From ac9ed313193c0697086afdf0fc28aa02a061da5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Ce=C4=BEuch?= Date: Tue, 27 Aug 2024 16:24:17 +0200 Subject: [PATCH] fix validaiton response and update api description (#23) --- .../api/v1/documents_controller.rb | 2 +- .../api/v1/documents/validation.json.jbuilder | 1 - public/openapi.yaml | 133 ++++++------------ 3 files changed, 46 insertions(+), 90 deletions(-) delete mode 100644 app/views/api/v1/documents/validation.json.jbuilder diff --git a/app/controllers/api/v1/documents_controller.rb b/app/controllers/api/v1/documents_controller.rb index 2a14d13..65500f2 100644 --- a/app/controllers/api/v1/documents_controller.rb +++ b/app/controllers/api/v1/documents_controller.rb @@ -43,7 +43,7 @@ def visualization # GET /documents/1/validate def validate - @validation = @document.signature_validation + render json: @document.signature_validation end # POST /documents/1/datatosign diff --git a/app/views/api/v1/documents/validation.json.jbuilder b/app/views/api/v1/documents/validation.json.jbuilder deleted file mode 100644 index 90b5621..0000000 --- a/app/views/api/v1/documents/validation.json.jbuilder +++ /dev/null @@ -1 +0,0 @@ -json.validation @validation diff --git a/public/openapi.yaml b/public/openapi.yaml index b30e218..d71004b 100644 --- a/public/openapi.yaml +++ b/public/openapi.yaml @@ -2,7 +2,7 @@ openapi: '3.0.2' info: title: AVM Server - version: '0.3.0' + version: '0.4.0' servers: - url: https://autogram.slovensko.digital/api/v1 @@ -1334,34 +1334,21 @@ components: type: object properties: validationResult: - type: object + type: string description: | The standard ETSI EN 319 102-1 specifies a complete validation model and procedures for the validation of “AdES digital signatures”, which are implemented in the underlying DSS module. The validation result can have these values: - "0 TOTAL_PASSED: indicating that the signature has passed verification and it complies with the signature validation policy" + "TOTAL_PASSED: indicating that the signature has passed verification and it complies with the signature validation policy" - "1 TOTAL_FAILED: indicating that either the signature format is incorrect or that the digital signature value fails the verification" + "TOTAL_FAILED: indicating that either the signature format is incorrect or that the digital signature value fails the verification" - "2 INDETERMINATE: indicating that the format and digital signature verifications have not failed but there is insufficient information to determine if the electronic signature is valid" - properties: - code: - type: integer - enum: - - 0 - - 1 - - 2 - example: 0 - description: - type: string - enum: - - TOTAL_PASSED - - TOTAL_FAILED - - INDETERMINATE - example: TOTAL_PASSED - required: - - code - - description + "INDETERMINATE: indicating that the format and digital signature verifications have not failed but there is insufficient information to determine if the electronic signature is valid" + enum: + - TOTAL_PASSED + - TOTAL_FAILED + - INDETERMINATE + example: TOTAL_PASSED level: type: string enum: @@ -1392,41 +1379,32 @@ components: description: Signing certificate details. properties: qualification: - type: object + type: string description: Qualification of the signature at validation time. For more info check out Java class eu.europa.esig.dss.enumerations.SignatureQualification - properties: - code: - type: integer - example: 1 - description: - type: string - enum: - - QESIG - - QESEAL - - UNKNOWN_QC_QSCD-QC-QSCD - - ADESIG_QC-QC - - ADESEAL_QC-QC - - UNKNOWN_QC-QC - - ADESIG - - ADESEAL - - UNKNOWN - - INDETERMINATE_QESIG - - INDETERMINATE_QESEAL - - INDETERMINATE_UNKNOWN_QC_QSCD - - INDETERMINATE_ADESIG_QC - - INDETERMINATE_ADESEAL_QC - - INDETERMINATE_UNKNOWN_QC - - INDETERMINATE_ADESIG - - INDETERMINATE_ADESEAL - - INDETERMINATE_UNKNOWN - - NOT_ADES_QC_QSCD - - NOT_ADES_QC - - NOT_ADES - - NA - example: QESEAL - required: - - code - - description + enum: + - QESIG + - QESEAL + - UNKNOWN_QC_QSCD-QC-QSCD + - ADESIG_QC-QC + - ADESEAL_QC-QC + - UNKNOWN_QC-QC + - ADESIG + - ADESEAL + - UNKNOWN + - INDETERMINATE_QESIG + - INDETERMINATE_QESEAL + - INDETERMINATE_UNKNOWN_QC_QSCD + - INDETERMINATE_ADESIG_QC + - INDETERMINATE_ADESEAL_QC + - INDETERMINATE_UNKNOWN_QC + - INDETERMINATE_ADESIG + - INDETERMINATE_ADESEAL + - INDETERMINATE_UNKNOWN + - NOT_ADES_QC_QSCD + - NOT_ADES_QC + - NOT_ADES + - NA + example: QESEAL issuerDN: type: string description: RFC1779 of the signing certificate issuer name. @@ -1455,7 +1433,7 @@ components: type: object properties: qualification: - type: object + type: string description: | Qualification status fo the timestamp at validation time. @@ -1464,24 +1442,11 @@ components: TSA - Not qualified timestamp" - "urn:cef:dss:timestampQualification:TSA" NA - Not applicable" - "urn:cef:dss:timestampQualification:notApplicable" - properties: - code: - type: integer - enum: - - 0 - - 1 - - 2 - example: 0 - description: - type: string - enum: - - QTSA - - TSA - - NA - example: QTSA - required: - - code - - description + enum: + - QTSA + - TSA + - NA + example: QTSA timestampType: type: string enum: @@ -1572,31 +1537,23 @@ components: containerType: ASiC_E signatureForm: XAdES signatures: - validationResult: - code: 0 - description: TOTAL_PASSED + validationResult: TOTAL_PASSED level: XAdES_BASELINE_LTA claimedSigningTime: 2023-08-01T12:37:47 +0200 bestSigningTime: 2023-08-01T12:37:47 +0200 signingCertificate: - qualification: - code: 1 - description: QESEAL + qualification: QESEAL issuerDN: "OID.2.5.4.5=NTRCZ-26439395, O=\"První certifikační autorita, a.s.