From c912c8f654e8a9d1c86bf60f084f6d40bd7d0f1b Mon Sep 17 00:00:00 2001 From: Giorgos Papadopoulos Date: Fri, 11 Aug 2023 13:30:34 +0300 Subject: [PATCH 1/2] update dependencies --- build.gradle | 17 ++-- .../cms/CMSSignatureValidatorBuilder.kt | 16 ++-- .../cms/CMSSignatureValidatorImpl.kt | 32 +++---- .../{certificates.kt => Certificates.kt} | 0 .../cms/CMSSignatureValidatorTest.kt | 94 +++++++++---------- modules/openidconnect/build.gradle | 6 +- .../openidconnect/OpenIDConnectRepository.kt | 4 +- .../OpenIDConnectRepositoryImpl.kt | 16 ++-- .../OpenIDConnectRepositoryImplTest.kt | 8 +- modules/qrgenerator/build.gradle | 4 +- .../modules/qrgenerator/QrCodeGenerator.kt | 12 +-- .../qrgenerator/QrCodeGeneratorImplTest.kt | 6 +- 12 files changed, 107 insertions(+), 108 deletions(-) rename modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/{certificates.kt => Certificates.kt} (100%) diff --git a/build.gradle b/build.gradle index c7556be..95320a4 100644 --- a/build.gradle +++ b/build.gradle @@ -6,10 +6,10 @@ * */ plugins { - id 'com.android.application' version '7.3.1' apply false - id 'com.android.library' version '7.3.1' apply false - id 'org.jetbrains.kotlin.android' version '1.7.20' apply false - id 'com.diffplug.spotless' version '5.10.1' + id 'com.android.application' version '8.1.0' apply false + id 'com.android.library' version '8.1.0' apply false + id 'org.jetbrains.kotlin.android' version '1.9.0' apply false + id 'com.diffplug.spotless' version '6.20.0' } allprojects { @@ -18,21 +18,20 @@ allprojects { afterEvaluate { tasks.withType(org.jetbrains.kotlin.gradle.tasks.KotlinCompile).configureEach { kotlinOptions { - jvmTarget = "1.8" + jvmTarget = "11" freeCompilerArgs += ["-opt-in=kotlinx.coroutines.ExperimentalCoroutinesApi"] } } project.plugins.withId("com.android.base") { android { - compileSdk 33 + compileSdk 34 defaultConfig { minSdk 23 - targetSdk 33 } compileOptions { - sourceCompatibility JavaVersion.VERSION_1_8 - targetCompatibility JavaVersion.VERSION_1_8 + sourceCompatibility JavaVersion.VERSION_11 + targetCompatibility JavaVersion.VERSION_11 } } } diff --git a/modules/httpsecurity/src/main/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorBuilder.kt b/modules/httpsecurity/src/main/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorBuilder.kt index e0c30bc..3b5ff8b 100644 --- a/modules/httpsecurity/src/main/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorBuilder.kt +++ b/modules/httpsecurity/src/main/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorBuilder.kt @@ -10,13 +10,13 @@ object CMSSignatureValidatorBuilder { fun build( certificatesPem: List, cnMatchingString: String? = null, - clock: Clock + clock: Clock, ): CMSSignatureValidatorImpl { return CMSSignatureValidatorImpl( signingCertificates = emptyList(), trustAnchors = trustCertificates(certificatesPem), matchingString = cnMatchingString, - clock = clock + clock = clock, ) } @@ -25,8 +25,8 @@ object CMSSignatureValidatorBuilder { return certificatesPem.map { certificatePem -> val trustedCert = factory.generateCertificate( ByteArrayInputStream( - certificatePem.toByteArray() - ) + certificatePem.toByteArray(), + ), ) as X509Certificate TrustAnchor(trustedCert, null) }.toSet() @@ -35,7 +35,7 @@ object CMSSignatureValidatorBuilder { fun build( certificatesPem: List = emptyList(), signingCertificateBytes: List, - clock: Clock + clock: Clock, ): CMSSignatureValidatorImpl { val x509s = signingCertificateBytes.map { CertificateFactory.getInstance("X509") @@ -46,19 +46,19 @@ object CMSSignatureValidatorBuilder { signingCertificates = x509s, trustAnchors = trustCertificates(certificatesPem), matchingString = null, - clock = clock + clock = clock, ) } fun build( certificatesPem: List, - signingCertificates: List + signingCertificates: List, ): CMSSignatureValidatorImpl { return CMSSignatureValidatorImpl( signingCertificates = signingCertificates, trustAnchors = trustCertificates(certificatesPem), matchingString = null, - clock = Clock.systemUTC() + clock = Clock.systemUTC(), ) } } diff --git a/modules/httpsecurity/src/main/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorImpl.kt b/modules/httpsecurity/src/main/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorImpl.kt index e0f02f7..c5d7c0e 100644 --- a/modules/httpsecurity/src/main/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorImpl.kt +++ b/modules/httpsecurity/src/main/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorImpl.kt @@ -1,16 +1,5 @@ package nl.rijksoverheid.rdo.modules.httpsecurity.cms -import java.io.BufferedInputStream -import java.io.InputStream -import java.security.cert.CertPathBuilder -import java.security.cert.CertPathBuilderException -import java.security.cert.CertStore -import java.security.cert.PKIXBuilderParameters -import java.security.cert.PKIXCertPathBuilderResult -import java.security.cert.TrustAnchor -import java.security.cert.X509CertSelector -import java.security.cert.X509Certificate -import java.time.Clock import nl.rijksoverheid.rdo.modules.httpsecurity.SignatureValidationException import nl.rijksoverheid.rdo.modules.httpsecurity.SignatureValidator import org.bouncycastle.asn1.x500.style.BCStyle @@ -23,6 +12,17 @@ import org.bouncycastle.cms.SignerId import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder import org.bouncycastle.jce.provider.BouncyCastleProvider import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder +import java.io.BufferedInputStream +import java.io.InputStream +import java.security.cert.CertPathBuilder +import java.security.cert.CertPathBuilderException +import java.security.cert.CertStore +import java.security.cert.PKIXBuilderParameters +import java.security.cert.PKIXCertPathBuilderResult +import java.security.cert.TrustAnchor +import java.security.cert.X509CertSelector +import java.security.cert.X509Certificate +import java.time.Clock /* * Copyright (c) 2021 De Staat der Nederlanden, Ministerie van Volksgezondheid, Welzijn en Sport. @@ -35,7 +35,7 @@ class CMSSignatureValidatorImpl internal constructor( private val signingCertificates: List, private val trustAnchors: Set, private val matchingString: String?, - private val clock: Clock + private val clock: Clock, ) : SignatureValidator { private val provider = BouncyCastleProvider() @@ -46,7 +46,7 @@ class CMSSignatureValidatorImpl internal constructor( JcaDigestCalculatorProviderBuilder().setProvider(provider) .build(), CMSTypedStream(BufferedInputStream(content)), - signature + signature, ) sp.signedContent.drain() @@ -99,7 +99,7 @@ class CMSSignatureValidatorImpl internal constructor( if (!signer.verify( JcaSimpleSignerInfoVerifierBuilder().setProvider(provider) - .build(signingCertificate) + .build(signingCertificate), ) ) { throw