Author: coheigea Date: Thu Aug 3 10:22:53 2017 New Revision: 1803982 URL: http://svn.apache.org/viewvc?rev=1803982&view=rev Log: Removing commons Base64 usage
Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/utils/WSSUtils.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/JAASUsernameTokenValidatorImpl.java webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java (original) +++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/AttachmentUtils.java Thu Aug 3 10:22:53 2017 @@ -558,7 +558,7 @@ public final class AttachmentUtils { if (complete) { try (ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream()) { - OutputStreamWriter outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream, "US-ASCII"); + OutputStreamWriter outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream, StandardCharsets.US_ASCII); Iterator<Map.Entry<String, String>> iterator = headers.entrySet().iterator(); while (iterator.hasNext()) { Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java (original) +++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java Thu Aug 3 10:22:53 2017 @@ -22,6 +22,7 @@ import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.OutputStream; +import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.List; @@ -128,7 +129,7 @@ public final class XMLUtils { public static String prettyDocumentToString(Document doc) throws IOException, TransformerException { try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) { elementToStream(doc.getDocumentElement(), baos); - return new String(baos.toByteArray(), "UTF-8"); + return new String(baos.toByteArray(), StandardCharsets.UTF_8); } } Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java (original) +++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java Thu Aug 3 10:22:53 2017 @@ -20,9 +20,9 @@ package org.apache.wss4j.dom.processor; import java.time.Instant; +import java.util.Base64; import java.util.List; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl; import org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl; import org.w3c.dom.Element; @@ -96,7 +96,9 @@ public class UsernameTokenProcessor impl } else { WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(token.getName(), token.isHashed()); - principal.setNonce(Base64.decodeBase64(token.getNonce())); + if (token.getNonce() != null) { + principal.setNonce(Base64.getMimeDecoder().decode(token.getNonce())); + } principal.setPassword(token.getPassword()); principal.setCreatedTime(token.getCreated()); principal.setPasswordType(token.getPasswordType()); Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java Thu Aug 3 10:22:53 2017 @@ -22,6 +22,7 @@ import java.security.Key; import java.security.PublicKey; import java.security.cert.X509Certificate; import java.util.ArrayList; +import java.util.Base64; import java.util.Deque; import java.util.Iterator; import java.util.List; @@ -41,7 +42,6 @@ import javax.xml.stream.events.Comment; import javax.xml.stream.events.Namespace; import javax.xml.stream.events.ProcessingInstruction; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.binding.wss10.ObjectFactory; import org.apache.wss4j.binding.wss10.SecurityTokenReferenceType; import org.apache.wss4j.common.ext.WSSecurityException; @@ -346,7 +346,7 @@ public class SAMLTokenInputHandler exten Key key = super.getKey(algorithmURI, algorithmUsage, correlationID); if (key == null) { String algoFamily = JCEAlgorithmMapper.getJCEKeyAlgorithmFromURI(algorithmURI); - key = new SecretKeySpec(Base64.decodeBase64(stringBuilder.toString()), algoFamily); + key = new SecretKeySpec(Base64.getMimeDecoder().decode(stringBuilder.toString()), algoFamily); setSecretKey(algorithmURI, key); } return key; Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java Thu Aug 3 10:22:53 2017 @@ -19,12 +19,12 @@ package org.apache.wss4j.stax.impl.processor.output; import java.util.ArrayList; +import java.util.Base64; import java.util.List; import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamException; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.stax.ext.WSSConstants; import org.apache.wss4j.stax.ext.WSSSecurityProperties; import org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken; @@ -170,7 +170,7 @@ public class BinarySecurityTokenOutputPr attributes.add(createAttribute(WSSConstants.ATT_WSU_ID, securityToken.getId())); createStartElementAndOutputAsEvent(subOutputProcessorChain, headerElementName, false, attributes); createCharactersAndOutputAsEvent(subOutputProcessorChain, - new Base64(76, new