Releases: phax/phase4
phase4 3.0.1
- Updated to ph-commons 11.1.11
- Configuration properties can now use default values. See #291 - thx @piotr-dajlido
- Added getter and setter for
IAS4SignalMessageValidationResultHandler
toAbstractAS4PullRequestBuilder
andAbstractAS4UserMessageBuilder
. See #220 - thx @problemzebra2 - Added a check on message reception that the encryption and signature algorithms from the PMode are actually used
- Added new default
ICryptoSessionKeyProvider
instances for AES-128-GCM and AES-256-GCM. See #289 - thx @piotr-dajlido - Added class
Phase4RuntimeException
- Return values of
AS4KeyStoreDescriptor.createFromConfig
may now be nullable - The constructors of class
AS4CryptoFactoryConfiguration
now throw aPhase4RuntimeException
if there is a keystore misconfiguration - [Peppol] Added possibility to customize the Identifier Factory to be used for SBDH parsing via
Phase4PeppolDefaultReceiverConfiguration.setSBDHIdentifierFactory
andPhase4PeppolReceiverConfigurationBuilder.sbdhIdentifierFactory
. The default isSimpleIdentifierFactory
for backwards compatibility. - [BDEW] Added possibility to define
BDEWApplicationReference
. see #292 - thx @beth-soptim
What's Changed
- BDEWApplicationReference from RzÜ 2.3 by @beth-soptim in #292
Full Changelog: phase4-parent-pom-3.0.0...phase4-parent-pom-3.0.1
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.11
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.6.0
- phive 10.1.0 [Peppol only]
- phive-rules-peppol 3.2.2 [Peppol only]
- peppol-reporting-api 3.0.3 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.79
- WSS4J 3.0.4
- XMLSec 3.0.5
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x
phase4 2.9.0
- Updated to BouncyCastle 1.79.0
- Updated to WSS4J 3.0.4
- Updated to xmlsec 3.0.5
- Updated to ph-commons 11.1.10
- [Peppol] Updated to peppol-commons 9.6.0
- Removed the special change V3 annotation, as V3 is out now
- Added new methods
IAS4IncomingMessageState.getCryptoFactorySign()
andgetCryptoFactoryCrypt()
Full Changelog: phase4-parent-pom-2.8.6...phase4-parent-pom-2.9.0
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.10
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.6.0
- phive 10.0.2 [Peppol only]
- phive-rules-peppol 3.2.1 [Peppol only]
- peppol-reporting-api 3.0.2 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.79
- WSS4J 3.0.4
- XMLSec 3.0.5
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x
phase4 3.0.0
This is the list of the collective changes for the 3.0.0 releases as already shown in the pre-releases. The changes are grouped by activities.
- Updates
- Updated to WSS4J 3.0.4
- Updated to xmlsec 3.0.5
- Updated to BouncyCastle 1.79.0
- Updated to ph-commons 11.1.10
- Updated to peppol-commons 9.6.0
- Removals
- Removed all deprecated methods marked for removal
- Removed the
phase4-spring-boot-demo
submodule in favour of https://github.com/phax/phase4-peppol-standalone - [BPC] Removed the profile
phase4-profile-bpc
submodule in favour ofphase4-profile-dbnalliance
- Backward incompatible changes
- Moved classes to different packages without changing the internal working. See Migrations for all details
- The configuration files
private-crypto.properties
andcrypto.properties
are also deprecated. Please move the properties toapplication.properties
, environment variables or Java system properties instead. - Implementations of
IAS4CryptoFactory
now need to implement ´getKeyPasswordPerAliasCharArrayinstead of
getKeyPasswordPerAlias` - Created new class
AS4CryptoFactoryConfiguration
to replaceAS4CryptoFactoryProperties
as the default AS4 crypt factory. See [[Migrations]] for all details - Deprecated classes
AS4CryptoFactoryProperties
andAS4CryptoProperties
in favour ofAS4CryptoFactoryConfiguration
- Support for a default AS4 profile inside the AS4 Profile Manager was removed in the favour of the configuration property
phase4.default.profile
(previously calledphase4.profile
) - The "as4ProfileID" field is now mandatory when using the AS4 sender builder. Defaults are provided.
- [EuCtp] Renamed class
EuCtpPullRequestBuilder
toAbstractEuCtpPullRequestBuilder
and made abstract. UsePhase4EuCtpSender.builderPullRequest ()
instead - [EuCtp] Renamed method
Phase4EuCtpSender.builder
tobuilderUserMessage
- The AS4 Timestamp manager is now limiting the precision to milliseconds to ensure safe XML serializability.
