Commit ac50e4cd authored by pgouvas's avatar pgouvas
Browse files

sign/verification encrypt/decrypt ready

parent 66276d29
File added
File added
<?xml version="1.0" encoding="UTF-8"?>
<actions>
<action>
<actionName>CUSTOM-skipTests</actionName>
<displayName>skipTests</displayName>
<recursive>false</recursive>
<goals>
<goal>clean</goal>
<goal>install</goal>
</goals>
<properties>
<skipTests>true</skipTests>
</properties>
</action>
</actions>
......@@ -80,57 +80,53 @@ public class EjbcaWSClientImpl {
* @return The generated KeyStore or null if no KeyStore could be created
*
*/
public boolean editUser(EjbcaUser ejbcaUser) {
EjbcaWSLogger wslogger = new EjbcaWSLogger();
public boolean editUser(UserDataVOWS userdata) { //EjbcaUser ejbcaUser
try {
final UserDataVOWS userdata = convertEjbcaUserTOUserDataVOWS(ejbcaUser);
wslogger.append("Trying to add user:");
wslogger.append("Username: " + userdata.getUsername());
wslogger.append("Subject DN: " + userdata.getSubjectDN());
wslogger.append("Subject Altname: " + userdata.getSubjectAltName());
wslogger.append("Email: " + userdata.getEmail());
wslogger.append("CA Name: " + userdata.getCaName());
wslogger.append("Token: " + userdata.getTokenType());
wslogger.append("Status: " + userdata.getStatus());
wslogger.append("End entity profile: " + userdata.getEndEntityProfileName());
wslogger.append("Certificate profile: " + userdata.getCertificateProfileName());
wslogger.append("Hard Token Issuer Alias: " + (userdata.getHardTokenIssuerName() != null ? userdata.getHardTokenIssuerName() : "null"));
//final UserDataVOWS userdata = convertEjbcaUserTOUserDataVOWS(ejbcaUser);
logger.info("Trying to add user:");
logger.info("Username: " + userdata.getUsername());
logger.info("Subject DN: " + userdata.getSubjectDN());
logger.info("Subject Altname: " + userdata.getSubjectAltName());
logger.info("Email: " + userdata.getEmail());
logger.info("CA Name: " + userdata.getCaName());
logger.info("Token: " + userdata.getTokenType());
logger.info("Status: " + userdata.getStatus());
logger.info("End entity profile: " + userdata.getEndEntityProfileName());
logger.info("Certificate profile: " + userdata.getCertificateProfileName());
logger.info("Hard Token Issuer Alias: " + (userdata.getHardTokenIssuerName() != null ? userdata.getHardTokenIssuerName() : "null"));
final List<ExtendedInformationWS> eil = userdata.getExtendedInformation();
if (eil != null) {
wslogger.append("Extended information:");
logger.info("Extended information:");
for (ExtendedInformationWS ei : eil) {
wslogger.append(" '" + ei.getName() + "' = '" + ei.getValue() + "'");
logger.info(" '" + ei.getName() + "' = '" + ei.getValue() + "'");
}
}
final BigInteger bi = userdata.getCertificateSerialNumber();
if (bi != null) {
wslogger.append("CERTIFICATESERIALNUMBER" + "=0x" + bi.toString(16));
logger.info("CERTIFICATESERIALNUMBER" + "=0x" + bi.toString(16));
}
//Add/Edit End-Entity to EJBCA
getEjbcaRAWS().editUser(userdata);
wslogger.append("User '" + userdata.getUsername() + "' has been added/edited.");
wslogger.showLogs(this.logger);
logger.info("User '" + userdata.getUsername() + "' has been added/edited.");
return true;
} catch (Exception ex) {
Logger.getLogger(EjbcaWSClientImpl.class.getName()).log(Level.SEVERE, null, ex);
}
wslogger.showLogs(this.logger);
return false;
}
public KeyStore createSoftTokenRequest(EjbcaUser ejbcaUser) {
KeyStore keystore = null;
try {
EjbcaWSLogger wslogger = new EjbcaWSLogger();
UserDataVOWS userdata = convertEjbcaUserTOUserDataVOWS(ejbcaUser);
keystore = getEjbcaRAWS().softTokenRequest(userdata, userdata.getHardTokenIssuerName(), ejbcaUser.getEntityArgument(EjbcaUser.Arguments.KEYLENGTH), ejbcaUser.getEntityArgument(EjbcaUser.Arguments.ENCRYPTION_ALGORYTHM));
if (keystore == null) {
wslogger.append("No certificate could be generated for user, check server logs for error.");
logger.info("No certificate could be generated for user, check server logs for error.");
}
} catch (Exception ex) {
......@@ -156,14 +152,13 @@ public class EjbcaWSClientImpl {
* couldn't be found.
