diff --git a/.github/workflows/apitest-push-trigger.yml b/.github/workflows/apitest-push-trigger.yml index d705909de11..e8bfef92a18 100644 --- a/.github/workflows/apitest-push-trigger.yml +++ b/.github/workflows/apitest-push-trigger.yml @@ -44,7 +44,7 @@ jobs: secrets: OSSRH_USER: ${{ secrets.OSSRH_USER }} OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }} - OSSRH_URL: ${{ secrets.OSSRH_SNAPSHOT_URL }} + OSSRH_URL: ${{ secrets.RELEASE_URL }} OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} GPG_SECRET: ${{ secrets.GPG_SECRET }} SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} @@ -56,33 +56,6 @@ jobs: uses: mosip/kattu/.github/workflows/maven-sonar-analysis.yml@master-java21 with: SERVICE_LOCATION: ./apitest-commons - secrets: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - ORG_KEY: ${{ secrets.ORG_KEY }} - OSSRH_USER: ${{ secrets.OSSRH_USER }} - OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }} - OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} - GPG_SECRET: ${{ secrets.GPG_SECRET }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - build-maven-authentication-demo-service: - uses: mosip/kattu/.github/workflows/maven-build.yml@master-java21 - with: - SERVICE_LOCATION: ./authentication-demo-service - BUILD_ARTIFACT: authentication-demo-service - secrets: - OSSRH_USER: ${{ secrets.OSSRH_USER }} - OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }} - OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} - GPG_SECRET: ${{ secrets.GPG_SECRET }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} - - sonar_analysis-authentication-demo-service: - needs: build-maven-authentication-demo-service - if: "${{ github.event_name != 'pull_request' }}" - uses: mosip/kattu/.github/workflows/maven-sonar-analysis.yml@master-java21 - with: - SERVICE_LOCATION: ./authentication-demo-service secrets: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} ORG_KEY: ${{ secrets.ORG_KEY }} diff --git a/README.md b/README.md index 665a06d7541..a9936150297 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ To use this repository, ensure you have: io.mosip.testrig.apirig.apitest.commons apitest-commons - 1.3.2-SNAPSHOT + 1.3.2 --- diff --git a/apitest-commons/README.md b/apitest-commons/README.md index a5e7a2a098d..d6c1e48ca35 100644 --- a/apitest-commons/README.md +++ b/apitest-commons/README.md @@ -14,6 +14,7 @@ The API Test Commons is a shared codebase used for executing module-wise automat - ESignet-signup - Mimoto - Inji-Certify +- Inji-Verify --- @@ -84,7 +85,7 @@ Ensure the following software is installed on the machine from where the automat io.mosip.testrig.apirig.apitest.commons apitest-commons - 1.3.2-SNAPSHOT + 1.3.2 --- diff --git a/apitest-commons/pom.xml b/apitest-commons/pom.xml index dcbcb4a276d..800eaad45cf 100644 --- a/apitest-commons/pom.xml +++ b/apitest-commons/pom.xml @@ -8,7 +8,7 @@ apitest-commons Parent project of MOSIP functional tests https://github.com/mosip/mosip-functional-tests - 1.3.2-SNAPSHOT + 1.3.2 @@ -55,7 +55,7 @@ 1.11.368 - 5.2.17.Final + 5.3.20.Final 1.1.2-incubating @@ -66,7 +66,7 @@ 3.3.9 7.11.0 1.13 - apitest-commons-1.3.2-SNAPSHOT-jar-with-dependencies + apitest-commons-1.3.2-jar-with-dependencies diff --git a/apitest-commons/src/main/java/io/mosip/testrig/apirig/utils/AdminTestUtil.java b/apitest-commons/src/main/java/io/mosip/testrig/apirig/utils/AdminTestUtil.java index d433b6254b4..57c03dc1e92 100644 --- a/apitest-commons/src/main/java/io/mosip/testrig/apirig/utils/AdminTestUtil.java +++ b/apitest-commons/src/main/java/io/mosip/testrig/apirig/utils/AdminTestUtil.java @@ -2787,6 +2787,8 @@ public String inputJsonKeyWordHandeler(String jsonString, String testCaseName) { } if (jsonString.contains(GlobalConstants.TIMESTAMP)) jsonString = replaceKeywordWithValue(jsonString, GlobalConstants.TIMESTAMP, generateCurrentUTCTimeStamp()); + if (jsonString.contains("$EXPIRYTIMESTAMP$")) + jsonString = replaceKeywordWithValue(jsonString, "$EXPIRYTIMESTAMP$", generateExpiryUTCTimeStamp()); if (jsonString.contains(GlobalConstants.TRANSACTION_ID)) jsonString = replaceKeywordWithValue(jsonString, GlobalConstants.TRANSACTION_ID, TRANSACTION_ID); if (jsonString.contains("$DATESTAMP$")) @@ -3276,6 +3278,14 @@ public static String generateCurrentUTCTimeStamp() { dateFormat.setTimeZone(TimeZone.getTimeZone("UTC")); return dateFormat.format(date); } + + public static String generateExpiryUTCTimeStamp() { + Calendar calendar = Calendar.getInstance(); + calendar.add(Calendar.SECOND, Integer.parseInt(ConfigManager.getproperty("expirationTime"))); + SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"); + dateFormat.setTimeZone(TimeZone.getTimeZone("UTC")); + return dateFormat.format(calendar.getTime()); + } public static String generateCurrentUTCDateStamp() { Date date = new Date(); diff --git a/apitest-commons/src/main/resources/config/Kernel.properties b/apitest-commons/src/main/resources/config/Kernel.properties index ea4cc1d5e1b..303b9d1a4d6 100644 --- a/apitest-commons/src/main/resources/config/Kernel.properties +++ b/apitest-commons/src/main/resources/config/Kernel.properties @@ -129,7 +129,7 @@ admin_password=mosip123 admin_userName=220005 admin_zone_password=mosip123 admin_zone_userName=globaladmin - +expirationTime=120 #------------------------- Need to check if these are used or not ------------------------# diff --git a/authentication-demo-service/.gitignore b/authentication-demo-service/.gitignore deleted file mode 100644 index 9f3662f45d3..00000000000 --- a/authentication-demo-service/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -logs/ -target/ -.project -.settings \ No newline at end of file diff --git a/authentication-demo-service/Dockerfile b/authentication-demo-service/Dockerfile deleted file mode 100644 index 178cadc86a5..00000000000 --- a/authentication-demo-service/Dockerfile +++ /dev/null @@ -1,86 +0,0 @@ -FROM eclipse-temurin:21-jre-alpine - -ARG SOURCE -ARG COMMIT_HASH -ARG COMMIT_ID -ARG BUILD_TIME -LABEL source=${SOURCE} -LABEL commit_hash=${COMMIT_HASH} -LABEL commit_id=${COMMIT_ID} -LABEL build_time=${BUILD_TIME} - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active -ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot -ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL -ARG artifactory_url - -# environment variable to pass active profile such as DEV, QA etc at docker runtime -ENV active_profile_env=${active_profile} - -# environment variable to pass github branch to pickup configuration from, at docker runtime -ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass spring configuration url, at docker runtime -ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass glowroot, at docker runtime -ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime -ENV artifactory_url_env=${artifactory_url} - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG container_user_uid=1002 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG container_user_gid=1001 - -# set working directory for the user -WORKDIR /home/${container_user} - -ENV work_dir=/home/${container_user} - -ARG loader_path=${work_dir}/additional_jars/ - -ENV loader_path_env=${loader_path} - -COPY ./target/authentication-demo-service-*.jar authentication-demo-service.jar - -ADD entrypoint.sh $work_dir/entrypoint.sh - -# install packages and create user -RUN apk -q update \ - && apk add -q unzip wget bash \ - && addgroup -g ${container_user_gid} ${container_user_group} \ - && adduser -s /bin/sh -u ${container_user_uid} -G ${container_user_group} -h /home/${container_user} --disabled-password ${container_user} \ - && mkdir -p ${loader_path} \ - && chmod +x $work_dir/entrypoint.sh \ - && mkdir -p /usr/local/openjdk-21/lib/security && touch /usr/local/openjdk-21/lib/security/cacerts \ - && chown ${container_user}:${container_user} /usr/local/openjdk-21/lib/security/cacerts \ - && chmod 644 /usr/local/openjdk-21/lib/security/cacerts \ - && chown -R ${container_user}:${container_user} /home/${container_user} - -# select container user for all tasks -USER ${container_user_uid}:${container_user_gid} - -EXPOSE 8384 - -ENV authCertsPath=/home/${container_user}/authcerts - -ENTRYPOINT ["/bin/bash", "-c", "./entrypoint.sh"] diff --git a/authentication-demo-service/README.md b/authentication-demo-service/README.md deleted file mode 100644 index 0dba382d4fa..00000000000 --- a/authentication-demo-service/README.md +++ /dev/null @@ -1,26 +0,0 @@ -# Authentication Demo Service - -## Overview -Demo authentication service used by automation tests. - -## Build & run (for developers) -Prerequisites: -[Config Server](https://docs.mosip.io/1.2.0/modules/module-configuration#config-server) - -The project requires JDK 1.21. -1. Build and install: - ``` - $ cd authentication-demo-service - $ mvn install -DskipTests=true -Dmaven.javadoc.skip=true -Dgpg.skip=true - ``` - -2. Build Docker for a service: - ``` - $ cd - $ docker build -f Dockerfile - ``` - -### Configuration -[application-default.properties](https://github.com/mosip/mosip-config/blob/dev-integration/application-default.properties) - -defined here. \ No newline at end of file diff --git a/authentication-demo-service/entrypoint.sh b/authentication-demo-service/entrypoint.sh deleted file mode 100644 index 57e8c72cc6f..00000000000 --- a/authentication-demo-service/entrypoint.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - - -## Run authentication demo service -if [ "$is_glowroot_env" = "present" ]; then - wget -q --show-progress "${artifactory_url_env}"/artifactory/libs-release-local/io/mosip/testing/glowroot.zip ; - unzip glowroot.zip ; - rm -rf glowroot.zip ; - sed -i 's//authentication-demo-service/g' glowroot/glowroot.properties ; - java -jar -javaagent:glowroot/glowroot.jar -Dloader.path="${loader_path_env}" -Dspring.cloud.config.label="${spring_config_label_env}" -Dspring.profiles.active="${active_profile_env}" -Dspring.cloud.config.uri="${spring_config_url_env}" authentication-demo-service.jar ; -else - java -jar -Dspring.cloud.config.label="${spring_config_label_env}" -Dspring.profiles.active="${active_profile_env}" -Dspring.cloud.config.uri="${spring_config_url_env}" authentication-demo-service.jar ; -fi diff --git a/authentication-demo-service/lib/Keystore/ExportPrivateKey.java b/authentication-demo-service/lib/Keystore/ExportPrivateKey.java deleted file mode 100644 index ecb02d20be0..00000000000 --- a/authentication-demo-service/lib/Keystore/ExportPrivateKey.java +++ /dev/null @@ -1,53 +0,0 @@ -import java.io.File; -import java.io.FileInputStream; -import java.io.FileWriter; -import java.security.Key; -import java.security.KeyStore; -import java.util.Base64; -/** - * Class to export private key from key store in PEM format. - * This is used since keytool cannot be used for this purpose. - * Referenced from https://security.stackexchange.com/a/114776/221987 - * - * Command Line: java ExportPrivateKey JCEKS - * - * Example: java ExportPrivateKey keystore.jks PKCS12 somepassword mosip.io somepassword PrivateKey.pem - - * @author Loganathan.Sekar - * - */ - - -public class ExportPrivateKey -{ - private File keystoreFile; - private String keyStoreType; - private char[] keyStorePassword; - private char[] keyPassword; - private String alias; - private File exportedFile; - - public void export() throws Exception { - KeyStore keystore = KeyStore.getInstance(keyStoreType); - keystore.load(new FileInputStream(keystoreFile), keyStorePassword); - Key key = keystore.getKey(alias, keyPassword); - String encoded = Base64.getEncoder().encodeToString(key.getEncoded()); - FileWriter fw = new FileWriter(exportedFile); - fw.write("---BEGIN PRIVATE KEY---\n"); - fw.write(encoded); - fw.write("\n"); - fw.write("---END PRIVATE KEY---"); - fw.close(); - } - - public static void main(String args[]) throws Exception { - ExportPrivateKey export = new ExportPrivateKey(); - export.keystoreFile = new File(args[0]); - export.keyStoreType = args[1]; - export.keyStorePassword = args[2].toCharArray(); - export.alias = args[3]; - export.keyPassword = args[4].toCharArray(); - export.exportedFile = new File(args[5]); - export.export(); - } -} \ No newline at end of file diff --git a/authentication-demo-service/lib/Keystore/MosipTestCert.cer b/authentication-demo-service/lib/Keystore/MosipTestCert.cer deleted file mode 100644 index d744630a986..00000000000 --- a/authentication-demo-service/lib/Keystore/MosipTestCert.cer +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDZTCCAk2gAwIBAgIEXVjtVDANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJJ -TjELMAkGA1UECBMCS0ExEjAQBgNVBAcTCUJhbmdhbG9yZTEOMAwGA1UEChMFSUlJ -VEIxDjAMBgNVBAsTBU1PU0lQMRMwEQYDVQQDDApNT1NJUF9UZXN0MB4XDTIwMTAx -MzA1MzkzNloXDTIzMTAxMzA1MzkzNlowYzELMAkGA1UEBhMCSU4xCzAJBgNVBAgT -AktBMRIwEAYDVQQHEwlCYW5nYWxvcmUxDjAMBgNVBAoTBUlJSVRCMQ4wDAYDVQQL -EwVNT1NJUDETMBEGA1UEAwwKTU9TSVBfVGVzdDCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAPK97wngjl7WF7EDdpCgq8WIP9gRaUFzTU8TIagWwjUfFQiQ -5tCK6U7dgXl2fSGUeTHxSZyYcafM03xFqBFC+l359X1DULteoJEfLdCTbDqIGX1a -iA9MnEGm0wSZEWwn1EqaXPazL65O/KP7oiiQgflLLhLImGOIw31zP7yQQTx+HsFf -SUlmx+sR+dkdBJivGH6x7oFQN/tTbWhlpTAiV0EUIVjbFKglKcYxohYUg8JXo87K -YGFwHxyXnzey59lm8wBgYFbEHhxxumkxh9kvzteED8gd1glyEWq4xQMP5v6ppgvV -xUNOog49tINY2lQnlBdjSEogtzSvZtfVezBjyPMCAwEAAaMhMB8wHQYDVR0OBBYE -FFNoJX0tSFoVyDYkgrDPY/RzvKYnMA0GCSqGSIb3DQEBCwUAA4IBAQBSB3VKv3oD -tueFosT6TBaW+ZIIRhC0lwHyOtA8oqP7sjtCkKQO71MDHYGmpwZZKRuwAvelBltd -Mkah5a/ne+b0o+A9BNoDFiH08pX4CL9drE9VNHNWrt63DaTa54Eodou9vTwOeq2e -RePZdlfYpJ/LtOsNGXm9hJFac3YvZV9812lDIgV/bCsN18MF+pfjE7QnZ02hp2IM -kysSjAyTNKUCnNFW/ccXoklw834COpu+weZivfS7XgUcrXSoZ4flZNVtE9CivNUH -nIyQAG0oBrnVekkKl1vDdEGa2OmljXkD9Nzq0EwUVYTXDItc1i8ZpV2AUZTwAQdb -yAK6/5b3BqYQ ------END CERTIFICATE----- diff --git a/authentication-demo-service/lib/Keystore/MosipTestCert.pem b/authentication-demo-service/lib/Keystore/MosipTestCert.pem deleted file mode 100644 index a1dc2ef50d0..00000000000 --- a/authentication-demo-service/lib/Keystore/MosipTestCert.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDZTCCAk2gAwIBAgIEXVjtVDANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJJ -TjELMAkGA1UECBMCS0ExEjAQBgNVBAcTCUJhbmdhbG9yZTEOMAwGA1UEChMFSUlJ -VEIxDjAMBgNVBAsTBU1PU0lQMRMwEQYDVQQDDApNT1NJUF9UZXN0MB4XDTIwMTAx -MzA1MzkzNloXDTIzMTAxMzA1MzkzNlowYzELMAkGA1UEBhMCSU4xCzAJBgNVBAgT -AktBMRIwEAYDVQQHEwlCYW5nYWxvcmUxDjAMBgNVBAoTBUlJSVRCMQ4wDAYDVQQL -EwVNT1NJUDETMBEGA1UEAwwKTU9TSVBfVGVzdDCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAPK97wngjl7WF7EDdpCgq8WIP9gRaUFzTU8TIagWwjUfFQiQ -5tCK6U7dgXl2fSGUeTHxSZyYcafM03xFqBFC+l359X1DULteoJEfLdCTbDqIGX1a -iA9MnEGm0wSZEWwn1EqaXPazL65O/KP7oiiQgflLLhLImGOIw31zP7yQQTx+HsFf -SUlmx+sR+dkdBJivGH6x7oFQN/tTbWhlpTAiV0EUIVjbFKglKcYxohYUg8JXo87K -YGFwHxyXnzey59lm8wBgYFbEHhxxumkxh9kvzteED8gd1glyEWq4xQMP5v6ppgvV -xUNOog49tINY2lQnlBdjSEogtzSvZtfVezBjyPMCAwEAAaMhMB8wHQYDVR0OBBYE -FFNoJX0tSFoVyDYkgrDPY/RzvKYnMA0GCSqGSIb3DQEBCwUAA4IBAQBSB3VKv3oD -tueFosT6TBaW+ZIIRhC0lwHyOtA8oqP7sjtCkKQO71MDHYGmpwZZKRuwAvelBltd -Mkah5a/ne+b0o+A9BNoDFiH08pX4CL9drE9VNHNWrt63DaTa54Eodou9vTwOeq2e -RePZdlfYpJ/LtOsNGXm9hJFac3YvZV9812lDIgV/bCsN18MF+pfjE7QnZ02hp2IM -kysSjAyTNKUCnNFW/ccXoklw834COpu+weZivfS7XgUcrXSoZ4flZNVtE9CivNUH -nIyQAG0oBrnVekkKl1vDdEGa2OmljXkD9Nzq0EwUVYTXDItc1i8ZpV2AUZTwAQdb -yAK6/5b3BqYQ ------END CERTIFICATE----- diff --git a/authentication-demo-service/lib/Keystore/PrivateKey.p12 b/authentication-demo-service/lib/Keystore/PrivateKey.p12 deleted file mode 100644 index 6a9adb390df..00000000000 Binary files a/authentication-demo-service/lib/Keystore/PrivateKey.p12 and /dev/null differ diff --git a/authentication-demo-service/lib/Keystore/PrivateKey.pem b/authentication-demo-service/lib/Keystore/PrivateKey.pem deleted file mode 100644 index 4c6d4dfc7f0..00000000000 --- a/authentication-demo-service/lib/Keystore/PrivateKey.pem +++ /dev/null @@ -1,3 +0,0 @@ ----BEGIN PRIVATE KEY--- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDyve8J4I5e1hexA3aQoKvFiD/YEWlBc01PEyGoFsI1HxUIkObQiulO3YF5dn0hlHkx8UmcmHGnzNN8RagRQvpd+fV9Q1C7XqCRHy3Qk2w6iBl9WogPTJxBptMEmRFsJ9RKmlz2sy+uTvyj+6IokIH5Sy4SyJhjiMN9cz+8kEE8fh7BX0lJZsfrEfnZHQSYrxh+se6BUDf7U21oZaUwIldBFCFY2xSoJSnGMaIWFIPCV6POymBhcB8cl583sufZZvMAYGBWxB4ccbppMYfZL87XhA/IHdYJchFquMUDD+b+qaYL1cVDTqIOPbSDWNpUJ5QXY0hKILc0r2bX1XswY8jzAgMBAAECggEADNswYNaK080E/jQPwIMx9clMkFYDvBquOoTp4GwsJwIZbBW4k8z3pFyo8dTrta6WaKW931RXmKqJfOh3iUqB1h5Z+SNqkDHn0SfUllpofgUdTH1R/XVyRSvfuzucJ51IahcY21wMJ3A5gzndkcZti9WGgCotn//rUqaa9pKxUdHFyKN9ajCsZuqEcjCBHaEUc3NtbAUNeEiy5IHmOHYkFxRlx/AUso6WUXcXXwlSJaySiEkacitqFTK5l2Sg1OWU+FXL/HAIYfbZkp6m6QxhVqgLhFZgzgtsYILaJzhSR36nt1MwjXr2AoIcZhcmmj6vt+x1u2wB/4IO6adiVAXx4QKBgQD8/tx5O0a8EciOc8ZraREuhCad2HLFNeAdi/UMtpi8QvFzcfhXcL5upB89vIIOQRhLSNx1e/SYhMHfkEzO3bl7NDnrW1rB8vlnLFMi2kDFLJMPhJ+4vnxWzIEFXsotivPP8UjgOXSUJQlVabYZBnAFQx3T1PiPfHjaOzrFPwqqEQKBgQD1n+ZzS9nJ8WkIg279CfznNezTwt18aIIMutLIPZ9lW3jVjonkevBddjHloZQkTVhoK2LpQPKeqlyDPZ6TmOP7YXIH9NiYH8qFbfjoJwjSt+TRn3i4St6KBN3LJFkVu1SKEJm8pUmIwB1d+p5aPXhHnJLsBYM116DMNXly8bJewwKBgEcqXdRQQ0Z17id8E611IZsnG0G9eBNXY1KMYwMPfgk+/3JM9eGK2lZ/Hjachy0BTJcoyLLXimc4uNxtV9286wboGv7EdNQnx9Yo1r3wDNYqArgTw2YRVyKHZiefkVmcQ5cTtT81ikB95pE7KjkB4ZLpXUOQHdcm2Uvx60c+w34xAoGAFJ/jmuTQmctilWtr42V2TffSNgnTzUF9QhJh5px+COXAZLY+T+gezMpC8FQ7+zxfYwfZm1pvxPDrKb3/1cbtxcrt50sg8M0ilUehseStMfxtA0kPuvHWc+JquUcJD/EV7S3tqtB6NzhifuSvbUZiFilIkPb5iIjdoKgQ1Z0D7D8CgYEAq2GAfN0vUS0Ws2nA5v2r/FbVQgveI6KpoUrGAd/KJg6JnglV5fLQQT/RuncTbaAm5niOo+PAu+kJNoZiS/NaCqb6Oj5XU6zDLApEohP+MKIUiYyg+XtLDLw5J8tmqx5s55amGM79JZ7O6wYWVTErdSc1fS2LA6B2Mb1bC7Bwsag= ----END PRIVATE KEY--- \ No newline at end of file diff --git a/authentication-demo-service/lib/Keystore/PublicKey.pem b/authentication-demo-service/lib/Keystore/PublicKey.pem deleted file mode 100644 index 1a372f50dff..00000000000 Binary files a/authentication-demo-service/lib/Keystore/PublicKey.pem and /dev/null differ diff --git a/authentication-demo-service/lib/Keystore/README.txt b/authentication-demo-service/lib/Keystore/README.txt deleted file mode 100644 index 78131e1d4a0..00000000000 --- a/authentication-demo-service/lib/Keystore/README.txt +++ /dev/null @@ -1,72 +0,0 @@ -Create keystore with a certification of RSA 256: -keytool -genkey -keystore keystore.jks -alias mosip.io -keyalg RSA -sigalg SHA256withRSA -validity 365 -keysize 2048 - -Convert cert to PKCS12: -keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.jks -deststoretype pkcs12 - -Export Csr Cert: --> not used -keytool -certreq -alias mosip.io -keystore keystore.jks -file MosipTestCert.csr - -Export cert as PEM: -keytool -exportcert -alias mosip.io -keystore keystore.jks -rfc -file MosipTestCert.pem - -Export Public Key: -keytool -export -alias mosip.io -keystore keystore.jks -file PublicKey.pem - -Export Private Key: -keytool -importkeystore -srckeystore keystore.jks -srcstorepass somepassword -srckeypass somepassword -srcalias mosip.io -destalias mosip.io -destkeystore PrivateKey.p12 -deststoretype PKCS12 -deststorepass somepassword -destkeypass somepassword - -//Linux -- Not used -//openssl pkcs12 -in PrivateKey.p12 -nodes -nocerts -out PrivateKey.pem - - -//Any OS - USED -ExportPrivateKey.java --- -import sun.misc.BASE64Encoder; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileWriter; -import java.security.*; - -public class ExportPrivateKey -{ - private File keystoreFile; - private String keyStoreType; - private char[] keyStorePassword; - private char[] keyPassword; - private String alias; - private File exportedFile; - - public void export() throws Exception { - KeyStore keystore = KeyStore.getInstance(keyStoreType); - BASE64Encoder encoder = new BASE64Encoder(); - keystore.load(new FileInputStream(keystoreFile), keyStorePassword); - Key key = keystore.getKey(alias, keyPassword); - String encoded = encoder.encode(key.getEncoded()); - FileWriter fw = new FileWriter(exportedFile); - fw.write("---BEGIN PRIVATE KEY---\n"); - fw.write(encoded); - fw.write("\n"); - fw.write("---END PRIVATE KEY---"); - fw.close(); - } - - public static void main(String args[]) throws Exception { - ExportPrivateKey export = new ExportPrivateKey(); - export.keystoreFile = new File(args[0]); - export.keyStoreType = args[1]; - export.keyStorePassword = args[2].toCharArray(); - export.alias = args[3]; - export.keyPassword = args[4].toCharArray(); - export.exportedFile = new File(args[5]); - export.export(); - } -} --- -javac ExportPrivateKey.java -java ExportPrivateKey JCEKS - -Example: -java ExportPrivateKey keystore.jks PKCS12 somepassword mosip.io somepassword PrivateKey.pem diff --git a/authentication-demo-service/lib/Keystore/keystore.jks b/authentication-demo-service/lib/Keystore/keystore.jks deleted file mode 100644 index e5fc2931729..00000000000 Binary files a/authentication-demo-service/lib/Keystore/keystore.jks and /dev/null differ diff --git a/authentication-demo-service/lib/Keystore/keystore.jks.old b/authentication-demo-service/lib/Keystore/keystore.jks.old deleted file mode 100644 index 3ad70e6fa8a..00000000000 Binary files a/authentication-demo-service/lib/Keystore/keystore.jks.old and /dev/null differ diff --git a/authentication-demo-service/pom.xml b/authentication-demo-service/pom.xml deleted file mode 100644 index f323215349f..00000000000 --- a/authentication-demo-service/pom.xml +++ /dev/null @@ -1,391 +0,0 @@ - - 4.0.0 - - - io.mosip.testrig.authentication.demo - 1.2.1-SNAPSHOT - authentication-demo-service - authentication-demo-service - Parent project of MOSIP functional tests - https://github.com/mosip/mosip-functional-tests - jar - - - - MPL 2.0 - https://www.mozilla.org/en-US/MPL/2.0/ - - - - - scm:git:git://github.com/mosip/mosip-functional-tests.git - scm:git:ssh://github.com:mosip/mosip-functional-tests.git - https://github.com/mosip/mosip-functional-tests - HEAD - - - - - Mosip - mosip.emailnotifier@gmail.com - io.mosip - https://github.com/mosip/mosip-functional-tests - - - - - - local-maven-repo - file:///${basedir}/lib - - - - snapshots-repo - https://oss.sonatype.org/content/repositories/snapshots - false - true - - - - releases-repo - https://oss.sonatype.org/service/local/staging/deploy/maven2 - false - false - - - - danubetech-maven-public - https://repo.danubetech.com/repository/maven-public/ - - - - - - 3.2.3 - 2.0.0.RELEASE - - 21 - 21 - 3.8.0 - 3.0.1 - 2.9.2 - 0.8.2 - - 1.2.1-SNAPSHOT - - - - - - - org.springframework.boot - spring-boot-starter-web - - - org.springframework.boot - spring-boot-starter-test - - - commons-io - commons-io - - - javax.ws.rs - javax.ws.rs-api - 2.0 - - - org.glassfish.jersey.core - jersey-common - test - - - io.mosip.authentication - authentication-core - 1.2.1-SNAPSHOT - - - commons-codec - commons-codec - - - org.springdoc - springdoc-openapi-ui - - - - - commons-fileupload - commons-fileupload - - - - org.mockito - mockito-core - - - - io.mosip.kernel - kernel-core - 1.2.1-SNAPSHOT - - - org.springframework.boot - - spring-boot-starter-security - - - - commons-codec - commons-codec - - - - - io.mosip.kernel - kernel-websubclient-api - ${kernel-websubclient-api.version} - - - - org.springframework.boot - spring-boot-starter-actuator - - - - org.apache.httpcomponents - httpclient - - - commons-codec - commons-codec - - - - - - - org.apache.httpcomponents - httpmime - 4.5.7 - - - org.json - json - 20231013 - - - org.apache.commons - commons-lang3 - - - org.tensorflow - tensorflow - 1.12.0 - - - - org.apache.commons - commons-io - 1.3.2 - - - - - commons-lang - commons-lang - 2.4 - - - org.apache.commons - commons-text - 1.10.0 - - - commons-codec - commons-codec - - - io.mosip.kernel - kernel-templatemanager-velocity - 1.2.1-SNAPSHOT - - - org.springframework.cloud - spring-cloud-starter-config - - - org.postgresql - postgresql - - - com.github.jai-imageio - jai-imageio-jpeg2000 - 1.3.0 - - - org.json - json - 20231013 - - - io.mosip.kernel - kernel-keymanager-service - 1.2.1-SNAPSHOT - lib - - - org.springframework.boot - - spring-boot-starter-security - - - - - - dom4j - dom4j - 1.6.1 - - - org.junit.vintage - junit-vintage-engine - - - org.springdoc - springdoc-openapi-starter-webmvc-ui - 2.6.0 - - - - - - io.mosip.kernel - kernel-bom - 1.2.1-SNAPSHOT - pom - import - - - - - - - org.apache.maven.plugins - maven-javadoc-plugin - - - attach-javadocs - - jar - - - - - none - - - - org.springframework.boot - spring-boot-maven-plugin - ${spring.boot.version} - - true - ZIP - - - - - build-info - repackage - - - - - - - org.apache.maven.plugins - maven-gpg-plugin - 1.5 - - - sign-artifacts - verify - - sign - - - - --pinentry-mode - loopback - - - - - - - pl.project13.maven - git-commit-id-plugin - 3.0.1 - - - get-the-git-infos - - revision - - validate - - - - true - ${project.build.outputDirectory}/service-git.properties - - ^git.build.(time|version)$ - ^git.commit.id.(abbrev|full)$ - - full - ${project.basedir}/.git - - - - - org.apache.maven.plugins - maven-compiler-plugin - ${maven.compiler.version} - - ${maven.compiler.source} - ${maven.compiler.target} - - - - org.jacoco - jacoco-maven-plugin - - - **/constant/** - **/config/** - **/dto/** - io/mosip/authentication/service/*.class - io/mosip/authentication/service/filter/** - io/mosip/demo/authentication/service/IdAuthenticationDemoApplication.class - - - - - - prepare-agent - - - - report - prepare-package - - report - - - - - - - \ No newline at end of file diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/PartnerDemoApplication.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/PartnerDemoApplication.java deleted file mode 100644 index 7cc2558cad6..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/PartnerDemoApplication.java +++ /dev/null @@ -1,35 +0,0 @@ -package io.mosip.testrig.authentication.demo.service; - -import io.mosip.kernel.templatemanager.velocity.builder.TemplateManagerBuilderImpl; -import io.mosip.kernel.websub.api.client.PublisherClientImpl; -import io.mosip.kernel.websub.api.client.SubscriberClientImpl; -import io.mosip.kernel.websub.api.config.publisher.RestTemplateHelper; -import org.apache.velocity.app.VelocityEngine; -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.context.annotation.Import; - -import io.mosip.kernel.crypto.jce.core.CryptoCore; -import io.mosip.kernel.templatemanager.velocity.impl.TemplateManagerImpl; -import io.mosip.testrig.authentication.demo.service.config.SwaggerConfig; - -/** - * Spring-boot class for ID Authentication Application. - * - * @author Dinesh Karuppiah - */ -@SpringBootApplication -@Import(value = { TemplateManagerImpl.class, VelocityEngine.class, SwaggerConfig.class, CryptoCore.class, TemplateManagerBuilderImpl.class, - PublisherClientImpl.class, RestTemplateHelper.class, SubscriberClientImpl.class}) -public class PartnerDemoApplication { - - /** - * The main method. - * - * @param args the arguments - */ - public static void main(String[] args) { - SpringApplication.run(PartnerDemoApplication.class, args); - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/BIRDeserializer.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/BIRDeserializer.java deleted file mode 100644 index c39c54d232e..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/BIRDeserializer.java +++ /dev/null @@ -1,45 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.config; - -import java.io.IOException; -import java.util.List; - -import com.fasterxml.jackson.core.JsonParser; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.DeserializationContext; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.deser.std.StdDeserializer; - -import io.mosip.kernel.biometrics.constant.BiometricType; -import io.mosip.kernel.biometrics.entities.BDBInfo; -import io.mosip.kernel.biometrics.entities.BIR; -import io.mosip.kernel.biometrics.entities.RegistryIDType; -import io.mosip.kernel.core.util.CryptoUtil; - -public class BIRDeserializer extends StdDeserializer { - - ObjectMapper mapper = new ObjectMapper(); - - public BIRDeserializer() { - this(null); - } - - protected BIRDeserializer(Class vc) { - super(vc); - } - - @Override - public BIR deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException { - JsonNode node = p.getCodec().readTree(p); - - RegistryIDType format = new RegistryIDType(); - format.setOrganization(node.get("bdbInfo").get("format").get("organization").asText()); - format.setType(node.get("bdbInfo").get("format").get("type").asText()); - return new BIR.BIRBuilder().withBdb(CryptoUtil.decodeBase64(node.get("bdb").asText())) - .withBdbInfo(new BDBInfo.BDBInfoBuilder() - .withType((List) mapper.readValue(node.get("bdbInfo").get("type").toString(), List.class)) - .withSubtype(mapper.readValue(node.get("bdbInfo").get("subtype").toString(), List.class)) - .withFormat(format).build()).build(); - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/BioProviderConfig.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/BioProviderConfig.java deleted file mode 100644 index a6aa41e1548..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/BioProviderConfig.java +++ /dev/null @@ -1,52 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.config; - -import jakarta.annotation.PostConstruct; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.core.env.Environment; - -import com.fasterxml.jackson.core.JsonParser; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.module.SimpleModule; - -import io.mosip.kernel.biometrics.entities.BIR; -import io.mosip.kernel.core.bioapi.exception.BiometricException; -import io.mosip.kernel.core.bioapi.spi.IBioApi; -import io.mosip.kernel.core.util.StringUtils; - -/** - * @author Manoj SP - * - */ -@Configuration -public class BioProviderConfig { - - @Autowired - private Environment env; - - @Autowired - private ObjectMapper mapper; - - @PostConstruct - public void init() { - SimpleModule module = new SimpleModule(); - module.addDeserializer(BIR.class, new BIRDeserializer()); - mapper.registerModule(module); - mapper.configure(JsonParser.Feature.AUTO_CLOSE_SOURCE, false); - } - - @Bean - public IBioApi providerApi() throws BiometricException { - try { - if (StringUtils.isNotEmpty(env.getProperty("bio.test.server.provider"))) { - System.err.println(env.getProperty("bio.test.server.provider")); - return (IBioApi) Class.forName(env.getProperty("bio.test.server.provider")).newInstance(); - } - } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) { - throw new BiometricException("", "Unable to load provider", e); - } - return null; - } -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/OpenApiProperties.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/OpenApiProperties.java deleted file mode 100644 index ef2b2b95526..