diff --git a/cert-extensions/pom.xml b/cert-extensions/pom.xml index 0d67ff24..e46bbbe4 100644 --- a/cert-extensions/pom.xml +++ b/cert-extensions/pom.xml @@ -10,7 +10,7 @@ sigval-parent se.swedenconnect.sigval - 1.2.7 + 1.2.8 Sweden Connect :: Signature validation :: X.509 Certificate Extensions @@ -75,11 +75,6 @@ - - se.swedenconnect.schemas.cert - authcontextinfo10-jaxb - test - org.glassfish.jaxb jaxb-runtime diff --git a/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/AuthnContextTest.java b/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/AuthnContextTest.java index 64cd15cc..a3f66de9 100644 --- a/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/AuthnContextTest.java +++ b/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/AuthnContextTest.java @@ -32,8 +32,6 @@ import se.swedenconnect.cert.extensions.data.saci.AttributeMapping; import se.swedenconnect.cert.extensions.data.saci.Attribute; import se.swedenconnect.cert.extensions.data.saci.SAMLAuthContext; -import se.swedenconnect.cert.extensions.jaxb.JaxbAuthnContext; -import se.swedenconnect.cert.extensions.jaxb.JaxbTestData; /** * Testing AuthContext DOM implementation @@ -74,27 +72,6 @@ void getAuthnContext() throws Exception { String xmlPrint3 = AuthnContext.printAuthnContext(samlAuthnContext, false); } - @Test - void interopTest() throws Exception { - AuthnContext.getInstance(JaxbTestData.getTestContext().toASN1Primitive()); - AuthnContext.getInstance(JaxbTestData.nullSamlNameJaxbAuthContext.toASN1Primitive(), false); - - IllegalArgumentException exception = Assertions.assertThrows(IllegalArgumentException.class, () -> { - AuthnContext.getInstance(JaxbTestData.nullSamlNameJaxbAuthContext.toASN1Primitive(), true); - }); - - AuthnContext testContext = TestData.getTestContext(true); - SAMLAuthContext samlAuthContext = testContext.getStatementInfoList().get(0); - Instant authInstant = samlAuthContext.getAuthContextInfo().getAuthenticationInstant(); - String printAuthContext = AuthnContext.printAuthnContext(samlAuthContext, false); - SAMLAuthContext parseSAMLAuthContext = new SAMLAuthContext(printAuthContext, false); - Assertions.assertEquals( - AbstractDomData.instantToString(authInstant), - AbstractDomData.instantToString(parseSAMLAuthContext.getAuthContextInfo().getAuthenticationInstant())); - log.info("Time expressed is expected: " + AbstractDomData.instantToString(authInstant)); - - JaxbAuthnContext jaxbAuthnContext = JaxbAuthnContext.getInstance(TestData.getTestContext(true).toASN1Primitive()); - } } \ No newline at end of file diff --git a/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/jaxb/JaxbAuthnContext.java b/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/jaxb/JaxbAuthnContext.java deleted file mode 100644 index 42952ac4..00000000 --- a/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/jaxb/JaxbAuthnContext.java +++ /dev/null @@ -1,220 +0,0 @@ -/* - * Copyright (c) 2020-2023. Sweden Connect - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package se.swedenconnect.cert.extensions.jaxb; - -import java.io.ByteArrayInputStream; -import java.io.StringWriter; -import java.nio.charset.StandardCharsets; -import java.util.ArrayList; -import java.util.List; -import java.util.logging.Logger; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; - -import org.bouncycastle.asn1.ASN1EncodableVector; -import org.bouncycastle.asn1.ASN1Object; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.ASN1Primitive; -import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.ASN1UTF8String; -import org.bouncycastle.asn1.DERSequence; -import org.bouncycastle.asn1.DERUTF8String; -import org.bouncycastle.asn1.x509.Extensions; - -import lombok.Getter; -import lombok.extern.slf4j.Slf4j; -import se.swedenconnect.cert.extensions.data.AuthnContextPrefixMapper; -import se.swedenconnect.schemas.cert.authcont.saci_1_0.SAMLAuthContext; - -/** - * AuthnContext X.509 extension implementation for extending Bouncycastle. - * - * @author Martin Lindström (martin@idsec.se) - * @author Stefan Santesson (stefan@idsec.se) - */ -@Slf4j -public class JaxbAuthnContext extends ASN1Object { - - public static final ASN1ObjectIdentifier OID = new ASN1ObjectIdentifier("1.2.752.201.5.1"); - public static final String CONTENT_TYPE = "http://id.elegnamnden.se/auth-cont/1.0/saci"; - - @Getter - private List statementInfoList = new ArrayList<>(); - - /** - * Creates an instance of the Authentication context extension - * - * @param obj - * object holding extension data - * @return Authentication context extension - */ - public static JaxbAuthnContext getInstance(final Object obj) { - if (obj instanceof JaxbAuthnContext) { - return (JaxbAuthnContext) obj; - } - if (obj != null) { - return new JaxbAuthnContext(ASN1Sequence.getInstance(obj)); - } - - return null; - } - - /** - * Creates an instance of the Authentication context extension - * - * @param extensions - * Authentication context extension - * @return Authentication context extension - */ - public static JaxbAuthnContext fromExtensions(final Extensions extensions) { - return JaxbAuthnContext.getInstance(extensions.getExtensionParsedValue(OID)); - } - - /** - * Internal constructor - * - * Parse the content of ASN1 sequence to populate set values - * - * @param seq - * ASN1 sequence - */ - private JaxbAuthnContext(final ASN1Sequence seq) { - this.statementInfoList = new ArrayList<>(); - try { - for (int i = 0; i < seq.size(); i++) { - final ASN1Sequence contSeq = ASN1Sequence.getInstance(seq.getObjectAt(i)); - final ASN1UTF8String contextType = ASN1UTF8String.getInstance(contSeq.getObjectAt(0)); - final ASN1UTF8String contextInfo = ASN1UTF8String.getInstance(contSeq.getObjectAt(1)); - final SAMLAuthContext samlAuthContext = getAuthnContext(contextInfo.getString()); - if (contextType.getString().equalsIgnoreCase(CONTENT_TYPE)) { - this.statementInfoList.add(samlAuthContext); - } - } - } - catch (final Exception e) { - throw new IllegalArgumentException("Bad extension content"); - } - } - - /** - * Constructor - * - * @param statementInfoList - * list of statement infos - */ - public JaxbAuthnContext(final List statementInfoList) { - this.statementInfoList = statementInfoList; - } - - /** - * Produce an object suitable for an ASN1OutputStream. - * - * 
-   * AuthenticationContexts ::= SEQUENCE SIZE (1..MAX) OF
-   *                            AuthenticationContext
-   *
-   * AuthenticationContext ::= SEQUENCE {
-   *     contextType     UTF8String,
-   *     contextInfo     UTF8String OPTIONAL
-   * }
-   *
- * - * @return ASN.1 object of the extension - */ - @Override - public ASN1Primitive toASN1Primitive() { - final ASN1EncodableVector authnConexts = new ASN1EncodableVector(); - - for (final SAMLAuthContext statementInfo : this.statementInfoList) { - final ASN1EncodableVector authnConext = new ASN1EncodableVector(); - try { - authnConext.add(new DERUTF8String(CONTENT_TYPE)); - final String contextXML = printAuthnContext(statementInfo, false); - authnConext.add(new DERUTF8String(contextXML)); - authnConexts.add(new DERSequence(authnConext)); - } - catch (final Exception ex) { - Logger.getLogger(JaxbAuthnContext.class.getName()).warning(ex.getMessage()); - } - } - return new DERSequence(authnConexts); - } - - /** {@inheritDoc} */ - @Override - public String toString() { - final StringBuilder b = new StringBuilder(); - // b.append("AuthenticationContext [\n"); - for (final SAMLAuthContext statementInfo : this.statementInfoList) { - b.append(" SAML Authentication Context Info (http://id.elegnamnden.se/auth-cont/1.0/saci):\n"); - try { - b.append(printAuthnContext(statementInfo, true)).append("\n"); - } - catch (final JAXBException ex) { - b.append("Bad XML content: ").append(ex.getMessage()).append("\n"); - } - } - return b.toString(); - } - - /** - * Creates a {@link SAMLAuthContext} object from an xml string - * - * @param xml - * xml string - * @return {@link SAMLAuthContext} object - * @throws JAXBException - * on error parsing data - */ - public static SAMLAuthContext getAuthnContext(final String xml) throws JAXBException { - return (SAMLAuthContext) JAXBContext.newInstance(SAMLAuthContext.class) - .createUnmarshaller() - .unmarshal(new ByteArrayInputStream(xml.getBytes(StandardCharsets.UTF_8))); - } - - /** - * Converts a {@link SAMLAuthContext} object to XML string - * - * @param authnConext - * {@link SAMLAuthContext} object - * @param formatted - * true to generate pretty printing version - * @return XML string - * @throws JAXBException - * on error parsing data - */ - public static String printAuthnContext(final SAMLAuthContext authnConext, final boolean formatted) throws JAXBException { - - final Marshaller marshaller = JAXBContext.newInstance(SAMLAuthContext.class).createMarshaller(); - marshaller.setProperty(Marshaller.JAXB_FRAGMENT, Boolean.TRUE); - try { - marshaller.setProperty("com.sun.xml.bind.namespacePrefixMapper", new AuthnContextPrefixMapper()); - } - catch (final Exception ex) { - log.warn("Unable to set the com.sun.xml.bind.namespacePrefixMapper property"); - } - if (formatted) { - marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - } - final StringWriter stringWriter = new StringWriter(); - marshaller.marshal(authnConext, stringWriter); - return stringWriter.toString(); - } - -} diff --git a/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/jaxb/JaxbTestData.java b/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/jaxb/JaxbTestData.java deleted file mode 100644 index 701d3bfe..00000000 --- a/cert-extensions/src/test/java/se/swedenconnect/cert/extensions/jaxb/JaxbTestData.java +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 2023. Sweden Connect - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package se.swedenconnect.cert.extensions.jaxb; - -import java.util.Date; -import java.util.GregorianCalendar; -import java.util.List; - -import javax.xml.datatype.DatatypeConfigurationException; -import javax.xml.datatype.DatatypeFactory; - -import se.swedenconnect.schemas.cert.authcont.saci_1_0.AttributeMapping; -import se.swedenconnect.schemas.cert.authcont.saci_1_0.AuthContextInfo; -import se.swedenconnect.schemas.cert.authcont.saci_1_0.IdAttributes; -import se.swedenconnect.schemas.cert.authcont.saci_1_0.SAMLAuthContext; -import se.swedenconnect.schemas.saml_2_0.assertion.Attribute; - -/** - * Description - * - * @author Martin Lindström (martin@idsec.se) - * @author Stefan Santesson (stefan@idsec.se) - */ -public class JaxbTestData { - - public static JaxbAuthnContext validJaxbAuthContext; - public static JaxbAuthnContext nullSamlNameJaxbAuthContext; - - static { - try { - SAMLAuthContext validSAMLAuthContext = new SAMLAuthContext(); - validSAMLAuthContext.setAuthContextInfo(getAuthContextInfo()); - IdAttributes validIdAttr = new IdAttributes(); - List validAttrMap = validIdAttr.getAttributeMappings(); - addValidAttrMappings(validAttrMap); - validSAMLAuthContext.setIdAttributes(validIdAttr); - validJaxbAuthContext = new JaxbAuthnContext(List.of(validSAMLAuthContext)); - } catch (Exception ex) { - ex.printStackTrace(); - } - - try { - SAMLAuthContext nullNameSAMLAuthContext = new SAMLAuthContext(); - nullNameSAMLAuthContext.setAuthContextInfo(getAuthContextInfo()); - IdAttributes nullNameIdAttr = new IdAttributes(); - List nullNameAttrMap = nullNameIdAttr.getAttributeMappings(); - addNullDefaultAttrMappings(nullNameAttrMap); - nullNameSAMLAuthContext.setIdAttributes(nullNameIdAttr); - nullSamlNameJaxbAuthContext = new JaxbAuthnContext(List.of(nullNameSAMLAuthContext)); - } catch (Exception ex) { - ex.printStackTrace(); - } - } - - public static JaxbAuthnContext getTestContext() throws Exception { - SAMLAuthContext jaxbSAMLAuthContext = new SAMLAuthContext(); - jaxbSAMLAuthContext.setAuthContextInfo(getAuthContextInfo()); - - IdAttributes idAttributes = new IdAttributes(); - List attributeMappings = idAttributes.getAttributeMappings(); - addValidAttrMappings(attributeMappings); - jaxbSAMLAuthContext.setIdAttributes(idAttributes); - - return new JaxbAuthnContext(List.of(jaxbSAMLAuthContext)); - } - - private static void addValidAttrMappings(List