honeymoose
/
jjwt
mirror of https://github.com/jwtk/jjwt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactored all occurrences of 'vector' to 'value' in the context of 'initialization value' per https://tools.ietf.org/html/rfc4949#page-9 as 'initialization vector' is deprecated

This commit is contained in:
Micah Silverman 2017-10-14 08:26:23 -04:00
parent 2a4082fe9a
commit d112c62e5b
20 changed files with 46 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/io/jsonwebtoken/Jwe.java
View File

@ -2,7 +2,7 @@ package io.jsonwebtoken;
public interface Jwe<B> extends Jwt<JweHeader,B> {
byte[] getInitializationVector();
byte[] getInitializationValue();
byte[] getAadTag();
}

2
src/main/java/io/jsonwebtoken/impl/DefaultJweFactory.java
View File

@ -51,7 +51,7 @@ public class DefaultJweFactory {
// so we use a 'null safe' variant:
final byte[] encryptedKeyBytes = nullSafeBase64UrlDecode(base64UrlEncryptedKey, "Encrypted Key");
final byte[] iv = base64UrlDecode(base64UrlIv, "Initialization Vector");
final byte[] iv = base64UrlDecode(base64UrlIv, "Initialization Value");
final byte[] ciphertext = base64UrlDecode(base64UrlCiphertext, "Ciphertext");

4
src/main/java/io/jsonwebtoken/impl/DispatchingParser.java
View File

@ -90,7 +90,7 @@ public class DispatchingParser {
base64UrlEncodedTag = sb.toString();
Assert.notNull(base64UrlEncodedHeader, "Invalid compact JWE: base64Url JWE Protected Header is missing.");
Assert.notNull(base64UrlEncodedIv, "Invalid compact JWE: base64Url JWE Initialization Vector is missing.");
Assert.notNull(base64UrlEncodedIv, "Invalid compact JWE: base64Url JWE Initialization Value is missing.");
Assert.notNull(base64UrlEncodedCiphertext, "Invalid compact JWE: base64Url JWE Ciphertext is missing.");
Assert.notNull(base64UrlEncodedTag, "Invalid compact JWE: base64Url JWE Authentication Tag is missing.");
@ -113,7 +113,7 @@ public class DispatchingParser {
DecryptionRequest dreq = DecryptionRequests.builder()
.setKey(secretKey.getEncoded())
.setAdditionalAuthenticatedData(aad)
.setInitializationVector(iv)
.setInitializationValue(iv)
.setCiphertext(ciphertext)
.setAuthenticationTag(tag)
.build();

10
src/main/java/io/jsonwebtoken/impl/crypto/AbstractAesEncryptionAlgorithm.java
View File

@ -21,7 +21,7 @@ public abstract class AbstractAesEncryptionAlgorithm implements EncryptionAlgori
"generatedIvLength must be a positive number <= " + AES_BLOCK_SIZE;
protected static final String DECRYPT_NO_IV = "This EncryptionAlgorithm implementation rejects decryption " +
"requests that do not include initialization vectors. AES ciphertext without an IV is weak and should " +
"requests that do not include initialization values. AES ciphertext without an IV is weak and should " +
"never be used.";
private final String name;
@ -93,7 +93,7 @@ public abstract class AbstractAesEncryptionAlgorithm implements EncryptionAlgori
}
}
protected byte[] generateInitializationVector(SecureRandom random) {
protected byte[] generateInitializationValue(SecureRandom random) {
byte[] iv = new byte[this.generatedIvLength];
random.nextBytes(iv);
return iv;
@ -124,18 +124,18 @@ public abstract class AbstractAesEncryptionAlgorithm implements EncryptionAlgori
final SecureRandom random = getSecureRandom(req);
byte[] iv = req.getInitializationVector();
byte[] iv = req.getInitializationValue();
int ivLength = length(iv);
if (ivLength == 0) {
iv = generateInitializationVector(random);
iv = generateInitializationValue(random);
}
return iv;
}
protected byte[] assertDecryptionIv(DecryptionRequest req) throws IllegalArgumentException {
byte[] iv = req.getInitializationVector();
byte[] iv = req.getInitializationValue();
Assert.notEmpty(iv, DECRYPT_NO_IV);
return iv;
}

