Updated to peppol-commons 9.6.0

phase4-dynamic-discovery/src/main/java/com/helger/phase4/dynamicdiscovery/AS4EndpointDetailProviderPeppol.java

@@ -45,6 +45,7 @@
 import com.helger.smpclient.peppol.ISMPServiceMetadataProvider;
 import com.helger.smpclient.peppol.PeppolWildcardSelector;
 import com.helger.smpclient.peppol.PeppolWildcardSelector.EMode;
+import com.helger.smpclient.peppol.Pfuoi420;
 import com.helger.smpclient.peppol.SMPClientReadOnly;
 import com.helger.xsds.peppol.smp1.EndpointType;
 import com.helger.xsds.peppol.smp1.ServiceGroupType;
@@ -175,6 +176,7 @@ public final EndpointType getEndpoint ()
 
   @Nullable
   @OverrideOnDemand
+  @Pfuoi420
   protected SignedServiceMetadataType resolvedBusdoxServiceMetadata (@Nonnull final IParticipantIdentifier aReceiverID,
                                                                      @Nonnull final IDocumentTypeIdentifier aDocTypeID) throws SMPClientException
   {
@@ -183,9 +185,9 @@ protected SignedServiceMetadataType resolvedBusdoxServiceMetadata (@Nonnull fina
     return m_aServiceMetadataProvider.getServiceMetadata (aReceiverID, aDocTypeID);
   }
 
-  @SuppressWarnings ("removal")
   @Nullable
   @OverrideOnDemand
+  @Pfuoi420
   protected SignedServiceMetadataType resolvedWildcardServiceMetadata (@Nonnull final IParticipantIdentifier aReceiverID,
                                                                        @Nonnull final IDocumentTypeIdentifier aDocTypeID) throws SMPClientException
   {

phase4-peppol-client/src/main/java/com/helger/phase4/peppol/Phase4PeppolSender.java

@@ -57,9 +57,9 @@
 import com.helger.peppol.sbdh.spec12.BinaryContentType;
 import com.helger.peppol.sbdh.spec12.TextContentType;
 import com.helger.peppol.sbdh.write.PeppolSBDHDocumentWriter;
-import com.helger.peppol.utils.CertificateRevocationChecker;
 import com.helger.peppol.utils.EPeppolCertificateCheckResult;
 import com.helger.peppol.utils.ERevocationCheckMode;
+import com.helger.peppol.utils.PeppolCAChecker;
 import com.helger.peppol.utils.PeppolCertificateChecker;
 import com.helger.peppol.utils.PeppolCertificateHelper;
 import com.helger.peppolid.IDocumentTypeIdentifier;
@@ -274,6 +274,9 @@ private static void _validatePayload (@Nonnull final Element aPayloadElement,
   /**
    * Check if the provided certificate is a valid Peppol AP certificate.
    *
+   * @param aCAChecker
+   *        The Peppol CA checker to be used to verify the Peppol AP
+   *        certificate. May not be <code>null</code>.
    * @param aReceiverCert
    *        The determined receiver AP certificate to check. Never
    *        <code>null</code>.
@@ -292,7 +295,8 @@ private static void _validatePayload (@Nonnull final Element aPayloadElement,
    * @throws Phase4PeppolException
    *         in case of error
    */
-  private static void _checkReceiverAPCert (@Nullable final X509Certificate aReceiverCert,
+  private static void _checkReceiverAPCert (@Nonnull final PeppolCAChecker aCAChecker,
+                                            @Nullable final X509Certificate aReceiverCert,
                                             @Nullable final IPhase4PeppolCertificateCheckResultHandler aCertificateConsumer,
                                             @Nonnull final ETriState eCacheOSCResult,
                                             @Nullable final ERevocationCheckMode eCheckMode) throws Phase4PeppolException
@@ -301,10 +305,10 @@ private static void _checkReceiverAPCert (@Nullable final X509Certificate aRecei
       LOGGER.debug ("Using the following receiver AP certificate from the SMP: " + aReceiverCert);
 
     final OffsetDateTime aNow = MetaAS4Manager.getTimestampMgr ().getCurrentDateTime ();
-    final EPeppolCertificateCheckResult eCertCheckResult = PeppolCertificateChecker.checkPeppolAPCertificate (aReceiverCert,
-                                                                                                              aNow,
-                                                                                                              eCacheOSCResult,
-                                                                                                              eCheckMode);
+    final EPeppolCertificateCheckResult eCertCheckResult = aCAChecker.checkCertificate (aReceiverCert,
+                                                                                        aNow,
+                                                                                        eCacheOSCResult,
+                                                                                        eCheckMode);
 
