updated tsm-api and tsm-rest-api to be compliant to BSI-TR-03165 TSMS…

… v1.0.3

tsm-api/CHANGELOG.md

@@ -1,6 +1,9 @@
 # Changelog
 Changelog file for BSI tsm-api.
 
+## [1.0.3] - 26.05.2023
+* renamed method setCustomAccessToken to setAccessToken and added callback strategy for token creation
+
 ## [1.0.2] - 05.04.2023
 * the version of tsm-api (v1.0.2) is identical to v1.0.1, as there were no differences in the TSM-API specifications between BSI-TR-03165 v1.0.1 and v1.0.2
 * the version number (v1.0.2) was only created to maintain consistency across BSI-TR-03165, tsm-api, and tsm-rest-api.

tsm-api/README.md

@@ -46,13 +46,13 @@ Installing JavaCard applets on a secure component of a smartphone is step three
 
 The resulting build artifacts of this module are:
 
-* **[tsm-api-1.0.2.jar](dist/1.0.2/tsm-api-1.0.2.jar)**
+* **[tsm-api-1.0.3.jar](dist/1.0.3/tsm-api-1.0.3.jar)**
   * can be included into an Android app to use a TSMS by calling TSM-API methods
   * provide default implementations for all data types required by the TSM-API
   * can be used to implement a TSM-API-SDK according to BSI-TR-03165 
-* **[tsm-api-1.0.2-javadoc.jar](dist/1.0.2/tsm-api-1.0.2-javadoc.jar)**
+* **[tsm-api-1.0.3-javadoc.jar](dist/1.0.3/tsm-api-1.0.3-javadoc.jar)**
   * JavaDoc documentation of the TSM-API interfaces, enums and classes
-* **[tsm-api-1.0.2-sources.jar](dist/1.0.2/tsm-api-1.0.2-sources.jar)**
+* **[tsm-api-1.0.3-sources.jar](dist/1.0.3/tsm-api-1.0.3-sources.jar)**
   * source code of the TSM-API
 
 
@@ -127,7 +127,7 @@ The interface [ITsmApiService](src/main/java/de/bund/bsi/tsms/tsmapi/ITsmApiServ
 | updateService(..)                   | Remove old and install new version of JavaCard applet(s) configured in the TSM-Backend.                                                                                     |
 | suspendOrResumeService(..)          | Disable or enable the main JavaCard applet on the smartphone.                                                                                                               |
 | terminateService(..)                | Remove a Service and its JavaCard applet(s) from the smartphone.                                                                                                            |
-| setCustomAccessToken(..)                | An optional method to specify a custom access token to authenticate against the TSM-Backend. |
+| setAccessToken(..)                  | An optional method to specify a custom access token to authenticate against the TSM-Backend. |
 
 
 <a name="prerequisites"></a>

tsm-api/clean.bat

@@ -0,0 +1,13 @@
+@echo off
+
+echo.
+echo #####################
+echo ### clean tsm-api ###
+echo #####################
+echo.
+
+call mvn clean
+
+echo.
+
+pause

tsm-api/dist/1.0.3/changelog-tsm-api-1.0.3.md

@@ -0,0 +1,26 @@
+# Changelog
+Changelog file for BSI tsm-api.
+
+## [1.0.3] - 26.05.2023
+* renamed method setCustomAccessToken to setAccessToken and added callback strategy for token creation
+
+## [1.0.2] - 05.04.2023
+* the version of tsm-api (v1.0.2) is identical to v1.0.1, as there were no differences in the TSM-API specifications between BSI-TR-03165 v1.0.1 and v1.0.2
+* the version number (v1.0.2) was only created to maintain consistency across BSI-TR-03165, tsm-api, and tsm-rest-api.
+
+## [1.0.1] - 14.02.2023
+* modifications to be compliant to BSI TR-03165 v1.0.1:
+  * added new method setCustomAccessToken
+  * EErrorTypes: renamed INVALID_REQUEST to INVALID_ARGUMENT
+  * EErrorTypes: renamed CONTENT_RELATED_ERROR to SECURE_COMPONENT_ERROR
+  * EErrorTypes: renamed INVALID_STATE to NOT_ALLOWED
+  * EErrorTypes: added new error types ALREADY_EXISTS, UNAUTHORIZED, ISSUER_ERROR, NOT_FOUND, OVERLOAD_PROTECTION, UNDER_MAINTENANCE
+* changed maven groupId and java package from de.bsi.tsms to de.bund.bsi.tsms
+* corrected spell issues
+* updated maven plugins to latest stable versions
+
+## [1.0.0] - 07.06.2022
+* created project
+* compliant to BSI TR-03165 v1.0
+
+

tsm-api/pom.xml

@@ -5,7 +5,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>de.bund.bsi.tsms</groupId>
     <artifactId>tsm-api</artifactId>
-    <version>1.0.2</version>
+    <version>1.0.3</version>
 