2
src/main/java/io/jsonwebtoken/impl/crypto/AbstractCryptoRequest.java
View File

@ -31,7 +31,7 @@ public abstract class AbstractCryptoRequest implements CryptoRequest {
}
@Override
public byte[] getInitializationVector() {
public byte[] getInitializationValue() {
return this.iv;
}
}

12
src/main/java/io/jsonwebtoken/impl/crypto/CryptoRequest.java
View File

@ -28,17 +28,17 @@ public interface CryptoRequest {
byte[] getKey();
/**
* Returns the initialization vector to use during encryption or decryption depending on the type of request.
* Returns the initialization value to use during encryption or decryption depending on the type of request.
* <p>
* <p>If this value is {@code null} on an {@link EncryptionRequest}, a default initialization vector will be
* auto-generated, as it is never safe to use most cryptographic algorithms without initialization vectors
* <p>If this value is {@code null} on an {@link EncryptionRequest}, a default initialization value will be
* auto-generated, as it is never safe to use most cryptographic algorithms without initialization values
* (such as AES).</p>
* <p>
* <p>This implies that all decryption requests must always supply an initialization vector since encryption
* <p>This implies that all decryption requests must always supply an initialization value since encryption
* will always have one.</p>
*
* @return the initialization vector to use during encryption or decryption depending on the type of request.
* @return the initialization value to use during encryption or decryption depending on the type of request.
*/
byte[] getInitializationVector();
byte[] getInitializationValue();
}

2
src/main/java/io/jsonwebtoken/impl/crypto/DecryptionRequestBuilder.java
View File

@ -17,7 +17,7 @@ package io.jsonwebtoken.impl.crypto;
public interface DecryptionRequestBuilder {
DecryptionRequestBuilder setInitializationVector(byte[] iv);
DecryptionRequestBuilder setInitializationValue(byte[] iv);
DecryptionRequestBuilder setKey(byte[] key);

2
src/main/java/io/jsonwebtoken/impl/crypto/DefaultDecryptionRequestBuilder.java
View File

@ -32,7 +32,7 @@ public class DefaultDecryptionRequestBuilder implements DecryptionRequestBuilder
private byte[] tag;
@Override
public DecryptionRequestBuilder setInitializationVector(byte[] iv) {
public DecryptionRequestBuilder setInitializationValue(byte[] iv) {
this.iv = clean(iv);
return this;
}

2
src/main/java/io/jsonwebtoken/impl/crypto/DefaultEncryptionRequestBuilder.java
View File

@ -36,7 +36,7 @@ public class DefaultEncryptionRequestBuilder implements EncryptionRequestBuilder
}
@Override
public EncryptionRequestBuilder setInitializationVector(byte[] iv) {
public EncryptionRequestBuilder setInitializationValue(byte[] iv) {
this.iv = clean(iv);
return this;
}

2
src/main/java/io/jsonwebtoken/impl/crypto/DefaultEncryptionResult.java
View File

@ -31,7 +31,7 @@ public class DefaultEncryptionResult implements EncryptionResult {
}
@Override
public byte[] getInitializationVector() {
public byte[] getInitializationValue() {
return this.iv;
}

2
src/main/java/io/jsonwebtoken/impl/crypto/EncryptionRequestBuilder.java
View File

@ -21,7 +21,7 @@ public interface EncryptionRequestBuilder {
EncryptionRequestBuilder setSecureRandom(SecureRandom secureRandom);
EncryptionRequestBuilder setInitializationVector(byte[] iv);
EncryptionRequestBuilder setInitializationValue(byte[] iv);
EncryptionRequestBuilder setKey(byte[] key);

2
src/main/java/io/jsonwebtoken/impl/crypto/EncryptionResult.java
View File

@ -17,7 +17,7 @@ package io.jsonwebtoken.impl.crypto;
public interface EncryptionResult {
byte[] getInitializationVector();
byte[] getInitializationValue();
byte[] getCiphertext();

4
src/main/java/io/jsonwebtoken/impl/crypto/InitializationVectorSource.java → src/main/java/io/jsonwebtoken/impl/crypto/InitializationValueSource.java
View File

