Fix deprecation warnings

Author: emlun

webauthn-server-attestation/src/main/java/com/yubico/fido/metadata/FidoMetadataDownloaderException.java

@@ -1,9 +1,8 @@
 package com.yubico.fido.metadata;
 
+import lombok.Getter;
 import lombok.NonNull;
-import lombok.Value;
 
-@Value
 public class FidoMetadataDownloaderException extends Exception {
 
   public enum Reason {
@@ -16,19 +15,20 @@ public enum Reason {
     }
   }
 
-  @NonNull
+  @NonNull @Getter
   /** The reason why this exception was thrown. */
   private final Reason reason;
 
   /** A {@link Throwable} that caused this exception. May be null. */
-  private final Throwable cause;
+  @Getter private final Throwable cause;
 
-  FidoMetadataDownloaderException(Reason reason, Throwable cause) {
+  FidoMetadataDownloaderException(@NonNull Reason reason, Throwable cause) {
+    super(cause);
     this.reason = reason;
     this.cause = cause;
   }
 
-  FidoMetadataDownloaderException(Reason reason) {
+  FidoMetadataDownloaderException(@NonNull Reason reason) {
     this(reason, null);
   }
 

webauthn-server-attestation/src/test/scala/com/yubico/fido/metadata/FidoMetadataDownloaderSpec.scala

@@ -334,7 +334,7 @@ class FidoMetadataDownloaderSpec
           )
 
           blob should not be null
-          blob.getHeader.getX5c.get.asScala.last.getIssuerDN.getName should equal(
+          blob.getHeader.getX5c.get.asScala.last.getIssuerX500Principal.getName should equal(
             trustRootDistinguishedName
           )
           writtenCache should equal(
@@ -404,7 +404,7 @@ class FidoMetadataDownloaderSpec
               .build()
           )
           blob should not be null
-          blob.getHeader.getX5c.get.asScala.last.getIssuerDN.getName should equal(
+          blob.getHeader.getX5c.get.asScala.last.getIssuerX500Principal.getName should equal(
             newTrustRootDistinguishedName
           )
           writtenCache should equal(
@@ -467,7 +467,7 @@ class FidoMetadataDownloaderSpec
               .build()
           )
           blob should not be null
-          blob.getHeader.getX5c.get.asScala.last.getIssuerDN.getName should equal(
+          blob.getHeader.getX5c.get.asScala.last.getIssuerX500Principal.getName should equal(
             trustRootDistinguishedName
           )
           cacheFile.lastModified should equal(initialModTime)
@@ -527,7 +527,7 @@ class FidoMetadataDownloaderSpec
               .build()
           )
           blob should not be null
-          blob.getHeader.getX5c.get.asScala.last.getIssuerDN.getName should equal(
+          blob.getHeader.getX5c.get.asScala.last.getIssuerX500Principal.getName should equal(
             trustRootDistinguishedName
           )
           cacheFile.exists() should be(true)
@@ -600,7 +600,7 @@ class FidoMetadataDownloaderSpec
               .build()
           )
           blob should not be null
-          blob.getHeader.getX5c.get.asScala.last.getIssuerDN.getName should equal(
+          blob.getHeader.getX5c.get.asScala.last.getIssuerX500Principal.getName should equal(
             newTrustRootDistinguishedName
           )
           cacheFile.exists() should be(true)
@@ -656,7 +656,7 @@ class FidoMetadataDownloaderSpec
               .build()
           )
           blob should not be null
-          blob.getHeader.getX5c.get.asScala.last.getIssuerDN.getName should equal(
+          blob.getHeader.getX5c.get.asScala.last.getIssuerX500Principal.getName should equal(
             trustRootDistinguishedName
           )
           writtenCache should equal(None)

webauthn-server-core/src/main/java/com/yubico/webauthn/PackedAttestationStatementVerifier.java

@@ -106,7 +106,7 @@ private boolean verifySelfAttestationSignature(
       throw new RuntimeException(e);
     }
 
-    final Long keyAlgId =
+    final long keyAlgId =
         CBORObject.DecodeFromBytes(
                 attestationObject
                     .getAuthenticatorData()
@@ -115,15 +115,16 @@ private boolean verifySelfAttestationSignature(
                     .getCredentialPublicKey()
                     .getBytes())
             .get(CBORObject.FromObject(3))
-            .AsInt64();
+            .AsNumber()
+            .ToInt64IfExact();
     final COSEAlgorithmIdentifier keyAlg =
         COSEAlgorithmIdentifier.fromId(keyAlgId)
             .orElseThrow(
                 () ->
                     new IllegalArgumentException(
                         "Unsupported COSE algorithm identifier: " + keyAlgId));
 
-    final Long sigAlgId = attestationObject.getAttestationStatement().get("alg").asLong();
+    final long sigAlgId = attestationObject.getAttestationStatement().get("alg").asLong();
     final COSEAlgorithmIdentifier sigAlg =
         COSEAlgorithmIdentifier.fromId(sigAlgId)
             .orElseThrow(

webauthn-server-core/src/main/java/com/yubico/webauthn/TpmAttestationStatementVerifier.java