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/OpenApiProperties.java +++ /dev/null @@ -1,45 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.config; - -import java.util.List; - -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.context.annotation.Configuration; - -import lombok.Data; - -/** - * @author Kamesh Shekhar prasad - */ - -@Configuration -@ConfigurationProperties(prefix = "openapi") -@Data -public class OpenApiProperties { - private InfoProperty info; - private AuthDemoServiceServer authDemoServiceServer; -} - -@Data -class InfoProperty { - private String title; - private String description; - private String version; - private LicenseProperty license; -} - -@Data -class LicenseProperty { - private String name; - private String url; -} - -@Data -class AuthDemoServiceServer { - private List servers; -} - -@Data -class Server { - private String description; - private String url; -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/SwaggerConfig.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/SwaggerConfig.java deleted file mode 100644 index 46e39ef817c..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/config/SwaggerConfig.java +++ /dev/null @@ -1,57 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.config; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -import io.swagger.v3.oas.models.Components; -import io.swagger.v3.oas.models.OpenAPI; -import io.swagger.v3.oas.models.info.Info; -import io.swagger.v3.oas.models.info.License; -import io.swagger.v3.oas.models.servers.Server; - -@Configuration -public class SwaggerConfig { - - private static final Logger logger = LoggerFactory.getLogger(SwaggerConfig.class); - - @Autowired - private OpenApiProperties openApiProperties; - - @Bean - public OpenAPI openApi() { - String msg = "Swagger open api, "; - OpenAPI api = new OpenAPI() - .components(new Components()); - if (null != openApiProperties.getInfo()) { - api.info(new Info() - .title(openApiProperties.getInfo().getTitle()) - .version(openApiProperties.getInfo().getVersion()) - .description(openApiProperties.getInfo().getDescription())); - if (null != openApiProperties.getInfo().getLicense()) { - api.getInfo().license(new License() - .name(openApiProperties.getInfo().getLicense().getName()) - .url(openApiProperties.getInfo().getLicense().getUrl())); - logger.info(msg + "info license property is added"); - } else { - logger.error(msg + "info license property is empty"); - } - logger.info(msg + "info property is added"); - } else { - logger.error(msg + "info property is empty"); - } - - if (null != openApiProperties.getAuthDemoServiceServer().getServers()) { - openApiProperties.getAuthDemoServiceServer().getServers().forEach(server -> { - api.addServersItem(new Server().description(server.getDescription()).url(server.getUrl())); - }); - logger.info(msg + "server property is added"); - } else { - logger.error(msg + "server property is empty"); - } - return api; - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/AuthRequestController.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/AuthRequestController.java deleted file mode 100644 index dfbd0720a65..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/AuthRequestController.java +++ /dev/null @@ -1,1230 +0,0 @@ -/* - * - */ -package io.mosip.testrig.authentication.demo.service.controller; - -import static io.mosip.authentication.core.constant.IdAuthCommonConstants.UTF_8; - -import java.io.BufferedWriter; -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileWriter; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; -import java.net.URI; -import java.nio.charset.StandardCharsets; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableEntryException; -import java.security.cert.Certificate; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.security.spec.InvalidKeySpecException; -import java.util.ArrayList; -import java.util.Base64; -import java.util.HashMap; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Objects; -import java.util.Optional; -import java.util.function.BiFunction; -import java.util.stream.Collectors; -import java.util.stream.Stream; - -import jakarta.annotation.PostConstruct; -import javax.crypto.BadPaddingException; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.xml.bind.DatatypeConverter; - -import io.mosip.testrig.authentication.demo.service.dto.*; -import org.apache.commons.codec.digest.DigestUtils; -import org.apache.commons.io.IOUtils; -import org.bouncycastle.operator.OperatorCreationException; -import org.jose4j.lang.JoseException; -import org.json.JSONException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.core.env.Environment; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpMethod; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; -import org.springframework.lang.NonNull; -import org.springframework.lang.Nullable; -import org.springframework.web.bind.annotation.*; -import org.springframework.web.client.HttpServerErrorException; -import org.springframework.web.client.RestClientException; -import org.springframework.web.client.RestTemplate; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; - -import io.mosip.authentication.core.constant.IdAuthCommonConstants; -import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants; -import io.mosip.authentication.core.exception.IdAuthenticationAppException; -import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; -import io.mosip.authentication.core.indauth.dto.IdType; -import io.mosip.authentication.core.spi.indauth.match.MatchType; -import io.mosip.kernel.core.exception.ExceptionUtils; -import io.mosip.kernel.core.exception.ServiceError; -import io.mosip.kernel.core.templatemanager.spi.TemplateManager; -import io.mosip.kernel.core.templatemanager.spi.TemplateManagerBuilder; -import io.mosip.kernel.core.util.CryptoUtil; -import io.mosip.kernel.core.util.DateUtils; -import io.mosip.kernel.core.util.HMACUtils2; -import io.mosip.testrig.authentication.demo.service.controller.Encrypt.SplittedEncryptedData; -import io.mosip.testrig.authentication.demo.service.helper.CertificateTypes; -import io.mosip.testrig.authentication.demo.service.helper.KeyMgrUtil; -import io.mosip.testrig.authentication.demo.service.helper.PartnerTypes; -import io.swagger.annotations.Api; - -/** - * The Class AuthRequestController is used to automate the creation of Auth - * Request. - * - * @author Arun Bose S - */ -@RestController -@Api(tags = { "Authentication Request Creation" }) -public class AuthRequestController { - - private static final String PHONE = "PHONE"; - - private static final String EMAIL = "EMAIL"; - - private static final String CHANNELS = "channels"; - - private static final String DATE_TIME = "dateTime"; - - private static final String MOSIP_ENV = "mosip.env"; - - private static final String MOSIP_DOMAINURI= "mosip.domainUri"; - - private static final String REQ_ID = "reqId"; - - private static final String PROP_PARTNER_URL_SUFFIX = "partnerUrlSuffix"; - - private static final String SPEC_VERSION = "specVersion"; - - private static final String MOSIP_BASE_URL = "mosip.base.url"; - - private static final String ENV = "env"; - - private static final String DOMAIN_URI = "domainUri"; - - private static final String TRANSACTION_ID = "transactionId"; - - private static final String DIGITAL_ID = "digitalId"; - - private static final String SESSION_KEY = "sessionKey"; - - private static final String BIO_VALUE = "bioValue"; - - private static final String DATA = "data"; - - private static final String BIOMETRICS = "biometrics"; - - private static final String IDENTITY = "Identity"; - - private static final String SECONDARY_LANG_CODE = "secondaryLangCode"; - - /** The Constant TEMPLATE. */ - private static final String TEMPLATE = "Template"; - - private static final String PIN = "pin"; - - private static final String BIO = "bio"; - - private static final String DEMO = "demo"; - - private static final String OTP = "otp"; - - private static final String TIMESTAMP = "timestamp"; - - private static final String TXN = "txn"; - - private static final String VER = "ver"; - - private static final String IDA_API_VERSION = "ida.api.version"; - - private static final String AUTH_TYPE = "authType"; - - private static final String UIN = "UIN"; - - private static final String ID_TYPE = "idType"; - - private static final String IDA_AUTH_REQUEST_TEMPLATE = "ida.authRequest.template"; - - private static final String IDA_KYC_EXCHANGE_REQUEST_TEMPLATE = "ida.kycExchangeRequest.template"; - - private static final String IDA_VCI_EXCHANGE_REQUEST_TEMPLATE = "ida.vciExchangeRequest.template"; - - private static final String ID = "id"; - - private static final String CLASSPATH = "classpath"; - - private static final String ENCODE_TYPE = "UTF-8"; - - private static final String DEFAULT_OTP_REQ_TEMPLATE = "{\r\n" - + " \"id\": \"${reqId}\",\r\n" - + " \"individualId\": \"${id}\",\r\n" - + " \"otpChannel\": [\r\n" - + " \"email\",\r\n" - + " \"phone\"\r\n" - + " ],\r\n" - + " \"requestTime\": \"${timestamp}\",\r\n" - + " \"transactionID\": \"${txn}\",\r\n" - + " \"version\": \"${ver}\"\r\n" - + "}"; - - private static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----"; - private static final String END_CERTIFICATE = "-----END CERTIFICATE-----"; - private static final String LINE_SEPARATOR = System.getProperty("line.separator"); - - @Autowired - private Encrypt encrypt; - - @Autowired - private Environment environment; - - @Autowired - private TemplateManagerBuilder templateManagerBuilder; - - @Autowired - private TemplateManager templateManager; - - @Autowired - private ObjectMapper mapper; - - @Autowired - JWSSignAndVerifyController jWSSignAndVerifyController; - - @Autowired - KeyMgrUtil keyMgrUtil; - - @PostConstruct - public void idTemplateManagerPostConstruct() { - templateManager = templateManagerBuilder.encodingType(ENCODE_TYPE).enableCache(false).resourceLoader(CLASSPATH) - .build(); - } - - /** - * this method is used to create the auth request. - * - * @param id the id - * @param idType the id type - * @param isKyc the is kyc - * @param isInternal the is internal - * @param reqAuth the req auth - * @param transactionId the transaction id - * @param request the request - * @return the string - * @throws Exception - */ - @SuppressWarnings("unchecked") - @PostMapping(path = "/createAuthRequest", consumes = MediaType.APPLICATION_JSON_VALUE, produces = { - MediaType.TEXT_PLAIN_VALUE }) - public ResponseEntity createAuthRequest(@RequestParam(name = ID, required = true) @Nullable String id, - @RequestParam(name = ID_TYPE, required = false) @Nullable String idType, - @RequestParam(name = "isKyc", required = false) @Nullable boolean isKyc, - @RequestParam(name = "isInternal", required = false) @Nullable boolean isInternal, - @RequestParam(name = "Authtype", required = false) @Nullable String reqAuth, - @RequestParam(name = TRANSACTION_ID, required = false) @Nullable String transactionId, - @RequestParam(name = "requestTime", required = false) @Nullable String requestTime, - @RequestParam(name = "isNewInternalAuth", required = false) @Nullable boolean isNewInternalAuth, - @RequestParam(name = "isPreLTS", required = false) @Nullable boolean isPreLTS, - @RequestParam(name = "signWithMisp", required = false) @Nullable boolean signWithMisp, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestBody Map request, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws Exception { - String authRequestTemplate = environment.getProperty(IDA_AUTH_REQUEST_TEMPLATE); - Map reqValues = new HashMap<>(); - - if(isPreLTS) { - reqValues.put(OTP, false); - reqValues.put(DEMO, false); - reqValues.put(BIO, false); - reqValues.put(PIN, false); - } - - if(isNewInternalAuth) { - isInternal = true; - } - - boolean needsEncryption = !isInternal || !isNewInternalAuth; - String keysDirPath = keyMgrUtil.getKeysDirPath(certsDir, moduleName); - - if(needsEncryption) { - reqValues.put("thumbprint", - digest(getCertificateThumbprint(encrypt.getCertificate(isInternal, keysDirPath)))); - } - - if (requestTime == null) { - requestTime = DateUtils.getUTCCurrentDateTimeString(environment.getProperty("datetime.pattern")); - - } - - if(!request.containsKey(TIMESTAMP)) { - request.put(TIMESTAMP, "");//Initializing. Setting value is done in further steps. - } - - idValuesMap(id, isKyc, isInternal, reqValues, transactionId, requestTime); - getAuthTypeMap(reqAuth, reqValues, request); - applyRecursively(request, TIMESTAMP, requestTime); - applyRecursively(request, DATE_TIME, requestTime); - applyRecursively(request, TRANSACTION_ID, transactionId); - - if(isKyc && signWithMisp) { - reqValues.put(AUTH_TYPE, "kycauth"); - } - - if(needsEncryption) { - if (reqValues.get(BIO) != null && Boolean.valueOf(reqValues.get(BIO).toString())) { - Object bioObj = request.get(BIOMETRICS); - if (bioObj instanceof List) { - List> encipheredBiometrics = encipherBiometrics(isInternal, requestTime, - transactionId, partnerName, keyFileNameByPartnerName, (List>) bioObj, certsDir, moduleName); - request.put(BIOMETRICS, encipheredBiometrics); - } - } - encryptValuesMap(request, reqValues, isInternal, certsDir, moduleName); - } - - StringWriter writer = new StringWriter(); - InputStream templateValue; - if (request != null && request.size() > 0) { - templateValue = templateManager - .merge(new ByteArrayInputStream(authRequestTemplate.getBytes(StandardCharsets.UTF_8)), reqValues); - - if (templateValue != null) { - IOUtils.copy(templateValue, writer, StandardCharsets.UTF_8); - String requestString = writer.toString(); - if(!needsEncryption) { - Map resMap = mapper.readValue(requestString.getBytes(StandardCharsets.UTF_8), Map.class); - resMap.put("request", request); - resMap.put("requestHMAC", null); - resMap.put("requestSessionKey", null); - resMap.put("thumbprint", null); - - requestString = mapper.writerWithDefaultPrettyPrinter().writeValueAsString(resMap); - } - if (reqValues.containsKey(SECONDARY_LANG_CODE)) { - Map resMap = mapper.readValue(requestString.getBytes(StandardCharsets.UTF_8), Map.class); - resMap.put(SECONDARY_LANG_CODE, reqValues.get(SECONDARY_LANG_CODE)); - requestString = mapper.writerWithDefaultPrettyPrinter().writeValueAsString(resMap); - } - if(isPreLTS) { - Map requestMap = mapper.readValue(requestString.getBytes(StandardCharsets.UTF_8), Map.class); - Map requestedAuth = new HashMap<>(); - requestMap.put("individualIdType", idType == null || idType.trim().length() == 0 ? IdType.UIN.toString() : idType); - requestMap.put("requestedAuth", requestedAuth); - if(Boolean.valueOf(String.valueOf(reqValues.get(OTP)))) { - requestedAuth.put("otp", true); - } - if(Boolean.valueOf(String.valueOf(reqValues.get(DEMO)))) { - requestedAuth.put("demo", true); - } - if(Boolean.valueOf(String.valueOf(reqValues.get(BIO)))) { - requestedAuth.put("bio", true); - } - if(Boolean.valueOf(String.valueOf(reqValues.get(PIN)))) { - requestedAuth.put("pin", true); - } - requestString = mapper.writeValueAsString(requestMap); - } - HttpHeaders httpHeaders = new HttpHeaders(); - PartnerTypes partnerTypes = isKyc ? PartnerTypes.EKYC : PartnerTypes.RELYING_PARTY; - - String rpSignature = signRequest(signWithMisp ? PartnerTypes.MISP : partnerTypes, partnerName, keyFileNameByPartnerName, requestString, certsDir, moduleName); - httpHeaders.add("signature", rpSignature); - return new ResponseEntity<>(requestString, httpHeaders, HttpStatus.OK); - } else { - throw new IdAuthenticationBusinessException( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), String.format( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage(), TEMPLATE)); - } - - } else { - throw new IdAuthenticationBusinessException( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), - String.format(IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage(), IDENTITY)); - } - } - - /** - * this method is used to create the auth request. - * - * @param id the id - * @param idType the id type - * @param isKyc the is kyc - * @param isInternal the is internal - * @param reqAuth the req auth - * @param transactionId the transaction id - * @param request the request - * @return the string - * @throws Exception - */ - @SuppressWarnings({ "unchecked", "rawtypes" }) - @PostMapping(path = "/authenticate", consumes = MediaType.APPLICATION_JSON_VALUE, produces = { - MediaType.APPLICATION_JSON_VALUE }) - public ResponseEntity> authenticate(@RequestParam(name = ID, required = true) @Nullable String id, - @RequestParam(name = ID_TYPE, required = false) @Nullable String idType, - @RequestParam(name = "isLocal", required = false ) @Nullable boolean isLocal, - @RequestParam(name = "isKyc", required = false) @Nullable boolean isKyc, - @RequestParam(name = "isInternal", required = false) @Nullable boolean isInternal, - @RequestParam(name = "Authtype", required = false) @Nullable String reqAuth, - @RequestParam(name = TRANSACTION_ID, required = false) @Nullable String transactionId, - @RequestParam(name = PROP_PARTNER_URL_SUFFIX, required = false) @Nullable String partnerUrlSuffix, - @RequestParam(name = "requestTime", required = false) @Nullable String requestTime, - @RequestParam(name = "isNewInternalAuth", required = false) @Nullable boolean isNewInternalAuth, - @RequestParam(name = "isPreLTS", required = false) @Nullable boolean isPreLTS, - @RequestParam(name = "signWithMisp", required = false) @Nullable boolean signWithMisp, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestBody Map request, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws Exception { - ResponseEntity authRequest = this.createAuthRequest(id, idType, isKyc, isInternal, reqAuth, transactionId, requestTime, isNewInternalAuth, isPreLTS, signWithMisp, partnerName, keyFileNameByPartnerName, request, certsDir, moduleName); - String reqBody = authRequest.getBody(); - String reqSignature = authRequest.getHeaders().get("signature").get(0); - - RestTemplate restTemplate = encrypt.createRestTemplate(); - - HttpHeaders httpHeaders = new HttpHeaders(); - httpHeaders.add("signature", reqSignature); - httpHeaders.add("Authorization", reqSignature); - httpHeaders.add("Content-Type", "application/json"); - HttpEntity httpEntity = new HttpEntity<>(reqBody, httpHeaders); - Map reqBodyMap = mapper.readValue(reqBody, Map.class); - URI authRequestUrl = getAuthRequestUrl((String)reqBodyMap.get("id"), isLocal, partnerUrlSuffix, isNewInternalAuth); - - Map respMap = new LinkedHashMap<>(); - - respMap.put("URL", authRequestUrl); - - Map authReqMap = new LinkedHashMap<>(); - authReqMap.put("body", reqBody); - authReqMap.put("signature", reqSignature); - respMap.put("authRequest", authReqMap); - - Map authRespBody = new LinkedHashMap<>(); - Object respBody; - String respSignature; - try { - ResponseEntity authResponse = restTemplate.exchange(authRequestUrl, HttpMethod.POST, httpEntity, Map.class); - respBody = authResponse.getBody(); - List serviceErrorList = ExceptionUtils.getServiceErrorList(mapper.writeValueAsString(respBody)); - if(serviceErrorList.isEmpty()) { - List signatureHeaders = authResponse.getHeaders().get("response-signature"); - respSignature = signatureHeaders != null ? authResponse.getHeaders().get("response-signature").get(0) : null; - authRespBody.put("signature", respSignature); - } - } catch (RestClientException e) { - respBody = e instanceof HttpServerErrorException ? ((HttpServerErrorException)e).getResponseBodyAsString() : ExceptionUtils.getStackTrace(e); - } - - authRespBody.put("body", respBody); - respMap.put("authResponse", authRespBody); - - ResponseEntity> responseEntity = new ResponseEntity(respMap, HttpStatus.OK); - return responseEntity; - - } - - @SuppressWarnings({ "unchecked", "rawtypes" }) - @PostMapping(path = "/kyc-exchange", consumes = MediaType.APPLICATION_JSON_VALUE, produces = { - MediaType.APPLICATION_JSON_VALUE }) - public ResponseEntity> doKycExchange(@RequestParam(name = ID, required = true) @Nullable String id, - @RequestParam(name = ID_TYPE, required = false) @Nullable String idType, - @RequestParam(name = "isLocal", required = false ) @Nullable boolean isLocal, - @RequestParam(name = "Authtype", required = false) @Nullable String reqAuth, - @RequestParam(name = "kycToken", required = false) @Nullable String kycToken, - @RequestParam(name = "respType", required = false) @Nullable String respType, - @RequestParam(name = TRANSACTION_ID, required = false) @Nullable String transactionId, - @RequestParam(name = PROP_PARTNER_URL_SUFFIX, required = false) @Nullable String partnerUrlSuffix, - @RequestParam(name = "requestTime", required = false) @Nullable String requestTime, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestBody Map request, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws Exception { - ResponseEntity authRequest = this.createKycExchangeRequest(id, idType, reqAuth, kycToken, respType, transactionId, requestTime, partnerName, keyFileNameByPartnerName, request, certsDir, moduleName); - String reqBody = authRequest.getBody(); - String reqSignature = authRequest.getHeaders().get("signature").get(0); - - RestTemplate restTemplate = encrypt.createRestTemplate(); - - HttpHeaders httpHeaders = new HttpHeaders(); - httpHeaders.add("signature", reqSignature); - httpHeaders.add("Authorization", reqSignature); - httpHeaders.add("Content-Type", "application/json"); - HttpEntity httpEntity = new HttpEntity<>(reqBody, httpHeaders); - Map reqBodyMap = mapper.readValue(reqBody, Map.class); - URI authRequestUrl = getAuthRequestUrl((String)reqBodyMap.get("id"), isLocal, partnerUrlSuffix, false); - - Map respMap = new LinkedHashMap<>(); - - respMap.put("URL", authRequestUrl); - - Map authReqMap = new LinkedHashMap<>(); - authReqMap.put("body", reqBody); - authReqMap.put("signature", reqSignature); - respMap.put("authRequest", authReqMap); - - Map authRespBody = new LinkedHashMap<>(); - Object respBody; - String respSignature; - try { - ResponseEntity authResponse = restTemplate.exchange(authRequestUrl, HttpMethod.POST, httpEntity, Map.class); - respBody = authResponse.getBody(); - List serviceErrorList = ExceptionUtils.getServiceErrorList(mapper.writeValueAsString(respBody)); - if(serviceErrorList.isEmpty()) { - List signatureHeaders = authResponse.getHeaders().get("response-signature"); - respSignature = signatureHeaders != null ? authResponse.getHeaders().get("response-signature").get(0) : null; - authRespBody.put("signature", respSignature); - } - } catch (RestClientException e) { - respBody = e instanceof HttpServerErrorException ? ((HttpServerErrorException)e).getResponseBodyAsString() : ExceptionUtils.getStackTrace(e); - } - - authRespBody.put("body", respBody); - respMap.put("authResponse", authRespBody); - - ResponseEntity> responseEntity = new ResponseEntity(respMap, HttpStatus.OK); - return responseEntity; - } - - @PostMapping(path = "/create-kyc-exchange-request", consumes = MediaType.APPLICATION_JSON_VALUE, produces = { - MediaType.APPLICATION_JSON_VALUE }) - public ResponseEntity createKycExchangeRequest(@RequestParam(name = ID, required = true) @Nullable String id, - @RequestParam(name = ID_TYPE, required = false) @Nullable String idType, - @RequestParam(name = "Authtype", required = false) @Nullable String reqAuth, - @RequestParam(name = "kycToken", required = false) @Nullable String kycToken, - @RequestParam(name = "respType", required = false) @Nullable String respType, - @RequestParam(name = TRANSACTION_ID, required = false) @Nullable String transactionId, - @RequestParam(name = "requestTime", required = false) @Nullable String requestTime, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestBody Map request, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws Exception { - String authRequestTemplate = environment.getProperty(IDA_KYC_EXCHANGE_REQUEST_TEMPLATE); - Map reqValues = new HashMap<>(); - - if (requestTime == null) { - requestTime = DateUtils.getUTCCurrentDateTimeString(environment.getProperty("datetime.pattern")); - } - - reqValues.put(ID, id); - reqValues.put("individualIdType", idType == null || idType.trim().length() == 0 ? IdType.UIN.toString() : idType); - reqValues.put(AUTH_TYPE, reqAuth); - reqValues.put(TIMESTAMP, requestTime); - reqValues.put(TXN, transactionId == null ? "1234567890" : transactionId); - reqValues.put(VER, environment.getProperty(IDA_API_VERSION)); - reqValues.put("kycToken", kycToken); - reqValues.put("respType", respType); - reqValues.put("request", request); - - StringWriter writer = new StringWriter(); - InputStream templateValue; - if (request != null && request.size() > 0) { - templateValue = templateManager - .merge(new ByteArrayInputStream(authRequestTemplate.getBytes(StandardCharsets.UTF_8)), reqValues); - - if (templateValue != null) { - IOUtils.copy(templateValue, writer, StandardCharsets.UTF_8); - String res = writer.toString(); - ObjectNode response = mapper.readValue(res.getBytes(), ObjectNode.class); - - HttpHeaders httpHeaders = new HttpHeaders(); - String responseStr = response.toString(); - - String rpSignature = signRequest(PartnerTypes.MISP, partnerName, keyFileNameByPartnerName, responseStr, certsDir, moduleName); - httpHeaders.add("signature", rpSignature); - return new ResponseEntity<>(responseStr, httpHeaders, HttpStatus.OK); - } else { - throw new IdAuthenticationBusinessException( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), String.format( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage(), TEMPLATE)); - } - - } else { - throw new IdAuthenticationBusinessException( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), - String.format(IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage(), IDENTITY)); - } - } - - @PostMapping(path = "/create-vci-exchange-request", consumes = MediaType.APPLICATION_JSON_VALUE, produces = { - MediaType.APPLICATION_JSON_VALUE }) - public ResponseEntity createVciExchangeRequest(@RequestParam(name = ID, required = true) @Nullable String id, - @RequestParam(name = ID_TYPE, required = false) @Nullable String idType, - @RequestParam(name = "Authtype", required = false) @Nullable String reqAuth, - @RequestParam(name = TRANSACTION_ID, required = false) @Nullable String transactionId, - @RequestParam(name = "requestTime", required = false) @Nullable String requestTime, - @RequestParam(name = "vcFormat", required = false) @Nullable String vcFormat, - @RequestParam(name = "credSubjectId", required = false)@Nullable String credSubjectId, - @RequestParam(name = "vcAuthToken", required = false)@Nullable String vcAuthToken, - @RequestParam(name = "keyFileNameByPartnerName", required = false)boolean keyFileNameByPartnerName, - @RequestParam(name = "partnerName", required = false)@Nullable String partnerName, - @RequestBody Map request, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws Exception { - String authRequestTemplate = environment.getProperty(IDA_VCI_EXCHANGE_REQUEST_TEMPLATE); - Map reqValues = new HashMap<>(); - - if (requestTime == null) { - requestTime = DateUtils.getUTCCurrentDateTimeString(environment.getProperty("datetime.pattern")); - } - - reqValues.put(ID, id); - reqValues.put("individualIdType", idType == null || idType.trim().length() == 0 ? IdType.UIN.toString() : idType); - reqValues.put(AUTH_TYPE, reqAuth); - reqValues.put(TIMESTAMP, requestTime); - reqValues.put(TXN, transactionId == null ? "1234567890" : transactionId); - reqValues.put(VER, environment.getProperty(IDA_API_VERSION)); - reqValues.put("vcFormat", vcFormat); - reqValues.put("credSubjectId", credSubjectId); - reqValues.put("vcAuthToken", vcAuthToken); - - StringWriter writer = new StringWriter(); - InputStream templateValue; - if (request != null && request.size() > 0) { - templateValue = templateManager - .merge(new ByteArrayInputStream(authRequestTemplate.getBytes(StandardCharsets.UTF_8)), reqValues); - - if (templateValue != null) { - IOUtils.copy(templateValue, writer, StandardCharsets.UTF_8); - String res = writer.toString(); - ObjectNode response = mapper.readValue(res.getBytes(), ObjectNode.class); - - HttpHeaders httpHeaders = new HttpHeaders(); - String responseStr = response.toString(); - - String rpSignature = signRequest(PartnerTypes.MISP, partnerName, keyFileNameByPartnerName, responseStr, certsDir, moduleName); - httpHeaders.add("signature", rpSignature); - return new ResponseEntity<>(responseStr, httpHeaders, HttpStatus.OK); - } else { - throw new IdAuthenticationBusinessException( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), String.format( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage(), TEMPLATE)); - } - } else { - throw new IdAuthenticationBusinessException( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), - String.format(IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage(), IDENTITY)); - } - } - - - /** - * this method is used to create the auth request. - * - * @param id the id - * @param idType the id type - * @param isKyc the is kyc - * @param isInternal the is internal - * @param reqAuth the req auth - * @param transactionId the transaction id - * @param request the request - * @return the string - * @throws Exception - */ - @SuppressWarnings({ "unchecked", "rawtypes" }) - @PostMapping(path = "/sendOtp", produces = { - MediaType.APPLICATION_JSON_VALUE }) - public ResponseEntity> sendOtp(@RequestParam(name = ID, required = true) @Nullable String id, - @RequestParam(name = ID_TYPE, required = false) @Nullable String idType, - @RequestParam(name = "isLocal", required = false ) @Nullable boolean isLocal, - @RequestParam(name = "isInternal", required = false) @Nullable boolean isInternal, - @RequestParam(name = "isEmail", required = false, defaultValue = "true") @Nullable boolean isEmail, - @RequestParam(name = "isPhone", required = false, defaultValue = "true") @Nullable boolean isPhone, - @RequestParam(name = TRANSACTION_ID, required = false) @Nullable String transactionId, - @RequestParam(name = PROP_PARTNER_URL_SUFFIX, required = false) @Nullable String partnerUrlSuffix, - @RequestParam(name = "isPreLTS", required = false) @Nullable boolean isPreLTS, - @RequestParam(name = "requestTime", required = false) @Nullable String requestTime, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) - - throws Exception { - - ResponseEntity otpReqEntity = createOtpRequestBody(isInternal, idType, isEmail, isPhone, id, transactionId, isPreLTS, requestTime, partnerName, keyFileNameByPartnerName, certsDir, moduleName); - String reqSignature = otpReqEntity.getHeaders().get("signature").get(0); - String reqBody = otpReqEntity.getBody(); - - RestTemplate restTemplate = encrypt.createRestTemplate(); - - HttpHeaders httpHeaders = new