Merge pull request #77 from docusign/force-tls-1.2

Forcing TLS v1.2 as earlier versions are vulnerable

Author: mmallis87

.travis.yml

@@ -1,4 +1,5 @@
-sudo: false
+sudo: required
+dist: trusty
 install: true
 
 branches:
@@ -16,6 +17,7 @@ notifications:
 
 jdk:
   - oraclejdk8
+  - openjdk7
 
 script: mvn -X clean test
 

CHANGELOG.md

@@ -7,8 +7,12 @@ See [DocuSign Support Center](https://support.docusign.com/en/releasenotes/) for
 ### Changed
 - Updated the package with the latest API monthly release.
 
-## [2.6.0] - 2018-05-16
 
+## [2.6.1] - 2018-06-06
+### Security
+- Forced support of TLS v1.2. See [this post](https://support.docusign.com/en/articles/End-of-TLS-1-0-and-weak-cipher-support) on the DocuSign Support Center for more information.
+
+## [2.6.0] - 2018-05-16
 ### Added
 - Support for OAuth implicit grant.
 - Support for OAuth Get User Info.

README.md

@@ -8,7 +8,7 @@ You can sign up for a free [developer sandbox](https://developers.docusign.com/)
 Requirements
 ============
 
-Java 1.7 or later.  
+Java 1.7 or later. 
 
 Installation
 ============
@@ -21,7 +21,7 @@ Add this dependency to your project's POM:
 <dependency>
    <groupId>com.docusign</groupId>
    <artifactId>docusign-esign-java</artifactId>
-   <version>2.6.0</version>
+   <version>2.6.1</version>
 </dependency>
 ```
 
@@ -30,7 +30,7 @@ Add this dependency to your project's POM:
 Add this dependency to your project's build file:
 
