AG-112 API overovanie #352
Conversation
|
@jsuchal má to v sebe rovnaké info ako to API v3 na upvs cep. Hlavný rozdiel je tu v kódoch. Napr. kód výsledku overenia alebo kódy typu podpisu. UPVS má nejaký číselník a DSS má nejaký. Bolo by to treba namapovať a nie je to úplne 1:1, lebo na UPVS sa ešte rieši, či to je slovenské a podobne. Nevyše, na upvs majú aj field legislativnyTypPodpisu. Na to by trebalo zase nejakú logiku, čo popozerá kvalifikácie a nejaké atribúty certifikátov a rozhodne. Takže kód výsledky a typu podpisu a pečiatky som nechal podľa DSS aj s DSS readable (QESig, QTSA a podobne). API som robil podľa toho v3, tak sú tie fieldy v slovenčine, ale nejako sa mi to nepáči. Môžem ešte prehodiť do EN, pretože tak čí tak to nie je 1:1 API s v3 na upvs. |
|
Redacted example: {
"fileFormat": "ASiC_E",
"signatures": [
{
"validaitonResult": {
"code": 0,
"description": "TOTAL_PASSED"
},
"signatureInfo": {
"level": "XAdES_BASELINE_LTA",
"claimedSigningTime": "2022-12-20T21:29:13 +0100",
"isTimestamped": true,
"timestampSigningTime": "2022-12-20T21:29:13 +0100",
"signingCertificate": {
"issuerDN": "CN=CA Disig QCA3, OU=ACA-307-2007-2, O=Disig a.s., OID.2.5.4.5=NTRSK-35975946, L=Bratislava, C=SK",
"subjectDN": "C=SK, L=Bratislava, OID.2.5.4.5=NTRSK-30807484, O=Sociálna poisťovňa, CN=Sociálna poisťovňa",
"serialNumber": "81308597867087210236466",
"productionTime": "2022-12-20T21:29:13 +0100",
"notBefore": "2019-07-03T15:21:51 +0200",
"notAfter": "2023-07-02T15:21:51 +0200",
"qualification": {
"code": 1,
"description": "QESeal"
}
},
"timestamps": [
{
"issuerDN": "CN=SNCA4, O=Narodna agentura pre sietove a elektronicke sluzby, OID.2.5.4.97=NTRSK-42156424, OU=SNCA, C=SK",
"subjectDN": "CN=NASES Time Stamp Authority 2, O=Národná agentúra pre sieťové a elektronické služby, OID.2.5.4.97=NTRSK-42156424, OU=SNCA, C=SK",
"serialNumber": "21220574739238913835018",
"productionTime": "2022-12-20T21:29:13 +0100",
"notBefore": "2021-04-15T13:31:24 +0200",
"notAfter": "2026-04-14T13:31:24 +0200",
"qualification": {
"code": 0,
"description": "QTSA"
},
"timestampType": "SIGNATURE_TIMESTAMP"
},
{
"issuerDN": "CN=Timestamp CA, OID.2.5.4.5=202101, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"subjectDN": "CN=Timestamp Unit, OID.2.5.4.5=202102, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"serialNumber": "93373602251984153477303393981460392060238324425",
"productionTime": "2023-12-06T18:02:31 +0100",
"notBefore": "2021-03-16T10:40:24 +0100",
"notAfter": "2027-03-16T10:40:24 +0100",
"qualification": {
"code": 0,
"description": "QTSA"
},
"timestampType": "ARCHIVE_TIMESTAMP"
}
],
"signedObjectsIds": [
"D-CE70D85E47F41DE68616A3695FE7569BF8F7409F052B74AE0356663393A68D8A",
"D-1190915437AA39812C091DA0A4473DC0821D99CC3F127A01AB53074FDBDF8526"
]
}
},
{
"validaitonResult": {
"code": 0,
"description": "TOTAL_PASSED"
},
"signatureInfo": {
"level": "XAdES_BASELINE_LTA",
"claimedSigningTime": "2023-12-06T10:54:14 +0100",
"isTimestamped": true,
"timestampSigningTime": "2023-12-06T10:54:19 +0100",
"signingCertificate": {
"issuerDN": "CN=SVK eID ACA2, O=Disig a.s., OID.2.5.4.97=NTRSK-35975946, L=Bratislava, C=SK",