@@ -82,7 +82,7 @@ static final class Attributes {
             | (1 << 3) // 3 Reserved
             | (0x3 << 8) // 9:8 Reserved
             | (0xF << 12) // 15:12 Reserved
-            | ((0xFFFFFFFF << 19) & ((1 << 32) - 1)) // 31:19 Reserved
+            | ((0xFFFFFFFF << 19) & ((1 << 31) | ((1 << 31) - 1))) // 31:19 Reserved
         ;
   }
 

webauthn-server-core/src/main/java/com/yubico/webauthn/data/Extensions.java

@@ -428,8 +428,10 @@ static Optional<List<UvmEntry>> parseAuthenticatorExtensionOutput(CBORObject cbo
                     uvmEntry ->
                         new UvmEntry(
                             UserVerificationMethod.fromValue(uvmEntry.get(0).AsInt32Value()),
-                            KeyProtectionType.fromValue(uvmEntry.get(1).AsInt16()),
-                            MatcherProtectionType.fromValue(uvmEntry.get(2).AsInt16())))
+                            KeyProtectionType.fromValue(
+                                uvmEntry.get(1).AsNumber().ToInt16IfExact()),
+                            MatcherProtectionType.fromValue(
+                                uvmEntry.get(2).AsNumber().ToInt16IfExact())))
                 .collect(Collectors.toList()));
       } else {
         return Optional.empty();
@@ -470,7 +472,7 @@ private static boolean validateAuthenticatorExtensionOutput(CBORObject extension
         }
 
         for (CBORObject i : entry.getValues()) {
-          if (!i.isIntegral()) {
+          if (!(i.isNumber() && i.AsNumber().IsInteger())) {
             log.debug("Invalid type for uvmEntry element: expected integer, was: {}", i.getType());
             return false;
           }

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyAssertionSpec.scala

@@ -418,9 +418,15 @@ class RelyingPartyAssertionSpec
         )
 
         result.isSuccess should be(true)
-        result.getUserHandle should equal(registrationTestData.userId.getId)
-        result.getCredentialId should equal(registrationTestData.response.getId)
-        result.getCredentialId should equal(testData.response.getId)
+        result.getCredential.getUserHandle should equal(
+          registrationTestData.userId.getId
+        )
+        result.getCredential.getCredentialId should equal(
+          registrationTestData.response.getId
+        )
+        result.getCredential.getCredentialId should equal(
+          testData.response.getId
+        )
         credRepo.lookupCount should equal(1)
       }
 
@@ -1906,8 +1912,12 @@ class RelyingPartyAssertionSpec
           Try(steps.run) shouldBe a[Success[_]]
 
           step.result.get.isSuccess should be(true)
-          step.result.get.getCredentialId should equal(Defaults.credentialId)
-          step.result.get.getUserHandle should equal(Defaults.userHandle)
+          step.result.get.getCredential.getCredentialId should equal(
+            Defaults.credentialId
+          )
+          step.result.get.getCredential.getUserHandle should equal(
+            Defaults.userHandle
+          )
           step.result.get.getCredential.getCredentialId should equal(
             step.result.get.getCredentialId
           )
@@ -2001,8 +2011,8 @@ class RelyingPartyAssertionSpec
         )
 
         result.isSuccess should be(true)
-        result.getUserHandle should equal(testData.userId.getId)
-        result.getCredentialId should equal(credId)
+        result.getCredential.getUserHandle should equal(testData.userId.getId)
+        result.getCredential.getCredentialId should equal(credId)
       }
 
       it("an Ed25519 key.") {
@@ -2133,8 +2143,10 @@ class RelyingPartyAssertionSpec
         )
 
         result.isSuccess should be(true)
-        result.getUserHandle should equal(registrationRequest.getUser.getId)
-        result.getCredentialId should equal(credId)
+        result.getCredential.getUserHandle should equal(
+          registrationRequest.getUser.getId
+        )
+        result.getCredential.getCredentialId should equal(credId)
       }
 
       it("a generated Ed25519 key.") {
@@ -2172,9 +2184,15 @@ class RelyingPartyAssertionSpec
         )
 
         result.isSuccess should be(true)
-        result.getUserHandle should equal(registrationTestData.userId.getId)
-        result.getCredentialId should equal(registrationTestData.response.getId)
-        result.getCredentialId should equal(testData.response.getId)
+        result.getCredential.getUserHandle should equal(
+          registrationTestData.userId.getId
+        )
+        result.getCredential.getCredentialId should equal(
+          registrationTestData.response.getId
+        )
+        result.getCredential.getCredentialId should equal(
+          testData.response.getId
+        )
       }
 