     <name>TSM-API</name>
     <description>The TSM-API is a Java realization of the TSM-API interface specified in BSI-TR-03165. This interface offers methods to install and remove JavaCard applets on eSEs (embedded Secure Elements) or eSIMs.</description>

tsm-api/src/main/java/de/bund/bsi/tsms/tsmapi/ITsmAccessToken.java

@@ -0,0 +1,27 @@
+package de.bund.bsi.tsms.tsmapi;
+
+/**
+ * The AccessToken is an optional interface to register a custom access token
+ * for message authentication with TSM-Backend. The SP may provide an
+ * implementation of the AccessToken and register it via the TSM-API method
+ * {@link de.bund.bsi.tsms.tsmapi.ITsmApiService#setAccessToken}. When
+ * registered, the TSM-API-SDK will call the method getToken of the AccessToken
+ * to retrieve the authentication token for TSMS communication. The
+ * {@link #getToken} method is called for each TSM-Backend request. Caching the
+ * token and re-questing a new one when expired, must be implemented by the SP.
+ *
+ * @since 1.0.3
+ */
+public interface ITsmAccessToken {
+
+    /**
+     * Callback method called for each request to TSM-Backend. The implementation of
+     * this interface handles token caching and token expiration. The access token
+     * is only active, if the implementation is registered via TSM-API method
+     * {@link de.bund.bsi.tsms.tsmapi.ITsmApiService#setAccessToken}.
+     *
+     * @return A currently valid token.
+     */
+    String getToken();
+
+}

tsm-api/src/main/java/de/bund/bsi/tsms/tsmapi/ITsmApiService.java

@@ -9,7 +9,7 @@
 import de.bund.bsi.tsms.tsmapi.results.ITerminateServiceResult;
 import de.bund.bsi.tsms.tsmapi.results.IServiceDeploymentAvailableResult;
 import de.bund.bsi.tsms.tsmapi.results.IServiceUpdateAvailableResult;
-import de.bund.bsi.tsms.tsmapi.results.ISetCustomAccessTokenResult;
+import de.bund.bsi.tsms.tsmapi.results.ISetAccessTokenResult;
 
 import java.util.List;
 import java.util.concurrent.CompletableFuture;
@@ -444,16 +444,12 @@ CompletableFuture<IServiceUpdateAvailableResult> checkServiceUpdateAvailable(
      * provide a custom access token.<br>
      * <br>
      * In case an SP does not want to use the default built-in authentication
-     * mechanism, the method setCustomAccessToken can be used to set a custom access
-     * token. The SDK uses this long-term token to create a short-term bearer token
-     * for each a method call to external servers.
+     * mechanism, this method can be used to set a custom access token.
      *
      * @param token
-     *            The new token.
-     * @return A proxy object indicating deferred execution which will be fulfilled
-     *         when the expected {@link ISetCustomAccessTokenResult} response is
-     *         available.
+     *            Custom access token implementation to authenticate.
+     * @return Returns an object which contains the result of the request.
      */
-    CompletableFuture<ISetCustomAccessTokenResult> setCustomAccessToken(String token);
+    ISetAccessTokenResult setAccessToken(ITsmAccessToken token);
 