@ -15,7 +15,7 @@
*/
package io.jsonwebtoken.impl.crypto;
public interface InitializationVectorSource {
public interface InitializationValueSource {
byte[] getInitializationVector();
byte[] getInitializationValue();
}

4
src/test/groovy/io/jsonwebtoken/impl/crypto/AbstractAesEncryptionAlgorithmTest.groovy
View File

@ -50,7 +50,7 @@ class AbstractAesEncryptionAlgorithmTest {
def req = EncryptionRequests.builder()
.setAdditionalAuthenticatedData('foo'.getBytes())
.setInitializationVector('iv'.getBytes())
.setInitializationValue('iv'.getBytes())
.setKey(alg.generateKey().getEncoded())
.setPlaintext('bar'.getBytes())
.build();
@ -89,7 +89,7 @@ class AbstractAesEncryptionAlgorithmTest {
def req = EncryptionRequests.builder()
.setAdditionalAuthenticatedData('foo'.getBytes())
.setInitializationVector('iv'.getBytes())
.setInitializationValue('iv'.getBytes())
.setKey(alg.generateKey().getEncoded())
.setPlaintext('bar'.getBytes())
.setSecureRandom(secureRandom)

6
src/test/groovy/io/jsonwebtoken/impl/crypto/Aes128CbcHmacSha256Test.groovy
View File

@ -66,7 +66,7 @@ class Aes128CbcHmacSha256Test {
EncryptionRequest request = EncryptionRequests.builder()
.setAdditionalAuthenticatedData(A)
.setInitializationVector(IV)
.setInitializationValue(IV)
.setKey(K)
.setPlaintext(P)
.build();
@ -78,7 +78,7 @@ class Aes128CbcHmacSha256Test {
byte[] resultCiphertext = result.getCiphertext()
byte[] resultTag = result.getAuthenticationTag();
byte[] resultIv = result.getInitializationVector();
byte[] resultIv = result.getInitializationValue();
assertArrayEquals E, resultCiphertext
assertArrayEquals T, resultTag
@ -89,7 +89,7 @@ class Aes128CbcHmacSha256Test {
def dreq = DecryptionRequests.builder()
.setAdditionalAuthenticatedData(A)
.setCiphertext(resultCiphertext)
.setInitializationVector(resultIv)
.setInitializationValue(resultIv)
.setKey(K)
.setAuthenticationTag(resultTag)
.build();

8
src/test/groovy/io/jsonwebtoken/impl/crypto/DefaultDecryptionRequestBuilderTest.groovy
View File

@ -35,11 +35,11 @@ class DefaultDecryptionRequestBuilderTest {
def ciphertext = generateData()
def req = new DefaultDecryptionRequestBuilder()
.setKey(key).setInitializationVector(iv).setCiphertext(ciphertext).build()
.setKey(key).setInitializationValue(iv).setCiphertext(ciphertext).build()
assertTrue req instanceof DefaultDecryptionRequest
assertSame key, req.getKey()
assertSame iv, req.getInitializationVector()
assertSame iv, req.getInitializationValue()
assertSame ciphertext, req.getCiphertext()
}
@ -55,8 +55,8 @@ class DefaultDecryptionRequestBuilderTest {
}
@Test
void testSetInitializationVectorWithEmptyArray() {
def b = new DefaultDecryptionRequestBuilder().setInitializationVector(new byte[0])
void testSetInitializationValueWithEmptyArray() {
def b = new DefaultDecryptionRequestBuilder().setInitializationValue(new byte[0])
assertNull b.iv
}

12
src/test/groovy/io/jsonwebtoken/impl/crypto/DefaultEncryptionRequestBuilderTest.groovy
View File

