vck-rqes/at.asitplus.wallet.lib.rqes/RqesOpenId4VpHolder

RqesOpenId4VpHolder

class RqesOpenId4VpHolder( clientId: String = "https://wallet.a-sit.at/app", redirectUrl: String = "/callback", oauth2Client: OAuth2Client = OAuth2Client( clientId = clientId, redirectUrl = redirectUrl, ))(source)

Wallet service that implements generation of all data classes necessary to successfully end-end a remote signature creation request by a driving application This class focuses on the POTENTIAL UC5 wallet use case and as such currently only supports signHash. signDoc is out of testing scope for now but may be added later

Constructors

RqesOpenId4VpHolder

constructor( clientId: String = "https://wallet.a-sit.at/app", redirectUrl: String = "/callback", oauth2Client: OAuth2Client = OAuth2Client( clientId = clientId, redirectUrl = redirectUrl, ))

Types

RqesOauthScope

enum RqesOauthScope : Enum<RqesOpenId4VpHolder.RqesOauthScope>

SignatureProperties

data class SignatureProperties( val signatureQualifier: SignatureQualifier = SignatureQualifier.EU_EIDAS_QES, val signatureFormat: SignatureFormat = SignatureFormat.PADES, val conformanceLevel: ConformanceLevel = ConformanceLevel.ADESBB, val signedEnvelopeProperty: SignedEnvelopeProperty? = null)

SigningCredential

data class SigningCredential( val credentialId: String, val certificates: List<X509Certificate>, val supportedSigningAlgorithms: List<X509SignatureAlgorithm>)

Properties

signatureProperties

var signatureProperties: RqesOpenId4VpHolder.SignatureProperties

signingCredential

var signingCredential: RqesOpenId4VpHolder.SigningCredential?

Functions

createCredentialAuthenticationRequest

suspend fun createCredentialAuthenticationRequest( documentDigests: Collection<OAuthDocumentDigest>, redirectUrl: String = this.redirectUrl, hashAlgorithm: Digest, wrapAsPar: Boolean = false, optionalParameters: OAuth2RqesParameters.Optional? = null, documentLocation: Collection<DocumentLocation>? = null): AuthenticationRequestParameters

CSC API v2.0.0.2 Authorization to access /credentials/signHash and /credentials/signDoc endpoints

createOAuth2TokenRequest

suspend fun createOAuth2TokenRequest( state: String, authorization: OAuth2Client.AuthorizationForToken, authorizationDetails: Set<AuthorizationDetails>? = null): TokenRequestParameters

createServiceAuthenticationRequest

suspend fun createServiceAuthenticationRequest( redirectUrl: String = this.redirectUrl, wrapAsPar: Boolean = false, optionalParameters: OAuth2RqesParameters.Optional? = null): AuthenticationRequestParameters

CSC API v2.0.0.2 Authorization to access /credentials/info and /credentials/list endpoints

createSignHashRequestParameters

suspend fun createSignHashRequestParameters(dtbsr: Hashes, sad: String, signatureAlgorithm: X509SignatureAlgorithm): QtspSignatureRequest

getCscAuthenticationDetails

suspend fun getCscAuthenticationDetails( documentDigests: Collection<OAuthDocumentDigest>, hashAlgorithm: Digest, documentLocation: Collection<DocumentLocation>? = null): AuthorizationDetails

Here OAuthDocumentDigest.hash is the DTBS/R and will be hashed again with hashAlgorithmOid

getCscDocumentDigests

suspend fun getCscDocumentDigests( documentDigests: Collection<OAuthDocumentDigest>, signatureAlgorithm: X509SignatureAlgorithm): DocumentDigest

setSigningCredential

suspend fun setSigningCredential(credentialInfo: CredentialInfo)

TODO probably match SignatureProperties and CryptoProperties with credentialInfo if they are set

updateSignatureProperties

suspend fun updateSignatureProperties( signatureFormat: SignatureFormat? = null, conformanceLevel: ConformanceLevel? = null, signedEnvelopeProperty: SignedEnvelopeProperty? = null): RqesOpenId4VpHolder.SignatureProperties