byte[]{'\n'}).encodeToString( + Base64.getMimeEncoder().encodeToString( ((KerberosClientSecurityToken)securityToken).getTicket()) ); createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName); Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/DerivedKeyTokenOutputProcessor.java Thu Aug 3 10:22:53 2017 @@ -22,13 +22,13 @@ import java.nio.charset.StandardCharsets import java.security.Key; import java.security.cert.X509Certificate; import java.util.ArrayList; +import java.util.Base64; import java.util.List; import javax.crypto.spec.SecretKeySpec; import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamException; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.common.derivedKey.AlgoFactory; import org.apache.wss4j.common.derivedKey.DerivationAlgorithm; import org.apache.wss4j.common.ext.WSPasswordCallback; @@ -171,7 +171,7 @@ public class DerivedKeyTokenOutputProces outputProcessorChain.getSecurityContext().registerSecurityTokenProvider(wsuIdDKT, derivedKeysecurityTokenProvider); FinalDerivedKeyTokenOutputProcessor finalDerivedKeyTokenOutputProcessor = new FinalDerivedKeyTokenOutputProcessor(derivedKeySecurityToken, offset, length, - new String(Base64.encodeBase64(nonce)), + Base64.getMimeEncoder().encodeToString(nonce), ((WSSSecurityProperties)getSecurityProperties()).isUse200512Namespace(), wrappingSecurityToken.getSha1Identifier()); finalDerivedKeyTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties()); Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/EncryptedKeyOutputProcessor.java Thu Aug 3 10:22:53 2017 @@ -28,6 +28,7 @@ import java.security.cert.X509Certificat import java.security.spec.AlgorithmParameterSpec; import java.security.spec.MGF1ParameterSpec; import java.util.ArrayList; +import java.util.Base64; import java.util.List; import javax.crypto.Cipher; @@ -40,7 +41,6 @@ import javax.security.auth.callback.Unsu import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamException; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.common.ext.WSPasswordCallback; import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.stax.ext.WSSConstants; @@ -241,7 +241,7 @@ public class EncryptedKeyOutputProcessor if (oaepParams != null) { createStartElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_xenc_OAEPparams, false, null); - createCharactersAndOutputAsEvent(subOutputProcessorChain, Base64.encodeBase64String(oaepParams)); + createCharactersAndOutputAsEvent(subOutputProcessorChain, Base64.getMimeEncoder().encodeToString(oaepParams)); createEndElementAndOutputAsEvent(subOutputProcessorChain, XMLSecurityConstants.TAG_xenc_OAEPparams); } @@ -331,7 +331,7 @@ public class EncryptedKeyOutputProcessor } createCharactersAndOutputAsEvent(subOutputProcessorChain, - new Base64(76, new byte[]{'\n'}).encodeToString(encryptedEphemeralKey)); + Base64.getMimeEncoder().encodeToString(encryptedEphemeralKey)); } catch (NoSuchPaddingException | NoSuchAlgorithmException | InvalidKeyException | IllegalBlockSizeException Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/SignatureConfirmationOutputProcessor.java Thu Aug 3 10:22:53 2017 @@ -19,12 +19,12 @@ package org.apache.wss4j.stax.impl.processor.output; import java.util.ArrayList; +import java.util.Base64; import java.util.List; import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamException; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.stax.ext.WSSConstants; import org.apache.wss4j.stax.ext.WSSSecurityProperties; import org.apache.wss4j.stax.utils.WSSUtils; @@ -72,7 +72,7 @@ public class SignatureConfirmationOutput List<XMLSecAttribute> attributes = new ArrayList<>(2); attributes.add(createAttribute(WSSConstants.ATT_WSU_ID, IDGenerator.generateID(null))); String base64SigValue = - new Base64(76, new byte[]{'\n'}).encodeToString(signatureValueSecurityEvent.getSignatureValue()); + Base64.getMimeEncoder().encodeToString(signatureValueSecurityEvent.getSignatureValue()); attributes.add(createAttribute(WSSConstants.ATT_NULL_VALUE, base64SigValue)); createStartElementAndOutputAsEvent(subOutputProcessorChain, headerElementName, true, attributes); createEndElementAndOutputAsEvent(subOutputProcessorChain, headerElementName); Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java Thu Aug 3 10:22:53 2017 @@ -18,7 +18,6 @@ */ package org.apache.wss4j.stax.impl.processor.output; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.common.ext.WSPasswordCallback; import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.common.util.DateUtil; @@ -42,6 +41,7 @@ import javax.xml.stream.XMLStreamExcepti import java.time.Instant; import java.time.ZoneOffset; import java.util.ArrayList; +import java.util.Base64; import