cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wid...@apache.org
Subject [07/50] [abbrv] git commit: updated refs/heads/reporter to 28300b5
Date Wed, 08 Jul 2015 19:19:42 GMT
saml2: Use UTF-8 based charset for encoding bytes to strings

This fixes the fingbug issue DM_DEFAULT_ENCODING found in SAMLUtils

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/02c3d14f
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/02c3d14f
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/02c3d14f

Branch: refs/heads/reporter
Commit: 02c3d14f6ebef56c21a56297c82eda4deb0c7855
Parents: 3ff92e8
Author: Rohit Yadav <rohit.yadav@shapeblue.com>
Authored: Mon Jun 29 17:46:35 2015 +0200
Committer: Rohit Yadav <rohit.yadav@shapeblue.com>
Committed: Mon Jun 29 17:46:35 2015 +0200

----------------------------------------------------------------------
 .../saml2/src/org/apache/cloudstack/saml/SAMLUtils.java     | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/02c3d14f/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
index 0216ad7..77714a1 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
@@ -73,6 +73,7 @@ import java.io.StringWriter;
 import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
 import java.net.URLEncoder;
+import java.nio.charset.Charset;
 import java.security.InvalidKeyException;
 import java.security.KeyFactory;
 import java.security.KeyPair;
@@ -214,7 +215,7 @@ public class SAMLUtils {
         Deflater deflater = new Deflater(Deflater.DEFLATED, true);
         ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
         DeflaterOutputStream deflaterOutputStream = new DeflaterOutputStream(byteArrayOutputStream,
deflater);
-        deflaterOutputStream.write(requestMessage.getBytes());
+        deflaterOutputStream.write(requestMessage.getBytes(Charset.forName("UTF-8")));
         deflaterOutputStream.close();
         String encodedRequestMessage = Base64.encodeBytes(byteArrayOutputStream.toByteArray(),
Base64.DONT_BREAK_LINES);
         encodedRequestMessage = URLEncoder.encode(encodedRequestMessage, HttpUtils.UTF_8).trim();
@@ -258,7 +259,7 @@ public class SAMLUtils {
         String url = urlEncodedString + "&SigAlg=" + URLEncoder.encode(opensamlAlgoIdSignature,
HttpUtils.UTF_8);
         Signature signature = Signature.getInstance(javaSignatureAlgorithmName);
         signature.initSign(signingKey);
-        signature.update(url.getBytes());
+        signature.update(url.getBytes(Charset.forName("UTF-8")));
         String signatureString = Base64.encodeBytes(signature.sign(), Base64.DONT_BREAK_LINES);
         if (signatureString != null) {
             return url + "&Signature=" + URLEncoder.encode(signatureString, HttpUtils.UTF_8);
@@ -282,7 +283,7 @@ public class SAMLUtils {
             KeyFactory keyFactory = SAMLUtils.getKeyFactory();
             if (keyFactory == null) return null;
             X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
-            return new String(org.bouncycastle.util.encoders.Base64.encode(spec.getEncoded()));
+            return new String(org.bouncycastle.util.encoders.Base64.encode(spec.getEncoded()),
Charset.forName("UTF-8"));
         } catch (InvalidKeySpecException e) {
             s_logger.error("Unable to create KeyFactory:" + e.getMessage());
         }
@@ -295,7 +296,7 @@ public class SAMLUtils {
             if (keyFactory == null) return null;
             PKCS8EncodedKeySpec spec = keyFactory.getKeySpec(key,
                     PKCS8EncodedKeySpec.class);
-            return new String(org.bouncycastle.util.encoders.Base64.encode(spec.getEncoded()));
+            return new String(org.bouncycastle.util.encoders.Base64.encode(spec.getEncoded()),
Charset.forName("UTF-8"));
         } catch (InvalidKeySpecException e) {
             s_logger.error("Unable to create KeyFactory:" + e.getMessage());
         }


Mime
View raw message