This is an automated email from the ASF dual-hosted git repository.
ffang pushed a change to branch CXF-9008
in repository https://gitbox.apache.org/repos/asf/cxf.git
from 145b62e3d6b Extract FipsTestUtils and use RSA-OAEP-256 in FIPS test
properties
add 9f0a0be51f3 Ensure all tests passed on FIPS enabled machine(when
JavaUtils.isFIPSEnabled() returns true)
No new revisions were added by this update.
Summary of changes:
.../java/org/apache/cxf/helpers/JavaUtilsTest.java | 2 +
parent/pom.xml | 25 ++++-
.../jose/jwa/JwaDecryptRfcConformanceTest.java | 18 ++--
.../apache/cxf/rt/security/crypto/CryptoUtils.java | 21 +++++
.../policy/custom/DefaultAlgorithmSuiteLoader.java | 11 ++-
.../wss4j/WSS4JInOutWithAttachmentsTest.java | 2 +
.../systest/sts/asymmetric_encr/cxf-sts-fips.xml | 2 +-
.../sts/asymmetric_encr/stax-cxf-sts-fips.xml | 2 +-
.../sts/binarysecuritytoken/DoubleIt-fips.wsdl | 2 +-
.../sts/binarysecuritytoken/cxf-service-fips.xml | 4 +-
.../binarysecuritytoken/stax-cxf-service-fips.xml | 4 +-
.../cxf/systest/sts/caching/DoubleIt-fips.wsdl | 2 +-
.../sts/caching/cxf-caching-service-fips.xml | 4 +-
.../cxf/systest/sts/caching/cxf-service-fips.xml | 4 +-
.../cxf/systest/sts/secure_conv/DoubleIt-fips.wsdl | 10 +-
.../systest/sts/secure_conv/cxf-service-fips.xml | 4 +-
.../cxf/systest/sts/secure_conv/cxf-sts-fips.xml | 4 +-
.../systest/sts/secure_conv/stax-cxf-sts-fips.xml | 4 +-
.../sts/secure_conv/ws-trust-1.4-service-fips.wsdl | 4 +-
.../sts/sts_sender_vouches/DoubleIt-fips.wsdl | 2 +-
.../sts/sts_sender_vouches/cxf-sts-fips.xml | 2 +-
.../sts/sts_sender_vouches/stax-cxf-sts-fips.xml | 2 +-
.../ws-trust-1.4-service-fips.wsdl | 2 +-
.../cxf/systest/sts/asymmetric/DoubleIt-fips.wsdl | 4 +-
.../sts/delegation/ws-trust-1.4-service-fips.wsdl | 4 +-
.../systest/sts/deployment/cxf-transport-fips.xml | 2 +-
.../cxf/systest/sts/deployment/cxf-x509-fips.xml | 2 +-
.../sts/deployment/stax-cxf-transport-fips.xml | 2 +-
.../systest/sts/deployment/stax-cxf-x509-fips.xml | 2 +-
.../systest/sts/deployment/sts/cxf-sts-fips.xml | 2 +-
.../sts/deployment/ws-trust-1.4-service-fips.wsdl | 10 +-
.../cxf/systest/sts/issuer/cxf-client-fips.xml | 4 +-
.../sts/issuer/sts-transport-policy-fips.xml | 2 +-
.../sts/issuer/ws-trust-1.4-service-fips.wsdl | 2 +-
.../cxf/systest/sts/symmetric/DoubleIt-fips.wsdl | 10 +-
.../cxf/systest/sts/transport/DoubleIt-fips.wsdl | 4 +-
.../cxf/systest/sts/transport/cxf-service-fips.xml | 2 +-
.../sts/transport/cxf-stax-service-fips.xml | 2 +-
.../systest/sts/username_actas/DoubleIt-fips.wsdl | 2 +-
.../sts/username_onbehalfof/DoubleIt-fips.wsdl | 2 +-
.../apache/cxf/systest/sts/x509/DoubleIt-fips.wsdl | 8 +-
.../systest/sts/x509/DoubleItAsymmetric-fips.wsdl | 2 +-
.../sts/x509/cxf-asymmetric-service-fips.xml | 2 +-
.../cxf/systest/sts/x509/cxf-service-fips.xml | 2 +-
.../cxf/systest/sts/x509/cxf-stax-service-fips.xml | 2 +-