java.util.List; public class UsernameTokenOutputProcessor extends AbstractOutputProcessor { @@ -211,7 +211,7 @@ public class UsernameTokenOutputProcesso if (salt != null) { createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_WSSE11_SALT, true, null); - createCharactersAndOutputAsEvent(subOutputProcessorChain, new Base64(76, new byte[]{'\n'}).encodeToString(this.salt)); + createCharactersAndOutputAsEvent(subOutputProcessorChain, Base64.getMimeEncoder().encodeToString(this.salt)); createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_WSSE11_SALT); if (iterations > 0) { @@ -226,7 +226,7 @@ public class UsernameTokenOutputProcesso attributes.add(createAttribute(WSSConstants.ATT_NULL_ENCODING_TYPE, WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING)); createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_WSSE_NONCE, false, attributes); createCharactersAndOutputAsEvent(subOutputProcessorChain, - new Base64(76, new byte[]{'\n'}).encodeToString(this.nonceValue)); + Base64.getMimeEncoder().encodeToString(this.nonceValue)); createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_WSSE_NONCE); } Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java Thu Aug 3 10:22:53 2017 @@ -29,12 +29,12 @@ import java.security.cert.CertificateEnc import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Arrays; +import java.util.Base64; import java.util.List; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.x500.X500Principal; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.binding.wss10.KeyIdentifierType; import org.apache.wss4j.binding.wss10.SecurityTokenReferenceType; import org.apache.wss4j.common.bsp.BSPRule; @@ -253,7 +253,7 @@ public class SecurityTokenFactoryImpl ex byte[] binaryContent = null; if (WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING.equals(encodingType)) { - binaryContent = Base64.decodeBase64(keyIdentifierType.getValue()); + binaryContent = Base64.getMimeDecoder().decode(keyIdentifierType.getValue()); } else if (!WSSConstants.NS_SAML10_TYPE.equals(valueType) && !WSSConstants.NS_SAML20_TYPE.equals(valueType)) { if (encodingType == null) { ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3070); Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/utils/WSSUtils.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/utils/WSSUtils.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/utils/WSSUtils.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/utils/WSSUtils.java Thu Aug 3 10:22:53 2017 @@ -29,6 +29,7 @@ import java.security.cert.CertificateFac import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Arrays; +import java.util.Base64; import java.util.Iterator; import java.util.List; @@ -39,7 +40,6 @@ import javax.xml.namespace.QName; import javax.xml.stream.XMLStreamException; import javax.xml.stream.events.Attribute; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.common.crypto.Merlin; import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.stax.ext.WSSConstants; @@ -131,7 +131,7 @@ public class WSSUtils extends XMLSecurit MessageDigest sha = MessageDigest.getInstance("SHA-1"); sha.reset(); sha.update(b4); - return new String(Base64.encodeBase64(sha.digest())); + return new String(Base64.getMimeEncoder().encodeToString(sha.digest())); } catch (NoSuchAlgorithmException e) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e, "decoding.general"); } @@ -253,14 +253,14 @@ public class WSSUtils extends XMLSecurit try { if (useSingleCertificate) { String encodedCert = - new Base64(76, new byte[]{'\n'}).encodeToString(x509Certificates[0].getEncoded()); + Base64.getMimeEncoder().encodeToString(x509Certificates[0].getEncoded()); abstractOutputProcessor.createCharactersAndOutputAsEvent(outputProcessorChain, encodedCert); } else { try { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); List<X509Certificate> certificates = Arrays.asList(x509Certificates); String encodedCert = - new Base64(76, new byte[]{'\n'}).encodeToString(certificateFactory.generateCertPath(certificates).getEncoded()); + Base64.getMimeEncoder().encodeToString(certificateFactory.generateCertPath(certificates).getEncoded()); abstractOutputProcessor.createCharactersAndOutputAsEvent(outputProcessorChain, encodedCert); } catch (CertificateException e) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e); @@ -292,7 +292,7 @@ public class WSSUtils extends XMLSecurit false, attributes); byte[] data = new Merlin().getSKIBytesFromCert(x509Certificates[0]); abstractOutputProcessor.createCharactersAndOutputAsEvent(outputProcessorChain, - new Base64(76, new