diff --git a/0002-bcmail-api-change.patch b/0002-bcmail-api-change.patch new file mode 100644 index 0000000..381b2e5 --- /dev/null +++ b/0002-bcmail-api-change.patch @@ -0,0 +1,129 @@ +diff -up ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/EnvelopedInputImpl.java.ade1 ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/EnvelopedInputImpl.java +--- ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/EnvelopedInputImpl.java.ade1 2014-06-26 16:24:28.166315424 +0800 ++++ ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/EnvelopedInputImpl.java 2014-06-26 17:32:29.632936971 +0800 +@@ -3,6 +3,7 @@ package org.jboss.resteasy.security.smim + import org.bouncycastle.cms.RecipientInformation; + import org.bouncycastle.cms.RecipientInformationStore; + import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId; ++import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient; + import org.bouncycastle.mail.smime.SMIMEEnveloped; + import org.bouncycastle.mail.smime.SMIMEUtil; + import org.jboss.resteasy.core.Headers; +@@ -159,7 +160,8 @@ public class EnvelopedInputImpl implemen + RecipientInformationStore recipients = m.getRecipientInfos(); + RecipientInformation recipient = recipients.get(recId); + +- decrypted = SMIMEUtil.toMimeBodyPart(recipient.getContent(pKey, "BC")); ++ decrypted = SMIMEUtil.toMimeBodyPart(recipient.getContent( ++ new JceKeyTransEnvelopedRecipient(pKey).setProvider("BC"))); + } + catch (Exception e1) + { +diff -up ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/MultipartSignedInputImpl.java.ade1 ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/MultipartSignedInputImpl.java +--- ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/MultipartSignedInputImpl.java.ade1 2014-06-26 17:07:37.679401083 +0800 ++++ ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/MultipartSignedInputImpl.java 2014-06-26 17:11:10.734149755 +0800 +@@ -2,6 +2,7 @@ package org.jboss.resteasy.security.smim + + import org.bouncycastle.cms.SignerInformation; + import org.bouncycastle.cms.SignerInformationStore; ++import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder; + import org.bouncycastle.mail.smime.SMIMESigned; + import org.jboss.resteasy.util.GenericType; + +@@ -157,7 +158,8 @@ public class MultipartSignedInputImpl im + + SignerInformationStore signers = signed.getSignerInfos(); + SignerInformation signer = (SignerInformation) signers.getSigners().iterator().next(); +- return signer.verify(publicKey, "BC"); ++ return signer.verify(new JcaSimpleSignerInfoVerifierBuilder() ++ .setProvider("BC").build(publicKey)); + + } + +diff -up ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureInput.java.ade1 ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureInput.java +--- ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureInput.java.ade1 2014-06-26 16:36:24.564853001 +0800 ++++ ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureInput.java 2014-06-26 18:52:43.301108577 +0800 +@@ -3,6 +3,7 @@ package org.jboss.resteasy.security.smim + import org.bouncycastle.cms.CMSException; + import org.bouncycastle.cms.CMSSignedData; + import org.bouncycastle.cms.SignerInformation; ++import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder; + import org.jboss.resteasy.specimpl.MultivaluedMapImpl; + import org.jboss.resteasy.util.Base64; + import org.jboss.resteasy.util.GenericType; +@@ -206,7 +207,8 @@ public class PKCS7SignatureInput + for (Object info : data.getSignerInfos().getSigners()) + { + SignerInformation signer = (SignerInformation)info; +- if (signer.verify(certificate, "BC")) ++ if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder() ++ .setProvider("BC").build(certificate))) + { + return true; + } +@@ -218,7 +220,8 @@ public class PKCS7SignatureInput + for (Object info : data.getSignerInfos().getSigners()) + { + SignerInformation signer = (SignerInformation)info; +- if (signer.verify(publicKey, "BC")) ++ if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder() ++ .setProvider("BC").build(publicKey))) + { + return true; + } +diff -up ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureWriter.java.ade1 ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureWriter.java +--- ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureWriter.java.ade1 2014-06-24 23:38:42.464516920 +0800 ++++ ./jaxrs/security/resteasy-crypto/src/main/java/org/jboss/resteasy/security/smime/PKCS7SignatureWriter.java 2014-06-26 18:05:06.601349666 +0800 +@@ -4,7 +4,13 @@ import org.bouncycastle.cms.CMSException + import org.bouncycastle.cms.CMSProcessable; + import org.bouncycastle.cms.CMSProcessableByteArray; + import org.bouncycastle.cms.CMSSignedData; ++import org.bouncycastle.cms.CMSTypedData; + import org.bouncycastle.cms.CMSSignedDataGenerator; ++import