phase4 2.5.0

• Updated to peppol-reporting 2.1.4 containing the updated Schematron rules for EUSR and TSR
• Added the missing call to IAS4ProfileValidator.validateSignalMessage
• Fixed the ID type for BDEW participants. See #178 - thanks @problemzebra2
• Made the payload check for BDEW optional. See #180 - thanks @problemzebra2
• Added new SPI interface com.helger.phase4.incoming.spi.IAS4IncomingMessageProcessingStatusSPI to be used as a callback for incoming message processing start and end
• Added a possibility to verify the TLS client certificate via the AS4 profile. See #182 - thanks @problemzebra2
• Extended the API of IAS4SignalMessageConsumer.handleSignalMessage with IAS4IncomingMessageMetadata. (backward incompatible change) See #177 - thanks @sopgreg
• Extended the API of IAS4UserMessageConsumer.handleUserMessage with IAS4IncomingMessageMetadata for consistency. (backward incompatible change)

What's Changed

• Wrong PartyId type for DVGW and GLN code numbers #178 by @problemzebra2 in #179
• Bump org.apache.santuario:xmlsec from 3.0.2 to 3.0.3 by @dependabot in #185
• Not possible to send BDEW path switch messages because a payload is a… by @problemzebra2 in #181
• IAS4ProfileValidator: new validation, relates to #182 by @koes-soptim in #183

New Contributors

• @koes-soptim made their first contribution in #183

Full Changelog: phase4-parent-pom-2.4.0...phase4-parent-pom-2.5.0

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.2
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.8
• phive-engine 9.0.0
• phive-rules-peppol 3.1.2
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.76
• WSS4J 3.0.1
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase 2.4.0

• Updated to peppol-reporting 2.1.3 containing the updated Schematron rules for EUSR and TSR
• The BDEW sender client sets a the agreementRef value to https://www.bdew.de/as4/communication/agreement by default
• Added new enum ECryptoMode to differentiate between sign/encrypt and verify/decrypt
• Added a mandatory ECryptoMode parameter to IAS4CryptoFactory.getCrypto(...)
• Fixed a regression introduced in v2.2.2 that affects BDEW and ENTSOG - the payload parameters are set correctly again. See #172 - thanks @problemzebra2

What's Changed

• Phase4BDEWSender: Reuse existing constant by @sopgreg in #171

Full Changelog: phase4-parent-pom-2.3.0...phase4-parent-pom-2.4.0

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.2
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.0
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.8
• phive-engine 9.0.0
• phive-rules-peppol 3.1.0
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.76
• WSS4J 3.0.1
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase 2.3.0

• Updated to phive 9.x
• Deprecated AS4MessageProcessorResult.createFailure(String) in favour of AS4MessageProcessorResult.createFailure(). See issue #162 - thanks @sopgreg
• Deprecated AS4SignalMessageProcessorResult.createFailure(String) in favour of AS4SignalMessageProcessorResult.createFailure(). See issue #162 - thanks @sopgreg
• Extended the AS4UserMessage.create message to also include the optional MPC parameter
• Peppol incoming handler denies messages that are not signed and encrypted
• Fixed the default BDEW crypting key identifier. See issue #167 - thanks @problemzebra2
• Extended the IAS4IncomingSecurityConfiguration interface to include the full AS4SigningParams and AS4CryptParams objects. See #165 and issue #166 - thanks @sopgreg and @problemzebra2
• The method AS4ProfileSelector.getAS4ProfileID () now also falls back to IAS4ProfileManager.getDefaultProfileOrNull()

Full Changelog: phase4-parent-pom-2.2.2...phase4-parent-pom-2.3.0

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.2
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.0
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.8
• phive-engine 9.0.0
• phive-rules-peppol 3.1.0
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.76
• WSS4J 3.0.1
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.2.2

• Updated to peppol-commons 9.0.8
• The "Certificate Consumer" in the Peppol client is now also invoked, when .checkReceiverAPCertificate(false) is called
• The class AbstractENTSOGUserMessageBuilder is now derived from AbstractAS4UserMessageBuilderMIMEPayload and yet customization of the attachment part works
• The class AbstractBDEWUserMessageBuilder is now derived from AbstractAS4UserMessageBuilderMIMEPayload and yet customization of the attachment part works
• Added new interface IAS4SendingDateTimeConsumer to determine the effective sending date and time
• Made the determination of the effective sending date and time more consistent
• In the Peppol client, the country code of C1 will be checked for mandatoriness from 1.1.2024 onwards
• Added new interface IWSSecSignatureCustomizer to customize created WSSecSignature objects. Handle with care
• Added support for Peppol Reporting via the peppol-reporting-api project as defined in https://github.com/phax/peppol-reporting

Full Changelog: phase4-parent-pom-2.2.1...phase4-parent-pom-2.2.2

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.2
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.0
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.8
• phive-engine 8.0.1
• phive-rules-peppol 3.0.5
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.76
• WSS4J 3.0.1
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.2.1

• Updated to ph-oton 9.2.0 for reduced dependencies
• Reduced defined versions in the parent-pom and moved it to the module POMs where applicable

