git commit: [CXF-5902] More refactoring to get the utility AesCbcHmac decryption working
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes cc5903ca8 -> 46dd6627e [CXF-5902] More refactoring to get the utility AesCbcHmac decryption working Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/46dd6627 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/46dd6627 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/46dd6627 Branch: refs/heads/3.0.x-fixes Commit: 46dd6627e2a5c7d0fef9f7426739a8025d28ca4e Parents: cc5903c Author: Sergey Beryozkin Authored: Tue Aug 12 11:35:10 2014 +0100 Committer: Sergey Beryozkin Committed: Tue Aug 12 21:11:22 2014 +0100 -- .../jwe/AbstractContentEncryptionAlgorithm.java | 17 + ...stractContentEncryptionCipherProperties.java | 39 .../oauth2/jwe/AbstractJweDecryption.java | 10 +++-- .../oauth2/jwe/AbstractJweEncryption.java | 2 +- .../oauth2/jwe/AesCbcHmacJweEncryption.java | 2 +- .../jwe/AesGcmContentDecryptionAlgorithm.java | 24 .../oauth2/jwe/ContentEncryptionAlgorithm.java | 7 +--- .../jwe/ContentEncryptionCipherProperties.java | 27 ++ .../oauth2/jwe/DirectKeyJweDecryption.java | 10 - .../oauth2/jwe/WrappedKeyJweDecryption.java | 7 +++- 10 files changed, 116 insertions(+), 29 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/46dd6627/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java -- diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java index c452992..9dde55d 100644 --- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java +++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java @@ -18,22 +18,19 @@ */ package org.apache.cxf.rs.security.oauth2.jwe; -import java.security.spec.AlgorithmParameterSpec; import java.util.concurrent.atomic.AtomicInteger; import javax.crypto.SecretKey; -import org.apache.cxf.rs.security.oauth2.jwt.JwtHeadersWriter; import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils; -public abstract class AbstractContentEncryptionAlgorithm implements ContentEncryptionAlgorithm { +public abstract class AbstractContentEncryptionAlgorithm extends AbstractContentEncryptionCipherProperties +implements ContentEncryptionAlgorithm { private static final int DEFAULT_IV_SIZE = 128; -private static final int DEFAULT_AUTH_TAG_LENGTH = 128; private byte[] cek; private byte[] iv; private AtomicInteger providedIvUsageCount; -private int authTagLen = DEFAULT_AUTH_TAG_LENGTH; protected AbstractContentEncryptionAlgorithm(SecretKey key, byte[] iv) { this(key.getEncoded(), iv); } @@ -45,16 +42,9 @@ public abstract class AbstractContentEncryptionAlgorithm implements ContentEncry } } - public byte[] getContentEncryptionKey(JweHeaders headers) { return cek; } -public AlgorithmParameterSpec getAlgorithmParameterSpec(byte[] theIv) { -return CryptoUtils.getContentEncryptionCipherSpec(getAuthTagLen(), theIv); -} -public byte[] getAAD(JweHeaders theHeaders, JwtHeadersWriter writer) { -return theHeaders.toCipherAdditionalAuthData(writer); -} public byte[] getInitVector() { if (iv == null) { return CryptoUtils.generateSecureRandomBytes(getIvSize()); @@ -64,9 +54,6 @@ public abstract class AbstractContentEncryptionAlgorithm implements ContentEncry return iv; } } -protected int getAuthTagLen() { -return authTagLen; -} protected int getIvSize() { return DEFAULT_IV_SIZE; } http://git-wip-us.apache.org/repos/asf/cxf/blob/46dd6627/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionCipherProperties.java -- diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionCipherProperties.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionCipherProperties.java new file mode 100644 index 000..7f06abf --- /dev/null +++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe
git commit: [CXF-5902] More refactoring to get the utility AesCbcHmac decryption working
Repository: cxf Updated Branches: refs/heads/master 101beb08d -> 49791d37e [CXF-5902] More refactoring to get the utility AesCbcHmac decryption working Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/49791d37 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/49791d37 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/49791d37 Branch: refs/heads/master Commit: 49791d37e9f339b935e19d7ca1bfcd3135568c0d Parents: 101beb0 Author: Sergey Beryozkin Authored: Tue Aug 12 11:35:10 2014 +0100 Committer: Sergey Beryozkin Committed: Tue Aug 12 11:35:10 2014 +0100 -- .../jwe/AbstractContentEncryptionAlgorithm.java | 17 + ...stractContentEncryptionCipherProperties.java | 39 .../oauth2/jwe/AbstractJweDecryption.java | 10 +++-- .../oauth2/jwe/AbstractJweEncryption.java | 2 +- .../oauth2/jwe/AesCbcHmacJweEncryption.java | 2 +- .../jwe/AesGcmContentDecryptionAlgorithm.java | 24 .../oauth2/jwe/ContentEncryptionAlgorithm.java | 7 +--- .../jwe/ContentEncryptionCipherProperties.java | 27 ++ .../oauth2/jwe/DirectKeyJweDecryption.java | 10 - .../oauth2/jwe/WrappedKeyJweDecryption.java | 7 +++- 10 files changed, 116 insertions(+), 29 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/49791d37/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java -- diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java index c452992..9dde55d 100644 --- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java +++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionAlgorithm.java @@ -18,22 +18,19 @@ */ package org.apache.cxf.rs.security.oauth2.jwe; -import java.security.spec.AlgorithmParameterSpec; import java.util.concurrent.atomic.AtomicInteger; import javax.crypto.SecretKey; -import org.apache.cxf.rs.security.oauth2.jwt.JwtHeadersWriter; import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils; -public abstract class AbstractContentEncryptionAlgorithm implements ContentEncryptionAlgorithm { +public abstract class AbstractContentEncryptionAlgorithm extends AbstractContentEncryptionCipherProperties +implements ContentEncryptionAlgorithm { private static final int DEFAULT_IV_SIZE = 128; -private static final int DEFAULT_AUTH_TAG_LENGTH = 128; private byte[] cek; private byte[] iv; private AtomicInteger providedIvUsageCount; -private int authTagLen = DEFAULT_AUTH_TAG_LENGTH; protected AbstractContentEncryptionAlgorithm(SecretKey key, byte[] iv) { this(key.getEncoded(), iv); } @@ -45,16 +42,9 @@ public abstract class AbstractContentEncryptionAlgorithm implements ContentEncry } } - public byte[] getContentEncryptionKey(JweHeaders headers) { return cek; } -public AlgorithmParameterSpec getAlgorithmParameterSpec(byte[] theIv) { -return CryptoUtils.getContentEncryptionCipherSpec(getAuthTagLen(), theIv); -} -public byte[] getAAD(JweHeaders theHeaders, JwtHeadersWriter writer) { -return theHeaders.toCipherAdditionalAuthData(writer); -} public byte[] getInitVector() { if (iv == null) { return CryptoUtils.generateSecureRandomBytes(getIvSize()); @@ -64,9 +54,6 @@ public abstract class AbstractContentEncryptionAlgorithm implements ContentEncry return iv; } } -protected int getAuthTagLen() { -return authTagLen; -} protected int getIvSize() { return DEFAULT_IV_SIZE; } http://git-wip-us.apache.org/repos/asf/cxf/blob/49791d37/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionCipherProperties.java -- diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionCipherProperties.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractContentEncryptionCipherProperties.java new file mode 100644 index 000..7f06abf --- /dev/null +++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwe/AbstractC