 }

tsm-api/src/main/java/de/bund/bsi/tsms/tsmapi/MockTsmAccessToken.java

@@ -0,0 +1,50 @@
+package de.bund.bsi.tsms.tsmapi;
+
+/**
+ * This is a mock implementation of an {@link ITsmAccessToken}.<br>
+ * <br>
+ * It returns a static token string.
+ *
+ * @since 1.0.3
+ */
+public final class MockTsmAccessToken implements ITsmAccessToken {
+
+    /**
+     * Singleton instance.
+     */
+    private static MockTsmAccessToken instance = null;
+
+    /**
+     * Singleton constructor. Please use {@link #getInstance()}.
+     */
+    private MockTsmAccessToken() {
+    }
+
+    private synchronized void initInstance() {
+        if (instance == null) {
+            instance = new MockTsmAccessToken();
+        }
+    }
+
+    /**
+     * Gets the singleton instance.
+     *
+     * @return Singleton instance.
+     */
+    public MockTsmAccessToken getInstance() {
+        if (instance == null) {
+            initInstance();
+        }
+        return instance;
+    }
+
+    /**
+     * Does nothing.
+     *
+     * @return Returns static string 'tokenSample'.
+     */
+    @Override
+    public String getToken() {
+        return "tokenSample";
+    }
+}

tsm-api/src/main/java/de/bund/bsi/tsms/tsmapi/MockTsmApiService.java

@@ -17,8 +17,8 @@
 import de.bund.bsi.tsms.tsmapi.results.ServiceDeploymentAvailableResult;
 import de.bund.bsi.tsms.tsmapi.results.IServiceUpdateAvailableResult;
 import de.bund.bsi.tsms.tsmapi.results.ServiceUpdateAvailableResult;
-import de.bund.bsi.tsms.tsmapi.results.ISetCustomAccessTokenResult;
-import de.bund.bsi.tsms.tsmapi.results.SetCustomAccessTokenResult;
+import de.bund.bsi.tsms.tsmapi.results.ISetAccessTokenResult;
+import de.bund.bsi.tsms.tsmapi.results.SetAccessTokenResult;
 import de.bund.bsi.tsms.tsmapi.results.ITechnicalInformation;
 import de.bund.bsi.tsms.tsmapi.results.TechnicalInformation;
 import de.bund.bsi.tsms.tsmapi.results.IServiceInstance;
@@ -416,17 +416,9 @@ public CompletableFuture<IServiceUpdateAvailableResult> checkServiceUpdateAvaila
      *         </ul>
      */
     @Override
-    public CompletableFuture<ISetCustomAccessTokenResult> setCustomAccessToken(final String token) {
-        CompletableFuture<ISetCustomAccessTokenResult> future = new CompletableFuture<>();
+    public ISetAccessTokenResult setAccessToken(final ITsmAccessToken token) {
+        SetAccessTokenResult result = new SetAccessTokenResult(EErrorType.NO_ERROR, "");
 
-        Executors.newCachedThreadPool().submit(() -> {
-            SetCustomAccessTokenResult result = new SetCustomAccessTokenResult(EErrorType.NO_ERROR,
-                    "");
-
-            future.complete(result);
-            return null;
-        });
-
-        return future;
+        return result;
     }
 }

tsm-api/src/main/java/de/bund/bsi/tsms/tsmapi/results/ISetCustomAccessTokenResult.java → tsm-api/src/main/java/de/bund/bsi/tsms/tsmapi/results/ISetAccessTokenResult.java

@@ -4,11 +4,11 @@
 
 /**
  * This class defines the result of the TSM-API method
- * {@link de.bund.bsi.tsms.tsmapi.ITsmApiService#setCustomAccessToken(String)}.
+ * {@link de.bund.bsi.tsms.tsmapi.ITsmApiService#setAccessToken}.
  *
  * @since 1.0
  */
-public interface ISetCustomAccessTokenResult {
+public interface ISetAccessTokenResult {
 
     /**
      * An integer value indicating the process execution result.<br>

tsm-api/src/main/java/de/bund/bsi/tsms/tsmapi/results/SetCustomAccessTokenResult.java → tsm-api/src/main/java/de/bund/bsi/tsms/tsmapi/results/SetAccessTokenResult.java

@@ -5,11 +5,11 @@
 import java.util.Objects;
 
 /**
- * Default implementation of {@link ISetCustomAccessTokenResult}.
+ * Default implementation of {@link ISetAccessTokenResult}.
  *
  * @since 1.0
  */
-public class SetCustomAccessTokenResult implements ISetCustomAccessTokenResult {
+public class SetAccessTokenResult implements ISetAccessTokenResult {
 
     /**
      * Error code.
@@ -23,7 +23,7 @@ public class SetCustomAccessTokenResult implements ISetCustomAccessTokenResult {
     /**
      * Constructor for successful execution.
      */
-    public SetCustomAccessTokenResult() {
+    public SetAccessTokenResult() {
         this(EErrorType.NO_ERROR, "");
     }
 
