Hi Ella
Many thanks for starting experimenting with the JOSE code and JWE JSON
in particular which I'd say is the probably the most complex one when we
talk about multiple recipients.
Please see comments inline
On 19/07/16 04:27, Ella Chen wrote:
Hi All,
When I tried to setup a POC for multiple recipients for JWE by following the example
under section "JWE JSON", I went quite a journey and could not make it working.
The first thing that I found was that the example itself never works for the
second recipient for below reasons:
· it generates different unencrypted CEK for each recipient. However, i
think the CEK should be shared across different recipients.
I think you have identified a design flaw when it comes to supporting
multiple recipients.
You are right CEK should be shared, ContentEncryptionProvider can be
initialized with pre-generated CEK, but I'll need to look at making sure
it is enforced.
I have a producer test:
https://github.com/apache/cxf/blob/master/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducerTest.java#L270
This sort of works only because JweJsonProducer assumes the CEK is
shared when producing the final JWE JSON output sequence and
unfortunately JweJsonConsumer test for multiple recipients is missing.
· it didn't have per-recipient headers that allows decryption side to locate to
the right "encrypted_key".
(https://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-40#appendix-A.4.7)
After realize that, I created a shared unencrypted CEK to both recipients with
method:
JweUtils.getContentEncryptionProvider(CONTENT_KEY, ContentAlgorithm.A128GCM);
Right, I'll need to see if I can enforce it at JweJsonProducer
, and try to set per-recipient headers to identify the recipients (like using
"kid") with method:
p.encryptWith(jweList, jweheadersList); //jweheadersList
contains per-recipient headers.
However, it didn’t allow me to do so. The code that I found prevent me from
doing so is in class: JweJsonProducer, line 116-117:
jsonHeaders = new JweHeaders(unionHeaders.asMap());
jsonHeaders.asMap().putAll(perRecipientUnprotected.asMap());
I see
These lines obtain a reference to the map of unionHeaders, and when add the
current recipient's headers to jsonHeaders, as a side effect, unionHeaders is
changed as well. And when it try to check the uniqueness of headers for the
second recipient, it failed.
Could anybody please advise whether it is the expected behavior? If it is, what
is the correct way to make multiple recipients working? If it is not, when can
we expect multiple recipients works?
Let me address the above issues. I can not guarantee it will make it
into CXF 3.1.7 which is coming soon, but I'll work on it and let you
know once it is fixed
Thanks again, more feedback is welcome
Sergey
Cheers,
Ella
--
Sergey Beryozkin
Talend Community Coders
http://coders.talend.com/