@ -21,12 +21,12 @@ class DefaultEncryptionRequestBuilderTest {
def aad = generateData()
def req = new DefaultEncryptionRequestBuilder()
.setKey(key).setInitializationVector(iv).setPlaintext(plaintext).setAdditionalAuthenticatedData(aad)
.setKey(key).setInitializationValue(iv).setPlaintext(plaintext).setAdditionalAuthenticatedData(aad)
.build()
assertTrue req instanceof DefaultAuthenticatedEncryptionRequest
assertSame key, req.getKey()
assertSame iv, req.getInitializationVector()
assertSame iv, req.getInitializationValue()
assertSame plaintext, req.getPlaintext()
assertSame aad, req.getAssociatedData()
}
@ -39,17 +39,17 @@ class DefaultEncryptionRequestBuilderTest {
def plaintext = generateData()
def req = new DefaultEncryptionRequestBuilder()
.setKey(key).setInitializationVector(iv).setPlaintext(plaintext).build()
.setKey(key).setInitializationValue(iv).setPlaintext(plaintext).build()
assertTrue req instanceof DefaultEncryptionRequest
assertSame key, req.getKey()
assertSame iv, req.getInitializationVector()
assertSame iv, req.getInitializationValue()
assertSame plaintext, req.getPlaintext()
}
@Test
void testSetInitializationVectorWithEmptyArray() {
def b = new DefaultEncryptionRequestBuilder().setInitializationVector(new byte[0])
void testSetInitializationValueWithEmptyArray() {
def b = new DefaultEncryptionRequestBuilder().setInitializationValue(new byte[0])
assertNull b.iv
}

4
src/test/groovy/io/jsonwebtoken/impl/crypto/EncryptionAlgorithmsTest.groovy
View File

@ -53,7 +53,7 @@ class EncryptionAlgorithmsTest {
def dreq = DecryptionRequests.builder()
.setKey(key)
.setInitializationVector(result.getInitializationVector())
.setInitializationValue(result.getInitializationValue())
.setAuthenticationTag(result.getAuthenticationTag())
.setCiphertext(result.getCiphertext())
.build()
@ -92,7 +92,7 @@ class EncryptionAlgorithmsTest {
def dreq = DecryptionRequests.builder()
.setAdditionalAuthenticatedData(AAD_BYTES)
.setKey(key)
.setInitializationVector(result.getInitializationVector())
.setInitializationValue(result.getInitializationValue())
.setAuthenticationTag(result.getAuthenticationTag())
.setCiphertext(result.getCiphertext())
.build()

6
src/test/groovy/io/jsonwebtoken/impl/crypto/GcmAesEncryptionServiceTest.groovy
View File

@ -40,7 +40,7 @@ class GcmAesEncryptionServiceTest {
EncryptionRequest request = EncryptionRequests.builder()
.setAdditionalAuthenticatedData(AAD)
.setInitializationVector(IV)
.setInitializationValue(IV)
.setKey(K)
.setPlaintext(P)
.build();
@ -52,7 +52,7 @@ class GcmAesEncryptionServiceTest {
byte[] resultCiphertext = result.getCiphertext()
byte[] resultTag = result.getAuthenticationTag();
byte[] resultIv = result.getInitializationVector();
byte[] resultIv = result.getInitializationValue();
assertArrayEquals E, resultCiphertext
assertArrayEquals T, resultTag
@ -63,7 +63,7 @@ class GcmAesEncryptionServiceTest {
AuthenticatedDecryptionRequest decryptionRequest = DecryptionRequests.builder()
.setAdditionalAuthenticatedData(AAD)
.setCiphertext(resultCiphertext)
.setInitializationVector(resultIv)
.setInitializationValue(resultIv)
.setKey(K)
.setAuthenticationTag(resultTag)
.build();

4
src/test/groovy/io/jsonwebtoken/impl/crypto/HmacAesEncryptionAlgorithmTest.groovy
View File

@ -53,7 +53,7 @@ class HmacAesEncryptionAlgorithmTest {
def dreq = DecryptionRequests.builder()
.setKey(key)
.setInitializationVector(result.getInitializationVector())
.setInitializationValue(result.getInitializationValue())
.setAuthenticationTag(result.getAuthenticationTag())
.setCiphertext(result.getCiphertext())
.build()
@ -108,7 +108,7 @@ class HmacAesEncryptionAlgorithmTest {
def dreq = DecryptionRequests.builder()
.setKey(key)
.setInitializationVector(result.getInitializationVector())
.setInitializationValue(result.getInitializationValue())
.setAuthenticationTag(fakeTag)
.setCiphertext(result.getCiphertext())
.build()