qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kw...@apache.org
Subject svn commit: r1767490 - in /qpid/java/branches/6.0.x: ./ broker-core/src/main/java/org/apache/qpid/server/model/ broker-core/src/main/java/org/apache/qpid/server/security/ broker-core/src/main/java/org/apache/qpid/server/security/auth/database/ broker-c...
Date Tue, 01 Nov 2016 12:54:52 GMT
Author: kwall
Date: Tue Nov  1 12:54:52 2016
New Revision: 1767490

URL: http://svn.apache.org/viewvc?rev=1767490&view=rev
Log:
QPID-7470 : Wrap use of DatatypeConverter.parseBase64Binary to validate that only valid characters
exist within the string

Merged from branch 6.1.x with command:

svn merge -c 1767487 ^/qpid/java/branches/6.1.x

Modified:
    qpid/java/branches/6.0.x/   (props changed)
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/model/AttributeValueConverter.java
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/AutoGeneratedSelfSignedKeyStoreImpl.java
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java
    qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/util/urlstreamhandler/data/Handler.java
    qpid/java/branches/6.0.x/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java
    qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java
    qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
    qpid/java/branches/6.0.x/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java
    qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java
    qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/util/Strings.java
    qpid/java/branches/6.0.x/tools/src/main/java/org/apache/qpid/tools/RestStressTestClient.java

Propchange: qpid/java/branches/6.0.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Nov  1 12:54:52 2016
@@ -9,5 +9,6 @@
 /qpid/branches/java-broker-vhost-refactor/java:1493674-1494547
 /qpid/branches/java-network-refactor/qpid/java:805429-821809
 /qpid/branches/qpid-2935/qpid/java:1061302-1072333
-/qpid/java/trunk:1715445-1715447,1715586,1715940,1716086-1716087,1716127-1716128,1716141,1716153,1716155,1716194,1716204,1716209,1716227,1716277,1716357,1716368,1716370,1716374,1716432,1716444-1716445,1716455,1716461,1716474,1716489,1716497,1716515,1716555,1716602,1716606-1716610,1716619,1716636,1717269,1717299,1717401,1717446,1717449,1717626,1717691,1717735,1717780,1718744,1718889,1718893,1718918,1718922,1719026,1719028,1719033,1719037,1719047,1719051,1720340,1720664,1721151,1721198,1722019-1722020,1722246,1722339,1722416,1722674,1722678,1722683,1722711,1723064,1723194,1723563,1724216,1724251,1724257,1724292,1724375,1724397,1724432,1724582,1724603,1724780,1724843-1724844,1725295,1725569,1725760,1726176,1726244-1726246,1726249,1726358,1726436,1726449,1726456,1726646,1726653,1726755,1726778,1727532,1727555,1727608,1727951,1727954,1728089,1728167,1728302,1728497,1728501,1728524,1728639,1728651,1728772,1729215,1729297,1729347,1729356,1729406,1729408,1729412,1729515,1729638,1729656-1729
 657,1729783,1729828,1729832,1729841,1729851,1729886,1729904,1729973,1730019,1730025,1730052,1730072,1730088,1730494,1730499,1730547,1730559,1730567,1730578,1730585,1730651,1730697,1730712-1730713,1730805,1731029,1731110,1731210,1731225,1731444,1731551,1731612,1732184,1732452,1732461,1732465,1732525,1732812,1733467,1734452,1736478,1736751,1736838,1737804,1737835,1737853,1737984,1737992,1738119,1738135,1738231,1738271,1738607,1738610,1738731,1738914,1741702,1742257,1742284,1742339,1742544,1742900,1742926,1743161,1743228,1743383,1743982,1744012-1744013,1744046,1744123,1744157,1744276,1744403,1745424,1745450,1746140,1746273,1747526,1748254,1748723,1748818,1749349,1749399,1749482,1749524,1750359-1750360,1750943,1751433,1754251,1754354,1754392,1754429,1754510,1754550,1755561,1755957,1758628,1758640,1758766,1758964,1758980,1759774,1759783,1760032,1760337,1760522,1760546,1763653,1763966,1763988,1765350,1765609,1765828,1766032,1766796
+/qpid/java/branches/6.1.x:1767487
+/qpid/java/trunk:1715445-1715447,1715586,1715940,1716086-1716087,1716127-1716128,1716141,1716153,1716155,1716194,1716204,1716209,1716227,1716277,1716357,1716368,1716370,1716374,1716432,1716444-1716445,1716455,1716461,1716474,1716489,1716497,1716515,1716555,1716602,1716606-1716610,1716619,1716636,1717269,1717299,1717401,1717446,1717449,1717626,1717691,1717735,1717780,1718744,1718889,1718893,1718918,1718922,1719026,1719028,1719033,1719037,1719047,1719051,1720340,1720664,1721151,1721198,1722019-1722020,1722246,1722339,1722416,1722674,1722678,1722683,1722711,1723064,1723194,1723563,1724216,1724251,1724257,1724292,1724375,1724397,1724432,1724582,1724603,1724780,1724843-1724844,1725295,1725569,1725760,1726176,1726244-1726246,1726249,1726358,1726436,1726449,1726456,1726646,1726653,1726755,1726778,1727532,1727555,1727608,1727951,1727954,1728089,1728167,1728302,1728497,1728501,1728524,1728639,1728651,1728772,1729215,1729297,1729347,1729356,1729406,1729408,1729412,1729515,1729638,1729656-1729
 657,1729783,1729828,1729832,1729841,1729851,1729886,1729904,1729973,1730019,1730025,1730052,1730072,1730088,1730494,1730499,1730547,1730559,1730567,1730578,1730585,1730651,1730697,1730712-1730713,1730805,1731029,1731110,1731210,1731225,1731444,1731551,1731612,1732184,1732452,1732461,1732465,1732525,1732812,1733467,1734452,1736478,1736751,1736838,1737804,1737835,1737853,1737984,1737992,1738119,1738135,1738231,1738271,1738607,1738610,1738731,1738914,1741702,1742257,1742284,1742339,1742544,1742900,1742926,1743161,1743228,1743383,1743982,1744012-1744013,1744046,1744123,1744157,1744276,1744403,1745424,1745450,1746140,1746273,1747526,1748254,1748723,1748818,1749349,1749399,1749482,1749524,1750359-1750360,1750943,1751433,1754251,1754354,1754392,1754429,1754510,1754550,1755561,1755957,1758628,1758640,1758766,1758964,1758980,1759774,1759783,1760032,1760337,1760522,1760546,1763653,1763966,1763988,1765350,1765609,1765828,1766032,1766547,1766553,1766796
 /qpid/trunk/qpid:796646-796653

