From 37850959659bdd6f9fed3ed93f3626e2a0db9644 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Thu, 19 Jun 2025 11:36:47 +0100
Subject: [PATCH 1/3] Update version of github action

---
 .github/workflows/codeql-analysis.yml         | 11 ++++++----
 .../java/net/sf/portecle/crypto/X509Ext.java  | 22 +++++++++----------
 2 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index f16f958..3adda2e 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -18,7 +18,7 @@ on:
     # The branches below must be a subset of the branches above
     branches: [ main ]
   schedule:
-    - cron: '26 13 * * 0'
+    - cron: '10 10 * * 1'
 
 jobs:
   analyze:
@@ -38,11 +38,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -50,6 +50,9 @@ jobs:
         # Prefix the list here with "+" to use these queries and those in the config file.
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        queries: security-extended,security-and-quality
+
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     #- name: Autobuild
@@ -67,4 +70,4 @@ jobs:
        mvn compile
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v3
diff --git a/src/main/java/net/sf/portecle/crypto/X509Ext.java b/src/main/java/net/sf/portecle/crypto/X509Ext.java
index 926320f..658a175 100644
--- a/src/main/java/net/sf/portecle/crypto/X509Ext.java
+++ b/src/main/java/net/sf/portecle/crypto/X509Ext.java
@@ -876,7 +876,7 @@ private String getPolicyConstraintsStringValue(byte[] bValue)
 		for (int i = 0, len = policyConstraints.size(); i < len; i++)
 		{
 			DERTaggedObject policyConstraint = (DERTaggedObject) policyConstraints.getObjectAt(i);
-			ASN1Integer skipCerts = new ASN1Integer(((DEROctetString) policyConstraint.getObject()).getOctets());
+			ASN1Integer skipCerts = new ASN1Integer(((DEROctetString) policyConstraint.getBaseObject()).getOctets());
 			int iSkipCerts = skipCerts.getValue().intValue();
 
 			switch (policyConstraint.getTagNo())
@@ -1203,18 +1203,18 @@ private String getLogotypeStringValue(byte[] bValue)
 					sb.append(RB.getString("CommunityLogos"));
 					// TODO
 					sb.append("<br>");
-					sb.append(stringify(derTag.getObject()));
+					sb.append(stringify(derTag.getBaseObject()));
 					break;
 				case 1:
 					sb.append("<ul><li>");
 					sb.append(RB.getString("IssuerLogo"));
-					DERTaggedObject ltInfo = (DERTaggedObject) derTag.getObject();
+					DERTaggedObject ltInfo = (DERTaggedObject) derTag.getBaseObject();
 					switch (ltInfo.getTagNo())
 					{
 						case 0: // LogotypeData
 							sb.append("<ul><li>");
 							sb.append("Data");
-							ASN1Sequence ltData = (ASN1Sequence) ltInfo.getObject();
+							ASN1Sequence ltData = (ASN1Sequence) ltInfo.getBaseObject();
 							if (ltData.size() > 0)
 							{
 								sb.append("<ul><li>");
@@ -1283,7 +1283,7 @@ private String getLogotypeStringValue(byte[] bValue)
 						case 1: // LogotypeReference
 							// TODO
 							sb.append("Reference: ");
-							sb.append(stringify(ltInfo.getObject()));
+							sb.append(stringify(ltInfo.getBaseObject()));
 							break;
 						default: // Unknown
 							sb.append(stringify(ltInfo));
@@ -1293,13 +1293,13 @@ private String getLogotypeStringValue(byte[] bValue)
 					sb.append(RB.getString("SubjectLogo"));
 					// TODO
 					sb.append("<br>");
-					sb.append(stringify(derTag.getObject()));
+					sb.append(stringify(derTag.getBaseObject()));
 					break;
 				case 3:
 					sb.append(RB.getString("OtherLogos"));
 					// TODO
 					sb.append("<br>");
-					sb.append(stringify(derTag.getObject()));
+					sb.append(stringify(derTag.getBaseObject()));
 					break;
 				default: // Unknown
 					sb.append(stringify(derTag));
@@ -1357,17 +1357,17 @@ private String getNovellSecurityAttributesStringValue(byte[] bValue)
 		 */
 
 		// Key quality
-		ASN1Sequence keyq = (ASN1Sequence) ((ASN1TaggedObject) glbs.getObjectAt(0)).getObject();
+		ASN1Sequence keyq = (ASN1Sequence) ((ASN1TaggedObject) glbs.getObjectAt(0)).getBaseObject();
 		sb.append("<li>").append(RB.getString("NovellKeyQuality"));
 		sb.append("<ul>").append(getNovellQualityAttr(keyq)).append("</ul></li>");
 
 		// Crypto process quality
-		ASN1Sequence cpq = (ASN1Sequence) ((ASN1TaggedObject) glbs.getObjectAt(1)).getObject();
+		ASN1Sequence cpq = (ASN1Sequence) ((ASN1TaggedObject) glbs.getObjectAt(1)).getBaseObject();
 		sb.append("<li>").append(RB.getString("NovellCryptoProcessQuality"));
 		sb.append("<ul>").append(getNovellQualityAttr(cpq)).append("</ul></li>");
 
 		// Certificate class
-		ASN1Sequence cclass = (ASN1Sequence) ((ASN1TaggedObject) glbs.getObjectAt(2)).getObject();
+		ASN1Sequence cclass = (ASN1Sequence) ((ASN1TaggedObject) glbs.getObjectAt(2)).getBaseObject();
 		sb.append("<li>").append(RB.getString("NovellCertClass"));
 		sb.append(": ");
 		BigInteger sv = ((ASN1Integer) cclass.getObjectAt(0)).getValue();
@@ -1994,7 +1994,7 @@ else if (obj instanceof ASN1TaggedObject)
 		{
 			ASN1TaggedObject tagObj = (ASN1TaggedObject) obj;
 			// Note: "[", _not_ '[' ...
-			return "[" + tagObj.getTagNo() + "] " + stringify(tagObj.getObject());
+			return "[" + tagObj.getTagNo() + "] " + stringify(tagObj.getBaseObject());
 		}
 		else if (obj instanceof ASN1Sequence)
 		{

From 3344df6340fdd9bc0aecf4f95ed45ecac1b5cc46 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Thu, 19 Jun 2025 11:45:07 +0100
Subject: [PATCH 2/3] Add maven test in CI CD pipeline

---
 .github/workflows/maven.yml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 .github/workflows/maven.yml

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
new file mode 100644
index 0000000..3c3d9f6
--- /dev/null
+++ b/.github/workflows/maven.yml
@@ -0,0 +1,35 @@
+name: Java CI with Maven
+
+on: [push, pull_request]
+
+jobs:
+  build:
+    strategy:
+      matrix:
+        java-version: [17]
+        
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Set up JDK ${{matrix.java-version}}
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          cache: maven
+          java-version: ${{matrix.java-version}}
+
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-m2-
+
+      - name: Install dependencies
+        run: mvn install -DskipTests
+      - name: Run tests
+        run: mvn test

From 806514060a1e574ae2e3a71eec1f35d8cb199369 Mon Sep 17 00:00:00 2001
From: Manoj Garai <manoj.garai@stfc.ac.uk>
Date: Mon, 23 Jun 2025 11:36:02 +0100
Subject: [PATCH 3/3] Run only mvn test

---
 .github/workflows/maven.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 3c3d9f6..ccd56d4 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -29,7 +29,5 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-m2-
 
-      - name: Install dependencies
-        run: mvn install -DskipTests
       - name: Run tests
         run: mvn test