAesCbcHmac(key.getAlgorithm())) {
- return new AesCbcHmacJweDecryption(
- new DirectKeyDecryptionAlgorithm(JwkUtils.toSecretKey(key).getEncoded()),
- getContentAlgo(key.getAlgorithm()));
- } else {
- return new JweDecryption(new DirectKeyDecryptionAlgorithm(JwkUtils.toSecretKey(key)),
- getContentDecryptionAlgorithm(key.getAlgorithm()));
- }
- }
public static JweEncryptionProvider loadEncryptionProvider(boolean required) {
return loadEncryptionProvider(null, required);
}