From 986877cba60ba87e0d8b98f685021444e3c8f29c Mon Sep 17 00:00:00 2001 From: JB BUGEAUD Date: Thu, 6 Jun 2013 09:35:48 +0200 Subject: [PATCH] Migrate to 0.49 BoucyCastle provider Migrate to 0.49 BoucyCastle provider required replacement of some DER objects by ASN.1 counterparts --- api/.gitignore | 1 + core/.gitignore | 1 + decoding/.gitignore | 1 + decoding/pom.xml | 4 ++-- .../java/org/jaaslounge/decoding/DecodingUtil.java | 14 ++++++++++---- .../decoding/kerberos/KerberosApRequest.java | 5 +++-- .../decoding/kerberos/KerberosEncData.java | 5 +++-- .../kerberos/KerberosRelevantAuthData.java | 12 +++++++----- .../decoding/kerberos/KerberosTicket.java | 5 +++-- sso/oas/.gitignore | 1 + sso/tomcat/.gitignore | 1 + sso/weblogic/.gitignore | 1 + sso/websphere/.gitignore | 1 + 13 files changed, 35 insertions(+), 17 deletions(-) create mode 100644 api/.gitignore create mode 100644 core/.gitignore create mode 100644 decoding/.gitignore create mode 100644 sso/oas/.gitignore create mode 100644 sso/tomcat/.gitignore create mode 100644 sso/weblogic/.gitignore create mode 100644 sso/websphere/.gitignore diff --git a/api/.gitignore b/api/.gitignore new file mode 100644 index 0000000..9f97022 --- /dev/null +++ b/api/.gitignore @@ -0,0 +1 @@ +target/ \ No newline at end of file diff --git a/core/.gitignore b/core/.gitignore new file mode 100644 index 0000000..9f97022 --- /dev/null +++ b/core/.gitignore @@ -0,0 +1 @@ +target/ \ No newline at end of file diff --git a/decoding/.gitignore b/decoding/.gitignore new file mode 100644 index 0000000..9f97022 --- /dev/null +++ b/decoding/.gitignore @@ -0,0 +1 @@ +target/ \ No newline at end of file diff --git a/decoding/pom.xml b/decoding/pom.xml index 951b777..6ae8a4a 100644 --- a/decoding/pom.xml +++ b/decoding/pom.xml @@ -16,8 +16,8 @@ org.bouncycastle - bcprov-jdk15 - 1.45 + bcprov-jdk15on + 1.49 diff --git a/decoding/src/main/java/org/jaaslounge/decoding/DecodingUtil.java b/decoding/src/main/java/org/jaaslounge/decoding/DecodingUtil.java index d5ad69f..1a50367 100644 --- a/decoding/src/main/java/org/jaaslounge/decoding/DecodingUtil.java +++ b/decoding/src/main/java/org/jaaslounge/decoding/DecodingUtil.java @@ -4,8 +4,9 @@ import java.util.Enumeration; import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERObject; +import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.DERSequence; public final class DecodingUtil { @@ -45,22 +46,27 @@ public static T as(Class type, Enumeration enumeration) return as(type, enumeration.nextElement()); } - public static T as(Class type, ASN1InputStream stream) + public static T as(Class type, ASN1InputStream stream) throws DecodingException, IOException { return as(type, stream.readObject()); } - public static T as(Class type, ASN1TaggedObject tagged) + public static T as(Class type, ASN1TaggedObject tagged) throws DecodingException { return as(type, tagged.getObject()); } - public static T as(Class type, DERSequence sequence, int index) + public static T as(Class type, DERSequence sequence, int index) throws DecodingException { return as(type, sequence.getObjectAt(index)); } + public static T as(Class type, ASN1Sequence sequence, int index) + throws DecodingException { + return as(type, sequence.getObjectAt(index)); + } + } diff --git a/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosApRequest.java b/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosApRequest.java index 7188764..51fef7f 100644 --- a/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosApRequest.java +++ b/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosApRequest.java @@ -8,6 +8,7 @@ import javax.security.auth.kerberos.KerberosKey; import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERApplicationSpecific; import org.bouncycastle.asn1.DERBitString; @@ -25,10 +26,10 @@ public KerberosApRequest(byte[] token, KerberosKey[] keys) throws DecodingExcept if(token.length <= 0) throw new DecodingException("kerberos.request.empty", null, null); - DERSequence sequence; + ASN1Sequence sequence; try { ASN1InputStream stream = new ASN1InputStream(new ByteArrayInputStream(token)); - sequence = DecodingUtil.as(DERSequence.class, stream); + sequence = DecodingUtil.as(ASN1Sequence.class, stream); stream.close(); } catch(IOException e) { throw new DecodingException("kerberos.ticket.malformed", null, e); diff --git a/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosEncData.java b/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosEncData.java