coheigea commented on code in PR #298:
URL: https://github.com/apache/ws-wss4j/pull/298#discussion_r1531662068
##########
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java:
##########
@@ -80,10 +77,22 @@ public class WSSecEncryptedKey extends WSSecBase {
/**
* Key agreement method algorithm used to encrypt the transport key.
* Example for ECDH-ES: http://www.w3.org/2009/xmlenc11#ECDH-ES
- *
+ * and xec example: X25519: http://www.w3.org/2009/xmlenc11#x25519
*/
private String keyAgreementMethod;
+ /**
+ * Method to derive the key to be used to encrypt the data with the Key
keyAgreementMethod
+ *
+ */
+ private String keyDerivationMethod = WSS4JConstants.KEYDERIVATION_HKDF;
+
+
+ /**
+ * The Key Derivation Parameters for the with the Key keyAgreementMethod
+ */
+ KeyDerivationParameters keyDerivationParameters;
Review Comment:
Can it be private?
##########
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java:
##########
@@ -561,6 +581,56 @@ private KeyAgreementParameters
buildKeyAgreementParameter(PublicKey recipientPub
return dhSpec;
}
+ /**
+ * Method builds the KeyDerivationParameters for keyDerivationMethod and
default values. The default values for
+ * the key derivation method are:
+ * <ul>
+ * <li>ConcatKDF
+ * <ul>
+ * <li> DigestAlgorithm:
"http://www.w3.org/2001/04/xmlenc#sha256";</li>
+ * <li> AlgorithmID: "0000"</li>
+ * <li> PartyUInfo: ""</li>
+ * <li> PartyVInfo: ""</li>
+ * <li> SuppPubInfo: null</li>
+ * <li> SuppPrivInfo: null</li>
+ * </ul>
+ * <li>HKDF: SHA-256
+ * <ul>
+ * <li> PRF: http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 </li>
+ * <li> Salt: random 256 bit value</li>
+ * <li> Info: null</li>
+ * </ul>
+ * </li>
+ * </ul>
+ *
+ * @param keyBitLength the length of the derived key in bits
+ * @return KeyDerivationParameters the {@link KeyDerivationParameters} for
generating the
+ * key for encrypting transport key and generating XML elements.
+ * @throws WSSecurityException if the KeyDerivationParameters cannot be
created
+ */
+ private KeyDerivationParameters buildKeyDerivationParameters(int
keyBitLength) throws WSSecurityException {
+
+ switch (keyDerivationMethod) {
+ case WSS4JConstants.KEYDERIVATION_CONCATKDF:
+ return
XMLCipherUtil.constructConcatKeyDerivationParameter(keyBitLength,
WSConstants.SHA256,
+ "0000", "", "", null, null);
+ case WSS4JConstants.KEYDERIVATION_HKDF:
+ // use semi random value for salt.
+ // rfc5869: Yet, even a salt value of less quality (shorter in
+ // size or with limited entropy) may still make a significant
+ // contribution to the security of the output keying material
+ byte[] semiRandom = new byte[keyBitLength / 8];
+ new Random().nextBytes(semiRandom);
Review Comment:
Shouldn't we use SecureRandom at least?
##########
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java:
##########
@@ -389,7 +398,15 @@ protected void createEncryptedKeyElement(X509Certificate
remoteCert, Crypto cryp
}
encryptedKeyElement.appendChild(keyInfoElement);
}
+ }
+ /**
+ * Method verifies is the key agreement method is not empty
+ * @param keyAgreementMethod the key agreement method
+ * @return true if the key agreement method is not empty else false
+ */
+ private boolean isKeyAgreementMethodNotEmpty(String keyAgreementMethod) {
Review Comment:
Change it to isKeyAgreementConfigured ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org
For additional commands, e-mail: dev-h...@ws.apache.org
