From 9a3bce9100bea627757c964aa373b62679fdf3ff Mon Sep 17 00:00:00 2001 From: Gematik Date: Tue, 13 Aug 2024 15:27:48 +0200 Subject: [PATCH] v2.1.6 --- ReleaseNotes.md | 5 ++++ pom.xml | 8 +++--- .../certificate/CertificateProfile.java | 25 ++++++++++++++++--- .../certificate/CertificateType.java | 5 ++++ 4 files changed, 36 insertions(+), 7 deletions(-) diff --git a/ReleaseNotes.md b/ReleaseNotes.md index 759cdb0..506a011 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -2,6 +2,11 @@ # Release notes GemLibPki +## Release 2.1.6 + +- add new certificate types +- update dependencies + ## Release 2.1.5 - update dependencies diff --git a/pom.xml b/pom.xml index 76e63fd..aa8f337 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ de.gematik.pki gemLibPki - 2.1.5 + 2.1.6 jar GemLibPki library for implementation and tests of the gematik pki specification @@ -44,7 +44,7 @@ - 1722427771 + 1723555013 UTF-8 ${project.build.sourceEncoding} 17 @@ -54,7 +54,7 @@ 3.26.3 4.2.1 1.78.1 - 3.15.0 + 3.16.0 6.0 4.0.2 5.10.3 @@ -63,7 +63,7 @@ 5.12.0 4.4.4 3.9.1 - 2.2.2 + 2.3.0 2.10.0 diff --git a/src/main/java/de/gematik/pki/gemlibpki/certificate/CertificateProfile.java b/src/main/java/de/gematik/pki/gemlibpki/certificate/CertificateProfile.java index 23caabf..0895cd8 100644 --- a/src/main/java/de/gematik/pki/gemlibpki/certificate/CertificateProfile.java +++ b/src/main/java/de/gematik/pki/gemlibpki/certificate/CertificateProfile.java @@ -18,17 +18,22 @@ import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_ANY; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_EGK_AUT; +import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_EGK_AUT_ALT; +import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_EGK_SIG; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_FD_OSIG; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_FD_SIG; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_FD_TLS_C; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_FD_TLS_S; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_GSMCK_AK_AUT; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_HBA_AUT; +import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_HBA_ENC; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_HSK_ENC; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_HSK_SIG; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_SMC_B_AUT; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_SMC_B_ENC; import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_SMC_B_OSIG; +import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_VPNK_VPN; +import static de.gematik.pki.gemlibpki.certificate.CertificateType.CERT_TYPE_VPNK_VPN_SIS; import static de.gematik.pki.gemlibpki.certificate.ExtendedKeyUsage.EXT_KEYUSAGE_ID_KP_CLIENTAUTH; import static de.gematik.pki.gemlibpki.certificate.ExtendedKeyUsage.EXT_KEYUSAGE_ID_KP_EMAILPROTECTION; import static de.gematik.pki.gemlibpki.certificate.ExtendedKeyUsage.EXT_KEYUSAGE_ID_KP_SERVERAUTH; @@ -58,7 +63,6 @@ public enum CertificateProfile { List.of(KEYUSAGE_DIGITAL_SIGNATURE), List.of(EXT_KEYUSAGE_ID_KP_CLIENTAUTH, EXT_KEYUSAGE_ID_KP_SERVERAUTH), true), - CERT_PROFILE_C_CH_AUT_RSA( CERT_TYPE_EGK_AUT, List.of(KEYUSAGE_DIGITAL_SIGNATURE, KEYUSAGE_KEY_ENCIPHERMENT), @@ -69,7 +73,13 @@ public enum CertificateProfile { List.of(KEYUSAGE_DIGITAL_SIGNATURE), List.of(EXT_KEYUSAGE_ID_KP_CLIENTAUTH), false), - + CERT_PROFILE_C_EGK_AUT_ALT_ECC( + CERT_TYPE_EGK_AUT_ALT, + List.of(KEYUSAGE_DIGITAL_SIGNATURE), + List.of(EXT_KEYUSAGE_ID_KP_CLIENTAUTH), + true), + CERT_PROFILE_C_EGK_SIG_ECC(CERT_TYPE_EGK_SIG, List.of(KEYUSAGE_NON_REPUDIATION), List.of(), true), + CERT_PROFILE_C_HBA_ENC_ECC(CERT_TYPE_HBA_ENC, List.of(KEYUSAGE_KEY_AGREEMENT), List.of(), true), CERT_PROFILE_C_HP_AUT_RSA( CERT_TYPE_HBA_AUT, List.of(KEYUSAGE_DIGITAL_SIGNATURE, KEYUSAGE_KEY_ENCIPHERMENT), @@ -137,12 +147,21 @@ public enum CertificateProfile { List.of(KEYUSAGE_KEY_AGREEMENT), List.of(EXT_KEYUSAGE_ID_KP_SERVERAUTH, EXT_KEYUSAGE_ID_KP_CLIENTAUTH), true), - CERT_PROFILE_C_HSK_SIG_ECC( CERT_TYPE_HSK_SIG, List.of(KEYUSAGE_NON_REPUDIATION), List.of(EXT_KEYUSAGE_ID_KP_SERVERAUTH, EXT_KEYUSAGE_ID_KP_CLIENTAUTH), true), + CERT_PROFILE_C_VPNK_VPN_ECC( + CERT_TYPE_VPNK_VPN, + List.of(KEYUSAGE_DIGITAL_SIGNATURE), + List.of(EXT_KEYUSAGE_ID_KP_SERVERAUTH, EXT_KEYUSAGE_ID_KP_CLIENTAUTH), + true), + CERT_PROFILE_C_VPNK_VPN_SIS_ECC( + CERT_TYPE_VPNK_VPN_SIS, + List.of(KEYUSAGE_DIGITAL_SIGNATURE), + List.of(EXT_KEYUSAGE_ID_KP_SERVERAUTH, EXT_KEYUSAGE_ID_KP_CLIENTAUTH), + true), CERT_PROFILE_ANY(CERT_TYPE_ANY, List.of(), List.of(), false); diff --git a/src/main/java/de/gematik/pki/gemlibpki/certificate/CertificateType.java b/src/main/java/de/gematik/pki/gemlibpki/certificate/CertificateType.java index 2188ebb..62f6f42 100644 --- a/src/main/java/de/gematik/pki/gemlibpki/certificate/CertificateType.java +++ b/src/main/java/de/gematik/pki/gemlibpki/certificate/CertificateType.java @@ -26,9 +26,11 @@ public enum CertificateType { CERT_TYPE_AK_AUT("C.AK.AUT", "oid_ak_aut", "1.2.276.0.76.4.79"), CERT_TYPE_CM_TLS_CS("C.CM.TLS-CS", "oid_cm_tls_c", "1.2.276.0.76.4.175"), CERT_TYPE_EGK_AUT("C.CH.AUT", "oid_egk_aut", "1.2.276.0.76.4.70"), + CERT_TYPE_EGK_AUT_ALT("C.CH.AUT_ALT", "oid_egk_aut_alt", "1.2.276.0.76.4.212"), CERT_TYPE_EGK_AUTN("C.CH.AUTN", "oid_egk_autn", "1.2.276.0.76.4.71"), CERT_TYPE_EGK_ENC("C.CH.ENC", "oid_egk_enc", "1.2.276.0.76.4.68"), CERT_TYPE_EGK_ENCV("C.CH.ENCV", "oid_egk_encv", "1.2.276.0.76.4.69"), + CERT_TYPE_EGK_SIG("C.CH.SIG", "oid_egk_sig", "1.2.276.0.76.4.367"), CERT_TYPE_FD_AUT("C.FD.AUT", "oid_fd_aut", "1.2.276.0.76.4.155"), CERT_TYPE_FD_ENC("C.FD.ENC", "oid_fd_enc", "1.2.276.0.76.4.202"), CERT_TYPE_FD_OSIG("C.FD.OSIG", "oid_fd_osig", "1.2.276.0.76.4.283"), @@ -39,6 +41,7 @@ public enum CertificateType { CERT_TYPE_GSMCK_NK_VPN("C.NK.VPN", "oid_nk_vpn", "1.2.276.0.76.4.80"), CERT_TYPE_GSMCK_SAK_AUT("C.SAK.AUT", "oid_sak_aut", "1.2.276.0.76.4.113"), CERT_TYPE_HBA_AUT("C.HP.AUT", "oid_hba_aut", "1.2.276.0.76.4.75"), + CERT_TYPE_HBA_ENC("C.HP.ENC", "oid_hba_enc", "1.2.276.0.76.4.74"), CERT_TYPE_HBA_QES("C.HP.QES", "oid_hba_qes", "1.2.276.0.76.4.72"), CERT_TYPE_HSK_ENC("C.HSK.ENC", "oid_hsk_enc", "1.2.276.0.76.4.301"), CERT_TYPE_HSK_SIG("C.HSK.SIG", "oid_hsk_sig", "1.2.276.0.76.4.300"), @@ -49,6 +52,8 @@ public enum CertificateType { CERT_TYPE_SMC_B_ENC("C.HCI.ENC", "oid_smc_b_enc", "1.2.276.0.76.4.76"), CERT_TYPE_SMC_B_OSIG("C.HCI.OSIG", "oid_smc_b_osig", "1.2.276.0.76.4.78"), CERT_TYPE_SMKT_AUT("C.SMKT.AUT", "oid_smkt_aut", "1.2.276.0.76.4.82"), + CERT_TYPE_VPNK_VPN("C.VPNK.VPN", "oid_vpnk_vpn", "1.2.276.0.76.4.81"), + CERT_TYPE_VPNK_VPN_SIS("C.VPNK.VPN-SIS", "oid_vpnk_vpn_sis", "1.2.276.0.76.4.165"), CERT_TYPE_ZD_SIG("C.ZD.SIG", "oid_zd_sig", "1.2.276.0.76.4.287"), CERT_TYPE_ZD_TLS_S("C.ZD.TLS-S", "oid_zd_tls_s", "1.2.276.0.76.4.157"),