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/model/AttributeValueConverter.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/model/AttributeValueConverter.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/model/AttributeValueConverter.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/model/AttributeValueConverter.java
Tue Nov  1 12:54:52 2016
@@ -49,6 +49,7 @@ import javax.xml.bind.DatatypeConverter;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import org.apache.qpid.server.util.ServerScopedRuntimeException;
+import org.apache.qpid.util.Strings;
 
 abstract class AttributeValueConverter<T>
 {
@@ -145,20 +146,8 @@ abstract class AttributeValueConverter<T
             {
                 String interpolated = AbstractConfiguredObject.interpolate(object,
                                                                           (String) value);
-                try
-                {
-                    interpolated = interpolated.replaceAll("\\s","");
-                    if(!interpolated.matches("[A-Za-z0-9+/]*[=]*"))
-                    {
-                        throw new IllegalArgumentException("Cannot convert string '"+ interpolated+
"'to a byte[] - it does not appear to be base64 data");
-                    }
-
-                    return DatatypeConverter.parseBase64Binary(interpolated);
-                }
-                catch(ArrayIndexOutOfBoundsException e)
-                {
-                    throw new IllegalArgumentException("Cannot convert string '"+ interpolated+
"'to a byte[] - it does not appear to be base64 data");
-                }
+                return Strings.decodeBase64(interpolated);
+
             }
             else
             {