org.bouncycastle.operator.ContentSigner; ++import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; ++import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder; ++import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; ++import org.bouncycastle.operator.OperatorCreationException; + import org.jboss.resteasy.security.BouncyIntegration; + import org.jboss.resteasy.specimpl.MultivaluedMapImpl; + import org.jboss.resteasy.spi.WriterException; +@@ -25,6 +31,7 @@ import java.lang.reflect.Type; + import java.security.NoSuchAlgorithmException; + import java.security.NoSuchProviderException; + import java.security.cert.X509Certificate; ++import java.security.cert.CertificateEncodingException; + + /** + * @author Bill Burke +@@ -70,7 +77,7 @@ public class PKCS7SignatureWriter implem + } + } + +- public static byte[] sign(Providers providers, SignedOutput out) throws IOException, NoSuchAlgorithmException, NoSuchProviderException, CMSException ++ public static byte[] sign(Providers providers, SignedOutput out) throws IOException, NoSuchAlgorithmException, NoSuchProviderException, CMSException, OperatorCreationException, CertificateEncodingException + { + ByteArrayOutputStream bodyOs = new ByteArrayOutputStream(); + MessageBodyWriter writer = providers.getMessageBodyWriter(out.getType(), out.getGenericType(), null, out.getMediaType()); +@@ -82,11 +89,18 @@ public class PKCS7SignatureWriter implem + bodyHeaders.add("Content-Type", out.getMediaType().toString()); + writer.writeTo(out.getEntity(), out.getType(), out.getGenericType(), null, out.getMediaType(), bodyHeaders, bodyOs); + CMSSignedDataGenerator signGen = new CMSSignedDataGenerator(); +- signGen.addSigner(out.getPrivateKey(), (X509Certificate)out.getCertificate(), CMSSignedDataGenerator.DIGEST_SHA1); ++ ++ ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(out.getPrivateKey()); ++ signGen.addSignerInfoGenerator( ++ new JcaSignerInfoGeneratorBuilder( ++ new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()) ++ .build(sha1Signer, (X509Certificate)out.getCertificate())); ++ ++ //signGen.addSigner(out.getPrivateKey(), (X509Certificate)out.getCertificate(), CMSSignedDataGenerator.DIGEST_SHA1); + //signGen.addCertificatesAndCRLs(certs); +- CMSProcessable content = new CMSProcessableByteArray(bodyOs.toByteArray()); ++ CMSTypedData content = new CMSProcessableByteArray(bodyOs.toByteArray()); + +- CMSSignedData signedData = signGen.generate(content, true, "BC"); ++ CMSSignedData signedData = signGen.generate(content, true); + return signedData.getEncoded(); + } + } diff --git a/resteasy.spec b/resteasy.spec index 2253fce..5074af8 100644 --- a/resteasy.spec +++ b/resteasy.spec @@ -3,7 +3,7 @@ Name: resteasy Version: 3.0.6 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Framework for RESTful Web services and Java applications License: ASL 2.0 and CDDL URL: http://www.jboss.org/resteasy @@ -11,6 +11,7 @@ Source0: https://github.com/resteasy/Resteasy/archive/%{namedversion}.tar.gz # Support for mime4j 0.7.2 Patch0: 0001-Mime4j-0.7.2-support.patch +Patch1: 0002-bcmail-api-change.patch BuildArch: noarch @@ -24,7 +25,7 @@ BuildRequires: apache-james-project BuildRequires: bea-stax BuildRequires: bean-validation-api -BuildRequires: bouncycastle +#BuildRequires: bouncycastle BuildRequires: bouncycastle-mail BuildRequires: cglib BuildRequires: classmate @@ -54,7 +55,7 @@ BuildRequires: jboss-servlet-3.0-api BuildRequires: jcip-annotations BuildRequires: jettison BuildRequires: jetty-server -BuildRequires: junit4 +BuildRequires: junit BuildRequires: jsonp BuildRequires: netty BuildRequires: scannotation @@ -80,7 +81,7 @@ BuildRequires: maven-site-plugin BuildRequires: maven-source-plugin BuildRequires: maven-surefire-plugin BuildRequires: maven-surefire-report-plugin -BuildRequires: maven-surefire-provider-junit4 +BuildRequires: maven-surefire-provider-junit BuildRequires: jboss-annotations-1.1-api BuildRequires: undertow @@ -150,6 +151,7 @@ native2ascii -encoding UTF8 ${f} ${f} done %patch0 -p1 +%patch1 -p0 %build %mvn_build -f @@ -176,6 +178,11 @@ done %doc jaxrs/License.html %changelog +* Tue Jun 24 2014 Ade Lee - 3.0.6-5 +- Replace broken dependencies junit4-> junit +- Add patch to handle new bouncycastle API in version 1.50 +- Fix bogus dates in changelog + * Sun Jun 08 2014 Fedora Release Engineering - 3.0.6-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild @@ -235,8 +242,8 @@ done * Mon Apr 23 2012 Juan Hernandez 2.3.2-3 - Added async HTTP Servlet 3.0 module -* Mon Apr 12 2012 Juan Hernandez 2.3.2-2 +* Thu Apr 12 2012 Juan Hernandez 2.3.2-2 - Build CDI integration module (bug #812978) -* Thu Mar 6 2012 Ade Lee 2.3.2-1 +* Tue Mar 6 2012 Ade Lee 2.3.2-1 - Initial packaging