HttpHeaders(); - httpHeaders.add("signature", reqSignature); - httpHeaders.add("Authorization", reqSignature); - httpHeaders.add("Content-Type", "application/json"); - HttpEntity httpEntity = new HttpEntity<>(reqBody, httpHeaders); - Map reqBodyMap = mapper.readValue(reqBody, Map.class); - URI otpRequestUrl = getOtpRequestUrl((String)reqBodyMap.get("id"), isLocal, partnerUrlSuffix); - - Map respMap = new LinkedHashMap<>(); - - respMap.put("URL", otpRequestUrl); - - Map otpReqMap = new LinkedHashMap<>(); - otpReqMap.put("body", reqBody); - otpReqMap.put("signature", reqSignature); - respMap.put("otpRequest", otpReqMap); - - Map otpRespBody = new LinkedHashMap<>(); - Object respBody; - String respSignature; - try { - ResponseEntity authResponse = restTemplate.exchange(otpRequestUrl, HttpMethod.POST, httpEntity, Map.class); - respBody = authResponse.getBody(); - respSignature = authResponse.getHeaders().get("response-signature").get(0); - otpRespBody.put("signature", respSignature); - } catch (RestClientException e) { - respBody = e instanceof HttpServerErrorException ? ((HttpServerErrorException)e).getResponseBodyAsString() : ExceptionUtils.getStackTrace(e); - } - - otpRespBody.put("body", respBody); - respMap.put("otpResponse", otpRespBody); - - ResponseEntity> responseEntity = new ResponseEntity(respMap, HttpStatus.OK); - return responseEntity; - - } - - @SuppressWarnings("unchecked") - @PostMapping(path = "/createOtpReqest", produces = { - MediaType.TEXT_PLAIN_VALUE }) - public ResponseEntity createOtpRequestBody( - @RequestParam(name = "isInternal", required = false) @Nullable boolean isInternal, - @RequestParam(name = ID_TYPE, required = false) @Nullable String idType, - @RequestParam(name = "isEmail", required = false, defaultValue = "true") @Nullable boolean isEmail, - @RequestParam(name = "isPhone", required = false, defaultValue = "true") @Nullable boolean isPhone, - @RequestParam(name = ID, required = true) @NonNull String id, - @RequestParam(name = TRANSACTION_ID, required = false) @Nullable String transactionId, - @RequestParam(name = "isPreLTS", required = false) @Nullable boolean isPreLTS, - @RequestParam(name = "requestTime", required = false) @Nullable String requestTime, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) - throws IOException, IdAuthenticationBusinessException, KeyManagementException, NoSuchAlgorithmException, - UnrecoverableEntryException, KeyStoreException, CertificateException, OperatorCreationException, - JoseException { - String otpReqTemplate = environment.getProperty("otpRequestTemplate", DEFAULT_OTP_REQ_TEMPLATE); - - Map reqValues = new HashMap<>(); - - if (requestTime == null) { - requestTime = DateUtils.getUTCCurrentDateTimeString(environment.getProperty("datetime.pattern")); - - } - if(isPreLTS) { - if (null != idType) { - reqValues.put(ID_TYPE, idType); - } else { - reqValues.put(ID_TYPE, UIN); - } - - } - - List channels = new ArrayList(); - if(isEmail) { - channels.add(EMAIL); - } - if(isPhone) { - channels.add(PHONE); - } - - if(!isEmail && !isPhone) { - channels.add(EMAIL); - } - - String channelStr = channels.stream().collect(Collectors.joining("\",\"", "\"", "\"")); - - reqValues.put(CHANNELS, channelStr); - idValuesMapForOtpReq(id, isInternal, reqValues, transactionId, requestTime); - - StringWriter writer = new StringWriter(); - InputStream templateValue; - templateValue = templateManager - .merge(new ByteArrayInputStream(otpReqTemplate.getBytes(StandardCharsets.UTF_8)), reqValues); - - if (templateValue != null) { - IOUtils.copy(templateValue, writer, StandardCharsets.UTF_8); - String res = writer.toString(); - if(isPreLTS) { - Map resMap = mapper.readValue(res.getBytes(StandardCharsets.UTF_8), Map.class); - resMap.put("individualIdType", idType == null || idType.trim().length() == 0 ? IdType.UIN.toString() : idType); - res = mapper.writerWithDefaultPrettyPrinter().writeValueAsString(resMap); - } - ObjectNode response = mapper.readValue(res.getBytes(), ObjectNode.class); - HttpHeaders httpHeaders = new HttpHeaders(); - String responseStr = response.toString(); - httpHeaders.add("signature", signRequest(PartnerTypes.RELYING_PARTY, partnerName, keyFileNameByPartnerName, responseStr, certsDir, moduleName)); - return new ResponseEntity<>(responseStr, httpHeaders, HttpStatus.OK); - } else { - throw new IdAuthenticationBusinessException( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorCode(), String.format( - IdAuthenticationErrorConstants.MISSING_INPUT_PARAMETER.getErrorMessage(), TEMPLATE)); - } - - } - - @PostMapping(path = "/signRequest", produces = { - MediaType.TEXT_PLAIN_VALUE }) - public String signRequest( - @RequestParam(name = "partnerType", required = true, defaultValue = "RELYING_PARTY") @NonNull PartnerTypes partnerType, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestBody String request, @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) - throws JoseException, NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, - CertificateException, IOException, OperatorCreationException { - return jWSSignAndVerifyController.sign(request, false, - true, false, null, keyMgrUtil.getKeysDirPath(certsDir,moduleName), partnerType, partnerName, keyFileNameByPartnerName); - } - - private void idValuesMapForOtpReq(String id, boolean isInternal, Map reqValues, - String transactionId, String utcCurrentDateTimeString) { - reqValues.put(ID, id); - if (isInternal) { - reqValues.put(REQ_ID, "mosip.identity.otp.internal"); - } else { - reqValues.put(REQ_ID, "mosip.identity.otp"); - } - reqValues.put(TIMESTAMP, utcCurrentDateTimeString); - reqValues.put(TXN, transactionId == null ? "1234567890" : transactionId); - reqValues.put(VER, environment.getProperty(IDA_API_VERSION)); - } - - private URI getAuthRequestUrl(String reqId, boolean isLocal, String partnerUrlSuffix, boolean isNewInternalAuth) { - String baseUrl; - String urlSuffix; - String envBaseUrl = environment.getProperty(MOSIP_BASE_URL); - - boolean isInternal = false; - switch(reqId) { - case "mosip.identity.auth": - baseUrl = isLocal ? "http://localhost:" + environment.getProperty("auth.port", "8090") : envBaseUrl; - urlSuffix = "/idauthentication/v1/auth"; - break; - case "mosip.identity.kyc": - baseUrl = isLocal ? "http://localhost:" + environment.getProperty("kyc.port", "8090") : envBaseUrl; - urlSuffix = "/idauthentication/v1/kyc"; - break; - case "mosip.identity.auth.internal": - baseUrl = isLocal ? "http://localhost:" + environment.getProperty("internal.port", "8093"): envBaseUrl; - urlSuffix = isNewInternalAuth ? "/idauthentication/v1/internal/verifyidentity" : "/idauthentication/v1/internal/auth"; - isInternal = true; - break; - case "mosip.identity.kycauth": - baseUrl = isLocal ? "http://localhost:" + environment.getProperty("kyc.port", "8090") : envBaseUrl; - urlSuffix = "/idauthentication/v1/kyc-auth"; - break; - case "mosip.identity.kycexchange": - baseUrl = isLocal ? "http://localhost:" + environment.getProperty("kyc.port", "8090") : envBaseUrl; - urlSuffix = "/idauthentication/v1/kyc-exchange"; - break; - default: - baseUrl = isLocal ? "http://localhost:" + environment.getProperty("auth.port", "8090") : envBaseUrl; - urlSuffix = "/idauthentication/v1/auth"; - break; - } - - String url = baseUrl + urlSuffix; - - if(!isInternal) { - String partnerSuffix = partnerUrlSuffix == null ? environment.getProperty(PROP_PARTNER_URL_SUFFIX) : partnerUrlSuffix; - if(partnerSuffix == null) { - throw new NullPointerException("partnerUrlSuffix is not specified"); - } - url += "/" + partnerSuffix; - } - return URI.create(url); - } - - private URI getOtpRequestUrl(String reqId, boolean isLocal, String partnerUrlSuffix) { - String baseUrl; - String urlSuffix; - String envBaseUrl = environment.getProperty(MOSIP_BASE_URL); - - boolean isInternal = false; - switch(reqId) { - case "mosip.identity.otp": - baseUrl = isLocal ? "http://localhost:" + environment.getProperty("otp.port", "8092") : envBaseUrl; - urlSuffix = "/idauthentication/v1/otp"; - break; - case "mosip.identity.otp.internal": - baseUrl = isLocal ? "http://localhost:" + environment.getProperty("internal.port", "8093") : envBaseUrl; - urlSuffix = "/idauthentication/v1/internal/otp"; - isInternal = true; - break; - default: - baseUrl = isLocal ? "http://localhost:8092" : envBaseUrl; - urlSuffix = "/idauthentication/v1/auth"; - break; - } - - String url = baseUrl + urlSuffix; - - if(!isInternal) { - String partnerSuffix = partnerUrlSuffix == null ? environment.getProperty(PROP_PARTNER_URL_SUFFIX) : partnerUrlSuffix; - url += "/" + partnerSuffix; - } - return URI.create(url); - } - - public byte[] getCertificateThumbprint(Certificate cert) throws CertificateEncodingException { - return DigestUtils.sha256(cert.getEncoded()); - } - - @SuppressWarnings("unchecked") - @PostMapping(path = "/encipherBiometricData", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE) - public List> encipherBiometrics( - @RequestParam(name = "isInternal", required = false) @Nullable boolean isInternal, - @RequestParam(name = "timestamp", required = false) @Nullable String timestampArg, - @RequestParam(name = "transactionId", required = false) @Nullable String transactionIdArg, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestBody List> biometrics, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws KeyManagementException, - InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, - InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException, - JSONException, IdAuthenticationAppException, IdAuthenticationBusinessException, KeyStoreException, - CertificateException, UnrecoverableEntryException, JoseException, OperatorCreationException { - byte[] previousHash = getHash(""); - - for (Map bioMap : biometrics) { - Object data = bioMap.get(DATA); - if (data == null) { - break; - } - - if (data instanceof Map) { - Map dataMap = (Map) data; - String bioValue = (String) dataMap.get(BIO_VALUE); - String timestamp = timestampArg; - if (timestamp == null) { - timestamp = (String) dataMap.get(TIMESTAMP); - } - if (timestamp == null) { - timestamp = DateUtils.formatToISOString(DateUtils.getUTCCurrentDateTime()); - } - - dataMap.put(TIMESTAMP, timestamp); - dataMap.put(DOMAIN_URI, environment.getProperty(MOSIP_DOMAINURI,environment.getProperty(MOSIP_BASE_URL))); - dataMap.put(ENV, environment.getProperty(MOSIP_ENV, "Staging")); - dataMap.put(SPEC_VERSION, "1.0"); - Object txnIdObj = dataMap.get(TRANSACTION_ID); - if (txnIdObj == null) { - dataMap.put(TRANSACTION_ID, transactionIdArg == null ? "1234567890" : transactionIdArg); - } - String transactionId = String.valueOf(dataMap.get(TRANSACTION_ID)); - String keysDirPath = keyMgrUtil.getKeysDirPath(certsDir,moduleName); - - //SplittedEncryptedData encryptedBiometrics = encrypt.encryptBiometrics(bioValue, timestamp, - // transactionId, isInternal); - SplittedEncryptedData encryptedBiometrics = encrypt.encryptBio(bioValue, timestamp, - transactionId, isInternal, keysDirPath); - - dataMap.put(BIO_VALUE, encryptedBiometrics.getEncryptedData()); - bioMap.put(SESSION_KEY, encryptedBiometrics.getEncryptedSessionKey()); - bioMap.put("thumbprint", digest(getCertificateThumbprint(encrypt.getBioCertificate(isInternal, keysDirPath)))); - - Object digitalId = dataMap.get(DIGITAL_ID); - if (digitalId instanceof Map) { - Map digitalIdMap = (Map) digitalId; - String digitalIdStr = mapper.writeValueAsString(digitalIdMap); - String signedDititalId; - if(!isInternal) { - //String signedDititalId = jWSSignAndVerifyController.sign(digitalIdStr, true); - signedDititalId = jWSSignAndVerifyController.sign(digitalIdStr, true, true, - false, null, keysDirPath, PartnerTypes.FTM, partnerName, keyFileNameByPartnerName); - } else { - signedDititalId = CryptoUtil.encodeToURLSafeBase64(digitalIdStr.getBytes()); - } - dataMap.put(DIGITAL_ID, signedDititalId); - } - - String dataStrJson = mapper.writeValueAsString(dataMap); - - String dataStr; - if (isInternal) { - dataStr = CryptoUtil.encodeToURLSafeBase64(dataStrJson.getBytes()); - } else { - //dataStr = jWSSignAndVerifyController.sign(dataStrJson, true); - dataStr = jWSSignAndVerifyController.sign(dataStrJson, true, true, - false, null, keysDirPath, PartnerTypes.DEVICE, partnerName, keyFileNameByPartnerName); - } - bioMap.put(DATA, dataStr); - - // Updating hash calculation as per latest changes - 29-May-2021 - byte[] currentHash = getHash(CryptoUtil.decodePlainBase64(bioValue)); - byte[] finalBioDataBytes = new byte[currentHash.length + previousHash.length]; - System.arraycopy(previousHash, 0, finalBioDataBytes, 0, previousHash.length); - System.arraycopy(currentHash, 0, finalBioDataBytes, previousHash.length, currentHash.length); - byte[] finalBioDataHash = getHash(finalBioDataBytes); - - /* String concatenatedHash = previousHash + currentHash; - byte[] finalHash = getHash(concatenatedHash); - */ - String finalHashHexEncoded = digest(finalBioDataHash); - bioMap.put("hash", finalHashHexEncoded); - previousHash = finalBioDataHash; - } - } - return biometrics; - } - - private String digest(byte[] hash) throws NoSuchAlgorithmException { - return DatatypeConverter.printHexBinary(hash).toUpperCase(); - } - - /** - * Gets the hash. - * - * @param string the string - * @return the hash - * @throws UnsupportedEncodingException the unsupported encoding exception - * @throws NoSuchAlgorithmException - */ - private byte[] getHash(String string) throws UnsupportedEncodingException, NoSuchAlgorithmException { - return getHash(string.getBytes(UTF_8)); - } - - /** - * Gets the hash. - * - * @param bytes the bytes - * @return the hash - * @throws NoSuchAlgorithmException - */ - private byte[] getHash(byte[] bytes) throws NoSuchAlgorithmException { - return HMACUtils2.generateHash(bytes); - } - - /** - * - * - * @param reqAuth - * @param reqValues - * @param request - */ - private void getAuthTypeMap(String reqAuth, Map reqValues, Map request) { - String[] reqAuthArr; - if (reqAuth == null) { - BiFunction> authTypeMapFunction = (key, authType) -> Optional - .ofNullable(request).filter(map -> map.containsKey(key)).map(map -> authType); - reqAuthArr = Stream - .of(authTypeMapFunction.apply("demographics", "demo"), authTypeMapFunction.apply(BIOMETRICS, "bio"), - authTypeMapFunction.apply("otp", "otp"), authTypeMapFunction.apply("staticPin", "pin")) - .filter(Optional::isPresent).map(Optional::get).toArray(size -> new String[size]); - } else { - reqAuth = reqAuth.trim(); - if (reqAuth.contains(",")) { - reqAuthArr = reqAuth.split(","); - } else { - reqAuthArr = new String[] { reqAuth }; - } - } - - for (String authType : reqAuthArr) { - authTypeSelectionMap(reqValues, authType); - } - } - - private void authTypeSelectionMap(Map reqValues, String authType) { - - if (authType.equalsIgnoreCase(MatchType.Category.OTP.getType())) { - reqValues.put(OTP, true); - } else if (authType.equalsIgnoreCase(MatchType.Category.DEMO.getType())) { - reqValues.put(DEMO, true); - } else if (authType.equalsIgnoreCase(MatchType.Category.BIO.getType())) { - reqValues.put(BIO, true); - } else if (authType.equalsIgnoreCase(MatchType.Category.SPIN.getType())) { - reqValues.put("pin", true); - } - } - - private void encryptValuesMap(Map identity, Map reqValues, Boolean isInternal, String certsDir,String moduleName) - throws Exception { - EncryptionRequestDto encryptionRequestDto = new EncryptionRequestDto(); - encodeBioData(identity); - encryptionRequestDto.setIdentityRequest(identity); - EncryptionResponseDto encryptionResponse = encrypt.encrypt(encryptionRequestDto, isInternal, keyMgrUtil.getKeysDirPath(certsDir,moduleName)); - reqValues.put("encHmac", encryptionResponse.getRequestHMAC()); - reqValues.put("encSessionKey", encryptionResponse.getEncryptedSessionKey()); - reqValues.put("encRequest", encryptionResponse.getEncryptedIdentity()); - } - - @SuppressWarnings("unchecked") - private void encodeBioData(Map identity) { - List bioIdentity = (List) identity.get(IdAuthCommonConstants.BIOMETRICS); - if (bioIdentity == null) { - return; - } - List bioIdentityInfo = new ArrayList<>(); - - for (Object obj : bioIdentity) { - Map map = (Map) obj; - Map dataMap = map.get(DATA) instanceof Map ? (Map) map.get(DATA) : null; - try { - if (Objects.nonNull(dataMap)) { - Object value = CryptoUtil.encodeToURLSafeBase64(mapper.writeValueAsBytes(dataMap)); - map.replace(DATA, value); - } - } catch (JsonProcessingException e) { - } - bioIdentityInfo.add(map); - } - - identity.replace(IdAuthCommonConstants.BIOMETRICS, bioIdentityInfo); - - } - - @SuppressWarnings("unchecked") - private void applyRecursively(Object obj, String key, String value) { - if (obj instanceof Map) { - Map map = (Map) obj; - Optional matchingKey = map.keySet().stream().filter(k -> k.equalsIgnoreCase(key)).findFirst(); - if (matchingKey.isPresent()) { - map.put(matchingKey.get(), value); - } - - for (Object val : map.values()) { - applyRecursively(val, key, value); - } - } else if (obj instanceof List) { - List list = (List) obj; - for (Object object : list) { - applyRecursively(object, key, value); - } - } - } - - private void idValuesMap(String id, boolean isKyc, boolean isInternal, Map reqValues, - String transactionId, String utcCurrentDateTimeString) { - reqValues.put(ID, id); - if (isInternal) { - reqValues.put(AUTH_TYPE, "auth.internal"); - } else { - if (isKyc) { - reqValues.put(AUTH_TYPE, "kyc"); - reqValues.put(SECONDARY_LANG_CODE, environment.getProperty("mosip.secondary-language")); - } else { - reqValues.put(AUTH_TYPE, "auth"); - } - } - - reqValues.put(TIMESTAMP, utcCurrentDateTimeString); - reqValues.put(TXN, transactionId == null ? "1234567890" : transactionId); - reqValues.put(VER, environment.getProperty(IDA_API_VERSION)); - reqValues.put(DOMAIN_URI, environment.getProperty(MOSIP_DOMAINURI, environment.getProperty(MOSIP_BASE_URL))); - reqValues.put(ENV, environment.getProperty(MOSIP_ENV, "Staging")); - } - - @PostMapping(path = "/uploadIDACertificate", produces = MediaType.TEXT_PLAIN_VALUE) - public String uploadIDACertificate( - @RequestParam(name = "certificateType", required = true) CertificateTypes certificateType, - @RequestBody Map requestData, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) - throws CertificateException, IOException { - - String certificateData = requestData.get("certData"); - String fileName = certificateType.getFileName(); - System.out.println("certificateType: " + certificateType.toString()); - System.out.println("FileName: " + fileName); - - X509Certificate x509Cert = (X509Certificate) keyMgrUtil.convertToCertificate(certificateData); - Base64.Encoder base64Encoder = Base64.getMimeEncoder(64, LINE_SEPARATOR.getBytes()); - byte[] certificateBytes = x509Cert.getEncoded(); - String encodedCertificateData = new String(base64Encoder.encode(certificateBytes)); - StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(BEGIN_CERTIFICATE); - strBuilder.append(LINE_SEPARATOR); - strBuilder.append(encodedCertificateData); - strBuilder.append(LINE_SEPARATOR); - strBuilder.append(END_CERTIFICATE); - String certificateStr = strBuilder.toString(); - - String keysDirPath = keyMgrUtil.getKeysDirPath(certsDir,moduleName); - - Path parentPath = Paths.get(keysDirPath + "/" + fileName).getParent(); - if (parentPath != null && !Files.exists(parentPath)) { - Files.createDirectories(parentPath); - } - - boolean isErrored = false; - try (BufferedWriter writer = new BufferedWriter(new FileWriter(keysDirPath + "/" + fileName ))) { - writer.write(certificateStr); - writer.flush(); - } catch (Exception e) { - System.err.println(e.getMessage()); - isErrored = true; - } - - return isErrored ? "Upload Failed" : "Upload Success"; - } - - @GetMapping(path = "/generatePartnerKeys", produces = MediaType.APPLICATION_JSON_VALUE) - public CertificateChainResponseDto generatePartnerKeys( - @RequestParam(name = "partnerType", required = true) PartnerTypes partnerType, - @RequestParam(name = "partnerName", required = true) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) - throws CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableEntryException, - KeyStoreException, OperatorCreationException { - - return keyMgrUtil.getPartnerCertificates(partnerType, keyMgrUtil.getKeysDirPath(certsDir,moduleName), partnerName, - keyFileNameByPartnerName); - } - - @DeleteMapping(path = "/clearKeys") - public void clearKeys(@RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws IOException { - - keyMgrUtil.deleteFile(new File(keyMgrUtil.getKeysDirPath(certsDir,moduleName).toString())); - } - - @PostMapping(path = "/updatePartnerCertificate", produces = MediaType.TEXT_PLAIN_VALUE) - public String updatePartnerCertificate( - @RequestParam(name = "partnerType", required = true) PartnerTypes partnerType, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestBody Map requestData, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws CertificateException, - IOException, NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException { - - String certificateData = requestData.get("certData"); - String filePrepend = partnerType.getFilePrepend(); - - X509Certificate x509Cert = (X509Certificate) keyMgrUtil.convertToCertificate(certificateData); - System.out.println("certificateType: " + partnerType.toString()); - System.out.println("filePrepend: " + filePrepend); - boolean isUpdated = keyMgrUtil.updatePartnerCertificate(filePrepend, x509Cert, keyMgrUtil.getKeysDirPath(certsDir,moduleName), - partnerName, keyFileNameByPartnerName); - return isUpdated ? "Update Success" : "Update Failed"; - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/BiometricValidation.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/BiometricValidation.java deleted file mode 100644 index 5a6bdd5b67f..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/BiometricValidation.java +++ /dev/null @@ -1,299 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import io.swagger.annotations.Api; - -/** - * The Class BiometricValidation. - * - * @author Manoj SP - * - * This class is used to validate the Biometric SDK. It also contains - * functionality to convert from iso/jp2 to jpg. - * - * CheckQuality takes BIR as input. BIR input should have following data - * as mandatory: 1. bdb 2. bdbInfo - type, subtype, format - * (organization, type) - * - * match should provide input in below json structure: - * - * { "probe" : , "gallery" : } - * - * compositeMatch should provide input in below json structure: - * - * { "probe" : , "gallery" : } - */ -//@RestController -@Api(tags = { "Biometric Validation" }) -public class BiometricValidation {//implements IBioApi { -// -// /** The mapper. */ -// @Autowired -// private ObjectMapper mapper; -// -// /** The provider. */ -// @Autowired(required = false) -// private IBioApi provider; -// -// /** The rest. */ -// RestTemplate rest = new RestTemplate(); -// -// /** -// * Iso to JPG. -// * -// * @param file -// * the file -// * @return the response entity -// * @throws IOException -// * Signals that an I/O exception has occurred. -// */ -// @PostMapping(path = "/isoFileToJpg", produces = MediaType.APPLICATION_OCTET_STREAM_VALUE) -// public ResponseEntity isoFileToJPG(@RequestParam("ISO") MultipartFile file) throws IOException { -// byte[] inputFileBytes = file.getBytes(); -// int index; -// for (index = 0; index < inputFileBytes.length; index++) { -// if ((char) inputFileBytes[index] == 'j' && (char) inputFileBytes[index + 1] == 'P') { -// break; -// } -// } -// return convertToJPG(Arrays.copyOfRange(inputFileBytes, index - 4, inputFileBytes.length), -// file.getOriginalFilename()); -// } -// -// /** -// * Encoded Iso to JPG. -// * -// * @param isoEncoded -// * the file -// * @return the response entity -// * @throws IOException -// * Signals that an I/O exception has occurred. -// */ -// @PostMapping(path = "/isoEncodedToJpg", produces = MediaType.APPLICATION_OCTET_STREAM_VALUE) -// public ResponseEntity isoEncodedToJPG(@RequestBody String isoEncoded) throws IOException { -// byte[] inputBytes = CryptoUtil.decodeBase64(isoEncoded); -// int index; -// for (index = 0; index < inputBytes.length; index++) { -// if ((char) inputBytes[index] == 'j' && (char) inputBytes[index + 1] == 'P') { -// break; -// } -// } -// return convertToJPG(Arrays.copyOfRange(inputBytes, index - 4, inputBytes.length), -// "image"); -// } -// -// /** -// * Jp 2 to JPG. -// * -// * @param file -// * the file -// * @return the response entity -// * @throws IOException -// * Signals that an I/O exception has occurred. -// */ -// @PostMapping(path = "/jp2ToJpg", produces = MediaType.APPLICATION_OCTET_STREAM_VALUE) -// public ResponseEntity jp2ToJPG(@RequestParam("JP2") MultipartFile file) throws IOException { -// return convertToJPG(file.getBytes(), file.getOriginalFilename()); -// } -// -// /** -// * Jp 2 to JPG. -// * -// * @param file -// * the file -// * @return the response entity -// * @throws IOException -// * Signals that an I/O exception has occurred. -// */ -// @PostMapping(path = "/jp2EncodedToJpg", produces = MediaType.APPLICATION_OCTET_STREAM_VALUE) -// public ResponseEntity jp2EncodedToJPG(@RequestBody String isoEncoded) throws IOException { -// return convertToJPG(CryptoUtil.decodeBase64(isoEncoded), "image"); -// } -// -// /** -// * Convert to JPG. -// * -// * @param jp2Data -// * the jp 2 data -// * @param fileName -// * the file name -// * @return the response entity -// * @throws IOException -// * Signals that an I/O exception has occurred. -// */ -// private ResponseEntity convertToJPG(byte[] jp2Data, String fileName) throws IOException { -// J2KImageReader j2kImageReader = new J2KImageReader(null); -// j2kImageReader.setInput(ImageIO.createImageInputStream(new ByteArrayInputStream(jp2Data))); -// ImageReadParam imageReadParam = j2kImageReader.getDefaultReadParam(); -// BufferedImage image = j2kImageReader.read(0, imageReadParam); -// ByteArrayOutputStream imgBytes = new ByteArrayOutputStream(); -// ImageIO.write(image, "JPG", imgBytes); -// byte[] jpgImg = imgBytes.toByteArray(); -// InputStreamResource resource = new InputStreamResource(new ByteArrayInputStream(jpgImg)); -// HttpHeaders headers = new HttpHeaders(); -// headers.add("Cache-Control", "no-cache, no-store, must-revalidate"); -// headers.add("Pragma", "no-cache"); -// headers.add("Content-Disposition", "attachment; filename=" + fileName + ".jpg"); -// headers.add("Expires", "0"); -// return ResponseEntity.ok().headers(headers).contentLength(jpgImg.length) -// .contentType(MediaType.parseMediaType("application/octet-stream")).body(resource); -// } -// -// /** -// * Check quality. -// * -// * @param sample -// * the sample -// * @return the quality score -// * @throws BiometricException -// * the biometric exception -// */ -// @PostMapping(path = "/checkQuality", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE) -// public QualityScore checkQuality(@ApiParam("Requires bio.test.server.provider property to be set.\n" -// + "BIR input should be as follows: \r\n { \r\n" -// + " \"bdbInfo\": {\r\n" + " \"type\": [\"FINGER\"],\r\n" -// + " \"subtype\": [\"Left\", \"Index\"],\r\n" + " \"format\": {\r\n" -// + " \"organization\": \"257\",\r\n" + " \"type\": \"7\"\r\n" + " }\r\n" -// + " },\r\n" + " \"bdb\": bdb data\r\n" + "}") @RequestBody BIR sample) throws BiometricException { -// return provider.checkQuality(sample, null); -// } -// -// /** -// * Match. -// * -// * @param node -// * the node -// * @return the score[] -// * @throws BiometricException -// * the biometric exception -// * @throws JsonParseException -// * the json parse exception -// * @throws JsonMappingException -// * the json mapping exception -// * @throws IOException -// * Signals that an I/O exception has occurred. -// */ -// @SuppressWarnings("unchecked") -// @PostMapping(path = "/match", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE) -// public Score[] match( -// @ApiParam("Requires bio.test.server.provider property to be set.\n" -// + "match should provide input in below json structure:\r\n" + "{\r\n" -// + " \"probe\" : BIR data,\r\n" + " \"gallery\" : array of BIR data\r\n" -// + " }") @RequestBody ObjectNode node) -// throws BiometricException, JsonParseException, JsonMappingException, IOException { -// BIR probe = mapper.readValue(node.get("probe").toString(), BIR.class); -// BIR[] gallery = (BIR[]) ((List) mapper.readValue(node.get("gallery").toString(), -// new TypeReference>() { -// })).toArray(new BIR[] {}); -// return provider.match(probe, gallery, null); -// } -// -// /** -// * Composite match. -// * -// * @param node -// * the node -// * @return the composite score -// * @throws BiometricException -// * the biometric exception -// * @throws JsonParseException -// * the json parse exception -// * @throws JsonMappingException -// * the json mapping exception -// * @throws IOException -// * Signals that an I/O exception has occurred. -// */ -// @SuppressWarnings("unchecked") -// @PostMapping(path = "/compositeMatch", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE) -// public CompositeScore compositeMatch( -// @ApiParam("Requires bio.test.server.provider property to be set.