     // Interested in the certificate?
     if (aCertificateConsumer != null)
@@ -377,10 +381,12 @@ public abstract static class AbstractPeppolUserMessageBuilder <IMPLTYPE extends
     protected boolean m_bCompressPayload;
     protected String m_sPayloadContentID;
 
+    // This value is set for backwards compatibility reasons
     protected IAS4EndpointDetailProvider m_aEndpointDetailProvider;
     private IPhase4PeppolCertificateCheckResultHandler m_aCertificateConsumer;
     private Consumer <String> m_aAPEndpointURLConsumer;
     private boolean m_bCheckReceiverAPCertificate;
+    protected PeppolCAChecker m_aCAChecker;
 
     // Status var
     private OffsetDateTime m_aEffectiveSendingDT;
@@ -405,7 +411,10 @@ public AbstractPeppolUserMessageBuilder ()
         toRole (CAS4.DEFAULT_RESPONDER_URL);
         payloadMimeType (CMimeType.APPLICATION_XML);
         compressPayload (DEFAULT_COMPRESS_PAYLOAD);
+
         checkReceiverAPCertificate (DEFAULT_CHECK_RECEIVER_AP_CERTIFICATE);
+        // This value is set for backwards compatibility reasons
+        peppolAP_CAChecker (PeppolCertificateChecker.peppolAllAP ());
       }
       catch (final Exception ex)
       {
@@ -748,6 +757,28 @@ public final IMPLTYPE checkReceiverAPCertificate (final boolean bCheckReceiverAP
       return thisAsT ();
     }
 
+    /**
+     * Set a custom Peppol AP certificate CA checker. This is e.g. needed when a
+     * non-standard AP certificate (as for Peppol France PoC or Peppol eB2B) is
+     * needed. This CA checker checks the certificate provided by the endpoint
+     * detail provider (see below). This checker is only used, if
+     * {@link #checkReceiverAPCertificate(boolean)} was called with
+     * <code>true</code>.
+     *
+     * @param aCAChecker
+     *        The Certificate CA checker to be used. May not be
+     *        <code>null</code>.
+     * @return this for chaining
+     * @since 3.0.0-rc1
+     */
+    @Nonnull
+    public final IMPLTYPE peppolAP_CAChecker (@Nonnull final PeppolCAChecker aCAChecker)
+    {
+      ValueEnforcer.notNull (aCAChecker, "CAChecker");
+      m_aCAChecker = aCAChecker;
+      return thisAsT ();
+    }
+
     /**
      * The effective sending date time of the message. That is set only if
      * message sending takes place.
@@ -805,9 +836,9 @@ protected ESuccess finishFields () throws Phase4Exception
       final X509Certificate aReceiverCert = m_aEndpointDetailProvider.getReceiverAPCertificate ();
       if (m_bCheckReceiverAPCertificate)
       {
-        // CHeck if the received certificate is a valid Peppol AP certificate
+        // Check if the received certificate is a valid Peppol AP certificate
         // Throws Phase4PeppolException in case of error
-        _checkReceiverAPCert (aReceiverCert, m_aCertificateConsumer, ETriState.UNDEFINED, null);
+        _checkReceiverAPCert (m_aCAChecker, aReceiverCert, m_aCertificateConsumer, ETriState.UNDEFINED, null);
       }
       else
       {

phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolDefaultReceiverConfiguration.java

@@ -26,14 +26,14 @@
 import org.slf4j.LoggerFactory;
 
 import com.helger.commons.ValueEnforcer;
-import com.helger.commons.annotation.DevelopersNote;
 import com.helger.commons.string.StringHelper;
 import com.helger.peppol.sbdh.read.PeppolSBDHDocumentReader;
 import com.helger.phase4.CAS4;
 import com.helger.phase4.peppol.servlet.Phase4PeppolReceiverConfiguration.Phase4PeppolReceiverConfigurationBuilder;
 import com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider;
 import com.helger.smpclient.peppol.PeppolWildcardSelector;
 import com.helger.smpclient.peppol.PeppolWildcardSelector.EMode;
+import com.helger.smpclient.peppol.Pfuoi420;
 