\", CN=I.CA Qualified CA/RSA 07/2015, C=CZ" subjectDN: "OID.2.5.4.5=ICA - 10432139, OID.2.5.4.97=NTRSK-00166073, CN=Ministerstvo spravodlivosti SR, O=Ministerstvo spravodlivosti SR, C=SK" certificateDer: "MIIH5TCCBc2gAwIBAgIEALfsWjANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJDWjEmMCQGA1UEAwwdSS5DQSBRdWFsaWZpZWQgQ0EvUlNBIDA3LzIwMTUxLTArBgNVBAoMJFBydm7DrSBjZXJ0aWZpa2HEjW7DrSBhdXRvcml0YSwgYS5zLjEXMBUGA1UEBRMOTlRSQ1otMjY0MzkzOTUwHhcNMjIwOTIwMTExMTAxWhcNMjMwOTIwMTExMTAxWjCBkTELMAkGA1UEBhMCU0sxJzAlBgNVBAoMHk1pbmlzdGVyc3R2byBzcHJhdm9kbGl2b3N0aSBTUjEnMCUGA1UEAwweTWluaXN0ZXJzdHZvIHNwcmF2b2RsaXZvc3RpIFNSMRcwFQYDVQRhDA5OVFJTSy0wMDE2NjA3MzEXMBUGA1UEBRMOSUNBIC0gMTA0MzIxMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWG6O21F/DSe4QCHnkElUAcqmNshPiW6d05gWUnbq8RwqRyMJJ5lZxNvAmcgB0ob8v34Z2TBLfV/vpx81wXJQd/xTvqp/tgTIAoBZrmpBYXJAQJLVXxWihWgHCJFCuPKowFpFcVwrQ6NbINvbXPyuIgWJ/gN4w35I9ipQCslgJWajJNtuF+hQWMvLm11NuY8rBIg4cHGGEgtu8SgqhNY8+NMaILTKpNb3jtP/ITVOCl6cp3wA5TOYPGyXb/pCHVHmnBGehUAs1+BDf1urfTcavZspXU/dTR1ErOiw+pjYQhb6qj+bNX0TqFgsaaXCB8/6GLL5lmVE6SziwZTkCdv6BAgMBAAGjggNWMIIDUjAjBgNVHREEHDAaoBgGCisGAQQBgbhIBAagCgwIMTA0MzIxMzkwDgYDVR0PAQH/BAQDAgbAMIIBLgYDVR0gBIIBJTCCASEwMAYNKwYBBAGBuEgKAVsBATAfMB0GCCsGAQUFBwIBFhFodHRwOi8vd3d3LmljYS5jejCB4QYNK4EekZmEBQAAAAECAjCBzzCBzAYIKwYBBQUHAgIwgb8MgbxFTjogVGhpcyBpcyBhIHF1YWxpZmllZCBjZXJ0aWZpY2F0ZSBmb3IgZWxlY3Ryb25pYyBzZWFsIGFjY29yZGluZyB0byBSZWd1bGF0aW9uIChFVSkgTm8gOTEwLzIwMTQuIFNLOiBLdmFsaWZpa292YW55IGNlcnRpZmlrYXQgcHJlIGVsZWt0cm9uaWNrdSBwZWNhdCB2IHN1bGFkZSBzIG5hcmlhZGVuaW0gKEVVKSBjLjkxMC8yMDE0LjAJBgcEAIvsQAEDMIGMBgNVHR8EgYQwgYEwKaAnoCWGI2h0dHA6Ly9xY3JsZHAxLmljYS5jei9xY2ExNV9yc2EuY3JsMCmgJ6AlhiNodHRwOi8vcWNybGRwMi5pY2EuY3ovcWNhMTVfcnNhLmNybDApoCegJYYjaHR0cDovL3FjcmxkcDMuaWNhLmN6L3FjYTE1X3JzYS5jcmwwgZIGCCsGAQUFBwEDBIGFMIGCMAgGBgQAjkYBATAIBgYEAI5GAQQwVwYGBACORgEFME0wLRYnaHR0cHM6Ly93d3cuaWNhLmN6L1pwcmF2eS1wcm8tdXppdmF0ZWxlEwJjczAcFhZodHRwczovL3d3dy5pY2EuY3ovUERTEwJlbjATBgYEAI5GAQYwCQYHBACORgEGAjBlBggrBgEFBQcBAQRZMFcwKwYIKwYBBQUHMAKGH2h0dHA6Ly9xLmljYS5jei9xY2ExNXNrX3JzYS5wN2MwKAYIKwYBBQUHMAGGHGh0dHA6Ly9vY3NwLmljYS5jei9xY2ExNV9yc2EwCQYDVR0TBAIwADAdBgNVHQ4EFgQUZnA9DYix8Eh4k/Q/zdAD88y3Y+MwHwYDVR0jBBgwFoAUbIEnWTPiopohGIspFLw4bdRzeT0wEwYDVR0lBAwwCgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggIBANgEAV4KCWPyH+2NB8JAc9rUiE+zDHMZO31ovV8FHiDUthcoghwgPhC4ufM5pDpgB73GMuGLA1vv0VqEH6