- Improvements
- Included received HTTP headers in
IAS4IncomingMessageMetadata
JSON representation - Added new class
AS4KeyStoreDescriptor
to describe the parameters of a key store - Added new class
AS4TrustStoreDescriptor
to describe the parameters of a trust store - [Peppol] Added new class
Phase4PeppolReceiverConfigurationBuilder
to buildPhase4PeppolReceiverConfiguration
objects - [Peppol] Made the AP certificate checker in the Peppol sender builder customizable
- Added new methods
IAS4IncomingMessageState.getCryptoFactorySign()
andgetCryptoFactoryCrypt()
- Added new method
IAS4IncomingMessageState.getEffectiveDecryptedSoapDocument
- Added verification of AS4 Receipt XMLDSig "Reference" objects against the ones sent out in the User Message. See #220 - thx @problemzebra2
- Added new interface
IAS4SignalMessageValidationResultHandler
to customize the result handling of DSig reference verification - The internal configuration object now needs to implement
IConfigWithFallback
instead of justIConfig
- The internal AS4 configuration is now based on the
IConfigWithFallback
interface - The AS4 sender builder no longer overwrites the PMode Resolver if an AS4 profile is set, but makes sure a PMode resolver is present
- The
AS4DefaultPModeResolver
no longer creates a default PMode if no AS4 profile is present - Class
AbstractAS4PullRequestBuilder
can now also handle a specific PMode ID - Added class
AS4IncomingProfileSelectorConstant
- Improved default handling of inbound AS4 Profile selection to automatically use the sending Profile
- Added new EdDSA algorithms to
ECryptoAlgorithmSign
- Added new key encrypt algorithms in
ECryptoKeyEncryptionAlgorithm
- Added possibility to dynamically set responder address. See #233 - thx @koes-soptim
- Added new classes
IAS4IncomingReceiverConfiguration
andAS4IncomingReceiverConfiguration
for receiver checks - [Peppol] Added a "/peppol-status" status endpoint to the demo application. See #215 - thx @RichardVanMaaren
- Added getters for nearly all sender builder properties
- If an AS4 Receipt does not contain non-repudiation information, it now contains the original user message wrapped, to stay XSD compliant
- The class
AS4ClientReceipt
can now also take an outside RefToMessageId. See #267 - thx @sywong2000 - Added new class
Ebms3UserMessageMarshaller
to solely serialize theUserMessage
object
- Included received HTTP headers in
It is recommended to run phase4 with Java 21 or later for best performance.
What's Changed
- Sywong2000 patch fix missing ref to message id non repudiation receipt by @sywong2000 in #267
- Fixes for EuCtp profile and Receipt testing by @jonrios in #275
Full Changelog: phase4-parent-pom-2.8.6...phase4-parent-pom-3.0.0
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.10
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.6.0
- phive 10.0.2 [Peppol only]
- phive-rules-peppol 3.2.1 [Peppol only]
- peppol-reporting-api 3.0.2 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.79
- WSS4J 3.0.4
- XMLSec 3.0.5
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x
phase4 3.0.0 Release Candidate 1
- Updated to xmlsec 3.0.5
- Updated to ph-commons 11.1.10
- Updated to peppol-commons 9.6.0
- Removed the
phase4-spring-boot-demo
submodule in favour of https://github.com/phax/phase4-peppol-standalone - Added new class
Phase4PeppolReceiverConfigurationBuilder
to buildPhase4PeppolReceiverConfiguration
objects - Removed the overload
Phase4PeppolDefaultReceiverConfiguration.getAsReceiverCheckData(X509Certificate)
created in beta6 in favour of the builder - Removed the interfaces
IAS4TrustStoreDescriptor
andIAS4KeyStoreDescriptor
(added in beta2) in favour ofITrustStoreDescriptor
andIKeyStoreAndKeyDescriptor
from ph-commons - The classes
AS4KeyStoreDescriptor
andAS4TrustStoreDescriptor
(added in beta2) are only shells to provide phase4 specific setup - Made the AP certificate checker in the Peppol sender builder customizable
Full Changelog: phase4-parent-pom-3.0.0-beta6...phase4-parent-pom-3.0.0-rc1
phase4 3.0.0 Beta 6
- Added new overload of
Phase4PeppolDefaultReceiverConfiguration.getAsReceiverCheckData(X509Certificate)
- Added new methods
IAS4IncomingMessageState.getCryptoFactorySign()
andgetCryptoFactoryCrypt()
Full Changelog: phase4-parent-pom-3.0.0-beta5...phase4-parent-pom-3.0.0-beta6
phase4 3.0.0 Beta5
- Redeployment of beta4 because of a wrong tag in
pom.xml
Full Changelog: phase4-parent-pom-3.0.0-beta2...phase4-parent-pom-3.0.0-beta5
Dependencies required:
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.9
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.5.1
- phive 10.0.2 [Peppol only]
- phive-rules-peppol 3.2.1 [Peppol only]
- peppol-reporting-api 3.0.1 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.79
- WSS4J 3.0.3
- XMLSec 3.0.4
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x
phase4 3.0.0 Beta4
- Redeployment of beta3 because of issues with the transfer to Maven Central
Full Changelog: phase4-parent-pom-3.0.0-beta2...phase4-parent-pom-3.0.0-beta4
Dependencies required:
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.9
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.5.1
- phive 10.0.2 [Peppol only]
- phive-rules-peppol 3.2.1 [Peppol only]
- peppol-reporting-api 3.0.1 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.79
- WSS4J 3.0.3
- XMLSec 3.0.4
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x
phase4 3.0.0 Beta3
- Updated to BouncyCastle 1.79.0
- Fixed an exception when using
AS4Configuration
and the default configuration properties were missing.