 /**
  * This class contains the references values against which incoming values are
@@ -51,17 +51,15 @@
 public final class Phase4PeppolDefaultReceiverConfiguration
 {
   public static final boolean DEFAULT_RECEIVER_CHECK_ENABLED = true;
-  @Deprecated (forRemoval = true, since = "3.0.0")
-  @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025")
+  @Pfuoi420
   public static final EMode DEFAULT_WILDCARD_SELECTION_MODE = EMode.WILDCARD_ONLY;
   public static final boolean DEFAULT_CHECK_SIGNING_CERTIFICATE_REVOCATION = true;
 
   private static final Logger LOGGER = LoggerFactory.getLogger (Phase4PeppolDefaultReceiverConfiguration.class);
 
   private static boolean s_bReceiverCheckEnabled = DEFAULT_RECEIVER_CHECK_ENABLED;
   private static ISMPExtendedServiceMetadataProvider s_aSMPClient;
-  @Deprecated (forRemoval = true, since = "3.0.0")
-  @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025")
+  @Pfuoi420
   private static PeppolWildcardSelector.EMode s_eWildcardSelectionMode = DEFAULT_WILDCARD_SELECTION_MODE;
   private static String s_sAS4EndpointURL;
   private static X509Certificate s_aAPCertificate;
@@ -132,8 +130,7 @@ public static void setSMPClient (@Nullable final ISMPExtendedServiceMetadataProv
    * @since 2.7.3
    */
   @Nonnull
-  @Deprecated (forRemoval = true, since = "3.0.0")
-  @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025")
+  @Pfuoi420
   public static PeppolWildcardSelector.EMode getWildcardSelectionMode ()
   {
     return s_eWildcardSelectionMode;
@@ -148,8 +145,7 @@ public static PeppolWildcardSelector.EMode getWildcardSelectionMode ()
    *        <code>null</code>.
    * @since 2.7.3
    */
-  @Deprecated (forRemoval = true, since = "3.0.0")
-  @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025")
+  @Pfuoi420
   public static void setWildcardSelectionMode (@Nonnull final PeppolWildcardSelector.EMode eWildcardSelectionMode)
   {
     ValueEnforcer.notNull (eWildcardSelectionMode, "WildcardSlectionMode");
@@ -299,7 +295,6 @@ public static void setCheckSigningCertificateRevocation (final boolean b)
    * @return Completely filled builder. Never <code>null</code>.
    * @since 3.0.0 Beta7
    */
-  @SuppressWarnings ("removal")
   @Nonnull
   public static Phase4PeppolReceiverConfigurationBuilder getAsReceiverCheckDataBuilder ()
   {

phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolReceiverConfiguration.java

@@ -23,12 +23,12 @@
 import javax.annotation.concurrent.Immutable;
 
 import com.helger.commons.ValueEnforcer;
-import com.helger.commons.annotation.DevelopersNote;
 import com.helger.commons.builder.IBuilder;
 import com.helger.commons.string.StringHelper;
 import com.helger.commons.string.ToStringGenerator;
 import com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider;
 import com.helger.smpclient.peppol.PeppolWildcardSelector;
+import com.helger.smpclient.peppol.Pfuoi420;
 
 /**
  * This class contains the "per-request" data of
@@ -43,8 +43,7 @@ public final class Phase4PeppolReceiverConfiguration
 {
   private final boolean m_bReceiverCheckEnabled;
   private final ISMPExtendedServiceMetadataProvider m_aSMPClient;
-  @Deprecated (forRemoval = true, since = "3.0.0")
-  @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025")
+  @Pfuoi420
   private final PeppolWildcardSelector.EMode m_eWildcardSelectionMode;
   private final String m_sAS4EndpointURL;
   private final X509Certificate m_aAPCertificate;
@@ -80,7 +79,6 @@ public final class Phase4PeppolReceiverConfiguration
    *        performed.
    * @since 2.8.1
    */
-  @SuppressWarnings ("deprecation")
   public Phase4PeppolReceiverConfiguration (final boolean bReceiverCheckEnabled,
                                             @Nullable final ISMPExtendedServiceMetadataProvider aSMPClient,
                                             @Nonnull final PeppolWildcardSelector.EMode eWildcardSelectionMode,
@@ -130,8 +128,7 @@ public ISMPExtendedServiceMetadataProvider getSMPClient ()
    * @since 2.7.3
    */
   @Nonnull
-  @Deprecated (forRemoval = true, since = "3.0.0")
-  @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025")
+  @Pfuoi420
   public PeppolWildcardSelector.EMode getWildcardSelectionMode ()
   {
     return m_eWildcardSelectionMode;
@@ -225,8 +222,7 @@ public static class Phase4PeppolReceiverConfigurationBuilder implements IBuilder
   {
     private boolean m_bReceiverCheckEnabled;
     private ISMPExtendedServiceMetadataProvider m_aSMPClient;
-    @Deprecated (forRemoval = true, since = "3.0.0")
-    @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025")
+    @Pfuoi420
     private PeppolWildcardSelector.EMode m_eWildcardSelectionMode;
     private String m_sAS4EndpointURL;
     private X509Certificate m_aAPCertificate;
@@ -264,8 +260,7 @@ public Phase4PeppolReceiverConfigurationBuilder serviceMetadataProvider (@Nullab
     }
 