byte[]{'\n'}).encodeToString(data)); + Base64.getMimeEncoder().encodeToString(data)); abstractOutputProcessor.createEndElementAndOutputAsEvent(outputProcessorChain, WSSConstants.TAG_WSSE_KEY_IDENTIFIER); } @@ -310,7 +310,7 @@ public class WSSUtils extends XMLSecurit WSSConstants.TAG_WSSE_KEY_IDENTIFIER, false, attributes); try { - String encodedCert = new Base64(76, new byte[]{'\n'}).encodeToString(x509Certificates[0].getEncoded()); + String encodedCert = Base64.getMimeEncoder().encodeToString(x509Certificates[0].getEncoded()); abstractOutputProcessor.createCharactersAndOutputAsEvent(outputProcessorChain, encodedCert); } catch (CertificateEncodingException e) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e); @@ -335,7 +335,7 @@ public class WSSUtils extends XMLSecurit MessageDigest sha = MessageDigest.getInstance("SHA-1"); byte[] data = sha.digest(x509Certificates[0].getEncoded()); abstractOutputProcessor.createCharactersAndOutputAsEvent(outputProcessorChain, - new Base64(76, new byte[]{'\n'}).encodeToString(data)); + Base64.getMimeEncoder().encodeToString(data)); } catch (CertificateEncodingException | NoSuchAlgorithmException e) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e); } @@ -350,7 +350,7 @@ public class WSSUtils extends XMLSecurit MessageDigest sha = MessageDigest.getInstance("SHA-1"); byte[] data = sha.digest(key.getEncoded()); createEncryptedKeySha1IdentifierStructure(abstractOutputProcessor, outputProcessorChain, - new Base64(76, new byte[]{'\n'}).encodeToString(data)); + Base64.getMimeEncoder().encodeToString(data)); } catch (NoSuchAlgorithmException e) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e); } Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java Thu Aug 3 10:22:53 2017 @@ -18,7 +18,8 @@ */ package org.apache.wss4j.stax.validate; -import org.apache.commons.codec.binary.Base64; +import java.util.Base64; + import org.apache.wss4j.binding.wss10.BinarySecurityTokenType; import org.apache.wss4j.common.crypto.Crypto; import org.apache.wss4j.common.ext.WSSecurityException; @@ -49,7 +50,7 @@ public class BinarySecurityTokenValidato new Object[] {binarySecurityTokenType.getEncodingType()}); } - byte[] securityTokenData = Base64.decodeBase64(binarySecurityTokenType.getValue()); + byte[] securityTokenData = Base64.getMimeDecoder().decode(binarySecurityTokenType.getValue()); try { if (WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType())) { Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/JAASUsernameTokenValidatorImpl.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/JAASUsernameTokenValidatorImpl.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/JAASUsernameTokenValidatorImpl.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/JAASUsernameTokenValidatorImpl.java Thu Aug 3 10:22:53 2017 @@ -18,12 +18,13 @@ */ package org.apache.wss4j.stax.validate; +import java.util.Base64; + import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; -import org.apache.commons.codec.binary.Base64; import org.apache.wss4j.binding.wss10.EncodedString; import org.apache.wss4j.binding.wss10.PasswordString; import org.apache.wss4j.binding.wss10.UsernameTokenType; @@ -106,7 +107,7 @@ public class JAASUsernameTokenValidatorI if (!WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING.equals(encodedNonce.getEncodingType())) { throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN, "badTokenType01"); } - nonceVal = Base64.decodeBase64(encodedNonce.getValue()); + nonceVal = Base64.getMimeDecoder().decode(encodedNonce.getValue()); } final AttributedDateTime attributedDateTimeCreated = Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java?rev=1803982&r1=1803981&r2=1803982&view=diff ============================================================================== --- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java (original) +++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java Thu Aug 3 10:22:53 2017 @@ -18,7 +18,8 @@ */ package org.apache.wss4j.stax.validate; -import org.apache.commons.codec.binary.Base64; +import java.util.Base64; + import org.apache.wss4j.binding.wss10.AttributedString; import org.apache.wss4j.binding.wss10.EncodedString; import org.apache.wss4j.binding.wss10.PasswordString; @@ -89,7 +90,7 @@ public class UsernameTokenValidatorImpl XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_WSSE_NONCE); byte[] nonceVal = null; if (encodedNonce != null && encodedNonce.getValue() != null) { - nonceVal = Base64.decodeBase64(encodedNonce.getValue()); + nonceVal = Base64.getMimeDecoder().decode(encodedNonce.getValue()); } final AttributedDateTime attributedDateTimeCreated =