diff --git a/sdk/pom.xml b/sdk/pom.xml
index 64497996..859f975a 100644
--- a/sdk/pom.xml
+++ b/sdk/pom.xml
@@ -18,6 +18,22 @@
4.12.0
protocol/go/v0.16.0
+
+
+
+ org.junit.platform
+ junit-platform-commons
+ 1.11.0
+ test
+
+
+ org.junit.platform
+ junit-platform-engine
+ 1.11.0
+ test
+
+
+
@@ -289,6 +305,12 @@
${kotlin.version}
test
+
+ com.tngtech.archunit
+ archunit-junit5
+ 1.3.0
+ test
+
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/AesGcm.java b/sdk/src/main/java/io/opentdf/platform/sdk/AesGcm.java
index 71445f69..f5bb0bee 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/AesGcm.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/AesGcm.java
@@ -17,7 +17,7 @@
* It includes methods to encrypt and decrypt byte arrays using a specified
* symmetric key.
*/
-public class AesGcm {
+class AesGcm {
public static final int GCM_NONCE_LENGTH = 12; // in bytes
public static final int GCM_TAG_LENGTH = 16; // in bytes
private static final String CIPHER_TRANSFORM = "AES/GCM/NoPadding";
@@ -34,7 +34,7 @@ public byte[] getKey() {
return key.getEncoded();
}
- public static class Encrypted {
+ static class Encrypted {
private final byte[] iv;
private final byte[] ciphertext;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/AssertionConfig.java b/sdk/src/main/java/io/opentdf/platform/sdk/AssertionConfig.java
index a1e83a8d..8a79fe6a 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/AssertionConfig.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/AssertionConfig.java
@@ -73,7 +73,7 @@ public String toString() {
}
}
- public enum BindingMethod {
+ enum BindingMethod {
JWS("jws");
private String method;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/AsymDecryption.java b/sdk/src/main/java/io/opentdf/platform/sdk/AsymDecryption.java
index b76d1523..671201fe 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/AsymDecryption.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/AsymDecryption.java
@@ -12,7 +12,7 @@
/**
* Class providing functionality for asymmetric decryption using an RSA private key.
*/
-public class AsymDecryption {
+class AsymDecryption {
private final PrivateKey privateKey;
private static final String PRIVATE_KEY_HEADER = "-----BEGIN PRIVATE KEY-----";
private static final String PRIVATE_KEY_FOOTER = "-----END PRIVATE KEY-----";
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/AsymEncryption.java b/sdk/src/main/java/io/opentdf/platform/sdk/AsymEncryption.java
index 3a81b1f5..fd81bda4 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/AsymEncryption.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/AsymEncryption.java
@@ -19,7 +19,7 @@
* AsymEncryption class provides methods for asymmetric encryption and
* handling public keys in PEM format.
*/
-public class AsymEncryption {
+class AsymEncryption {
private final PublicKey publicKey;
private static final String PUBLIC_KEY_HEADER = "-----BEGIN PUBLIC KEY-----";
private static final String PUBLIC_KEY_FOOTER = "-----END PUBLIC KEY-----";
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java b/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java
index ffe9e239..520ecdf5 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java
@@ -54,7 +54,7 @@ class RuleType {
* This class includes functionality to create granter instances based on
* attributes either from a list of attribute values or from a service.
*/
-public class Autoconfigure {
+class Autoconfigure {
private static Logger logger = LoggerFactory.getLogger(Autoconfigure.class);
@@ -98,7 +98,7 @@ public KeySplitTemplate(String kas, String splitID, String kid, KeyType keyType)
}
}
- public static class KeySplitStep {
+ static class KeySplitStep {
final String kas;
final String splitID;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/CryptoUtils.java b/sdk/src/main/java/io/opentdf/platform/sdk/CryptoUtils.java
index 158e47be..e9c35cd5 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/CryptoUtils.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/CryptoUtils.java
@@ -12,7 +12,7 @@
/**
* Utility class for cryptographic operations such as generating RSA key pairs and calculating HMAC.
*/
-public class CryptoUtils {
+class CryptoUtils {
private static final int KEYPAIR_SIZE = 2048;
public static byte[] CalculateSHA256Hmac(byte[] key, byte[] data) {
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/ECCurve.java b/sdk/src/main/java/io/opentdf/platform/sdk/ECCurve.java
index 79edbec0..2c1a6173 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/ECCurve.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/ECCurve.java
@@ -10,7 +10,7 @@
/**
* Elliptic curve definitions for EC key operations.