.../security/jose/jwejws/JAXRSJweJwsTest.java | 9 +-
.../security/jose/jwejws/JweJwsAlgorithmTest.java | 16 +---
.../security/jose/jwejws/JweJwsReferenceTest.java | 10 +-
.../jaxrs/security/jose/jwt/JWTAlgorithmTest.java | 8 +-
.../jaxrs/security/certs/jwkPrivateSet-fips.txt | 13 +--
.../jaxrs/security/certs/jwkPublicSet-fips.txt | 68 +++++++++++++-
.../jose/jwejws/algorithms-server-fips.xml | 4 +-
.../jose/jwejws/http-headers-server-fips.xml | 2 +-
.../security/jose/jwejws/reference-server-fips.xml | 6 +-
.../jaxrs/security/jose/jwejws/server-fips.xml | 8 +-
.../security/jose/jwejws/serverJweJson-fips.xml | 2 +-
.../security/jose/jwejws/serverJwsJson-fips.xml | 4 +-
.../security/jose/jwejws/serverMultipart-fips.xml | 2 +-
.../security/jose/jwt/algorithms-server-fips.xml | 2 +-
.../security/jose/jwt/authn-authz-server-fips.xml | 2 +-
.../oauth2/filters/filters-serverJwt-fips.xml | 4 +-
.../grants/grants-server-jcache-session-fips.xml | 2 +-
.../grants/grants-server-public-session-fips.xml | 2 +-
.../jaxrs/security/oauth2/tls/serverTls-fips.xml | 2 +-
.../jaxrs/security/oidc/oidc-keys-jcache-fips.xml | 2 +-
.../cxf/systest/jaxrs/security/xml/server-fips.xml | 2 +-
.../jaxrs/security/xml/stax-server-fips.xml | 2 +-
.../https/ciphersuites/CipherSuitesTest.java | 13 ++-
.../systest/https/conduit/HTTPSConduitTest.java | 6 +-
...v12.xml => ciphersuites-client-tlsv12-fips.xml} | 4 +-
.../https/conduit/resource-key-spec-url-fips.xml | 2 +-
.../wssec/examples/saml/DoubleItSaml-fips.wsdl | 18 ++--
.../systest/wssec/examples/saml/server-fips.xml | 2 +-
.../wssec/examples/saml/stax-server-fips.xml | 2 +-
.../examples/secconv/DoubleItSecConv-fips.wsdl | 4 +-
.../systest/wssec/examples/secconv/server-fips.xml | 2 +-
.../wssec/examples/secconv/stax-server-fips.xml | 2 +-
.../wssec/examples/sts/cxf-symmetric-fips.xml | 2 +-
.../examples/sts/ws-trust-1.4-service-fips.wsdl | 2 +-
.../systest/wssec/examples/ut/DoubleItUt-fips.wsdl | 8 +-
.../cxf/systest/wssec/examples/ut/server-fips.xml | 2 +-
.../systest/wssec/examples/ut/stax-server-fips.xml | 2 +-
.../wssec/examples/x509/DoubleItX509-fips.wsdl | 8 +-
.../systest/wssec/examples/x509/server-fips.xml | 2 +-
.../wssec/examples/x509/stax-server-fips.xml | 2 +-
.../fault/DoubleItPortTypeImplJavaFirstFips.java | 2 +-
.../cxf/systest/ws/ut/UsernameTokenPolicyTest.java | 4 +-
.../apache/cxf/systest/ws/wssc/WSSCUnitTest.java | 2 +-
.../cxf/systest/ws/x509/SHA512PolicyLoader.java | 102 ++++++++++-----------
.../ws/action/DoubleItActionPolicy-fips.wsdl | 4 +-
.../apache/cxf/systest/ws/action/client-fips.xml | 5 +-
.../apache/cxf/systest/ws/action/server-fips.xml | 3 +-
.../apache/cxf/systest/ws/algsuite/client-fips.xml | 2 +-
.../apache/cxf/systest/ws/algsuite/server-fips.xml | 2 +-
.../cxf/systest/ws/algsuite/stax-server-fips.xml | 2 +-
.../ws/basicauth/DoubleItBasicAuth-fips.wsdl | 2 +-