@@ -35,8 +35,7 @@ public SetCustomAccessTokenResult() {
      * @param executionMessage
      *            Error message.
      */
-    public SetCustomAccessTokenResult(final EErrorType executionStatus,
-            final String executionMessage) {
+    public SetAccessTokenResult(final EErrorType executionStatus, final String executionMessage) {
         this.executionStatus = executionStatus;
         this.executionMessage = executionMessage;
     }
@@ -83,7 +82,7 @@ public boolean equals(final Object o) {
         if (o == null || getClass() != o.getClass()) {
             return false;
         }
-        SetCustomAccessTokenResult that = (SetCustomAccessTokenResult) o;
+        SetAccessTokenResult that = (SetAccessTokenResult) o;
         return executionStatus == that.executionStatus;
     }
 

tsm-rest-api/CHANGELOG.md

@@ -1,6 +1,22 @@
 # Changelog
 Changelog file for BSI tsm-rest-api.
 
+## [1.0.3] - 26.05.2023
+* modifications to be compliant to BSI TR-03165 v1.0.3:
+  * applicationConfig: changed installConfig from "Mandatory" to "Optional" (#235)
+  * widened scope of Error Category 1002
+  * changed API method parameter in linkSecureComponentProfiles from Map<string,string[]> to Map<string,string> (#240)
+  * changed parameters spId, serviceId, elfId, certificateId from "Mandatory" to "Optional" (#242)
+* removed discriminator from ExecutableLoadFile (#232)
+* removed pattern restriction for SecureComponentProfile#osVersion  (#234)
+* REST-API methods using ExecutableLoadFile should support Polymorphism (and should accept CAP). Affected methods (#232):
+  * GET /secure-component-profiles/{scpId}/elfs
+  * GET /services/{serviceId}/flavors/{flavorId}/executable-load-files:
+  * GET /executable-load-files
+  * POST /executable-load-files
+  * GET /executable-load-files/{elfId}
+  * PUT /executable-load-files/{elfId}
+
 ## [1.0.2] - 05.04.2023
 * modifications to be compliant to BSI TR-03165 v1.0.2:
   * renamed attribute cspFull to useCSPFull of FeatureConfig

tsm-rest-api/README.md

@@ -4,7 +4,7 @@
 
 The module **tsm-rest-api** is an OpenApi realization of the TSM-Backend REST-API specified in section 4.1 of [BSI-TR-03165](https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Technische-Richtlinien/TR-nach-Thema-sortiert/tr03165/tr-03165.html). It is a submodule of [GitHub-BSI-TSMS](../README.md).
 
-Swagger-ui documentation of latest TSM-REST-API: [tsm-rest-api.yaml](https://petstore.swagger.io/?url=https://raw.githubusercontent.com/BSI-Bund/TSMS/main/tsm-rest-api/dist/1.0.2/tsm-rest-api-1.0.2.yaml)
+Swagger-ui documentation of latest TSM-REST-API: [tsm-rest-api.yaml](https://petstore.swagger.io/?url=https://raw.githubusercontent.com/BSI-Bund/TSMS/main/tsm-rest-api/dist/1.0.3/tsm-rest-api-1.0.3.yaml)
 
 
 Content:
@@ -46,32 +46,32 @@ Uploading JavaCard applets to a TSM-Backend and the configuration of Services vi
 
 The main result of this project is an OpenApi [tsm-rest-api.yaml](tsm-rest-api.yaml) file which specifies the REST-API to configure the TSM-Backend. Beside this, the projects provides scripts to generate additional supporting documents like documentation and transcripts of the API to other formats like JSON and Java. 
 
-Latest official version: 1.0.2
+Latest official version: 1.0.3
 
 The version numbering matches the versions of the BSI-TR-03165, i.e. TR-03165 in version a.b equates to tsm-rest-api-a.b.x. The last digit x is reserved for bugfixes applied on this project itself. 
 
