Repository: cxf Updated Branches: refs/heads/3.1.x-fixes e231ad5e6 -> ab20d3539
Tweaking the at_hash code a bit Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ab20d353 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ab20d353 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ab20d353 Branch: refs/heads/3.1.x-fixes Commit: ab20d353990b20e72500d00e128c0a72d5dcf329 Parents: e231ad5 Author: Sergey Beryozkin <[email protected]> Authored: Wed Dec 9 18:10:47 2015 +0000 Committer: Sergey Beryozkin <[email protected]> Committed: Wed Dec 9 18:12:17 2015 +0000 ---------------------------------------------------------------------- .../org/apache/cxf/rs/security/oidc/utils/OidcUtils.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/ab20d353/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java index e2b7e6e..19534f5 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java @@ -127,11 +127,13 @@ public final class OidcUtils { if (sigAlgo == SignatureAlgorithm.NONE) { throw new JwsException(JwsException.Error.INVALID_ALGORITHM); } - int algoShaSize = Integer.valueOf(sigAlgo.getJwaName().substring(2)); - int valueHashSize = algoShaSize / 16; + String algoShaSizeString = sigAlgo.getJwaName().substring(2); + String javaShaAlgo = "SHA-" + algoShaSizeString; + int algoShaSize = Integer.valueOf(algoShaSizeString); + int valueHashSize = (algoShaSize / 8) / 2; try { byte[] atBytes = StringUtils.toBytesASCII(value); - byte[] digest = MessageDigestUtils.createDigest(atBytes, MessageDigestUtils.ALGO_SHA_256); + byte[] digest = MessageDigestUtils.createDigest(atBytes, javaShaAlgo); return Base64UrlUtility.encodeChunk(digest, 0, valueHashSize); } catch (NoSuchAlgorithmException ex) { throw new SecurityException(ex);