index 2a3dd46..cb34e2f 100644 --- a/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosEncData.java +++ b/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosEncData.java @@ -17,6 +17,7 @@ import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERApplicationSpecific; import org.bouncycastle.asn1.DERGeneralString; @@ -47,9 +48,9 @@ public KerberosEncData(byte[] token, Key key) throws DecodingException { } stream = new ASN1InputStream(new ByteArrayInputStream(derToken.getContents())); - DERSequence sequence; + ASN1Sequence sequence; try { - sequence = DecodingUtil.as(DERSequence.class, stream); + sequence = DecodingUtil.as(ASN1Sequence.class, stream); stream.close(); } catch(IOException e) { throw new DecodingException("kerberos.ticket.malformed", null, e); diff --git a/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosRelevantAuthData.java b/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosRelevantAuthData.java index ab25324..9d5be17 100644 --- a/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosRelevantAuthData.java +++ b/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosRelevantAuthData.java @@ -8,6 +8,8 @@ import java.util.List; import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERInteger; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; @@ -21,9 +23,9 @@ public class KerberosRelevantAuthData extends KerberosAuthData { public KerberosRelevantAuthData(byte[] token, Key key) throws DecodingException { ASN1InputStream stream = new ASN1InputStream(new ByteArrayInputStream(token)); - DERSequence authSequence; + ASN1Sequence authSequence; try { - authSequence = DecodingUtil.as(DERSequence.class, stream); + authSequence = DecodingUtil.as(ASN1Sequence.class, stream); stream.close(); } catch(IOException e) { throw new DecodingException("kerberos.ticket.malformed", null, e); @@ -32,11 +34,11 @@ public KerberosRelevantAuthData(byte[] token, Key key) throws DecodingException authorizations = new ArrayList(); Enumeration authElements = authSequence.getObjects(); while(authElements.hasMoreElements()) { - DERSequence authElement = DecodingUtil.as(DERSequence.class, authElements); + ASN1Sequence authElement = DecodingUtil.as(ASN1Sequence.class, authElements); DERInteger authType = DecodingUtil.as(DERInteger.class, DecodingUtil.as( - DERTaggedObject.class, authElement, 0)); + ASN1TaggedObject.class, authElement, 0)); DEROctetString authData = DecodingUtil.as(DEROctetString.class, DecodingUtil.as( - DERTaggedObject.class, authElement, 1)); + ASN1TaggedObject.class, authElement, 1)); authorizations.addAll(KerberosAuthData.parse(authType.getValue().intValue(), authData .getOctets(), key)); diff --git a/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosTicket.java b/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosTicket.java index 0d0f543..6cbc8bf 100644 --- a/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosTicket.java +++ b/decoding/src/main/java/org/jaaslounge/decoding/kerberos/KerberosTicket.java @@ -10,6 +10,7 @@ import javax.security.auth.login.LoginException; import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERGeneralString; import org.bouncycastle.asn1.DERInteger; @@ -32,9 +33,9 @@ public KerberosTicket(byte[] token, byte apOptions, KerberosKey[] keys) throw new DecodingException("kerberos.ticket.empty", null, null); ASN1InputStream stream = new ASN1InputStream(new ByteArrayInputStream(token)); - DERSequence sequence; + ASN1Sequence sequence; try { - sequence = DecodingUtil.as(DERSequence.class, stream); + sequence = DecodingUtil.as(ASN1Sequence.class, stream); stream.close(); } catch(IOException e) { throw new DecodingException("kerberos.ticket.malformed", null, e); diff --git a/sso/oas/.gitignore b/sso/oas/.gitignore new file mode 100644 index 0000000..9f97022 --- /dev/null +++ b/sso/oas/.gitignore @@ -0,0 +1 @@ +target/ \ No newline at end of file diff --git a/sso/tomcat/.gitignore b/sso/tomcat/.gitignore new file mode 100644 index 0000000..9f97022 --- /dev/null +++ b/sso/tomcat/.gitignore @@ -0,0 +1 @@ +target/ \ No newline at end of file diff --git a/sso/weblogic/.gitignore b/sso/weblogic/.gitignore new file mode 100644 index 0000000..9f97022 --- /dev/null +++ b/sso/weblogic/.gitignore @@ -0,0 +1 @@ +target/ \ No newline at end of file diff --git a/sso/websphere/.gitignore b/sso/websphere/.gitignore new file mode 100644 index 0000000..9f97022 --- /dev/null +++ b/sso/websphere/.gitignore @@ -0,0 +1 @@ +target/ \ No newline at end of file