Skip to content

Bump wss4j from version 1.6.19 to version 2.4.3 #835

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 10 commits into
base: master
Choose a base branch
from
Open

Bump wss4j from version 1.6.19 to version 2.4.3 #835

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
e929902
Bump wss4j from version 1.6.19 to version 2.4.3
sgrampone Feb 29, 2024
5ca1539
Bump wws4j from version 1.6.19 to version 2.4.3
sgrampone Mar 5, 2024
070fdf3
Merge branch 'master' into wss4j
sgrampone Mar 5, 2024
edee89c
Merge branch 'master' into wss4j
sgrampone Mar 26, 2024
89c361a
Issue: 107613 Exclude geronimo-javamail_1.4_mail from transitive depe…
sgrampone Mar 26, 2024
248696c
Merge branch 'wss4j' of https://github.com/genexuslabs/JavaClasses in…
sgrampone Mar 26, 2024
59cea58
Exclude geronimo from wss4j-ws-security-dom
tomas-sexenian Apr 1, 2025
75523ca
Merge branch 'master' into wss4j
sgrampone Aug 8, 2025
80d4893
Add variable commons-io.version
sgrampone Aug 8, 2025
f71fcbd
Delete direct dependency commons-io
sgrampone Aug 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 22 additions & 5 deletions wrappercommon/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,28 @@
<artifactId>log4j-core</artifactId>
<version>${log4j.version}</version>
</dependency>
<dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
<version>1.6.19</version>
</dependency>
<dependency>
<groupId>org.apache.wss4j</groupId>
<artifactId>wss4j-ws-security-common</artifactId>
<version>2.4.3</version>
<exclusions>
<exclusion>
<groupId>org.apache.geronimo.javamail</groupId>
<artifactId>geronimo-javamail_1.4_mail</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.wss4j</groupId>
<artifactId>wss4j-ws-security-dom</artifactId>
<version>2.4.3</version>
<exclusions>
<exclusion>
<groupId>org.apache.geronimo.javamail</groupId>
<artifactId>geronimo-javamail_1.4_mail</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-layout-template-json</artifactId>
Expand Down
43 changes: 27 additions & 16 deletions wrapperjakarta/src/main/java/com/genexus/ws/GXHandlerConsumerChain.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
import java.util.Set;
import java.util.HashSet;
import java.util.Properties;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.xml.namespace.QName;
import javax.xml.transform.*;
import javax.xml.transform.dom.DOMResult;
Expand All @@ -12,12 +14,14 @@
import jakarta.xml.ws.handler.soap.SOAPMessageContext;
import jakarta.xml.soap.*;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.message.WSSecEncrypt;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.ws.security.message.WSSecTimestamp;

import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.dom.message.WSSecTimestamp;

import org.w3c.dom.*;
import java.io.InputStream;
import java.io.ByteArrayInputStream;
Expand All @@ -26,6 +30,8 @@
import com.genexus.diagnostics.core.LogManager;
import com.genexus.common.interfaces.*;

import static org.apache.wss4j.common.util.KeyUtils.getKeyGenerator;

public class GXHandlerConsumerChain implements SOAPHandler<SOAPMessageContext>
{
public static final ILogger logger = LogManager.getLogger(GXHandlerConsumerChain.class);
Expand Down Expand Up @@ -156,8 +162,8 @@ public boolean handleMessage(SOAPMessageContext messageContext)
Document doc = messageToDocument(messageContext.getMessage());

//Security header
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecHeader secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
Document signedDoc = null;

//Signature
Expand All @@ -168,7 +174,7 @@ public boolean handleMessage(SOAPMessageContext messageContext)
signatureProperties.put("org.apache.ws.security.crypto.merlin.keystore.password", wsSignature.getKeystore().getPassword());
signatureProperties.put("org.apache.ws.security.crypto.merlin.file", wsSignature.getKeystore().getSource());
Crypto signatureCrypto = CryptoFactory.getInstance(signatureProperties);
WSSecSignature sign = new WSSecSignature();
WSSecSignature sign = new WSSecSignature(doc);
sign.setKeyIdentifierType(wsSignature.getKeyIdentifierType());
sign.setUserInfo(wsSignature.getAlias(), wsSignature.getKeystore().getPassword());
if (wsSignature.getCanonicalizationalgorithm() != null)
Expand All @@ -177,13 +183,13 @@ public boolean handleMessage(SOAPMessageContext messageContext)
sign.setDigestAlgo(wsSignature.getDigest());
if (wsSignature.getSignaturealgorithm() != null)
sign.setSignatureAlgorithm(wsSignature.getSignaturealgorithm());
signedDoc = sign.build(doc, signatureCrypto, secHeader);
signedDoc = sign.build( signatureCrypto);

if (expirationTimeout > 0)
{
WSSecTimestamp timestamp = new WSSecTimestamp();
WSSecTimestamp timestamp = new WSSecTimestamp(secHeader);
timestamp.setTimeToLive(expirationTimeout);
signedDoc = timestamp.build(signedDoc, secHeader);
signedDoc = timestamp.build();
}
}