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/AutoGeneratedSelfSignedKeyStoreImpl.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/AutoGeneratedSelfSignedKeyStoreImpl.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/AutoGeneratedSelfSignedKeyStoreImpl.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/AutoGeneratedSelfSignedKeyStoreImpl.java
Tue Nov  1 12:54:52 2016
@@ -77,6 +77,7 @@ import org.apache.qpid.server.model.Rest
 import org.apache.qpid.server.model.State;
 import org.apache.qpid.server.model.StateTransition;
 import org.apache.qpid.transport.network.security.ssl.SSLUtil;
+import org.apache.qpid.util.Strings;
 
 public class AutoGeneratedSelfSignedKeyStoreImpl
         extends AbstractConfiguredObject<AutoGeneratedSelfSignedKeyStoreImpl>
@@ -198,8 +199,8 @@ public class AutoGeneratedSelfSignedKeyS
 
     private void loadPrivateKeyAndCertificate()
     {
-        byte[] privateKeyEncoded = DatatypeConverter.parseBase64Binary((String) getActualAttributes().get(ENCODED_PRIVATE_KEY));
-        byte[] certificateEncoded = DatatypeConverter.parseBase64Binary((String) getActualAttributes().get(
+        byte[] privateKeyEncoded = Strings.decodeBase64((String) getActualAttributes().get(ENCODED_PRIVATE_KEY));
+        byte[] certificateEncoded = Strings.decodeBase64((String) getActualAttributes().get(
                 ENCODED_CERTIFICATE));
 
 

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java
Tue Nov  1 12:54:52 2016
@@ -67,6 +67,7 @@ import org.apache.qpid.server.model.Virt
 import org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManager;
 import org.apache.qpid.transport.network.security.ssl.SSLUtil;
 import org.apache.qpid.transport.util.Functions;
+import org.apache.qpid.util.Strings;
 
 @ManagedObject( category = false )
 public class SiteSpecificTrustStoreImpl
@@ -250,7 +251,7 @@ public class SiteSpecificTrustStoreImpl
 
     private void decodeCertificate()
     {
-        byte[] certificateEncoded = DatatypeConverter.parseBase64Binary((String) getActualAttributes().get(CERTIFICATE));
+        byte[] certificateEncoded = Strings.decodeBase64((String) getActualAttributes().get(CERTIFICATE));
 
 
         try(ByteArrayInputStream input = new ByteArrayInputStream(certificateEncoded))

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/database/HashedUser.java
Tue Nov  1 12:54:52 2016
@@ -25,10 +25,10 @@ import java.nio.charset.StandardCharsets
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 
-
 import javax.xml.bind.DatatypeConverter;
 
 import org.apache.qpid.server.util.ServerScopedRuntimeException;
+import org.apache.qpid.util.Strings;
 
 
 public class HashedUser implements PasswordPrincipal
@@ -59,7 +59,7 @@ public class HashedUser implements Passw
         }
 
         _encodedPassword = encoded_password;
-        byte[] decoded = DatatypeConverter.parseBase64Binary(data[1]);
+        byte[] decoded = Strings.decodeBase64(data[1]);
         _password = new char[decoded.length];
 
         int index = 0;

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
Tue Nov  1 12:54:52 2016
@@ -50,6 +50,7 @@ import org.apache.qpid.server.security.a
 import org.apache.qpid.server.security.auth.sasl.plain.PlainAdapterSaslServer;
 import org.apache.qpid.server.security.auth.sasl.scram.ScramSaslServer;
 import org.apache.qpid.server.security.auth.sasl.scram.ScramSaslServerSource;
+import org.apache.qpid.util.Strings;
 
 public abstract class AbstractScramAuthenticationManager<X extends AbstractScramAuthenticationManager<X>>
         extends ConfigModelPasswordManagingAuthenticationProvider<X>
@@ -159,7 +160,7 @@ public abstract class AbstractScramAuthe
         final String[] passwordFields = user.getPassword().split(",");
         if (passwordFields.length == 2)
         {
-            byte[] saltedPassword = DatatypeConverter.parseBase64Binary(passwordFields[PasswordField.SALTED_PASSWORD.ordinal()]);
+            byte[] saltedPassword = Strings.decodeBase64(passwordFields[PasswordField.SALTED_PASSWORD.ordinal()]);
 
             try
             {
@@ -320,9 +321,9 @@ public abstract class AbstractScramAuthe
         {
             updateStoredPasswordFormatIfNecessary(user);
             final String[] passwordFields = user.getPassword().split(",");
-            salt = DatatypeConverter.parseBase64Binary(passwordFields[PasswordField.SALT.ordinal()]);
-            storedKey = DatatypeConverter.parseBase64Binary(passwordFields[PasswordField.STORED_KEY.ordinal()]);
-            serverKey = DatatypeConverter.parseBase64Binary(passwordFields[PasswordField.SERVER_KEY.ordinal()]);
+            salt = Strings.decodeBase64(passwordFields[PasswordField.SALT.ordinal()]);
+            storedKey = Strings.decodeBase64(passwordFields[PasswordField.STORED_KEY.ordinal()]);
+            serverKey = Strings.decodeBase64(passwordFields[PasswordField.SERVER_KEY.ordinal()]);
             iterationCount = Integer.parseInt(passwordFields[PasswordField.ITERATION_COUNT.ordinal()]);
             exception = null;
         }