\n." -// + "compositeMatch should provide input in below json structure:\r\n" + " { \r\n" -// + " \"probe\" : array of BIR data,\r\n" + " \"gallery\" : array of BIR data\r\n" -// + " }") @RequestBody ObjectNode node) -// throws BiometricException, JsonParseException, JsonMappingException, IOException { -// BIR[] probe = (BIR[]) ((List) mapper.readValue(node.get("probe").toString(), -// new TypeReference>() { -// })).toArray(new BIR[] {}); -// BIR[] gallery = (BIR[]) ((List) mapper.readValue(node.get("gallery").toString(), -// new TypeReference>() { -// })).toArray(new BIR[] {}); -// return provider.compositeMatch(probe, gallery, null); -// } -// -// /* -// * (non-Javadoc) -// * -// * @see -// * io.mosip.kernel.core.bioapi.spi.IBioApi#checkQuality(io.mosip.kernel.core. -// * cbeffutil.entity.BIR, io.mosip.kernel.core.bioapi.model.KeyValuePair[]) -// */ -// @Override -// public QualityScore checkQuality(BIR probe, KeyValuePair[] var2) throws BiometricException { -// return this.checkQuality(probe); -// } -// -// /* -// * (non-Javadoc) -// * -// * @see -// * io.mosip.kernel.core.bioapi.spi.IBioApi#compositeMatch(io.mosip.kernel.core. -// * cbeffutil.entity.BIR[], io.mosip.kernel.core.cbeffutil.entity.BIR[], -// * io.mosip.kernel.core.bioapi.model.KeyValuePair[]) -// */ -// @Override -// public CompositeScore compositeMatch(BIR[] probe, BIR[] gallery, KeyValuePair[] var3) throws BiometricException { -// ObjectNode node = mapper.createObjectNode(); -// try { -// node.set("probe", mapper.readTree(mapper.writeValueAsString(probe))); -// List asList = Arrays.asList(gallery); -// node.set("gallery", mapper.readTree(mapper.writeValueAsString(asList))); -// return this.compositeMatch(node); -// } catch (Exception e) { -// e.printStackTrace(); -// throw new BiometricException("", e.getMessage(), e); -// } -// } -// -// /* -// * (non-Javadoc) -// * -// * @see -// * io.mosip.kernel.core.bioapi.spi.IBioApi#match(io.mosip.kernel.core.cbeffutil. -// * entity.BIR, io.mosip.kernel.core.cbeffutil.entity.BIR[], -// * io.mosip.kernel.core.bioapi.model.KeyValuePair[]) -// */ -// @Override -// public Score[] match(BIR probe, BIR[] gallery, KeyValuePair[] var3) throws BiometricException { -// ObjectNode node = mapper.createObjectNode(); -// try { -// node.set("probe", mapper.readTree(mapper.writeValueAsString(Arrays.asList(probe)))); -// node.set("gallery", mapper.readTree(mapper.writeValueAsString(Arrays.asList(gallery)))); -// return this.match(node); -// } catch (IOException e) { -// e.printStackTrace(); -// throw new BiometricException("", e.getMessage(), e); -// } -// } -// -// /* -// * (non-Javadoc) -// * -// * @see -// * io.mosip.kernel.core.bioapi.spi.IBioApi#extractTemplate(io.mosip.kernel.core. -// * cbeffutil.entity.BIR, io.mosip.kernel.core.bioapi.model.KeyValuePair[]) -// */ -// @Override -// public BIR extractTemplate(BIR probe, KeyValuePair[] var2) throws BiometricException { -// return null; -// } -// -// /* -// * (non-Javadoc) -// * -// * @see io.mosip.kernel.core.bioapi.spi.IBioApi#segment(io.mosip.kernel.core. -// * cbeffutil.entity.BIR, io.mosip.kernel.core.bioapi.model.KeyValuePair[]) -// */ -// @Override -// public BIR[] segment(BIR var1, KeyValuePair[] var2) throws BiometricException { -// return null; -// } -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Decode.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Decode.java deleted file mode 100644 index ac64f5a9f1f..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Decode.java +++ /dev/null @@ -1,77 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import java.io.ByteArrayInputStream; -import java.nio.charset.StandardCharsets; - -import org.springframework.core.io.InputStreamResource; -import org.springframework.http.HttpHeaders; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - -import io.mosip.kernel.core.util.CryptoUtil; -import io.swagger.annotations.Api; - -/** - * - * The Class Decode is used to decode the String. - * @author Arun Bose S - */ -@RestController -@Api(tags = { "Decode" }) -public class Decode { - - /** - * Decode. - * - * @param stringToDecode the string to decode - * @return the string - */ - @PostMapping(path = "/decodeBase64Plain", consumes = MediaType.TEXT_PLAIN_VALUE, produces = MediaType.APPLICATION_JSON_VALUE) - public String decodeBase64Plain(@RequestBody String stringToDecode) { - return new String(CryptoUtil.decodePlainBase64(stringToDecode), StandardCharsets.UTF_8); - } - - @PostMapping(path = "/decodeBase64UrlSafe", consumes = MediaType.TEXT_PLAIN_VALUE, produces = MediaType.APPLICATION_JSON_VALUE) - public String decodeBase64UrlSafe(@RequestBody String stringToDecode) { - return new String(CryptoUtil.decodeURLSafeBase64(stringToDecode), StandardCharsets.UTF_8); - } - - /** - *Encodes the contents of cpeff file. - * - * @param stringToDecode the string to decode - * @param fileName the file name - * @return the response entity - */ - @PostMapping(path = "/decodeBase64PlainToFile", consumes = MediaType.TEXT_PLAIN_VALUE, produces = MediaType.APPLICATION_OCTET_STREAM_VALUE) - public ResponseEntity decodeBase64PlainToFile(@RequestBody String stringToDecode, - @RequestParam String fileName) { - byte[] decodedFileData = CryptoUtil.decodePlainBase64(stringToDecode); - HttpHeaders headers = new HttpHeaders(); - headers.add("Cache-Control", "no-cache, no-store, must-revalidate"); - headers.add("Pragma", "no-cache"); - headers.add("Content-Disposition", "attachment; filename=" + fileName); - headers.add("Expires", "0"); - InputStreamResource resource = new InputStreamResource(new ByteArrayInputStream(decodedFileData)); - return ResponseEntity.ok().headers(headers).contentLength(decodedFileData.length) - .contentType(MediaType.parseMediaType("application/octet-stream")).body(resource); - } - - @PostMapping(path = "/decodeBase64UrlSafeToFile", consumes = MediaType.TEXT_PLAIN_VALUE, produces = MediaType.APPLICATION_OCTET_STREAM_VALUE) - public ResponseEntity decodeBase64UrlSafeToFile(@RequestBody String stringToDecode, - @RequestParam String fileName) { - byte[] decodedFileData = CryptoUtil.decodeURLSafeBase64(stringToDecode); - HttpHeaders headers = new HttpHeaders(); - headers.add("Cache-Control", "no-cache, no-store, must-revalidate"); - headers.add("Pragma", "no-cache"); - headers.add("Content-Disposition", "attachment; filename=" + fileName); - headers.add("Expires", "0"); - InputStreamResource resource = new InputStreamResource(new ByteArrayInputStream(decodedFileData)); - return ResponseEntity.ok().headers(headers).contentLength(decodedFileData.length) - .contentType(MediaType.parseMediaType("application/octet-stream")).body(resource); - } -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Decrypt.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Decrypt.java deleted file mode 100644 index a5b5da133ff..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Decrypt.java +++ /dev/null @@ -1,518 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import static io.mosip.authentication.core.constant.IdAuthCommonConstants.DEFAULT_AAD_LAST_BYTES_NUM; -import static io.mosip.authentication.core.constant.IdAuthCommonConstants.DEFAULT_SALT_LAST_BYTES_NUM; - -import java.io.IOException; -import java.nio.charset.StandardCharsets; -import java.security.GeneralSecurityException; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.KeyManagementException; -import java.security.KeyStore.PrivateKeyEntry; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.UnrecoverableEntryException; -import java.security.cert.CertificateException; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.MGF1ParameterSpec; -import java.util.Arrays; -import java.util.Collections; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.SecretKey; -import javax.crypto.spec.GCMParameterSpec; -import javax.crypto.spec.OAEPParameterSpec; -import javax.crypto.spec.PSource.PSpecified; -import javax.crypto.spec.SecretKeySpec; - -import org.apache.commons.codec.DecoderException; -import org.apache.commons.codec.binary.Hex; -import org.apache.commons.lang.ArrayUtils; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.operator.OperatorCreationException; -import org.json.JSONException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.core.env.Environment; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpMethod; -import org.springframework.http.HttpRequest; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseCookie; -import org.springframework.http.ResponseEntity; -import org.springframework.http.client.ClientHttpRequestExecution; -import org.springframework.http.client.ClientHttpRequestInterceptor; -import org.springframework.http.client.ClientHttpResponse; -import org.springframework.lang.Nullable; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; -import org.springframework.web.client.RestTemplate; -import org.springframework.web.reactive.function.client.ClientResponse; -import org.springframework.web.reactive.function.client.WebClient; - -import com.fasterxml.jackson.core.JsonParseException; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; - -import io.mosip.authentication.core.constant.IdAuthConfigKeyConstants; -import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants; -import io.mosip.authentication.core.exception.IdAuthUncheckedException; -import io.mosip.authentication.core.logger.IdaLogger; -import io.mosip.authentication.core.util.BytesUtil; -import io.mosip.kernel.core.http.RequestWrapper; -import io.mosip.kernel.core.logger.spi.Logger; -import io.mosip.kernel.core.util.CryptoUtil; -import io.mosip.kernel.core.util.DateUtils; -import io.mosip.testrig.authentication.demo.service.controller.Encrypt.SplittedEncryptedData; -import io.mosip.testrig.authentication.demo.service.dto.CryptomanagerRequestDto; -import io.mosip.testrig.authentication.demo.service.dto.EncryptionResponseDto; -import io.mosip.testrig.authentication.demo.service.helper.CryptoCoreUtil; -import io.mosip.testrig.authentication.demo.service.helper.KeyMgrUtil; -import io.mosip.testrig.authentication.demo.service.helper.PartnerTypes; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation;; - -/** - * The Class Decrypt is used to decrypt the KYC Response. - * @author Arun Bose S - * @author Sanjay Murali - */ -@RestController -@Api(tags = { "Decrypt" }) -public class Decrypt { - - private static final int TAG_LENGTH = 128; - - @Autowired - private Environment env; - - /** The obj mapper. */ - @Autowired - private ObjectMapper objMapper; - - /** The app ID. */ - @Value("${application.id}") - private String appID; - - /** The app ID. */ - @Value("${" + IdAuthConfigKeyConstants.PARTNER_REFERENCE_ID + "}") - private String partnerId; - - /** The encrypt URL. */ - @Value("${mosip.ida.decrypt-url}") - private String decryptURL; - - /** The key splitter. */ - @Value("${" +IdAuthConfigKeyConstants.KEY_SPLITTER+ "}") - private String keySplitter; - - @Autowired - KeyMgrUtil keyMgrUtil; - - @Autowired - Encrypt encrypt; - - @Autowired - CryptoCoreUtil cryptoCoreUtil; - - /** The logger. */ - private static Logger logger = IdaLogger.getLogger(Decrypt.class); - - /** - * Decrypt. - * - * @param data the data - * @return the string - * @throws IOException Signals that an I/O exception has occurred. - * @throws InvalidKeySpecException the invalid key spec exception - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws KeyManagementException the key management exception - */ - @PostMapping(path = "/authRequest/decrypt", produces = MediaType.APPLICATION_JSON_VALUE) - public String decrypt(@RequestBody String data, - @RequestParam(name="refId",required=false) @Nullable String refId, - @RequestParam(name="isInternal",required=false) @Nullable boolean isInternal, - @RequestParam(name="isBiometrics",required=false) @Nullable boolean isBiometrics, - @RequestParam(name="salt",required=false) @Nullable String salt, - @RequestParam(name="aad",required=false) @Nullable String aad) - throws IOException, InvalidKeySpecException, NoSuchAlgorithmException, KeyManagementException { - if (refId == null) { - refId = getRefId(isInternal, isBiometrics); - } - return kernelDecrypt(data, refId, salt, aad); - } - - @PostMapping(path = "/authRequest/decryptSplittedData", produces = MediaType.APPLICATION_JSON_VALUE) - public String decryptSplittedData(@RequestBody SplittedEncryptedData splittedData, - @RequestParam(name="refId",required=false) @Nullable String refId, - @RequestParam(name="isInternal",required=false) @Nullable boolean isInternal, - @RequestParam(name="isInternal",required=false) @Nullable boolean isBiometrics, - @RequestParam(name="salt",required=false) @Nullable String salt, - @RequestParam(name="aad",required=false) @Nullable String aad) - throws IOException, InvalidKeySpecException, NoSuchAlgorithmException, KeyManagementException { - byte[] data = combineToByteArray(splittedData.getEncryptedData(), splittedData.getEncryptedSessionKey()); - if (refId == null) { - refId = getRefId(isInternal, isBiometrics); - } - byte[] bytesFromThumbprint = getBytesFromThumbprint(splittedData.getThumbprint()); - - data = ArrayUtils.addAll(bytesFromThumbprint, data); - return kernelDecrypt(CryptoUtil.encodeToURLSafeBase64(data), refId, salt, aad); - } - - public static byte[] getBytesFromThumbprint(String thumbprint) { - try { - //First try decoding with hex - return decodeHex(thumbprint); - } catch (DecoderException e) { - try { - //Then try decoding with base64 - return CryptoUtil.decodeURLSafeBase64(thumbprint); - } catch (Exception ex) { - throw new IdAuthUncheckedException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, ex); - } - } - } - - public static byte[] decodeHex(String hexData) throws DecoderException{ - return Hex.decodeHex(hexData); - } - - @PostMapping(path = "/authRequest/decryptAuthRequest", produces = MediaType.APPLICATION_JSON_VALUE) - public String decryptAuthRequest(@RequestBody Map authRequestMap) - throws IOException, InvalidKeySpecException, NoSuchAlgorithmException, KeyManagementException, InvalidKeyException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, JSONException { - - boolean isInternal = authRequestMap.get("id").equals("mosip.identity.auth.internal"); - Map outputAuthRequestMap = new LinkedHashMap<>(authRequestMap); - String request = (String) outputAuthRequestMap.get("request"); - String reqSessionKey = (String) outputAuthRequestMap.get("requestSessionKey"); - String thumbprint = (String) outputAuthRequestMap.get("thumbprint"); - - String decryptSplittedData = this.decryptSplittedData(new SplittedEncryptedData(reqSessionKey, request, thumbprint), null, isInternal, false, null, null); - @SuppressWarnings("unchecked") - Map requestMap = objMapper.readValue(decryptSplittedData.getBytes("UTF-8"), Map.class); - outputAuthRequestMap.put("request", requestMap); - - decryptBiometricsInRequestBlock(isInternal, requestMap); - - return objMapper.writeValueAsString(outputAuthRequestMap); - } - - @SuppressWarnings("unchecked") - @PostMapping(path = "/authRequest/decryptBiometricsInRequestBlock", produces = MediaType.APPLICATION_JSON_VALUE) - private Map decryptBiometricsInRequestBlock( - @RequestParam(name="isInternal",required=false) @Nullable boolean isInternal, - @RequestBody Map requestMap) throws IOException, JsonParseException, - JsonMappingException, KeyManagementException, NoSuchAlgorithmException, JSONException, InvalidKeyException, - NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, - InvalidKeySpecException { - List> biometricsMap = (List>) requestMap.get("biometrics"); - decryptBiometricsListOfAuthRequest(isInternal, biometricsMap); - return requestMap; - } - - @SuppressWarnings("unchecked") - @PostMapping(path = "/authRequest/decryptBiometricsListOfAuthRequest", produces = MediaType.APPLICATION_JSON_VALUE) - private List> decryptBiometricsListOfAuthRequest( - @RequestParam(name="isInternal",required=false) @Nullable boolean isInternal, - @RequestBody List> biometricsMap) throws IOException, - JsonParseException, JsonMappingException, KeyManagementException, NoSuchAlgorithmException, JSONException, - InvalidKeyException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, - BadPaddingException, InvalidKeySpecException { - if(biometricsMap != null) { - for(Map segmentMap: biometricsMap) { - String biometricDataStr = (String) segmentMap.get("data"); - Map bioDataMap; - if(isInternal) { - bioDataMap = objMapper.readValue(CryptoUtil.decodeURLSafeBase64(biometricDataStr), Map.class); - } else { - bioDataMap = objMapper.readValue(CryptoUtil.decodeURLSafeBase64(biometricDataStr.split("\\.")[1]), Map.class); - } - segmentMap.put("data", bioDataMap); - - String digitalIdStr = (String) bioDataMap.get("digitalId"); - if(!isInternal && digitalIdStr != null) { - Map bioDigitalIdMap = objMapper.readValue(CryptoUtil.decodeURLSafeBase64(digitalIdStr.split("\\.")[1]), Map.class); - bioDataMap.put("digitalId", bioDigitalIdMap); - } - - String encryptedBioValue = (String) bioDataMap.get("bioValue"); - String timestamp = (String) bioDataMap.get("timestamp"); - String transactionId = (String) bioDataMap.get("transactionId"); - String bioSessionKey = (String) segmentMap.get("sessionKey"); - String thumbprint = (String) segmentMap.get("thumbprint"); - - byte[] bytesFromThumbprint = getBytesFromThumbprint(thumbprint); - - - byte[] data = combineToByteArray(encryptedBioValue, bioSessionKey); - //Check if the data contains thumbprint already - byte[] tpBytes = new byte[bytesFromThumbprint.length]; - System.arraycopy(data, 0, tpBytes, 0, bytesFromThumbprint.length); - if(Arrays.compare(tpBytes, bytesFromThumbprint) != 0) { - data = ArrayUtils.addAll(bytesFromThumbprint, data); - } - - String decryptBiometrics = this.decryptBiometrics(CryptoUtil.encodeToURLSafeBase64(data), timestamp, transactionId, isInternal); - - bioDataMap.put("bioValue", decryptBiometrics); - } - } - return biometricsMap; - } - - @SuppressWarnings({ "unchecked", "rawtypes" }) - @PostMapping(path = "/decryptBiometricValue") - public String decryptBiometrics(@RequestBody String encryptedBioValue, - @RequestParam(name="timestamp",required=false) @Nullable String timestamp, - @RequestParam(name="transactionId",required=false) @Nullable String transactionId, - @RequestParam(name="isInternal",required=false) @Nullable boolean isInternal) - throws KeyManagementException, NoSuchAlgorithmException, IOException, JSONException, InvalidKeyException, - NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, - InvalidKeySpecException { - Encrypt.turnOffSslChecking(); - RestTemplate restTemplate = new RestTemplate(); - ClientHttpRequestInterceptor interceptor = new ClientHttpRequestInterceptor() { - - @Override - public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) - throws IOException { - String authToken = generateAuthToken(); - if(authToken != null && !authToken.isEmpty()) { - request.getHeaders().set("Cookie", "Authorization=" + authToken); - } - return execution.execute(request, body); - } - }; - - restTemplate.setInterceptors(Collections.singletonList(interceptor)); - - - byte[] xorBytes = BytesUtil.getXOR(timestamp, transactionId); - byte[] saltLastBytes = BytesUtil.getLastBytes(xorBytes, env.getProperty(IdAuthConfigKeyConstants.IDA_SALT_LASTBYTES_NUM, Integer.class, DEFAULT_SALT_LAST_BYTES_NUM)); - String salt = CryptoUtil.encodeToURLSafeBase64(saltLastBytes); - byte[] aadLastBytes = BytesUtil.getLastBytes(xorBytes, env.getProperty(IdAuthConfigKeyConstants.IDA_AAD_LASTBYTES_NUM, Integer.class, DEFAULT_AAD_LAST_BYTES_NUM)); - String aad = CryptoUtil.encodeToURLSafeBase64(aadLastBytes); - - CryptomanagerRequestDto request = new CryptomanagerRequestDto(); - request.setApplicationId(appID); - request.setSalt(salt); - request.setAad(aad); - request.setReferenceId(getRefId(isInternal, true)); - request.setData(encryptedBioValue); - request.setTimeStamp(DateUtils.formatToISOString(DateUtils.getUTCCurrentDateTime())); - - HttpEntity> httpEntity = new HttpEntity<>(createRequest(request)); - ResponseEntity response = restTemplate.exchange(decryptURL, HttpMethod.POST, httpEntity, Map.class); - - if(response.getStatusCode() == HttpStatus.OK) { - Map responseMap = (Map) response.getBody().get("response"); - if(responseMap != null) { - //Encode biovalue as plain base64 encoding (not url encoded) - return CryptoUtil.encodeToPlainBase64(CryptoUtil.decodeURLSafeBase64((String) responseMap.get("data"))); - } - } - return null ; - } - - private String getRefId(boolean isInternal, boolean isBiometrics) { - String refId; - if(isBiometrics) { - if (isInternal) { - refId = env.getProperty(IdAuthConfigKeyConstants.INTERNAL_BIO_REFERENCE_ID); - } else { - refId = env.getProperty(IdAuthConfigKeyConstants.PARTNER_BIO_REFERENCE_ID); - } - } else { - if (isInternal) { - refId = env.getProperty(IdAuthConfigKeyConstants.INTERNAL_REFERENCE_ID); - } else { - refId = env.getProperty(IdAuthConfigKeyConstants.PARTNER_REFERENCE_ID); - } - } - return refId; - } - - private byte[] combineToByteArray(String request, String requestSessionKey) { - byte[] encryptedRequest = CryptoUtil.decodeURLSafeBase64(request); - byte[] encryptedSessionKey = CryptoUtil.decodeURLSafeBase64(requestSessionKey); - return CryptoUtil.combineByteArray(encryptedRequest, encryptedSessionKey, keySplitter); - } - - /** - * This method is used to call the kernel decrypt api for decryption. - * - * @param data the data - * @param salt - * @param aad - * @return the string - * @throws KeyManagementException the key management exception - * @throws NoSuchAlgorithmException the no such algorithm exception - */ - @SuppressWarnings({ "unchecked", "rawtypes" }) - public String kernelDecrypt(String data, String refId, String salt, String aad) - throws KeyManagementException, NoSuchAlgorithmException { - Encrypt.turnOffSslChecking(); - RestTemplate restTemplate = new RestTemplate(); - ClientHttpRequestInterceptor interceptor = new ClientHttpRequestInterceptor() { - - @Override - public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) - throws IOException { - String authToken = generateAuthToken(); - if(authToken != null && !authToken.isEmpty()) { - request.getHeaders().set("Cookie", "Authorization=" + authToken); - } - return execution.execute(request, body); - } - }; - - restTemplate.setInterceptors(Collections.singletonList(interceptor)); - - CryptomanagerRequestDto cryptomanagerRequestDto = new CryptomanagerRequestDto(); - cryptomanagerRequestDto.setApplicationId(appID); - cryptomanagerRequestDto.setReferenceId(refId); - cryptomanagerRequestDto.setData(data); - cryptomanagerRequestDto.setAad(aad); - cryptomanagerRequestDto.setSalt(salt); - cryptomanagerRequestDto.setTimeStamp(DateUtils.formatToISOString(DateUtils.getUTCCurrentDateTime())); - - HttpEntity> httpEntity = new HttpEntity<>(createRequest(cryptomanagerRequestDto)); - ResponseEntity response = restTemplate.exchange(decryptURL, HttpMethod.POST, httpEntity, Map.class); - - if(response.getStatusCode() == HttpStatus.OK) { - String responseData = (String) ((Map) response.getBody().get("response")).get("data"); - return new String (CryptoUtil.decodeURLSafeBase64(responseData), StandardCharsets.UTF_8); - } - return null; - } - - /** - * Generate auth token. - * - * @return the string - */ - public String generateAuthToken() { - ObjectNode requestBody = objMapper.createObjectNode(); - requestBody.put("clientId", env.getProperty("auth-token-generator.rest.clientId")); - requestBody.put("secretKey", env.getProperty("auth-token-generator.rest.secretKey")); - requestBody.put("appId", env.getProperty("auth-token-generator.rest.appId")); - RequestWrapper request = new RequestWrapper<>(); - request.setRequesttime(DateUtils.getUTCCurrentDateTime()); - request.setRequest(requestBody); - ClientResponse response = WebClient.create(env.getProperty("auth-token-generator.rest.uri")).post() - .syncBody(request) - .exchange().block(); - logger.info("sessionID", "IDA", "DECRYPT", "AuthResponse :" + response.toEntity(String.class).block().getBody()); - List list = response.cookies().get("Authorization"); - if(list != null && !list.isEmpty()) { - ResponseCookie responseCookie = list.get(0); - return responseCookie.getValue(); - } - return ""; - } - - /** - * Creates the request. - * - * @param the generic type - * @param t the t - * @return the request wrapper - */ - public static RequestWrapper createRequest(T t){ - RequestWrapper request = new RequestWrapper<>(); - request.setRequest(t); - request.setId("ida"); - request.setRequesttime(DateUtils.getUTCCurrentDateTime()); - return request; - } - - @PostMapping(path = "/decryptEkycData", produces = MediaType.TEXT_PLAIN_VALUE) - public String decryptEkycData( - @RequestBody Map requestData, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName - ) throws Exception { - - String identity = requestData.get("identity"); - PrivateKeyEntry ekycKey = keyMgrUtil.getKeyEntry(keyMgrUtil.getKeysDirPath(certsDir, moduleName), PartnerTypes.EKYC, partnerName, keyFileNameByPartnerName); - - String sessionKey = requestData.get("sessionKey"); - - byte[] encSecKey; - byte[] encKycData; - if(sessionKey == null) { - SplittedEncryptedData encryptedData = encrypt.splitEncryptedData(identity); - encSecKey = CryptoUtil.decodeURLSafeBase64(encryptedData.getEncryptedSessionKey()); - encKycData = CryptoUtil.decodeURLSafeBase64(encryptedData.getEncryptedData()); - } else { - encSecKey = CryptoUtil.decodeURLSafeBase64(sessionKey); - encKycData = CryptoUtil.decodeURLSafeBase64(identity); - } - - byte[] decryptedSecrectKey = decryptSecretKey(ekycKey.getPrivateKey(), encSecKey); - - Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5Padding"); //NoPadding - byte[] nonce = Arrays.copyOfRange(encKycData, encKycData.length - cipher.getBlockSize(), encKycData.length); - byte[] encryptedKycData = Arrays.copyOf(encKycData, encKycData.length - cipher.getBlockSize()); - - SecretKey secretKey = new SecretKeySpec(decryptedSecrectKey, 0, decryptedSecrectKey.length, "AES"); - GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(TAG_LENGTH, nonce); - cipher.init(Cipher.DECRYPT_MODE, secretKey, gcmParameterSpec); - - return new String(cipher.doFinal(encryptedKycData), "UTF-8"); - } - - @PostMapping(path = "/decryptWithPartnerKey", produces = MediaType.TEXT_PLAIN_VALUE) - public String decryptWithPartnerKey( - @RequestBody String data, - @RequestParam(name = "partnerType", required = true) PartnerTypes partnerType, - @RequestParam(name = "partnerName", required = false) String partnerName, - @RequestParam(name = "keyFileNameByPartnerName", required = false) boolean keyFileNameByPartnerName, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName - ) throws Exception { - PrivateKeyEntry ekycKey = keyMgrUtil.getKeyEntry(keyMgrUtil.getKeysDirPath(certsDir, moduleName), partnerType, partnerName, keyFileNameByPartnerName); - return cryptoCoreUtil.decrypt(data, ekycKey); - } - - @PostMapping(path = "/asymmetricDecryptionForPrivateKeyP12File") - @ApiOperation(value = "Asymmetric Decrypt using private key p12 file", response = EncryptionResponseDto.class) - public String asymmetricDecryptionForPrivateKeyP12File(@RequestBody String data, - @RequestParam(name = "p12FileName", required = true) String p12FileName, - @RequestParam(name = "keystorePassword", required = true) char[] p12Pass, - @RequestParam(name = "keyAlias", required = true) String keyAlias, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws Exception { - return kernelAsymmetricDecryptForP12File(data, p12FileName, certsDir, moduleName, p12Pass, keyAlias); - } - - private String kernelAsymmetricDecryptForP12File(String data, String p12FileName, String certsDir, - String moduleName, char[] p12Pass, String keyAlias) throws InvalidCipherTextException, NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, CertificateException, OperatorCreationException, GeneralSecurityException, IOException { - return keyMgrUtil.asymmetricDecryptionForP12File(CryptoUtil.decodePlainBase64(data), p12FileName, certsDir, moduleName, p12Pass, keyAlias); - } - - private byte[] decryptSecretKey(PrivateKey privKey, byte[] encKey) throws NoSuchAlgorithmException, NoSuchPaddingException, - InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { - Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING"); - OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, - PSpecified.DEFAULT); - cipher.init(Cipher.DECRYPT_MODE, privKey, oaepParams); - return cipher.doFinal(encKey, 0, encKey.length); - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Encode.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Encode.java deleted file mode 100644 index ad691e53f0d..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Encode.java +++ /dev/null @@ -1,59 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import java.io.IOException; -import java.nio.charset.StandardCharsets; - -//import java.util.Base64; - -import org.springframework.http.MediaType; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestPart; -import org.springframework.web.bind.annotation.RestController; -import org.springframework.web.multipart.MultipartFile; - -import io.mosip.kernel.core.util.CryptoUtil; -import io.swagger.annotations.Api; - -/** - * @author ArunBose S - * @author DineshKaruppiah - * The Class Encode is used to encode the String. - */ -@RestController -@Api(tags = { "Encode" }) -public class Encode { - - /** - * Encode. - * - * @param stringToEncode the string to encode - * @return the string - */ - @PostMapping(path = "/encodeBase64UrlSafe", consumes = MediaType.TEXT_PLAIN_VALUE, produces = MediaType.TEXT_PLAIN_VALUE) - public String encodeBase64UrlSafe(@RequestBody String stringToEncode) { - return CryptoUtil.encodeToURLSafeBase64(stringToEncode.getBytes(StandardCharsets.UTF_8)); - } - - @PostMapping(path = "/encodeBase64Plain", consumes = MediaType.TEXT_PLAIN_VALUE, produces = MediaType.TEXT_PLAIN_VALUE) - public String encodeBase64Plain(@RequestBody String stringToEncode) { - return CryptoUtil.encodeToPlainBase64(stringToEncode.getBytes(StandardCharsets.UTF_8)); - } - - /** - * Encodes the contents of cpeff file. - * - * @param file the file - * @return the string - * @throws IOException Signals that an I/O exception has occurred. - */ - @PostMapping(value = "/encodeToBase64UrlSafeFromFile", produces = MediaType.TEXT_PLAIN_VALUE, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) - public String encodeToBase64UrlSafeFromFile(@RequestPart MultipartFile file) throws IOException { - return CryptoUtil.encodeToURLSafeBase64(file.getBytes()); - } - - @PostMapping(value = "/encodeToBase64PlainFromFile", produces = MediaType.TEXT_PLAIN_VALUE, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) - public String encodeToBase64PlainSafeFromFile(@RequestPart MultipartFile file) throws IOException { - return CryptoUtil.encodeToPlainBase64(file.getBytes()); - } -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Encrypt.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Encrypt.java deleted file mode 100644 index 39e5b9001c3..