Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check if certificate is e-Seal #49

Open
elion opened this issue Oct 30, 2018 · 4 comments
Open

Check if certificate is e-Seal #49

elion opened this issue Oct 30, 2018 · 4 comments
Assignees
@elion

Comments

@elion
Copy link

elion commented Oct 30, 2018

Feature request

Add a method to check if a certificate is an e-Seal.
@naare
Copy link
Contributor

naare commented Nov 5, 2018

This has been added to backlog for analysis.

@naare
Copy link
Contributor

naare commented Nov 6, 2018

Feature request

Add a method to check if a certificate is an e-Seal.

We have some questions regarding the purpose of this functionality.
What is your use case for this?

  1. Would you like to check random certificate with digidoc4j whether it is meant for eSeal or eSig?
  2. Would you like to check whether the given signatures in container are given with eSeal or eSig?
  3. Something else?

@elion
Copy link
Author

elion commented Nov 6, 2018

Original use case would be number 2. However, number 1 would solve both 1 and 2 as we can find the signer certificate from signature.

@naare
Copy link
Contributor

naare commented Jan 29, 2019
edited
Loading

In essence it is already possible to determine whether the signature is given by e-seal after validation.
getSignatureQualification(); method returns signature qualification object. In case of detection of e-seal, the readible variable will include "Seal" string.

public enum SignatureQualification {
QESIG("QESig", "Qualified Electronic Signature"),
QESEAL("QESeal", "Qualified Electronic Seal"),
QES("QES?", "Qualified Electronic Signature or Seal"),
ADESIG_QC("AdESig-QC", "Advanced Electronic Signature supported by a Qualified Certificate"),
ADESEAL_QC("AdESeal-QC", "Advanced Electronic Seal supported by a Qualified Certificate"),
ADES_QC("AdES?-QC", "Advanced Electronic Signature or Seal supported by a Qualified Certificate"),
ADESIG("AdESig", "Advanced Electronic Signature"),
ADESEAL("AdESeal", "Advanced Electronic Seal"),
ADES("AdES?", "Advanced Electronic Signature or Seal"),
INDETERMINATE_QESIG("Indeterminate QESig", "Indeterminate Qualified Electronic Signature"),
INDETERMINATE_QESEAL("Indeterminate QESeal", "Indeterminate Qualified Electronic Seal"),
INDETERMINATE_QES("Indeterminate QES?", "Indeterminate Qualified Electronic Signature or Seal"),
INDETERMINATE_ADESIG_QC("Indeterminate AdESig-QC", "Indeterminate Advanced Electronic Signature supported by a Qualified Certificate"),
INDETERMINATE_ADESEAL_QC("Indeterminate AdESeal-QC", "Indeterminate Advanced Electronic Seal supported by a Qualified Certificate"),
INDETERMINATE_ADES_QC("Indeterminate AdES?-QC", "Indeterminate Advanced Electronic Signature or Seal supported by a Qualified Certificate"),
INDETERMINATE_ADESIG("Indeterminate AdESig", "Indeterminate Advanced Electronic Signature"),
INDETERMINATE_ADESEAL("Indeterminate AdESeal", "Indeterminate Advanced Electronic Seal"),
INDETERMINATE_ADES("Indeterminate AdES?", "Indeterminate Advanced Electronic Signature or Seal"),
NOT_ADES_QC_QSCD("Not AdES but QC with QSCD", "Not Advanced Electronic Signature but supported by a Qualified Certificate"),
NOT_ADES_QC("Not AdES but QC", "Not Advanced Electronic Signature but supported by a Qualified Certificate"),
NOT_ADES("Not AdES", "Not Advanced Electronic Signature"),
NA("N/A", "Not applicable");

We will implement the use case 2.
Current plan is to implement a method that returns three states based on the qualification: SIGNATURE, SEAL, UNKNOWN.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elion elion

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@naare @elion