diff --git a/openid-connect-common/src/main/java/org/mitre/jwt/encryption/impl/RsaEncrypter.java b/openid-connect-common/src/main/java/org/mitre/jwt/encryption/impl/RsaEncrypter.java index 06bf46c0d..60f62d3b7 100644 --- a/openid-connect-common/src/main/java/org/mitre/jwt/encryption/impl/RsaEncrypter.java +++ b/openid-connect-common/src/main/java/org/mitre/jwt/encryption/impl/RsaEncrypter.java @@ -71,10 +71,10 @@ public class RsaEncrypter extends AbstractJweEncrypter { if(jwe.getHeader().getAlgorithm().equals("RSA1_5")){ - Cipher cipher = Cipher.getInstance("RSA"); - cipher.init(Cipher.ENCRYPT_MODE, publicKey); - byte[] encryptedKey = cipher.doFinal(contentMasterKey); - return encryptedKey; + Cipher cipher = Cipher.getInstance("RSA"); + cipher.init(Cipher.ENCRYPT_MODE, publicKey); + byte[] encryptedKey = cipher.doFinal(contentMasterKey); + return encryptedKey; } else { throw new IllegalArgumentException(jwe.getHeader().getAlgorithm() + " is not a supported algorithm"); diff --git a/openid-connect-common/src/test/java/org/mitre/jwe/encryption/impl/RsaEncrypterDecrypterTest.java b/openid-connect-common/src/test/java/org/mitre/jwe/encryption/impl/RsaEncrypterDecrypterTest.java index 9e03137af..3f19fb1d1 100644 --- a/openid-connect-common/src/test/java/org/mitre/jwe/encryption/impl/RsaEncrypterDecrypterTest.java +++ b/openid-connect-common/src/test/java/org/mitre/jwe/encryption/impl/RsaEncrypterDecrypterTest.java @@ -16,10 +16,13 @@ import java.security.PublicKey; import java.security.spec.InvalidKeySpecException; import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; +import org.easymock.internal.matchers.GreaterThan; import org.junit.After; +import org.junit.Assume; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @@ -43,7 +46,10 @@ public class RsaEncrypterDecrypterTest { String jwePlaintextString = new String("Why couldn't the bike move? It was two tired."); @Before - public void setUp(){ + public void setUp() throws NoSuchAlgorithmException{ + + Assume.assumeTrue(Cipher.getMaxAllowedKeyLength("AES") > 128); // if we're capped at 128 bits then we can't run these tests + } @After @@ -52,6 +58,9 @@ public class RsaEncrypterDecrypterTest { @Test public void encryptDecryptTest() throws JsonIOException, JsonSyntaxException, IOException, NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, InvalidKeySpecException { + + // + //read in header and plaintext from files JsonParser parser = new JsonParser(); JsonObject jweHeaderObject = parser.parse(new BufferedReader(new InputStreamReader(jweHeaderUrl.openStream()))).getAsJsonObject(); @@ -59,7 +68,7 @@ public class RsaEncrypterDecrypterTest { Jwe jwe = new Jwe(new JweHeader(jweHeaderObject), null, jwePlaintextString.getBytes(), null); //generate key pair. this will be passed in from the user KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); - keyGen.initialize(512); + keyGen.initialize(4096); KeyPair pair = keyGen.generateKeyPair(); PublicKey publicKey = pair.getPublic(); PrivateKey privateKey = pair.getPrivate(); diff --git a/openid-connect-common/src/test/resources/jwe/jweHeader b/openid-connect-common/src/test/resources/jwe/jweHeader index 6a06d9b14..2763d3eb8 100644 --- a/openid-connect-common/src/test/resources/jwe/jweHeader +++ b/openid-connect-common/src/test/resources/jwe/jweHeader @@ -1 +1 @@ -{"alg":"RSA1_5","enc":"A256CBC","int":"HS384","iv":"AxY8DCtDaGlsbGljb3RoZQ","kdf":"CS256"} \ No newline at end of file +{"alg":"RSA1_5","enc":"A256CBC","int":"HS256","iv":"AxY8DCtDaGlsbGljb3RoZQ","kdf":"CS256"} \ No newline at end of file