SignatureValidationException("The signature does not match") @@ -116,7 +116,7 @@ class CMSSignatureValidatorImpl internal constructor( private fun checkCertPath( trustAnchors: Set, signerId: SignerId, - certs: CertStore + certs: CertStore, ): PKIXCertPathBuilderResult { val pathBuilder: CertPathBuilder = CertPathBuilder.getInstance("PKIX", provider) @@ -130,7 +130,7 @@ class CMSSignatureValidatorImpl internal constructor( val params = PKIXBuilderParameters( trustAnchors, - targetConstraints + targetConstraints, ) params.addCertStore(certs) params.isRevocationEnabled = false diff --git a/modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/certificates.kt b/modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/Certificates.kt similarity index 100% rename from modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/certificates.kt rename to modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/Certificates.kt diff --git a/modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorTest.kt b/modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorTest.kt index 8673e71..2041b4e 100644 --- a/modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorTest.kt +++ b/modules/httpsecurity/src/test/java/nl/rijksoverheid/rdo/modules/httpsecurity/cms/CMSSignatureValidatorTest.kt @@ -1,11 +1,5 @@ package nl.rijksoverheid.rdo.modules.httpsecurity.cms -import java.io.ByteArrayInputStream -import java.security.cert.CertificateFactory -import java.security.cert.X509Certificate -import java.time.Clock -import java.time.Instant -import java.time.ZoneId import nl.rijksoverheid.rdo.modules.httpsecurity.QuoVadis_EV_CA import nl.rijksoverheid.rdo.modules.httpsecurity.SignatureValidationException import org.bouncycastle.jce.provider.BouncyCastleProvider @@ -13,10 +7,16 @@ import org.bouncycastle.util.encoders.Base64 import org.junit.Assert.assertEquals import org.junit.Assert.assertThrows import org.junit.Test +import java.io.ByteArrayInputStream +import java.security.cert.CertificateFactory +import java.security.cert.X509Certificate +import java.time.Clock +import java.time.Instant +import java.time.ZoneId private val TEST_SIGNATURE = Base64.decode( "MIIF7gYJKoZIhvcNAQcCoIIF3zCCBdsCAQExDTALBglghkgBZQMEAgEwCwYJKoZIhvcNAQcBoIIDWzCCA1cwggI/oAMCAQICBxaRRYXRENYwDQYJKoZIhvcNAQELBQAwPjEWMBQGA1UEAwwNTG9jYXRpZSBOb29yZDEXMBUGA1UECgwOVGVzdGVycy1hcmUtdXMxCzAJBgNVBAYTAk5MMB4XDTIxMDIxMTEwNTUxMVoXDTIxMDMxMzEwNTUxMVowPjEWMBQGA1UEAwwNTG9jYXRpZSBOb29yZDEXMBUGA1UECgwOVGVzdGVycy1hcmUtdXMxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OrWuP67nunK3A8L2xB1WPN08qBNXxYUltZnaqMLnZ49Kv3Eyaep3KZQYpuA9PzJvJOrKnoeH47df9mpMToBDJJ+S0/oaL5ZZHLNhqDmK7Q0vKIp1IvQQs/zGpwzzZCYynT5Khc5srMrqPIPbCnhl+aFLmQXfRMbZv/VW08Xx1CUVU37TKobXaPatXve0np28MjrRAFs+9CwwvhlT8vwL2fr3y0Zk5tSuYm7xLm5bVyTf1CAojSG9o6wkZANrTvaM7PDGEiH8rDK7iyYFIuPrQGCj0H2ZY0evgUcNJj+AXz7AjLzUD9CjxH62QzX+vBvAoPp2/3QtZalaBQSNVG3qQIDAQABo1owWDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUJ3uUanJigS0ykSypPRh6aCNY6hAwHwYDVR0jBBgwFoAUJ3uUanJigS0ykSypPRh6aCNY6hAwDQYJKoZIhvcNAQELBQADggEBADTIX2jVx3VjeBNctzHFuOnjy1hHsg+JFq7n2t1BIOztyI3ZqxqTD+LmBHPwZbe15L5HjlU+kZ8lmdL+Qa3JHW5xFewpAUTNP8kHxiqsm50B3kp5w0" + - "t6eh+iQMpLJ9IRe0MctBDaFNA979Rx2ECkMGbucbKuzEL0hYEP3wVRY9hJ1RdwJ10q0TmHYjbbELbNINcJTiSy8vpwfCizSkI7SqcgPCUK210srr7D4xpPKKVfQwBi5PiTy4lt9tNJ/BgtBm+Fk8KVKJi1wdz3RTNYCBok7MhYDY3xAbfzxeWMd7owXBp33eCN/biea8oTSnGVfzxzNaAMXj/SsY4cW5Q50CwxggJZMIICVQIBATBJMD4xFjAUBgNVBAMMDUxvY2F0aWUgTm9vcmQxFzAVBgNVBAoMDlRlc3RlcnMtYXJlLXVzMQswCQYDVQQGEwJOTAIHFpFFhdEQ1jALBglghkgBZQMEAgGggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjEwMjExMTE1NTU2WjAvBgkqhkiG9w0BCQQxIgQgFe9GLHfup+ysp9BJiFi2OTeX7QSvEkDlkd4PbPNud2gweQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEAZSOoGqYZlAqzf24SQ/mHl2Rv1x8CDUt15pta2i2HZyXkQ0WnHYGezuBZYifBkihZ0mZ3N/3PS/rJAiFG9aklB/E8cyFmGhg+2BGh+ZFogGHET7b1Wi80GhZ7RzSVOKYdFXaRr1uGTBdD0BxK6bbC8UHawoOdGOh/F1dn9pSo2hA6/bLqaGzOuQyhpPBcBR8Hy/i+7Va8lKWWiy6jQlF19JsSrYndebo8ehq89mVItya3d56/55crVFjQOJzQ42+gYwjfPXO4E2UYYHBva4rfF0UIzVqqNo8aeiKzRMKJt9P3fA0oKTrGfxLxBgkNTmm3x7sc4lnFmcQq8am7g4Noyw==" + "t6eh+iQMpLJ9IRe0MctBDaFNA979Rx2ECkMGbucbKuzEL0hYEP3wVRY9hJ1RdwJ10q0TmHYjbbELbNINcJTiSy8vpwfCizSkI7SqcgPCUK210srr7D4xpPKKVfQwBi5PiTy4lt9tNJ/BgtBm+Fk8KVKJi1wdz3RTNYCBok7MhYDY3xAbfzxeWMd7owXBp33eCN/biea8oTSnGVfzxzNaAMXj/SsY4cW5Q50CwxggJZMIICVQIBATBJMD4xFjAUBgNVBAMMDUxvY2F0aWUgTm9vcmQxFzAVBgNVBAoMDlRlc3RlcnMtYXJlLXVzMQswCQYDVQQGEwJOTAIHFpFFhdEQ1jALBglghkgBZQMEAgGggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjEwMjExMTE1NTU2WjAvBgkqhkiG9w0BCQQxIgQgFe9GLHfup+ysp9BJiFi2OTeX7QSvEkDlkd4PbPNud2gweQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEAZSOoGqYZlAqzf24SQ/mHl2Rv1x8CDUt15pta2i2HZyXkQ0WnHYGezuBZYifBkihZ0mZ3N/3PS/rJAiFG9aklB/E8cyFmGhg+2BGh+ZFogGHET7b1Wi80GhZ7RzSVOKYdFXaRr1uGTBdD0BxK6bbC8UHawoOdGOh/F1dn9pSo2hA6/bLqaGzOuQyhpPBcBR8Hy/i+7Va8lKWWiy6jQlF19JsSrYndebo8ehq89mVItya3d56/55crVFjQOJzQ42+gYwjfPXO4E2UYYHBva4rfF0UIzVqqNo8aeiKzRMKJt9P3fA0oKTrGfxLxBgkNTmm3x7sc4lnFmcQq8am7g4Noyw==", ) private val TEST_PAYLOAD = "TEST CONTENT".toByteArray() @@ -32,13 +32,13 @@ class CMSSignatureValidatorTest { val validator = CMSSignatureValidatorBuilder.build( certificatesPem = listOf(QuoVadis_EV_CA), - signingCertificates = listOf(signingCertificate) + signingCertificates = listOf(signingCertificate), ) val exception = assertThrows(SignatureValidationException::class.java) { validator.validate( signature = TEST_SIGNATURE, - content = ByteArrayInputStream(TEST_PAYLOAD) + content = ByteArrayInputStream(TEST_PAYLOAD), ) } @@ -77,22 +77,22 @@ xNDVcc10qA79 "WwogeyJhZm5hbWVkYXR1bSI6IjIwMjAtMDYtMTdUMTA6MDA6MDAuMDAwKzAyMDAiLAogICJ1aXRzbGFnZGF0dW0iOiIyMDIwLTA2LTE3VDEwOjEwOjAwLjAwMCswMjAwIiwKICAicmVzdWx0YWF0IjoiTkVHQVRJRUYiLAogICJhZnNwcmFha1N0YXR1cyI6IkFGR0VST05EIiwKICAiYWZzcHJhYWtJZCI6Mjc4NzE3Njh9LAogeyJhZm5hbWVkYXR1bSI6IjIwMjAtMTEtMDhUMTA6MTU6MDAuMDAwKzAxMDAiLAogICAidWl0c2xhZ2RhdHVtIjoiMjAyMC0xMS0wOVQwNzo1MDozOS4wMDArMDEwMCIsCiAgICJyZXN1bHRhYXQiOiJQT1NJVElFRiIsCiAgICJhZnNwcmFha1N0YXR1cyI6IkFGR0VST05EIiwKICAgImFmc3ByYWFrSWQiOjI1ODcxOTcyMTl9Cl0K" val signature = "MIIKoQYJKoZIhvcNAQcCoIIKkjCCCo4CAQExDTALBglghkgBZQMEAgEwCwYJKoZIhvcNAQcBoIIHsDCCA5owggKCoAMCAQICAgPyMA0GCSqGSIb3DQEBCwUAMFoxKzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzMxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjELMAkGA1UEBhMCTkwwHhcNMjEwODI0MTUyMTE5WhcNMzEwODIyMTUyMTE5WjBnMQswCQYDVQQGEwJOTDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTgwNgYDVQQDDC9TdGFhdCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgLSBTZXJ2aWNlcyBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALfhtoey1Z7+DiO6Kic/2Z3nA1HQ2ZBDB9Hjl0IpfsJdYExZbJmm4yxdavkEyi7+mgSmAXiJ9JCKLkbfvprb44odTisHfXnjLGpSDugFaV/NW8kWZ2x3yieeL3E46QaGpEsO3YFjoTK0UQ9uJosMCUKLXkcqPbXJE4R4fmrOb5h4YRAw9NZZebB0cRoS6omr+XsNwXp+wZGtdq+8diT6e3+K1plQj+xlLK8IxjOxWcDY7v8ipnXMbRhBwxrq4Zp45itDea0YZNtffNtQkqmZ5KuFDhGQQLf7RPP0voE4ALPyPhtuhi7C+Opi89vQvIe2YwXuLHTkpCydFUd3EpCk858CAwEAAaNdMFswCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQswdf8utcMt1Q+HxEA5ulCMjMs3DAfBgNVHSMEGDAWgBRWB1bgf7BLO4Dj/X3z8OaL8SefmTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAJDwglxxLVgsmWPh" + - "dxH4ezWxLmi9xKz9Blfd0xgQLGxdaBJxp77KLy4GlpOGcqp4JmtGY3sDsEQTwf+HlRMxMlNIGGSZXgBm/gBTME2Y9ArG3oBgR/LyVcw7FCqQOQg0nNr00GywjDhkopiRMC5Enr1kfnUNGYb7Y84duZhpil1F7TFtmTAI0UmLTpxi4RmQNGvgGzRWVMAUwF2dVvzOAQjje+hX4Vaqa6s77xUYPICcyCr9HzDhxLkpKzOU1eDOWfa0p5QOnJV/NEmdDZu5scIA8kYDSj9UV8eQo/5fqdjhYE6EFaaRNuUP7vHi+eVe74SH589+UqY7aE/6y0/OTNMIIEDjCCAvagAwIBAgILAN6tvu/erb7vwN4wDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMwHhcNMjEwODI0MTUyMTIwWhcNMzEwODIyMTUyMTIwWjB9MQswCQYDVQQGEwJOTDE5MDcGA1UECgwwTWluaXN0ZXJpZSB2YW4gVm9sa3NnZXpvbmRoZWlkLCBXZWx6aWpuIGVuIFNwb3J0MRgwFgYDVQQLDA9Db3JvbmEgQWxlcnRlcnMxGTAXBgNVBAMMEC5jb3JvbmF0ZXN0ZXIubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjh6jXrX0QX7IxoVUODYv7tyK4GhhVr7uh3OP02dYn91tXxSNfoZIVCn8HGUgwc9WRXXNLvH6h4bd7x/V8Qp7AyokFz9R8kvk4P3H3LKeTdgzVTapIHCO4EqBQV7TlA/qiq7TrFyKL9sQeKuloa5on80cSmdHTB46gljG+ktatUpFB6Y5ubqUv8G0bW4uyhjtYzAlgICUWZ" + - "cSDPOS6Ae1JuMXdtMvcx9ygg4MJz2sD2ryYWW21P2IvsAfHb//pq2btvZJiiYrFTNhq7481qZeGZu7rR4ax/O/Ou2+26AYjUoCvcQGm/Fu9oh5+NKptbXtSaphkt2ly/MpVFjdKpVzLAgMBAAGjgaQwgaEwRwYJYIZIAYb4QgENBDoWOEZvciB0ZXN0aW5nIG9ubHkgYW5kIG5vIHRoaXMgaXMgbm90IHRoZSByZWFsIHRoaW5nLiBEdWguMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUxLv8GFFcOMDMrqVxltKI2iMZxdIwHwYDVR0jBBgwFoAULMHX/LrXDLdUPh8RAObpQjIzLNwwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAXakEELxeKJqOYmZLIv6mxKdpOIdxOu9Jtqk3piq2N3IkgKgw+f3mxTyEpCcpOLua34YmWqiRgq6+9imGOUTjXr5fLC1OCI1iUx4raUNkWSsZwHs33DbV6xVzDCxlc7gs9ZKZ3fD6R2FrPMy+ZteD64QfP6sE15cOwLOwFY5SjIEn75UlglUd7oFZhXKlYAgcndVfbDsNXwiHyYWnVidzQHJbZNef2ojQAF8OjUKATLVzBuiaBtNTEJyLTSOVDXajRuEOc8w+JpLr9KwsoRxoJx48dPVoRnGFO9H25+RSTKUKM1C7lWEw3znxWSngg6CFQiJbqv44aiXwyLIx+JfnbTGCArcwggKzAgEBMHYwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMCCwDerb7v3q2+78DeMAsGCWCGSAFlAwQCAaCB5DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA4MjQxNTI4NDJaMC8GCSqGSIb3DQEJBDEiBCCN6iJ4JdABvoUbWZ6h6jPmAineuLcsweVEsauDrJpRTTB5BgkqhkiG9w0BCQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4EggEAwkjr2X787AlsbV+Ip8HmkUZG4azDAfrH+hJ9DR3Bd/NFG1+pGBcOW8V376zvcOi6UKQjI6EAGp30i2t6WEZpZvGiZQEUtO6QnZ/b7y8VS1XaiK6/AnJ7/AcJQTHF8WuNK8BUGOAn+BZZaROf/wykj0+aSDpdlNbpdvsKeBTmw12vHKjq8Xkjh0Wynovv8mGvHWGqYfj8kTu971YtGEVOE2m/Vo6mq8T7XNw++RJicI48nYvQyDGqj5aM4qNVcphqREyYjaAK9ekEKReWkh2ZB7PgKo1lcY8KQBW72ffeKQFiFEUypMs75cih/VQXC+xCRE3A7Ya7wi70Bn8WxIedGw==" + "dxH4ezWxLmi9xKz9Blfd0xgQLGxdaBJxp77KLy4GlpOGcqp4JmtGY3sDsEQTwf+HlRMxMlNIGGSZXgBm/gBTME2Y9ArG3oBgR/LyVcw7FCqQOQg0nNr00GywjDhkopiRMC5Enr1kfnUNGYb7Y84duZhpil1F7TFtmTAI0UmLTpxi4RmQNGvgGzRWVMAUwF2dVvzOAQjje+hX4Vaqa6s77xUYPICcyCr9HzDhxLkpKzOU1eDOWfa0p5QOnJV/NEmdDZu5scIA8kYDSj9UV8eQo/5fqdjhYE6EFaaRNuUP7vHi+eVe74SH589+UqY7aE/6y0/OTNMIIEDjCCAvagAwIBAgILAN6tvu/erb7vwN4wDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMwHhcNMjEwODI0MTUyMTIwWhcNMzEwODIyMTUyMTIwWjB9MQswCQYDVQQGEwJOTDE5MDcGA1UECgwwTWluaXN0ZXJpZSB2YW4gVm9sa3NnZXpvbmRoZWlkLCBXZWx6aWpuIGVuIFNwb3J0MRgwFgYDVQQLDA9Db3JvbmEgQWxlcnRlcnMxGTAXBgNVBAMMEC5jb3JvbmF0ZXN0ZXIubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjh6jXrX0QX7IxoVUODYv7tyK4GhhVr7uh3OP02dYn91tXxSNfoZIVCn8HGUgwc9WRXXNLvH6h4bd7x/V8Qp7AyokFz9R8kvk4P3H3LKeTdgzVTapIHCO4EqBQV7TlA/qiq7TrFyKL9sQeKuloa5on80cSmdHTB46gljG+ktatUpFB6Y5ubqUv8G0bW4uyhjtYzAlgICUWZ" + + "cSDPOS6Ae1JuMXdtMvcx9ygg4MJz2sD2ryYWW21P2IvsAfHb//pq2btvZJiiYrFTNhq7481qZeGZu7rR4ax/O/Ou2+26AYjUoCvcQGm/Fu9oh5+NKptbXtSaphkt2ly/MpVFjdKpVzLAgMBAAGjgaQwgaEwRwYJYIZIAYb4QgENBDoWOEZvciB0ZXN0aW5nIG9ubHkgYW5kIG5vIHRoaXMgaXMgbm90IHRoZSByZWFsIHRoaW5nLiBEdWguMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUxLv8GFFcOMDMrqVxltKI2iMZxdIwHwYDVR0jBBgwFoAULMHX/LrXDLdUPh8RAObpQjIzLNwwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAXakEELxeKJqOYmZLIv6mxKdpOIdxOu9Jtqk3piq2N3IkgKgw+f3mxTyEpCcpOLua34YmWqiRgq6+9imGOUTjXr5fLC1OCI1iUx4raUNkWSsZwHs33DbV6xVzDCxlc7gs9ZKZ3fD6R2FrPMy+ZteD64QfP6sE15cOwLOwFY5SjIEn75UlglUd7oFZhXKlYAgcndVfbDsNXwiHyYWnVidzQHJbZNef2ojQAF8OjUKATLVzBuiaBtNTEJyLTSOVDXajRuEOc8w+JpLr9KwsoRxoJx48dPVoRnGFO9H25+RSTKUKM1C7lWEw3znxWSngg6CFQiJbqv44aiXwyLIx+JfnbTGCArcwggKzAgEBMHYwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMCCwDerb7v3q2+78DeMAsGCWCGSAFlAwQCAaCB5DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA4MjQxNTI4NDJaMC8GCSqGSIb3DQEJBDEiBCCN6iJ4JdABvoUbWZ6h6jPmAineuLcsweVEsauDrJpRTTB5BgkqhkiG9w0BCQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4EggEAwkjr2X787AlsbV+Ip8HmkUZG4azDAfrH+hJ9DR3Bd/NFG1+pGBcOW8V376zvcOi6UKQjI6EAGp30i2t6WEZpZvGiZQEUtO6QnZ/b7y8VS1XaiK6/AnJ7/AcJQTHF8WuNK8BUGOAn+BZZaROf/wykj0+aSDpdlNbpdvsKeBTmw12vHKjq8Xkjh0Wynovv8mGvHWGqYfj8kTu971YtGEVOE2m/Vo6mq8T7XNw++RJicI48nYvQyDGqj5aM4qNVcphqREyYjaAK9ekEKReWkh2ZB7PgKo1lcY8KQBW72ffeKQFiFEUypMs75cih/VQXC+xCRE3A7Ya7wi70Bn8WxIedGw==" val url = ".coronatester.nl" val validator = CMSSignatureValidatorBuilder.build( certificatesPem = listOf(cert), cnMatchingString = url, - clock = Clock.systemUTC() + clock = Clock.systemUTC(), ) validator.validate( signature = Base64.decode( - signature + signature, ), - content = ByteArrayInputStream(Base64.decode(payload)) + content = ByteArrayInputStream(Base64.decode(payload)), ) } @@ -129,28 +129,28 @@ V+fduXP4fIM0 "WwogeyJhZm5hbWVkYXR1bSI6IjIwMjAtMDYtMTdUMTA6MDA6MDAuMDAwKzAyMDAiLAogICJ1aXRzbGFnZGF0dW0iOiIyMDIwLTA2LTE3VDEwOjEwOjAwLjAwMCswMjAwIiwKICAicmVzdWx0YWF0IjoiTkVHQVRJRUYiLAogICJhZnNwcmFha1N0YXR1cyI6IkFGR0VST05EIiwKICAiYWZzcHJhYWtJZCI6Mjc4NzE3Njh9LAogeyJhZm5hbWVkYXR1bSI6IjIwMjAtMTEtMDhUMTA6MTU6MDAuMDAwKzAxMDAiLAogICAidWl0c2xhZ2RhdHVtIjoiMjAyMC0xMS0wOVQwNzo1MDozOS4wMDArMDEwMCIsCiAgICJyZXN1bHRhYXQiOiJQT1NJVElFRiIsCiAgICJhZnNwcmFha1N0YXR1cyI6IkFGR0VST05EIiwKICAgImFmc3ByYWFrSWQiOjI1ODcxOTcyMTl9Cl0K" val signature = "MIIKqgYJKoZIhvcNAQcCoIIKmzCCCpcCAQExDTALBglghkgBZQMEAgEwCwYJKoZIhvcNAQcBoIIHuTCCA5owggKCoAMCAQICAgPyMA0GCSqGSIb3DQEBCwUAMFoxKzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzMxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjELMAkGA1UEBhMCTkwwHhcNMjEwODI1MDY1NDE0WhcNMzEwODIzMDY1NDE0WjBnMQswCQYDVQQGEwJOTDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTgwNgYDVQQDDC9TdGFhdCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgLSBTZXJ2aWNlcyBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKwZFeF/DQNGLStlYLE/QmnVA" + - "BkU3xxwyta9VSplVnSpvebGOq4BTdS6RGIswWWIWvkB7McpUp9xBuADiyZYKdeWAeamDAPtq9WITjHqimChx/MlxG+Xrueu2P4gnK3N5qsYIQYyfxYKdDVEmRmiLnOOR700gEmGnYEzr4n2LsZz1ndUzgUjU3tt4mAo8KXxQvcRMkNDwFGjMZJywXPPNhjwQjLk4zaiamhrJAdNu0NoD3PGFtDdcycxpPT3H+DStLKOIFBEqJ2w2NZ2HHxXz9J+DGpi4OWxuxZFwrDmV2KrUGxz6OoZURLyDZ9UYqKb2eVAwzOQU8vBb689p8m1hOUCAwEAAaNdMFswCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBTNWF2aH1Wdc9sPogR52DtbsNbMXzAfBgNVHSMEGDAWgBRetHKrjHDssU5fUcQgTQrwTnXEJzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCAmZt/xNdjn" + - "cHzRx5UbRNlwrqCwti+/c7Mf+1GFuoTkt5cHdNCOSTGu7RmWP2Apq1w+NehVXJMyjFjw4gIolLYJxLXwU0dzyogc/+DiE9LNaBdFBzoBgWQ9zYkc1uAzndvQeK5bFzPvhBfEH5rkl5APdPhYfgkm3Su7aNGRxLrc4M8MJSFFmQbsFwTPu9TNuXiZ/Y79vWNm8obrJrDUQnIsIVB278HwsNbof8c8d3LvnwRNh01L4o38vI4wRL24LHmMV6IcPBn67DYeNZvu5xmBHMm7gOaXcW7S1n87CgKeuUVYUEBbwUhx0yJ3/511cH7Mij6srLX56GtknrL6bWpMIIEFzCCAv+gAwIBAgILAN6tvu/erb7vwN4wDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZG" + - "VuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMwHhcNMjEwODI1MDY1NDE0WhcNMzEwODIzMDY1NDE0WjCBhTELMAkGA1UEBhMCTkwxOTA3BgNVBAoMME1pbmlzdGVyaWUgdmFuIFZvbGtzZ2V6b25kaGVpZCwgV2VsemlqbiBlbiBTcG9ydDEYMBYGA1UECwwPQ29yb25hIEFsZXJ0ZXJzMSEwHwYDVQQDDBguY29yb25hdGVzdGVyLmV4YW1wbGUubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnoI1cL4qn14tj3NOO2dJC4+qqUYvyhgblSNdBURqqhAQLbyBg9UuQ5jSdKYFD6WOEdOU3RqzL1wCrpGLjvQZBX9A+9vFeo0OmWCfT34xa73wxYrMocLrzd/P+Fm8G1RgtILlDOu8rf1dnwTIkf0M1IZ1pGvUpKhJPHHrqEUxX3Q37rOHkxJhiLtJT" + - "1vCA85+zNrKQhkTvihDeP2Ie/akCdAdjkrgOw/BmNtg4yWUJNS7S7796I8DTUsPU25pKFddSYKjE5BPTqVchIq1CBvDNpeA3KrtvkxAvgAVi7k+nZOwwtPOhB8i5EKP5cNmI1OVC5VBrDYgOnhSiXDGaW9NjAgMBAAGjgaQwgaEwRwYJYIZIAYb4QgENBDoWOEZvciB0ZXN0aW5nIG9ubHkgYW5kIG5vIHRoaXMgaXMgbm90IHRoZSByZWFsIHRoaW5nLiBEdWguMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUv76Gbd/tjEp++5COPoQ6R4G/jMUwHwYDVR0jBBgwFoAUzVhdmh9VnXPbD6IEedg7W7DWzF8wCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAhM38CZ15DjI1NnsHN/fptyfWb/jFMcjBR1PrWM1LqhqN5GQAchjk2DiXtQqefthQiSAjS+XcJm7sAGO" + - "MLXwY76x9gbTjtrzTlYf0PZfvh1cgGytPqCILmVs1BP6PIstZRFEGuKifL44bS+jEkNI7cEZcQK4H2dJfYH2QNiA1U3fygZ+QrepKMnndxnvqKHG90uNGMNOIdbXUzk7YhIelWV1wdDRmrO2fF75Q7eAYcr1aE/xSk4pOEW7pvjakHAWNqOVg/pd+XJ2BwzfCQYI9wPlQb7N/zY5ANSR+p53doXOyTNZ7frs411YVr2DTZbKX6wM4Uowbv12qgdFtjFnTZzGCArcwggKzAgEBMHYwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMCCwDerb7v3q2+78DeMAsGCWCGSAFlAwQCAaCB5DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBM" + - "BwGCSqGSIb3DQEJBTEPFw0yMTA4MjUwNjU0NDhaMC8GCSqGSIb3DQEJBDEiBCCN6iJ4JdABvoUbWZ6h6jPmAineuLcsweVEsauDrJpRTTB5BgkqhkiG9w0BCQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4EggEAvjxo6TWKMrHeYfBZWPzq+ToOtdhRQu4PoGDPdj0lEHRBiq4VO6f0C9ONnMuINr5SgjEydUQBvNwpY50ON3x4DUJFV/BRxKrgINs0gfrgnFO8wj/75q9X6X1De950MLqMuyrVjr7lu" + - "vOnwJiXiD9p9pUr8zov4hxItNRML2QoAnE0+x7FPepwgfaHHXi39Jvd/ZJZ9HOPQRMwWcSF9VdQBDDbJ1+3xEV34YJsX9NqTlCXAjscW+lHNC7XAlV4gFzk7mmDNUQlru6udq0zrcHItnJ1Uito+uxw/Bo00WEliy8LgZtP/IJAd4o+lEQ03VFAQzh9qflhnIcgWg0xow6Ddw==" + "BkU3xxwyta9VSplVnSpvebGOq4BTdS6RGIswWWIWvkB7McpUp9xBuADiyZYKdeWAeamDAPtq9WITjHqimChx/MlxG+Xrueu2P4gnK3N5qsYIQYyfxYKdDVEmRmiLnOOR700gEmGnYEzr4n2LsZz1ndUzgUjU3tt4mAo8KXxQvcRMkNDwFGjMZJywXPPNhjwQjLk4zaiamhrJAdNu0NoD3PGFtDdcycxpPT3H+DStLKOIFBEqJ2w2NZ2HHxXz9J+DGpi4OWxuxZFwrDmV2KrUGxz6OoZURLyDZ9UYqKb2eVAwzOQU8vBb689p8m1hOUCAwEAAaNdMFswCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBTNWF2aH1Wdc9sPogR52DtbsNbMXzAfBgNVHSMEGDAWgBRetHKrjHDssU5fUcQgTQrwTnXEJzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCAmZt/xNdjn" + + "cHzRx5UbRNlwrqCwti+/c7Mf+1GFuoTkt5cHdNCOSTGu7RmWP2Apq1w+NehVXJMyjFjw4gIolLYJxLXwU0dzyogc/+DiE9LNaBdFBzoBgWQ9zYkc1uAzndvQeK5bFzPvhBfEH5rkl5APdPhYfgkm3Su7aNGRxLrc4M8MJSFFmQbsFwTPu9TNuXiZ/Y79vWNm8obrJrDUQnIsIVB278HwsNbof8c8d3LvnwRNh01L4o38vI4wRL24LHmMV6IcPBn67DYeNZvu5xmBHMm7gOaXcW7S1n87CgKeuUVYUEBbwUhx0yJ3/511cH7Mij6srLX56GtknrL6bWpMIIEFzCCAv+gAwIBAgILAN6tvu/erb7vwN4wDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZG" + + "VuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMwHhcNMjEwODI1MDY1NDE0WhcNMzEwODIzMDY1NDE0WjCBhTELMAkGA1UEBhMCTkwxOTA3BgNVBAoMME1pbmlzdGVyaWUgdmFuIFZvbGtzZ2V6b25kaGVpZCwgV2VsemlqbiBlbiBTcG9ydDEYMBYGA1UECwwPQ29yb25hIEFsZXJ0ZXJzMSEwHwYDVQQDDBguY29yb25hdGVzdGVyLmV4YW1wbGUubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnoI1cL4qn14tj3NOO2dJC4+qqUYvyhgblSNdBURqqhAQLbyBg9UuQ5jSdKYFD6WOEdOU3RqzL1wCrpGLjvQZBX9A+9vFeo0OmWCfT34xa73wxYrMocLrzd/P+Fm8G1RgtILlDOu8rf1dnwTIkf0M1IZ1pGvUpKhJPHHrqEUxX3Q37rOHkxJhiLtJT" + + "1vCA85+zNrKQhkTvihDeP2Ie/akCdAdjkrgOw/BmNtg4yWUJNS7S7796I8DTUsPU25pKFddSYKjE5BPTqVchIq1CBvDNpeA3KrtvkxAvgAVi7k+nZOwwtPOhB8i5EKP5cNmI1OVC5VBrDYgOnhSiXDGaW9NjAgMBAAGjgaQwgaEwRwYJYIZIAYb4QgENBDoWOEZvciB0ZXN0aW5nIG9ubHkgYW5kIG5vIHRoaXMgaXMgbm90IHRoZSByZWFsIHRoaW5nLiBEdWguMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUv76Gbd/tjEp++5COPoQ6R4G/jMUwHwYDVR0jBBgwFoAUzVhdmh9VnXPbD6IEedg7W7DWzF8wCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAhM38CZ15DjI1NnsHN/fptyfWb/jFMcjBR1PrWM1LqhqN5GQAchjk2DiXtQqefthQiSAjS+XcJm7sAGO" + + "MLXwY76x9gbTjtrzTlYf0PZfvh1cgGytPqCILmVs1BP6PIstZRFEGuKifL44bS+jEkNI7cEZcQK4H2dJfYH2QNiA1U3fygZ+QrepKMnndxnvqKHG90uNGMNOIdbXUzk7YhIelWV1wdDRmrO2fF75Q7eAYcr1aE/xSk4pOEW7pvjakHAWNqOVg/pd+XJ2BwzfCQYI9wPlQb7N/zY5ANSR+p53doXOyTNZ7frs411YVr2DTZbKX6wM4Uowbv12qgdFtjFnTZzGCArcwggKzAgEBMHYwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMCCwDerb7v3q2+78DeMAsGCWCGSAFlAwQCAaCB5DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBM" + + "BwGCSqGSIb3DQEJBTEPFw0yMTA4MjUwNjU0NDhaMC8GCSqGSIb3DQEJBDEiBCCN6iJ4JdABvoUbWZ6h6jPmAineuLcsweVEsauDrJpRTTB5BgkqhkiG9w0BCQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4EggEAvjxo6TWKMrHeYfBZWPzq+ToOtdhRQu4PoGDPdj0lEHRBiq4VO6f0C9ONnMuINr5SgjEydUQBvNwpY50ON3x4DUJFV/BRxKrgINs0gfrgnFO8wj/75q9X6X1De950MLqMuyrVjr7lu" + + "vOnwJiXiD9p9pUr8zov4hxItNRML2QoAnE0+x7FPepwgfaHHXi39Jvd/ZJZ9HOPQRMwWcSF9VdQBDDbJ1+3xEV34YJsX9NqTlCXAjscW+lHNC7XAlV4gFzk7mmDNUQlru6udq0zrcHItnJ1Uito+uxw/Bo00WEliy8LgZtP/IJAd4o+lEQ03VFAQzh9qflhnIcgWg0xow6Ddw==" val url = ".coronatester.nl" val validator = CMSSignatureValidatorBuilder.build( certificatesPem = listOf(cert), cnMatchingString = url, - clock = Clock.systemUTC() + clock = Clock.systemUTC(), ) val exception = assertThrows(SignatureValidationException::class.java) { validator.validate( signature = Base64.decode( - signature + signature, ), - content = ByteArrayInputStream(Base64.decode(payload)) + content = ByteArrayInputStream(Base64.decode(payload)), ) } @@ -190,36 +190,36 @@ vr/lblJEVYse "WwogeyJhZm5hbWVkYXR1bSI6IjIwMjAtMDYtMTdUMTA6MDA6MDAuMDAwKzAyMDAiLAogICJ1aXRzbGFnZGF0dW0iOiIyMDIwLTA2LTE3VDEwOjEwOjAwLjAwMCswMjAwIiwKICAicmVzdWx0YWF0IjoiTkVHQVRJRUYiLAogICJhZnNwcmFha1N0YXR1cyI6IkFGR0VST05EIiwKICAiYWZzcHJhYWtJZCI6Mjc4NzE3Njh9LAogeyJhZm5hbWVkYXR1bSI6IjIwMjAtMTEtMDhUMTA6MTU6MDAuMDAwKzAxMDAiLAogICAidWl0c2xhZ2RhdHVtIjoiMjAyMC0xMS0wOVQwNzo1MDozOS4wMDArMDEwMCIsCiAgICJyZXN1bHRhYXQiOiJQT1NJVElFRiIsCiAgICJhZnNwcmFha1N0YXR1cyI6IkFGR0VST05EIiwKICAgImFmc3ByYWFrSWQiOjI1ODcxOTcyMTl9Cl0K" val