Import of https://bitbucket.org/b_c/jose4j.git.

`$ copybara third_party/java_src/jose4j/copy.bara.sky default  --force  --piper-description-behavior OVERWRITE -- jose4j-0.8.0`

Kept security patch in org/jose4j/jwe/WrappingKeyManagementAlgorithm.java for padding oracle. That's fixed at 0.9.3 (but we can't go past 0.8.0 due to missing Java language features). Unsuppressed a Wycheproof test that was testing for bad EC validation behavior which is now fixed.

#MIGRATION_3P_JAVA_SRC_JOSE4J__DEFAULT

  - ff6d6c2ee7b94ca5e1ee9c17b4647938110bd07d two ampersands are better than one fixes Issue #190 by Brian Campbell <brian.d.campbell@gmail.com>
  - f8738d73a5c8337b61aa7cfa08f006b87342fcb8 JsonWebSignature's payload and encoded payload could get ... by Brian Campbell <brian.d.campbell@gmail.com>
  - 68a50429f9285e079749956ff2ff4fff8f9d7d7e fix typo in javadoc by Brian Campbell <brian.d.campbell@gmail.com>
  - 4c73787c94e8f77f9ed1dec61eb6df20f7cd29fc Disable http servers/proxies cache when calling JWKS by Khaled Hamlaoui <khaled.hamlaoui@renault.com>
  - 2e32fa33633a0687282c2581b9a93c7802164ca5 Remove the option: disable server side cache using randon... by Khaled Hamlaoui <khaled.hamlaoui@renault.com>
  - fa31af5ebfd7c81ebce79d4a635726ac1303b3d0 Restore imports by Khaled Hamlaoui <khaled.hamlaoui@renault.com>
  - af33380bf566f72c6054622ae9b8e62a90f5989e Remove the cache support of servers using http 1.0 by Khaled Hamlaoui <khaled.hamlaoui@renault.com>
  - d68c33cab8e9480d01391f51e7e5e51a7d950848 get the javadoc errors to stop by Brian Campbell <brian.d.campbell@gmail.com>
  - 5eaa19a3e773e5eb32cf2186e01e12b9ddf4920c Add JWK Thumbprint URI support by David Waite <dwaite@pingidentity.com>
  - 5172d65378a4e270428ee439900e6b22c3c9afed Reject messages that contain private keys in JOSE headers... by Brian Campbell <brian.d.campbell@gmail.com>
  - 37957685cb27d71f55b13695572b3ea0a4a04013 ugh, forgot there was getJwkHeaderValue too by Brian Campbell <brian.d.campbell@gmail.com>
  - 0f60487b67587bd3f9ecc9f1c8cea61fb205566a Do some pre-checks before calling the crypto provider to ... by Brian Campbell <brian.d.campbell@gmail.com>
  - c350a58942bb29e019097a6ab455918ca5b8beb4 Throw a checked exception from new EllipticCurveJsonWebKe... by Brian Campbell <brian.d.campbell@gmail.com>
  - 93c585f1f3807eee76c114fce601ec614d8c4242 Tidy up the JsonWebKeySet debug logging when an individua... by Brian Campbell <brian.d.campbell@gmail.com>
  - 1b933223c4976158a74711eb8c20343b8af6a7ad add some better context and fix some spelling in logging by Brian Campbell <brian.d.campbell@gmail.com>
  - 135cd1b9530fe93b59d3f5298e3561e91c15b1d7 InvalidKeyException rather than JoseException for ECDH in... by Brian Campbell <brian.d.campbell@gmail.com>
  - 6436f76f5a667c88e1aea9225084f1135deeed9d add support for the ES256K JWS alg (ECDSA using secp256k1... by Brian Campbell <brian.d.campbell@gmail.com>

NOKEYCHECK=True
PiperOrigin-RevId: 572422528

1 files changed, 1 insertions, 5 deletions

diff --git a/java/com/google/security/wycheproof/jose4j/JsonWebSignatureTest.java b/java/com/google/security/wycheproof/jose4j/JsonWebSignatureTest.java
index 4f67048..4eeb812 100644
--- a/java/com/google/security/wycheproof/jose4j/JsonWebSignatureTest.java
+++ b/java/com/google/security/wycheproof/jose4j/JsonWebSignatureTest.java
@@ -76,11 +76,7 @@ public class JsonWebSignatureTest {
         "base64_InvalidCharacterInPayload_tcId371",
         "base64_InvalidCharacterInsertedInHeader_tcId372",
         "base64_InvalidCharacterInsertedInPayload_tcId373",
-        "base64_MacOfIncorrectlyEncodedMessage_tcId375",
-        // jose4j does not check the size of the signature and accepts signatures with
-        // leading Zeros.
-        "SpecialCaseEs256_SignatureTooLong_tcId379",
-        "SpecialCaseEs256_BufferOverflow_tcId385");
+        "base64_MacOfIncorrectlyEncodedMessage_tcId375");
   }
 
   /** A JsonWebCryptoTestGroup that contains key information and tests against those keys. */