This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
The following commit(s) were added to refs/heads/master by this push: new e4235f2 Picking up latest Santuario fixes e4235f2 is described below commit e4235f2c853f0f912ef4b79bd6d6f2d2a9bd3876 Author: Colm O hEigeartaigh <cohei...@apache.org> AuthorDate: Fri Jan 24 10:23:50 2020 +0000 Picking up latest Santuario fixes --- .../src/main/java/org/apache/wss4j/common/crypto/CryptoBase.java | 5 +---- .../src/main/java/org/apache/wss4j/common/crypto/Merlin.java | 7 ++----- .../src/main/java/org/apache/wss4j/dom/message/Encryptor.java | 1 - 3 files changed, 3 insertions(+), 10 deletions(-) diff --git a/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoBase.java b/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoBase.java index bab4173..4502807 100644 --- a/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoBase.java +++ b/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoBase.java @@ -391,10 +391,7 @@ public abstract class CryptoBase implements Crypto { * @return the NameConstraints, or null if not present * @throws WSSecurityException if a processing error occurs decoding the Octet String */ - protected byte[] - getNameConstraints( - final X509Certificate cert - ) throws WSSecurityException { + protected byte[] getNameConstraints(final X509Certificate cert) throws WSSecurityException { byte[] bytes = cert.getExtensionValue(NAME_CONSTRAINTS_OID); if (bytes == null || bytes.length <= 0) { return null; diff --git a/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java b/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java index ddb2a8d..00ccc77 100644 --- a/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java +++ b/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java @@ -1222,15 +1222,12 @@ public class Merlin extends CryptoBase { // object fails (e.g. if the DN contains "E" instead of "EMAILADDRESS"), then fall // back on a direct conversion to a BC X509Name // - Object subject; try { X500Principal subjectRDN = new X500Principal(subjectDN); - subject = createBCX509Name(subjectRDN.getName()); + return createBCX509Name(subjectRDN.getName()); } catch (java.lang.IllegalArgumentException ex) { - subject = createBCX509Name(subjectDN); + return createBCX509Name(subjectDN); } - - return subject; } /** diff --git a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java index 1863b75..3e61c40 100644 --- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java +++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java @@ -280,7 +280,6 @@ public class Encryptor { // Serialize and encrypt the element AbstractSerializer serializer = new TransformSerializer(); serializer.setCanonicalizer(Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_PHYSICAL)); - serializer.setSecureValidation(true); byte[] serializedOctets = null; if (type.equals(EncryptionConstants.TYPE_CONTENT)) {