*/
public Certificate getCertificate(String certSNinHex, String issuerDN) {
EjbcaWSLogger wslogger = new EjbcaWSLogger();
Certificate certificate = null;
try {
certificate = getEjbcaRAWS().getCertificate(certSNinHex, issuerDN);
if (certificate == null) {
wslogger.append("Certificate with SerialNumber: " + certSNinHex + " and IssuerDN: " + issuerDN + " could not be found!");
logger.info("Certificate with SerialNumber: " + certSNinHex + " and IssuerDN: " + issuerDN + " could not be found!");
} else {
wslogger.append("Certificate with SerialNumber: " + certSNinHex + " and IssuerDN: " + issuerDN + " was fetched!");
logger.info("Certificate with SerialNumber: " + certSNinHex + " and IssuerDN: " + issuerDN + " was fetched!");
}
} catch (AuthorizationDeniedException_Exception ex) {
Logger.getLogger(EjbcaWSClientImpl.class.getName()).log(Level.SEVERE, null, ex);
......@@ -173,7 +168,6 @@ public class EjbcaWSClientImpl {
Logger.getLogger(EjbcaWSClientImpl.class.getName()).log(Level.SEVERE, null, ex);
}
wslogger.showLogs(this.logger);
return certificate;
}
......@@ -187,7 +181,6 @@ public class EjbcaWSClientImpl {
*/
public RevokeStatus checkCertificateRevokeStatus(String issuerDN, String certSN) {
RevokeStatus status = null;
EjbcaWSLogger wslogger = new EjbcaWSLogger();
try {
issuerDN = CertTools.stringToBCDNString(issuerDN);
......@@ -196,25 +189,22 @@ public class EjbcaWSClientImpl {
status = getEjbcaRAWS().checkRevokationStatus(issuerDN, certSN);
if (status == null) {
wslogger.append("Error, No certificate found in database.");
logger.info("Error, No certificate found in database.");
} else {
wslogger.append("Revocation status :");
wslogger.append(" IssuerDN : " + status.getIssuerDN());
wslogger.append(" CertificateSN : " + status.getCertificateSN());
logger.info("Revocation status :");
logger.info(" IssuerDN : " + status.getIssuerDN());
logger.info(" CertificateSN : " + status.getCertificateSN());
if (status.getReason() == RevokedCertInfo.NOT_REVOKED) {
wslogger.append(" Status : NOT REVOKED");
logger.info(" Status : NOT REVOKED");
} else {
wslogger.append(" Status : REVOKED");
wslogger.append(" Date : " + status.getRevocationDate().toString());
logger.info(" Status : REVOKED");
logger.info(" Date : " + status.getRevocationDate().toString());
}
}
} catch (Exception ex) {
Logger.getLogger(EjbcaWSClientImpl.class.getName()).log(Level.SEVERE, null, ex);
}
wslogger.showLogs(this.logger);
return status;
}
/**
......@@ -236,7 +226,6 @@ public class EjbcaWSClientImpl {
//TODO: Implement a return value solution
public boolean revokeCertBackdated(String issuerDN, String certificateSN, int reason, String sDate) {
boolean isRevoked = false;
EjbcaWSLogger wslogger = new EjbcaWSLogger();
try {
final String issuerdn = CertTools.stringToBCDNString(issuerDN);
final String certsn = getCertSN(certificateSN);
......@@ -245,31 +234,29 @@ public class EjbcaWSClientImpl {
final RevokeStatus status = getEjbcaRAWS().checkRevokationStatus(issuerdn, certsn);
if (status != null) {
getEjbcaRAWS().revokeCertBackdated(issuerdn, certsn, reason, sDate);
wslogger.append("Certificate revoked (or unrevoked) successfully.");
logger.info("Certificate revoked (or unrevoked) successfully.");
isRevoked = true;
} else {
wslogger.append("Certificate does not exist.");
logger.info("Certificate does not exist.");
}
} catch (AuthorizationDeniedException_Exception e) {
wslogger.append("Error : " + e.getMessage());
logger.info("Error : " + e.getMessage());
} catch (AlreadyRevokedException_Exception e) {
wslogger.append("The certificate was already revoked, or you tried to unrevoke a permanently revoked certificate.");
logger.info("The certificate was already revoked, or you tried to unrevoke a permanently revoked certificate.");
} catch (WaitingForApprovalException_Exception e) {
wslogger.append("The revocation request has been sent for approval.");
logger.info("The revocation request has been sent for approval.");
} catch (ApprovalException_Exception e) {
wslogger.append("This revocation has already been requested.");
logger.info("This revocation has already been requested.");