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/MD5AuthenticationProvider.java
Tue Nov  1 12:54:52 2016
@@ -52,6 +52,7 @@ import org.apache.qpid.server.security.a
 import org.apache.qpid.server.security.auth.sasl.plain.PlainAdapterSaslServer;
 import org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer;
 import org.apache.qpid.server.util.ServerScopedRuntimeException;
+import org.apache.qpid.util.Strings;
 
 @ManagedObject( category = false, type = "MD5" )
 public class MD5AuthenticationProvider
@@ -179,7 +180,7 @@ public class MD5AuthenticationProvider
                         if(user != null)
                         {
                             String passwordData = user.getPassword();
-                            byte[] passwordBytes = DatatypeConverter.parseBase64Binary(passwordData);
+                            byte[] passwordBytes = Strings.decodeBase64(passwordData);
                             char[] password;
                             if(_hexify)
                             {

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/auth/sasl/scram/ScramSaslServer.java
Tue Nov  1 12:54:52 2016
@@ -34,6 +34,8 @@ import javax.security.sasl.SaslException
 import javax.security.sasl.SaslServer;
 import javax.xml.bind.DatatypeConverter;
 
+import org.apache.qpid.util.Strings;
+
 public class ScramSaslServer implements SaslServer
 {
     public final String _mechanism;
@@ -163,7 +165,7 @@ public class ScramSaslServer implements
             {
                 throw new SaslException("Cannot parse client final message");
             }
-            if(!Arrays.equals(_gs2Header,DatatypeConverter.parseBase64Binary(parts[0].substring(2))))
+            if(!Arrays.equals(_gs2Header, Strings.decodeBase64(parts[0].substring(2))))
             {
                 throw new SaslException("Client final message channel bind data invalid");
             }
@@ -181,7 +183,7 @@ public class ScramSaslServer implements
             }
 
             String clientFinalMessageWithoutProof = clientFinalMessage.substring(0,clientFinalMessage.length()-(1+parts[parts.length-1].length()));
-            byte[] proofBytes = DatatypeConverter.parseBase64Binary(parts[parts.length-1].substring(2));
+            byte[] proofBytes = Strings.decodeBase64(parts[parts.length-1].substring(2));
 
             String authMessage = _clientFirstMessageBare + "," + _serverFirstMessage + ","
+ clientFinalMessageWithoutProof;
 

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java
Tue Nov  1 12:54:52 2016
@@ -36,6 +36,8 @@ import javax.crypto.SecretKey;
 import javax.crypto.spec.IvParameterSpec;
 import javax.xml.bind.DatatypeConverter;
 
+import org.apache.qpid.util.Strings;
+
 class AESKeyFileEncrypter implements ConfigurationSecretEncrypter
 {
     private static final String CIPHER_NAME = "AES/CBC/PKCS5Padding";
@@ -87,7 +89,7 @@ class AESKeyFileEncrypter implements Con
         {
             throw new IllegalArgumentException("Encrypted value is not valid Base 64 data:
'" + encrypted + "'");
         }
-        byte[] encryptedBytes = DatatypeConverter.parseBase64Binary(encrypted);
+        byte[] encryptedBytes = Strings.decodeBase64(encrypted);
         try
         {
             Cipher cipher = Cipher.getInstance(CIPHER_NAME);

Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/util/urlstreamhandler/data/Handler.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/util/urlstreamhandler/data/Handler.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/util/urlstreamhandler/data/Handler.java
(original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/util/urlstreamhandler/data/Handler.java
Tue Nov  1 12:54:52 2016
@@ -31,7 +31,7 @@ import java.net.URLDecoder;
 import java.net.URLStreamHandler;
 import java.nio.charset.StandardCharsets;
 
-import javax.xml.bind.DatatypeConverter;
+import org.apache.qpid.util.Strings;
 
 public class Handler extends URLStreamHandler
 {
@@ -79,7 +79,7 @@ public class Handler extends URLStreamHa
                 _base64 = parts[0].endsWith(";base64");
                 if(_base64)
                 {
-                    _content = DatatypeConverter.parseBase64Binary(parts[1]);
+                    _content = Strings.decodeBase64(parts[1]);
                 }
                 else
                 {

