You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/04/29 13:44:02 UTC

cxf git commit: Minor update to JWE code in preparation for supporting direct ecdh

Repository: cxf
Updated Branches:
  refs/heads/master d71a3e76c -> 0ce334ef4


Minor update to JWE code in preparation for supporting direct ecdh


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0ce334ef
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0ce334ef
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0ce334ef

Branch: refs/heads/master
Commit: 0ce334ef4cc93c9252486cfe58fead2c02cf877b
Parents: d71a3e7
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Wed Apr 29 12:43:43 2015 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Wed Apr 29 12:43:43 2015 +0100

----------------------------------------------------------------------
 .../rs/security/jose/jwa/AlgorithmUtils.java    |  7 +++++--
 .../jose/jwe/EcdhDirectKeyJweEncryption.java    |  5 +++++
 .../cxf/rs/security/jose/jwe/JweUtils.java      | 22 ++++----------------
 3 files changed, 14 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/0ce334ef/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
index 22d7908..96eb27e 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
@@ -124,7 +124,7 @@ public final class AlgorithmUtils {
     public static final Set<String> PBES_HS_SET = new HashSet<String>(Arrays.asList(PBES2_HS256_A128KW_ALGO,
                                           PBES2_HS384_A192KW_ALGO,
                                           PBES2_HS512_A256KW_ALGO));
-    public static final Set<String> ECDH_ES_SET = new HashSet<String>(Arrays.asList(ECDH_ES_A128KW_ALGO,
+    public static final Set<String> ECDH_ES_WRAP_SET = new HashSet<String>(Arrays.asList(ECDH_ES_A128KW_ALGO,
                       ECDH_ES_A192KW_ALGO,
                       ECDH_ES_A256KW_ALGO));
     
@@ -210,7 +210,10 @@ public final class AlgorithmUtils {
         return PBES_HS_SET.contains(algo); 
     }
     public static boolean isEcdhEsWrap(String algo) {
-        return ECDH_ES_SET.contains(algo); 
+        return ECDH_ES_WRAP_SET.contains(algo); 
+    }
+    public static boolean isEcdhEsDirect(String algo) {
+        return ECDH_ES_DIRECT_ALGO.equals(algo); 
     }
     public static boolean isAesGcm(String algo) {
         return AES_GCM_CEK_SET.contains(algo);

http://git-wip-us.apache.org/repos/asf/cxf/blob/0ce334ef/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
index c1e3eef..210c597 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/EcdhDirectKeyJweEncryption.java
@@ -33,6 +33,11 @@ import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
 public class EcdhDirectKeyJweEncryption extends JweEncryption {
     public EcdhDirectKeyJweEncryption(ECPublicKey peerPublicKey,
                                       String curve,
+                                      ContentAlgorithm ctAlgo) {
+        this(peerPublicKey, curve, null, null, ctAlgo);
+    }
+    public EcdhDirectKeyJweEncryption(ECPublicKey peerPublicKey,
+                                      String curve,
                                       String apuString,
                                       String apvString,
                                       ContentAlgorithm ctAlgo) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/0ce334ef/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index c4d4764..f8e2f20 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -228,14 +228,7 @@ public final class JweUtils {
         return ContentAlgorithm.getAlgorithm(algo);
     }
     public static JweEncryption getDirectKeyJweEncryption(JsonWebKey key) {
-        if (AlgorithmUtils.isAesCbcHmac(key.getAlgorithm())) {
-            return new AesCbcHmacJweEncryption(getContentAlgo(key.getAlgorithm()), 
-                                               JwkUtils.toSecretKey(key).getEncoded(), 
-                                               null, new DirectKeyEncryptionAlgorithm());
-        } else {
-            return new JweEncryption(new DirectKeyEncryptionAlgorithm(),
-                                 getContentEncryptionAlgorithm(key, key.getAlgorithm()));
-        }
+        return getDirectKeyJweEncryption(JwkUtils.toSecretKey(key), key.getAlgorithm());
     }
     public static JweEncryption getDirectKeyJweEncryption(SecretKey key, String algorithm) {
         if (AlgorithmUtils.isAesCbcHmac(algorithm)) {
@@ -246,6 +239,9 @@ public final class JweUtils {
                                  getContentEncryptionAlgorithm(key, algorithm));
         }
     }
+    public static JweDecryption getDirectKeyJweDecryption(JsonWebKey key) {
+        return getDirectKeyJweDecryption(JwkUtils.toSecretKey(key), key.getAlgorithm());
+    }
     public static JweDecryption getDirectKeyJweDecryption(SecretKey key, String algorithm) {
         if (AlgorithmUtils.isAesCbcHmac(algorithm)) { 
             return new AesCbcHmacJweDecryption(new DirectKeyDecryptionAlgorithm(key), getContentAlgo(algorithm));
@@ -254,16 +250,6 @@ public final class JweUtils {
                                  getContentDecryptionAlgorithm(algorithm));
         }
     }
-    public static JweDecryption getDirectKeyJweDecryption(JsonWebKey key) {
-        if (AlgorithmUtils.isAesCbcHmac(key.getAlgorithm())) { 
-            return new AesCbcHmacJweDecryption(
-                new DirectKeyDecryptionAlgorithm(JwkUtils.toSecretKey(key).getEncoded()), 
-                    getContentAlgo(key.getAlgorithm()));
-        } else {
-            return new JweDecryption(new DirectKeyDecryptionAlgorithm(JwkUtils.toSecretKey(key)), 
-                                 getContentDecryptionAlgorithm(key.getAlgorithm()));
-        }
-    }
     public static JweEncryptionProvider loadEncryptionProvider(boolean required) {
         return loadEncryptionProvider(null, required);
     }