} catch (DateNotValidException_Exception e) {
wslogger.append(e.getMessage());
wslogger.append(justRevoke);
logger.info(e.getMessage());
logger.info(justRevoke);
} catch (RevokeBackDateNotAllowedForProfileException_Exception e) {
wslogger.append(e.getMessage());
wslogger.append(justRevoke);
logger.info(e.getMessage());
logger.info(justRevoke);
}
} catch (Exception e) {
e.printStackTrace();
}
wslogger.showLogs(this.logger);
return isRevoked;
}
......@@ -612,6 +599,7 @@ public class EjbcaWSClientImpl {
if (!ejbcaUser.getEntityArgument(EjbcaUser.Arguments.ISSUERALIAS).equalsIgnoreCase("NONE")) {
userdata.setEmail(ejbcaUser.getEntityArgument(EjbcaUser.Arguments.ISSUERALIAS));
}
logger.info("userdata: "+userdata.toString());
return userdata;
}
......
......@@ -87,9 +87,10 @@ public class RestCAController {
}//EoM
@RequestMapping(path = "/manageEntity", method = RequestMethod.POST)
public Boolean manageEntity(@RequestBody EjbcaUser ejbcaUser) {
boolean status = ca.editUser(ejbcaUser);
logger.info("manageEntity: "+status);
public Boolean manageEntity(@RequestBody UserDataVOWS userdata) { //EjbcaUser ejbcaUser
logger.info("Manage Entity: "+userdata.getUsername());
boolean status = ca.editUser(userdata);
logger.info( "manageEntity: "+status );
return status;
}//EoM
......
package eu.ubitech.ejbca.security;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
......@@ -14,6 +18,7 @@ import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
......@@ -36,13 +41,19 @@ public class SecurityUtil {
/*
* Assymetric encryption with dynamically selected AES KEY
*/
static public byte[] doEncryptRSAWithAES(byte[] pubbytes, byte[] infilebytes, String inputFile) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException, java.security.InvalidKeyException, java.security.spec.InvalidKeySpecException, javax.crypto.NoSuchPaddingException, javax.crypto.BadPaddingException, javax.crypto.IllegalBlockSizeException, java.io.IOException, NoSuchProviderException {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
try (FileOutputStream stream = new FileOutputStream(inputFile)) {
stream.write(infilebytes);
static public void doEncryptRSAWithAES(String[] args) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException, java.security.InvalidKeyException, java.security.spec.InvalidKeySpecException, javax.crypto.NoSuchPaddingException, javax.crypto.BadPaddingException, javax.crypto.IllegalBlockSizeException, java.io.IOException, NoSuchProviderException {
if (args.length != 2) {
System.err.println("enc pubKeyFile inputFile");
System.exit(1);
}
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
int index = 0;
String pubKeyFile = args[index++];
String inputFile = args[index++];
//Public Key
byte[] pubbytes = Files.readAllBytes(Paths.get(pubKeyFile));
byte[] infilebytes = Files.readAllBytes(Paths.get(inputFile));
String filestr = new String(pubbytes);
filestr = filestr.replace("-----BEGIN PUBLIC KEY-----", "");
filestr = filestr.replace("-----END PUBLIC KEY-----", "");
......@@ -97,36 +108,16 @@ public class SecurityUtil {
processFile(ci, in, out);
}
}
byte[] outputbytes = Files.readAllBytes(Paths.get(inputFile + ".enc"));
return outputbytes;
}//EoM
}//EoM
static public void doEncryptRSAWithAES(String[] args) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException, java.security.InvalidKeyException, java.security.spec.InvalidKeySpecException, javax.crypto.NoSuchPaddingException, javax.crypto.BadPaddingException, javax.crypto.IllegalBlockSizeException, java.io.IOException, NoSuchProviderException {
if (args.length != 2) {
System.err.println("enc pubKeyFile inputFile");
System.exit(1);
}
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
static public void doEncryptRSAWithAES(PublicKey pub, String inputFile) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException, java.security.InvalidKeyException, java.security.spec.InvalidKeySpecException, javax.crypto.NoSuchPaddingException, javax.crypto.BadPaddingException, javax.crypto.IllegalBlockSizeException, java.io.IOException, NoSuchProviderException {
int index = 0;
String pubKeyFile = args[index++];
String inputFile = args[index++];
