From ee8f97bee9f8ee1dfc76ef950649ad6710297a1b Mon Sep 17 00:00:00 2001 From: Alex Dupre Date: Wed, 22 Feb 2012 16:19:04 +0000 Subject: Update to 1.5.0 release. --- security/xml-security/Makefile | 9 +- security/xml-security/distinfo | 4 +- security/xml-security/files/patch-build.xml | 40 ++-- ..._algorithms_implementations_SignatureECDSA.java | 205 --------------------- ...src_org_apache_xml_security_resource_config.xml | 147 --------------- ...apache_xml_security_signature_XMLSignature.java | 22 --- 6 files changed, 26 insertions(+), 401 deletions(-) delete mode 100644 security/xml-security/files/patch-src_org_apache_xml_security_algorithms_implementations_SignatureECDSA.java delete mode 100644 security/xml-security/files/patch-src_org_apache_xml_security_resource_config.xml delete mode 100644 security/xml-security/files/patch-src_org_apache_xml_security_signature_XMLSignature.java (limited to 'security/xml-security') diff --git a/security/xml-security/Makefile b/security/xml-security/Makefile index 50ae955ebaa9..e3fc4fa284ce 100644 --- a/security/xml-security/Makefile +++ b/security/xml-security/Makefile @@ -6,10 +6,10 @@ # PORTNAME= xml-security -PORTVERSION= 1.4.6 +PORTVERSION= 1.5.0 CATEGORIES= security java MASTER_SITES= ${MASTER_SITE_APACHE} -MASTER_SITE_SUBDIR= santuario/java-library +MASTER_SITE_SUBDIR= santuario/java-library/1_5_0 DISTNAME= ${PORTNAME}-src-${PORTVERSION:S/./_/g} MAINTAINER= ale@FreeBSD.org @@ -17,8 +17,7 @@ COMMENT= A Java library for XML Signature and Encryption BUILD_DEPENDS= ${JAVALIBDIR}/commons-logging.jar:${PORTSDIR}/java/jakarta-commons-logging \ ${JAVALIBDIR}/xalan.jar:${PORTSDIR}/textproc/xalan-j -RUN_DEPENDS= ${JAVALIBDIR}/commons-logging.jar:${PORTSDIR}/java/jakarta-commons-logging \ - ${JAVALIBDIR}/xalan.jar:${PORTSDIR}/textproc/xalan-j +RUN_DEPENDS= ${JAVALIBDIR}/commons-logging.jar:${PORTSDIR}/java/jakarta-commons-logging LICENSE= AL2 LICENSE_FILE= ${WRKSRC}/LICENSE @@ -52,7 +51,7 @@ do-install: .if !defined(NOPORTEXAMPLES) @${ECHO} -n ">> Installing examples in ${EXAMPLESDIR}..." @${MKDIR} ${EXAMPLESDIR} - @(cd ${WRKSRC}/src_samples && ${COPYTREE_SHARE} \* ${EXAMPLESDIR}) + @(cd ${WRKSRC}/samples && ${COPYTREE_SHARE} javax org ${EXAMPLESDIR}) @${ECHO} " [ DONE ]" .endif diff --git a/security/xml-security/distinfo b/security/xml-security/distinfo index 35b3e665785a..526653eb1bcc 100644 --- a/security/xml-security/distinfo +++ b/security/xml-security/distinfo @@ -1,2 +1,2 @@ -SHA256 (xml-security-src-1_4_6.zip) = 3e06d2f5e74693cbdc2950d191fec3a926540a66ec7ea047a675a0f5fcf367f0 -SIZE (xml-security-src-1_4_6.zip) = 2047516 +SHA256 (xml-security-src-1_5_0.zip) = f81093fc1bf32458d8d6326061b47d4fb645b806daeb1b747311bcb982d3611e +SIZE (xml-security-src-1_5_0.zip) = 2898447 diff --git a/security/xml-security/files/patch-build.xml b/security/xml-security/files/patch-build.xml index fda7db4b568d..95fc7b681cbc 100644 --- a/security/xml-security/files/patch-build.xml +++ b/security/xml-security/files/patch-build.xml @@ -1,37 +1,37 @@ ---- build.xml.orig 2010-11-11 10:38:24.000000000 +0100 -+++ build.xml 2010-12-14 13:05:00.000000000 +0100 -@@ -276,7 +276,7 @@ - + includeAntRuntime="yes"> + - -@@ -789,6 +789,19 @@ - +@@ -667,6 +667,19 @@ + + ++ depends="manifest,build.src"> + -+ -+ -+ -+ ++ ++ ++ ++ + + - + -@@ -811,7 +824,6 @@ +@@ -719,7 +732,6 @@ + - - diff --git a/security/xml-security/files/patch-src_org_apache_xml_security_algorithms_implementations_SignatureECDSA.java b/security/xml-security/files/patch-src_org_apache_xml_security_algorithms_implementations_SignatureECDSA.java deleted file mode 100644 index 31f2e02aa7dd..000000000000 --- a/security/xml-security/files/patch-src_org_apache_xml_security_algorithms_implementations_SignatureECDSA.java +++ /dev/null @@ -1,205 +0,0 @@ ---- src/org/apache/xml/security/algorithms/implementations/SignatureECDSA.java.orig 2010-11-11 10:38:28.000000000 +0100 -+++ src/org/apache/xml/security/algorithms/implementations/SignatureECDSA.java 2010-12-14 12:40:29.000000000 +0100 -@@ -1,5 +1,5 @@ - /* -- * Copyright 1999-2004 The Apache Software Foundation. -+ * Copyright 1999-2010 The Apache Software Foundation. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. -@@ -40,6 +40,7 @@ - /** - * - * @author $Author: raul $ -+ * @author Alex Dupre - */ - public abstract class SignatureECDSA extends SignatureAlgorithmSpi { - -@@ -69,34 +70,42 @@ - private static byte[] convertASN1toXMLDSIG(byte asn1Bytes[]) - throws IOException { - -- byte rLength = asn1Bytes[3]; -+ if (asn1Bytes.length < 8 || asn1Bytes[0] != 48) { -+ throw new IOException("Invalid ASN.1 format of ECDSA signature"); -+ } -+ int offset; -+ if (asn1Bytes[1] > 0) { -+ offset = 2; -+ } else if (asn1Bytes[1] == (byte) 0x81) { -+ offset = 3; -+ } else { -+ throw new IOException("Invalid ASN.1 format of ECDSA signature"); -+ } -+ -+ byte rLength = asn1Bytes[offset + 1]; - int i; - -- for (i = rLength; (i > 0) && (asn1Bytes[(4 + rLength) - i] == 0); i--); -+ for (i = rLength; (i > 0) && (asn1Bytes[(offset + 2 + rLength) - i] == 0); i--); - -- byte sLength = asn1Bytes[5 + rLength]; -+ byte sLength = asn1Bytes[offset + 2 + rLength + 1]; - int j; - - for (j = sLength; -- (j > 0) && (asn1Bytes[(6 + rLength + sLength) - j] == 0); j--); -+ (j > 0) && (asn1Bytes[(offset + 2 + rLength + 2 + sLength) - j] == 0); j--); - -- int rawLen = ((i+7)/8)*8; -+ int rawLen = Math.max(i, j); - -- int tmp = ((j+7)/8)*8; -- -- if (tmp > rawLen) -- rawLen = tmp; -- -- if ((asn1Bytes[0] != 48) || (asn1Bytes[1] != asn1Bytes.length - 2) -- || (asn1Bytes[2] != 2) || rawLen < 24 -- || (asn1Bytes[4 + rLength] != 2) ) { -+ if ((asn1Bytes[offset - 1] & 0xff) != asn1Bytes.length - offset -+ || (asn1Bytes[offset - 1] & 0xff) != 2 + rLength + 2 + sLength -+ || asn1Bytes[offset] != 2 -+ || asn1Bytes[offset + 2 + rLength] != 2) { - throw new IOException("Invalid ASN.1 format of ECDSA signature"); - } - byte xmldsigBytes[] = new byte[2*rawLen]; - -- System.arraycopy(asn1Bytes, (4 + rLength) - i, xmldsigBytes, rawLen - i, -+ System.arraycopy(asn1Bytes, (offset + 2 + rLength) - i, xmldsigBytes, rawLen - i, - i); -- System.arraycopy(asn1Bytes, (6 + rLength + sLength) - j, xmldsigBytes, -+ System.arraycopy(asn1Bytes, (offset + 2 + rLength + 2 + sLength) - j, xmldsigBytes, - 2*rawLen - j, j); - - return xmldsigBytes; -@@ -118,10 +127,6 @@ - private static byte[] convertXMLDSIGtoASN1(byte xmldsigBytes[]) - throws IOException { - -- if (xmldsigBytes.length < 48) { -- throw new IOException("Invalid XMLDSIG format of ECDSA signature"); -- } -- - int rawLen = xmldsigBytes.length/2; - - int i; -@@ -143,20 +148,34 @@ - if (xmldsigBytes[2*rawLen - k] < 0) { - l += 1; - } -- -- byte asn1Bytes[] = new byte[6 + j + l]; -- -+ -+ int len = 2 + j + 2 + l; -+ if (len > 255) { -+ throw new IOException("Invalid XMLDSIG format of ECDSA signature"); -+ } -+ int offset; -+ byte asn1Bytes[]; -+ if (len < 128) { -+ asn1Bytes = new byte[2 + 2 + j + 2 + l]; -+ offset = 1; -+ } else { -+ asn1Bytes = new byte[3 + 2 + j + 2 + l]; -+ asn1Bytes[1] = (byte) 0x81; -+ offset = 2; -+ } - asn1Bytes[0] = 48; -- asn1Bytes[1] = (byte) (4 + j + l); -- asn1Bytes[2] = 2; -- asn1Bytes[3] = (byte) j; -+ asn1Bytes[offset++] = (byte) len; -+ asn1Bytes[offset++] = 2; -+ asn1Bytes[offset++] = (byte) j; - -- System.arraycopy(xmldsigBytes, rawLen - i, asn1Bytes, (4 + j) - i, i); -+ System.arraycopy(xmldsigBytes, rawLen - i, asn1Bytes, (offset + j) - i, i); -+ -+ offset += j; - -- asn1Bytes[4 + j] = 2; -- asn1Bytes[5 + j] = (byte) l; -+ asn1Bytes[offset++] = 2; -+ asn1Bytes[offset++] = (byte) l; - -- System.arraycopy(xmldsigBytes, 2*rawLen - k, asn1Bytes, (6 + j + l) - k, k); -+ System.arraycopy(xmldsigBytes, 2*rawLen - k, asn1Bytes, (offset + l) - k, k); - - return asn1Bytes; - } -@@ -386,4 +405,73 @@ - } - } - -+ /** -+ * Class SignatureRSASHA256 -+ * -+ * @author Alex Dupre -+ * @version $Revision$ -+ */ -+ public static class SignatureECDSASHA256 extends SignatureECDSA { -+ -+ /** -+ * Constructor SignatureRSASHA256 -+ * -+ * @throws XMLSignatureException -+ */ -+ public SignatureECDSASHA256() throws XMLSignatureException { -+ super(); -+ } -+ -+ /** @inheritDoc */ -+ public String engineGetURI() { -+ return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256; -+ } -+ } -+ -+ /** -+ * Class SignatureRSASHA384 -+ * -+ * @author Alex Dupre -+ * @version $Revision$ -+ */ -+ public static class SignatureECDSASHA384 extends SignatureECDSA { -+ -+ /** -+ * Constructor SignatureRSASHA384 -+ * -+ * @throws XMLSignatureException -+ */ -+ public SignatureECDSASHA384() throws XMLSignatureException { -+ super(); -+ } -+ -+ /** @inheritDoc */ -+ public String engineGetURI() { -+ return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA384; -+ } -+ } -+ -+ /** -+ * Class SignatureRSASHA512 -+ * -+ * @author Alex Dupre -+ * @version $Revision$ -+ */ -+ public static class SignatureECDSASHA512 extends SignatureECDSA { -+ -+ /** -+ * Constructor