From e5d64d8f2ec2742a604b4aeb39c565fb7a3cbec5 Mon Sep 17 00:00:00 2001 From: William Kim Date: Mon, 29 Jul 2013 11:44:23 -0400 Subject: [PATCH] implemented symmetric key encryption. --- ...aultJwtEncryptionAndDecryptionService.java | 20 ++++++++++--- ...aultJwtEncryptionAndDecryptionService.java | 29 ++++++++++++++++++- 2 files changed, 44 insertions(+), 5 deletions(-) diff --git a/openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/impl/DefaultJwtEncryptionAndDecryptionService.java b/openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/impl/DefaultJwtEncryptionAndDecryptionService.java index c335c2155..cff760a23 100644 --- a/openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/impl/DefaultJwtEncryptionAndDecryptionService.java +++ b/openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/impl/DefaultJwtEncryptionAndDecryptionService.java @@ -36,9 +36,12 @@ import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWEDecrypter; import com.nimbusds.jose.JWEEncrypter; +import com.nimbusds.jose.crypto.DirectDecrypter; +import com.nimbusds.jose.crypto.DirectEncrypter; import com.nimbusds.jose.crypto.RSADecrypter; import com.nimbusds.jose.crypto.RSAEncrypter; import com.nimbusds.jose.jwk.JWK; +import com.nimbusds.jose.jwk.OctetSequenceKey; import com.nimbusds.jose.jwk.RSAKey; import com.nimbusds.jwt.EncryptedJWT; @@ -204,6 +207,15 @@ public class DefaultJwtEncryptionAndDecryptionService implements JwtEncryptionAn // TODO: add support for EC keys + } else if (jwk instanceof OctetSequenceKey) { + // build symmetric encrypters and decrypters + + DirectEncrypter encrypter = new DirectEncrypter(((OctetSequenceKey) jwk).toByteArray()); + DirectDecrypter decrypter = new DirectDecrypter(((OctetSequenceKey) jwk).toByteArray()); + + encrypters.put(id, encrypter); + decrypters.put(id, decrypter); + } else { logger.warn("Unknown key type: " + jwk); } @@ -231,12 +243,12 @@ public class DefaultJwtEncryptionAndDecryptionService implements JwtEncryptionAn public Collection getAllEncryptionAlgsSupported() { Set algs = new HashSet(); - for (JWEEncrypter enc : encrypters.values()) { - algs.addAll(enc.supportedAlgorithms()); + for (JWEEncrypter encrypter : encrypters.values()) { + algs.addAll(encrypter.supportedAlgorithms()); } - for (JWEDecrypter dec : decrypters.values()) { - algs.addAll(dec.supportedAlgorithms()); + for (JWEDecrypter decrypter : decrypters.values()) { + algs.addAll(decrypter.supportedAlgorithms()); } return algs; diff --git a/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java b/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java index 03e7573dc..558446a44 100644 --- a/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java +++ b/openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java @@ -16,16 +16,43 @@ ******************************************************************************/ package org.mitre.jwt.encryption.service.impl; -import static org.junit.Assert.*; +import static org.junit.Assert.fail; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import java.util.Map; + +import org.junit.Before; import org.junit.Test; +import com.google.common.collect.ImmutableMap; +import com.nimbusds.jose.JOSEException; +import com.nimbusds.jose.JWEAlgorithm; +import com.nimbusds.jose.jwk.JWK; +import com.nimbusds.jose.jwk.OctetSequenceKey; +import com.nimbusds.jose.jwk.Use; +import com.nimbusds.jose.util.Base64URL; + /** * @author wkim * */ public class TestDefaultJwtEncryptionAndDecryptionService { + private String kid = "abc123"; + + private JWK jwk = new OctetSequenceKey(new Base64URL("GawgguFyGrWKav7AX4VKUg"), Use.ENCRYPTION, JWEAlgorithm.A128KW, kid); + + private Map keys = new ImmutableMap.Builder().put(kid, jwk).build(); + + private DefaultJwtEncryptionAndDecryptionService service; + + @Before + public void prepare() throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException { + + service = new DefaultJwtEncryptionAndDecryptionService(keys); + } + @Test public void test() { fail("Not yet implemented");