be.bosa.commons.eid.consumer

Class BeIDIntegrity

java.lang.Object

be.bosa.commons.eid.consumer.BeIDIntegrity

public class BeIDIntegrity
extends Object

Utility class for various eID related integrity checks.

Author:

Frank Cornelis

Constructor Summary

Constructors

Constructor and Description
BeIDIntegrity() Default constructor.

Method Summary

Modifier and Type	Method and Description
Address	getVerifiedAddress(byte[] addressFile, byte[] identitySignatureFile, byte[] addressSignatureFile, X509Certificate rrnCertificate) Gives back a parsed address file after integrity verification.
Identity	getVerifiedIdentity(byte[] identityFile, byte[] identitySignatureFile, byte[] photo, X509Certificate rrnCertificate) Gives back a parsed identity file after integrity verification including the eID photo.
Identity	getVerifiedIdentity(byte[] identityFile, byte[] identitySignatureFile, X509Certificate rrnCertificate) Gives back a parsed identity file after integrity verification.
X509Certificate	loadCertificate(byte[] encodedCertificate) Loads a DER-encoded X509 certificate from a byte array.
boolean	verifyAuthnSignature(byte[] toBeSigned, byte[] signatureValue, X509Certificate authnCertificate) Verifies an authentication signature.
boolean	verifySignature(byte[] signatureData, PublicKey publicKey, byte[]... data) Verifies a SHA256withRSA signature.
boolean	verifySignature(String signatureAlgo, byte[] signatureData, PublicKey publicKey, byte[]... data) Verifies a signature.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BeIDIntegrity

public BeIDIntegrity()

Default constructor.

Method Detail

loadCertificate

public X509Certificate loadCertificate(byte[] encodedCertificate)

Loads a DER-encoded X509 certificate from a byte array.

getVerifiedIdentity

public Identity getVerifiedIdentity(byte[] identityFile,
                                    byte[] identitySignatureFile,
                                    X509Certificate rrnCertificate)
                             throws NoSuchAlgorithmException

Gives back a parsed identity file after integrity verification.

Throws:

NoSuchAlgorithmException

getVerifiedIdentity

public Identity getVerifiedIdentity(byte[] identityFile,
                                    byte[] identitySignatureFile,
                                    byte[] photo,
                                    X509Certificate rrnCertificate)
                             throws NoSuchAlgorithmException

Gives back a parsed identity file after integrity verification including the eID photo.

Throws:

NoSuchAlgorithmException

getVerifiedAddress

public Address getVerifiedAddress(byte[] addressFile,
                                  byte[] identitySignatureFile,
                                  byte[] addressSignatureFile,
                                  X509Certificate rrnCertificate)

Gives back a parsed address file after integrity verification.

verifySignature

public boolean verifySignature(byte[] signatureData,
                               PublicKey publicKey,
                               byte[]... data)
                        throws InvalidKeyException,
                               NoSuchAlgorithmException,
                               SignatureException

Verifies a SHA256withRSA signature.

Throws:

InvalidKeyException

NoSuchAlgorithmException

SignatureException

verifySignature

public boolean verifySignature(String signatureAlgo,
                               byte[] signatureData,
                               PublicKey publicKey,
                               byte[]... data)
                        throws NoSuchAlgorithmException,
                               InvalidKeyException,
                               SignatureException

Verifies a signature.

Throws:

NoSuchAlgorithmException

InvalidKeyException

SignatureException

verifyAuthnSignature

public boolean verifyAuthnSignature(byte[] toBeSigned,
                                    byte[] signatureValue,
                                    X509Certificate authnCertificate)

Verifies an authentication signature.