Modified: qpid/java/branches/6.0.x/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java
(original)
+++ qpid/java/branches/6.0.x/broker-plugins/amqp-1-0-protocol/src/main/java/org/apache/qpid/amqp_1_0/transport/ConnectionEndpoint.java
Tue Nov  1 12:54:52 2016
@@ -80,6 +80,7 @@ import org.apache.qpid.bytebuffer.QpidBy
 import org.apache.qpid.server.security.SubjectCreator;
 import org.apache.qpid.server.security.auth.AuthenticationResult;
 import org.apache.qpid.server.security.auth.SubjectAuthenticationResult;
+import org.apache.qpid.util.Strings;
 
 
 public class ConnectionEndpoint implements DescribedTypeConstructorRegistry.Source, ValueWriter.Registry.Source,
@@ -1437,7 +1438,7 @@ public class ConnectionEndpoint implemen
             {
                 throw new SaslException("Server final message did not contain verifier");
             }
-            byte[] serverSignature = DatatypeConverter.parseBase64Binary(parts[0].substring(2));
+            byte[] serverSignature = Strings.decodeBase64(parts[0].substring(2));
             if (!Arrays.equals(_serverSignature, serverSignature))
             {
                 throw new SaslException("Server signature did not match");
@@ -1477,7 +1478,7 @@ public class ConnectionEndpoint implemen
                                             + "' cannot be parsed, cannot find salt");
                 }
                 String base64Salt = parts[1].substring(2);
-                _salt = DatatypeConverter.parseBase64Binary(base64Salt);
+                _salt = Strings.decodeBase64(base64Salt);
                 if (!parts[2].startsWith("i="))
                 {
                     throw new SaslException("Server challenge '"

Modified: qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java
(original)
+++ qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/BasicAuthPreemptiveAuthenticator.java
Tue Nov  1 12:54:52 2016
@@ -24,7 +24,6 @@ import java.nio.charset.StandardCharsets
 
 import javax.security.auth.Subject;
 import javax.servlet.http.HttpServletRequest;
-import javax.xml.bind.DatatypeConverter;
 
 import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
 import org.apache.qpid.server.management.plugin.HttpRequestPreemptiveAuthenticator;
@@ -34,6 +33,7 @@ import org.apache.qpid.server.security.S
 import org.apache.qpid.server.security.auth.AuthenticationResult;
 import org.apache.qpid.server.security.auth.SubjectAuthenticationResult;
 import org.apache.qpid.server.security.auth.manager.UsernamePasswordAuthenticationProvider;
+import org.apache.qpid.util.Strings;
 
 @PluggableService
 public class BasicAuthPreemptiveAuthenticator implements HttpRequestPreemptiveAuthenticator
@@ -67,7 +67,7 @@ public class BasicAuthPreemptiveAuthenti
                 if (isBasicAuthSupported)
                 {
                     String base64UsernameAndPassword = tokens[1];
-                    String[] credentials = (new String(DatatypeConverter.parseBase64Binary(base64UsernameAndPassword),
+                    String[] credentials = (new String(Strings.decodeBase64(base64UsernameAndPassword),
                                                        StandardCharsets.UTF_8)).split(":",
2);
                     if (credentials.length == 2)
                     {

Modified: qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
(original)
+++ qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java
Tue Nov  1 12:54:52 2016
@@ -47,6 +47,7 @@ import org.apache.qpid.server.model.Brok
 import org.apache.qpid.server.security.SubjectCreator;
 import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
 import org.apache.qpid.server.util.ConnectionScopedRuntimeException;
+import org.apache.qpid.util.Strings;
 
 public class SaslServlet extends AbstractServlet
 {
@@ -207,7 +208,7 @@ public class SaslServlet extends Abstrac
         {
             challenge  = saslServer.evaluateResponse(saslResponse == null
                                                              ? new byte[0]
-                                                             : DatatypeConverter.parseBase64Binary(saslResponse));
+                                                             : Strings.decodeBase64(saslResponse));
         }
         catch(SaslException e)
         {

