JBossWS SVN: r17663 - in stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758: modules/core and 5 other directories. - jbossws-commits

Friday, 7 June 2013

Author: mmusaji
Date: 2013-06-07 09:21:36 -0400 (Fri, 07 Jun 2013)
New Revision: 17663

Modified:
   stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/pom.xml
  
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/src/main/java/org/jboss/ws/extensions/security/STRTransform.java
  
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/EncryptionOperation.java
  
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/simple-encrypt/META-INF/jboss-wsse-client.xml
  
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/simple-encrypt/WEB-INF/jboss-wsse-server.xml
   stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/pom.xml
  
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/src/main/scripts/assembly-deploy-artifacts.xml
Log:
[JBPAPP-10758] Merged changes for CVE-2011-1096

Modified:
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/pom.xml
===================================================================
---
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/pom.xml	2013-06-07
10:16:50 UTC (rev 17662)
+++
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/pom.xml	2013-06-07
13:21:36 UTC (rev 17663)
@@ -171,7 +171,7 @@
       <artifactId>wsdl4j</artifactId>
     </dependency>
     <dependency>
-      <groupId>org.apache</groupId>
+      <groupId>org.apache.santuario</groupId>
       <artifactId>xmlsec</artifactId>
     </dependency>
     <dependency>

Modified:
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/src/main/java/org/jboss/ws/extensions/security/STRTransform.java
===================================================================
---
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/src/main/java/org/jboss/ws/extensions/security/STRTransform.java	2013-06-07
10:16:50 UTC (rev 17662)
+++
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/src/main/java/org/jboss/ws/extensions/security/STRTransform.java	2013-06-07
13:21:36 UTC (rev 17663)
@@ -22,6 +22,7 @@
 package org.jboss.ws.extensions.security;
 
 import java.io.IOException;
+import java.io.OutputStream;
 
 import javax.xml.parsers.ParserConfigurationException;
 
@@ -88,9 +89,15 @@
       return STR_URI;
    }
 
+   @Override
+   protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input, Transform
transformObject) throws IOException, CanonicalizationException,
+         InvalidCanonicalizerException, TransformationException,
ParserConfigurationException, SAXException
+   {
+      return enginePerformTransform(input, null, transformObject);
+   }
 
    @Override
-   protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input) throws
IOException, CanonicalizationException,
+   protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input,
OutputStream os, Transform transformObject) throws IOException,
CanonicalizationException,
          InvalidCanonicalizerException, TransformationException,
ParserConfigurationException, SAXException
    {
 
@@ -114,7 +121,7 @@
          element = token.getSTRTransformElement();
 
          // Obtain the canonicalizer specified in the transformation parameters
-         Element parameters =
XMLUtils.selectNode(this._transformObject.getElement().getFirstChild(),
Constants.WSSE_NS,
+         Element parameters =
XMLUtils.selectNode(transformObject.getElement().getFirstChild(), Constants.WSSE_NS,
                "TransformationParameters", 0);
          if (parameters == null)
             throw new TransformationException("wsse:TransformationParameters
expected!");

Modified:
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/EncryptionOperation.java
===================================================================
---
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/EncryptionOperation.java	2013-06-07
10:16:50 UTC (rev 17662)
+++
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/core/src/main/java/org/jboss/ws/extensions/security/operation/EncryptionOperation.java	2013-06-07
13:21:36 UTC (rev 17663)
@@ -84,6 +84,9 @@
       algorithms.put("aes-128", new Algorithm("AES",
XMLCipher.AES_128, 128));
       algorithms.put("aes-192", new Algorithm("AES",
XMLCipher.AES_192, 192));
       algorithms.put("aes-256", new Algorithm("AES",
XMLCipher.AES_256, 256));
+      algorithms.put("aes-128-gcm", new Algorithm("AES",
XMLCipher.AES_128_GCM, 128));
+      algorithms.put("aes-192-gcm", new Algorithm("AES",
XMLCipher.AES_192_GCM, 192));
+      algorithms.put("aes-256-gcm", new Algorithm("AES",
XMLCipher.AES_256_GCM, 256));
       algorithms.put("tripledes", new Algorithm("TripleDes",
XMLCipher.TRIPLEDES, 168));
    }
 

Modified:
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/simple-encrypt/META-INF/jboss-wsse-client.xml
===================================================================
---
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/simple-encrypt/META-INF/jboss-wsse-client.xml	2013-06-07
10:16:50 UTC (rev 17662)
+++
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/simple-encrypt/META-INF/jboss-wsse-client.xml	2013-06-07
13:21:36 UTC (rev 17663)
@@ -3,7 +3,7 @@
 <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
   <config>
-    <encrypt type="x509v3" alias="wsse"/>
+    <encrypt type="x509v3" algorithm="aes-192-gcm"
alias="wsse"/>
     <requires>
       <encryption/>
     </requires>

Modified:
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/simple-encrypt/WEB-INF/jboss-wsse-server.xml
===================================================================
---
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/simple-encrypt/WEB-INF/jboss-wsse-server.xml	2013-06-07
10:16:50 UTC (rev 17662)
+++
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/simple-encrypt/WEB-INF/jboss-wsse-server.xml	2013-06-07
13:21:36 UTC (rev 17663)
@@ -7,7 +7,7 @@
   <trust-store-file>WEB-INF/wsse.truststore</trust-store-file>
   <trust-store-password>jbossws</trust-store-password>
   <config>
-    <encrypt type="x509v3" alias="wsse"/>
+    <encrypt type="x509v3" algorithm="aes-192-gcm"
alias="wsse"/>
     <requires>
       <encryption/>
     </requires>

Modified: stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/pom.xml
===================================================================

--- stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/pom.xml	2013-06-07
10:16:50 UTC (rev 17662)
+++ stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/pom.xml	2013-06-07
13:21:36 UTC (rev 17663)
@@ -73,7 +73,7 @@
     <sun.jaxws.version>2.1.7</sun.jaxws.version>
     <woodstox.version>3.2.9</woodstox.version>
     <wsdl4j.version>1.6.2</wsdl4j.version>
-    <xmlsec.version>1.4.3</xmlsec.version>
+    <xmlsec.version>1.5.1</xmlsec.version>
     <xalan.version>2.7.1.patch02</xalan.version>
     <xerces.version>2.9.1</xerces.version>
   </properties>
@@ -361,7 +361,7 @@
         <version>${xerces.version}</version>
       </dependency>
       <dependency>
-        <groupId>org.apache</groupId>
+        <groupId>org.apache.santuario</groupId>
         <artifactId>xmlsec</artifactId>
         <version>${xmlsec.version}</version>
       </dependency>

Modified:
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/src/main/scripts/assembly-deploy-artifacts.xml
===================================================================
---
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/src/main/scripts/assembly-deploy-artifacts.xml	2013-06-07
10:16:50 UTC (rev 17662)
+++
stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758/src/main/scripts/assembly-deploy-artifacts.xml	2013-06-07
13:21:36 UTC (rev 17663)
@@ -51,7 +51,7 @@
               <include>org.jvnet.staxex:stax-ex:jar</include>
               <include>com.sun.xml.stream.buffer:streambuffer:jar</include>
               <include>wsdl4j:wsdl4j:jar</include>
-              <include>org.apache:xmlsec:jar</include>
+              <include>org.apache.santuario:xmlsec:jar</include>
               <include>org.codehaus.woodstox:wstx:jar</include>
             </includes>
           </dependencySet>


    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

JBossWS SVN: r17663 - in stack/native/branches/jbossws-native-3.1.2.SP11_JBPAPP-10758: modules/core and 5 other directories.