*/
-public enum ECCurve {
+enum ECCurve {
SECP256R1("secp256r1", 32, 33, 0x00),
SECP384R1("secp384r1", 48, 49, 0x01),
SECP521R1("secp521r1", 66, 67, 0x02),
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java b/sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java
index 36110853..a4279a70 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java
@@ -27,7 +27,7 @@
import java.util.Objects;
// https://www.bouncycastle.org/latest_releases.html
-public class ECKeyPair {
+class ECKeyPair {
private static final int SHA256_BYTES = 32;
@@ -37,7 +37,7 @@ public class ECKeyPair {
private final ECCurve curve;
- public enum ECAlgorithm {
+ enum ECAlgorithm {
ECDH,
ECDSA
}
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/EntityIdentifiers.java b/sdk/src/main/java/io/opentdf/platform/sdk/EntityIdentifiers.java
index af6e4234..764f84f4 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/EntityIdentifiers.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/EntityIdentifiers.java
@@ -27,7 +27,7 @@
* EntityIdentifiers.forEmail("jen@example.com");
* }
*/
-public final class EntityIdentifiers {
+final class EntityIdentifiers {
private EntityIdentifiers() {}
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/InvalidZipException.java b/sdk/src/main/java/io/opentdf/platform/sdk/InvalidZipException.java
index 8bba58bd..4a7d33f0 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/InvalidZipException.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/InvalidZipException.java
@@ -5,7 +5,7 @@
* is invalid or corrupted in some way. This exception extends RuntimeException,
* allowing it to be thrown during the normal operation of the Java Virtual Machine.
*/
-public class InvalidZipException extends RuntimeException {
+public class InvalidZipException extends SDKException {
public InvalidZipException(String message) {
super(message);
}
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/Manifest.java b/sdk/src/main/java/io/opentdf/platform/sdk/Manifest.java
index 20fbb13e..eb802c4e 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/Manifest.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/Manifest.java
@@ -96,7 +96,7 @@ public JsonElement serialize(Object src, Type typeOfSrc, JsonSerializationContex
}
}
- static public class Segment {
+ static class Segment {
public String hash;
public long segmentSize;
public long encryptedSegmentSize;
@@ -167,7 +167,7 @@ public int hashCode() {
}
}
- static public class PolicyBinding {
+ static class PolicyBinding {
public String alg;
public String hash;
@@ -298,7 +298,7 @@ public int hashCode() {
}
}
- static public class Binding {
+ static class Binding {
public String method;
public String signature;
@@ -318,14 +318,14 @@ public int hashCode() {
}
}
- static public class Assertion {
+ static class Assertion {
public String id;
public String type;
public String scope;
public String appliesToState;
public AssertionConfig.Statement statement;
public Binding binding;
- static public class HashValues {
+ static class HashValues {
private final String assertionHash;
private final String signature;
@@ -528,7 +528,7 @@ private JWSVerifier createVerifier(RSAPublicKey publicKey) {
}
}
- public static class AssertionValueAdapter implements JsonDeserializer {
+ static class AssertionValueAdapter implements JsonDeserializer {
@Override
public AssertionConfig.Statement deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
if (!json.isJsonObject()) {
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/Planner.java b/sdk/src/main/java/io/opentdf/platform/sdk/Planner.java
index 477d315a..00e2ec1a 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/Planner.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/Planner.java
@@ -25,7 +25,7 @@
import java.util.stream.Collectors;
-public class Planner {
+class Planner {
private static final String BASE_KEY = "base_key";
private final Config.TDFConfig tdfConfig;
private final SDK.Services services;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/PolicyEnums.java b/sdk/src/main/java/io/opentdf/platform/sdk/PolicyEnums.java
index 5c426cf8..d6aee7b6 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/PolicyEnums.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/PolicyEnums.java
@@ -22,7 +22,7 @@
* .setOperator(OPERATOR_IN);
* }
*/
-public final class PolicyEnums {
+final class PolicyEnums {
private PolicyEnums() {}
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/PolicyObject.java b/sdk/src/main/java/io/opentdf/platform/sdk/PolicyObject.java
index 9d708699..bd9a18f3 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/PolicyObject.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/PolicyObject.java
@@ -6,7 +6,7 @@
* The PolicyObject class represents a policy with a unique identifier and a body containing data attributes.
