Package se.swedenconnect.sigval.svt.issuer

Class SVTIssuer<T>

java.lang.Object
se.swedenconnect.sigval.svt.issuer.SVTIssuer<T>
public abstract class SVTIssuer<T> extends Object
This is the main class for issuing an SVT token. Some fields and internal functions are declared as protected to allow extensibility. The primary customization option is to provide a custom SVTSigValClaimsIssuer which implements the relevant SVT profile such as XML or PDF. All functions of this class are profile neutral.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected List<X509Certificate>
    certificates
    Certificates used to verify the signature on the JWT
    protected com.nimbusds.jose.JWSAlgorithm
    jwsAlgorithm
    The algorithm used to sign the SVT as well as selecting the Hash algorithm used to generate SVT hash values
    protected com.nimbusds.jose.JWSSigner
    signer
    THe signer used to sign SVT tokens

  • Constructor Summary

    Constructors
    Constructor
    Description
    SVTIssuer(com.nimbusds.jose.JWSAlgorithm algorithm, Object privateKey, List<X509Certificate> certificates)
    Constructor.

  • Method Summary

    Modifier and Type
    Method
    Description
    com.nimbusds.jwt.SignedJWT
    getSignedSvtJWT(T signedDataInput, SVTModel model)
    Perform validation of all signatures on a signed document and generate the Signed SVT based on the provided SVTClaimsIssuer
    static com.nimbusds.jwt.JWTClaimsSet
    getSvtJwtClaims(SVTClaims svtClaims, SVTModel model)
    Prepare the complete SWT claims set
    protected abstract SVTProfile
    getSvtProfile()
    Return the SVT Profile implemented by this SVT issuer implementation
    protected void
    validateSignatureSVTClaims(SignatureClaims signatureClaims)
    Function designed to perform a basic check to ensure that a signature claims set contains valid data
    protected void
    valueTest(Object o, String desc)
    Basic value tests
    protected abstract List<SignatureClaims>
    verify(T signedDataInput, String hashAlgoUri)
    Verifies the signed document and generates the SVT claims.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • certificates

      protected List<X509Certificate> certificates
      Certificates used to verify the signature on the JWT

    • jwsAlgorithm

      protected com.nimbusds.jose.JWSAlgorithm jwsAlgorithm
      The algorithm used to sign the SVT as well as selecting the Hash algorithm used to generate SVT hash values

    • signer

      protected com.nimbusds.jose.JWSSigner signer
      THe signer used to sign SVT tokens

  • Constructor Details

    • SVTIssuer

      public SVTIssuer(com.nimbusds.jose.JWSAlgorithm algorithm, Object privateKey, List<X509Certificate> certificates) throws NoSuchAlgorithmException, com.nimbusds.jose.JOSEException
      Constructor.
      Parameters:
      algorithm - the algorithm used to sign the SVT as well as selecting the Hash algorithm used to generate SVT hash values
      privateKey - private key used to sign the SVT
      certificates - certificates supporting the SVT signature
      Throws:
      NoSuchAlgorithmException - if the requested algorithm is not supported
      com.nimbusds.jose.JOSEException - exception processing JOSE data

  • Method Details

    • verify

      protected abstract List<SignatureClaims> verify(T signedDataInput, String hashAlgoUri) throws Exception
      Verifies the signed document and generates the SVT claims.
      Parameters:
      signedDataInput - signed data input for the signatures being validated
      hashAlgoUri - hash algorithm URI identifier
      Returns:
      a list of SignatureClaims objects for each validated signature
      Throws:
      Exception - on errors performing signature validation

    • getSvtProfile

      protected abstract SVTProfile getSvtProfile()
      Return the SVT Profile implemented by this SVT issuer implementation
      Returns:
      SVTProfile

    • getSignedSvtJWT

      public com.nimbusds.jwt.SignedJWT getSignedSvtJWT(T signedDataInput, SVTModel model) throws Exception
      Perform validation of all signatures on a signed document and generate the Signed SVT based on the provided SVTClaimsIssuer
      Parameters:
      signedDataInput - input data for the signature or signatures being validated
      model - model object holding parameters for SVT generation not derived from signature validation
      Returns:
      Signed SVT
      Throws:
      Exception - if creation of the signed SVT fails.

    • getSvtJwtClaims

      public static com.nimbusds.jwt.JWTClaimsSet getSvtJwtClaims(SVTClaims svtClaims, SVTModel model)
      Prepare the complete SWT claims set
      Parameters:
      svtClaims - claims for the signature validation token
      model - model data
      Returns:
      JWT claims set

    • validateSignatureSVTClaims

      protected void validateSignatureSVTClaims(SignatureClaims signatureClaims) throws IllegalArgumentException
      Function designed to perform a basic check to ensure that a signature claims set contains valid data
      Parameters:
      signatureClaims - signature claims object
      Throws:
      IllegalArgumentException - returned if invalid data is found

    • valueTest

      protected void valueTest(Object o, String desc) throws IllegalArgumentException
      Basic value tests
      Parameters:
      o - object to be tested
      desc - descriptive text for the value test object
      Throws:
      IllegalArgumentException - returned if invalid data is found