signature = "MIIKsQYJKoZIhvcNAQcCoIIKojCCCp4CAQExDTALBglghkgBZQMEAgEwCwYJKoZIhvcNAQcBoIIHwDCCA5owggKCoAMCAQICAgPyMA0GCSqGSIb3DQEBCwUAMFoxKzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzMxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjELMAkGA1UEBhMCTkwwHhcNMjEwODI1MDY1NzM4WhcNMzEwODIzMDY1NzM4WjBnMQswCQYDVQQGEwJOTDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTgwNgYDVQQDDC9TdGFhdCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgLSBTZXJ2aWNlcyBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxPe7RI8trLT9vfHNeVH4J7eD" + - "LCgTCNQO5zapSO7RvcRoVR8n5tUgOybWl8i2t8RTRLOZfiTgDQpj+I1aOiKw9lw+u6G2ivnK5GN/vgKpwHHZZWveWb++X7yPONixtOOQBz8sWg302gb+eowxrG6SYigQ8cPYrjfCy35rYG5F89FyS6/2MzKGr9waocVDV0P6a5n6WRH3Oaho/MmN6uexBXbBUEq6sog526h4uHBtT6wD8U3wi7V5uCRarmCS3ApVPDI/76hxMa6pjIJ679QrTts7rykMqeZKnPuM4szrHGn0Oj2OtTzvbWO1MoF1HuHiLGZBABz7BeKAWFiDGutZMCAwEAAaNdMFswCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQJlRoAErT2DI33ynJ3Iflr9Hql1TAfBgNVHSMEGDAWgBSucbeAoObwDJKLKHYefukaw56n7TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAFbN676x7Nt" + - "H7SVZaqC9+QAwQ8WVTs5mOQOG+O28PAxtnGxyhX1ZfJvDOlLk/nfC8Wn/80eKebhzolUjjnEiLv9Gl0qadb0q+IGU9EMyPNDMxXCWZXdXWDxMNYx5aWlbyOyKpsTAyiFf2xL2b+Kej83+Ym4FF9jWjDEZ3XD28eS8AA8WQ8v9PIlwqofkw1MWX/b6OWDjVe/gWN4pKftnrfEBIl8O60ZhjDN/3/Ujn9uFQzrpIs4Yyb2tUzIDO33hX/dHc7jNSmO+gdtynlO/4zUV9/lq4e9/5dbjEm+DRKEBG59mSPIx4JBAI/iwbZoDFrf5OZyC0HIoHkWYuCmYAqMIIEHjCCAwagAwIBAgILAN6tvu/erb7vwN4wDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZG" + - "VuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMwHhcNMjEwODI1MDY1NzM4WhcNMzEwODIzMDY1NzM4WjCBjDELMAkGA1UEBhMCTkwxOTA3BgNVBAoMME1pbmlzdGVyaWUgdmFuIFZvbGtzZ2V6b25kaGVpZCwgV2VsemlqbiBlbiBTcG9ydDEYMBYGA1UECwwPQ29yb25hIEFsZXJ0ZXJzMSgwJgYDVQQDDB93d3cuY29yb25hdGVzdGVyLm5sLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VKGvfscYSmgelmMfifNg0asQYyXO7It8BARBP51SVjImcbT+aTVsQadOThgu58AOqfrx2b2bML1SKw4MiGrXhIstELz7rTV1cqseRSeZ5Rwaipl05DkLsIic2m3O6J+FGB+Dlunm6BOp36HT8vu6sD/m2JlcuMce2lvCqllFzYbmUz87Q" + - "ADlYB8a7tzogkGWOkpNoQS9qVg8+3N6LVs0PgJ1x1897q/YGFhk84/7NA4pmM5lxw9XU7pOdwirruqqJWtDDGhSKDdJZ3/QH5aLsUalU83BYc17YgWKJnvmTamJ1Cq1p9TZDy4Zk0qQHsGkB3YLKljgE5/6hEHX7YoEQIDAQABo4GkMIGhMEcGCWCGSAGG+EIBDQQ6FjhGb3IgdGVzdGluZyBvbmx5IGFuZCBubyB0aGlzIGlzIG5vdCB0aGUgcmVhbCB0aGluZy4gRHVoLjALBgNVHQ8EBAMCBeAwHQYDVR0OBBYEFNzku/0Afke55J6sFkyxjvqajU+YMB8GA1UdIwQYMBaAFAmVGgAStPYMjffKcnch+Wv0eqXVMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAbL/N5hMYTiCLgcTV+jWMgWAWkMkXBBPNJWlUYMCHaWJtpi3KSGgJTYUJfFiAe3rgjNS5RRy0gNn" + - "bYxLaQ/a7gHU1CpAyaado29OPtdcXSVAmJFnFVLtEcMtcMEBNTGURud9UeTjBMXWrRkYodvWKi7g15SYQC2QHiIhKDWGvCCG+Xq0lKn0uPS38aWTGRYpOfojracNtqY3lRW3n7mcPy0s+xqukYomifPFfSB9FU2NnzXLfNUGbGnNXtRPRi3XbWBufD3Abiar6APhGgh/Kd99SRzlRYsvdt4WQmb2SNP/dyjXm3hINMfQd8RxqJE66t4GI32V0Kg/hXUdgtB74gxggK3MIICswIBATB2MGcxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xODA2BgNVBAMML1N0YWF0IGRlciBOZWRlcmxhbmRlbiBPcmdhbmlzYXRpZSAtIFNlcnZpY2VzIEczAgsA3q2+796tvu/A3jALBglghkgBZQMEAgGggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATA" + - "cBgkqhkiG9w0BCQUxDxcNMjEwODI1MDY1ODAyWjAvBgkqhkiG9w0BCQQxIgQgjeoieCXQAb6FG1meoeoz5gIp3ri3LMHlRLGrg6yaUU0weQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeBIIBAGMo5qRD+I/lGq0OJRv7DyIuUZtC/Qepo3HrUD1RXkN6ck8urbCFt+r1ztHQd4eKTjcI7LmWOQ5UKknf79XxoYjdeoRqpNDAKYuKcNtZiENluxB50U1c5OueM6k5AqJv3bWRfSllG/jnUe6t" + - "Z1jTxIxohecQLSAfQGYVOl4EWtWHlCPHfG4OzXsjlM0wqs9jRJHUuxIibjK/5mVmFYEje+MEFQCp2ciR6n5xs3pd7dIH5SmwT+eBwt78BU2Pca6vRuCT7KY7Am1mnetANKOo1fG2bbHAPbkMhdxy3PWHn74+FhVjuITqNJ7JqS7pNL3/GhdscsutPN6ODge6oeGUVdM=" + "LCgTCNQO5zapSO7RvcRoVR8n5tUgOybWl8i2t8RTRLOZfiTgDQpj+I1aOiKw9lw+u6G2ivnK5GN/vgKpwHHZZWveWb++X7yPONixtOOQBz8sWg302gb+eowxrG6SYigQ8cPYrjfCy35rYG5F89FyS6/2MzKGr9waocVDV0P6a5n6WRH3Oaho/MmN6uexBXbBUEq6sog526h4uHBtT6wD8U3wi7V5uCRarmCS3ApVPDI/76hxMa6pjIJ679QrTts7rykMqeZKnPuM4szrHGn0Oj2OtTzvbWO1MoF1HuHiLGZBABz7BeKAWFiDGutZMCAwEAAaNdMFswCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQJlRoAErT2DI33ynJ3Iflr9Hql1TAfBgNVHSMEGDAWgBSucbeAoObwDJKLKHYefukaw56n7TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAFbN676x7Nt" + + "H7SVZaqC9+QAwQ8WVTs5mOQOG+O28PAxtnGxyhX1ZfJvDOlLk/nfC8Wn/80eKebhzolUjjnEiLv9Gl0qadb0q+IGU9EMyPNDMxXCWZXdXWDxMNYx5aWlbyOyKpsTAyiFf2xL2b+Kej83+Ym4FF9jWjDEZ3XD28eS8AA8WQ8v9PIlwqofkw1MWX/b6OWDjVe/gWN4pKftnrfEBIl8O60ZhjDN/3/Ujn9uFQzrpIs4Yyb2tUzIDO33hX/dHc7jNSmO+gdtynlO/4zUV9/lq4e9/5dbjEm+DRKEBG59mSPIx4JBAI/iwbZoDFrf5OZyC0HIoHkWYuCmYAqMIIEHjCCAwagAwIBAgILAN6tvu/erb7vwN4wDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZG" + + "VuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMwHhcNMjEwODI1MDY1NzM4WhcNMzEwODIzMDY1NzM4WjCBjDELMAkGA1UEBhMCTkwxOTA3BgNVBAoMME1pbmlzdGVyaWUgdmFuIFZvbGtzZ2V6b25kaGVpZCwgV2VsemlqbiBlbiBTcG9ydDEYMBYGA1UECwwPQ29yb25hIEFsZXJ0ZXJzMSgwJgYDVQQDDB93d3cuY29yb25hdGVzdGVyLm5sLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VKGvfscYSmgelmMfifNg0asQYyXO7It8BARBP51SVjImcbT+aTVsQadOThgu58AOqfrx2b2bML1SKw4MiGrXhIstELz7rTV1cqseRSeZ5Rwaipl05DkLsIic2m3O6J+FGB+Dlunm6BOp36HT8vu6sD/m2JlcuMce2lvCqllFzYbmUz87Q" + + "ADlYB8a7tzogkGWOkpNoQS9qVg8+3N6LVs0PgJ1x1897q/YGFhk84/7NA4pmM5lxw9XU7pOdwirruqqJWtDDGhSKDdJZ3/QH5aLsUalU83BYc17YgWKJnvmTamJ1Cq1p9TZDy4Zk0qQHsGkB3YLKljgE5/6hEHX7YoEQIDAQABo4GkMIGhMEcGCWCGSAGG+EIBDQQ6FjhGb3IgdGVzdGluZyBvbmx5IGFuZCBubyB0aGlzIGlzIG5vdCB0aGUgcmVhbCB0aGluZy4gRHVoLjALBgNVHQ8EBAMCBeAwHQYDVR0OBBYEFNzku/0Afke55J6sFkyxjvqajU+YMB8GA1UdIwQYMBaAFAmVGgAStPYMjffKcnch+Wv0eqXVMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAbL/N5hMYTiCLgcTV+jWMgWAWkMkXBBPNJWlUYMCHaWJtpi3KSGgJTYUJfFiAe3rgjNS5RRy0gNn" + + "bYxLaQ/a7gHU1CpAyaado29OPtdcXSVAmJFnFVLtEcMtcMEBNTGURud9UeTjBMXWrRkYodvWKi7g15SYQC2QHiIhKDWGvCCG+Xq0lKn0uPS38aWTGRYpOfojracNtqY3lRW3n7mcPy0s+xqukYomifPFfSB9FU2NnzXLfNUGbGnNXtRPRi3XbWBufD3Abiar6APhGgh/Kd99SRzlRYsvdt4WQmb2SNP/dyjXm3hINMfQd8RxqJE66t4GI32V0Kg/hXUdgtB74gxggK3MIICswIBATB2MGcxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xODA2BgNVBAMML1N0YWF0IGRlciBOZWRlcmxhbmRlbiBPcmdhbmlzYXRpZSAtIFNlcnZpY2VzIEczAgsA3q2+796tvu/A3jALBglghkgBZQMEAgGggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATA" + + "cBgkqhkiG9w0BCQUxDxcNMjEwODI1MDY1ODAyWjAvBgkqhkiG9w0BCQQxIgQgjeoieCXQAb6FG1meoeoz5gIp3ri3LMHlRLGrg6yaUU0weQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeBIIBAGMo5qRD+I/lGq0OJRv7DyIuUZtC/Qepo3HrUD1RXkN6ck8urbCFt+r1ztHQd4eKTjcI7LmWOQ5UKknf79XxoYjdeoRqpNDAKYuKcNtZiENluxB50U1c5OueM6k5AqJv3bWRfSllG/jnUe6t" + + "Z1jTxIxohecQLSAfQGYVOl4EWtWHlCPHfG4OzXsjlM0wqs9jRJHUuxIibjK/5mVmFYEje+MEFQCp2ciR6n5xs3pd7dIH5SmwT+eBwt78BU2Pca6vRuCT7KY7Am1mnetANKOo1fG2bbHAPbkMhdxy3PWHn74+FhVjuITqNJ7JqS7pNL3/GhdscsutPN6ODge6oeGUVdM=" val