SignatureRSASHA512 -+ * -+ * @throws XMLSignatureException -+ */ -+ public SignatureECDSASHA512() throws XMLSignatureException { -+ super(); -+ } -+ -+ /** @inheritDoc */ -+ public String engineGetURI() { -+ return XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA512; -+ } -+ } -+ - } diff --git a/security/xml-security/files/patch-src_org_apache_xml_security_resource_config.xml b/security/xml-security/files/patch-src_org_apache_xml_security_resource_config.xml deleted file mode 100644 index af534bc16bf8..000000000000 --- a/security/xml-security/files/patch-src_org_apache_xml_security_resource_config.xml +++ /dev/null @@ -1,147 +0,0 @@ ---- src/org/apache/xml/security/resource/config.xml.orig 2010-11-11 10:38:26.000000000 +0100 -+++ src/org/apache/xml/security/resource/config.xml 2010-12-14 12:40:29.000000000 +0100 -@@ -78,6 +78,12 @@ - JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512" /> - -+ -+ -+ - - -@@ -97,7 +103,7 @@ - Description="MD5 message digest from RFC 1321" - AlgorithmClass="MessageDigest" - RequirementLevel="NOT RECOMMENDED" -- SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt" -+ SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" - JCEName="MD5"/> - - - - - - - - - - - - - - -+ SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" -+ JCEName="SHA1withECDSA"/> -+ -+ -+ -+ -+ -+ - - - - - - - - - - - - - diff --git a/security/xml-security/files/patch-src_org_apache_xml_security_signature_XMLSignature.java b/security/xml-security/files/patch-src_org_apache_xml_security_signature_XMLSignature.java deleted file mode 100644 index 39f476f671fb..000000000000 --- a/security/xml-security/files/patch-src_org_apache_xml_security_signature_XMLSignature.java +++ /dev/null @@ -1,22 +0,0 @@ ---- src/org/apache/xml/security/signature/XMLSignature.java.orig 2010-11-11 10:38:26.000000000 +0100 -+++ src/org/apache/xml/security/signature/XMLSignature.java 2010-12-14 12:40:29.000000000 +0100 -@@ -1,5 +1,5 @@ - /* -- * Copyright 1999-2009 The Apache Software Foundation. -+ * Copyright 1999-2010 The Apache Software Foundation. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. -@@ -107,6 +107,12 @@ - public static final String ALGO_ID_MAC_HMAC_SHA512 = Constants.MoreAlgorithmsSpecNS + "hmac-sha512"; - /**Signature - Optional ECDSAwithSHA1 */ - public static final String ALGO_ID_SIGNATURE_ECDSA_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"; -+ /**Signature - Optional ECDSAwithSHA256 */ -+ public static final String ALGO_ID_SIGNATURE_ECDSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"; -+ /**Signature - Optional ECDSAwithSHA384 */ -+ public static final String ALGO_ID_SIGNATURE_ECDSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"; -+ /**Signature - Optional ECDSAwithSHA512 */ -+ public static final String ALGO_ID_SIGNATURE_ECDSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"; - - /** ds:Signature.ds:SignedInfo element */ - private SignedInfo _signedInfo = null; -- cgit v1.2.3