Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 2e5f5a13b -> 48bba92a4
[CXF-5944] Updating JweUtils Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/48bba92a Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/48bba92a Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/48bba92a Branch: refs/heads/3.0.x-fixes Commit: 48bba92a45b9f9df90f4a01507f5497d93604df6 Parents: 2e5f5a1 Author: Sergey Beryozkin <[email protected]> Authored: Fri Sep 19 16:15:53 2014 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Fri Sep 19 16:17:07 2014 +0100 ---------------------------------------------------------------------- .../apache/cxf/rs/security/jose/jwa/Algorithm.java | 7 ++++++- .../org/apache/cxf/rs/security/jose/jwe/JweUtils.java | 14 ++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/48bba92a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java index 800bd1a..f16a0ec 100644 --- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java +++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java @@ -192,10 +192,15 @@ public enum Algorithm { || JwtConstants.A256KW_ALGO.equals(algo); } public static boolean isAesGcmKeyWrap(String algo) { - return JwtConstants.A128GCM_ALGO.equals(algo) + return JwtConstants.A128GCMKW_ALGO.equals(algo) || JwtConstants.A192GCMKW_ALGO.equals(algo) || JwtConstants.A256GCMKW_ALGO.equals(algo); } + public static boolean isAesGcm(String algo) { + return JwtConstants.A128GCM_ALGO.equals(algo) + || JwtConstants.A192GCM_ALGO.equals(algo) + || JwtConstants.A256GCM_ALGO.equals(algo); + } public static boolean isHmacSign(String algo) { return JwtConstants.HMAC_SHA_256_ALGO.equals(algo) || JwtConstants.HMAC_SHA_384_ALGO.equals(algo) http://git-wip-us.apache.org/repos/asf/cxf/blob/48bba92a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java index c3aa6d4..4cf96e7 100644 --- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java +++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java @@ -65,4 +65,18 @@ public final class JweUtils { } return keyDecryptionProvider; } + public static ContentEncryptionAlgorithm getContentEncryptionAlgorithm(JsonWebKey jwk) { + return getContentEncryptionAlgorithm(jwk, null); + } + public static ContentEncryptionAlgorithm getContentEncryptionAlgorithm(JsonWebKey jwk, String defaultAlgorithm) { + String ctEncryptionAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : jwk.getAlgorithm(); + ContentEncryptionAlgorithm contentEncryptionProvider = null; + if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) { + SecretKey key = JwkUtils.toSecretKey(jwk); + if (Algorithm.isAesGcm(ctEncryptionAlgo)) { + contentEncryptionProvider = new AesGcmContentEncryptionAlgorithm(key, null, ctEncryptionAlgo); + } + } + return contentEncryptionProvider; + } }
