diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-05 11:22:47 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-05 11:22:47 +0200 |
commit | f6be7465031504f3b9764d1e7a687f5ba491e7b5 (patch) | |
tree | 21135275dd1ea556afda968c8e501a5d77df0f6e /id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks | |
parent | eeb353539af8e185eca23795ae592df01b049914 (diff) | |
download | moa-id-spss-f6be7465031504f3b9764d1e7a687f5ba491e7b5.tar.gz moa-id-spss-f6be7465031504f3b9764d1e7a687f5ba491e7b5.tar.bz2 moa-id-spss-f6be7465031504f3b9764d1e7a687f5ba491e7b5.zip |
some more SL20 authentication module updates
Diffstat (limited to 'id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks')
2 files changed, 14 insertions, 5 deletions
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java index 26283cab2..c425ca0a7 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java @@ -1,5 +1,6 @@ package at.gv.egovernment.moa.id.auth.modules.sl20_auth.tasks; +import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -86,13 +87,19 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask { qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPCOUNTRYCODE, "AT"); //qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_MANDATEREFVALUE, UUID.randomUUID().toString()); - //TODO: + + X509Certificate encCert = null; + if (authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_ENABLE_EID_ENCRYPTION, true)) + encCert = joseTools.getEncryptionCertificate(); + else + Logger.info("eID data encryption is disabled by configuration"); + JsonObject qualeIDCommandParams = SL20JSONBuilderUtils.createQualifiedeIDCommandParameters( authBlockId, dataURL, qualifiedeIDParams, - //joseTools.getEncryptionCertificate()); - null); + encCert + ); //String qualeIDReqId = UUID.randomUUID().toString(); //TODO: work-Around for A-trust diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java index 357ecb6ec..9262e43e9 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java @@ -100,7 +100,9 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask { //validate signature - VerificationResult payLoadContainer = SL20JSONExtractorUtils.extractSL20PayLoad(sl20ReqObj, joseTools, true); + VerificationResult payLoadContainer = SL20JSONExtractorUtils.extractSL20PayLoad(sl20ReqObj, joseTools, + authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)); + if (payLoadContainer.isValidSigned() == null || !payLoadContainer.isValidSigned()) { Logger.info("SL20 result from VDA was not valid signed"); @@ -125,7 +127,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask { JsonElement qualeIDResult = SL20JSONExtractorUtils.extractSL20Result( payLoad, joseTools, - authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_DISABLE_EID_ENCRYPTION, true)); + authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_ENCRYPTION, true)); //extract attributes from result Map<String, String> eIDData = SL20JSONExtractorUtils.getMapOfStringElements(qualeIDResult); |