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Encrypt.java +++ /dev/null @@ -1,609 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import static io.mosip.authentication.core.constant.IdAuthCommonConstants.DEFAULT_AAD_LAST_BYTES_NUM; -import static io.mosip.authentication.core.constant.IdAuthCommonConstants.DEFAULT_SALT_LAST_BYTES_NUM; - -import java.io.ByteArrayInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.nio.charset.StandardCharsets; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.security.GeneralSecurityException; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.PublicKey; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.security.spec.InvalidKeySpecException; -import java.util.Arrays; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.IntStream; - -import javax.crypto.BadPaddingException; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.SecretKey; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; -import javax.xml.bind.DatatypeConverter; - -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.lang.ArrayUtils; -import org.bouncycastle.operator.OperatorCreationException; -import org.json.JSONException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.core.env.Environment; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpMethod; -import org.springframework.http.HttpRequest; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseCookie; -import org.springframework.http.ResponseEntity; -import org.springframework.http.client.ClientHttpRequestExecution; -import org.springframework.http.client.ClientHttpRequestInterceptor; -import org.springframework.http.client.ClientHttpResponse; -import org.springframework.lang.Nullable; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; -import org.springframework.web.client.RestClientException; -import org.springframework.web.client.RestTemplate; -import org.springframework.web.reactive.function.client.ClientResponse; -import org.springframework.web.reactive.function.client.WebClient; -import org.springframework.web.util.UriComponentsBuilder; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; - -import io.mosip.authentication.core.constant.IdAuthConfigKeyConstants; -import io.mosip.authentication.core.logger.IdaLogger; -import io.mosip.authentication.core.util.BytesUtil; -import io.mosip.kernel.core.http.RequestWrapper; -import io.mosip.kernel.core.logger.spi.Logger; -import io.mosip.kernel.core.util.CryptoUtil; -import io.mosip.kernel.core.util.DateUtils; -import io.mosip.kernel.core.util.HMACUtils2; -import io.mosip.testrig.authentication.demo.service.dto.CryptomanagerRequestDto; -import io.mosip.testrig.authentication.demo.service.dto.EncryptionRequestDto; -import io.mosip.testrig.authentication.demo.service.dto.EncryptionResponseDto; -import io.mosip.testrig.authentication.demo.service.helper.CertificateTypes; -import io.mosip.testrig.authentication.demo.service.helper.CryptoUtility; -import io.mosip.testrig.authentication.demo.service.helper.KeyMgrUtil; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; -import lombok.AllArgsConstructor; -import lombok.Data; -import lombok.NoArgsConstructor; - -/** - * The Class Encrypt is used to encrypt the identity block using Kernel Api. - * - * @author Dinesh Karuppiah - */ - -@RestController -@Api(tags = { "Encrypt" }) -public class Encrypt { - - public static final int THUMBPRINT_LENGTH = 20; - - @Autowired - private Environment env; - - /** The Constant ASYMMETRIC_ALGORITHM. */ - private static final String SSL = "SSL"; - - /** The obj mapper. */ - @Autowired - private ObjectMapper objMapper; - - @Autowired - KeyMgrUtil keyMgrUtil; - - /** KeySplitter. */ - @Value("${" + IdAuthConfigKeyConstants.KEY_SPLITTER + "}") - private String keySplitter; - - /** The encrypt URL. */ - @Value("${mosip.ida.publicKey-url}") - private String publicKeyURL; - - /** The app ID. */ - @Value("${application.id}") - private String appID; - - @Autowired - private CryptoUtility cryptoUtil; - - @Value("${mosip.ida.encrypt-url}") - private String encryptURL; - - /** The logger. */ - private static Logger logger = IdaLogger.getLogger(Encrypt.class); - - /** - * Encrypt. - * - * @param encryptionRequestDto the encryption request dto - * @param isInternal the is internal - * @return the encryption response dto - * @throws Exception - */ - @PostMapping(path = "/encrypt") - @ApiOperation(value = "Encrypt Identity with sessionKey and Encrypt Session Key with Public Key", response = EncryptionResponseDto.class) - public EncryptionResponseDto encrypt(@RequestBody EncryptionRequestDto encryptionRequestDto, - @RequestParam(name = "refId", required = false) @Nullable String refId, - @RequestParam(name = "isInternal", required = false) @Nullable boolean isInternal, - @RequestParam(name = "isInternal", required = false) @Nullable boolean isBiometrics) throws Exception { - if (refId == null) { - refId = getRefId(isInternal, isBiometrics); - } - return kernelEncrypt(encryptionRequestDto, refId); - } - - @PostMapping(path = "/asymmetricEncryptionForCertFile") - @ApiOperation(value = "Asymmetric Encrypt data using certificate file", response = EncryptionResponseDto.class) - public String asymmetricEncryptionForCertFile(@RequestBody String data, - @RequestParam(name = "certFileName", required = true) String certFileName, - @RequestParam(name = "certsDir", required = false) String certsDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws Exception { - return kernelAsymmetricEncryptForCertFile(data, certFileName, certsDir, moduleName); - } - - @PostMapping(path = "/asymmetricEncryptionForPublicKeyPEMFile") - @ApiOperation(value = "Asymmetric Encrypt data with public key PEM file", response = EncryptionResponseDto.class) - public String asymmetricEncryptionForPublicKeyPEMFile(@RequestBody String data, - @RequestParam(name = "publicKeyPEMFileName", required = true) String publicKeyPEMFileName, - @RequestParam(name = "keysDir", required = false) String keysDir, - @RequestParam(name = "moduleName", required = false) String moduleName) throws Exception { - return kernelAsymmetricEncryptForPublicKeyPEMFile(data, publicKeyPEMFileName, keysDir, moduleName); - } - - private String kernelAsymmetricEncryptForCertFile(String data, String certFileName, String certsDir, String moduleName) throws OperatorCreationException, IOException, GeneralSecurityException { - return keyMgrUtil.asymmetricEncryptionForCert(data.getBytes(), certFileName, certsDir, moduleName); - } - - private String kernelAsymmetricEncryptForPublicKeyPEMFile(String data, String publicKeyPEMFile, String certsDir, String moduleName) throws OperatorCreationException, IOException, GeneralSecurityException { - return keyMgrUtil.asymmetricEncryptionForPemFile(data.getBytes(), publicKeyPEMFile, certsDir, moduleName); - } - - /** - * this method is used to call Kernel encrypt api. - * - * @param encryptionRequestDto the encryption request dto - * @param isInternal the is internal - * @return the encryption response dto - * @throws Exception - */ - private EncryptionResponseDto kernelEncrypt(EncryptionRequestDto encryptionRequestDto, String refId) - throws Exception { - String identityBlock = objMapper.writeValueAsString(encryptionRequestDto.getIdentityRequest()); - SecretKey secretKey = cryptoUtil.genSecKey(); - EncryptionResponseDto encryptionResponseDto = new EncryptionResponseDto(); - byte[] encryptedIdentityBlock = cryptoUtil.symmetricEncrypt(identityBlock.getBytes(StandardCharsets.UTF_8), - secretKey); - encryptionResponseDto.setEncryptedIdentity(Base64.encodeBase64URLSafeString(encryptedIdentityBlock)); - X509Certificate x509Cert = getCertificate(refId); - PublicKey publicKey = x509Cert.getPublicKey(); - byte[] encryptedSessionKeyByte = cryptoUtil.asymmetricEncrypt((secretKey.getEncoded()), publicKey); - encryptionResponseDto.setEncryptedSessionKey(Base64.encodeBase64URLSafeString(encryptedSessionKeyByte)); - byte[] byteArr = cryptoUtil.symmetricEncrypt(Encrypt - .digestAsPlainText(HMACUtils2.generateHash(identityBlock.getBytes(StandardCharsets.UTF_8))).getBytes(), - secretKey); - encryptionResponseDto.setRequestHMAC(Base64.encodeBase64URLSafeString(byteArr)); - return encryptionResponseDto; - } - - @SuppressWarnings({ "rawtypes", "unchecked" }) - @PostMapping(path = "/encryptBiometricValue") - - public SplittedEncryptedData encryptBiometrics(@RequestBody String bioValue, - @RequestParam(name = "timestamp", required = false) @Nullable String timestamp, - @RequestParam(name = "transactionId", required = false) @Nullable String transactionId, - @RequestParam(name = "isInternal", required = false) @Nullable boolean isInternal) - throws Exception { - RestTemplate restTemplate = createRestTemplate(); - - byte[] xorBytes = BytesUtil.getXOR(timestamp, transactionId); - byte[] saltLastBytes = BytesUtil.getLastBytes(xorBytes, env.getProperty( - IdAuthConfigKeyConstants.IDA_SALT_LASTBYTES_NUM, Integer.class, DEFAULT_SALT_LAST_BYTES_NUM)); - String salt = CryptoUtil.encodeToURLSafeBase64(saltLastBytes); - byte[] aadLastBytes = BytesUtil.getLastBytes(xorBytes, env.getProperty( - IdAuthConfigKeyConstants.IDA_AAD_LASTBYTES_NUM, Integer.class, DEFAULT_AAD_LAST_BYTES_NUM)); - String aad = CryptoUtil.encodeToURLSafeBase64(aadLastBytes); - - CryptomanagerRequestDto request = new CryptomanagerRequestDto(); - request.setApplicationId(appID); - request.setSalt(salt); - request.setAad(aad); - request.setReferenceId(getRefId(isInternal, true)); - request.setData(bioValue); - request.setTimeStamp(timestamp); - - HttpEntity> httpEntity = new HttpEntity<>(createRequest(request)); - ResponseEntity response = restTemplate.exchange(encryptURL, HttpMethod.POST, httpEntity, Map.class); - - if (response.getStatusCode() == HttpStatus.OK) { - String responseData = (String) ((Map) response.getBody().get("response")).get("data"); - SplittedEncryptedData splitedEncryptedData = splitEncryptedData(responseData); - return splitedEncryptedData; - } - return null; - } - - public RestTemplate createRestTemplate() throws NoSuchAlgorithmException, KeyManagementException { - Encrypt.turnOffSslChecking(); - RestTemplate restTemplate = new RestTemplate(); - ClientHttpRequestInterceptor interceptor = new ClientHttpRequestInterceptor() { - - @Override - public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) - throws IOException { - String authToken = generateAuthToken(); - if (authToken != null && !authToken.isEmpty()) { - request.getHeaders().set("Cookie", "Authorization=" + authToken); - } - return execution.execute(request, body); - } - }; - - restTemplate.setInterceptors(Collections.singletonList(interceptor)); - return restTemplate; - } - - /** - * Creates the request. - * - * @param the generic type - * @param t the t - * @return the request wrapper - */ - public static RequestWrapper createRequest(T t) { - RequestWrapper request = new RequestWrapper<>(); - request.setRequest(t); - request.setId("ida"); - request.setRequesttime(DateUtils.getUTCCurrentDateTime()); - return request; - } - - @PostMapping(path = "/splitEncryptedData", produces = MediaType.APPLICATION_JSON_VALUE) - public SplittedEncryptedData splitEncryptedData(@RequestBody String data) throws Exception { - boolean encryptedDataHasVersion = env.getProperty("encryptedDataHasVersion", boolean.class, false); - byte[] dataBytes = CryptoUtil.decodeURLSafeBase64(data); - byte[][] splits = splitAtFirstOccurance(dataBytes, keySplitter.getBytes()); - byte[] thumbPrintAndSessionKey = splits[0]; - byte[] sessionKey; - byte[] thumbPrint; - - if (thumbPrintAndSessionKey.length >= 288) { - thumbPrint = Arrays.copyOfRange(thumbPrintAndSessionKey, thumbPrintAndSessionKey.length - 288, - thumbPrintAndSessionKey.length - 256);// Skip the 6 bytes version and take 32 bytes - sessionKey = Arrays.copyOfRange(thumbPrintAndSessionKey, thumbPrintAndSessionKey.length - 256, - thumbPrintAndSessionKey.length); - } - else { - throw new Exception("Invalid Encrypted Session Key"); } - - byte[] encryptedData = splits[1]; - return new SplittedEncryptedData(CryptoUtil.encodeToURLSafeBase64(sessionKey), CryptoUtil.encodeToURLSafeBase64(encryptedData), digestAsPlainText(thumbPrint)); - } - - @PostMapping(path = "/combineDataToEncrypt", consumes = MediaType.APPLICATION_JSON_VALUE) - public String combineDataToEncrypt(@RequestBody SplittedEncryptedData splittedData) { - return CryptoUtil - .encodeToURLSafeBase64(CryptoUtil.combineByteArray(CryptoUtil.decodeURLSafeBase64(splittedData.getEncryptedData()), - CryptoUtil.decodeURLSafeBase64(splittedData.getEncryptedSessionKey()), keySplitter)); - } - - private static byte[][] splitAtFirstOccurance(byte[] strBytes, byte[] sepBytes) { - int index = findIndex(strBytes, sepBytes); - if (index >= 0) { - byte[] bytes1 = new byte[index]; - byte[] bytes2 = new byte[strBytes.length - (bytes1.length + sepBytes.length)]; - System.arraycopy(strBytes, 0, bytes1, 0, bytes1.length); - System.arraycopy(strBytes, (bytes1.length + sepBytes.length), bytes2, 0, bytes2.length); - return new byte[][] { bytes1, bytes2 }; - } else { - return new byte[][] { strBytes, new byte[0] }; - } - } - - private static int findIndex(byte arr[], byte[] subarr) { - int len = arr.length; - int subArrayLen = subarr.length; - return IntStream.range(0, len).filter(currentIndex -> { - if ((currentIndex + subArrayLen) <= len) { - byte[] sArray = new byte[subArrayLen]; - System.arraycopy(arr, currentIndex, sArray, 0, subArrayLen); - return Arrays.equals(sArray, subarr); - } - return false; - }).findFirst() // first occurence - .orElse(-1); // No element found - } - - /** - * Gets the encrypted value. - * - * @param data the data - * @param isInternal the is internal - * @return the encrypted value - * @throws IOException Signals that an I/O exception has occurred. - * @throws KeyManagementException the key management exception - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws RestClientException the rest client exception - * @throws JSONException the JSON exception - * @throws CertificateException - */ - @SuppressWarnings({ "unchecked", "rawtypes" }) - public X509Certificate getCertificate(String refId) throws IOException, KeyManagementException, - NoSuchAlgorithmException, RestClientException, JSONException, CertificateException { - turnOffSslChecking(); - RestTemplate restTemplate = new RestTemplate(); - ClientHttpRequestInterceptor interceptor = new ClientHttpRequestInterceptor() { - - @Override - public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) - throws IOException { - String authToken = generateAuthToken(); - if (authToken != null && !authToken.isEmpty()) { - request.getHeaders().set("Cookie", "Authorization=" + authToken); - } - return execution.execute(request, body); - } - }; - - restTemplate.setInterceptors(Collections.singletonList(interceptor)); - - Map uriParams = new HashMap<>(); - UriComponentsBuilder builder = UriComponentsBuilder.fromUriString(publicKeyURL) - .queryParam("applicationId", appID).queryParam("referenceId", refId); - ResponseEntity response = restTemplate.exchange(builder.build(uriParams), HttpMethod.GET, null, Map.class); - String certificate = (String) ((Map) response.getBody().get("response")).get("certificate"); - - certificate = JWSSignAndVerifyController.trimBeginEnd(certificate); - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - X509Certificate x509cert = (X509Certificate) cf - .generateCertificate(new ByteArrayInputStream(java.util.Base64.getDecoder().decode(certificate))); - return x509cert; - } - - public String getRefId(boolean isInternal, boolean isBiometrics) { - String refId; - if (isBiometrics) { - if (isInternal) { - refId = env.getProperty(IdAuthConfigKeyConstants.INTERNAL_BIO_REFERENCE_ID); - } else { - refId = env.getProperty(IdAuthConfigKeyConstants.PARTNER_BIO_REFERENCE_ID); - } - } else { - if (isInternal) { - refId = env.getProperty(IdAuthConfigKeyConstants.INTERNAL_REFERENCE_ID); - } else { - refId = env.getProperty(IdAuthConfigKeyConstants.PARTNER_REFERENCE_ID); - } - } - return refId; - } - - /** - * Generate auth token. - * - * @return the string - */ - private String generateAuthToken() { - ObjectNode requestBody = objMapper.createObjectNode(); - requestBody.put("clientId", env.getProperty("auth-token-generator.rest.clientId")); - requestBody.put("secretKey", env.getProperty("auth-token-generator.rest.secretKey")); - requestBody.put("appId", env.getProperty("auth-token-generator.rest.appId")); - RequestWrapper request = new RequestWrapper<>(); - request.setRequesttime(DateUtils.getUTCCurrentDateTime()); - request.setRequest(requestBody); - ClientResponse response = WebClient.create(env.getProperty("auth-token-generator.rest.uri")).post() - .syncBody(request).exchange().block(); - logger.info("sessionID", "IDA", "ENCRYPT", - "AuthResponse :" + response.toEntity(String.class).block().getBody()); - List list = response.cookies().get("Authorization"); - if (list != null && !list.isEmpty()) { - ResponseCookie responseCookie = list.get(0); - return responseCookie.getValue(); - } - return ""; - } - - /** - * Gets the headers. - * - * @param req the req - * @return the headers - */ - @SuppressWarnings("unused") - private HttpEntity getHeaders(CryptomanagerRequestDto req) { - HttpHeaders headers = new HttpHeaders(); - headers.set("Accept", MediaType.APPLICATION_JSON_VALUE); - return new HttpEntity(req, headers); - } - - @PostMapping(path = "/prependThumbprintToDecrypt", consumes = MediaType.APPLICATION_JSON_VALUE) - public String prependThumbprintToDecrypt(@RequestBody SplittedData splittedData) { - return CryptoUtil.encodeToURLSafeBase64( - ArrayUtils.addAll(CryptoUtil.decodeURLSafeBase64(splittedData.getThumbprint()), CryptoUtil.decodeURLSafeBase64(splittedData.getEncryptedData()))); - } - - /** - * The Constant UNQUESTIONING_TRUST_MANAGER nullifies the check for certificates - * for SSL Connection - */ - private static final TrustManager[] UNQUESTIONING_TRUST_MANAGER = new TrustManager[] { new X509TrustManager() { - public java.security.cert.X509Certificate[] getAcceptedIssuers() { - return null; - } - - public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) - throws CertificateException { - } - - public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String arg1) - throws CertificateException { - } - } }; - - /** - * Turns off the ssl checking. - * - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws KeyManagementException the key management exception - */ - public static void turnOffSslChecking() throws NoSuchAlgorithmException, KeyManagementException { - // Install the all-trusting trust manager - final SSLContext sc = SSLContext.getInstance(Encrypt.SSL); - sc.init(null, UNQUESTIONING_TRUST_MANAGER, null); - HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); - } - - public static class SplittedEncryptedData { - private String encryptedSessionKey; - private String encryptedData; - private String thumbprint; - - public SplittedEncryptedData() { - super(); - } - - public SplittedEncryptedData(String encryptedSessionKey, String encryptedData) { - super(); - this.encryptedData = encryptedData; - this.encryptedSessionKey = encryptedSessionKey; - } - - public SplittedEncryptedData(String encryptedSessionKey, String encryptedData, String thumbprint) { - super(); - this.encryptedData = encryptedData; - this.encryptedSessionKey = encryptedSessionKey; - this.thumbprint = thumbprint; - } - - public String getEncryptedData() { - return encryptedData; - } - - public void setEncryptedData(String encryptedData) { - this.encryptedData = encryptedData; - } - - public String getEncryptedSessionKey() { - return encryptedSessionKey; - } - - public void setEncryptedSessionKey(String encryptedSessionKey) { - this.encryptedSessionKey = encryptedSessionKey; - } - - public String getThumbprint() { - return thumbprint; - } - - public void setThumbprint(String thumbprint) { - this.thumbprint = thumbprint; - } - } - - public static String digestAsPlainText(byte[] data) { - return DatatypeConverter.printHexBinary(data).toUpperCase(); - } - - @Data - @NoArgsConstructor - @AllArgsConstructor - public static class SplittedData { - private String thumbprint; - private String encryptedData; - } - - public EncryptionResponseDto encrypt(EncryptionRequestDto encryptionRequestDto, boolean isInternal, String dirPath) throws CertificateException, IOException, - InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { - X509Certificate x509Cert = isInternal ? getCertificate(dirPath, CertificateTypes.INTERNAL.getFileName()) : - getCertificate(dirPath, CertificateTypes.PARTNER.getFileName()); - - return kernelEncrypt(encryptionRequestDto, x509Cert); - } - - private EncryptionResponseDto kernelEncrypt(EncryptionRequestDto encryptionRequestDto, X509Certificate x509Cert) throws JsonProcessingException, NoSuchAlgorithmException, - InvalidKeyException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { - String identityBlock = objMapper.writeValueAsString(encryptionRequestDto.getIdentityRequest()); - SecretKey secretKey = cryptoUtil.genSecKey(); - EncryptionResponseDto encryptionResponseDto = new EncryptionResponseDto(); - byte[] encryptedIdentityBlock = cryptoUtil.symmetricEncrypt(identityBlock.getBytes(StandardCharsets.UTF_8), - secretKey); - encryptionResponseDto.setEncryptedIdentity(Base64.encodeBase64URLSafeString(encryptedIdentityBlock)); - PublicKey publicKey = x509Cert.getPublicKey(); - byte[] encryptedSessionKeyByte = cryptoUtil.asymmetricEncrypt((secretKey.getEncoded()), publicKey); - encryptionResponseDto.setEncryptedSessionKey(Base64.encodeBase64URLSafeString(encryptedSessionKeyByte)); - byte[] byteArr = cryptoUtil.symmetricEncrypt(Encrypt - .digestAsPlainText(HMACUtils2.generateHash(identityBlock.getBytes(StandardCharsets.UTF_8))).getBytes(), - secretKey); - encryptionResponseDto.setRequestHMAC(Base64.encodeBase64URLSafeString(byteArr)); - return encryptionResponseDto; - } - - private X509Certificate getCertificate(String dirPath, String fileName) throws CertificateException, IOException { - Path path = Paths.get(dirPath + "/" + fileName); - if (!Files.exists(path)){ - throw new FileNotFoundException("Certificate File Not found in temp directory. FileName: " + fileName); - } - String certificateData = Files.readString(path); - return (X509Certificate) keyMgrUtil.convertToCertificate(certificateData); - } - - public SplittedEncryptedData encryptBio(String bioValue, String timestamp, String transactionId, boolean isInternal, String dirPath) - throws KeyManagementException, NoSuchAlgorithmException, IOException, JSONException, InvalidKeyException, - NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, - InvalidKeySpecException, CertificateException { - - X509Certificate x509Cert = isInternal ? getCertificate(dirPath, CertificateTypes.INTERNAL.getFileName()) : - getCertificate(dirPath, CertificateTypes.IDA_FIR.getFileName()); - - byte[] xorBytes = BytesUtil.getXOR(timestamp, transactionId); - byte[] saltLastBytes = BytesUtil.getLastBytes(xorBytes, env.getProperty( - IdAuthConfigKeyConstants.IDA_SALT_LASTBYTES_NUM, Integer.class, DEFAULT_SALT_LAST_BYTES_NUM)); - byte[] aadLastBytes = BytesUtil.getLastBytes(xorBytes, env.getProperty( - IdAuthConfigKeyConstants.IDA_AAD_LASTBYTES_NUM, Integer.class, DEFAULT_AAD_LAST_BYTES_NUM)); - - SecretKey secretKey = cryptoUtil.genSecKey(); - byte[] encryptedBioBlock = cryptoUtil.symmetricEncrypt(CryptoUtil.decodePlainBase64(bioValue), - secretKey, saltLastBytes, aadLastBytes); - - PublicKey publicKey = x509Cert.getPublicKey(); - byte[] encryptedSessionKeyByte = cryptoUtil.asymmetricEncrypt(secretKey.getEncoded(), publicKey); - return new SplittedEncryptedData(CryptoUtil.encodeToURLSafeBase64(encryptedSessionKeyByte), CryptoUtil.encodeToURLSafeBase64(encryptedBioBlock)); - - } - - public X509Certificate getCertificate(boolean isInternal, String dirPath) throws CertificateException, IOException { - - return isInternal ? getCertificate(dirPath, CertificateTypes.INTERNAL.getFileName()) : - getCertificate(dirPath, CertificateTypes.PARTNER.getFileName()); - } - - public X509Certificate getBioCertificate(boolean isInternal, String dirPath) throws CertificateException, IOException { - - return isInternal ? getCertificate(dirPath, CertificateTypes.INTERNAL.getFileName()) : - getCertificate(dirPath, CertificateTypes.IDA_FIR.getFileName()); - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/JWSSignAndVerifyController.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/JWSSignAndVerifyController.java deleted file mode 100644 index fc1a7d15618..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/JWSSignAndVerifyController.java +++ /dev/null @@ -1,355 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import java.io.BufferedReader; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.UnsupportedEncodingException; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.UnrecoverableEntryException; -import java.security.KeyStore.PrivateKeyEntry; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.security.spec.InvalidKeySpecException; -import java.util.Collections; -import java.util.List; -import java.util.Objects; - -import javax.ws.rs.core.MediaType; - -import org.bouncycastle.operator.OperatorCreationException; -import org.jose4j.jws.JsonWebSignature; -import org.jose4j.lang.JoseException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.core.ParameterizedTypeReference; -import org.springframework.core.env.Environment; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpMethod; -import org.springframework.http.HttpRequest; -import org.springframework.http.ResponseCookie; -import org.springframework.http.ResponseEntity; -import org.springframework.http.client.ClientHttpRequestExecution; -import org.springframework.http.client.ClientHttpRequestInterceptor; -import org.springframework.http.client.ClientHttpResponse; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RestController; -import org.springframework.web.client.RestTemplate; -import org.springframework.web.reactive.function.client.ClientResponse; -import org.springframework.web.reactive.function.client.WebClient; - -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; - -import io.mosip.kernel.core.http.RequestWrapper; -import io.mosip.kernel.core.http.ResponseWrapper; -import io.mosip.kernel.core.util.CryptoUtil; -import io.mosip.kernel.core.util.DateUtils; -import io.mosip.kernel.crypto.jce.core.CryptoCore; -import io.mosip.kernel.signature.dto.JWTSignatureRequestDto; -import io.mosip.kernel.signature.dto.JWTSignatureResponseDto; -import io.mosip.testrig.authentication.demo.service.helper.KeyMgrUtil; -import io.mosip.testrig.authentication.demo.service.helper.PartnerTypes; -import io.swagger.annotations.Api; -import lombok.Data; - -// -/** - * @author Sanjay Murali The Class JWSSignAndVerifyController is used to - * digitally sign the request. - */ -@RestController -@Api(tags = { "JWS Signature" }) -public class JWSSignAndVerifyController { - - @Autowired - private CryptoCore cryptoCore; - - /** The sign applicationid. */ - @Value("${mosip.sign.applicationid:KERNEL}") - private String signApplicationid; - - /** The sign refid. */ - @Value("${mosip.sign.refid:SIGN}") - private String signRefid; - - /** The obj mapper. */ - @Autowired - private ObjectMapper objMapper; - - @Autowired - private Environment env; - - private static final String SIGN_ALGO = "RS256"; - - @Autowired - KeyMgrUtil keyMgrUtil; - - /** - * Sign. - * - * @param data the data - * @return the string - * @throws KeyStoreException the key store exception - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws CertificateException the certificate exception - * @throws IOException Signals that an I/O exception has - * occurred. - * @throws UnrecoverableEntryException the unrecoverable entry exception - * @throws JoseException the jose exception - * @throws InvalidKeySpecException the invalid key spec exception - * @throws KeyManagementException - * @throws UnsupportedEncodingException - */ - @PostMapping(path = "/sign", consumes = MediaType.TEXT_PLAIN, produces = MediaType.TEXT_PLAIN) - public String sign(@RequestBody String data, boolean isPayloadRequired) - throws KeyManagementException, NoSuchAlgorithmException, UnsupportedEncodingException { - Encrypt.turnOffSslChecking(); - RestTemplate restTemplate = new RestTemplate(); - ClientHttpRequestInterceptor interceptor = new ClientHttpRequestInterceptor() { - - @Override - public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) - throws IOException { - String authToken = generateAuthToken(); - if (authToken != null && !authToken.isEmpty()) { - request.getHeaders().set("Cookie", "Authorization=" + authToken); - } - return execution.execute(request, body); - } - }; - - restTemplate.setInterceptors(Collections.singletonList(interceptor)); - - JWTSignatureRequestDto request = new JWTSignatureRequestDto(); - request.setApplicationId("IDA"); - request.setDataToSign(CryptoUtil.encodeToURLSafeBase64(data.getBytes("UTF-8"))); - request.setIncludeCertHash(true); - request.setIncludeCertificate(true); - request.setIncludePayload(isPayloadRequired); - request.setReferenceId(signRefid); - RequestWrapper requestWrapper = new RequestWrapper<>(); - requestWrapper.setRequest(request); - HttpEntity> requestEntity = new HttpEntity<>(requestWrapper); - ResponseEntity> exchange = restTemplate.exchange( - env.getProperty("ida.internal.jwtSign.url"), HttpMethod.POST, requestEntity, - new ParameterizedTypeReference>() { - }); - return exchange.getBody().getResponse().getJwtSignedData(); -// FileInputStream pkeyfis = new FileInputStream("lib/Keystore/PrivateKey.pem"); -// String pKey = getFileContent(pkeyfis, "UTF-8"); -// FileInputStream certfis = new FileInputStream("lib/Keystore/MosipTestCert.pem"); -// String cert = getFileContent(certfis, "UTF-8"); -// pKey = trimBeginEnd(pKey); -// cert = trimBeginEnd(cert); -// CertificateFactory cf = CertificateFactory.getInstance("X.509"); -// X509Certificate certificate = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(cert))); -// KeyFactory kf = KeyFactory.getInstance("RSA"); -// PrivateKey privateKey = kf.generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(pKey))); -// -// return cryptoCore.sign(data.getBytes("UTF-8"), privateKey, certificate); - - } - - private String generateAuthToken() { - ObjectNode requestBody = objMapper.createObjectNode(); - requestBody.put("clientId", env.getProperty("auth-token-generator.rest.clientId")); - requestBody.put("secretKey", env.getProperty("auth-token-generator.rest.secretKey")); - requestBody.put("appId", env.getProperty("auth-token-generator.rest.appId")); - RequestWrapper request = new RequestWrapper<>(); - request.setRequesttime(DateUtils.getUTCCurrentDateTime()); - request.setRequest(requestBody); - ClientResponse response = WebClient.create(env.getProperty("auth-token-generator.rest.uri")).post() - .syncBody(request).exchange().block(); - List list = response.cookies().get("Authorization"); - if (list != null && !list.isEmpty()) { - ResponseCookie responseCookie = list.get(0); - return responseCookie.getValue(); - } - return ""; - } - - public static String trimBeginEnd(String pKey) { - pKey = pKey.replaceAll("-*BEGIN([^-]*)-*(\r?\n)?", ""); - pKey = pKey.replaceAll("-*END([^-]*)-*(\r?