Version 0.19.0

Breaking changes:

- Overhauled exception hierarchy
  - New exception class: `U2fCeremonyException`
  - New exception class:
    `U2fRegistrationException extends U2fCeremonyException`
  - New exception class:
    `U2fAuthenticationException extends U2fCeremonyException`
  - The following exception classes now extend
    `U2fAuthenticationException`:
    - `DeviceCompromisedException`
    - `InvalidDeviceCounterException`
    - `NoEligableDevicesException`
    - `NoEligibleDevicesException`
  - `U2fBadConfigurationException` is now a checked exception
  - `U2fBadInputException` is now a checked exception, and is no longer
    thrown directly by the methods of `U2F`.
    - Methods of `U2F` now catch this exception and wrap it in a
      `U2fRegistrationException` or ``U2fAuthenticationException`.
- `DeviceRegistration.getAttestationCertificate()` now returns `null`
  instead of throwing `NoSuchFieldException`
- `static ClientData.getString(JsonNode, String)` now throws
  `U2fBadInputException` instead of `NullPointerException`, or if the
  returned field is not a `String` value
- Some `AssertionError`s and `IllegalArgumentException`s are now
  `U2fBadInputException`s instead

Improvements:

- `BouncyCastleCrypto` now throws more descriptive exceptions

Bug fixes:

- Improved error handling in client data input validation
  - Thanks to Nicholas Wilson for the contribution, see
    Yubico/java-u2flib-server#25

Author: emlun

.gitignore

@@ -5,6 +5,7 @@
 
 # Intellij
 .idea/
+out/
 *.iml
 *.iws
 
@@ -14,3 +15,8 @@
 # Maven
 log/
 target/
+
+# Gradle
+.gradle/
+/build/
+/*/build/

.travis.yml

@@ -1,7 +1,6 @@
 language: java
 jdk:
-  - openjdk7
-  - oraclejdk7
+  - openjdk8
   - oraclejdk8
 after_success:
   - ./gradlew coveralls

NEWS

@@ -1,3 +1,35 @@
+== Version 0.19.0 ==
+
+Breaking changes:
+
+* Overhauled exception hierarchy
+ ** New exception class: `U2fCeremonyException`
+ ** New exception class: `U2fRegistrationException extends U2fCeremonyException`
+ ** New exception class: `U2fAuthenticationException extends U2fCeremonyException`
+ ** The following exception classes now extend `U2fAuthenticationException`:
+  *** `DeviceCompromisedException`
+  *** `InvalidDeviceCounterException`
+  *** `NoEligableDevicesException`
+  *** `NoEligibleDevicesException`
+ ** `U2fBadConfigurationException` is now a checked exception
+ ** `U2fBadInputException` is now a checked exception, and is no longer thrown directly by the methods of `U2F`.
+  *** Methods of `U2F` now catch this exception and wrap it in a `U2fRegistrationException` or ``U2fAuthenticationException`.
+* `DeviceRegistration.getAttestationCertificate()` now returns `null` instead of throwing `NoSuchFieldException`
+* `static ClientData.getString(JsonNode, String)` now throws `U2fBadInputException` instead of `NullPointerException`, or if the returned field is not a `String` value
+* Some `AssertionError`s and `IllegalArgumentException`s are now `U2fBadInputException`s instead
+
+
+Improvements:
+
+* `BouncyCastleCrypto` now throws more descriptive exceptions
+
+
+Bug fixes:
+
+* Improved error handling in client data input validation
+ ** Thanks to Nicholas Wilson for the contribution, see https://github.com/Yubico/java-u2flib-server/pull/25
+
+
 == Version 0.18.1 ==
 
 * Lombok now longer leaks into runtime dependencies

README

@@ -13,14 +13,14 @@ Maven:
  <dependency>
    <groupId>com.yubico</groupId>
    <artifactId>u2flib-server-core</artifactId>
-   <version>0.18.1</version>
+   <version>0.19.0</version>
  </dependency>
 
 Gradle:
 [source, groovy]
  repositories{ mavenCentral() }
  dependencies {
-   compile 'com.yubico:u2flib-server-core:0.18.1'
+   compile 'com.yubico:u2flib-server-core:0.19.0'
  }
 
 === Example Usage

build.gradle

@@ -14,7 +14,7 @@ plugins {
 
 import com.yubico.gradle.plugins.signing.GpgSigningPlugin
 
-project.ext.publishEnabled = System.env.CI != 'true'
+project.ext.publishEnabled = System.env.CI != 'true' && project.hasProperty('ossrhUsername')
 
 if (publishEnabled) {
   nexusStaging {
@@ -41,7 +41,7 @@ allprojects  {
   }
 
   group = 'com.yubico'
-  version = '0.18.1'
+  version = '0.19.0'
 
   sourceCompatibility = 1.6
   targetCompatibility = 1.6

pom.xml

@@ -4,7 +4,7 @@
     <groupId>com.yubico</groupId>
     <artifactId>u2flib-server-parent</artifactId>
     <packaging>pom</packaging>
-    <version>0.8.1</version>
+    <version>0.19.0</version>
     <name>U2F parent</name>
     <description>Java server-side library for U2F</description>
     <properties>

u2flib-server-attestation/README.adoc

@@ -16,14 +16,14 @@ Maven:
  <dependency>
    <groupId>com.yubico</groupId>
    <artifactId>u2flib-server-attestation</artifactId>
-   <version>0.18.1</version>
+   <version>0.19.0</version>
  </dependency>
 
 Gradle:
 [source, groovy]
  repositories{ mavenCentral() }
  dependencies {
-   compile 'com.yubico:u2flib-server-attestation:0.18.1'
+   compile 'com.yubico:u2flib-server-attestation:0.19.0'
  }
 
 

u2flib-server-attestation/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <artifactId>u2flib-server-parent</artifactId>
         <groupId>com.yubico</groupId>
-        <version>0.8.1</version>
+        <version>0.19.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
@@ -14,7 +14,7 @@
         <dependency>
             <groupId>com.yubico</groupId>
             <artifactId>u2flib-server-core</artifactId>
-            <version>0.8.1</version>
+            <version>0.19.0</version>
         </dependency>
     </dependencies>
 

u2flib-server-attestation/src/main/java/com/yubico/u2f/attestation/MetadataService.java

@@ -114,6 +114,9 @@ public Attestation getCachedAttestation(String attestationCertificateFingerprint
     }
 
     public Attestation getAttestation(final X509Certificate attestationCertificate) {
+        if (attestationCertificate == null) {
+            return unknownAttestation;
+        }
         try {
             String fingerprint = Hashing.sha1().hashBytes(attestationCertificate.getEncoded()).toString();
             return cache.get(fingerprint, new Callable<Attestation>() {

u2flib-server-core/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <artifactId>u2flib-server-parent</artifactId>
         <groupId>com.yubico</groupId>
-        <version>0.8.1</version>
+        <version>0.19.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>