url = ".coronatester.nl" val validator = CMSSignatureValidatorBuilder.build( certificatesPem = listOf(cert), cnMatchingString = url, - clock = Clock.systemUTC() + clock = Clock.systemUTC(), ) val signatureValidationException = assertThrows( - SignatureValidationException::class.java + SignatureValidationException::class.java, ) { validator.validate( signature = Base64.decode( - signature + signature, ), - content = ByteArrayInputStream(Base64.decode(payload)) + content = ByteArrayInputStream(Base64.decode(payload)), ) } assertEquals( "Signing certificate does not match expected CN", - signatureValidationException.message + signatureValidationException.message, ) } @@ -251,27 +251,27 @@ LhA3gg89xrq8bA3XlMOXEpHzX29xu1ODoCZ+GNqlqK/UrWb3TdFGtwI+/Q== "WwogeyJhZm5hbWVkYXR1bSI6IjIwMjAtMDYtMTdUMTA6MDA6MDAuMDAwKzAyMDAiLAogICJ1aXRzbGFnZGF0dW0iOiIyMDIwLTA2LTE3VDEwOjEwOjAwLjAwMCswMjAwIiwKICAicmVzdWx0YWF0IjoiTkVHQVRJRUYiLAogICJhZnNwcmFha1N0YXR1cyI6IkFGR0VST05EIiwKICAiYWZzcHJhYWtJZCI6Mjc4NzE3Njh9LAogeyJhZm5hbWVkYXR1bSI6IjIwMjAtMTEtMDhUMTA6MTU6MDAuMDAwKzAxMDAiLAogICAidWl0c2xhZ2RhdHVtIjoiMjAyMC0xMS0wOVQwNzo1MDozOS4wMDArMDEwMCIsCiAgICJyZXN1bHRhYXQiOiJQT1NJVElFRiIsCiAgICJhZnNwcmFha1N0YXR1cyI6IkFGR0VST05EIiwKICAgImFmc3ByYWFrSWQiOjI1ODcxOTcyMTl9Cl0K" val signature = "MIIKoQYJKoZIhvcNAQcCoIIKkjCCCo4CAQExDTALBglghkgBZQMEAgEwCwYJKoZIhvcNAQcBoIIHsDCCA5owggKCoAMCAQICAgPyMA0GCSqGSIb3DQEBCwUAMFoxKzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzMxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjELMAkGA1UEBhMCTkwwHhcNMjEwNzE0MDg1MzA0WhcNMjEwODEzMDg1MzA0WjBnMQswCQYDVQQGEwJOTDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTgwNgYDVQQDDC9TdGFhdCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgLSBTZXJ2aWNlcyBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMKtnEsb/zJ1rpOqSwHjFe4iU" + - "fLxfD6sKDyaLxFFEt2AgIofGUSFia8LWurSAigGg1Ssjy1lUk/ZWUMwE3lT0M9fkZTrmS7Kd7njnAsVoRjW2lh8nSRFBB/5Z5dFZqMjhnK0hCOpDxwbswsJHKgKQFXmaSSvq6asdiVk+t+0zW9hopYGJi4G+V25SbjwtZtODj1XZOw2eGH4hCptkkH66ZddCfKLCt9fZwUvmoSxIgEyDFpcG82pvwPgSA7tbG2jRo69R1QyxF7T3EjWX9g0FyiJtWxDrOqmWmtuT+9N8OifZUtQvpz9OjZPZdojOjTzgUiti3tnYO9A5NJiK0avOFkCAwEAAaNdMFswCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQBaMSOwyEL7oQEeOhLdwRzwgsSpzAfBgNVHSMEGDAWgBRgfSXq7d1YXZPbYxa97hVJdGLWVjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCKvTI3dxCdl" + - "b9sBSfXG7FLNvY6A0Uh1lMTDKyQNlOsQncJrPfBSMW2/LFD9dP7FRASmhS6A3v+Ye73o3rR5L7KrgL+4dJtx4WJMExWfeaOxNIgOXVhGBdsDLaa81swMxzsqqFFApe1ANFBjPIzMLxegpMKcjVypeUJwftmp9Rh1m/uipMNDpW/X3AWSZ0aPhw8zC2a+sy5OrCcsos2Z/qNMHTZeS2JSOveczveMzQzPy6bVWRrjlba4ME5EEDQJl9YPYDFZlzj6/LDr9DXfho0vG/iuU3jpdOdx2hvnlma9aXt9FGwR40e5hIV7DTJ72ganqY3LHbX3gxHv5+whIjaMIIEDjCCAvagAwIBAgILAN6tvu/erb7vwN4wDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVu" + - "IE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMwHhcNMjEwNzE0MDg1MzA0WhcNMjEwODEzMDg1MzA0WjB9MQswCQYDVQQGEwJOTDE5MDcGA1UECgwwTWluaXN0ZXJpZSB2YW4gVm9sa3NnZXpvbmRoZWlkLCBXZWx6aWpuIGVuIFNwb3J0MRgwFgYDVQQLDA9Db3JvbmEgQWxlcnRlcnMxGTAXBgNVBAMMEC5jb3JvbmF0ZXN0ZXIubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkjBLDhxcFMAKCW+F+ooAqp/0gf9r65+QYgEJ0vsHNolRot5lz3wsj3x/hz8hfPa87HrjfLXkUoJ3r1pNtLrozKVg9uy5wtNrV9jVhP8YqrWTgTm1AkdiQoNgNUmWu2m3BplaRzDjUhaPC68dOhrmBbr1BOTkLEeGXMdJ+oz7A2NxhYNx/pLmXc8EnSZTfYSajX8wHUfdAzO" + - "LIcQMCu6LRUr1eQGSXyotIXt+RUC/HD50VwVBt+9tPND6qJrlOILaLXgYgvXu2zdKYzqTdRGAB27oC2jNDrK25PTXj9tNXcFymt9tYv27IxpvHgn85Rfllwlt1Siu+mUKOUDF5/U9xAgMBAAGjgaQwgaEwRwYJYIZIAYb4QgENBDoWOEZvciB0ZXN0aW5nIG9ubHkgYW5kIG5vIHRoaXMgaXMgbm90IHRoZSByZWFsIHRoaW5nLiBEdWguMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUrGHjeeECHGHd3RD8oAxyIB+nTW0wHwYDVR0jBBgwFoAUAWjEjsMhC+6EBHjoS3cEc8ILEqcwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAAuUDdhqQ817AOm84mfPf0KIBTUyHBxccQLUINxxL4x5hUCQsPumWNcr4k2FSwmtHe6w64sGcmtNX1PH9P/v3wW5O4yhi2kjKXxWGi/8" + - "Zzhqpsgwe9l7vUsw1BRc54lXk8lU7AlJ5pdV+++j1ZcejC/MIv4+3bwtfgQqhpSgbHH1nM3dGsxg5X1MqreW2wXBbmz+x6npU3kWAF4JJkcSPvq+M6blkHZAodFLwyO+SYBhcx8ZSThdZMlArKEbWeXm6zF8xfN6CpI9WuGxp+txNuz3QQPWA+2h0JQuFgu9T3HvJEOEAnss6XBoMWy/d914YorKX3bty+oahpoyfwvVrjjGCArcwggKzAgEBMHYwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMCCwDerb7v3q2+78DeMAsGCWCGSAFlAwQCAaCB5DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA3MTQ" + - "wODUzMDRaMC8GCSqGSIb3DQEJBDEiBCCN6iJ4JdABvoUbWZ6h6jPmAineuLcsweVEsauDrJpRTTB5BgkqhkiG9w0BCQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4EggEAkVuMFF6F0XZq2RtocbQurTLjb9730HovJ8YMfdp/G3YSO76P/lyLenDh9V7RPjQuOSW755Lvew0LJt9f2aVkp/UplmLKQboe2ST0b6YVQLwYGgcWh0huvnmUDdd8JgfFrmHwTeyjM7/H/FSkdcjaUsJjfGyUy/PzWrqV4Zs9nQ//Ub" + - "JVXPjuGQftxvD0RPvstDH4NR+GIU+XS9nKVZcfdpTQUUyH47OA1LsTSZ+sH3My8bCnCmJgSg7KEimS6FNfnY47iAKKlUcMW1dqj4LNofZMMu/5hpYGNuLvSeuPXZvHZ3rbEhLsstEK5XhRogzXhtTodV34S0ldsOedZ0CsVA==" + "fLxfD6sKDyaLxFFEt2AgIofGUSFia8LWurSAigGg1Ssjy1lUk/ZWUMwE3lT0M9fkZTrmS7Kd7njnAsVoRjW2lh8nSRFBB/5Z5dFZqMjhnK0hCOpDxwbswsJHKgKQFXmaSSvq6asdiVk+t+0zW9hopYGJi4G+V25SbjwtZtODj1XZOw2eGH4hCptkkH66ZddCfKLCt9fZwUvmoSxIgEyDFpcG82pvwPgSA7tbG2jRo69R1QyxF7T3EjWX9g0FyiJtWxDrOqmWmtuT+9N8OifZUtQvpz9OjZPZdojOjTzgUiti3tnYO9A5NJiK0avOFkCAwEAAaNdMFswCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQBaMSOwyEL7oQEeOhLdwRzwgsSpzAfBgNVHSMEGDAWgBRgfSXq7d1YXZPbYxa97hVJdGLWVjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCKvTI3dxCdl" + + "b9sBSfXG7FLNvY6A0Uh1lMTDKyQNlOsQncJrPfBSMW2/LFD9dP7FRASmhS6A3v+Ye73o3rR5L7KrgL+4dJtx4WJMExWfeaOxNIgOXVhGBdsDLaa81swMxzsqqFFApe1ANFBjPIzMLxegpMKcjVypeUJwftmp9Rh1m/uipMNDpW/X3AWSZ0aPhw8zC2a+sy5OrCcsos2Z/qNMHTZeS2JSOveczveMzQzPy6bVWRrjlba4ME5EEDQJl9YPYDFZlzj6/LDr9DXfho0vG/iuU3jpdOdx2hvnlma9aXt9FGwR40e5hIV7DTJ72ganqY3LHbX3gxHv5+whIjaMIIEDjCCAvagAwIBAgILAN6tvu/erb7vwN4wDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVu" + + "IE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMwHhcNMjEwNzE0MDg1MzA0WhcNMjEwODEzMDg1MzA0WjB9MQswCQYDVQQGEwJOTDE5MDcGA1UECgwwTWluaXN0ZXJpZSB2YW4gVm9sa3NnZXpvbmRoZWlkLCBXZWx6aWpuIGVuIFNwb3J0MRgwFgYDVQQLDA9Db3JvbmEgQWxlcnRlcnMxGTAXBgNVBAMMEC5jb3JvbmF0ZXN0ZXIubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkjBLDhxcFMAKCW+F+ooAqp/0gf9r65+QYgEJ0vsHNolRot5lz3wsj3x/hz8hfPa87HrjfLXkUoJ3r1pNtLrozKVg9uy5wtNrV9jVhP8YqrWTgTm1AkdiQoNgNUmWu2m3BplaRzDjUhaPC68dOhrmBbr1BOTkLEeGXMdJ+oz7A2NxhYNx/pLmXc8EnSZTfYSajX8wHUfdAzO" + + "LIcQMCu6LRUr1eQGSXyotIXt+RUC/HD50VwVBt+9tPND6qJrlOILaLXgYgvXu2zdKYzqTdRGAB27oC2jNDrK25PTXj9tNXcFymt9tYv27IxpvHgn85Rfllwlt1Siu+mUKOUDF5/U9xAgMBAAGjgaQwgaEwRwYJYIZIAYb4QgENBDoWOEZvciB0ZXN0aW5nIG9ubHkgYW5kIG5vIHRoaXMgaXMgbm90IHRoZSByZWFsIHRoaW5nLiBEdWguMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUrGHjeeECHGHd3RD8oAxyIB+nTW0wHwYDVR0jBBgwFoAUAWjEjsMhC+6EBHjoS3cEc8ILEqcwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAAuUDdhqQ817AOm84mfPf0KIBTUyHBxccQLUINxxL4x5hUCQsPumWNcr4k2FSwmtHe6w64sGcmtNX1PH9P/v3wW5O4yhi2kjKXxWGi/8" + + "Zzhqpsgwe9l7vUsw1BRc54lXk8lU7AlJ5pdV+++j1ZcejC/MIv4+3bwtfgQqhpSgbHH1nM3dGsxg5X1MqreW2wXBbmz+x6npU3kWAF4JJkcSPvq+M6blkHZAodFLwyO+SYBhcx8ZSThdZMlArKEbWeXm6zF8xfN6CpI9WuGxp+txNuz3QQPWA+2h0JQuFgu9T3HvJEOEAnss6XBoMWy/d914YorKX3bty+oahpoyfwvVrjjGCArcwggKzAgEBMHYwZzELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE4MDYGA1UEAwwvU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIC0gU2VydmljZXMgRzMCCwDerb7v3q2+78DeMAsGCWCGSAFlAwQCAaCB5DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA3MTQ" + + "wODUzMDRaMC8GCSqGSIb3DQEJBDEiBCCN6iJ4JdABvoUbWZ6h6jPmAineuLcsweVEsauDrJpRTTB5BgkqhkiG9w0BCQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4EggEAkVuMFF6F0XZq2RtocbQurTLjb9730HovJ8YMfdp/G3YSO76P/lyLenDh9V7RPjQuOSW755Lvew0LJt9f2aVkp/UplmLKQboe2ST0b6YVQLwYGgcWh0huvnmUDdd8JgfFrmHwTeyjM7/H/FSkdcjaUsJjfGyUy/PzWrqV4Zs9nQ//Ub" + + "JVXPjuGQftxvD0RPvstDH4NR+GIU+XS9nKVZcfdpTQUUyH47OA1LsTSZ+sH3My8bCnCmJgSg7KEimS6FNfnY47iAKKlUcMW1dqj4LNofZMMu/5hpYGNuLvSeuPXZvHZ3rbEhLsstEK5XhRogzXhtTodV34S0ldsOedZ0CsVA==" val validator = CMSSignatureValidatorBuilder.build( signingCertificateBytes = listOf(cert.toByteArray()), - clock = Clock.fixed(Instant.parse("2021-08-25T00:00:00.00Z"), ZoneId.of("UTC")) + clock = Clock.fixed(Instant.parse("2021-08-25T00:00:00.00Z"), ZoneId.of("UTC")), ) val signatureValidationException = assertThrows( - SignatureValidationException::class.java + SignatureValidationException::class.java, ) { validator.validate( signature = Base64.decode( - signature + signature, ), - content = ByteArrayInputStream(Base64.decode(payload)) + content = ByteArrayInputStream(Base64.decode(payload)), ) } diff --git a/modules/openidconnect/build.gradle b/modules/openidconnect/build.gradle index fabd34c..1a083ae 100644 --- a/modules/openidconnect/build.gradle +++ b/modules/openidconnect/build.gradle @@ -23,8 +23,8 @@ android { dependencies { api 'net.openid:appauth:0.11.1' - api 'org.jetbrains.kotlinx:kotlinx-coroutines-android:1.6.4' - testImplementation 'org.jetbrains.kotlinx:kotlinx-coroutines-test:1.6.4' + api 'org.jetbrains.kotlinx:kotlinx-coroutines-android:1.7.1' + testImplementation 'org.jetbrains.kotlinx:kotlinx-coroutines-test:1.7.1' testImplementation 'junit:junit:4.13.2' - testImplementation 'io.mockk:mockk:1.13.2' + testImplementation 'io.mockk:mockk:1.13.4' } \ No newline at end of file diff --git a/modules/openidconnect/src/main/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepository.kt b/modules/openidconnect/src/main/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepository.kt index df725fa..de46065 100644 --- a/modules/openidconnect/src/main/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepository.kt +++ b/modules/openidconnect/src/main/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepository.kt @@ -20,11 +20,11 @@ interface OpenIDConnectRepository { suspend fun requestAuthorization( issuerUrl: String, activityResultLauncher: ActivityResultLauncher, - authService: AuthorizationService + authService: AuthorizationService, ) suspend fun tokenResponse( authService: AuthorizationService, - authResponse: AuthorizationResponse + authResponse: AuthorizationResponse, ): TokenResponse } diff --git a/modules/openidconnect/src/main/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepositoryImpl.kt b/modules/openidconnect/src/main/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepositoryImpl.kt index 4147f59..2b9d259 100644 --- a/modules/openidconnect/src/main/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepositoryImpl.kt +++ b/modules/openidconnect/src/main/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepositoryImpl.kt @@ -3,14 +3,14 @@ package nl.rijksoverheid.rdo.modules.openidconnect import android.content.Intent import android.net.Uri import androidx.activity.result.ActivityResultLauncher -import kotlin.coroutines.resume -import kotlin.coroutines.resumeWithException -import kotlin.coroutines.suspendCoroutine import net.openid.appauth.AuthorizationRequest import net.openid.appauth.AuthorizationResponse import net.openid.appauth.AuthorizationService import net.openid.appauth.AuthorizationServiceConfiguration import net.openid.appauth.ResponseTypeValues +import kotlin.coroutines.resume +import kotlin.coroutines.resumeWithException +import kotlin.coroutines.suspendCoroutine /* * Copyright (c) 2021 De Staat der Nederlanden, Ministerie van Volksgezondheid, Welzijn en Sport. @@ -21,13 +21,13 @@ import net.openid.appauth.ResponseTypeValues */ class OpenIDConnectRepositoryImpl( private val clientId: String, - private val redirectUrl: String + private val redirectUrl: String, ) : OpenIDConnectRepository { override suspend fun requestAuthorization( issuerUrl: String, activityResultLauncher: ActivityResultLauncher, - authService: AuthorizationService + authService: AuthorizationService, ) { val authServiceConfiguration = authorizationServiceConfiguration(issuerUrl) val authRequest = authRequest(serviceConfiguration = authServiceConfiguration) @@ -52,20 +52,20 @@ class OpenIDConnectRepositoryImpl( serviceConfiguration, clientId, ResponseTypeValues.CODE, - Uri.parse(redirectUrl) + Uri.parse(redirectUrl), ).setScope("openid email profile").build() } override suspend fun tokenResponse( authService: AuthorizationService, - authResponse: AuthorizationResponse + authResponse: AuthorizationResponse, ): TokenResponse { return suspendCoroutine { continuation -> authService.performTokenRequest(authResponse.createTokenExchangeRequest()) { resp, error -> val tokenResponse = TokenResponse(resp?.idToken, resp?.accessToken) when { tokenResponse.idToken != null || tokenResponse.accessToken != null -> continuation.resume( - tokenResponse + tokenResponse, ) error != null -> continuation.resumeWithException(error) else -> continuation.resumeWithException(Exception("Could not get jwt")) diff --git a/modules/openidconnect/src/test/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepositoryImplTest.kt b/modules/openidconnect/src/test/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepositoryImplTest.kt index bf61ac4..49df746 100644 --- a/modules/openidconnect/src/test/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepositoryImplTest.kt +++ b/modules/openidconnect/src/test/java/nl/rijksoverheid/rdo/modules/openidconnect/OpenIDConnectRepositoryImplTest.kt @@ -23,7 +23,7 @@ class OpenIDConnectRepositoryImplTest { coEvery { authService.performTokenRequest(any(), any()) } answers { secondArg().onTokenRequestCompleted( response, - null + null, ) } @@ -39,7 +39,7 @@ class OpenIDConnectRepositoryImplTest { coEvery { authService.performTokenRequest(any(), any()) } answers { secondArg().onTokenRequestCompleted( response, - null + null, ) } @@ -53,7 +53,7 @@ class OpenIDConnectRepositoryImplTest { coEvery { authService.performTokenRequest(any(), any()) } answers { secondArg().onTokenRequestCompleted( null, - AuthorizationException.GeneralErrors.USER_CANCELED_AUTH_FLOW + AuthorizationException.GeneralErrors.USER_CANCELED_AUTH_FLOW, ) } @@ -73,7 +73,7 @@ class OpenIDConnectRepositoryImplTest { coEvery { authService.performTokenRequest(any(), any()) } answers { secondArg().onTokenRequestCompleted( null, - null + null, ) } diff --git a/modules/qrgenerator/build.gradle b/modules/qrgenerator/build.gradle index a5f7c27..05e313a 100644 --- a/modules/qrgenerator/build.gradle +++ b/modules/qrgenerator/build.gradle @@ -24,7 +24,7 @@ android { } dependencies { - implementation 'com.google.zxing:core:3.5.0' + implementation 'com.google.zxing:core:3.5.1' testImplementation 'junit:junit:4.13.2' - testImplementation 'org.robolectric:robolectric:4.9' + testImplementation 'org.robolectric:robolectric:4.9.2' } \ No newline at end of file diff --git a/modules/qrgenerator/src/main/java/nl/rijksoverheid/rdo/modules/qrgenerator/QrCodeGenerator.kt b/modules/qrgenerator/src/main/java/nl/rijksoverheid/rdo/modules/qrgenerator/QrCodeGenerator.kt index 1bdd566..7c909db 100644 --- a/modules/qrgenerator/src/main/java/nl/rijksoverheid/rdo/modules/qrgenerator/QrCodeGenerator.kt +++ b/modules/qrgenerator/src/main/java/nl/rijksoverheid/rdo/modules/qrgenerator/QrCodeGenerator.kt @@ -27,7 +27,7 @@ interface QrCodeGenerator { qrCodeContent: String, width: Int, height: Int, - errorCorrectionLevel: ErrorCorrectionLevel + errorCorrectionLevel: ErrorCorrectionLevel, ): Bitmap } @@ -36,11 +36,11 @@ class QrCodeGeneratorImpl : QrCodeGenerator { qrCodeContent: String, width: Int, height: Int, - errorCorrectionLevel: ErrorCorrectionLevel + errorCorrectionLevel: ErrorCorrectionLevel, ): Bitmap { val multiFormatWriter = MultiFormatWriter() val hints: MutableMap = EnumMap( - EncodeHintType::class.java + EncodeHintType::class.java, ) hints[EncodeHintType.MARGIN] = 0 hints[EncodeHintType.ERROR_CORRECTION] = errorCorrectionLevel @@ -49,12 +49,12 @@ class QrCodeGeneratorImpl : QrCodeGenerator { BarcodeFormat.QR_CODE, 0, 0, - hints + hints, ) val bitmap = Bitmap.createBitmap( width, height, - Bitmap.Config.RGB_565 + Bitmap.Config.RGB_565, ) val pixels = IntArray(width * height) for (y in 0 until height) { @@ -64,7 +64,7 @@ class QrCodeGeneratorImpl : QrCodeGenerator { val yf: Float = y.toFloat() / height pixels[offset + x] = if (bitMatrix.get( (xf * bitMatrix.width.toFloat()).toInt(), - (yf * bitMatrix.height.toFloat()).toInt() + (yf * bitMatrix.height.toFloat()).toInt(), ) ) { Color.BLACK diff --git a/modules/qrgenerator/src/test/java/nl/rijksoverheid/rdo/modules/qrgenerator/QrCodeGeneratorImplTest.kt b/modules/qrgenerator/src/test/java/nl/rijksoverheid/rdo/modules/qrgenerator/QrCodeGeneratorImplTest.kt index b31169f..2c27684 100644 --- a/modules/qrgenerator/src/test/java/nl/rijksoverheid/rdo/modules/qrgenerator/QrCodeGeneratorImplTest.kt +++ b/modules/qrgenerator/src/test/java/nl/rijksoverheid/rdo/modules/qrgenerator/QrCodeGeneratorImplTest.kt @@ -23,7 +23,7 @@ class QrCodeGeneratorImplTest { randomQrContent(1343), randomQrContent(1446), randomQrContent(1543), - randomQrContent(1634) + randomQrContent(1634), ) val qrCodeGenerator = QrCodeGeneratorImpl() @@ -33,14 +33,14 @@ class QrCodeGeneratorImplTest { qrCodeContent = it, width = width, height = width, - errorCorrectionLevel = ErrorCorrectionLevel.M + errorCorrectionLevel = ErrorCorrectionLevel.M, ) val euBitmap = qrCodeGenerator.createQrCode( qrCodeContent = it, width = width, height = width, - errorCorrectionLevel = ErrorCorrectionLevel.Q + errorCorrectionLevel = ErrorCorrectionLevel.Q, ) assertEquals(width, domesticBitmap.width) From 6da923bc8d64dd2c41bf870b3c59065655b3a97c Mon Sep 17 00:00:00 2001 From: Giorgos Papadopoulos Date: Fri, 11 Aug 2023 13:37:08 +0300 Subject: [PATCH 2/2] sync public repo script --- sync_public_repo.sh | 63 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 sync_public_repo.sh diff --git a/sync_public_repo.sh b/sync_public_repo.sh new file mode 100644 index 0000000..4deb14c --- /dev/null +++ b/sync_public_repo.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +# Config +BASE_REPONAME=nl-rdo-app-android-modules + +# Helpers +TIMESTAMP=`date '+%Y%m%d-%H%M%S'` +PR_TITLE="Sync+public+repo+from+private+repository" # Use + for spaces as this is used in a URL +PR_BODY="This+PR+proposes+the+latest+changes+from+private+to+public+repository.+Timestamp:+${TIMESTAMP}" +RED="\033[1;31m" +GREEN="\033[1;32m" +ENDCOL="\033[0m" +echo -e "${GREEN}Ensuring a safe environment${ENDCOL}" +if [ -z "$(git status --porcelain)" ]; then + # Working directory clean + echo "Working directory clean" +else + # Uncommitted changes + echo + echo -e "${RED}Your working directory contains changes.${ENDCOL}" + echo "To avoid losing changes, this script only works if you have a clean directory." + echo "Commit any work to the current branch, and try again." + echo + exit +fi + +# To ensure the script works regardless of whether you run this from private or public, we ignore origin, and +# add 2 remotes, one for public, one for private +if ! git config remote.public-repo.url > /dev/null; then + git remote add public-repo git@github.com:minvws/$BASE_REPONAME + echo -e "${GREEN}Public-repo remote added${ENDCOL}" +fi + +if ! git config remote.private-repo.url > /dev/null; then + git remote add private-repo git@github.com:minvws/$BASE_REPONAME-private + echo -e "${GREEN}Private-repo remote added${ENDCOL}" +fi + +# Create a branch where we sync everything from current private main +echo -e "${GREEN}Ensuring we are in sync with the private repo${ENDCOL}" +git fetch private-repo + +echo -e "${GREEN}Creating a new sync branch based on private/main${ENDCOL}" +git branch sync/$TIMESTAMP private-repo/main + +# Todo: this could be optimized to only push if there actually are changes between the two branches (if not, this currently creates an empty PR) +echo -e "${GREEN}Pushing the sync branch to public repo${ENDCOL}" +git push public-repo sync/$TIMESTAMP + +echo -e "${GREEN}Constructing a PR request and opening it in the browser${ENDCOL}" +PR_URL="https://github.com/minvws/$BASE_REPONAME/compare/sync/$TIMESTAMP?quick_pull=1&title=${PR_TITLE}&body=${PR_BODY}" + +open $PR_URL + +# Sync tags +# delete all local tags +git tag -d $(git tag -l) +# fetch all tags from private-repo +git fetch private-repo --tags --force +# push all tags to public-repo +git push -f --tags public-repo + +echo -e "${GREEN}Done.${ENDCOL}" \ No newline at end of file