\n)?", ""); - pKey = pKey.replaceAll("\\s", ""); - return pKey; - } - - /** - * Sign. - * - * @param data the data - * @return the string - * @throws KeyStoreException the key store exception - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws CertificateException the certificate exception - * @throws IOException Signals that an I/O exception has - * occurred. - * @throws UnrecoverableEntryException the unrecoverable entry exception - * @throws JoseException the jose exception - * @throws InvalidKeySpecException the invalid key spec exception - */ - @PostMapping(path = "/verify", consumes = MediaType.TEXT_PLAIN, produces = MediaType.APPLICATION_JSON) - public SignatureStatus verify(@RequestBody String jwsSignature) throws KeyStoreException, NoSuchAlgorithmException, - CertificateException, IOException, UnrecoverableEntryException, JoseException, InvalidKeySpecException { - SignatureStatus status = new SignatureStatus(); - if (cryptoCore.verifySignature(jwsSignature)) { - status.setStatus("VALID"); - status.setPayload(getPayloadFromJwsSingature(jwsSignature)); - } else { - status.setStatus("INVALID"); - } - return status; - } - - @PostMapping(path = "/getSplittedPayloadSectionFromJWS", consumes = MediaType.TEXT_PLAIN, produces = MediaType.TEXT_PLAIN) - public String getSplittedPayloadSectionFromJwsSingature(@RequestBody String jws) { - String[] split = jws.split("\\."); - if (split.length >= 2) { - return split[1]; - } - return jws; - } - - @PostMapping(path = "/getPayloadFromJWS", consumes = MediaType.TEXT_PLAIN, produces = MediaType.TEXT_PLAIN) - public String getPayloadFromJwsSingature(@RequestBody String jws) { - return new String(CryptoUtil.decodeURLSafeBase64(getSplittedPayloadSectionFromJwsSingature(jws))); - } - - /** - * Gets the file content. - * - * @param fis the fis - * @param encoding the encoding - * @return the file content - * @throws IOException Signals that an I/O exception has occurred. - */ - public static String getFileContent(FileInputStream fis, String encoding) throws IOException { - try (BufferedReader br = new BufferedReader(new InputStreamReader(fis, encoding))) { - StringBuilder sb = new StringBuilder(); - String line; - while ((line = br.readLine()) != null) { - sb.append(line); - sb.append('\n'); - } - return sb.toString(); - } - } - - /* - * private String dynamicCertificateAndSign(String data) throws IOException, - * NoSuchAlgorithmException, CertificateException, InvalidKeyException, - * NoSuchProviderException, SignatureException, CertificateParsingException, - * CertificateEncodingException, JoseException { String commonName = "sanz"; - * String organizationalUnit = " Hi-Tech World"; String organization = - * "XYZ Limited"; String country = "india"; - * - * int keySize = 2048; int validDays = 9999; X500Name distinguishedName = new - * X500Name(commonName, organizationalUnit, organization, country); KeyPair kp = - * generateRSAKeyPair(keySize); - * - * PrivateKey privkey = kp.getPrivate(); X509CertInfo info = new X509CertInfo(); - * - * Date since = new Date(); // Since Now Date until = new Date(since.getTime() + - * validDays * 86400000l); // Until x days (86400000 milliseconds in one // day) - * - * CertificateValidity interval = new CertificateValidity(since, until); - * BigInteger sn = new BigInteger(64, new SecureRandom()); - * - * info.set(X509CertInfo.VALIDITY, interval); - * info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn)); - * info.set(X509CertInfo.SUBJECT, distinguishedName); - * info.set(X509CertInfo.ISSUER, distinguishedName); info.set(X509CertInfo.KEY, - * new CertificateX509Key(kp.getPublic())); info.set(X509CertInfo.VERSION, new - * CertificateVersion(CertificateVersion.V3)); - * - * AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid); - * info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo)); - * - * // Sign the cert to identify the algorithm that is used. X509CertImpl cert = - * new X509CertImpl(info); cert.sign(privkey, "SHA1withRSA"); - * - * // Update the algorithm and sign again algo = (AlgorithmId) - * cert.get(X509CertImpl.SIG_ALG); info.set(CertificateAlgorithmId.NAME + "." + - * CertificateAlgorithmId.ALGORITHM, algo); - * - * cert = new X509CertImpl(info); cert.sign(privkey, "SHA1withRSA"); - * CertificateFactory cf = CertificateFactory.getInstance("X.509"); - * X509Certificate certificate = (X509Certificate) cf .generateCertificate(new - * ByteArrayInputStream(cert.getEncoded())); List certList = - * new ArrayList<>(); certList.add(certificate); X509Certificate[] certArray = - * certList.toArray(new X509Certificate[] {}); - * - * JsonWebSignature jws = new JsonWebSignature(); - * jws.setCertificateChainHeaderValue(certArray); - * jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256); byte[] - * emptyArray = new byte[0]; - * jws.setPayload(HMACUtils.digestAsPlainText(HMACUtils.generateHash(emptyArray) - * )); jws.setKey(kp.getPrivate()); - * - * return jws.getCompactSerialization(); } - * - * private static KeyPair generateRSAKeyPair(int keySize) throws - * NoSuchAlgorithmException { - * - * KeyPairGenerator kpg; - * - * kpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize(keySize); - * - * KeyPair kp = kpg.genKeyPair(); - * - * return kp; } - */ - - @Data - public static class SignatureStatus { - private String status; - private String payload; - - } - - public String sign(String dataToSign, - boolean includePayload, - boolean includeCertificate, - boolean includeCertHash, - String certificateUrl, - String dirPath, - PartnerTypes partnerType, - String organizationName, - boolean keyFileNameByPartnerName) throws JoseException, NoSuchAlgorithmException, UnrecoverableEntryException, - KeyStoreException, CertificateException, IOException, OperatorCreationException { - - JsonWebSignature jwSign = new JsonWebSignature(); - PrivateKeyEntry keyEntry = keyMgrUtil.getKeyEntry(dirPath, partnerType, organizationName, - keyFileNameByPartnerName); - if (Objects.isNull(keyEntry)) { - throw new KeyStoreException("Key file not available for partner type: " + partnerType.toString()); - } - - PrivateKey privateKey = keyEntry.getPrivateKey(); - X509Certificate x509Certificate = (X509Certificate) keyEntry.getCertificate(); - if (includeCertificate) - jwSign.setCertificateChainHeaderValue(new X509Certificate[] { x509Certificate }); - - if (includeCertHash) - jwSign.setX509CertSha256ThumbprintHeaderValue(x509Certificate); - - if (Objects.nonNull(certificateUrl)) - jwSign.setHeader("x5u", certificateUrl); - - jwSign.setPayload(dataToSign); - jwSign.setAlgorithmHeaderValue(SIGN_ALGO); - jwSign.setKey(privateKey); - jwSign.setDoKeyValidation(false); - if (includePayload) - return jwSign.getCompactSerialization(); - - return jwSign.getDetachedContentCompactSerialization(); - - } -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/SQLPerformanceController.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/SQLPerformanceController.java deleted file mode 100644 index e70f2080ef8..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/SQLPerformanceController.java +++ /dev/null @@ -1,82 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import java.sql.Connection; -import java.sql.DriverManager; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; -import java.sql.SQLException; -import java.sql.Statement; -import java.time.Duration; -import java.time.LocalDateTime; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.MediaType; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - -import io.mosip.authentication.core.logger.IdaLogger; -import io.mosip.kernel.core.logger.spi.Logger; -import io.mosip.testrig.authentication.demo.service.helper.DBUtil; -import io.swagger.annotations.Api; - -@RestController -@Api(tags = { "SQL Performance" }) -public class SQLPerformanceController { - - /** The logger. */ - private static Logger logger = IdaLogger.getLogger(SQLPerformanceController.class); - - @Autowired - private DBUtil dbUtil; - - @PostMapping(path = "/selectQueryWithTime", consumes = MediaType.TEXT_PLAIN_VALUE, produces = MediaType.APPLICATION_JSON_VALUE) - public Map selectQueryWithTime(@RequestBody String sqlQuery, - @RequestParam(name = "dbName", required = false, defaultValue=DBUtil.IDA) String dbName) { - - String jdbcUrl = dbUtil.getDbUrl(dbName); - String username = dbUtil.getDbUser(dbName); - String password = dbUtil.getDbPass(dbName); - - try (Connection conn = DriverManager.getConnection(jdbcUrl, username, password); - Statement stmt = conn.createStatement(); - ) { - LocalDateTime start = LocalDateTime.now(); - try( - ResultSet resultSet = stmt.executeQuery(sqlQuery);) { - LocalDateTime end = LocalDateTime.now(); - - HashMap responseMap = new HashMap<>(); - List> resultSetToList = resultSetToList(resultSet); - responseMap.put("ResultSet", resultSetToList); - responseMap.put("QueryTimeMilliSeconds", Duration.between(start, end).toMillis()); - return responseMap; - } - } catch (SQLException e) { - logger.info("sessionID", "IDA", "selectQueryWithTime", "SQLException :" + e.getMessage()); - HashMap responseMap = new HashMap<>(); - responseMap.put("ErrorResult", e.getMessage()); - return responseMap; - } - } - - private List> resultSetToList(ResultSet rs) throws SQLException { - ResultSetMetaData md = rs.getMetaData(); - int columns = md.getColumnCount(); - List> rows = new ArrayList>(); - while (rs.next()) { - Map row = new HashMap(columns); - for (int i = 1; i <= columns; ++i) { - row.put(md.getColumnName(i), rs.getObject(i)); - } - rows.add(row); - } - return rows; - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/SignatureController.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/SignatureController.java deleted file mode 100644 index 6279be6519c..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/SignatureController.java +++ /dev/null @@ -1,85 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import java.io.IOException; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.util.Collections; -import java.util.Map; -import java.util.Objects; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpMethod; -import org.springframework.http.HttpRequest; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; -import org.springframework.http.client.ClientHttpRequestExecution; -import org.springframework.http.client.ClientHttpRequestInterceptor; -import org.springframework.http.client.ClientHttpResponse; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; -import org.springframework.web.client.RestTemplate; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; - -import io.mosip.authentication.core.constant.IdAuthCommonConstants; -import io.mosip.kernel.core.http.RequestWrapper; -import io.mosip.kernel.core.util.DateUtils; -import io.mosip.testrig.authentication.demo.service.dto.ValidateSignRequestDto; -import io.swagger.annotations.Api; - -@RestController -@Api(tags = { "Digital Signature" }) -public class SignatureController { - - @Autowired - ObjectMapper mapper; - - @Autowired - Decrypt decrypt; - - /** The encrypt URL. */ - @Value("${mosip.ida.validate.signature-url}") - private String validateSignUrl; - - @SuppressWarnings({ "unchecked", "rawtypes" }) - @PostMapping(path = "/validateSign",consumes=MediaType.APPLICATION_JSON_VALUE) - public String validateSign(@RequestParam String signature, - @RequestBody Map data) throws KeyManagementException, NoSuchAlgorithmException, JsonProcessingException { - ValidateSignRequestDto validateSignRequestDto = new ValidateSignRequestDto(); - validateSignRequestDto.setData(mapper.writeValueAsString(data)); - validateSignRequestDto.setSignature(signature); - validateSignRequestDto.setTimestamp(DateUtils.getUTCCurrentDateTime()); - - Encrypt.turnOffSslChecking(); - RestTemplate restTemplate = new RestTemplate(); - ClientHttpRequestInterceptor interceptor = new ClientHttpRequestInterceptor() { - - @Override - public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) - throws IOException { - String authToken = decrypt.generateAuthToken(); - if(authToken != null && !authToken.isEmpty()) { - request.getHeaders().set("Cookie", "Authorization=" + authToken); - } - return execution.execute(request, body); - } - }; - - restTemplate.setInterceptors(Collections.singletonList(interceptor)); - - HttpEntity> httpEntity = new HttpEntity<>(Decrypt.createRequest(validateSignRequestDto)); - ResponseEntity response = restTemplate.exchange(validateSignUrl, HttpMethod.POST, httpEntity, Map.class); - if(response.getStatusCode() == HttpStatus.OK && response.getBody().containsKey(IdAuthCommonConstants.RESPONSE) - && Objects.nonNull(response.getBody().get(IdAuthCommonConstants.RESPONSE))) { - return (String) ((Map) response.getBody().get(IdAuthCommonConstants.RESPONSE)).get(IdAuthCommonConstants.STATUS); - } - return "failure"; - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Test.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Test.java deleted file mode 100644 index b89bcc14a66..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/Test.java +++ /dev/null @@ -1,12 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import java.nio.charset.Charset; - -public class Test { - - public static void main(String[] args) { - System.out.println(Charset.defaultCharset()); - - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/WebSub.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/WebSub.java deleted file mode 100644 index 79ea81dbf72..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/controller/WebSub.java +++ /dev/null @@ -1,127 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.controller; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.http.HttpHeaders; -import org.springframework.http.MediaType; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; -import org.springframework.web.servlet.support.ServletUriComponentsBuilder; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; - -import io.mosip.kernel.core.http.ResponseWrapper; -import io.mosip.kernel.core.websub.spi.PublisherClient; -import io.mosip.kernel.core.websub.spi.SubscriptionClient; -import io.mosip.kernel.websub.api.annotation.PreAuthenticateContentAndVerifyIntent; -import io.mosip.kernel.websub.api.model.SubscriptionChangeRequest; -import io.mosip.kernel.websub.api.model.SubscriptionChangeResponse; -import io.mosip.kernel.websub.api.model.UnsubscriptionRequest; -import io.mosip.testrig.authentication.demo.service.dto.EventModel; - -@RestController -public class WebSub { - - @Autowired - private PublisherClient pb; - - @Value("${websub.publisher.url}") - private String publisherUrl; - - @Autowired - SubscriptionClient sb; - - @Value("${websub.hub.url}") - private String hubUrl; - - @Autowired - private ObjectMapper objectMapper; - - @Value("${websub.secret}") - private String webSubSecret; - - @PostMapping(path = "/registerTopicToPublish", produces = MediaType.APPLICATION_JSON_VALUE) - public ResponseWrapper registerTopicToPublish(@RequestParam(name = "topic", required = true) String topic) { - ResponseWrapper responseWrapper = new ResponseWrapper<>(); - - pb.registerTopic(topic, publisherUrl); - - responseWrapper.setResponse("Registered topic for Publishing: " + topic); - - return responseWrapper; - } - - @PostMapping(path = "/unregisterTopicToPublish", produces = MediaType.APPLICATION_JSON_VALUE) - public ResponseWrapper unregisterTopicToPublish(@RequestParam(name = "topic", required = true) String topic) { - ResponseWrapper responseWrapper = new ResponseWrapper<>(); - - pb.unregisterTopic(topic, publisherUrl); - - responseWrapper.setResponse("Unregistered topic for Publishing: " + topic); - - return responseWrapper; - } - - @PostMapping(path = "/publish", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE) - public ResponseWrapper publish(@RequestBody EventModel body, - @RequestParam(name = "topic", required = true) String topic) { - ResponseWrapper responseWrapper = new ResponseWrapper<>(); - - //pb.registerTopic(topic, publisherUrl); - - pb.publishUpdate(topic, body, MediaType.APPLICATION_JSON_UTF8_VALUE, new HttpHeaders(), publisherUrl); - - //pb.unregisterTopic(topic, publisherUrl); - - responseWrapper.setResponse("Published for topic: " + topic); - - return responseWrapper; - } - - @PostMapping(value = "/callback", consumes = "application/json") - @PreAuthenticateContentAndVerifyIntent(secret = "Kslk30SNF2AChs2", callback = "/callback", topic = "mytopic1") - public void printPost(@RequestBody EventModel body) { - try { - System.out.println(objectMapper.writeValueAsString(body)); - } catch (JsonProcessingException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - @PostMapping(path = "/subscribe", produces = MediaType.APPLICATION_JSON_VALUE) - public ResponseWrapper subscribe(@RequestParam(name = "topic", required = true) String topic) { - ResponseWrapper responseWrapper = new ResponseWrapper<>(); - final String baseUrl = - ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString(); - SubscriptionChangeRequest subscriptionRequest = new SubscriptionChangeRequest(); - subscriptionRequest.setCallbackURL(baseUrl + "/callback"); - subscriptionRequest.setHubURL(hubUrl); - subscriptionRequest.setSecret(webSubSecret); - subscriptionRequest.setTopic(topic); - sb.subscribe(subscriptionRequest); - - responseWrapper.setResponse("Subscribed for topic: " + topic); - - return responseWrapper; - } - - @PostMapping(path = "/unsubscribe", produces = MediaType.APPLICATION_JSON_VALUE) - public ResponseWrapper publish(@RequestParam(name = "topic", required = true) String topic) { - ResponseWrapper responseWrapper = new ResponseWrapper<>(); - - UnsubscriptionRequest subscriptionRequest = new UnsubscriptionRequest(); - subscriptionRequest.setCallbackURL("/callback"); - subscriptionRequest.setHubURL(hubUrl); - subscriptionRequest.setTopic(topic); - sb.unSubscribe(subscriptionRequest); - - responseWrapper.setResponse("Unsubscribed for topic: " + topic); - - return responseWrapper; - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CertificateChainResponseDto.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CertificateChainResponseDto.java deleted file mode 100644 index 48fdc9df2b9..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CertificateChainResponseDto.java +++ /dev/null @@ -1,9 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; -import lombok.Data; - -@Data -public class CertificateChainResponseDto { - String caCertificate; - String interCertificate; - String partnerCertificate; -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CryptomanagerRequestDto.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CryptomanagerRequestDto.java deleted file mode 100644 index b367b6f5b21..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CryptomanagerRequestDto.java +++ /dev/null @@ -1,14 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import lombok.Data; - -@Data -public class CryptomanagerRequestDto { - String applicationId; - String data; - String referenceId; - String salt; - String aad; - String timeStamp; - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CryptomanagerResponseDto.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CryptomanagerResponseDto.java deleted file mode 100644 index fe4af031aaf..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/CryptomanagerResponseDto.java +++ /dev/null @@ -1,9 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import lombok.Data; - -@Data -public class CryptomanagerResponseDto { - String data; - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptedRequest.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptedRequest.java deleted file mode 100644 index 0a349b53485..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptedRequest.java +++ /dev/null @@ -1,9 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import lombok.Data; - -@Data -public class EncryptedRequest { - String key; - String data; -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptionRequestDto.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptionRequestDto.java deleted file mode 100644 index 5b4ceba574f..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptionRequestDto.java +++ /dev/null @@ -1,12 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import java.util.Map; - -import lombok.Data; - -@Data -public class EncryptionRequestDto { - - private Map identityRequest; - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptionResponseDto.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptionResponseDto.java deleted file mode 100644 index 969d4d3c477..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EncryptionResponseDto.java +++ /dev/null @@ -1,10 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import lombok.Data; - -@Data -public class EncryptionResponseDto { - String encryptedSessionKey; - String encryptedIdentity; - String requestHMAC; -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/Event.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/Event.java deleted file mode 100644 index 4a2c5c06ca0..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/Event.java +++ /dev/null @@ -1,23 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import java.util.Map; - -import lombok.Data; - -@Data -public class Event { - //uuid event id to be create and put in loggers - private String id; - - //request id - private String transactionId; - - private Type type; - - private String timestamp; - - private String dataShareUri; - - private Map data; - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EventModel.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EventModel.java deleted file mode 100644 index 368b4ce78aa..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/EventModel.java +++ /dev/null @@ -1,12 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import lombok.Data; - -@Data -public class EventModel { - - private String publisher; - private String topic; - private String publishedOn; - private Event event; -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/PublicKeyResponseDTO.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/PublicKeyResponseDTO.java deleted file mode 100644 index 0896a634798..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/PublicKeyResponseDTO.java +++ /dev/null @@ -1,49 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import java.time.LocalDateTime; - -import com.fasterxml.jackson.annotation.JsonIgnore; - -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; -import lombok.AllArgsConstructor; -import lombok.Data; -import lombok.NoArgsConstructor; - -/** - * Response class for Public Key - * - * @author Arun Bose - * - */ -@Data -@AllArgsConstructor -@NoArgsConstructor -@ApiModel(description = "Class representing a Public Key Response") -public class PublicKeyResponseDTO { - - /** - * The string alias - */ - @JsonIgnore - private String alias; - - /** - * Field for public key - */ - @ApiModelProperty(notes = "Public key in BASE64 encoding format", required = true) - private T publicKey; - - /** - * Key creation time - */ - @ApiModelProperty(notes = "Timestamp of issuance of public key", required = true) - private LocalDateTime issuedAt; - - /** - * Key expiry time - */ - @ApiModelProperty(notes = "Timestamp of expiry of public key", required = true) - private LocalDateTime expiryAt; - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/Type.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/Type.java deleted file mode 100644 index bda3a2c5304..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/Type.java +++ /dev/null @@ -1,11 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import lombok.Data; - -@Data -public class Type { - - private String namespace; - private String name; - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/ValidateSignRequestDto.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/ValidateSignRequestDto.java deleted file mode 100644 index b6bc1a22af6..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/dto/ValidateSignRequestDto.java +++ /dev/null @@ -1,24 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.dto; - -import java.time.LocalDateTime; - -import jakarta.validation.constraints.NotBlank; -import jakarta.validation.constraints.NotNull; -import com.fasterxml.jackson.annotation.JsonFormat; -import lombok.AllArgsConstructor; -import lombok.Data; -import lombok.NoArgsConstructor; - -@Data -@NoArgsConstructor -@AllArgsConstructor -public class ValidateSignRequestDto { - @NotBlank - private String signature; - @NotBlank - private String data; - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'") - @NotNull - private LocalDateTime timestamp; - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CertificateTypes.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CertificateTypes.java deleted file mode 100644 index e757ca46d71..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CertificateTypes.java +++ /dev/null @@ -1,18 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.helper; - -public enum CertificateTypes { - - INTERNAL("ida-internal.cer"), - PARTNER("ida-partner.cer"), - IDA_FIR("ida-fir.cer"); - - private String fileName; - - private CertificateTypes(String fileName) { - this.fileName = fileName; - } - - public String getFileName() { - return this.fileName; - } -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CryptoCoreUtil.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CryptoCoreUtil.java deleted file mode 100644 index 9e928a4ef43..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CryptoCoreUtil.java +++ /dev/null @@ -1,365 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.helper; - -import static java.util.Arrays.copyOfRange; - -import java.math.BigInteger; -import java.security.GeneralSecurityException; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.KeyStore.PrivateKeyEntry; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.cert.Certificate; -import java.security.interfaces.RSAPrivateKey; -import java.security.spec.MGF1ParameterSpec; -import java.util.Arrays; -import java.util.Objects; - -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.SecretKey; -import javax.crypto.spec.GCMParameterSpec; -import javax.crypto.spec.OAEPParameterSpec; -import javax.crypto.spec.PSource.PSpecified; -import javax.crypto.spec.SecretKeySpec; - -import org.apache.commons.codec.digest.DigestUtils; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.crypto.digests.SHA256Digest; -import org.bouncycastle.crypto.encodings.OAEPEncoding; -import org.bouncycastle.crypto.engines.RSAEngine; -import org.bouncycastle.crypto.params.RSAKeyParameters; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Component; - -import io.mosip.kernel.core.crypto.exception.InvalidParamSpecException; -import io.mosip.kernel.core.util.CryptoUtil; -import io.mosip.kernel.crypto.jce.constant.SecurityExceptionCodeConstant; -import io.mosip.kernel.crypto.jce.util.CryptoUtils; -import lombok.extern.slf4j.Slf4j; - -@Slf4j -@Component -public class CryptoCoreUtil { - - private final static String RSA_ECB_OAEP_PADDING = "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING"; - - private final static int THUMBPRINT_LENGTH = 32; - private final static int NONCE = 12; - private final static int AADSize = 32; - public static final byte[] VERSION_RSA_2048 = "VER_R2".getBytes(); - - private static final String MGF1 = "MGF1"; - - private static final String HASH_ALGO = "SHA-256"; - - private static final String PKCS11_STORE_TYPE = "PKCS11"; - - // Used as a hack for softhsm oeap padding decryption usecase will be when we - // will use in HSM - @SuppressWarnings("java:S106") - private static final String RSA_ECB_NO_PADDING = "RSA/ECB/NoPadding"; // NOSONAR using the padding for allowing OAEP padding in PKCS11 library - - - @Value("${mosip.prependThumbprint:true}") - private boolean isThumbprint; - - @Value("${mosip.kernel.crypto.asymmetric-algorithm-name:" + RSA_ECB_OAEP_PADDING + "}") - private String asymmetricAlgorithm; - - @Value("${mosip.kernel.keymanager.hsm.keystore-type:PKCS11}") - private String keystoreType; - - @Value("${mosip.kernel.keygenerator.asymmetric-key-length:2048}") - private int asymmetricKeyLength; - - - public String decrypt(String data, PrivateKeyEntry privateKeyEntry) throws Exception { - try { - byte[] dataBytes = CryptoUtil.decodeURLSafeBase64(data); - byte[] decryptedDataBytes = decryptData(dataBytes, privateKeyEntry); - return new String(decryptedDataBytes); - }catch (Exception e){ - log.error( "Not able to decrypt the data : {}", e); - } - throw new Exception("Unknown decryption exception."); - } - - public byte[] decryptData(byte[] requestData, PrivateKeyEntry privateKey) throws Exception { - String keySplitter = "#KEY_SPLITTER#"; - SecretKey symmetricKey = null; - byte[] encryptedData = null; - byte[] encryptedSymmetricKey = null; - final int cipherKeyandDataLength = requestData.length; - final int keySplitterLength = keySplitter.length(); - - int keyDemiliterIndex = getSplitterIndex(requestData, 0, keySplitter); - byte[] encryptedKey = copyOfRange(requestData, 0, keyDemiliterIndex); - byte[] headerBytes = parseEncryptKeyHeader(encryptedKey); - byte[] decryptedSymmetricKey = null; - try { - encryptedData = copyOfRange(requestData, keyDemiliterIndex + keySplitterLength, cipherKeyandDataLength); - if (Arrays.equals(headerBytes, VERSION_RSA_2048)) { - encryptedSymmetricKey = Arrays.copyOfRange(encryptedKey, THUMBPRINT_LENGTH + VERSION_RSA_2048.length, - encryptedKey.length); - byte[] aad = Arrays.copyOfRange(encryptedData, 0, AADSize); - byte[] nonce = Arrays.copyOfRange(aad, 0, NONCE); - byte[] encData = Arrays.copyOfRange(encryptedData, AADSize, encryptedData.length); - decryptedSymmetricKey = asymmetricDecrypt(privateKey.getPrivateKey(), - ((RSAPrivateKey) privateKey.getPrivateKey()).getModulus(), encryptedSymmetricKey); - symmetricKey = new SecretKeySpec(decryptedSymmetricKey, 0, decryptedSymmetricKey.length, "AES"); - return symmetricDecrypt(symmetricKey, encData, nonce, aad); - } else if (isThumbprint) { - encryptedSymmetricKey = Arrays.copyOfRange(encryptedKey, THUMBPRINT_LENGTH, encryptedKey.length); - decryptedSymmetricKey = asymmetricDecrypt(privateKey.getPrivateKey(), - ((RSAPrivateKey) privateKey.getPrivateKey()).getModulus(), encryptedSymmetricKey); - symmetricKey = new SecretKeySpec(decryptedSymmetricKey, 0, decryptedSymmetricKey.length, "AES"); - return symmetricDecrypt(symmetricKey, encryptedData, null); - } else { - decryptedSymmetricKey = asymmetricDecrypt(privateKey.getPrivateKey(), - ((RSAPrivateKey) privateKey.getPrivateKey()).getModulus(), encryptedKey); - symmetricKey = new SecretKeySpec(decryptedSymmetricKey, 0, decryptedSymmetricKey.length, "AES"); - return symmetricDecrypt(symmetricKey, encryptedData, null); - } - } catch (Exception e) { - log.error( "Not able to decrypt the data : {}", e); - } - throw new Exception("Unknown decryption exception."); - } - - public byte[] parseEncryptKeyHeader(byte[] encryptedKey) { - byte[] versionHeaderBytes = Arrays.copyOfRange(encryptedKey, 0, VERSION_RSA_2048.length); - if (!Arrays.equals(versionHeaderBytes, VERSION_RSA_2048)) { - return new byte[0]; - } - return versionHeaderBytes; - } - - private static int getSplitterIndex(byte[] encryptedData, int keyDemiliterIndex, String keySplitter) { - final byte keySplitterFirstByte = keySplitter.getBytes()[0]; - final int keySplitterLength = keySplitter.length(); - for (byte data : encryptedData) { - if (data == keySplitterFirstByte) { - final String keySplit = new String( - copyOfRange(encryptedData, keyDemiliterIndex, keyDemiliterIndex + keySplitterLength)); - if (keySplitter.equals(keySplit)) { - break; - } - } - keyDemiliterIndex++; - } - return keyDemiliterIndex; - } - - /** - * - * @param privateKey - * @param keyModulus - * @param data - * @return - * @throws IllegalBlockSizeException - * @throws BadPaddingException - * @throws NoSuchAlgorithmException - * @throws NoSuchPaddingException - * @throws InvalidAlgorithmParameterException - * @throws InvalidKeyException - */ - private static byte[] asymmetricDecrypt(PrivateKey privateKey, BigInteger keyModulus, byte[] data) - throws IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, - InvalidAlgorithmParameterException, InvalidKeyException { - - Cipher cipher; - try { - cipher = Cipher.getInstance(RSA_ECB_OAEP_PADDING); - OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, - PSpecified.DEFAULT); - cipher.init(Cipher.DECRYPT_MODE, privateKey, oaepParams); - return cipher.doFinal(data); - } catch (java.security.NoSuchAlgorithmException e) { - log.error("Not able to decrypt the data : {}" , e); - throw new NoSuchAlgorithmException(e); - } catch (NoSuchPaddingException e) { - throw new NoSuchPaddingException(e.getMessage()); - } catch (java.security.InvalidKeyException e) { - throw new InvalidKeyException(e); - } catch (InvalidAlgorithmParameterException e) { - throw new InvalidAlgorithmParameterException(e); - } - } - - private static byte[] symmetricDecrypt(SecretKey key, byte[] data, byte[] aad) { - byte[] output = null; - try { - Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5Padding"); - byte[] randomIV = Arrays.copyOfRange(data, data.length - cipher.getBlockSize(), data.length); - SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "AES"); - GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(128, randomIV); - - cipher.init(Cipher.DECRYPT_MODE, keySpec, gcmParameterSpec); - if (aad != null && aad.length != 0) { - cipher.updateAAD(aad); - } - output = cipher.doFinal(Arrays.copyOf(data, data.length - cipher.getBlockSize())); - } catch (Exception e) { - - } - return output; - } - - public byte[] symmetricDecrypt(SecretKey key, byte[] data, byte[] nonce, byte[] aad) - throws Exception { - // Objects.requireNonNull(key, null); - // CryptoUtils.verifyData(data); - byte[] output = null; - Cipher cipher; - try { - cipher = Cipher.getInstance("AES/GCM/PKCS5Padding"); - SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "AES"); - GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(128, nonce); - cipher.init(Cipher.DECRYPT_MODE, keySpec, gcmParameterSpec); - if (aad != null) { - cipher.updateAAD(aad); - } - output = cipher.doFinal(data, 0, data.length); - } catch (InvalidAlgorithmParameterException e) { - throw new Exception("Invalid key exception.", e); - } catch (IllegalBlockSizeException e) { - throw new Exception("Invalid key exception.", e); - } catch (BadPaddingException e) { - throw new Exception("Certificate thumbprint error.", e); - } catch (NoSuchAlgorithmException e) { - throw new Exception("Certificate thumbprint error.", e); - } catch (NoSuchPaddingException e) { - throw new Exception("Certificate thumbprint error.", e); - } catch (InvalidKeyException e) { - throw new Exception("Invalid key exception.", e); - } - return output; - } - - public static byte[] getCertificateThumbprint(Certificate cert) throws Exception { - try { - return DigestUtils.sha256(cert.getEncoded()); - } catch (java.security.cert.CertificateEncodingException e) { - throw new Exception("Invalid key exception.", e); - } - } - - public byte[] asymmetricEncrypt(PublicKey key, byte[] data) throws GeneralSecurityException { - Objects.requireNonNull(key, SecurityExceptionCodeConstant.MOSIP_INVALID_KEY_EXCEPTION.getErrorMessage()); - CryptoUtils.verifyData(data); - Cipher cipher; - try { - cipher = Cipher.getInstance(asymmetricAlgorithm); - } catch (java.security.NoSuchAlgorithmException | NoSuchPaddingException e) { - throw e; - } - final OAEPParameterSpec oaepParams = new OAEPParameterSpec(HASH_ALGO, MGF1, MGF1ParameterSpec.SHA256, - PSpecified.DEFAULT); - try { - cipher.init(Cipher.ENCRYPT_MODE, key, oaepParams); - } catch (java.security.InvalidKeyException e) { - throw e; - } catch (InvalidAlgorithmParameterException e) { - throw new InvalidParamSpecException( - SecurityExceptionCodeConstant.MOSIP_INVALID_PARAM_SPEC_EXCEPTION.getErrorCode(), - SecurityExceptionCodeConstant.MOSIP_INVALID_PARAM_SPEC_EXCEPTION.getErrorMessage(), e); - } - return doFinal(data, cipher); - } - - public byte[] asymmetricDecrypt(PrivateKey privateKey, byte[] data) throws GeneralSecurityException, InvalidCipherTextException { - if (PKCS11_STORE_TYPE.equalsIgnoreCase(keystoreType)) { - BigInteger keyModulus = ((RSAPrivateKey) privateKey).getModulus(); - return asymmetricDecrypt(privateKey, keyModulus, data, null); - } - return jceAsymmetricDecrypt(privateKey, data, null); - } - - private byte[] asymmetricDecrypt(PrivateKey privateKey, BigInteger keyModulus, byte[] data, String storeType) throws GeneralSecurityException, InvalidCipherTextException { - Objects.requireNonNull(privateKey, SecurityExceptionCodeConstant.MOSIP_INVALID_KEY_EXCEPTION.getErrorMessage()); - CryptoUtils.verifyData(data); - Cipher cipher; - try { - cipher = Objects.isNull(storeType) ? Cipher.getInstance(RSA_ECB_NO_PADDING) : // NOSONAR using the padding for allowing OAEP padding in PKCS11 library - Cipher.getInstance(RSA_ECB_NO_PADDING, storeType); // NOSONAR using the padding for allowing OAEP padding in PKCS11 library - } catch (java.security.NoSuchAlgorithmException | NoSuchPaddingException | NoSuchProviderException e) { - throw e; - } - - try { - cipher.init(Cipher.DECRYPT_MODE, privateKey); - } catch (java.security.InvalidKeyException e) { - throw e; - } - /* - * This is a hack of removing OEAP padding after decryption with NO Padding as - * SoftHSM does not support it.Will be removed after HSM implementation - */ - byte[] paddedPlainText = doFinal(data, cipher); - if (paddedPlainText.length < asymmetricKeyLength / 8) { - byte[] tempPipe = new byte[asymmetricKeyLength / 8]; - System.arraycopy(paddedPlainText, 0, tempPipe, tempPipe.length - paddedPlainText.length, - paddedPlainText.length); - paddedPlainText = tempPipe; - } - - return unpadOAEPPadding(paddedPlainText, keyModulus); - } - - // This is a hack of removing OEAP padding after decryption with NO Padding as - // SoftHSM does not support it.Will be removed after HSM implementation - /** - * - * @param paddedPlainText - * @param privateKey - * @return - * @throws InvalidCipherTextException - */ - private byte[] unpadOAEPPadding(byte[] paddedPlainText, BigInteger keyModulus) throws InvalidCipherTextException { - - try { - OAEPEncoding encode = new OAEPEncoding(new RSAEngine(), new SHA256Digest()); - BigInteger exponent = new BigInteger("1"); - RSAKeyParameters keyParams = new RSAKeyParameters(false, keyModulus, exponent); - encode.init(false, keyParams); - return encode.processBlock(paddedPlainText, 0, paddedPlainText.length); - } catch (InvalidCipherTextException e) { - throw e; - } - } - - private byte[] jceAsymmetricDecrypt(PrivateKey privateKey, byte[] data, String storeType) throws GeneralSecurityException{ - Objects.requireNonNull(privateKey, SecurityExceptionCodeConstant.MOSIP_INVALID_KEY_EXCEPTION.getErrorMessage()); - CryptoUtils.verifyData(data); - Cipher cipher; - try { - cipher = Objects.isNull(storeType) ? Cipher.getInstance(asymmetricAlgorithm) : - Cipher.getInstance(asymmetricAlgorithm, storeType); - OAEPParameterSpec oaepParams = new OAEPParameterSpec(HASH_ALGO, MGF1, MGF1ParameterSpec.SHA256, - PSpecified.DEFAULT); - cipher.init(Cipher.DECRYPT_MODE, privateKey, oaepParams); - return doFinal(data, cipher); - } catch (java.security.NoSuchAlgorithmException | NoSuchPaddingException | NoSuchProviderException e) { - throw e; - } catch (java.security.InvalidKeyException e) { - throw e; - } catch (InvalidAlgorithmParameterException e) { - throw e; - } - } - - private byte[] doFinal(byte[] data, Cipher cipher) throws IllegalBlockSizeException, BadPaddingException { - try { - return cipher.doFinal(data); - } catch (IllegalBlockSizeException e) { - throw e; - } catch (BadPaddingException e) { - throw e; - } - } -} \ No newline at end of file diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CryptoUtility.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CryptoUtility.java deleted file mode 100644 index 25e09692e09..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/CryptoUtility.java +++ /dev/null @@ -1,143 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.helper; - -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SecureRandom; -import java.security.Security; - -import javax.crypto.BadPaddingException; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.KeyGenerator; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.SecretKey; - -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; - -import io.mosip.kernel.core.crypto.spi.CryptoCoreSpec; - - -/** - * The Class CryptoUtility is used for encryption and decryption. - * - * @author Arun Bose S - * The Class CryptoUtil. - */ -@Component -public class CryptoUtility { - - /** The Constant SYM_ALGORITHM. */ - private static final String SYM_ALGORITHM = "AES"; - - /** The Constant SYM_ALGORITHM_LENGTH. */ - private static final int SYM_ALGORITHM_LENGTH = 256; - - /** The bouncy castle provider. */ - private static BouncyCastleProvider bouncyCastleProvider; - - static { - bouncyCastleProvider = addProvider(); - } - - /** - * {@link CryptoCoreSpec} instance for cryptographic functionalities. - */ - @Autowired - private CryptoCoreSpec cryptoCore; - - - - /** - * Symmetric encrypt. - * - * @param data the data - * @param secretKey the secret key - * @return the byte[] - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws NoSuchPaddingException the no such padding exception - * @throws InvalidKeyException the invalid key exception - * @throws InvalidAlgorithmParameterException the invalid algorithm parameter exception - * @throws IllegalBlockSizeException the illegal block size exception - * @throws BadPaddingException the bad padding exception - */ - public byte[] symmetricEncrypt(byte[] data, SecretKey secretKey) - throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, - InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { - return cryptoCore.symmetricEncrypt(secretKey, data, null); - - } - - - - /** - * Symmetric decrypt. - * - * @param secretKey the secret key - * @param encryptedDataByteArr the encrypted data byte arr - * @return the byte[] - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws NoSuchPaddingException the no such padding exception - * @throws InvalidKeyException the invalid key exception - * @throws IllegalBlockSizeException the illegal block size exception - * @throws BadPaddingException the bad padding exception - * @throws InvalidAlgorithmParameterException the invalid algorithm parameter exception - */ - public byte[] symmetricDecrypt(SecretKey secretKey, byte[] encryptedDataByteArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException { - return cryptoCore.symmetricDecrypt(secretKey, encryptedDataByteArr, null); - } - - /** - * Adds the provider. - * - * @return the bouncy castle provider - */ - private static BouncyCastleProvider addProvider() { - BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider(); - Security.addProvider(bouncyCastleProvider); - return bouncyCastleProvider; - } - - /** - * Gen sec key. - * - * @return the secret key - * @throws NoSuchAlgorithmException the no such algorithm exception - */ - public SecretKey genSecKey() throws NoSuchAlgorithmException { - KeyGenerator keyGen; - SecretKey secretKey = null; - keyGen = KeyGenerator.getInstance(CryptoUtility.SYM_ALGORITHM, bouncyCastleProvider); - keyGen.init(CryptoUtility.SYM_ALGORITHM_LENGTH, new SecureRandom()); - secretKey = keyGen.generateKey(); - return secretKey; - - } - - /** - * Asymmetric encrypt. - * - * @param data the data - * @param publicKey the public key - * @return the byte[] - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws NoSuchPaddingException the no such padding exception - * @throws InvalidKeyException the invalid key exception - * @throws IllegalBlockSizeException the illegal block size exception - * @throws BadPaddingException the bad padding exception - */ - public byte[] asymmetricEncrypt(byte[] data, PublicKey publicKey) throws NoSuchAlgorithmException, - NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { - return cryptoCore.asymmetricEncrypt(publicKey, data); - } - - public byte[] symmetricEncrypt(byte[] data, SecretKey secretKey, byte[] iv, byte[] aad) - throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, - InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { - return cryptoCore.symmetricEncrypt(secretKey, data, iv, aad); - - } -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/DBUtil.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/DBUtil.java deleted file mode 100644 index fea7abbda9d..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/DBUtil.java +++ /dev/null @@ -1,46 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.helper; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.core.env.Environment; -import org.springframework.stereotype.Component; - -import io.mosip.kernel.core.util.CryptoUtil; - -@Component -public class DBUtil { - - public static final String MASTER = "master"; - public static final String IDA = "ida"; - - @Autowired - private Environment env; - - public String getDbUser(String db) { - return new String(CryptoUtil.decodeBase64(env.getProperty(db + ".db.user"))); - } - - public String getDbPass(String db) { - return new String(CryptoUtil.decodeBase64(env.getProperty(db + ".db.pass"))); - } - - public String getDbUrl(String db) { - String baseUrl = env.getProperty("mosip.base.url"); - if(baseUrl != null) { - if(baseUrl.contains("dev")) { - return env.getProperty("dev." + db + ".db.url"); - } else if(baseUrl.contains("qa")) { - return env.getProperty("qa." + db + ".db.url"); - } else if(baseUrl.contains("ext-int")) { - return env.getProperty("ext-int." + db + ".db.url"); - } else if(baseUrl.contains("preprod")) { - return env.getProperty("preprod." + db + ".db.url"); - } else if(baseUrl.contains("int")) { - return env.getProperty("int." + db + ".db.url"); - } else { - return env.getProperty(env.getProperty("spring.profiles.active") + "." + db + ".db.url"); - } - } - return null; - } - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/KeyMgrUtil.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/KeyMgrUtil.java deleted file mode 100644 index 8d484de364a..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/KeyMgrUtil.java +++ /dev/null @@ -1,503 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.helper; - -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.StringReader; -import java.io.StringWriter; -import java.math.BigInteger; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.security.GeneralSecurityException; -import java.security.KeyFactory; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.KeyStore; -import java.security.KeyStore.PasswordProtection; -import java.security.KeyStore.PrivateKeyEntry; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SecureRandom; -import java.security.UnrecoverableEntryException; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.X509EncodedKeySpec; -import java.time.LocalDateTime; -import java.time.ZoneId; -import java.util.Arrays; -import java.util.Date; -import java.util.Objects; - -import javax.security.auth.x500.X500Principal; - -import org.bouncycastle.asn1.x500.RDN; -import org.bouncycastle.asn1.x500.X500Name; -import org.bouncycastle.asn1.x500.X500NameBuilder; -import org.bouncycastle.asn1.x500.style.BCStyle; -import org.bouncycastle.asn1.x500.style.IETFUtils; -import org.bouncycastle.asn1.x500.style.RFC4519Style; -import org.bouncycastle.asn1.x509.BasicConstraints; -import org.bouncycastle.asn1.x509.Extension; -import org.bouncycastle.asn1.x509.KeyUsage; -import org.bouncycastle.cert.CertIOException; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.cert.X509v3CertificateBuilder; -import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; -import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils; -import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.openssl.jcajce.JcaPEMWriter; -import org.bouncycastle.operator.ContentSigner; -import org.bouncycastle.operator.OperatorCreationException; -import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; -import org.bouncycastle.util.io.pem.PemObject; -import org.bouncycastle.util.io.pem.PemReader; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.core.env.Environment; -import org.springframework.stereotype.Component; - -import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; -import io.mosip.authentication.core.util.CryptoUtil; -import io.mosip.testrig.authentication.demo.service.dto.CertificateChainResponseDto; - -@Component -public class KeyMgrUtil { - - private static final String DOMAIN_URL = "mosip.base.url"; - - private static final String CERTIFICATE_TYPE = "X.509"; - - private static final String CA_P12_FILE_NAME = "-ca.p12"; - private static final String INTER_P12_FILE_NAME = "-inter.p12"; - private static final String PARTNER_P12_FILE_NAME = "-partner.p12"; - - private static final char[] TEMP_P12_PWD = "qwerty@123".toCharArray(); - - private static final String KEY_ALIAS = "keyalias"; - private static final String KEY_STORE = "PKCS12"; - private static final String RSA_ALGO = "RSA"; - private static final int RSA_KEY_SIZE = 2048; - private static final String SIGN_ALGO = "SHA256withRSA"; - private static final String DEVICE_SPECIFIC_KEY = "-dsk"; - private static final String CHIP_SPECIFIC_KEY = "-csk"; - - - @Autowired - private Environment environment; - - @Value("${rp-partner-cert-expiry-years:5}") - private int rpPartnerCertExpiryYears; - - @Value("${ftm-partner-cert-expiry-years:1}") - private int ftmCertificateExpiryYears; - - @Value("${device-partner-cert-expiry-months:6}") - private int deviceCertificateExpiryMonths; - - @Autowired - CryptoCoreUtil cryptoCoreUtil; - - public Certificate convertToCertificate(String certData) throws IOException, CertificateException { - StringReader strReader = new StringReader(certData); - PemReader pemReader = new PemReader(strReader); - PemObject pemObject = pemReader.readPemObject(); - - byte[] certBytes = pemObject.getContent(); - CertificateFactory certFactory = CertificateFactory.getInstance(CERTIFICATE_TYPE); - return certFactory.generateCertificate(new ByteArrayInputStream(certBytes)); - } - - public CertificateChainResponseDto getPartnerCertificates(PartnerTypes partnerType, String dirPath, String organization, boolean keyFileNameByPartnerName) throws - NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, IOException, CertificateException, OperatorCreationException { - String filePrepend = keyFileNameByPartnerName ? partnerType.getFilePrepend() + '-' + organization : partnerType.getFilePrepend(); - String caFilePath = dirPath + '/' + filePrepend + CA_P12_FILE_NAME; - LocalDateTime dateTime = LocalDateTime.now(); - LocalDateTime dateTimeExp = dateTime.plusYears(rpPartnerCertExpiryYears); - PrivateKeyEntry caPrivKeyEntry = getPrivateKeyEntry(caFilePath); - KeyUsage keyUsage = new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign); - if (Objects.isNull(caPrivKeyEntry)) { - caPrivKeyEntry = generateKeys(null, "CA-" + filePrepend, "CA-" + filePrepend, caFilePath, keyUsage, dateTime, dateTimeExp, organization); - } - String caCertificate = getCertificate(caPrivKeyEntry); - - String interFilePath = dirPath + '/' + filePrepend + INTER_P12_FILE_NAME; - PrivateKeyEntry interPrivKeyEntry = getPrivateKeyEntry(interFilePath); - if (Objects.isNull(interPrivKeyEntry)) { - interPrivKeyEntry = generateKeys(caPrivKeyEntry.getPrivateKey(), "CA-" + filePrepend, "INTER-" + filePrepend, interFilePath, keyUsage, dateTime, dateTimeExp, organization); - } - String interCertificate = getCertificate(interPrivKeyEntry); - - String partnerFilePath = dirPath + '/' + filePrepend + PARTNER_P12_FILE_NAME; - PrivateKeyEntry partnerPrivKeyEntry = getPrivateKeyEntry(partnerFilePath); - if (Objects.isNull(partnerPrivKeyEntry)) { - if (filePrepend.equalsIgnoreCase(PartnerTypes.EKYC.name())){ - keyUsage = new KeyUsage(KeyUsage.keyEncipherment | KeyUsage.encipherOnly | KeyUsage.decipherOnly); - } - partnerPrivKeyEntry = generateKeys(interPrivKeyEntry.getPrivateKey(), "INTER-" + filePrepend, "PARTNER-" + filePrepend, - partnerFilePath, keyUsage, dateTime, dateTimeExp, organization); - } - - if(partnerType.equals(PartnerTypes.DEVICE) || partnerType.equals(PartnerTypes.FTM)) { - getKeyEntry(dirPath, partnerType, organization, keyFileNameByPartnerName); - } - - - String partnerCertificate = getCertificate(partnerPrivKeyEntry); - CertificateChainResponseDto responseDto = new CertificateChainResponseDto(); - responseDto.setCaCertificate(caCertificate); - responseDto.setInterCertificate(interCertificate); - responseDto.setPartnerCertificate(partnerCertificate); - return responseDto; - } - - public PrivateKeyEntry getPrivateKeyEntry(String filePath) throws NoSuchAlgorithmException, UnrecoverableEntryException, - KeyStoreException, IOException, CertificateException{ - return getPrivateKeyEntry(filePath, getP12Pass(), getKeyAlias()); - } - - public PrivateKeyEntry getPrivateKeyEntry(String filePath, char[] p12Pass, String keyAlias) throws NoSuchAlgorithmException, UnrecoverableEntryException, - KeyStoreException, IOException, CertificateException{ - Path path = Paths.get(filePath); - if (Files.exists(path)){ - KeyStore keyStore = KeyStore.getInstance(KEY_STORE); - try(InputStream p12FileStream = new FileInputStream(filePath);) { - keyStore.load(p12FileStream, p12Pass); - return (PrivateKeyEntry) keyStore.getEntry(getKeyAlias(keyAlias), new PasswordProtection (getP12Pass(p12Pass))); - } - } - return null; - } - - private char[] getP12Pass(char[] p12Pass) { - return p12Pass == null ? getP12Pass() : p12Pass; - } - - private String getKeyAlias(String keyAlias) { - return keyAlias == null ? getKeyAlias() : keyAlias; - } - - private char[] getP12Pass() { - String pass = environment.getProperty("p12.password"); - return pass == null ? TEMP_P12_PWD : pass.toCharArray(); - } - - private String getCertificate(PrivateKeyEntry keyEntry) throws IOException{ - StringWriter stringWriter = new StringWriter(); - JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter); - pemWriter.writeObject(keyEntry.getCertificate()); - pemWriter.flush(); - return stringWriter.toString(); - } - - public boolean deleteFile(File file) throws IOException { - if (file != null) { - if (file.isDirectory()) { - File[] files = file.listFiles(); - - for (File f: files) { - deleteFile(f); - } - } - return Files.deleteIfExists(file.toPath()); - } - return false; - } - - private PrivateKeyEntry generateKeys(PrivateKey signKey, String signCertType, String certType, String p12FilePath, KeyUsage keyUsage, - LocalDateTime dateTime, LocalDateTime dateTimeExp, String organization) throws - NoSuchAlgorithmException, OperatorCreationException, CertificateException, KeyStoreException, IOException { - KeyPairGenerator generator = KeyPairGenerator.getInstance(RSA_ALGO); - SecureRandom random = new SecureRandom(); - generator.initialize(RSA_KEY_SIZE, random); - KeyPair keyPair = generator.generateKeyPair(); - X509Certificate signCert = null; - if(Objects.isNull(signKey)) { - signCert = generateX509Certificate(keyPair.getPrivate(), keyPair.getPublic(), signCertType, certType, keyUsage, dateTime, dateTimeExp, organization); - } else { - signCert = generateX509Certificate(signKey, keyPair.getPublic(), signCertType, certType, keyUsage, dateTime, dateTimeExp, organization); - } - X509Certificate[] chain = new X509Certificate[] {signCert}; - PrivateKeyEntry privateKeyEntry = new PrivateKeyEntry(keyPair.getPrivate(), chain); - - KeyStore keyStore = KeyStore.getInstance(KEY_STORE); - keyStore.load(null, getP12Pass()); - keyStore.setEntry(getKeyAlias(), privateKeyEntry, new PasswordProtection (getP12Pass())); - Path parentPath = Paths.get(p12FilePath).getParent(); - if (parentPath != null && !Files.exists(parentPath)) { - Files.createDirectories(parentPath); - } - - - OutputStream outputStream = new FileOutputStream(p12FilePath); - keyStore.store(outputStream, getP12Pass()); - outputStream.flush(); - outputStream.close(); - return new PrivateKeyEntry(keyPair.getPrivate(), chain); - } - - private X509Certificate generateX509Certificate(PrivateKey signPrivateKey, PublicKey publicKey, String signCertType, - String certType, KeyUsage keyUsage, LocalDateTime dateTime, LocalDateTime dateTimeExp, String organization) throws - OperatorCreationException, NoSuchAlgorithmException, CertIOException, CertificateException { - X500Name certIssuer = getCertificateAttributes(signCertType, organization); - X500Name certSubject = getCertificateAttributes(certType, organization); - Date notBefore = Date.from(dateTime.atZone(ZoneId.systemDefault()).toInstant()); - Date notAfter = Date.from(dateTimeExp.atZone(ZoneId.systemDefault()).toInstant()); - - BigInteger certSerialNum = new BigInteger(Long.toString(new SecureRandom().nextLong())); - - ContentSigner certContentSigner = new JcaContentSignerBuilder(SIGN_ALGO).build(signPrivateKey); - X509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(certIssuer, certSerialNum, notBefore, - notAfter, certSubject, publicKey); - JcaX509ExtensionUtils certExtUtils = new JcaX509ExtensionUtils(); - certBuilder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); - certBuilder.addExtension(Extension.subjectKeyIdentifier, false, certExtUtils.createSubjectKeyIdentifier(publicKey)); - certBuilder.addExtension(Extension.keyUsage, true, keyUsage); - X509CertificateHolder certHolder = certBuilder.build(certContentSigner); - return new JcaX509CertificateConverter().getCertificate(certHolder); - } - - private static X500Name getCertificateAttributes(String cn, String organization) { - - X500NameBuilder builder = new X500NameBuilder(RFC4519Style.INSTANCE); - builder.addRDN(BCStyle.C, "IN"); - builder.addRDN( BCStyle.ST, "KA"); - builder.addRDN(BCStyle.O, organization); - builder.addRDN(BCStyle.OU, "IDA-TEST-ORG-UNIT"); - builder.addRDN(BCStyle.CN, cn); - return builder.build(); - } - - public String readStringFile(String dirPath, String fileName) throws IOException { - return Files.readString(new File(dirPath + File.separator + fileName).toPath()); - } - - public String asymmetricEncryptionForCert(byte[] dataToEncrypt, String certFileName, String certsDir, String moduleName) throws GeneralSecurityException, IOException { - X509Certificate x509Certificate = getX509Certificate(readStringFile(getKeysDirPath(certsDir, moduleName), certFileName)); - PublicKey publicKey = x509Certificate.getPublicKey(); - return asymmetricEncryptionPublicKey(dataToEncrypt, publicKey); - } - - public String asymmetricEncryptionForPemFile(byte[] dataToEncrypt, String pemFile, String certsDir, String moduleName) throws GeneralSecurityException, IOException { - PublicKey publicKey = getPublicKey(readStringFile(getKeysDirPath(certsDir, moduleName), pemFile)); - return asymmetricEncryptionPublicKey(dataToEncrypt, publicKey); - } - - public String asymmetricEncryptionPublicKey(byte[] dataToEncrypt, PublicKey publicKey) throws GeneralSecurityException { - byte[] encryptedData = cryptoCoreUtil.asymmetricEncrypt(publicKey, dataToEncrypt); - System.out.println("AssymetricEncrypted data -- Start" + encryptedData+ " End--AssymetricEncrypted data" ); - return CryptoUtil.encodeBase64(encryptedData); - } - - public String asymmetricDecryptionForP12File(byte[] bytes, String p12FileName, String certsDir, String moduleName, char[] p12Pass, String keyAlias) throws InvalidCipherTextException, NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, CertificateException, OperatorCreationException, GeneralSecurityException, IOException { - return new String(cryptoCoreUtil.asymmetricDecrypt( - getPrivateKeyEntry(getKeysDirPath(certsDir, moduleName) + File.separator + p12FileName, p12Pass, keyAlias) - .getPrivateKey(), - bytes)); - } - - - /** - * Gets the x 509 certificate. - * - * @param partnerCertificate the partner certificate - * @return the x 509 certificate - * @throws CertificateException - * @throws IdAuthenticationBusinessException the id authentication business exception - */ - private X509Certificate getX509Certificate(String partnerCertificate) throws CertificateException { - String certificate = trimBeginEnd(partnerCertificate); - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - X509Certificate x509cert = (X509Certificate) cf - .generateCertificate(new ByteArrayInputStream(java.util.Base64.getDecoder().decode(certificate))); - return x509cert; - } - - private PublicKey getPublicKey(String publicKeyPEM) throws CertificateException, NoSuchAlgorithmException, InvalidKeySpecException { - String trimmedPublicKeyPEM = trimBeginEnd(publicKeyPEM); - byte[] encoded = java.util.Base64.getDecoder().decode(trimmedPublicKeyPEM); - - KeyFactory keyFactory = KeyFactory.getInstance("RSA"); - X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encoded); - return (RSAPublicKey) keyFactory.generatePublic(keySpec); - } - - /** - * Trim begin end. - * - * @param pKey the key - * @return the string - */ - public static String trimBeginEnd(String pKey) { - pKey = pKey.replaceAll("-{0,30}BEGIN([^-]{0,30})-{0,30}(\r?\n)?", ""); - pKey = pKey.replaceAll("-{0,30}END([^-]{0,30})-{0,30}(\r?