"subjectDN": "OID.2.5.4.5=PNOSK-1234567890, C=SK, L=Sečovská Polianka, OID.2.5.4.4=Ceľuch, OID.2.5.4.42=Marek, CN=Marek Ceľuch",
"serialNumber": "30136665461343719048771",
"productionTime": "2023-12-06T10:54:14 +0100",
"notBefore": "2022-06-20T10:22:29 +0200",
"notAfter": "2025-06-17T01:00:22 +0200",
"qualification": {
"code": 0,
"description": "QESig"
}
},
"timestamps": [
{
"issuerDN": "CN=Timestamp CA, OID.2.5.4.5=202101, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"subjectDN": "CN=Timestamp Unit, OID.2.5.4.5=202102, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"serialNumber": "93373602251984153477303393981460392060238324425",
"productionTime": "2023-12-06T10:54:19 +0100",
"notBefore": "2021-03-16T10:40:24 +0100",
"notAfter": "2027-03-16T10:40:24 +0100",
"qualification": {
"code": 0,
"description": "QTSA"
},
"timestampType": "SIGNATURE_TIMESTAMP"
},
{
"issuerDN": "CN=Timestamp CA, OID.2.5.4.5=202101, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"subjectDN": "CN=Timestamp Unit, OID.2.5.4.5=202102, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"serialNumber": "93373602251984153477303393981460392060238324425",
"productionTime": "2023-12-06T18:02:31 +0100",
"notBefore": "2021-03-16T10:40:24 +0100",
"notAfter": "2027-03-16T10:40:24 +0100",
"qualification": {
"code": 0,
"description": "QTSA"
},
"timestampType": "ARCHIVE_TIMESTAMP"
}
],
"signedObjectsIds": [
"D-CE70D85E47F41DE68616A3695FE7569BF8F7409F052B74AE0356663393A68D8A",
"D-1190915437AA39812C091DA0A4473DC0821D99CC3F127A01AB53074FDBDF8526"
]
}
},
{
"validaitonResult": {
"code": 0,
"description": "TOTAL_PASSED"
},
"signatureInfo": {
"level": "XAdES_BASELINE_LTA",
"claimedSigningTime": "2023-12-06T10:57:07 +0100",
"isTimestamped": true,
"timestampSigningTime": "2023-12-06T18:02:31 +0100",
"signingCertificate": {
"issuerDN": "CN=SVK eID ACA2, O=Disig a.s., OID.2.5.4.97=NTRSK-35975946, L=Bratislava, C=SK",
"subjectDN": "OID.2.5.4.5=PNOSK-1234567890, C=SK, L=Sečovská Polianka, OID.2.5.4.4=Ceľuch, OID.2.5.4.42=Marek, CN=Marek Ceľuch",
"serialNumber": "30136665461343719048771",
"productionTime": "2023-12-06T10:57:07 +0100",
"notBefore": "2022-06-20T10:22:29 +0200",
"notAfter": "2025-06-17T01:00:22 +0200",
"qualification": {
"code": 0,
"description": "QESig"
}
},
"timestamps": [
{
"issuerDN": "CN=Timestamp CA, OID.2.5.4.5=202101, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"subjectDN": "CN=Timestamp Unit, OID.2.5.4.5=202102, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"serialNumber": "93373602251984153477303393981460392060238324425",
"productionTime": "2023-12-06T18:02:31 +0100",
"notBefore": "2021-03-16T10:40:24 +0100",
"notAfter": "2027-03-16T10:40:24 +0100",
"qualification": {
"code": 0,
"description": "QTSA"
},
"timestampType": "SIGNATURE_TIMESTAMP"
},
{
"issuerDN": "CN=Timestamp CA, OID.2.5.4.5=202101, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"subjectDN": "CN=Timestamp Unit, OID.2.5.4.5=202102, OU=QTSP: FPS Policy and Support - BOSA (NTRBE-0671516647), O=Kingdom of Belgium - Federal Government, L=Brussels, C=BE",
"serialNumber": "93373602251984153477303393981460392060238324425",