Full Changelog: phase4-parent-pom-2.2.0...phase4-parent-pom-2.2.1

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.2
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.0
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.7
• phive-engine 8.0.1
• phive-rules-peppol 3.0.5
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.76
• WSS4J 3.0.1
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.2.0

• Allowing separate IAS4CryptoFactory configurations for signing/signature verification and encrypting/decrypting. See issue #139 - thanks @sopgreg
• Most internal APIs that previously took one parameter for "cryptoFactory" now take two parameters for "cryptoFactorySign" and "cryptoFactoryCrypt"
• Removed IAS4CryptoFactory.isAllowRSA15KeyTransportAlgorithm()
  • The configuration property org.apache.wss4j.dom.handler.RequestData.allowRSA15KeyTransportAlgorithm is no longer supported
  • As an alternative the interface IAS4DecryptParameterModifier was introduced to allow even more fine-grained customization
• Improved the unique PMode determination, by comparing all fields of Initiator and Responder. See issue #118 - thanks @sopgreg
• Removed the Serializable interface from objects where it is not needed
• The interface IPModeIDProvider now relies on the PModeParty of initiator and responder instead on the ID only
• Allowed an external customization of the WSSConfig object created for decryption. See issue #150 - thanks @sopgreg
  • This and the RequestData object can be customized via a callback using IAS4DecryptParameterModifier

What's Changed

• Add pom.xml.versionsBackup to .gitignore by @sopgreg in #151
• Set setEncryptSymmetricSessionKey to false for BDEW sender by @sopgreg in #152

Full Changelog: phase4-parent-pom-2.1.5...phase4-parent-pom-2.2.0

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.2
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-app/ph-oton-audit/ph-oton-html/ph-oton-security 9.1.4
• ph-css 7.0.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.7
• phive-engine 8.0.1
• phive-rules-peppol 3.0.5
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.76
• WSS4J 3.0.1
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.1.5

• Reverted the incorrect use of the Binary Security Token value type "#X509PKIPathv1" for Peppol and others (introduced in v2.1.3). Only BDEW needs this. See Discussion #149 - thanks to @binaradarsha

Full Changelog: phase4-parent-pom-2.1.4...phase4-parent-pom-2.1.5

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.0
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.4
• ph-oton-app/ph-oton-audit/ph-oton-html/ph-oton-security 9.1.3
• ph-css 7.0.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.7
• phive-engine 8.0.1
• phive-rules-peppol 3.0.5
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.75
• WSS4J 3.0.1
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.1.4

• Updated to WSS4J 3.0.1
• Updated to ph-commons 11.1
• Add a possibility to customize the signingParams and cryptParams in AbstractAS4MessageBuilder
• Made the Java security Provider for encryption customizable
• Increased customizability of security configuration

Don't use this version for Peppol - regression since 2.1.3, fixed in 2.1.5

What's Changed

• #147 BDEW profile updates 28.07.2023 by @problemzebra2 in #148

New Contributors

• @problemzebra2 made their first contribution in #148

Full Changelog: phase4-parent-pom-2.1.3...phase4-parent-pom-2.1.4

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.0
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.4
• ph-oton-app/ph-oton-audit/ph-oton-html/ph-oton-security 9.1.3
• ph-css 7.0.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.7
• phive-engine 8.0.1
• phive-rules-peppol 3.0.5
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.75
• WSS4J 3.0.1
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.1.3

• Updated to BouncyCastle 1.75
• Improved support for the COUNTRY_C1 field in Peppol SBDH
• Added a consistency check to avoid that pre-built SBD documents are used with the plain Peppol sender builder
• The BinarySecurityToken for signed AS4 messages now uses the ValueType of ...#X509PKIPathv1 by default
• The default response timeout for Peppol client messages was changed from 5 minutes to 2 minutes to reflect SLA changes
• Added new interface IAS4IncomingSecurityConfiguration to customize AS4RequestHandler security configuration

Don't use this version for Peppol - regression since 2.1.3, fixed in 2.1.5

What's Changed

• Fix for BDEWPayloadParams#m_aDocumentNumber by @mmwlk in #137
• Fix small typo resulting from copy&paste by @sopgreg in #140

New Contributors

• @mmwlk made their first contribution in #137

Full Changelog: phase4-parent-pom-2.1.2...phase4-parent-pom-2.1.3

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.0.6
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.1
• ph-oton-app/ph-oton-audit/ph-oton-html/ph-oton-security 9.1.1
• ph-css 7.0.0
• ph-masterdata/ph-tenancy 7.0.0
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.6
• phive-engine 8.0.1
• phive-rules-peppol 3.0.5
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.75
• WSS4J 3.0.0
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.1.2

• Made the session key provider for AS4 encryption session keys customizable
• Made some backwards incompatible changes to the API of BDEWPayloadParams so that it is chainable

Full Changelog: phase4-parent-pom-2.1.1...phase4-parent-pom-2.1.2

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.0.4
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.1
• ph-oton-app/ph-oton-audit/ph-oton-html/ph-oton-security 9.1.1
• ph-css 7.0.0
• ph-masterdata/ph-tenancy 7.0.0
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.6
• phive-engine 8.0.1
• phive-rules-peppol 3.0.3
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.73
• WSS4J 3.0.0
• XMLSec 3.0.2
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x