some more SL20 authentication module updates

2 files changed, 14 insertions, 5 deletions

diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index 26283cab2..c425ca0a7 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -1,5 +1,6 @@
 package at.gv.egovernment.moa.id.auth.modules.sl20_auth.tasks;
 
+import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
@@ -86,13 +87,19 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 				qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPCOUNTRYCODE, "AT");
 				//qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_MANDATEREFVALUE, UUID.randomUUID().toString());
 
-				//TODO:
+				
+				X509Certificate encCert = null;
+				if (authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_ENABLE_EID_ENCRYPTION, true))
+					encCert = joseTools.getEncryptionCertificate();
+				else
+					Logger.info("eID data encryption is disabled by configuration");
+				
 				JsonObject qualeIDCommandParams = SL20JSONBuilderUtils.createQualifiedeIDCommandParameters(
 						authBlockId, 
 						dataURL, 
 						qualifiedeIDParams, 
-						//joseTools.getEncryptionCertificate());
-						null);
+						encCert
+						);
 								
 				//String qualeIDReqId = UUID.randomUUID().toString();
 				//TODO: work-Around for A-trust
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
index 357ecb6ec..9262e43e9 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
@@ -100,7 +100,9 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 				
 				
 				//validate signature
-				VerificationResult payLoadContainer = SL20JSONExtractorUtils.extractSL20PayLoad(sl20ReqObj, joseTools, true);
+				VerificationResult payLoadContainer = SL20JSONExtractorUtils.extractSL20PayLoad(sl20ReqObj, joseTools, 
+						authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true));
+				
 				if (payLoadContainer.isValidSigned() == null || 
 						!payLoadContainer.isValidSigned()) {
 					Logger.info("SL20 result from VDA was not valid signed");
@@ -125,7 +127,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 									
 					JsonElement qualeIDResult = SL20JSONExtractorUtils.extractSL20Result(
 							payLoad, joseTools, 
-							authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_DISABLE_EID_ENCRYPTION, true));
+							authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_ENCRYPTION, true));
 
 					//extract attributes from result
 					Map<String, String> eIDData = SL20JSONExtractorUtils.getMapOfStringElements(qualeIDResult);