Expand All @@ -195,14 +201,19 @@ public boolean handleMessage(SOAPMessageContext messageContext)
encryptionProperties.put("org.apache.ws.security.crypto.merlin.keystore.password", wsEncryption.getKeystore().getPassword());
encryptionProperties.put("org.apache.ws.security.crypto.merlin.file", wsEncryption.getKeystore().getSource());
Crypto encryptionCrypto = CryptoFactory.getInstance(encryptionProperties);
WSSecEncrypt builder = new WSSecEncrypt();
builder.setUserInfo(wsEncryption.getAlias(), wsEncryption.getKeystore().getPassword());
builder.setKeyIdentifierType(wsEncryption.getKeyIdentifierType());
if (signedDoc == null)
{
signedDoc = doc;
}
builder.build(signedDoc, encryptionCrypto, secHeader);
WSSecEncrypt builder = new WSSecEncrypt(signedDoc);
builder.setUserInfo(wsEncryption.getAlias(), wsEncryption.getKeystore().getPassword());
builder.setKeyIdentifierType(wsEncryption.getKeyIdentifierType());
//using wss4j default encryption algorithm AES128-CBC
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(128);
SecretKey key = keyGenerator.generateKey();

builder.build(encryptionCrypto, key);
}

Document securityDoc = doc;
Expand Down
41 changes: 25 additions & 16 deletions wrapperjavax/src/main/java/com/genexus/ws/GXHandlerConsumerChain.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
import java.util.Set;
import java.util.HashSet;
import java.util.Properties;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.xml.namespace.QName;
import javax.xml.transform.*;
import javax.xml.transform.dom.DOMResult;
Expand All @@ -12,12 +14,14 @@
import javax.xml.ws.handler.soap.SOAPMessageContext;
import javax.xml.soap.*;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.message.WSSecEncrypt;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.ws.security.message.WSSecTimestamp;

import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.dom.message.WSSecTimestamp;

import org.w3c.dom.*;
import java.io.InputStream;
import java.io.ByteArrayInputStream;
Expand Down Expand Up @@ -156,8 +160,8 @@ public boolean handleMessage(SOAPMessageContext messageContext)
Document doc = messageToDocument(messageContext.getMessage());

//Security header
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecHeader secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
Document signedDoc = null;

//Signature
Expand All @@ -168,7 +172,7 @@ public boolean handleMessage(SOAPMessageContext messageContext)
signatureProperties.put("org.apache.ws.security.crypto.merlin.keystore.password", wsSignature.getKeystore().getPassword());
signatureProperties.put("org.apache.ws.security.crypto.merlin.file", wsSignature.getKeystore().getSource());
Crypto signatureCrypto = CryptoFactory.getInstance(signatureProperties);
WSSecSignature sign = new WSSecSignature();
WSSecSignature sign = new WSSecSignature(doc);
sign.setKeyIdentifierType(wsSignature.getKeyIdentifierType());
sign.setUserInfo(wsSignature.getAlias(), wsSignature.getKeystore().getPassword());
if (wsSignature.getCanonicalizationalgorithm() != null)
Expand All @@ -177,13 +181,13 @@ public boolean handleMessage(SOAPMessageContext messageContext)
sign.setDigestAlgo(wsSignature.getDigest());
if (wsSignature.getSignaturealgorithm() != null)
sign.setSignatureAlgorithm(wsSignature.getSignaturealgorithm());
signedDoc = sign.build(doc, signatureCrypto, secHeader);
signedDoc = sign.build( signatureCrypto);

if (expirationTimeout > 0)
{
WSSecTimestamp timestamp = new WSSecTimestamp();
WSSecTimestamp timestamp = new WSSecTimestamp(secHeader);
timestamp.setTimeToLive(expirationTimeout);
signedDoc = timestamp.build(signedDoc, secHeader);
signedDoc = timestamp.build();
}
}

Expand All @@ -195,14 +199,19 @@ public boolean handleMessage(SOAPMessageContext messageContext)
encryptionProperties.put("org.apache.ws.security.crypto.merlin.keystore.password", wsEncryption.getKeystore().getPassword());
encryptionProperties.put("org.apache.ws.security.crypto.merlin.file", wsEncryption.getKeystore().getSource());
Crypto encryptionCrypto = CryptoFactory.getInstance(encryptionProperties);
WSSecEncrypt builder = new WSSecEncrypt();
builder.setUserInfo(wsEncryption.getAlias(), wsEncryption.getKeystore().getPassword());
builder.setKeyIdentifierType(wsEncryption.getKeyIdentifierType());
if (signedDoc == null)
{
signedDoc = doc;
}
builder.build(signedDoc, encryptionCrypto, secHeader);
WSSecEncrypt builder = new WSSecEncrypt(signedDoc);
builder.setUserInfo(wsEncryption.getAlias(), wsEncryption.getKeystore().getPassword());
builder.setKeyIdentifierType(wsEncryption.getKeyIdentifierType());
//using wss4j default encryption algorithm AES128-CBC
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(128);
SecretKey key = keyGenerator.generateKey();

builder.build(encryptionCrypto, key);
}

Document securityDoc = doc;
Expand Down
Loading