jRAWsU9l8qobGYuBcmHaHCY79zLXCMSpwlQu5nlbOPUr5FqgtIWal7m2uHRrVJrK96VWtLALeFn18PPBwK2ylhWjoKCtwehLmKwaYnefROR2R2DbaRL+Wp6SXu9lDY7itsRBtRzZ7bJooji05609wWlWsmAYLT7KNXCzpYCFBu8DOY6HGNUbM1f5JU+BfiI7ITIGQeipx8uQymko8vEhaEXLR1oNtWdjo5hPPYiUMrUMK3hiXd29k9npsr1BWJC+RGzJSu/la6TEOxK/MUtkVtXZzWib1IS1JugGsn8mdJoHgRXOPBuX84PybEuRy/INl8PAXPP6dYkN4niIh1iVV+NQoCpP2C13XApd7uzssCFbMAlVUyAlNShookOXZs2js7d0yrnM1HTuyrxtfZV7D8rSqsKxZK0feRlU/di4/Zv+9+pdLBZQWWB0Ej7gRdHmIDPIwW0EduCIeffLCGLhz8/yPdvlfIexDoL6RGjtC4ptFwrfI7QT6/er27Q1XOyu9WkASDQi04KNkHLZ/MPgOdwk1816bDW/NtY0k1pdJ/1HEDUvTC+HdWJt0HxAPwrBprnXFj2u/b1Cv9jxVxW1bub5R6" areQualifiedTimestamps: true timestamps: - - qualification: - code: 0 - description: QTSA + - qualification: QTSA timestampType: SIGNATURE_TIMESTAMP subjectDN: "CN=NASES Time Stamp Authority 2, O=Národná agentúra pre sieťové a elektronické služby, OID.2.5.4.97=NTRSK-42156424, OU=SNCA, C=SK" certificateDer: "MIIHBTCCBO2gAwIBAgIKBH5eoiXqCwAACjANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCU0sxDTALBgNVBAsTBFNOQ0ExFzAVBgNVBGETDk5UUlNLLTQyMTU2NDI0MTswOQYDVQQKEzJOYXJvZG5hIGFnZW50dXJhIHByZSBzaWV0b3ZlIGEgZWxla3Ryb25pY2tlIHNsdXpieTEOMAwGA1UEAxMFU05DQTQwHhcNMjEwNDE1MTEzMTI0WhcNMjYwNDE0MTEzMTI0WjCBoDELMAkGA1UEBhMCU0sxDTALBgNVBAsMBFNOQ0ExFzAVBgNVBGEMDk5UUlNLLTQyMTU2NDI0MUIwQAYDVQQKDDlOw6Fyb2Ruw6EgYWdlbnTDunJhIHByZSBzaWXFpW92w6kgYSBlbGVrdHJvbmlja8OpIHNsdcW+YnkxJTAjBgNVBAMMHE5BU0VTIFRpbWUgU3RhbXAgQXV0aG9yaXR5IDIwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCxUeaI0MPA9GiJYElp4338ynEYUbnJjraCMbYS83la8saO3eOEjdB1NHU7bSz68FWiCq2zAsJyXs1Lz+oDVqEh2Pw8+nGJFuEFzcsZqiJGAZjITVvoYIK+su0F5Pm0Q9GLde53oqQ7XRFEbvmzTDJT0+oK3goVEx9b7LmzOKhBH78Io0EAump1R7+jZqLpMz7WNUNruMhfrvmSZXuUVRQL4WMZgv/Iv6YJZg6+pTg6tPLu/oNuHDo73JFau5hvUUwA8B8jBAqoCrvg7syRH78nlrpDFqxQZvYoXJtdnVToZJCv8QRj4qbf8ejmtfuSA7k86FT3r1HvNT9bAvO9iAAJL8B2+o3VzzZekSrxMzfoiRViRGf1LvVdrs0o7S5FjpWMHM0RvHBiMz0XHO5rmHP9n5L4IqOwbZ06dzbd1EDtUtKdl+L/etmmH2DTAKIkjVeDn5amuR9P/mRNzxoK4lAHNBVw2apT3e+LYI7aJXYqLIpQcXwwVl/0TRm2ed3WJv0CAwEAAaOCAdswggHXMIGjBggrBgEFBQcBAQSBljCBkzA0BggrBgEFBQcwAYYoaHR0cDovL3NuY2E0LW9jc3Auc25jYS5nb3Yuc2svb2NzcC9zbmNhNDA3BggrBgEFBQcwAoYraHR0cDovL2NkcC5zbmNhLmdvdi5zay9zbmNhNC9jZXJ0L3NuY2E0LmRlcjAiBggrBgEFBQcwAqQWMBQxEjAQBgNVBAUTCVRMSVNLLTEzODAdBgNVHQ4EFgQUNBOTyD3KvFT92aUEetyj1h0Ho94wHwYDVR0jBBgwFoAUQmZJTJHHWpIsZygrX5mjawpMu4MwDAYDVR0TAQH/BAIwADBLBgNVHSAERDBCMEAGCiuBHpSNgwgAAQEwMjAwBggrBgEFBQcCARYkaHR0cHM6Ly9zbmNhLmdvdi5zay9jcHMvY3BzX3NuY2EucGRmMG8GA1UdHwRoMGYwMaAvoC2GK2h0dHA6Ly9jZHAxLnNuY2EuZ292LnNrL3NuY2E0L2NybC9zbmNhNC5jcmwwMaAvoC2GK2h0dHA6Ly9jZHAyLnNuY2EuZ292LnNrL3NuY2E0L2NybC9zbmNhNC5jcmwwCwYDVR0PBAQDAgZAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMA0GCSqGSIb3DQEBCwUAA4ICAQBbfddjVEVgrrTE4EBBKdZdcY6K7bQ/FEK1oB6BMf9qBZ/XOfAStAtOloKPhBrz/6PBnZ/MSzmjpw0VA9Hip9mTehGpg3rp3J0jmOSkgseEKZWYhoeE+s4xMVVoAOQR5qyqjDavowWAzJAR0BZ1S1Jw35us54huejLAYlOKrL85VL4DpFqtPfbT7jYc97QWNqnaWHuztjRPgLqK5of7tczQHtUhqb7qNNc0MCdMdok40Hv9j8P8akQi9XomXYEzepKBFznREmfqJGGxMP3ktlIvZi7sUthsnPdFAQiTPXBWl4bZ1G6pITuDCMdMZKLGec/5KwcEUV1w2yTbfTtQPvYslWtmgo7pzilkHhQkmWKM8/Rd2WmweNBjmO75iM8G56jJZG57V1EOLeFd1vSS1ZOR4b7nblTTRSp0adCW7FIfo9BmMA9kzxurHkgRQk62eveDCv/AHcjJ85ScDk73TcwWwPQBwcR1561/5i5J7jOy+C7ynfxUS5vIH5O5fcAzWauaTdQO0iur7Khmj/1UWiR/ISOrfoG9WhMpmbuCrJ9IB7g7bLxs1Kat75b94/B6Kr4UPZXqX36OhV2X09VWDLZ7KaLK8dsAyiZgPf2yzobaP8hapbyeSzDpR4kISjvCx1P0iSuKM5FgmibfyV9vKmLGhs/lUWnnd/anEMCBBn2USA==" productionTime: 2023-08-01T12:37:47 +0200 - - qualification: - code: 0 - description: QTSA + - qualification: QTSA timestampType: ARCHIVE_TIMESTAMP subjectDN: "CN=Timestamp Unit 202301, OID.2.5.4.97=NTRBE-0671516647, O=QTSP: FPS Policy and Support - BOSA, L=Brussels, C=BE" certificateDer: "MIIEaDCCA++gAwIBAgIUYgKXRHlVRnKUhBH9VqQi8YkYwxEwCgYIKoZIzj0EAwMwgbsxCzAJBgNVBAYTAkJFMREwDwYDVQQHDAhCcnVzc2VsczEwMC4GA1UECgwnS2luZ2RvbSBvZiBCZWxnaXVtIC0gRmVkZXJhbCBHb3Zlcm5tZW50MT8wPQYDVQQLDDZRVFNQOiBGUFMgUG9saWN5IGFuZCBTdXBwb3J0IC0gQk9TQSAoTlRSQkUtMDY3MTUxNjY0NykxDzANBgNVBAUTBjIwMjEwMTEVMBMGA1UEAwwMVGltZXN0YW1wIENBMB4XDTIyMTIwOTEwNTYwMloXDTI4MTIwOTEwNTYwMVowgYkxCzAJBgNVBAYTAkJFMREwDwYDVQQHDAhCcnVzc2VsczEsMCoGA1UECgwjUVRTUDogRlBTIFBvbGljeSBhbmQgU3VwcG9ydCAtIEJPU0ExGTAXBgNVBGEMEE5UUkJFLTA2NzE1MTY2NDcxHjAcBgNVBAMMFVRpbWVzdGFtcCBVbml0IDIwMjMwMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLmXpDLz9zw5cho43EAFbjEtjUpXD+tFEihjq7XzBldbtHQHV1cW9Ra+hpLjUa5CvJN+VWF9dEMECf1VZmAS/8ajggH/MIIB+zAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFOBOG9N1TbWHTgK2+qlaY8w8qpiZMHsGCCsGAQUFBwEBBG8wbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5laWRwa2kuYmVsZ2l1bS5iZS90cy90c2NhMjAyMTAxLmNydDAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuZWlkcGtpLmJlbGdpdW0uYmUvZWlkLzAwVgYDVR0gBE8wTTBABgdgOA0GA4doMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcmVwb3NpdG9yeS5laWRwa2kuYmVsZ2l1bS5iZS90czAJBgcEAIvsQAEBMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMG0GCCsGAQUFBwEDBGEwXzAIBgYEAI5GAQEwEwYGBACORgEGMAkGBwQAjkYBBgIwPgYGBACORgEFMDQwMhYsaHR0cHM6Ly9yZXBvc2l0b3J5LmVpZHBraS5iZWxnaXVtLmJlL3Bkcy10c3MTAmVuMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jcmwuZWlkcGtpLmJlbGdpdW0uYmUvdHMvdHNjYTIwMjEwMS5jcmwwHQYDVR0OBBYEFJohWdg9YkmxbhVR1YZX+NeXq5aTMA4GA1UdDwEB/wQEAwIHgDAKBggqhkjOPQQDAwNnADBkAjAYALeaQLcKx7V9KnoYN36xjYXLzhbji3hkQMKqGQydMQjUrBp/xtr9UJjpd+qGxaoCMExzxfcWMa7bKav44FhXI9Mf8L5JVEpvzCwugzzjOVquOtX1m+DqAG7CQqhMweUVDQ=="