 ```groovy
-compile "com.docusign:docusign-esign-java:2.6.0"
+compile "com.docusign:docusign-esign-java:2.6.1"
 ```
 
 #### Dependencies
@@ -73,8 +73,8 @@ android {
 
 This client is available through the following Java package managers:
 
-- [Nexus Repository Manager](https://oss.sonatype.org/#nexus-search;quick~docusign-esign-java) (oss.sonatype.org). You can search for com.docusign or docusign-esign-java. The current version is 2.6.0.
-- [JFrog Bintray](https://bintray.com/dsdevcenter/maven/docusign-esign-java) (bintray.com). You can search for com.docusign or docusign-esign-java. The current version is 2.6.0.
+- [Nexus Repository Manager](https://oss.sonatype.org/#nexus-search;quick~docusign-esign-java) (oss.sonatype.org). You can search for com.docusign or docusign-esign-java. The current version is 2.6.1.
+- [JFrog Bintray](https://bintray.com/dsdevcenter/maven/docusign-esign-java) (bintray.com). You can search for com.docusign or docusign-esign-java. The current version is 2.6.1.
 
 
 Usage

build.gradle

@@ -2,7 +2,7 @@ apply plugin: 'idea'
 apply plugin: 'eclipse'
 
 group = 'com.docusign'
-version = '2.6.0'
+version = '2.6.1'
 
 buildscript {
     repositories {

pom.xml

@@ -5,7 +5,7 @@
   <artifactId>docusign-esign-java</artifactId>
   <packaging>jar</packaging>
   <name>docusign-esign-java</name>
-  <version>2.6.0</version>
+  <version>2.6.1</version>
   <description>The official DocuSign eSignature JAVA client is based on version 2 of the DocuSign REST API and provides libraries for JAVA application integration. It is recommended that you use this version of the library for new development.</description>
   <url>https://www.docusign.com/developer-center</url>
 

src/main/java/com/docusign/esign/client/ApiClient.java

@@ -12,6 +12,7 @@
 import com.sun.jersey.api.client.WebResource;
 import com.sun.jersey.api.client.config.DefaultClientConfig;
 import com.sun.jersey.api.client.filter.LoggingFilter;
+import com.sun.jersey.client.urlconnection.HTTPSProperties;
 import com.sun.jersey.core.util.MultivaluedMapImpl;
 import com.sun.jersey.api.client.WebResource.Builder;
 
@@ -22,6 +23,8 @@
 import org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder;
 import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
 
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
 import javax.ws.rs.core.Response.Status.Family;
 import javax.ws.rs.core.UriBuilder;
 import javax.ws.rs.core.MediaType;
@@ -1002,6 +1005,23 @@ private Client buildHttpClient(boolean debugging) {
     JacksonJsonProvider jsonProvider = new JacksonJsonProvider(mapper);
     DefaultClientConfig conf = new DefaultClientConfig();
     conf.getSingletons().add(jsonProvider);
+
+    // Force TLS v1.2
+    try {
+      System.setProperty("https.protocols", "TLSv1.2");
+    } catch (SecurityException se) {
+      System.err.println("failed to set https.protocols property");
+    }
+    SSLContext ctx = null;
+    try {
+      ctx = SSLContext.getInstance("TLSv1.2");
+      ctx.init(null, null, null);
+    } catch (final Exception ex) {
+      System.err.println("failed to initialize SSL context");
+    }
+    conf.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(null, ctx));
+    HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
+
     Client client = Client.create(conf);
     if (debugging) {
       client.addFilter(new LoggingFilter());

target/classes/com/docusign/esign/client/ApiClient.class

@@ -1,5 +1,5 @@
 #Generated by Maven
-#Tue May 15 23:56:46 PDT 2018
-version=2.6.0
+#Wed Jun 06 15:48:09 PDT 2018
+version=2.6.1
 groupId=com.docusign
 artifactId=docusign-esign-java

target/maven-archiver/pom.properties

@@ -1,4 +1,4 @@
 -------------------------------------------------------------------------------
 Test set: SdkUnitTests
 -------------------------------------------------------------------------------
-Tests run: 11, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 63.306 sec
+Tests run: 11, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 60.9 sec

target/surefire-reports/SdkUnitTests.txt

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<testsuite failures="0" time="63.306" errors="0" skipped="0" tests="11" name="SdkUnitTests">
+<testsuite failures="0" time="60.9" errors="0" skipped="0" tests="11" name="SdkUnitTests">
   <properties>
     <property name="java.runtime.name" value="Java(TM) SE Runtime Environment"/>
     <property name="sun.boot.library.path" value="/Library/Java/JavaVirtualMachines/jdk1.7.0_79.jdk/Contents/Home/jre/lib"/>
@@ -62,15 +62,15 @@
     <property name="ftp.nonProxyHosts" value="local|*.local|169.254/16|*.169.254/16"/>
     <property name="sun.cpu.isalist" value=""/>
   </properties>
-  <testcase time="7.607" classname="SdkUnitTests" name="GetDiagnosticLogsTest"/>
-  <testcase time="8.014" classname="SdkUnitTests" name="ResendEnvelopeTest"/>
-  <testcase time="7.707" classname="SdkUnitTests" name="DownLoadEnvelopeDocumentsTest"/>
-  <testcase time="1.576" classname="SdkUnitTests" name="ImplicitLoginTest"/>
-  <testcase time="6.56" classname="SdkUnitTests" name="RequestSignatureFromTemplate"/>
-  <testcase time="4.572" classname="SdkUnitTests" name="JWTLoginTest"/>
-  <testcase time="1.569" classname="SdkUnitTests" name="AuthorizationCodeLoginTest"/>
-  <testcase time="7.076" classname="SdkUnitTests" name="EmbeddedSigningTest"/>
-  <testcase time="6.288" classname="SdkUnitTests" name="CreateTemplateTest"/>
-  <testcase time="6.905" classname="SdkUnitTests" name="RequestASignatureTest"/>
-  <testcase time="5.432" classname="SdkUnitTests" name="ListDocumentsTest"/>
+  <testcase time="5.097" classname="SdkUnitTests" name="JWTLoginTest"/>
+  <testcase time="8" classname="SdkUnitTests" name="ResendEnvelopeTest"/>
+  <testcase time="5.596" classname="SdkUnitTests" name="RequestSignatureFromTemplate"/>
+  <testcase time="1.656" classname="SdkUnitTests" name="AuthorizationCodeLoginTest"/>
+  <testcase time="7.593" classname="SdkUnitTests" name="DownLoadEnvelopeDocumentsTest"/>
+  <testcase time="5.456" classname="SdkUnitTests" name="ListDocumentsTest"/>
+  <testcase time="5.671" classname="SdkUnitTests" name="RequestASignatureTest"/>
+  <testcase time="6.068" classname="SdkUnitTests" name="CreateTemplateTest"/>
+  <testcase time="1.651" classname="SdkUnitTests" name="ImplicitLoginTest"/>
+  <testcase time="6.923" classname="SdkUnitTests" name="GetDiagnosticLogsTest"/>
+  <testcase time="7.189" classname="SdkUnitTests" name="EmbeddedSigningTest"/>
 </testsuite>