diff --git a/get-server/pom.xml b/get-server/pom.xml
index dd63a29..4867158 100644
--- a/get-server/pom.xml
+++ b/get-server/pom.xml
@@ -185,7 +185,7 @@
ee.cyber.cdoc2
cdoc2-lib
- 2.0.1-SNAPSHOT
+ 2.0.0
test
@@ -264,8 +264,8 @@
ee.cyber.cdoc2
cdoc2-lib
-
- 2.0.1-SNAPSHOT
+
+ 2.0.0
test-jar
test
diff --git a/get-server/src/test/java/ee/cyber/cdoc2/server/GetKeyCapsuleApiTests.java b/get-server/src/test/java/ee/cyber/cdoc2/server/GetKeyCapsuleApiTests.java
index 07e2c0c..34703cf 100644
--- a/get-server/src/test/java/ee/cyber/cdoc2/server/GetKeyCapsuleApiTests.java
+++ b/get-server/src/test/java/ee/cyber/cdoc2/server/GetKeyCapsuleApiTests.java
@@ -56,7 +56,7 @@
class GetKeyCapsuleApiTests extends KeyCapsuleIntegrationTest {
// read hardware PKCS11 device conf from a properties file
- private Pkcs11DeviceConfiguration pkcs11Conf = new Pkcs11DeviceConfiguration();
+ private Pkcs11DeviceConfiguration pkcs11Conf = Pkcs11DeviceConfiguration.load();
// rest client with client auth using keystore rsa/client-rsa-2048.p12
@Qualifier("trustAllWithClientAuth")
@@ -202,14 +202,14 @@ void testKeyServerPropertiesClientPKCS11(boolean interactive) throws Exception {
prop += "cdoc2.client.ssl.trust-store.type=JKS\n";
prop += "cdoc2.client.ssl.trust-store=" + TestData.getKeysDirectory().resolve("clienttruststore.jks") + "\n";
prop += "cdoc2.client.ssl.trust-store-password=passwd\n";
- prop += "pkcs11-library=" + pkcs11Conf.getPkcs11Library() + "\n";
+ prop += "pkcs11-library=" + pkcs11Conf.pkcs11Library() + "\n";
prop += "cdoc2.client.ssl.client-store.type=PKCS11\n";
if (interactive) {
prop += "cdoc2.client.ssl.client-store-password.prompt=PIN1\n";
} else {
- prop += "cdoc2.client.ssl.client-store-password=" + new String(pkcs11Conf.getPin()) + "\n";
+ prop += "cdoc2.client.ssl.client-store-password=" + new String(pkcs11Conf.pin()) + "\n";
}
Properties p = new Properties();
@@ -223,7 +223,7 @@ void testKeyServerPropertiesClientPKCS11(boolean interactive) throws Exception {
// Storing clientKeyStore in KeyServerPropertiesClient is a bit of hack for tests.
// It's required to get recipient pub key
// normally recipient certificate would come from LDAP, but for test-id card certs are not in LDAP
- X509Certificate cert = (X509Certificate) client.getClientCertificate(pkcs11Conf.getKeyAlias());
+ X509Certificate cert = (X509Certificate) client.getClientCertificate(pkcs11Conf.keyAlias());
assertNotNull(cert);
// Client public key TLS encoded binary base64 encoded
PublicKey recipientPubKey = cert.getPublicKey();
@@ -264,7 +264,7 @@ void testKeyServerPropertiesClientPKCS11(boolean interactive) throws Exception {
void testPKCS11Client() throws Exception {
//PIN1 for 37101010021 test id-kaart
- var protectionParameter = new KeyStore.PasswordProtection(pkcs11Conf.getPin());
+ var protectionParameter = new KeyStore.PasswordProtection(pkcs11Conf.pin());
//Or ask pin interactively
@SuppressWarnings("java:S125")
@@ -274,8 +274,8 @@ void testPKCS11Client() throws Exception {
KeyStore trustKeyStore = null;
try {
clientKeyStore = Pkcs11Tools.initPKCS11KeysStore(
- pkcs11Conf.getPkcs11Library(),
- pkcs11Conf.getSlot(),
+ pkcs11Conf.pkcs11Library(),
+ pkcs11Conf.slot(),
protectionParameter
);
@@ -292,7 +292,7 @@ void testPKCS11Client() throws Exception {
log.debug("aliases: {}", Collections.list(clientKeyStore.aliases()));
- X509Certificate cert = (X509Certificate) clientKeyStore.getCertificate(pkcs11Conf.getKeyAlias());
+ X509Certificate cert = (X509Certificate) clientKeyStore.getCertificate(pkcs11Conf.keyAlias());
log.debug("Certificate issuer is {}. This must be in server truststore "
+ "or SSL handshake will fail with cryptic error", cert.getIssuerDN());