attributeMappings) { - attributeMappings.add(createAttributeMapping("urn:oid:1.2.752.29.4.13", "rdn", "2.5.4.5", "123123123")); - attributeMappings.add(createAttributeMapping("default", "rdn", "2.5.4.6", "SE")); - attributeMappings.add(createAttributeMapping("urn:oid:2.5.4.42", "rdn", "2.5.4.42", "Majlis")); - attributeMappings.add(createAttributeMapping("urn:oid:2.5.4.4", "rdn", "2.5.4.4", "Medin")); - attributeMappings.add( - createAttributeMapping("urn:oid:2.16.840.1.113730.3.1.241", "rdn", "2.5.4.3", "Majlis Medin")); - } - - private static void addNullDefaultAttrMappings(List attributeMappings) { - attributeMappings.add(createAttributeMapping("urn:oid:1.2.752.29.4.13", "rdn", "2.5.4.5", "123123123")); - attributeMappings.add(createAttributeMapping(null, "rdn", "2.5.4.6", "SE")); - attributeMappings.add(createAttributeMapping("urn:oid:2.5.4.42", "rdn", "2.5.4.42", "Majlis")); - attributeMappings.add(createAttributeMapping("urn:oid:2.5.4.4", "rdn", "2.5.4.4", "Medin")); - attributeMappings.add( - createAttributeMapping("urn:oid:2.16.840.1.113730.3.1.241", "rdn", "2.5.4.3", "Majlis Medin")); - } - - private static AuthContextInfo getAuthContextInfo() throws Exception { - AuthContextInfo authContextInfo = new AuthContextInfo(); - authContextInfo.setIdentityProvider("http://example.com/idp"); - authContextInfo.setAuthnContextClassRef("http://example.com/loa"); - authContextInfo.setAssertionRef("_123123123"); - final GregorianCalendar gcal = new GregorianCalendar(); - gcal.setTime(new Date()); - authContextInfo.setAuthenticationInstant(DatatypeFactory.newInstance().newXMLGregorianCalendar(gcal)); - authContextInfo.setServiceID("service"); - return authContextInfo; - } - - private static AttributeMapping createAttributeMapping(String samlName, String type, String ref, String val) { - AttributeMapping mapping = new AttributeMapping(); - mapping.setType(type); - mapping.setRef(ref); - - Attribute attribute = new Attribute(); - attribute.setName(samlName); - attribute.getAttributeValues().add(val); - mapping.setAttribute(attribute); - return mapping; - } -} diff --git a/cert-validation/pom.xml b/cert-validation/pom.xml index ee3212ca..8c34f0e4 100644 --- a/cert-validation/pom.xml +++ b/cert-validation/pom.xml @@ -10,7 +10,7 @@ sigval-parent se.swedenconnect.sigval - 1.2.7 + 1.2.8 Sweden Connect :: Signature validation :: X.509 Certificate Validation diff --git a/pom.xml b/pom.xml index 4e91d815..9d484cb5 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ se.swedenconnect.sigval sigval-parent pom - 1.2.7 + 1.2.8 Sweden Connect :: Parent POM for Signature Validation Parent POM for SignService Validation libraries @@ -104,7 +104,7 @@ org.apache.santuario xmlsec - 2.3.3 + 2.3.4 diff --git a/sigval-commons/pom.xml b/sigval-commons/pom.xml index 089df6dc..64be3d1a 100644 --- a/sigval-commons/pom.xml +++ b/sigval-commons/pom.xml @@ -9,7 +9,7 @@ sigval-parent se.swedenconnect.sigval - 1.2.7 + 1.2.8 Sweden Connect :: Signature validation :: Commons diff --git a/sigval-jose/pom.xml b/sigval-jose/pom.xml index bcbac515..13775fed 100644 --- a/sigval-jose/pom.xml +++ b/sigval-jose/pom.xml @@ -9,7 +9,7 @@ sigval-parent se.swedenconnect.sigval - 1.2.7 + 1.2.8 Sweden Connect :: Signature validation :: JOSE diff --git a/sigval-pdf/pom.xml b/sigval-pdf/pom.xml index 444d8727..dbaf25fb 100644 --- a/sigval-pdf/pom.xml +++ b/sigval-pdf/pom.xml @@ -10,7 +10,7 @@ sigval-parent se.swedenconnect.sigval - 1.2.7 + 1.2.8 Sweden Connect :: Signature validation :: PDF @@ -52,6 +52,25 @@ + + + + org.apache.xmlgraphics + batik-transcoder + 1.17 + + + org.apache.xmlgraphics + batik-codec + 1.17 + + + org.apache.xmlgraphics + batik-bridge + 1.17 + + + diff --git a/sigval-report/pom.xml b/sigval-report/pom.xml index 7c04b316..24eb7e13 100644 --- a/sigval-report/pom.xml +++ b/sigval-report/pom.xml @@ -5,7 +5,7 @@ sigval-parent se.swedenconnect.sigval - 1.2.7 + 1.2.8 4.0.0 diff --git a/sigval-xml/pom.xml b/sigval-xml/pom.xml index 5078af27..6407c472 100644 --- a/sigval-xml/pom.xml +++ b/sigval-xml/pom.xml @@ -9,7 +9,7 @@ sigval-parent se.swedenconnect.sigval - 1.2.7 + 1.2.8 Sweden Connect :: Signature validation :: XML