.../ws/basicauth/server-continuation-fips.xml | 2 +-
.../cxf/systest/ws/basicauth/server-fips.xml | 2 +-
.../cxf/systest/ws/bindings/clean-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/bindings/client-fips.xml | 2 +-
.../encrypt-before-signing-policy-fips.xml | 2 +-
.../ws/bindings/encrypt-sig-policy-fips.xml | 2 +-
.../ws/bindings/include-timestamp-policy-fips.xml | 2 +-
.../systest/ws/bindings/only-sign-policy-fips.xml | 2 +-
.../ws/bindings/protect-tokens-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/bindings/server-fips.xml | 2 +-
.../sig-conf-enc-before-signing-policy-fips.xml | 2 +-
.../systest/ws/bindings/sig-conf-policy-fips.xml | 2 +-
.../sign-before-encrypting-policy-fips.xml | 2 +-
.../cxf/systest/ws/bindings/stax-server-fips.xml | 2 +-
.../cxf/systest/ws/bindings/strict-policy-fips.xml | 2 +-
.../systest/ws/bindings/ts-first-policy-fips.xml | 2 +-
.../systest/ws/bindings/ts-last-policy-fips.xml | 2 +-
.../cxf/systest/ws/cache/DoubleItCache-fips.wsdl | 2 +-
.../apache/cxf/systest/ws/cache/server-fips.xml | 2 +-
.../cxf/systest/ws/fault/DoubleItFault-fips.wsdl | 6 +-
.../systest/ws/fault/SymmetricUTPolicy-fips.xml | 2 +-
.../apache/cxf/systest/ws/fault/client-fips.xml | 4 +-
.../cxf/systest/ws/fault/client-untrusted-fips.xml | 2 +-
.../cxf/systest/ws/fault/modified-server-fips.xml | 2 +-
.../apache/cxf/systest/ws/fault/server-fips.xml | 2 +-
.../cxf/systest/ws/gcm/DoubleItGCM-fips.wsdl | 4 +-
.../apache/cxf/systest/ws/gcm/mgf-server-fips.xml | 2 +-
.../cxf/systest/ws/gcm/mgf-stax-server-fips.xml | 2 +-
.../org/apache/cxf/systest/ws/gcm/server-fips.xml | 2 +-
.../apache/cxf/systest/ws/gcm/stax-server-fips.xml | 2 +-
.../systest/ws/httpget/DoubleItHTTPGet-fips.wsdl | 2 +-
.../apache/cxf/systest/ws/httpget/server-fips.xml | 2 +-
.../systest/ws/https/basic-auth-policy-fips.xml | 2 +-
.../cxf/systest/ws/https/clean-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/https/client-fips.xml | 2 +-
.../systest/ws/https/digest-auth-policy-fips.xml | 2 +-
.../cxf/systest/ws/https/nochild-policy-fips.xml | 2 +-
.../ws/https/req-client-cert-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/https/server-fips.xml | 2 +-
.../cxf/systest/ws/https/stax-server-fips.xml | 2 +-
.../cxf/systest/ws/mtom/DoubleItMtom-fips.wsdl | 6 +-
.../org/apache/cxf/systest/ws/mtom/server-fips.xml | 2 +-
.../cxf/systest/ws/mtom/stax-server-fips.xml | 2 +-
.../cxf/systest/ws/parts/addr-policy-fips.xml | 2 +-
.../ws/parts/bad-req-elements-policy-fips.xml | 2 +-
.../systest/ws/parts/bad-req-parts-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/parts/client-fips.xml | 2 +-
.../content-encrypted-elements-policy-fips.xml | 2 +-
.../ws/parts/encrypted-addr-policy-fips.xml | 2 +-
.../ws/parts/encrypted-attachments-policy-fips.xml | 2 +-
.../ws/parts/encrypted-body-policy-fips.xml | 2 +-
.../ws/parts/encrypted-elements-policy-fips.xml | 2 +-
