Upgrade crypto-js to 4.1.1 version - 4.4.1 (#1686)

* fix: fix tests (#1684)

* Upgrade crypto-js to 4.1.1 version (#1683)

* chore: upgrade crypto-js to 4.1.1 version

* fix: delete crypto-js-3.1.9-1 dir

Client/src/test/resources/testng.properties

@@ -50,9 +50,9 @@ RSA_OAEP_keyId=d91db51d-0e7f-4225-99e5-164444c12d1a
 RSA1_5_keyId=a442f0ec-7237-40b3-b7f3-a6039f70d9bd
 
 # Form Interaction
-loginFormUsername = loginForm:username
-loginFormPassword = loginForm:password
-loginFormLoginButton = loginForm:loginButton
+loginFormUsername = username
+loginFormPassword = password
+loginFormLoginButton = loginButton
 authorizeFormAllowButton = authorizeForm:allowButton
 authorizeFormDoNotAllowButton = authorizeForm:doNotAllowButton
 

Server/src/main/webapp/js/crypto-js-3.1.9-1/README.md → Server/src/main/webapp/js/crypto-js-4.1.1/README.md

@@ -1,4 +1,4 @@
-# crypto-js
+# crypto-js [![Build Status](https://travis-ci.org/brix/crypto-js.svg?branch=develop)](https://travis-ci.org/brix/crypto-js)
 
 JavaScript library of crypto standards.
 
@@ -15,6 +15,18 @@ npm install crypto-js
 
 ### Usage
 
+ES6 import for typical API call signing use case:
+
+```javascript
+import sha256 from 'crypto-js/sha256';
+import hmacSHA512 from 'crypto-js/hmac-sha512';
+import Base64 from 'crypto-js/enc-base64';
+
+const message, nonce, path, privateKey; // ...
+const hashDigest = sha256(nonce + message);
+const hmacDigest = Base64.stringify(hmacSHA512(path + hashDigest, privateKey));
+```
+
 Modular include:
 
 ```javascript
@@ -89,7 +101,7 @@ require(["crypto-js"], function (CryptoJS) {
 
 ## API
 
-See: https://code.google.com/p/crypto-js
+See: https://cryptojs.gitbook.io/docs/
 
 ### AES Encryption
 
@@ -99,13 +111,13 @@ See: https://code.google.com/p/crypto-js
 var CryptoJS = require("crypto-js");
 
 // Encrypt
-var ciphertext = CryptoJS.AES.encrypt('my message', 'secret key 123');
+var ciphertext = CryptoJS.AES.encrypt('my message', 'secret key 123').toString();
 
 // Decrypt
-var bytes  = CryptoJS.AES.decrypt(ciphertext.toString(), 'secret key 123');
-var plaintext = bytes.toString(CryptoJS.enc.Utf8);
+var bytes  = CryptoJS.AES.decrypt(ciphertext, 'secret key 123');
+var originalText = bytes.toString(CryptoJS.enc.Utf8);
 
-console.log(plaintext);
+console.log(originalText); // 'my message'
 ```
 
 #### Object encryption
@@ -116,13 +128,13 @@ var CryptoJS = require("crypto-js");
 var data = [{id: 1}, {id: 2}]
 
 // Encrypt
-var ciphertext = CryptoJS.AES.encrypt(JSON.stringify(data), 'secret key 123');
+var ciphertext = CryptoJS.AES.encrypt(JSON.stringify(data), 'secret key 123').toString();
 
 // Decrypt
-var bytes  = CryptoJS.AES.decrypt(ciphertext.toString(), 'secret key 123');
+var bytes  = CryptoJS.AES.decrypt(ciphertext, 'secret key 123');
 var decryptedData = JSON.parse(bytes.toString(CryptoJS.enc.Utf8));
 
-console.log(decryptedData);
+console.log(decryptedData); // [{id: 1}, {id: 2}]
 ```
 
 ### List of modules
@@ -196,3 +208,54 @@ console.log(decryptedData);
 - ```crypto-js/pad-iso97971```
 - ```crypto-js/pad-zeropadding```
 - ```crypto-js/pad-nopadding```
+
+
+## Release notes
+
+### 4.1.1
+
+Fix module order in bundled release.
+
+Include the browser field in the released package.json.
+
+### 4.1.0
+
+Added url safe variant of base64 encoding. [357](https://github.com/brix/crypto-js/pull/357)
+
+Avoid webpack to add crypto-browser package. [364](https://github.com/brix/crypto-js/pull/364)
+
+### 4.0.0
+
+This is an update including breaking changes for some environments.
+
+In this version `Math.random()` has been replaced by the random methods of the native crypto module.
+
+For this reason CryptoJS might not run in some JavaScript environments without native crypto module. Such as IE 10 or before or React Native.
+
+### 3.3.0
+
+Rollback, `3.3.0` is the same as `3.1.9-1`.
+
+The move of using native secure crypto module will be shifted to a new `4.x.x` version. As it is a breaking change the impact is too big for a minor release.
+
+### 3.2.1
+
+The usage of the native crypto module has been fixed. The import and access of the native crypto module has been improved.
+
+### 3.2.0
+
+In this version `Math.random()` has been replaced by the random methods of the native crypto module.
+
+For this reason CryptoJS might does not run in some JavaScript environments without native crypto module. Such as IE 10 or before.
+
+If it's absolute required to run CryptoJS in such an environment, stay with `3.1.x` version. Encrypting and decrypting stays compatible. But keep in mind `3.1.x` versions still use `Math.random()` which is cryptographically not secure, as it's not random enough. 
+
+This version came along with `CRITICAL` `BUG`. 
+
+DO NOT USE THIS VERSION! Please, go for a newer version!
+
+### 3.1.x
+
+The `3.1.x` are based on the original CryptoJS, wrapped in CommonJS modules.
+
+