//Public Key
byte[] pubbytes = Files.readAllBytes(Paths.get(pubKeyFile));
byte[] infilebytes = Files.readAllBytes(Paths.get(inputFile));
String filestr = new String(pubbytes);
filestr = filestr.replace("-----BEGIN PUBLIC KEY-----", "");
filestr = filestr.replace("-----END PUBLIC KEY-----", "");
byte[] decoded = org.bouncycastle.util.encoders.Base64.decode(filestr);
X509EncodedKeySpec ks = new X509EncodedKeySpec(decoded);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey pub = kf.generatePublic(ks);
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
System.out.println("Public key restored: " + pub.getAlgorithm() + " " + pub.getFormat());
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(AES_KEY_SIZE);
SecretKey skey = kgen.generateKey();
System.out.println("");
System.out.println("Key length: " + skey.getEncoded().length);
......@@ -134,7 +125,7 @@ public class SecurityUtil {
cipher.init(Cipher.ENCRYPT_MODE, pub);
byte[] symmetrickeybencrypted = cipher.doFinal(skey.getEncoded());
System.out.println("RSA-encoded Key length: " + symmetrickeybencrypted.length);
byte[] infilebytes = Files.readAllBytes(Paths.get(inputFile));
MessageDigest md = MessageDigest.getInstance("SHA-256");
byte[] shabinary = new byte[255];
shabinary = md.digest(infilebytes);
......@@ -168,34 +159,17 @@ public class SecurityUtil {
processFile(ci, in, out);
}
}
}//EoM
}//EoM
static public byte[] doDecryptRSAWithAES(byte[] pubkeybytes, byte[] privkeybytes, byte[] encryptedfilebytes, String inputFile) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException, java.security.InvalidKeyException, java.security.spec.InvalidKeySpecException, javax.crypto.NoSuchPaddingException, javax.crypto.BadPaddingException, javax.crypto.IllegalBlockSizeException, java.io.IOException, NoSuchProviderException {
//---------------- Decrypt --
static public void doDecryptRSAWithAES(PublicKey pub, PrivateKey priv, String inputFile) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException, java.security.InvalidKeyException, java.security.spec.InvalidKeySpecException, javax.crypto.NoSuchPaddingException, javax.crypto.BadPaddingException, javax.crypto.IllegalBlockSizeException, java.io.IOException, NoSuchProviderException {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
try (FileOutputStream stream = new FileOutputStream(inputFile)) {
stream.write(encryptedfilebytes);
}
//Public Key
String filestr = new String(pubkeybytes);
filestr = filestr.replace("-----BEGIN PUBLIC KEY-----", "");
filestr = filestr.replace("-----END PUBLIC KEY-----", "");
byte[] decoded = org.bouncycastle.util.encoders.Base64.decode(filestr);
X509EncodedKeySpec ks = new X509EncodedKeySpec(decoded);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey pub = kf.generatePublic(ks);
System.out.println("Public key restored: " + pub.getAlgorithm() + " " + pub.getFormat());
//Private Key
String filestr2 = new String(privkeybytes);
filestr2 = filestr2.replace("-----BEGIN PRIVATE KEY-----", "");
filestr2 = filestr2.replace("-----END PRIVATE KEY-----", "");
byte[] decoded2 = org.bouncycastle.util.encoders.Base64.decode(filestr2);
PKCS8EncodedKeySpec ks2 = new PKCS8EncodedKeySpec(decoded2);
KeyFactory kf2 = KeyFactory.getInstance("RSA");
PrivateKey priv = kf2.generatePrivate(ks2);
System.out.println("Private key restored: " + priv.getAlgorithm() + " " + priv.getFormat());
try (FileInputStream in = new FileInputStream(inputFile)) {
......@@ -249,11 +223,9 @@ public class SecurityUtil {
try (FileOutputStream out = new FileOutputStream(inputFile + ".original")) {
processFile(ci, in, out);
}
}//try
byte[] outputbytes = Files.readAllBytes(Paths.get(inputFile + ".original"));
return outputbytes;
}//EoM
}//try
}//EoM
static public void doDecryptRSAWithAES(String[] args) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException, java.security.InvalidKeyException, java.security.spec.InvalidKeySpecException, javax.crypto.NoSuchPaddingException, javax.crypto.BadPaddingException, javax.crypto.IllegalBlockSizeException, java.io.IOException, NoSuchProviderException {
if (args.length != 3) {
