coheigea commented on a change in pull request #604: [CXF-8162] JWE with
multiple recipients does not work for AES CBC Encryption
URL: https://github.com/apache/cxf/pull/604#discussion_r350343685
##########
File path:
rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
##########
@@ -19,66 +19,50 @@
package org.apache.cxf.rs.security.jose.jwe;
import java.nio.ByteBuffer;
-import java.security.spec.AlgorithmParameterSpec;
-import java.util.HashMap;
-import java.util.Map;
import javax.crypto.Mac;
-import javax.crypto.spec.IvParameterSpec;
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
import org.apache.cxf.rt.security.crypto.HmacUtils;
public class AesCbcHmacJweEncryption extends JweEncryption {
- private static final Map<String, String> AES_HMAC_MAP;
- private static final Map<String, Integer> AES_CEK_SIZE_MAP;
- static {
- AES_HMAC_MAP = new HashMap<>();
- AES_HMAC_MAP.put(ContentAlgorithm.A128CBC_HS256.getJwaName(),
AlgorithmUtils.HMAC_SHA_256_JAVA);
- AES_HMAC_MAP.put(ContentAlgorithm.A192CBC_HS384.getJwaName(),
AlgorithmUtils.HMAC_SHA_384_JAVA);
- AES_HMAC_MAP.put(ContentAlgorithm.A256CBC_HS512.getJwaName(),
AlgorithmUtils.HMAC_SHA_512_JAVA);
-
- AES_CEK_SIZE_MAP = new HashMap<>();
- AES_CEK_SIZE_MAP.put(ContentAlgorithm.A128CBC_HS256.getJwaName(), 32);
- AES_CEK_SIZE_MAP.put(ContentAlgorithm.A192CBC_HS384.getJwaName(), 48);
- AES_CEK_SIZE_MAP.put(ContentAlgorithm.A256CBC_HS512.getJwaName(), 64);
- }
+
public AesCbcHmacJweEncryption(ContentAlgorithm cekAlgoJwt,
KeyEncryptionProvider
keyEncryptionAlgorithm) {
this(cekAlgoJwt, keyEncryptionAlgorithm, false);
}
+
public AesCbcHmacJweEncryption(ContentAlgorithm cekAlgoJwt,
KeyEncryptionProvider
keyEncryptionAlgorithm,
boolean generateCekOnce) {
- super(keyEncryptionAlgorithm,
- new
AesCbcContentEncryptionAlgorithm(validateCekAlgorithm(cekAlgoJwt),
- generateCekOnce));
+ super(keyEncryptionAlgorithm, new
AesCbcContentEncryptionAlgorithm(cekAlgoJwt, generateCekOnce));
}
+
public AesCbcHmacJweEncryption(ContentAlgorithm cekAlgoJwt, byte[] cek,
byte[] iv, KeyEncryptionProvider
keyEncryptionAlgorithm) {
- super(keyEncryptionAlgorithm,
- new AesCbcContentEncryptionAlgorithm(cek, iv,
-
validateCekAlgorithm(cekAlgoJwt)));
-
+ super(keyEncryptionAlgorithm, new
AesCbcContentEncryptionAlgorithm(cek, iv, cekAlgoJwt));
+ }
+
+ public AesCbcHmacJweEncryption(KeyEncryptionProvider
keyEncryptionAlgorithm, AesCbcContentEncryptionAlgorithm
contentEncryptionAlgorithm) {
+ super(keyEncryptionAlgorithm, contentEncryptionAlgorithm);
}
+
@Override
protected byte[] getActualCek(byte[] theCek, String algoJwt) {
return doGetActualCek(theCek, algoJwt);
}
+
protected static byte[] doGetActualCek(byte[] theCek, String algoJwt) {
- int size = getFullCekKeySize(algoJwt) / 2;
+ int size = AesCbcContentEncryptionAlgorithm.getFullCekKeySize(algoJwt)
/ 2;
byte[] actualCek = new byte[size];
- System.arraycopy(theCek, size, actualCek, 0, size);
+ System.arraycopy(theCek, 0, actualCek, 0, size);
Review comment:
I think this change may not be correct. The spec says that for
AES_128_CBC_HMAC_SHA_256 the input key must be 32 bytes, and the test in
JweJsonProducerTest.testMultipleRecipientsA128CBCHS256GivenCek is passing in a
16 byte key hence the error:
"The input key K is 32 octets long."
https://tools.ietf.org/html/rfc7518#section-5.2.3
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