.../ws/parts/encrypted-parts-policy-fips.xml | 2 +-
.../multiple-encrypted-elements-policy-fips.xml | 2 +-
.../systest/ws/parts/req-elements-policy-fips.xml | 2 +-
.../cxf/systest/ws/parts/req-parts-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/parts/server-fips.xml | 2 +-
.../systest/ws/parts/signed-addr-policy-fips.xml | 2 +-
.../ws/parts/signed-attachments-policy-fips.xml | 2 +-
.../systest/ws/parts/signed-body-policy-fips.xml | 2 +-
.../ws/parts/signed-elements-policy-fips.xml | 2 +-
.../systest/ws/parts/signed-parts-policy-fips.xml | 2 +-
.../cxf/systest/ws/parts/stax-server-fips.xml | 2 +-
.../systest/ws/password/DoubleItPassword-fips.wsdl | 4 +-
.../apache/cxf/systest/ws/password/server-fips.xml | 2 +-
.../cxf/systest/ws/policy/client-bus-fips.xml | 4 +-
.../apache/cxf/systest/ws/policy/client-fips.xml | 8 +-
.../cxf/systest/ws/policy/javafirstserver-fips.xml | 10 +-
.../operation/DoubleItPolicyOperation-fips.wsdl | 2 +-
.../systest/ws/policy/operation/server-fips.xml | 2 +-
.../apache/cxf/systest/ws/policy/server-fips.xml | 8 +-
.../cxf/systest/ws/saml/DoubleItSaml-fips.wsdl | 32 +++----
.../cxf/systest/ws/saml/clean-asym-policy-fips.xml | 2 +-
.../cxf/systest/ws/saml/clean-tls-policy-fips.xml | 2 +-
.../org/apache/cxf/systest/ws/saml/client-fips.xml | 4 +-
.../cxf/systest/ws/saml/saml1-tls-policy-fips.xml | 2 +-
.../cxf/systest/ws/saml/saml2-asym-policy-fips.xml | 2 +-
.../org/apache/cxf/systest/ws/saml/server-fips.xml | 4 +-
.../cxf/systest/ws/saml/stax-server-fips.xml | 4 +-
.../subjectconf/DoubleItSamlSubjectConf-fips.wsdl | 2 +-
.../systest/ws/saml/subjectconf/server-fips.xml | 2 +-
.../ws/saml/subjectconf/stax-server-fips.xml | 2 +-
.../cxf/systest/ws/security/DoubleIt-fips.wsdl | 18 ++--
.../cxf/systest/ws/swa/DoubleItSwa-fips.wsdl | 6 +-
.../cxf/systest/ws/swa/policy-server-fips.xml | 2 +-
.../org/apache/cxf/systest/ws/swa/server-fips.xml | 2 +-
.../cxf/systest/ws/swa/stax-policy-server-fips.xml | 2 +-
.../cxf/systest/ws/tokens/bst-server-fips.xml | 2 +-
.../apache/cxf/systest/ws/tokens/client-fips.xml | 2 +-
.../ws/tokens/encrypted-supp-token-policy-fips.xml | 2 +-
.../systest/ws/tokens/endorsing-client-fips.xml | 2 +-
.../systest/ws/tokens/endorsing-server-fips.xml | 2 +-
.../endorsing-x509-supp-token-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/tokens/server-fips.xml | 2 +-
.../signed-encrypted-supp-token-policy-fips.xml | 2 +-
...igned-endorsing-x509-supp-token-policy-fips.xml | 2 +-
.../ws/tokens/signed-supp-token-policy-fips.xml | 2 +-
.../tokens/signed-x509-supp-token-policy-fips.xml | 2 +-
.../ws/tokens/stax-endorsing-server-fips.xml | 2 +-
.../cxf/systest/ws/tokens/stax-server-fips.xml | 2 +-
.../systest/ws/tokens/supp-token-policy-fips.xml | 2 +-
.../cxf/systest/ws/tokens/tls-client-fips.xml | 2 +-
.../cxf/systest/ws/tokens/tls-server-fips.xml | 2 +-
.../cxf/systest/ws/tokens/tls-stax-server-fips.xml | 2 +-
