From d86cfb33cdfa09ae57a32303a3be722404e73739 Mon Sep 17 00:00:00 2001 From: Christopher Broderick Date: Sun, 17 Mar 2024 17:07:46 +0000 Subject: [PATCH] Support ECDSA encryption (#363) * Update release documentation for new version. * Translate Elliptic Curve identifier extracted from certificate to be compatible with BouncyCastle library. * Fix tabs --- RELEASE-NOTES.md | 12 ++++++------ Remote/pom.xml | 2 +- Server/pom.xml | 2 +- .../java/org/openas2/lib/helper/BCCryptoHelper.java | 4 ++++ changes.txt | 6 ++++++ pom.xml | 12 ++++++------ 6 files changed, 24 insertions(+), 14 deletions(-) diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md index 34664f3e..d0fad0fd 100644 --- a/RELEASE-NOTES.md +++ b/RELEASE-NOTES.md @@ -1,19 +1,19 @@ # OpenAS2 Server -# Version 3.9.1 +# Version 3.10.0 # RELEASE NOTES ----- -The OpenAS2 project is pleased to announce the release of OpenAS2 3.9.1 +The OpenAS2 project is pleased to announce the release of OpenAS2 3.10.0 -The release download file is: OpenAS2Server-3.9.1.zip +The release download file is: OpenAS2Server-3.10.0.zip The zip file contains a PDF document (OpenAS2HowTo.pdf) providing information on installing and using the application. ## NOTE: Testing covers Java 8 to 17. The application should work for older versions down to Java 7 but they are not tested as part of the CI/CD pipeline. -Version 3.9.1 - 2024-02-06 -This is a minor bugfix release: +Version 3.10.0 - 2024-03-17 +This is an enhancement release: **IMPORTANT NOTE**: Please review upgrade notes below if you are upgrading - 1. Fix persistence to errordir after all resend attempts fail. + 1. Support Elliptic Curve algorithm. ##Upgrade Notes See the openAS2HowTo appendix for the general process on upgrading OpenAS2. diff --git a/Remote/pom.xml b/Remote/pom.xml index dd42d664..034abe1f 100644 --- a/Remote/pom.xml +++ b/Remote/pom.xml @@ -4,7 +4,7 @@ net.sf.openas2 OpenAS2 - 3.9.1 + 3.10.0 4.0.0 diff --git a/Server/pom.xml b/Server/pom.xml index 110d7086..6fe25dd0 100644 --- a/Server/pom.xml +++ b/Server/pom.xml @@ -7,7 +7,7 @@ net.sf.openas2 OpenAS2 - 3.9.1 + 3.10.0 ../pom.xml diff --git a/Server/src/main/java/org/openas2/lib/helper/BCCryptoHelper.java b/Server/src/main/java/org/openas2/lib/helper/BCCryptoHelper.java index 51d835da..e53eca77 100644 --- a/Server/src/main/java/org/openas2/lib/helper/BCCryptoHelper.java +++ b/Server/src/main/java/org/openas2/lib/helper/BCCryptoHelper.java @@ -290,6 +290,10 @@ public MimeBodyPart sign(MimeBodyPart part, Certificate cert, Key key, String di X509Certificate x509Cert = castCertificate(cert); PrivateKey privKey = castKey(key); String encryptAlg = cert.getPublicKey().getAlgorithm(); + if (encryptAlg.equalsIgnoreCase("EC")) { + // Adjust algorithm name to support Elliptic Curve in Bouncy Castle + encryptAlg = "ECDSA"; + } SMIMESignedGenerator sGen = new SMIMESignedGenerator(adjustDigestToOldName ? SMIMESignedGenerator.RFC3851_MICALGS : SMIMESignedGenerator.RFC5751_MICALGS); sGen.setContentTransferEncoding(getEncoding(contentTxfrEncoding)); diff --git a/changes.txt b/changes.txt index 22989d43..2d99d079 100644 --- a/changes.txt +++ b/changes.txt @@ -1,3 +1,9 @@ +Version 3.10.0 - 2024-03-17 +This is an enhancement release: + **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading + + 1. Support Elliptic Curve algorithm. + Version 3.9.1 - 2024-02-06 This is a minor bugfix release: **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading diff --git a/pom.xml b/pom.xml index b7ecdb18..3b649f32 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 net.sf.openas2 OpenAS2 - 3.9.1 + 3.10.0 OpenAS2 pom @@ -171,13 +171,13 @@ com.fasterxml.jackson.core jackson-databind - 2.16.1 + 2.17.0 jar com.fasterxml.jackson.module jackson-module-jaxb-annotations - 2.16.1 + 2.17.0 org.glassfish.jersey.media @@ -199,17 +199,17 @@ com.sun.xml.bind jaxb-core - 4.0.4 + 4.0.5 com.sun.xml.bind jaxb-impl - 4.0.4 + 4.0.5 io.sentry sentry - 7.3.0 + 7.6.0