summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_auth_sl20
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20')
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtils.java14
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java10
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java32
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java25
4 files changed, 76 insertions, 5 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtils.java
index 48b10580..5b221bbe 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtils.java
@@ -181,10 +181,15 @@ public class JoseUtils {
if (keyStore.getSecond() != null) {
log.trace("Injecting special Java Security Provider: {}", keyStore.getSecond().getName());
final ProviderContext providerCtx = new ProviderContext();
- providerCtx.getSuppliedKeyProviderContext().setSignatureProvider(
- keyStore.getSecond().getName());
+ providerCtx.getSuppliedKeyProviderContext().setSignatureProvider(keyStore.getSecond().getName());
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
jws.setProviderContext(providerCtx);
+ } else {
+ final ProviderContext providerCtx = new ProviderContext();
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
+ jws.setProviderContext(providerCtx);
+
}
if (addFullCertChain) {
@@ -262,6 +267,11 @@ public class JoseUtils {
}
+ //set BouncyCastleProvider as default provider
+ final ProviderContext providerCtx = new ProviderContext();
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
+ jws.setProviderContext(providerCtx);
+
// set verification key
jws.setKey(convertToBcKeyIfRequired(selectedKey));
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
index 27f06276..58e3e41c 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtils.java
@@ -14,6 +14,7 @@ import javax.annotation.Nonnull;
import javax.annotation.PostConstruct;
import org.apache.commons.lang3.StringUtils;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jose4j.jca.ProviderContext;
import org.jose4j.jwa.AlgorithmConstraints;
import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
@@ -223,10 +224,15 @@ public class JsonSecurityUtils implements IJoseTools {
if (keyStore.getSecond() != null) {
log.trace("Injecting special Java Security Provider: {}", keyStore.getSecond().getName());
final ProviderContext providerCtx = new ProviderContext();
- providerCtx.getSuppliedKeyProviderContext().setGeneralProvider(
- keyStore.getSecond().getName());
+ providerCtx.getSuppliedKeyProviderContext().setGeneralProvider(keyStore.getSecond().getName());
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
receiverJwe.setProviderContext(providerCtx);
+ } else {
+ final ProviderContext providerCtx = new ProviderContext();
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
+ receiverJwe.setProviderContext(providerCtx);
+
}
// validate key from header against key from config
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java
index 8516a0ed..6550b026 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java
@@ -19,6 +19,7 @@ import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers;
import org.jose4j.jwe.JsonWebEncryption;
import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers;
import org.jose4j.lang.JoseException;
+import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
@@ -37,6 +38,8 @@ import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult;
+import iaik.security.ec.provider.ECCelerate;
+import iaik.security.provider.IAIK;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration("/spring/test_eaaf_sl20_hsm.beans.xml")
@@ -46,12 +49,27 @@ public abstract class AbstractJsonSecurityUtilsTest {
@Autowired protected IJoseTools joseTools;
@Autowired protected EaafKeyStoreFactory keyStoreFactory;
+ /**
+ *jUnit test class initializer.
+ */
@BeforeClass
public static void classInitializer() {
- Security.addProvider(new BouncyCastleProvider());
+ IAIK.addAsProvider();
+ ECCelerate.addAsProvider();
+ Security.addProvider(new BouncyCastleProvider());
}
+ /**
+ * jUnit test class cleaner.
+ */
+ @AfterClass
+ public static final void classFinisher() {
+ Security.removeProvider(IAIK.getInstance().getName());
+ Security.removeProvider(ECCelerate.getInstance().getName());
+
+ }
+
protected abstract void setRsaSigningKey();
protected abstract void setEcSigningKey();
@@ -88,8 +106,14 @@ public abstract class AbstractJsonSecurityUtilsTest {
final ProviderContext providerCtx = new ProviderContext();
providerCtx.getSuppliedKeyProviderContext().setSignatureProvider(
rsaEncKeyStore.getSecond().getName());
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
jwe.setProviderContext(providerCtx);
+ } else {
+ final ProviderContext providerCtx = new ProviderContext();
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
+ jwe.setProviderContext(providerCtx);
+
}
final String encData = jwe.getCompactSerialization();
@@ -149,8 +173,14 @@ public abstract class AbstractJsonSecurityUtilsTest {
final ProviderContext providerCtx = new ProviderContext();
providerCtx.getSuppliedKeyProviderContext().setSignatureProvider(
rsaEncKeyStore.getSecond().getName());
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
jwe.setProviderContext(providerCtx);
+ } else {
+ final ProviderContext providerCtx = new ProviderContext();
+ providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME);
+ jwe.setProviderContext(providerCtx);
+
}
final String encData = jwe.getCompactSerialization();
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java
index 7771ce60..b5a7639e 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java
@@ -2,6 +2,7 @@ package at.gv.egiz.eaaf.modules.auth.sl20.utils;
import java.io.IOException;
import java.security.NoSuchProviderException;
+import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
@@ -13,12 +14,16 @@ import org.jose4j.jwa.AlgorithmConstraints;
import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
import org.jose4j.jws.AlgorithmIdentifiers;
import org.jose4j.lang.JoseException;
+import org.junit.AfterClass;
import org.junit.Assert;
+import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.BlockJUnit4ClassRunner;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.JoseUtils.JwsResult;
+import iaik.security.ec.provider.ECCelerate;
+import iaik.security.provider.IAIK;
@RunWith(BlockJUnit4ClassRunner.class)
public class JoseUtilsTest {
@@ -30,6 +35,26 @@ public class JoseUtilsTest {
AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+ /**
+ *jUnit test class initializer.
+ */
+ @BeforeClass
+ public static final void classInitializer() {
+ IAIK.addAsProvider();
+ ECCelerate.addAsProvider();
+
+ }
+
+ /**
+ * jUnit test class cleaner.
+ */
+ @AfterClass
+ public static final void classFinisher() {
+ Security.removeProvider(IAIK.getInstance().getName());
+ Security.removeProvider(ECCelerate.getInstance().getName());
+
+ }
+
@Test
public void testBindingAuthBlock() throws JoseException, IOException, CertificateException, NoSuchProviderException {