Merge pull request #55 from wultra/develop

Merge develop to master

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+ - package-ecosystem: "maven"
+ directory: "/"
+ schedule:
+ interval: "weekly"

.github/workflows/coverity-scan.yml

@@ -0,0 +1,16 @@
+name: Run Coverity scan and upload results
+
+on:
+ workflow_dispatch:
+ schedule:
+ - cron: '0 10 1 * *' # monthly
+
+
+jobs:
+ coverity-scan:
+ uses: wultra/wultra-infrastructure/.github/workflows/coverity-scan.yml@develop
+ secrets: inherit
+ with:
+ project-name: ${{ github.event.repository.name }}
+ version: ${{ github.sha }}
+ description: ${{ github.ref }}

.github/workflows/maven-package.yml

@@ -0,0 +1,24 @@
+name: Maven Package
+
+on:
+ workflow_dispatch:
+
+jobs:
+ maven-package:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+ - name: Set up JDK 17
+ uses: actions/setup-java@v3
+ with:
+ java-version: '17'
+ distribution: 'temurin'
+ cache: maven
+ - name: Run Maven Package Step
+ run: mvn -B -U package
+ - name: Archive JAR Artifacts
+ uses: actions/upload-artifact@v3
+ with:
+ name: Jar Artifacts
+ path: '**/target/*.jar'

.github/workflows/maven-test.yml

@@ -0,0 +1,18 @@
+name: Test with Maven
+
+on:
+ workflow_dispatch:
+ push:
+ branches:
+ - 'master'
+ - 'releases/**'
+ pull_request:
+ branches:
+ - 'develop'
+ - 'master'
+ - 'releases/**'
+
+jobs:
+ maven-tests:
+ uses: wultra/wultra-infrastructure/.github/workflows/maven-test.yml@develop
+ secrets: inherit

.gitignore

@@ -21,3 +21,29 @@
 
 # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
 hs_err_pid*
+
+**/.DS_Store
+**/target/
+**/src/main/java/generated/
+**/.springBeans
+
+### NetBeans template
+**/nbproject/private/
+**/nbproject/
+
+### Eclipse template
+**/.settings
+**/.project
+**/.classpath
+
+### JetBrains template
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio
+*.iml
+## Directory-based project format:
+.idea/
+.mvn
+dist/
+
+### JRebel
+rebel.xml
+

README.md

@@ -12,14 +12,7 @@ Both approaches are described in chapters below.
 
 ### Supported Java Version
 
-Only Java version 8 is supported at the moment.
-
-### Install Bouncy Castle provider
-
-The Bouncy Castle library is required to be installed in the JRE in order to run the Java utility.
-
-See:
-https:/wultra/powerauth-server/wiki/Installing-Bouncy-Castle
+Only Java version 17+ is supported at the moment.
 
 ### Generate a Signing Key Pair
 
@@ -110,6 +103,16 @@ You can convert EC private key to public key and print it:
 java -jar ssl-pinning-tool.jar export -k keypair.pem -p [password]
 ```
 
+### Export Private Key
+
+Server app developers might need the private key from generated key pair in order to be able to dynamically compute signatures. For example, our Mobile Utility Server uses the private key from this utility output.
+
+You can convert EC private key to the appropriate format and print it:
+
+```sh
+java -jar ssl-pinning-tool.jar export-private -k keypair.pem -p [password]
+```
+
 ### Troubleshooting
 
 Error: 

pom.xml

@@ -9,12 +9,13 @@
 
  <groupId>com.wultra</groupId>
  <artifactId>ssl-pinning-tool</artifactId>
- <version>1.0.2</version>
+ <version>1.5.0</version>
  <packaging>jar</packaging>
  <parent>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-parent</artifactId>
- <version>2.0.4.RELEASE</version>
+ <version>3.1.3</version>
+ <relativePath/> <!-- lookup parent from repository -->
  </parent>
 
  <inceptionYear>2018</inceptionYear>
@@ -55,41 +56,46 @@
  </issueManagement>
 
  <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <maven.compiler.source>1.8</maven.compiler.source>
- <maven.compiler.target>1.8</maven.compiler.target>
+ <bcprov-jdk18on.version>1.76</bcprov-jdk18on.version>
+ <powerauth-crypto.version>1.5.1</powerauth-crypto.version>
  </properties>
 
  <dependencies>
  <dependency>
  <groupId>org.bouncycastle</groupId>
- <artifactId>bcprov-jdk15on</artifactId>
- <version>1.60</version>
+ <artifactId>bcprov-jdk18on</artifactId>
+ <version>${bcprov-jdk18on.version}</version>
  </dependency>
  <dependency>
  <groupId>org.bouncycastle</groupId>
- <artifactId>bcpkix-jdk15on</artifactId>
- <version>1.60</version>
+ <artifactId>bcpkix-jdk18on</artifactId>
+ <version>${bcprov-jdk18on.version}</version>
  </dependency>
  <dependency>
  <groupId>io.getlime.security</groupId>
  <artifactId>powerauth-java-crypto</artifactId>
- <version>0.19.0</version>
+ <version>${powerauth-crypto.version}</version>
  </dependency>
  <dependency>
  <groupId>commons-cli</groupId>
  <artifactId>commons-cli</artifactId>
- <version>1.4</version>
+ <version>1.5.0</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-simple</artifactId>
  </dependency>
  <dependency>
  <groupId>com.fasterxml.jackson.core</groupId>
  <artifactId>jackson-databind</artifactId>
- <version>2.9.6</version>
  </dependency>
  <dependency>
  <groupId>org.junit.jupiter</groupId>
  <artifactId>junit-jupiter-engine</artifactId>
- <version>5.2.0</version>
  <scope>test</scope>
  </dependency>
  </dependencies>
@@ -100,14 +106,13 @@
  <plugin>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-maven-plugin</artifactId>
- <version>2.0.4.RELEASE</version>
  <configuration>
  <mainClass>com.wultra.security.ssl.pinning.Application</mainClass>
  </configuration>
  </plugin>
  <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-surefire-plugin</artifactId>
- <version>2.22.0</version>
  </plugin>
  </plugins>
  </build>