Author: bmaxwell Date: 2011-03-24 16:53:16 -0400 (Thu, 24 Mar 2011) New Revision: 13932 Modified: stack/native/branches/jbossws-native-3.1.2/ stack/native/branches/jbossws-native-3.1.2/modules/core/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java stack/native/branches/jbossws-native-3.1.2/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java Log: [JBPAPP-6186] decode base64 nonce before sha hashing Property changes on: stack/native/branches/jbossws-native-3.1.2 ___________________________________________________________________ Added: svn:mergeinfo + /stack/native/trunk:12502 Modified: stack/native/branches/jbossws-native-3.1.2/modules/core/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java =================================================================== --- stack/native/branches/jbossws-native-3.1.2/modules/core/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java 2011-03-24 16:34:13 UTC (rev 13931) +++ stack/native/branches/jbossws-native-3.1.2/modules/core/src/main/java/org/jboss/ws/extensions/security/auth/callback/UsernameTokenCallback.java 2011-03-24 20:53:16 UTC (rev 13932) @@ -32,6 +32,7 @@ import org.jboss.crypto.digest.DigestCallback; import org.jboss.security.Base64Encoder; import org.jboss.security.auth.callback.MapCallback; +import org.jboss.util.Base64; import org.jboss.ws.WSException; /** @@ -64,7 +65,10 @@ { String nonce = (String)info.getInfo(NONCE); if (nonce != null) - digest.update(nonce.getBytes("UTF-8")); + { + byte[] rawNonce = Base64.decode(nonce); + digest.update(rawNonce); + } String created = (String)info.getInfo(CREATED); if (created != null) digest.update(created.getBytes("UTF-8")); Modified: stack/native/branches/jbossws-native-3.1.2/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java =================================================================== --- stack/native/branches/jbossws-native-3.1.2/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java 2011-03-24 16:34:13 UTC (rev 13931) +++ stack/native/branches/jbossws-native-3.1.2/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/jbws1988/DigestTestCase.java 2011-03-24 20:53:16 UTC (rev 13932) @@ -37,14 +37,14 @@ String password = "taadtaadpstcsm"; String nonce = "d36e316282959a9ed4c89851497a717f"; String created = "2003-12-15T14:43:07Z"; - String expectedDigest = "quR/EWLAV4xLf9Zqyw4pDmfV9OY="; + String expectedDigest = "0WSAldY9ogqqVyQo7ubbZxxFU/s="; String digest = SendUsernameOperation.createPasswordDigest(nonce, created, password); assertEquals(expectedDigest, digest); password = "therealfrog"; nonce = "gHGIdDEWjX1Ay/LiVd3qJ1ua8VbjXis8CJwNDQh1ySA="; created = "2008-03-12T17:12:31.310Z"; - expectedDigest = "IEeuDaP/NTozwiyJHzTgBoCCDjg="; + expectedDigest = "gx8TcJ9VG2hOFC6ZFmNi/JI2rh4="; digest = SendUsernameOperation.createPasswordDigest(nonce, created, password); assertEquals(expectedDigest, digest); } @@ -53,7 +53,7 @@ { String password = "therealfrog"; String nonce = "gHGIdDEWjX1Ay/LiVd3qJ1ua8VbjXis8CJwNDQh1ySA="; - String expectedDigest = "sdA2umjMZQEY2ejbt5L6WbJOrB0="; + String expectedDigest = "MBqDfskkdh3eEtRlLdkWa79+w58="; String digest = SendUsernameOperation.createPasswordDigest(nonce, null, password); assertEquals(expectedDigest, digest); }