Server/src/main/webapp/js/crypto-js-3.1.9-1/aes.js → Server/src/main/webapp/js/crypto-js-4.1.1/aes.js

@@ -91,6 +91,8 @@
 	     */
 	    var AES = C_algo.AES = BlockCipher.extend({
 	        _doReset: function () {
+	            var t;
+
 	            // Skip reset of nRounds has been set before and key did not change
 	            if (this._nRounds && this._keyPriorReset === this._key) {
 	                return;
@@ -113,7 +115,7 @@
 	                if (ksRow < keySize) {
 	                    keySchedule[ksRow] = keyWords[ksRow];
 	                } else {
-	                    var t = keySchedule[ksRow - 1];
+	                    t = keySchedule[ksRow - 1];
 
 	                    if (!(ksRow % keySize)) {
 	                        // Rot word

Server/src/main/webapp/js/crypto-js-3.1.9-1/bower.json → Server/src/main/webapp/js/crypto-js-4.1.1/bower.json

@@ -1,6 +1,6 @@
 {
   "name": "crypto-js",
-  "version": "3.1.9",
+  "version": "4.1.1",
   "description": "JavaScript library of crypto standards.",
   "license": "MIT",
   "homepage": "http://github.com/brix/crypto-js",
@@ -27,9 +27,13 @@
     "CFB",
     "CTR",
     "CBC",
-    "Base64"
+    "Base64",
+    "Base64url"
   ],
   "main": "index.js",
   "dependencies": {},
+  "browser": {
+    "crypto": false
+  },
   "ignore": []
 }

Server/src/main/webapp/js/crypto-js-3.1.9-1/cipher-core.js → Server/src/main/webapp/js/crypto-js-4.1.1/cipher-core.js

@@ -351,17 +351,19 @@
 	        });
 
 	        function xorBlock(words, offset, blockSize) {
+	            var block;
+
 	            // Shortcut
 	            var iv = this._iv;
 
 	            // Choose mixing block
 	            if (iv) {
-	                var block = iv;
+	                block = iv;
 
 	                // Remove IV for subsequent blocks
 	                this._iv = undefined;
 	            } else {
-	                var block = this._prevBlock;
+	                block = this._prevBlock;
 	            }
 
 	            // XOR blocks
@@ -453,6 +455,8 @@
 	        }),
 
 	        reset: function () {
+	            var modeCreator;
+
 	            // Reset cipher
 	            Cipher.reset.call(this);
 
@@ -463,9 +467,9 @@
 
 	            // Reset block mode
 	            if (this._xformMode == this._ENC_XFORM_MODE) {
-	                var modeCreator = mode.createEncryptor;
+	                modeCreator = mode.createEncryptor;
 	            } else /* if (this._xformMode == this._DEC_XFORM_MODE) */ {
-	                var modeCreator = mode.createDecryptor;
+	                modeCreator = mode.createDecryptor;
 	                // Keep at least one block in the buffer for unpadding
 	                this._minBufferSize = 1;
 	            }
@@ -483,6 +487,8 @@
 	        },
 
 	        _doFinalize: function () {
+	            var finalProcessedBlocks;
+
 	            // Shortcut
 	            var padding = this.cfg.padding;
 
@@ -492,10 +498,10 @@
 	                padding.pad(this._data, this.blockSize);
 
 	                // Process final blocks
-	                var finalProcessedBlocks = this._process(!!'flush');
+	                finalProcessedBlocks = this._process(!!'flush');
 	            } else /* if (this._xformMode == this._DEC_XFORM_MODE) */ {
 	                // Process final blocks
-	                var finalProcessedBlocks = this._process(!!'flush');
+	                finalProcessedBlocks = this._process(!!'flush');
 
 	                // Unpad data
 	                padding.unpad(finalProcessedBlocks);
@@ -587,15 +593,17 @@
 	         *     var openSSLString = CryptoJS.format.OpenSSL.stringify(cipherParams);
 	         */
 	        stringify: function (cipherParams) {
+	            var wordArray;
+
 	            // Shortcuts
 	            var ciphertext = cipherParams.ciphertext;
 	            var salt = cipherParams.salt;
 
 	            // Format
 	            if (salt) {
-	                var wordArray = WordArray.create([0x53616c74, 0x65645f5f]).concat(salt).concat(ciphertext);
+	                wordArray = WordArray.create([0x53616c74, 0x65645f5f]).concat(salt).concat(ciphertext);
 	            } else {
-	                var wordArray = ciphertext;
+	                wordArray = ciphertext;
 	            }
 
 	            return wordArray.toString(Base64);
@@ -615,6 +623,8 @@
 	         *     var cipherParams = CryptoJS.format.OpenSSL.parse(openSSLString);
 	         */
 	        parse: function (openSSLStr) {
+	            var salt;
+
 	            // Parse base64
 	            var ciphertext = Base64.parse(openSSLStr);
 
@@ -624,7 +634,7 @@
 	            // Test for salt
 	            if (ciphertextWords[0] == 0x53616c74 && ciphertextWords[1] == 0x65645f5f) {
 	                // Extract salt
-	                var salt = WordArray.create(ciphertextWords.slice(2, 4));
+	                salt = WordArray.create(ciphertextWords.slice(2, 4));
 
 	                // Remove salt from ciphertext
 	                ciphertextWords.splice(0, 4);