*/
public class PolicyObject {
- static public class AttributeObject {
+ static class AttributeObject {
public String attribute;
public String displayName;
public boolean isDefault;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/Resources.java b/sdk/src/main/java/io/opentdf/platform/sdk/Resources.java
index 527bec7f..e83546d8 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/Resources.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/Resources.java
@@ -24,7 +24,7 @@
* Resources.forAttributeValues("https://example.com/attr/department/value/finance");
* }
*/
-public final class Resources {
+final class Resources {
private Resources() {}
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/TDFReader.java b/sdk/src/main/java/io/opentdf/platform/sdk/TDFReader.java
index 6e9f32d2..b94844d2 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/TDFReader.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/TDFReader.java
@@ -16,7 +16,7 @@
* The class initializes with a TDF file channel, extracts the manifest and payload entries,
* and provides methods to retrieve the manifest content, read payload bytes, and read policy objects.
*/
-public class TDFReader {
+class TDFReader {
private final ZipReader.Entry manifestEntry;
private final InputStream payload;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/TDFWriter.java b/sdk/src/main/java/io/opentdf/platform/sdk/TDFWriter.java
index 048822f6..825f51db 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/TDFWriter.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/TDFWriter.java
@@ -8,7 +8,7 @@
* The TDFWriter class provides functionalities for creating a TDF (Trusted Data Format) archive.
* This includes appending a manifest file and appending payload data to the archive.
*/
-public class TDFWriter {
+class TDFWriter {
public static final String TDF_PAYLOAD_FILE_NAME = "0.payload";
public static final String TDF_MANIFEST_FILE_NAME = "0.manifest.json";
private final ZipWriter archiveWriter;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/ZipReader.java b/sdk/src/main/java/io/opentdf/platform/sdk/ZipReader.java
index cf0b5772..2a3578d9 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/ZipReader.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/ZipReader.java
@@ -19,7 +19,7 @@
* Local File Header. This class supports standard ZIP archives as well
* as ZIP64 format.
*/
-public class ZipReader {
+class ZipReader {
public static final Logger logger = LoggerFactory.getLogger(ZipReader.class);
public static final int END_OF_CENTRAL_DIRECTORY_SIZE = 22;
@@ -148,7 +148,7 @@ private CentralDirectoryRecord extractZIP64CentralDirectoryInfo() throws IOExcep
return new CentralDirectoryRecord(totalNumCDEntries, cdOffset);
}
- public class Entry {
+ class Entry {
private final long fileSize;
private final String fileName;
final long offsetToLocalHeader;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/ZipWriter.java b/sdk/src/main/java/io/opentdf/platform/sdk/ZipWriter.java
index 71aea34c..862e14a4 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/ZipWriter.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/ZipWriter.java
@@ -13,7 +13,7 @@
* The ZipWriter class provides functionalities to create ZIP archive files.
* It writes files and data to an underlying output stream in the ZIP file format.
*/
-public class ZipWriter {
+class ZipWriter {
private static final int ZIP_VERSION = 0x2D;
private static final int ZIP_64_MAGIC_VAL = 0xFFFFFFFF;
diff --git a/sdk/src/test/java/io/opentdf/platform/sdk/Fuzzing.java b/sdk/src/test/java/io/opentdf/platform/sdk/Fuzzing.java
index 72ce61d0..eda53fee 100644
--- a/sdk/src/test/java/io/opentdf/platform/sdk/Fuzzing.java
+++ b/sdk/src/test/java/io/opentdf/platform/sdk/Fuzzing.java
@@ -39,7 +39,7 @@ public void fuzzTDF(FuzzedDataProvider data) {
Reader reader = tdf.loadTDF(new SeekableInMemoryByteChannel(fuzzBytes), readerConfig);
reader.readPayload(IGNORE_OUTPUT_STREAM);
- } catch (SDKException | InvalidZipException | JsonParseException | IOException | IllegalArgumentException e) {
+ } catch (SDKException | JsonParseException | IOException | IllegalArgumentException e) {
// expected failure cases
}
}