 Resulting build artifacts are:
 
-* **[tsm-rest-api-1.0.2.yaml](dist/1.0.2/tsm-rest-api-1.0.2.yaml)**
+* **[tsm-rest-api-1.0.3.yaml](dist/1.0.3/tsm-rest-api-1.0.3.yaml)**
   * OpenApi specification for the TSM-REST-API  
   * can be used for code generation with [swagger-codegen](https://swagger.io/tools/swagger-codegen)
   * can be visualized with [Swagger UI](https://swagger.io/tools/swagger-ui)
   * contains scheme definition for the data types used in TSM-Backend REST-API (compatible to xsd)
-* **[tsm-rest-api-1.0.2.json](dist/1.0.2/tsm-rest-api-1.0.2.json)**
+* **[tsm-rest-api-1.0.3.json](dist/1.0.3/tsm-rest-api-1.0.3.json)**
   * other format for OpenApi yaml file of the TSM-REST-API
-* **[tsm-rest-api-1.0.2-swagger-ui.zip](dist/1.0.2/tsm-rest-api-1.0.2-swagger-ui.zip)**
+* **[tsm-rest-api-1.0.3-swagger-ui.zip](dist/1.0.3/tsm-rest-api-1.0.3-swagger-ui.zip)**
   * offline Swagger UI documentation for TSM-REST-API
-* **[generate-tsm-rest-api-java-client-1.0.2-pom.xml](dist/1.0.2/generate-tsm-rest-api-java-client-1.0.2-pom.xml)**
+* **[generate-tsm-rest-api-java-client-1.0.3-pom.xml](dist/1.0.3/generate-tsm-rest-api-java-client-1.0.3-pom.xml)**
   * Maven definition file to configure [swagger-codegen](https://swagger.io/tools/swagger-codegen) to generate a java-client from the OpenApi yaml file
-* **[tsm-rest-api-java-client-1.0.2.jar](dist/1.0.2/tsm-rest-api-java-client-1.0.2.jar)**
+* **[tsm-rest-api-java-client-1.0.3.jar](dist/1.0.3/tsm-rest-api-java-client-1.0.3.jar)**
   * java library to access a TSM
   * can be integrated into a Java application
   * can be used to call REST-API methods of the TSM-Backend
   * provide default implementation for the data types required for TSM-Backend REST-API
   * generated via [swagger-codegen](https://swagger.io/tools/swagger-codegen) from tsm-rest-api.json
-* **[tsm-rest-api-java-client-1.0.2-javadoc.jar](dist/1.0.2/tsm-rest-api-java-client-1.0.2-javadoc.jar)**
+* **[tsm-rest-api-java-client-1.0.3-javadoc.jar](dist/1.0.3/tsm-rest-api-java-client-1.0.3-javadoc.jar)**
   * javadocs for the java-client
-* **[tsm-rest-api-java-client-1.0.2-sources.jar](dist/1.0.2/tsm-rest-api-java-client-1.0.2-sources.jar)**
+* **[tsm-rest-api-java-client-1.0.3-sources.jar](dist/1.0.3/tsm-rest-api-java-client-1.0.3-sources.jar)**
   * source code of the java-client
 
 
@@ -206,8 +206,8 @@ All methods of the TSM-Backend REST-API are described in detail in BSI-TR-03165
 
 Additional documentation generated from the TR is available here:
 
-* Online Swagger UI documentation: [tsm-rest-api.yaml](https://petstore.swagger.io/?url=https://raw.githubusercontent.com/BSI-Bund/TSMS/main/tsm-rest-api/dist/1.0.2/tsm-rest-api-1.0.2.yaml)
-* Offline Swagger UI documentation: [tsm-rest-api-1.0.2-swagger-ui.zip](dist/1.0.2/tsm-rest-api-1.0.2-swagger-ui.zip)
+* Online Swagger UI documentation: [tsm-rest-api.yaml](https://petstore.swagger.io/?url=https://raw.githubusercontent.com/BSI-Bund/TSMS/main/tsm-rest-api/dist/1.0.3/tsm-rest-api-1.0.3.yaml)
+* Offline Swagger UI documentation: [tsm-rest-api-1.0.3-swagger-ui.zip](dist/1.0.3/tsm-rest-api-1.0.3-swagger-ui.zip)
 * Java-Client documentation: [docs/README.md](docs/README.md)
 
 

tsm-rest-api/clean.bat

@@ -0,0 +1,13 @@
+@echo off
+
+echo.
+echo ##########################
+echo ### clean tsm-rest-api ###
+echo ##########################
+echo.
+
+call mvn clean
+
+echo.
+
+pause