Modified: qpid/java/branches/6.0.x/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java
(original)
+++ qpid/java/branches/6.0.x/client/src/main/java/org/apache/qpid/client/security/scram/AbstractScramSaslClient.java
Tue Nov  1 12:54:52 2016
@@ -40,6 +40,8 @@ import javax.security.sasl.SaslClient;
 import javax.security.sasl.SaslException;
 import javax.xml.bind.DatatypeConverter;
 
+import org.apache.qpid.util.Strings;
+
 public abstract class AbstractScramSaslClient implements SaslClient
 {
 
@@ -129,7 +131,7 @@ public abstract class AbstractScramSaslC
         {
             throw new SaslException("Server final message did not contain verifier");
         }
-        byte[] serverSignature = DatatypeConverter.parseBase64Binary(parts[0].substring(2));
+        byte[] serverSignature = Strings.decodeBase64(parts[0].substring(2));
         if(!Arrays.equals(_serverSignature, serverSignature))
         {
             throw new SaslException("Server signature did not match");
@@ -165,7 +167,7 @@ public abstract class AbstractScramSaslC
                 throw new SaslException("Server challenge '" + serverFirstMessage + "' cannot
be parsed, cannot find salt");
             }
             String base64Salt = parts[1].substring(2);
-            _salt = DatatypeConverter.parseBase64Binary(base64Salt);
+            _salt = Strings.decodeBase64(base64Salt);
             if(!parts[2].startsWith("i="))
             {
                 throw new SaslException("Server challenge '" + serverFirstMessage + "' cannot
be parsed, cannot find iteration count");

Modified: qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java
(original)
+++ qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java
Tue Nov  1 12:54:52 2016
@@ -60,12 +60,12 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSocket;
-import javax.xml.bind.DatatypeConverter;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import org.apache.qpid.transport.TransportException;
+import org.apache.qpid.util.Strings;
 
 public class SSLUtil
 {
@@ -367,7 +367,7 @@ public class SSLUtil
                     keyBuilder.append(line);
                 }
 
-                content = DatatypeConverter.parseBase64Binary(keyBuilder.toString());
+                content = Strings.decodeBase64(keyBuilder.toString());
             }
         }
         return readPrivateKey(content, "RSA");

Modified: qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/util/Strings.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/util/Strings.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/util/Strings.java (original)
+++ qpid/java/branches/6.0.x/common/src/main/java/org/apache/qpid/util/Strings.java Tue Nov
 1 12:54:52 2016
@@ -31,6 +31,8 @@ import java.util.Stack;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
+import javax.xml.bind.DatatypeConverter;
+
 
 /**
  * Strings
@@ -123,6 +125,17 @@ public final class Strings
         return resolver;
     }
 
+    public static byte[] decodeBase64(String base64String)
+    {
+        base64String = base64String.replaceAll("\\s","");
+        if(!base64String.matches("^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$"))
+        {
+            throw new IllegalArgumentException("Cannot convert string '"+ base64String+ "'to
a byte[] - it does not appear to be base64 data");
+        }
+
+        return DatatypeConverter.parseBase64Binary(base64String);
+    }
+
     public static interface Resolver
     {
         String resolve(String variable, final Resolver resolver);

Modified: qpid/java/branches/6.0.x/tools/src/main/java/org/apache/qpid/tools/RestStressTestClient.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/tools/src/main/java/org/apache/qpid/tools/RestStressTestClient.java?rev=1767490&r1=1767489&r2=1767490&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/tools/src/main/java/org/apache/qpid/tools/RestStressTestClient.java
(original)
+++ qpid/java/branches/6.0.x/tools/src/main/java/org/apache/qpid/tools/RestStressTestClient.java
Tue Nov  1 12:54:52 2016
@@ -20,10 +20,6 @@
  */
 package org.apache.qpid.tools;
 
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
-import javax.xml.bind.DatatypeConverter;
-
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@@ -41,10 +37,15 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.xml.bind.DatatypeConverter;
+
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import org.apache.qpid.tools.util.ArgumentsParser;
+import org.apache.qpid.util.Strings;
 
 public class RestStressTestClient
 {
@@ -463,7 +464,7 @@ public class RestStressTestClient
         {
             try
             {
-                byte[] challengeBytes = DatatypeConverter.parseBase64Binary(challenge);
+                byte[] challengeBytes = Strings.decodeBase64(challenge);
 
                 String macAlgorithm = "HmacMD5";
                 Mac mac = Mac.getInstance(macAlgorithm);



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message