Full Changelog: phase4-parent-pom-3.0.0-beta2...phase4-parent-pom-3.0.0-beta3
Dependencies required:
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.9
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.5.1
- phive 10.0.2 [Peppol only]
- phive-rules-peppol 3.2.1 [Peppol only]
- peppol-reporting-api 3.0.1 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.79
- WSS4J 3.0.3
- XMLSec 3.0.4
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x
phase4 3.0.0 Beta2
- Moved classes to different packages without changing the internals. See [[Migrations]] for details
- The configuration files
private-crypto.properties
andcrypto.properties
are also deprecated. Please move the properties toapplication.properties
, environment variables or Java system properties instead. - Added verification of AS4 Receipt XMLDSig "Reference" objects against the ones sent out in the User Message. See #220 - thx @problemzebra2
- Added new interface
IAS4SignalMessageValidationResultHandler
to customize the result handling of DSig reference verification - The internal configuration object now needs to implement
IConfigWithFallback
instead of justIConfig
- Implementations of
IAS4CryptoFactory
now need to implement ´getKeyPasswordPerAliasCharArrayinstead of
getKeyPasswordPerAlias` - Created new class
AS4CryptoFactoryConfiguration
to replaceAS4CryptoFactoryProperties
as the default AS4 crypt factory - Deprecated classes
AS4CryptoFactoryProperties
andAS4CryptoProperties
in favour ofAS4CryptoFactoryConfiguration
- Added new class
AS4KeyStoreDescriptor
to describe the parameters of a key store - Added new class
AS4TrustStoreDescriptor
to describe the parameters of a trust store - The internal AS4 configuration is now based on the
IConfigWithFallback
interface - Support for a default AS4 profile inside the AS4 Profile Manager was removed in the favour of the configuration property
phase4.default.profile
(previously calledphase4.profile
) - The "as4ProfileID" field is now mandatory when using the AS4 sender builder
- The AS4 sender builder no longer overwrites the PMode Resolver if an AS4 profile is set, but makes sure a PMode resolver is present
- The
AS4DefaultPModeResolver
no longer creates a default PMode if no AS4 profile is present - Class
AbstractAS4PullRequestBuilder
can now also handle a specific PMode ID - Added class
AS4IncomingProfileSelectorConstant
- Improved default handling of inbound AS4 Profile selection to automatically use the sending Profile
- Added new EdDSA algorithms to
ECryptoAlgorithmSign
- Added new key encrypt algorithms in
ECryptoKeyEncryptionAlgorithm
What's Changed
Full Changelog: phase4-parent-pom-3.0.0-beta1...phase4-parent-pom-3.0.0-beta2
Dependencies required:
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.8
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.5.1
- phive 10.0.2 [Peppol only]
- phive-rules-peppol 3.2.1 [Peppol only]
- peppol-reporting-api 3.0.1 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.78.1
- WSS4J 3.0.3
- XMLSec 3.0.4
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x
phase4 2.8.6
- [DBNAlliance] Fixed an exception in the sender builder, if the XHE payload was created on the outside.
- Class
AS4OutgoingAttachment
and the builder can now deal with custom properties. See #276 - thx @piotr-dajlido
Full Changelog: phase4-parent-pom-2.8.5...phase4-parent-pom-2.8.6
Dependencies required:
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.8
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.5.1
- phive 10.0.2 [Peppol only]
- phive-rules-peppol 3.2.0 [Peppol only]
- peppol-reporting-api 3.0.1 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.78.1
- WSS4J 3.0.3
- XMLSec 3.0.4
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x