.../ws/tokens/x509-supp-token-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/ut/DoubleItUt-fips.wsdl | 14 +--
.../cxf/systest/ws/ut/DoubleItUtDerived-fips.wsdl | 14 +--
.../apache/cxf/systest/ws/ut/clean-policy-fips.xml | 2 +-
.../org/apache/cxf/systest/ws/ut/client-fips.xml | 6 +-
.../cxf/systest/ws/ut/created-policy-fips.xml | 2 +-
.../cxf/systest/ws/ut/hash-pass-policy-fips.xml | 2 +-
.../cxf/systest/ws/ut/no-pass-policy-fips.xml | 2 +-
.../apache/cxf/systest/ws/ut/nonce-policy-fips.xml | 2 +-
.../systest/ws/ut/plaintext-pass-policy-fips.xml | 2 +-
.../ws/ut/plaintext-pass-timestamp-policy-fips.xml | 2 +-
.../cxf/systest/ws/ut/policy-client-fips.xml | 13 ++-
.../cxf/systest/ws/ut/policy-server-fips.xml | 22 ++++-
.../cxf/systest/ws/ut/server-derived-fips.xml | 2 +-
.../org/apache/cxf/systest/ws/ut/server-fips.xml | 4 +-
.../cxf/systest/ws/ut/stax-policy-server-fips.xml | 2 +-
.../apache/cxf/systest/ws/ut/stax-server-fips.xml | 4 +-
.../cxf/systest/ws/ut/supp-token-policy-fips.xml | 2 +-
.../cxf/systest/ws/wssc/DoubleItWSSC-fips.wsdl | 12 +--
.../cxf/systest/ws/wssc/unit-server-fips.xml | 2 +-
.../wssec10/client_customAlgorithmSuite-fips.xml | 2 +-
.../apache/cxf/systest/ws/wssec10/server-fips.xml | 2 +-
.../wssec10/server_customAlgorithmSuite-fips.xml | 2 +-
.../systest/ws/wssec10/server_restricted-fips.xml | 2 +-
.../cxf/systest/ws/wssec10/stax-server-fips.xml | 2 +-
.../stax-server_customAlgorithmSuite-fips.xml | 2 +-
.../ws/wssec10/stax-server_restricted-fips.xml | 2 +-
.../systest/ws/x509/DoubleItOperations-fips.wsdl | 2 +-
.../cxf/systest/ws/x509/DoubleItX509-fips.wsdl | 60 ++++++------
.../ws/x509/DoubleItX509Addressing-fips.wsdl | 2 +-
.../ws/x509/DoubleItX509Signature-fips.wsdl | 10 +-
.../cxf/systest/ws/x509/clean-policy-fips.xml | 2 +-
.../org/apache/cxf/systest/ws/x509/client-fips.xml | 2 +-
.../systest/ws/x509/end-supp-token-policy-fips.xml | 2 +-
.../cxf/systest/ws/x509/intermediary-fips.xml | 2 +-
.../cxf/systest/ws/x509/jaxws-client-fips.xml | 2 +-
.../org/apache/cxf/systest/ws/x509/server-fips.xml | 2 +-
.../cxf/systest/ws/x509/stax-server-fips.xml | 2 +-
.../systest/ws/x509/supp-token-pki-policy-fips.xml | 2 +-
.../cxf/systest/ws/x509/supp-token-policy-fips.xml | 2 +-
.../cxf/systest/ws/xkms/DoubleItXKMS-fips.wsdl | 4 +-
.../org/apache/cxf/systest/ws/xkms/server-fips.xml | 2 +-
.../cxf/systest/ws/xkms/stax-server-fips.xml | 2 +-
.../wssc/WSSecureConversation_policy-fips.wsdl | 92 +++++++++----------
.../wssec10/WsSecurity10_policy-fips.wsdl | 4 +-
.../WsSecurity10_policy_restricted-fips.wsdl | 4 +-
.../wssec11/WsSecurity11_policy-fips.wsdl | 34 +++----
.../WsSecurity11_policy_restricted-fips.wsdl | 36 ++++----
248 files changed, 719 insertions(+), 574 deletions(-)
copy
systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/{ciphersuites-client-tlsv12.xml
=> ciphersuites-client-tlsv12-fips.xml} (96%)
