From 13cb358153114232e9d34690c80748396b3a6309 Mon Sep 17 00:00:00 2001 From: Malintha Fernando Date: Thu, 10 Nov 2016 15:04:03 +0530 Subject: [PATCH 1/2] Adding secured documentBuilder factory --- .../mgt/iot/output/adapter/ui/util/WebsocketUtils.java | 5 ++++- .../mgt/iot/devicetype/util/DeviceTypeConfigUtil.java | 8 ++++---- .../mgt/mobile/util/MobileDeviceManagementUtil.java | 5 ++++- .../wstep/impl/CertificateEnrollmentServiceImpl.java | 6 +++--- 4 files changed, 15 insertions(+), 9 deletions(-) diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.output.adapter.ui/src/main/java/org/wso2/carbon/device/mgt/iot/output/adapter/ui/util/WebsocketUtils.java b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.output.adapter.ui/src/main/java/org/wso2/carbon/device/mgt/iot/output/adapter/ui/util/WebsocketUtils.java index c049e4540..4d85e697f 100644 --- a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.output.adapter.ui/src/main/java/org/wso2/carbon/device/mgt/iot/output/adapter/ui/util/WebsocketUtils.java +++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.output.adapter.ui/src/main/java/org/wso2/carbon/device/mgt/iot/output/adapter/ui/util/WebsocketUtils.java @@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.iot.output.adapter.ui.util; import org.w3c.dom.Document; import org.wso2.carbon.device.mgt.iot.output.adapter.ui.config.WebsocketValidationConfigurationFailedException; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import java.io.File; @@ -34,7 +35,9 @@ public class WebsocketUtils { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setNamespaceAware(true); try { - DocumentBuilder docBuilder = factory.newDocumentBuilder(); + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + DocumentBuilder docBuilder = dbf.newDocumentBuilder(); return docBuilder.parse(file); } catch (Exception e) { throw new WebsocketValidationConfigurationFailedException("Error occurred while parsing file, while converting " + diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/util/DeviceTypeConfigUtil.java b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/util/DeviceTypeConfigUtil.java index a32a88bdf..82afe7dd5 100644 --- a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/util/DeviceTypeConfigUtil.java +++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/util/DeviceTypeConfigUtil.java @@ -22,6 +22,7 @@ import org.w3c.dom.Document; import org.wso2.carbon.device.mgt.iot.devicetype.config.DeviceManagementConfiguration; import org.wso2.carbon.device.mgt.iot.devicetype.config.exception.DeviceTypeConfigurationException; +import javax.xml.XMLConstants; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; @@ -38,7 +39,9 @@ public class DeviceTypeConfigUtil { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setNamespaceAware(true); try { - DocumentBuilder docBuilder = factory.newDocumentBuilder(); + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + DocumentBuilder docBuilder = dbf.newDocumentBuilder(); return docBuilder.parse(file); } catch (Exception e) { throw new DeviceTypeConfigurationException("Error occurred while parsing file, while converting " + @@ -46,7 +49,4 @@ public class DeviceTypeConfigUtil { } } - - - } diff --git a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile/src/main/java/org/wso2/carbon/device/mgt/mobile/util/MobileDeviceManagementUtil.java b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile/src/main/java/org/wso2/carbon/device/mgt/mobile/util/MobileDeviceManagementUtil.java index e97c0cb0d..e9fb47ccd 100644 --- a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile/src/main/java/org/wso2/carbon/device/mgt/mobile/util/MobileDeviceManagementUtil.java +++ b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile/src/main/java/org/wso2/carbon/device/mgt/mobile/util/MobileDeviceManagementUtil.java @@ -35,6 +35,7 @@ import org.wso2.carbon.registry.api.RegistryException; import org.wso2.carbon.registry.api.Resource; import org.wso2.carbon.registry.core.Registry; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import java.io.File; @@ -63,7 +64,9 @@ public class MobileDeviceManagementUtil { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setNamespaceAware(true); try { - DocumentBuilder docBuilder = factory.newDocumentBuilder(); + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + DocumentBuilder docBuilder = dbf.newDocumentBuilder(); return docBuilder.parse(file); } catch (Exception e) { throw new DeviceManagementException( diff --git a/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/services/wstep/impl/CertificateEnrollmentServiceImpl.java b/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/services/wstep/impl/CertificateEnrollmentServiceImpl.java index a0520028b..8e587bfc0 100644 --- a/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/services/wstep/impl/CertificateEnrollmentServiceImpl.java +++ b/components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/services/wstep/impl/CertificateEnrollmentServiceImpl.java @@ -51,6 +51,7 @@ import org.xml.sax.SAXException; import javax.annotation.Resource; import javax.jws.WebService; import javax.servlet.ServletContext; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -233,9 +234,8 @@ public class CertificateEnrollmentServiceImpl implements CertificateEnrollmentSe signedCertEncodedString = base64Encoder.encodeAsString(signedCertificate.getEncoded()); DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); - DocumentBuilder builder; - - builder = domFactory.newDocumentBuilder(); + domFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + DocumentBuilder builder = domFactory.newDocumentBuilder(); Document document = builder.parse(wapProvisioningFilePath); NodeList wapParm = document.getElementsByTagName(PluginConstants.CertificateEnrolment.PARM); Node caCertificatePosition = wapParm.item(PluginConstants.CertificateEnrolment.CA_CERTIFICATE_POSITION); From 09f004bfd8ac3b83528552d32f12366d4f76296d Mon Sep 17 00:00:00 2001 From: Malintha Fernando Date: Fri, 11 Nov 2016 06:38:36 +0530 Subject: [PATCH 2/2] importing javax.xml package for javax.xml.XMLConstants --- .../org.wso2.carbon.device.mgt.iot.output.adapter.ui/pom.xml | 4 +--- .../iot-base-plugin/org.wso2.carbon.device.mgt.iot/pom.xml | 4 +--- .../org.wso2.carbon.device.mgt.mobile/pom.xml | 3 +-- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.output.adapter.ui/pom.xml b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.output.adapter.ui/pom.xml index c622ed3db..fe92a5e6b 100644 --- a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.output.adapter.ui/pom.xml +++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.output.adapter.ui/pom.xml @@ -140,9 +140,7 @@ org.wso2.carbon.event.stream.core, org.wso2.carbon.event.stream.core.exception, org.wso2.carbon.utils, - javax.xml.bind, - javax.xml.bind.annotation, - javax.xml.parsers; version=0.0.0, + javax.xml.*, org.w3c.dom, org.wso2.carbon.identity.oauth2.stub, org.wso2.carbon.identity.oauth2.stub.dto, diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/pom.xml b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/pom.xml index cc7620641..96d952981 100644 --- a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/pom.xml +++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/pom.xml @@ -70,9 +70,7 @@ org.wso2.carbon.core, org.wso2.carbon.device.mgt.common, org.wso2.carbon.utils, - javax.xml.bind, - javax.xml.bind.annotation, - javax.xml.parsers; version="${javax.xml.parsers.import.pkg.version}", + javax.xml.*, org.w3c.dom diff --git a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile/pom.xml b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile/pom.xml index 715beb9df..2e30e81c4 100644 --- a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile/pom.xml +++ b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile/pom.xml @@ -55,10 +55,9 @@ org.osgi.framework, org.osgi.service.component, org.apache.commons.logging, - javax.xml.bind.*, + javax.xml.*, javax.naming, javax.sql, - javax.xml.parsers; version=0.0.0, org.w3c.dom, org.wso2.carbon.context, org.wso2.carbon.utils.*,