implemented symmetric key encryption.

11 years ago · 3a1c551ff7
parent dfbefe0780
commit 3a1c551ff7
2 changed files with 44 additions and 5 deletions
--- a/openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/impl/DefaultJwtEncryptionAndDecryptionService.java
+++ b/openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/impl/DefaultJwtEncryptionAndDecryptionService.java
@ -36,9 +36,12 @@ import com.nimbusds.jose.JOSEException;
 import com.nimbusds.jose.JWEAlgorithm;
 import com.nimbusds.jose.JWEDecrypter;
 import com.nimbusds.jose.JWEEncrypter;
+import com.nimbusds.jose.crypto.DirectDecrypter;
+import com.nimbusds.jose.crypto.DirectEncrypter;
 import com.nimbusds.jose.crypto.RSADecrypter;
 import com.nimbusds.jose.crypto.RSAEncrypter;
 import com.nimbusds.jose.jwk.JWK;
+import com.nimbusds.jose.jwk.OctetSequenceKey;
 import com.nimbusds.jose.jwk.RSAKey;
 import com.nimbusds.jwt.EncryptedJWT;

@ -204,6 +207,15 @@ public class DefaultJwtEncryptionAndDecryptionService implements JwtEncryptionAn

 				// TODO: add support for EC keys

+			} else if (jwk instanceof OctetSequenceKey) {
+				// build symmetric encrypters and decrypters
+
+				DirectEncrypter encrypter = new DirectEncrypter(((OctetSequenceKey) jwk).toByteArray());
+				DirectDecrypter decrypter = new DirectDecrypter(((OctetSequenceKey) jwk).toByteArray());
+				
+				encrypters.put(id, encrypter);
+				decrypters.put(id, decrypter);
+
 			} else {
 				logger.warn("Unknown key type: " + jwk);
 			}
@ -231,12 +243,12 @@ public class DefaultJwtEncryptionAndDecryptionService implements JwtEncryptionAn
 	public Collection<JWEAlgorithm> getAllEncryptionAlgsSupported() {
 		Set<JWEAlgorithm> algs = new HashSet<JWEAlgorithm>();

-		for (JWEEncrypter enc : encrypters.values()) {
-			algs.addAll(enc.supportedAlgorithms());
+		for (JWEEncrypter encrypter : encrypters.values()) {
+			algs.addAll(encrypter.supportedAlgorithms());
 		}

-		for (JWEDecrypter dec : decrypters.values()) {
-			algs.addAll(dec.supportedAlgorithms());
+		for (JWEDecrypter decrypter : decrypters.values()) {
+			algs.addAll(decrypter.supportedAlgorithms());
 		}

 		return algs;
--- a/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java
+++ b/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java
@ -16,16 +16,43 @@
 ******************************************************************************/
 package org.mitre.jwt.encryption.service.impl;

-import static org.junit.Assert.*;
+import static org.junit.Assert.fail;

+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
+import java.util.Map;
+
+import org.junit.Before;
 import org.junit.Test;

+import com.google.common.collect.ImmutableMap;
+import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.JWEAlgorithm;
+import com.nimbusds.jose.jwk.JWK;
+import com.nimbusds.jose.jwk.OctetSequenceKey;
+import com.nimbusds.jose.jwk.Use;
+import com.nimbusds.jose.util.Base64URL;
+
 /**
 * @author wkim
 *
 */
 public class TestDefaultJwtEncryptionAndDecryptionService {

+	private String kid = "abc123";
+	
+	private JWK jwk = new OctetSequenceKey(new Base64URL("GawgguFyGrWKav7AX4VKUg"), Use.ENCRYPTION, JWEAlgorithm.A128KW, kid);
+	
+	private Map<String, JWK> keys = new ImmutableMap.Builder<String, JWK>().put(kid, jwk).build();
+	
+	private DefaultJwtEncryptionAndDecryptionService service;
+	
+	@Before
+	public void prepare() throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
+		
+		service = new DefaultJwtEncryptionAndDecryptionService(keys);
+	}
+	
 	@Test
 	public void test() {
 		fail("Not yet implemented");