       describe("an RS1 key") {
@@ -2215,11 +2233,15 @@ class RelyingPartyAssertionSpec
           )
 
           result.isSuccess should be(true)
-          result.getUserHandle should equal(registrationTestData.userId.getId)
-          result.getCredentialId should equal(
+          result.getCredential.getUserHandle should equal(
+            registrationTestData.userId.getId
+          )
+          result.getCredential.getCredentialId should equal(
             registrationTestData.response.getId
           )
-          result.getCredentialId should equal(testData.response.getId)
+          result.getCredential.getCredentialId should equal(
+            testData.response.getId
+          )
         }
 
         it("with basic attestation.") {
@@ -2275,8 +2297,10 @@ class RelyingPartyAssertionSpec
           )
 
           result.isSuccess should be(true)
-          result.getUserHandle should equal(testData.userId.getId)
-          result.getCredentialId should equal(testData.response.getId)
+          result.getCredential.getUserHandle should equal(testData.userId.getId)
+          result.getCredential.getCredentialId should equal(
+            testData.response.getId
+          )
         }
       }
     }

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyCeremoniesSpec.scala

@@ -110,8 +110,12 @@ class RelyingPartyCeremoniesSpec
     )
 
     assertionResult.isSuccess should be(true)
-    assertionResult.getCredentialId should equal(testData.assertion.get.id)
-    assertionResult.getUserHandle should equal(testData.user.getId)
+    assertionResult.getCredential.getCredentialId should equal(
+      testData.assertion.get.id
+    )
+    assertionResult.getCredential.getUserHandle should equal(
+      testData.user.getId
+    )
     assertionResult.getUsername should equal(testData.user.getName)
     assertionResult.getSignatureCount should be >= testData.attestation.authenticatorData.getSignatureCounter
     assertionResult.isSignatureCounterValid should be(true)

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyRegistrationSpec.scala

@@ -1714,7 +1714,7 @@ class RelyingPartyRegistrationSpec
                         ).getAuthenticatorData.getAttestedCredentialData.get.getCredentialPublicKey.getBytes
                       )
                       .get(CBORObject.FromObject(3))
-                      .AsInt64 should equal(-7)
+                      .AsInt64Value should equal(-7)
                     new AttestationObject(
                       testDataBase.attestationObject
                     ).getAttestationStatement.get("alg").longValue should equal(
@@ -1791,7 +1791,7 @@ class RelyingPartyRegistrationSpec
                         attObj.getAuthenticatorData.getAttestedCredentialData.get.getCredentialPublicKey.getBytes
                       )
                       .get(CBORObject.FromObject(3))
-                      .AsInt64 should equal(-257)
+                      .AsInt64Value should equal(-257)
                     attObj.getAttestationStatement
                       .get("alg")
                       .longValue should equal(-65535)

webauthn-server-core/src/test/scala/com/yubico/webauthn/data/JsonIoSpec.scala

@@ -372,7 +372,7 @@ class JsonIoSpec
           val encoded = json.writeValueAsString(tree)
           println(authenticatorAttachment)
           val decoded = json.readValue(encoded, tpe)
-          decoded.getAuthenticatorAttachment.asScala should be(None)
+          decoded.getAuthenticatorAttachment.toScala should be(None)
         }
 
         forAll(
@@ -388,7 +388,7 @@ class JsonIoSpec
           println(authenticatorAttachment)
           val decoded = json.readValue(encoded, tpe)
 
-          decoded.getAuthenticatorAttachment.asScala should equal(
+          decoded.getAuthenticatorAttachment.toScala should equal(
             Some(authenticatorAttachment)
           )
         }
@@ -402,7 +402,7 @@ class JsonIoSpec
           val encoded = json.writeValueAsString(tree)
           val decoded = json.readValue(encoded, tpe)
 
-          decoded.getAuthenticatorAttachment.asScala should be(None)
+          decoded.getAuthenticatorAttachment.toScala should be(None)
         }
       }
 

webauthn-server-core/src/test/scala/com/yubico/webauthn/extension/uvm/Generators.scala

@@ -2,15 +2,17 @@ package com.yubico.webauthn.extension.uvm
 
 import org.scalacheck.Gen
 
+import scala.collection.immutable.ArraySeq
+
 object Generators {
 
   def userVerificationMethod: Gen[UserVerificationMethod] =
-    Gen.oneOf(UserVerificationMethod.values)
+    Gen.oneOf(ArraySeq.unsafeWrapArray(UserVerificationMethod.values))
 
   def keyProtectionType: Gen[KeyProtectionType] =
-    Gen.oneOf(KeyProtectionType.values)
+    Gen.oneOf(ArraySeq.unsafeWrapArray(KeyProtectionType.values))
 
   def matcherProtectionType: Gen[MatcherProtectionType] =
-    Gen.oneOf(MatcherProtectionType.values)
+    Gen.oneOf(ArraySeq.unsafeWrapArray(MatcherProtectionType.values))
 
 }