     @Nonnull
-    @Deprecated (forRemoval = true, since = "3.0.0")
-    @DevelopersNote ("This was valid for Policy for use of Identifiers 4.2.0. This is no longer valid with PFUOI 4.3.0 from May 15th 2025")
+    @Pfuoi420
     public Phase4PeppolReceiverConfigurationBuilder wildcardSelectionMode (@Nullable final PeppolWildcardSelector.EMode e)
     {
       m_eWildcardSelectionMode = e;

phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java

@@ -88,6 +88,7 @@
 import com.helger.security.certificate.CertificateHelper;
 import com.helger.smpclient.peppol.ISMPExtendedServiceMetadataProvider;
 import com.helger.smpclient.peppol.PeppolWildcardSelector;
+import com.helger.smpclient.peppol.Pfuoi420;
 import com.helger.smpclient.peppol.SMPClientReadOnly;
 import com.helger.xml.serialize.write.XMLWriter;
 import com.helger.xsds.peppol.smp1.EndpointType;
@@ -269,7 +270,6 @@ public final Phase4PeppolServletMessageProcessorSPI setReceiverCheckData (@Nulla
     return this;
   }
 
-  @SuppressWarnings ({ "deprecation", "removal" })
   @Nullable
   private EndpointType _getReceiverEndpoint (@Nonnull final String sLogPrefix,
                                              @Nonnull final ISMPExtendedServiceMetadataProvider aSMPClient,
@@ -305,6 +305,7 @@ private EndpointType _getReceiverEndpoint (@Nonnull final String sLogPrefix,
       if (bWildcard)
       {
         // Wildcard lookup
+        @Pfuoi420
         final SignedServiceMetadataType aSSM = aSMPClient.getWildcardServiceMetadataOrNull (aRecipientID,
                                                                                             aDocTypeID,
                                                                                             eWildcardSelectionMode);

phase4-profile-peppol/src/main/java/com/helger/phase4/profile/peppol/PeppolCRLDownloader.java

@@ -26,7 +26,7 @@
 import com.helger.httpclient.HttpClientSettings;
 import com.helger.peppol.utils.CRLCache;
 import com.helger.peppol.utils.CRLDownloader;
-import com.helger.peppol.utils.CertificateRevocationChecker;
+import com.helger.peppol.utils.CertificateRevocationCheckerDefaults;
 
 /**
  * The Peppol specific CRL downloader using the {@link HttpClientUrlDownloader}
@@ -82,7 +82,7 @@ public static void setAsDefaultCRLCache (@Nonnull final HttpClientSettings aHCS)
     ValueEnforcer.notNull (aHCS, "HttpClientSettings");
 
     LOGGER.info ("Installing the PeppolCRLDownloader as the default CRL cache using HttpClientSettings " + aHCS);
-    CertificateRevocationChecker.setDefaultCRLCache (new CRLCache (new PeppolCRLDownloader (aHCS),
-                                                                   CRLCache.DEFAULT_CACHING_DURATION));
+    CertificateRevocationCheckerDefaults.setDefaultCRLCache (new CRLCache (new PeppolCRLDownloader (aHCS),
+                                                                           CRLCache.DEFAULT_CACHING_DURATION));
   }
 }

pom.xml

@@ -77,7 +77,7 @@
     <bctls.version>1.79</bctls.version>
     <log4j.version>2.24.1</log4j.version>
     <ph-xsds.version>3.0.0</ph-xsds.version>
-    <peppol-commons.version>9.6.0-SNAPSHOT</peppol-commons.version>
+    <peppol-commons.version>9.6.0</peppol-commons.version>
     <peppol-reporting.version>3.0.2</peppol-reporting.version>
     <ph-commons.version>11.1.10</ph-commons.version>
     <ph-ubl.version>9.0.3</ph-ubl.version>