......@@ -343,9 +315,7 @@ public class SecurityUtil {
}//try
}//EoM
//-------------------------------------Symmetric Encryption Algorithms
public static String doEncryptSymmetric(String strToEncrypt, String secret) {
try {
byte[] key;
......@@ -353,15 +323,13 @@ public class SecurityUtil {
key = secret.getBytes("UTF-8");
sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
key = Arrays.copyOf(key, 16);
SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return Base64.getEncoder().encodeToString(cipher.doFinal(strToEncrypt.getBytes("UTF-8")));
}
catch (Exception e)
{
} catch (Exception e) {
System.out.println("Error while encrypting: " + e.toString());
}
return null;
......@@ -374,65 +342,133 @@ public class SecurityUtil {
key = secret.getBytes("UTF-8");
sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
key = Arrays.copyOf(key, 16);
SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return cipher.doFinal(byteToEncrypt);
}
catch (Exception e) {
} catch (Exception e) {
System.out.println("Error while encrypting: " + e.toString());
}
return null;
}
}
public static byte[] doDecryptSymmetric(byte[] encbytes, String secret) {
byte decr[] = null;
try
{
try {
byte[] key;
MessageDigest sha = null;
key = secret.getBytes("UTF-8");
sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
key = Arrays.copyOf(key, 16);
SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
decr = cipher.doFinal(encbytes);
}
catch (Exception e)
{
} catch (Exception e) {
System.out.println("Error while decrypting: " + e.toString());
}
return decr;
}
public String doDecryptSymmetric(String strToDecrypt, String secret) {
try{
try {
byte[] key;
MessageDigest sha = null;
key = secret.getBytes("UTF-8");
sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
key = Arrays.copyOf(key, 16);
SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
}
catch (Exception e)
{
} catch (Exception e) {
System.out.println("Error while decrypting: " + e.toString());
}
return null;
}
public static String signContent(String content, PrivateKey priv) {
String base64encoded = "";
try {
byte[] data = content.getBytes("UTF8");
Signature sig = Signature.getInstance("MD5WithRSA");
sig.initSign(priv);
sig.update(data);
byte[] signatureBytes = sig.sign();
base64encoded = (Base64.getMimeEncoder().encodeToString(signatureBytes));
//System.out.println("Singature:" + base64encoded);
} catch (Exception ex) {
ex.printStackTrace();
}
return base64encoded;
}
public static boolean verifySignature(PublicKey pub, String claimeddata, String base64encodedsignaturebytes) {
boolean ret = false;
try {
Signature sig = Signature.getInstance("MD5WithRSA");
sig.initVerify(pub);
sig.update(claimeddata.getBytes());
byte[] signatureBytes = ( Base64.getMimeDecoder().decode(base64encodedsignaturebytes));
ret = sig.verify(signatureBytes);
} catch (Exception ex) {
ex.printStackTrace();
}
return ret;
}
/**
* Serialize any object
*
* @param obj
* @return
*/
public static String serializeObject(Object obj) {
String ret = "";
try {
ByteArrayOutputStream bo = new ByteArrayOutputStream();
ObjectOutputStream so = new ObjectOutputStream(bo);
so.writeObject(obj);
so.flush();
// This encoding induces a bijection between byte[] and String (unlike UTF-8)
ret = bo.toString("ISO-8859-1");
} catch (Exception e) {
e.printStackTrace();
}
return ret;
}
/**
* Deserialize any object
*
* @param str
* @param cls
* @return
*/
public static <T> T deSerializeObject(String str, Class<T> cls) {
T obj = null;
// deserialize the object
try {
// This encoding induces a bijection between byte[] and String (unlike UTF-8)
byte b[] = str.getBytes("ISO-8859-1");
ByteArrayInputStream bi = new ByteArrayInputStream(b);
ObjectInputStream si = new ObjectInputStream(bi);
obj = cls.cast(si.readObject());
} catch (Exception e) {
e.printStackTrace();
}
return obj;
}
//-------------------------------------Utility------------------------------
private static int ByteToInt(byte[] data) {
ByteBuffer _intShifter = ByteBuffer.allocate(Integer.SIZE / Byte.SIZE).order(ByteOrder.LITTLE_ENDIAN);
_intShifter.clear();
......@@ -451,7 +487,6 @@ public class SecurityUtil {
return result;
}//EoM