"productionTime": "2023-12-06T18:02:32 +0100",
"notBefore": "2021-03-16T10:40:24 +0100",
"notAfter": "2027-03-16T10:40:24 +0100",
"qualification": {
"code": 0,
"description": "QTSA"
},
"timestampType": "ARCHIVE_TIMESTAMP"
}
],
"signedObjectsIds": [
"D-CE70D85E47F41DE68616A3695FE7569BF8F7409F052B74AE0356663393A68D8A",
"D-1190915437AA39812C091DA0A4473DC0821D99CC3F127A01AB53074FDBDF8526"
]
}
}
],
"signedObjects": [
{
"id": "D-CE70D85E47F41DE68616A3695FE7569BF8F7409F052B74AE0356663393A68D8A",
"mimeType": "text/xml",
"filename": "form.xml"
},
{
"id": "D-1190915437AA39812C091DA0A4473DC0821D99CC3F127A01AB53074FDBDF8526",
"mimeType": "application/pdf",
"filename": "OOP_kampan_2022_378_priloha.pdf"
}
],
"unsignedObjects": [
{
"mimeType": "text/xml",
"filename": "Súbor bez názvu (1).xml"
}
]
} |
|
@celuchmarek suhlas, ze toto asi drzme english ked cele api je english. este by ma zaujimalo ked das peciatku (taku tu dlhodobu) na nejaky dokument, ze co to ma vratit. tu vidim ze na podpise moze byt len jedna casova peciatka? |
|
Zle vidíš. Je to list, takže pečiatok tam môže byť hocikoľko. Ono sa len ten field volá takto singulárovo. Premenujem to celé do EN. S archívnou pečiatkou by to malo vrátiť _LTA typ podpisu. Tú archívnu viem ísť nejakú pozrieť/vyskúšať, keďže to teraz súvisí aj s ďalším taskom. Zatiaľ si myslím, že tá archívna tam bude v osobitnom súbore, ale pri validácii by sa mala objaviť normálne medzi ostatnými čp per podpis, ale bude rovnaké u všetkých podpisov. |
|
|
|
Vracia to aj nepodpisane objekty? To mi pride take logicke, ze by som asi chcel, ze nech mi to ukaze cely obsah aj co tam je nepodpisane, aby som to nemusel rozoberat a parovat na 2x. |
|
@jsuchal updatol som v predošlom komente ten example. Pridal som teda productionTime pre každú TS aj pre podpis (aby to bola rovnaká štruktúra). V UPVS v3 to nie je, takže to zjavne nemá usecase. Tam majú iba čas prvej, čo ti hovorí, kedy to bolo podpísané. Reálne tie ďalšie ťa asi nezaujímajú. Tam skôr pozeráš na ich platnosť. S vracaním objektov to je tricky. Ešte pred pár mesiacmi som testoval ten extractor.getSignedObjects a to vracalo aj nepodpísané objekty, ktoré ale boli podpísateľné - čiže žiadne manifesty a podobné štrukturálne veci. Ale tiež usecase na toto nepoznám, že by si mal v asicu nepodpísaný objekt. |
Ja poznam. Podvod :) Uvediem ta do omylu, ze som nieco uz podpisal a ty to podpises tiez. |
|
@jsuchal ok, pridal som explicitne aj zoznam nepodpisanych dokumentov v asicu. Edistol som example. |
|
@jsuchal Extendol som podpisy z Updatol som example vyššie. |
src/main/java/digital/slovensko/autogram/server/dto/ValidationResponseBody.java
Outdated
Show resolved
Hide resolved
src/main/java/digital/slovensko/autogram/server/dto/ValidationResponseBody.java
Outdated
Show resolved
Hide resolved
src/main/java/digital/slovensko/autogram/server/dto/ValidationResponseBody.java
Outdated
Show resolved
Hide resolved
|
@celuchmarek tu sa ozvime klientovi a zaroven dava zmysel mozno toto mergnut a vyuzivat ako api pre dalsi produkt AVM. |
|
Overovanie pridáme z autogram-core komponentu. Tento PR zatváram. |
No description provided.