diff --git a/put-server/pom.xml b/put-server/pom.xml
index 813c7fc..a301b82 100644
--- a/put-server/pom.xml
+++ b/put-server/pom.xml
@@ -194,15 +194,15 @@
ee.cyber.cdoc2
cdoc2-lib
- 2.0.1-SNAPSHOT
+ 2.0.0
test
ee.cyber.cdoc2
cdoc2-lib
-
- 2.0.1-SNAPSHOT
+
+ 2.0.0
test-jar
test
diff --git a/put-server/src/test/java/ee/cyber/cdoc2/server/CreateKeyCapsuleIntegrationTest.java b/put-server/src/test/java/ee/cyber/cdoc2/server/CreateKeyCapsuleIntegrationTest.java
index 2dd9525..9e2307b 100644
--- a/put-server/src/test/java/ee/cyber/cdoc2/server/CreateKeyCapsuleIntegrationTest.java
+++ b/put-server/src/test/java/ee/cyber/cdoc2/server/CreateKeyCapsuleIntegrationTest.java
@@ -56,7 +56,7 @@
class CreateKeyCapsuleIntegrationTest extends KeyCapsuleIntegrationTest {
// read hardware PKCS11 device conf from a properties file
- private Pkcs11DeviceConfiguration pkcs11Conf = new Pkcs11DeviceConfiguration();
+ private Pkcs11DeviceConfiguration pkcs11Conf = Pkcs11DeviceConfiguration.load();
@Qualifier("trustAllNoClientAuth")
@Autowired
@@ -203,7 +203,7 @@ void testKeyServerPropertiesClientPKCS11(boolean interactive) throws Exception {
// Storing clientKeyStore in KeyCapsulesClientImpl is a bit of hack for tests.
// normally recipient certificate would come from LDAP, but for test-id card certs are not in LDAP
- X509Certificate cert = (X509Certificate) client.getClientCertificate(pkcs11Conf.getKeyAlias());
+ X509Certificate cert = (X509Certificate) client.getClientCertificate(pkcs11Conf.keyAlias());
assertNotNull(cert);
// Client public key TLS encoded binary base64 encoded
@@ -248,13 +248,13 @@ private String getProperties(boolean interactive) {
prop += "cdoc2.client.ssl.trust-store.type=JKS\n";
prop += "cdoc2.client.ssl.trust-store=" + TestData.getKeysDirectory().resolve("clienttruststore.jks") + "\n";
prop += "cdoc2.client.ssl.trust-store-password=passwd\n";
- prop += "pkcs11-library=" + pkcs11Conf.getPkcs11Library() + "\n";
+ prop += "pkcs11-library=" + pkcs11Conf.pkcs11Library() + "\n";
prop += "cdoc2.client.ssl.client-store.type=PKCS11\n";
if (interactive) {
prop += "cdoc2.client.ssl.client-store-password.prompt=PIN1\n";
} else {
- prop += "cdoc2.client.ssl.client-store-password=" + Arrays.toString(pkcs11Conf.getPin()) + "\n";
+ prop += "cdoc2.client.ssl.client-store-password=" + Arrays.toString(pkcs11Conf.pin()) + "\n";
}
return prop;
}
@@ -263,15 +263,15 @@ private String getProperties(boolean interactive) {
@Tag("pkcs11")
void testPKCS11Client() throws Exception {
//PIN from conf file
- var protectionParameter = new KeyStore.PasswordProtection(pkcs11Conf.getPin());
+ var protectionParameter = new KeyStore.PasswordProtection(pkcs11Conf.pin());
KeyStore clientKeyStore = null;
KeyStore trustKeyStore = null;
- String pkcs11Library = pkcs11Conf.getPkcs11Library();
+ String pkcs11Library = pkcs11Conf.pkcs11Library();
log.info("Oleska: library in testPKCS11Client() in integration test: " + pkcs11Library);
try {
clientKeyStore = Pkcs11Tools.initPKCS11KeysStore(
- pkcs11Conf.getPkcs11Library(), pkcs11Conf.getSlot(), protectionParameter
+ pkcs11Conf.pkcs11Library(), pkcs11Conf.slot(), protectionParameter
);
trustKeyStore = KeyStore.getInstance("JKS");
@@ -285,7 +285,7 @@ void testPKCS11Client() throws Exception {
assert clientKeyStore != null;
log.debug("aliases: {}", Collections.list(clientKeyStore.aliases()));
- X509Certificate cert = (X509Certificate) clientKeyStore.getCertificate(pkcs11Conf.getKeyAlias());
+ X509Certificate cert = (X509Certificate) clientKeyStore.getCertificate(pkcs11Conf.keyAlias());
log.debug("Certificate issuer is {}. This must be in server truststore "
+ "or SSL handshake will fail with cryptic error", cert.getIssuerX500Principal());