From 759ac5f42c6aff901dbeede4fbf1a1d2e08cad0f Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 4 Dec 2019 19:43:32 +0100 Subject: common EGIZ code-style refactoring --- .../eaaf/modules/auth/sl20/utils/IJoseTools.java | 84 ++++++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java') diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java new file mode 100644 index 00000000..caa2e8d8 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/IJoseTools.java @@ -0,0 +1,84 @@ +package at.gv.egiz.eaaf.modules.auth.sl20.utils; + +import java.io.IOException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.cert.X509Certificate; +import java.util.List; +import javax.annotation.Nonnull; +import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; +import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; +import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoBuildException; +import org.jose4j.jwa.AlgorithmConstraints; +import org.jose4j.lang.JoseException; +import com.fasterxml.jackson.databind.JsonNode; + +public interface IJoseTools { + + /** + * Create a JWS signature. + * + * @param payLoad Payload to sign + * @throws SlCommandoBuildException In case of a signature creation error + */ + public String createSignature(String payLoad) throws SlCommandoBuildException; + + /** + * Validates a signed SL2.0 message. + * + * @param serializedContent Serialized JWS signature + * @return Verification-result DAO + * @throws SL20Exception In case of a signature validation error + */ + @Nonnull + public VerificationResult validateSignature(@Nonnull String serializedContent) + throws SL20Exception; + + /** + * Validate a JWS signature. + * + * @param serializedContent JWS in serialized form + * @param trustedCerts trusted X509 certificates + * @param constraints signature verification constraints + * @return Signature-verification result + * @throws JoseException In case of a signature verification error + * @throws IOException In case of a general IO error + */ + @Nonnull + public VerificationResult validateSignature(@Nonnull String serializedContent, + @Nonnull List trustedCerts, @Nonnull AlgorithmConstraints constraints) + throws JoseException, IOException; + + /** + * Validate a JWS signature. + * + * @param serializedContent JWS in serialized form + * @param trustStore with trusted X509 certificates + * @param algconstraints signature verification constraints + * @return Signature-verification result + * @throws JoseException In case of a signature verification error + * @throws IOException In case of a general IO error + * @throws KeyStoreException In case of TrustStore error + */ + @Nonnull + public VerificationResult validateSignature(@Nonnull String serializedContent, + @Nonnull KeyStore trustStore, @Nonnull AlgorithmConstraints algconstraints) + throws JoseException, IOException, KeyStoreException; + + /** + * Get the encryption certificate for SL2.0 End-to-End encryption. + * + * @return + */ + public X509Certificate getEncryptionCertificate(); + + /** + * Decrypt a serialized JWE token. + * + * @param compactSerialization Serialized JWE token + * @return decrypted payload + * @throws SL20Exception In case of a decryption error + */ + public JsonNode decryptPayload(String compactSerialization) throws SL20Exception; + +} -- cgit v1.2.3