\n)?", ""); - pKey = pKey.replaceAll("\\s", ""); - return pKey; - } - - - public PrivateKeyEntry getKeyEntry(String dirPath, PartnerTypes partnerType, String organization, boolean keyFileNameByPartnerName) throws NoSuchAlgorithmException, UnrecoverableEntryException, - KeyStoreException, CertificateException, IOException, OperatorCreationException { - - if (partnerType == PartnerTypes.EKYC) { - String filePrepend = keyFileNameByPartnerName ? PartnerTypes.EKYC.getFilePrepend() + '-' + organization - : PartnerTypes.EKYC.getFilePrepend(); - String partnerFilePath = dirPath + '/' + filePrepend + PARTNER_P12_FILE_NAME; - PrivateKeyEntry privateKeyEntry = getPrivateKeyEntry(partnerFilePath); - if(privateKeyEntry == null) { - filePrepend = keyFileNameByPartnerName ? PartnerTypes.RELYING_PARTY.getFilePrepend() + '-' + organization - : PartnerTypes.RELYING_PARTY.getFilePrepend(); - partnerFilePath = dirPath + '/' + filePrepend + PARTNER_P12_FILE_NAME; - privateKeyEntry = getPrivateKeyEntry(partnerFilePath); - } - return privateKeyEntry; - } - - - if (partnerType == PartnerTypes.RELYING_PARTY) { - String filePrepend = keyFileNameByPartnerName ? PartnerTypes.RELYING_PARTY.getFilePrepend() + '-' + organization - : PartnerTypes.RELYING_PARTY.getFilePrepend(); - String partnerFilePath = dirPath + '/' + filePrepend + PARTNER_P12_FILE_NAME; - return getPrivateKeyEntry(partnerFilePath); - } - - if (partnerType == PartnerTypes.MISP) { - String filePrepend = keyFileNameByPartnerName ? PartnerTypes.MISP.getFilePrepend() + '-' + organization - : PartnerTypes.MISP.getFilePrepend(); - String partnerFilePath = dirPath + '/' + filePrepend + PARTNER_P12_FILE_NAME; - return getPrivateKeyEntry(partnerFilePath); - } - - String filePrepend = partnerType.getFilePrepend(); - if (partnerType == PartnerTypes.FTM) { - String csPartnerFilePath = dirPath + '/' + filePrepend + CHIP_SPECIFIC_KEY + PARTNER_P12_FILE_NAME; - PrivateKeyEntry csKeyEntry = getPrivateKeyEntry(csPartnerFilePath); - if (Objects.nonNull(csKeyEntry)) - return csKeyEntry; - - String partnerFilePath = dirPath + '/' + filePrepend + PARTNER_P12_FILE_NAME; - PrivateKeyEntry pKeyEntry = getPrivateKeyEntry(partnerFilePath); - LocalDateTime dateTime = LocalDateTime.now(); - LocalDateTime dateTimeExp = dateTime.plusYears(ftmCertificateExpiryYears); - KeyUsage keyUsage = new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign); - - X500Principal signerPrincipal = ((X509Certificate)pKeyEntry.getCertificate()).getSubjectX500Principal(); - X500Name x500Name = new X500Name(signerPrincipal.getName()); - RDN[] rdns = x500Name.getRDNs(BCStyle.CN); - String cName = IETFUtils.valueToString((rdns[0]).getFirst().getValue()); - System.out.println("signerPrincipal:: " + signerPrincipal.toString()); - System.out.println("cName:: " + cName); - - RDN[] o = x500Name.getRDNs(BCStyle.O); - String oName = IETFUtils.valueToString((o[0]).getFirst().getValue()); - System.out.println("oName:: " + oName); - return generateKeys(pKeyEntry.getPrivateKey(), cName, "CSK-" + partnerType, - csPartnerFilePath, keyUsage, dateTime, dateTimeExp, oName); - - } - - if (partnerType == PartnerTypes.DEVICE) { - String dsPartnerFilePath = dirPath + '/' + filePrepend + DEVICE_SPECIFIC_KEY + PARTNER_P12_FILE_NAME; - PrivateKeyEntry dsKeyEntry = getPrivateKeyEntry(dsPartnerFilePath); - if (Objects.nonNull(dsKeyEntry) && isCertificateValid((X509Certificate) dsKeyEntry.getCertificate())) - return dsKeyEntry; - - String partnerFilePath = dirPath + '/' + filePrepend + PARTNER_P12_FILE_NAME; - PrivateKeyEntry pKeyEntry = getPrivateKeyEntry(partnerFilePath); - LocalDateTime dateTime = LocalDateTime.now(); - LocalDateTime dateTimeExp = dateTime.plusMonths(deviceCertificateExpiryMonths); - KeyUsage keyUsage = new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign); - - X500Principal signerPrincipal = ((X509Certificate)pKeyEntry.getCertificate()).getSubjectX500Principal(); - X500Name x500Name = new X500Name(signerPrincipal.getName()); - RDN[] rdns = x500Name.getRDNs(BCStyle.CN); - String cName = IETFUtils.valueToString((rdns[0]).getFirst().getValue()); - System.out.println("signerPrincipal:: " + signerPrincipal.toString()); - System.out.println("cName:: " + cName); - - RDN[] o = x500Name.getRDNs(BCStyle.O); - String oName = IETFUtils.valueToString((o[0]).getFirst().getValue()); - System.out.println("oName:: " + oName); - return generateKeys(pKeyEntry.getPrivateKey(), cName, "DSK-" + partnerType, - dsPartnerFilePath, keyUsage, dateTime, dateTimeExp, oName); - } - return null; - } - - private boolean isCertificateValid(X509Certificate cert) { - try { - cert.checkValidity(); - return true; - } catch (Exception e) { - } - return false; - } - - public boolean updatePartnerCertificate(String partnerType, X509Certificate updateCert, String dirPath, String organization, boolean keyFileNameByPartnerName) throws NoSuchAlgorithmException, - UnrecoverableEntryException, KeyStoreException, CertificateException, IOException { - String filePrepend = keyFileNameByPartnerName ? partnerType + '-' + organization : partnerType; - String partnerFilePath = dirPath + '/' + filePrepend + PARTNER_P12_FILE_NAME; - - PrivateKeyEntry partnerPrivKeyEntry = getPrivateKeyEntry(partnerFilePath); - if (Objects.nonNull(partnerPrivKeyEntry)) { - X509Certificate fileCert = (X509Certificate) partnerPrivKeyEntry.getCertificate(); - if (!Arrays.equals(fileCert.getPublicKey().getEncoded(), updateCert.getPublicKey().getEncoded())){ - throw new CertificateException("Public Key not matched. Please upload correct certificate."); - } - X509Certificate[] chain = new X509Certificate[] {updateCert}; - PrivateKeyEntry newPrivateKeyEntry = new PrivateKeyEntry(partnerPrivKeyEntry.getPrivateKey(), chain); - - KeyStore keyStore = KeyStore.getInstance(KEY_STORE); - keyStore.load(null, getP12Pass()); - keyStore.setEntry(getKeyAlias(), newPrivateKeyEntry, new PasswordProtection (getP12Pass())); - - OutputStream outputStream = new FileOutputStream(partnerFilePath); - keyStore.store(outputStream, getP12Pass()); - outputStream.flush(); - outputStream.close(); - return true; - } - return false; - } - - private String getKeyAlias() { - return environment.getProperty("p12.key.alias", KEY_ALIAS); - } - - - public String getKeysDirPath(String certsDir, String moduleName) { - String domain = environment.getProperty(DOMAIN_URL, "localhost").replace("https://", "").replace("http://", "").replace("/", ""); - - String certsTargetDir = System.getProperty("java.io.tmpdir")+ File.separator + System.getProperty("parent.certs.folder.name", "AUTHCERTS"); - - if (System.getProperty("os.name").toLowerCase().contains("windows") == false) { - certsTargetDir = "/home/mosip/authcerts"; - } - - String certsModuleName = "IDA"; - - - if (certsDir != null && certsDir.length() != 0){ - certsTargetDir = certsDir; - } - - if (moduleName != null && moduleName.length() != 0){ - certsModuleName = moduleName; - } - return certsTargetDir + File.separator + certsModuleName + "-" + domain; - - } - - -} diff --git a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/PartnerTypes.java b/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/PartnerTypes.java deleted file mode 100644 index a9f5ed32f38..00000000000 --- a/authentication-demo-service/src/main/java/io/mosip/testrig/authentication/demo/service/helper/PartnerTypes.java +++ /dev/null @@ -1,20 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.helper; - -public enum PartnerTypes { - - DEVICE("device"), - RELYING_PARTY("rp"), - FTM("ftm"), - EKYC("ekyc"), - MISP("misp"); - - private String filePrepend; - - private PartnerTypes(String filePrepend) { - this.filePrepend = filePrepend; - } - - public String getFilePrepend() { - return this.filePrepend; - } -} diff --git a/authentication-demo-service/src/main/resources/application-dev.properties b/authentication-demo-service/src/main/resources/application-dev.properties deleted file mode 100644 index a66b7918bee..00000000000 --- a/authentication-demo-service/src/main/resources/application-dev.properties +++ /dev/null @@ -1,580 +0,0 @@ -mosip.base.url=https://dev.mosip.net - -websub.publisher.url=http://localhost:9191/websub/publish -websub.hub.url=http://localhost:9191/websub/hub -websub.secret=Kslk30SNF2AChs2 - -ida.internal.jwtSign.url=${mosip.base.url}/idauthentication/v1/internal/jwtSign - -mosip.kernel.partner.allowed.domains=Auth,FTM,Device - -# Biometric Validation - uncomment and provide data or pass as VM args -#bio.test.server.provider=com.identy.IdentyBioSDK - -# ********** IdRepo **************** -mosip.kernel.jsonvalidator.property-source=CONFIG_SERVER -mosip.kernel.jsonvalidator.file-storage-uri=http://104.211.212.28:51000/kernel-idrepo-service/dev/DEV/ -mosip.kernel.jsonvalidator.schema-name=mosip-identity-json-schema.json -# ********** Common Properties **************** -ida-demo.api.version=v1 -server.port = 8082 -ida.authRequest.template={"consentObtained":true,"id":"mosip.identity.$authType","individualId":"$id","keyIndex":"string","request":"$encRequest","requestHMAC":"$encHmac","requestSessionKey":"$encSessionKey","requestTime":"$timestamp","transactionID":"$txn","version":"$ver","domainUri":"$domainUri","env":"$env","specVersion":"1.0","thumbprint":"$thumbprint"} -ida.kycExchangeRequest.template={"consentObtained":["true"],"locales":["eng"],"id":"mosip.identity.$authType","individualId":"$id","individualIdType":"$individualIdType","kycToken":"$kycToken","respType":"$respType","metadata":"$request","requestTime":"$timestamp","transactionID":"$txn","version":"$ver"} -otpRequestTemplate={\ - "id": "$reqId",\ - "individualId": "$id",\ - "otpChannel": [\ - $channels\ - ],\ - "requestTime": "$timestamp",\ - "transactionID": "$txn",\ - "version": "$ver"\ -} -server.servlet.context-path = /${ida-demo.api.version}/identity -logging.level.* = debug -# Application ID of IDA -application.id=IDA -#Application name of IDA -application.name=ID-Authentication - -# public key(Get public key using keymanager service and encode to base64) -publicKey.ida =TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFxWEpfMlZ1a0p0WWRtb0staGdqNkpJTlhraExheTBUT3MtNlZoTjF6Z1pEeTRVcXRqVzhoOFBpN09uaWdSRFRPak5QWXVvaTllUzlPZUoxVW13R3J0WkkzZ3pFRXprRmJWdVlqSjc0UElGeUVNaXc5WjRpdktNUTRLLXl4MExfOGVZLU9GNVc0Nlo4dms2aU1EZGdyNGNlNFdFUjJHOV9xU1BnNWx2YVc4aTZneE8taHZNZG5Mc09Hb25Qc18zdVZCeWhIVk51TWJ4YURXSnZhdlAwUl8zamdadkUyNXcySW4wY1dqU2tYbjFsWDgxVFliNllkZ29PTWNaT0xuZEN1YmZlMXJsRnpta3c0RXNPOWkwRThmYXBoZWlTQlVMSHQ4U3Z0U3VmUmdoOXZ1NUttcVJnbUZNMXVUTTJQcUNKcjFlcEhMTGRGMElBVElBdFBYMDJ4U1FJREFRQUI= -publicKey.kernel=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFqMUJpZWNDMFh0cnhZQkJyVG1jdmdXRVFITUlEMVRSZk5qc1lkMmNBQ0RYTVFJdWlmLVNTal9tcHh5NmVPOWZRUFB1emlMSmdfSjBabXh4LVFLekhrbk83OWx2WFlxRU04OThYbW00SWF2VmxZeGxQUWxUVTJ4YTJXQl9WV0VnZnZYUHlWZWU5TXZlZWh1UC1lbW1FVm53ZXlyM1pvWGxyamhFd2M0OTBwc1pRY29tNXZSTFVsRGN3WDBzTmx6WC03YlJ1MXo4ZmxzS1FyZkRBdzhnX0pBTTBxU1RPMTdja0l4NVBHMWwwMEJNNGhkSUdINWp6ZXdZWThIcEhObDZBb01nLW1NMkE2d2lXV2gwTUtEZzc5bVRfM0NBc1dCTGdyN1hkcVJxbW1sT0ZwNHg3b2ExM3U4ZmhraXJERVVOeHRXQ20wcjhucklEUDBHRmd0UWttZndJREFRQUI= -publicKey.sign=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFtekItX2t2WVNVWlJKNDFwMFVGeXFkLXJ0Y3JoVXVWSHJkcnlRQ2R6ZVJNc2hzdnlBUGkzX0xOallLZ3R1d0VBSTAyeXQtTHEwVUJKckF0MVJRamQyUVNyUzUybDllNDNvN29ySFJac2N0TUJhNEUwdjM2MzJUaF9Dbzl4TzFVVFBib1JOdi16YVpXX1M1STZVZktzRlBEWHRjT3I0akZJN20zX1B4SnhURk1ORnJ5aHNiYVdUU29peXh6czN5OVdaa1dGcExUYWtEbnNEaWdQSWxUVXpuS2N1SW8zRU5Ha0QwcVFpZjlwT01oZXQwRHA1UUgyOWdYSHRyWTFxQzRyZFdXa0YzbkN0blNhR0Zjb2tSbHFlSldIbnhJNWRGaVhKNzk2MmNIeVdBeXhFRDlhcjF2SDliMFAwWVNwcGhYYmRXTmFqRDJXZ0JQZWpjUDJOaXV1OFFJREFRQUI= -publicKey.partner=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFoNnhURmRoclRPOUdaSy1ZSlFwSURzSUVVWWJyZzJmRGRiTlByWkQtbkRWaVk3bzVrbW1HeW1LMHlQLU5VTEpRdW9nb2YzNzVNRzFSZk5DTkc2WEt4RTZNdzdNU2dVejY1OHFUeWJta1NieHZkeDIyb3B2NlU2SjdmSlpZSlNRT2lBVDYzWTVDMXg4S3FlVzcyT0pQQndOa0RwYWZ6aUVjbzVlVGt3ZU4yeklHU21nLUxvWXVpVzNhVldLOVpubEtZdnFMUTF0YzNnZ0lPekp6cDZQYmY4b2N4T0x5aTVVWWhpQUJGNWptLXlIV25fVjM0MXljNGZlLU5idTJZUG8xemE2VHBlb1FLdDBmRTB5eGYyRmRVYS1rUGp2dWNCZXFQbUEyVzIzSFJBTmxuUzY3WHdHSTkzckFsVGM0X2x0WG5IWHc3Y3FOM1o3Sk9NTEU1X1h5NFFJREFRQUI= -publicKey.ida_fir=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2azNGODJzQzctRm1YaGpRUGdlYXZ0czc2YWliV1dJbnBTMFVQUWdmZXVkSEpRb0EyLXNiZlp1TGdMMXVxM2tDQ1JpSzlPeFkzekk0TndtaFMwOEZLUVhCSjE5ODNLb0FsSDVrZndTOFZjc3VONUcyOGtfU2I2Y0pXX01ZZjlpMGd5RDhaY3FQa29CaGJkVUJBem1GaTd2TXhpV2ZpZFlDRWVqN0ZLMEJyaDhIRzdMSHNkd1Z0UldxbTNSTUtmSXRnRXVJZ1BzcmVpbU5mSXF2bHdKb25IUmtlR0pEcDM4Sk1EQkMweFZmVTA5cDMyYTFiZlJFMUppN2swTkhheEs1SThnRXdVMlN6ZG1NTE9RY2Jac19XbjZScDROVjlza3pEM21EMXdJcTZnTjNUZnlpNWhFZzVLV3p3eUMtNVdrRFhiazJVak02UkdTbG1PaXh1VEN3YlFJREFRQUI= -publicKey.internal=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF0a1NuaVRCY3VOaFFOdm82aEhSS0V1TENnZHQxTEpnQ3BfQko1eDRuMjM1QVpzaEUwcmx6d3kzdE1UcTBTWW13YUNncXN4WE1sUkFCdVNNZ0xJdnI1aGg2UHY2NUtTdXdHdlJMMzNuQS1SbWpnVEZqOEIzRExfMktHSlBKLTIxRG1tLW9WZUxZTWd2Qm1ZM1U5M3hnYk15NXl5QnBOX3AtMHlnS2k4aVdCVDlkMWp1cHRoUU5sU2tBQ3hPV3RpU0tvTGhhNE12OHA4OHp5RGRiWWl2azdzNnlGT0xUWDFpX011WFhRSW5jQkVfVkx0ZTVVMHNRblJ4cV9JX2FVeTU5NHloQjRFUmsxS3AtbnBqMWJEWHZMaXZyZlByRTVYZjFkR1RQeDBnMEFSaFN1R2N4bUh1b1A1WDBoQ25CSmpmc3Q4ekhyWGU0MWVraEZNNmIxbDNQMFFJREFRQUI - - -# Reference ID used for crypto manager in authentication -partner.reference.id=PARTNER -# Reference ID used for crypto manager in internal authentication -internal.reference.id=INTERNAL -# Reference ID used for crypto manager in authentication for biometrics -partner.biometric.reference.id=IDA-FIR -# Reference ID used for crypto manager in internal authentication for biometrics -internal.biometric.reference.id=INTERNAL - -keysplitter=#KEY_SPLITTER# - - -ida.api.version=1.0 - -# ********* Postgres Properties ************ -javax.persistence.jdbc.driver=org.postgresql.Driver -javax.persistence.jdbc.url=jdbc:postgresql://localhost:5432/ida_db -javax.persistence.jdbc.user=postgres -javax.persistence.jdbc.password=admin - - -# ********* Hibernate Properties *********** -hibernate.dialect=org.hibernate.dialect.PostgreSQL95Dialect -hibernate.jdbc.lob.non_contextual_creation=true -#hibernate.hbm2ddl.auto=update -hibernate.show_sql=true -hibernate.format_sql=true -hibernate.connection.charSet=utf8 -hibernate.cache.use_second_level_cache=false -hibernate.cache.use_query_cache=false -hibernate.cache.use_structured_entries=false -hibernate.generate_statistics=false -spring.datasource.initialization-mode=never - - -# ******** Functional configurations ******** -datetime.pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' -date.pattern=yyyy-MM-dd -datetime.pattern.withzone=yyyy-MM-dd'T'HH:mm:ss.SSSXXX - - -demo.default.match.value=60 - -# ********* ADMIN Configurations ************ -authrequest.received-time-allowed.in-hours=24 - -#********* Store Private Key ********* -sample.privatekey.filepath={0}\Private_key - -mosip.kernel.encrypt-url=${mosip.base.url}/v1/keymanager/encrypt -mosip.kernel.decrypt-url=${mosip.base.url}/v1/keymanager/decrypt -mosip.kernel.publicKey-url=${mosip.base.url}/v1/keymanager/publickey/{appId} -kernel.validate.signature-url=${mosip.base.url}/v1/signature/validate - -mosip.ida.encrypt-url=${mosip.base.url}/idauthentication/v1/internal/encrypt -mosip.ida.decrypt-url=${mosip.base.url}/idauthentication/v1/internal/decrypt -mosip.ida.publicKey-url=${mosip.base.url}/idauthentication/v1/internal/getCertificate -mosip.ida.validate.signature-url=${mosip.base.url}/idauthentication/v1/internal/validate - -#Auth token -auth-token-generator.rest.uri=${mosip.base.url}/v1/authmanager/authenticate/clientidsecretkey -auth-token-generator.rest.clientId=mosip-resident-client -auth-token-generator.rest.secretKey=abc123 -auth-token-generator.rest.appId=resident - - -auth-token-generator-user.rest.uri=${mosip.base.url}/v1/authmanager/authenticate/useridPwd -auth-token-generator-user.rest.userName=110006 -auth-token-generator-user.rest.password=mosip -auth-token-generator-user.rest.appId=ida - -add-device-provider-url=${mosip.base.url}/v1/masterdata/deviceprovider -add-device-provider-request-template={\ - "address": "test",\ - "certificateAlias": "added",\ - "contactNumber": "9663175928",\ - "email": "test@mosip.io",\ - "isActive": true,\ - "vendorName": "$DEVICE_PROVIDER_NAME"\ -} - -add-mds-request-url=${mosip.base.url}/v1/masterdata/mosipdeviceservice -add-mds-request-template={\ - "isActive": true,\ - "deviceProviderId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "regDeviceSubCode": "$DEVICE_SUB_TYPE_CODE",\ - "regDeviceTypeCode": "$DEVICE_TYPE_CODE",\ - "swBinaryHash": "test",\ - "swCreateDateTime": "2019-11-19T07:00:13.375Z",\ - "swExpiryDateTime": "2019-11-30T07:00:13.375Z",\ - "swVersion": "$SERVICE_VERSION"\ -} - -add-device-request-url=${mosip.base.url}/v1/masterdata/registereddevices -add-device-request-template={\ - "deviceData": {\ - "deviceId": "70959dd5-e45f-438a-9ff8-9b263908e572",\ - "purpose": "$PURPOSE",\ - "deviceInfo": {\ - "deviceSubId": "$DEVICE_SUB_ID",\ - "certification": "L0",\ - "digitalId": {\ - "serialNo": "$SERIAL_NO",\ - "deviceProvider": "$DEVICE_PROVIDER_NAME",\ - "deviceProviderId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "dateTime": "2020-01-13T07:20:42.195Z",\ - "type": "$DEVICE_TYPE_CODE",\ - "subType": "$DEVICE_SUB_TYPE_CODE"\ - },\ - "firmware": "firmware",\ - "deviceExpiry": "2020-01-13T12:50:42.196Z",\ - "timeStamp": "2020-01-13T12:50:42.208Z"\ - },\ - "foundationalTrustProviderId": ""\ - }\ -} - -validate-device-request-url=${mosip.base.url}/v1/masterdata/deviceprovidermanagement/validate -validate-device-request-template={\ - "deviceCode": "$DEVICE_CODE",\ - "digitalId": {\ - "serialNo": "$SERIAL_NO",\ - "dp": "$DEVICE_PROVIDER_NAME",\ - "dpId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "type": "$DEVICE_TYPE",\ - "subType": "$DEVICE_SUB_TYPE",\ - "dateTime": "2019-12-05T10:41:15.052Z"\ - },\ - "deviceServiceVersion": "$SERVICE_VERSION"\ -} - -dev.master.db.url=jdbc:postgresql://104.211.208.136:9001/mosip_master -qa.master.db.url=jdbc:postgresql://52.172.54.231:9001/mosip_master -int.master.db.url=jdbc:postgresql://104.211.202.203:9001/mosip_master -ext-int.master.db.url=jdbc:postgresql://52.172.14.84:9001/mosip_master -preprod.master.db.url=jdbc:postgresql://150.10.40.12:9001/mosip_master - -master.db.user=bWFzdGVydXNlcg -master.db.pass=TW9zaXBAZGV2MTIz - -dev.ida.db.url=jdbc:postgresql://104.211.208.136:9001/mosip_ida -qa.ida.db.url=jdbc:postgresql://52.172.54.231:9001/mosip_ida -int.ida.db.url=jdbc:postgresql://104.211.202.203:9001/mosip_ida -ext-int.ida.db.url=jdbc:postgresql://52.172.14.84:9001/mosip_ida -preprod.ida.db.url=jdbc:postgresql://104.211.242.168:9001/mosip_ida - -ida.db.user=aWRhdXNlcg -ida.db.pass=TW9zaXBAZGV2MTIz - -mosip.ida.publickey=IDA - -#---------------Global Config----------------- - - -#Kernel-idobjectalidator -# Plug in property source as either 'LOCAL' or 'CONFIG_SERVER' or 'APPLICATION_CONTEXT' through this key -mosip.kernel.idobjectvalidator.property-source=APPLICATION_CONTEXT -mosip.kernel.idobjectvalidator.schema-name=mosip-identity-json-schema.json -mosip.kernel.idobjectvalidator.file-storage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ - -mosip.kernel.idobjectvalidator.masterdata.languages.rest.uri=${mosip.base.url}/v1/masterdata/languages -mosip.kernel.idobjectvalidator.masterdata.gendertypes.rest.uri=${mosip.base.url}/v1/masterdata/gendertypes -mosip.kernel.idobjectvalidator.masterdata.documentcategories.rest.uri=${mosip.base.url}/v1/masterdata/documentcategories -mosip.kernel.idobjectvalidator.masterdata.documenttypes.rest.uri=${mosip.base.url}/v1/masterdata/documenttypes/{documentcategorycode}/{langcode} -mosip.kernel.idobjectvalidator.masterdata.locations.rest.uri=${mosip.base.url}/v1/masterdata/locations/{langcode} -mosip.kernel.idobjectvalidator.masterdata.locationhierarchy.rest.uri=${mosip.base.url}/v1/masterdata/locations/locationhierarchy/{hierarchyname} - -mosip.kernel.idobjectvalidator.mandatory-attributes.id-repository.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics - -# Business Validation for ID Schema attributes - These should not be changed, as it impacts all modules -mosip.id.validation.identity.dateOfBirth=^(19\\d\\d|20\\d\\d)/([0][1-9]|1[0-2])/([0][1-9]|[1-2]\\d|3[01])$ -mosip.id.validation.identity.phone=^([6-9]{1})([0-9]{9})$ -mosip.id.validation.identity.email=^[\\w-\\+]+(\\.[\\w]+)*@[\\w-]+(\\.[\\w]+)*(\\.[a-zA-Z]{2,})$ -mosip.id.validation.identity.postalCode=^[(?i)A-Z0-9]{5}$ -mosip.id.validation.identity.age=^(150|1[0-4][0-9]|[1-9]?[0-9])$ -mosip.id.validation.identity.fullName.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine1.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine2.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine3.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.region.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.province.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.city.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.[*].[*].language=^[(?i)a-z]{3}$ -mosip.id.validation.identity.referenceIdentityNumber=^([0-9]{10,30})$ -mosip.country.code=MOR - -# Language Supported By Platform - ISO -mosip.supported-languages=eng,ara,fra - -mosip.primary-language=eng -mosip.secondary-language=ara - -# Application IDs -mosip.prereg.app-id=PRE_REGISTRATION -mosip.reg.app-id=REGISTRATION -mosip.regproc.app-id=REGISTRATION_PROCESSOR -mosip.ida.app-id=IDA -mosip.idrepo.app-id=ID_REPO - -# UTC ISO Date Time Pattern -mosip.utc-datetime-pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' - -mosip.signed.response.header=response-signature - - -#----------------------- CBEFF Util-------------------------------------------------- -# Cbeff URL where the files will be stored in git, change it accordingly in case of change of storage location. -mosip.kernel.xsdstorage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ -# Cbeff XSD file name in config server -mosip.kernel.xsdfile=mosip-cbeff-extint.xsd - -#----------------------------- Applicant Type -------------------------------------------------- -mosip.kernel.applicant.type.age.limit = 5 - -#----------------------------- Static PIN -------------------------------------------------- -mosip.kernel.pin.length=6 - -#-----------------------------TspId ----------------------------------------------- -#length of the Tsp id -mosip.kernel.tspid.length=4 - -#-----------------------------partnerId ----------------------------------------------- -#length of the partner id -mosip.kernel.partnerid.length=4 - -#-----------------------------TOKEN-ID Properties--------------------------------- -#lenght of the token id -mosip.kernel.tokenid.length=36 - -#-----------------------------Registration Center Id ----------------------------------------------- -#length of the registration center id -mosip.kernel.registrationcenterid.length=5 - -#-----------------------------Machine Id ----------------------------------------------- -#length of the machine id -mosip.kernel.machineid.length=5 - -#-----------------------------RID Properties--------------------------------------- -# length of the rid -mosip.kernel.rid.length=29 -# length of the timestamp -mosip.kernel.rid.timestamp-length=14 -# rid sequence max digits -mosip.kernel.rid.sequence-length=5 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -mosip.kernel.tokenid.sequence-limit=3 - -#-----------------------------PRID Properties------------------------------------ - -#prid-length -mosip.kernel.prid.length=14 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -#to disable validation assign zero or negative value -mosip.kernel.prid.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -#to disable validation assign zero or negative value -mosip.kernel.prid.repeating-block-limit=3 - - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) to disable validation assign zero or negative value -mosip.kernel.prid.repeating-limit=2 - -# list of number that id should not be start with to disable null -mosip.kernel.prid.not-start-with=0,1 - -#restricted numbers for prid -mosip.kernel.prid.restricted-numbers=786,666 - - -#-----------------------------VID Properties-------------------------------------- -# length of the vid -mosip.kernel.vid.length=16 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -# to disable sequence limit validation assign 0 or negative value -mosip.kernel.vid.length.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -# to disable repeating block validation assign 0 or negative value -mosip.kernel.vid.length.repeating-block-limit=2 - - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) -# to disable repeating limit validation, assign 0 or negative value -mosip.kernel.vid.length.repeating-limit=2 - -# list of number that id should not be start with -# to disable null -mosip.kernel.vid.not-start-with=0,1 - -#restricted numbers for vid -mosip.kernel.vid.restricted-numbers=786,666 - -#-----------------------------UIN Properties-------------------------------------- -#length of the uin -mosip.kernel.uin.length=10 -#minimum threshold of unused uin -mosip.kernel.uin.min-unused-threshold=200000 -#number of uins to generate -mosip.kernel.uin.uins-to-generate=500000 -#restricted numbers for uin -mosip.kernel.uin.restricted-numbers=786,666 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -# to disable sequence limit validation assign 0 or negative value -mosip.kernel.uin.length.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -#to disable validation assign zero or negative value -mosip.kernel.uin.length.repeating-block-limit=2 - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) -# to disable repeating limit validation, assign 0 or negative value -mosip.kernel.uin.length.repeating-limit=2 - -#reverse group digit limit for uin filter -mosip.kernel.uin.length.reverse-digits-limit=5 - -#group digit limit for uin filter -mosip.kernel.uin.length.digits-limit=5 - -#should not start with -mosip.kernel.uin.not-start-with=0,1 - -#adjacent even digit limit for uin filter -mosip.kernel.uin.length.conjugative-even-digits-limit=3 - - - - -#----------------------- SMS Service-------------------------------------- -mosip.kernel.sms.country.code=91 -mosip.kernel.sms.number.length=10 - - -#------------------------Auth-Adapter----------------------------------------------- -auth.server.validate.url=${mosip.base.url}/v1/authmanager/authorize/validateToken -auth.jwt.secret=authjwtsecret -auth.jwt.base=Mosip-Token - - -#----------------------- Crypto -------------------------------------------------- -#Crypto asymmetric algorithm name -mosip.kernel.crypto.asymmetric-algorithm-name=RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING -#Crypto symmetric algorithm name -mosip.kernel.crypto.symmetric-algorithm-name=AES/GCM/PKCS5Padding -#Keygenerator asymmetric algorithm name -mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA -#Keygenerator symmetric algorithm name -mosip.kernel.keygenerator.symmetric-algorithm-name=AES -#Asymmetric algorithm key length -mosip.kernel.keygenerator.asymmetric-key-length=2048 -#Symmetric algorithm key length -mosip.kernel.keygenerator.symmetric-key-length=256 - -#Encrypted data and encrypted symmetric key separator -mosip.kernel.data-key-splitter=#KEY_SPLITTER# -#GCM tag length -mosip.kernel.crypto.gcm-tag-length=128 -#Hash algo name -mosip.kernel.crypto.hash-algorithm-name=PBKDF2WithHmacSHA512 -#Symmtric key length used in hash -mosip.kernel.crypto.hash-symmetric-key-length=256 -#No of iterations in hash -mosip.kernel.crypto.hash-iteration=100000 -#Sign algo name -mosip.kernel.crypto.sign-algorithm-name=RS512 - -mosip.kernel.keymanager-service-publickey-url=${mosip.base.url}/v1/keymanager/publickey/{applicationId} -mosip.kernel.keymanager-service-decrypt-url=${mosip.base.url}/v1/keymanager/decrypt -mosip.kernel.keymanager-service-auth-decrypt-url=${mosip.base.url}/v1/keymanager/auth/decrypt -mosip.kernel.keymanager-service-sign-url=${mosip.base.url}/v1/keymanager/sign -mosip.sign.applicationid=KERNEL -mosip.sign.refid=SIGN -mosip.kernel.cryptomanager.request_id=CRYPTOMANAGER.REQUEST -mosip.kernel.cryptomanager.request_version=v1.0 -mosip.kernel.signature.signature-request-id=SIGNATURE.REQUEST -mosip.kernel.signature.signature-version-id=v1.0 - - - -#----------------------------------ID Repo------------------------------------------ -mosip.idrepo.identity.uin-status.registered=ACTIVATED -mosip.idrepo.identity.uin-status=ACTIVATED,BLOCKED,DEACTIVATED - -#---------------------------------------otp manager service------------------------------- -#the default length for otp(in number) -mosip.kernel.otp.default-length=6 -#the default crypto function -#It can be: HmacSHA512, HmacSHA256, HmacSHA1. -mosip.kernel.otp.mac-algorithm=HmacSHA512 -#the OTP expires after the given time(in seconds). -mosip.kernel.otp.expiry-time=180 -#the key is freezed for the given time(in seconds). -mosip.kernel.otp.key-freeze-time=1800 -#the number of validation attempts allowed(in number). -#mosip.kernel.otp.validation-attempt-threshold =3 means , the validation and generation will be blocked from 4th time. -mosip.kernel.otp.validation-attempt-threshold=10 -#minimum length of key(in number). -mosip.kernel.otp.min-key-length=3 -#maximum length of key(in number). -mosip.kernel.otp.max-key-length=64 - - -#--------------------------------------Licensekeymanager Service-------------------------------------- -#the license key length. -mosip.kernel.licensekey.length=16 -#List of permissions -# NOTE: ',' in the below list is used as splitter in the implementation. -# Use of ',' in the values for below key should be avoided. -# Use of spaces before and after ',' also should be avoided. -mosip.kernel.licensekey.permissions=OTP Trigger,OTP Authentication,Demo Authentication - Identity Data Match,Demo Authentication - Address Data Match,Demo Authentication - Full Address Data Match,Demo Authentication - Secondary Language Match,Biometric Authentication - FMR Data Match,Biometric Authentication - IIR Data Match,Biometric Authentication - FID Data Match,Static Pin Authentication,eKYC - limited,eKYC - Full,eKYC - No - - - -#-----------------------------Virus Scanner-------------------------------------- -#Virus Scanner server url -mosip.kernel.virus-scanner.host=10.0.2.7 -#Virus Scanner server port -mosip.kernel.virus-scanner.port=3310 - - - -#-------------------------------FS Adapter- HDFS ------------------------------- -# Name node url for HDFS - Non Secured -mosip.kernel.fsadapter.hdfs.name-node-url=hdfs://13.71.117.37:51000 -# Name node url for HDFS - Secured (auth enabled) -#mosip.kernel.fsadapter.hdfs.name-node-url=hdfs://13.71.117.37:51000 -# Enable if hadoop security authorization is 'true', default is false -mosip.kernel.fsadapter.hdfs.authentication-enabled=false -# HDFS log level. Change this to debug to see hdfs logs -logging.level.org.apache.hadoop=warn -# If HDFS is security is configured with Kerberos, Key Distribution Center domain -mosip.kernel.fsadapter.hdfs.kdc-domain=HDFSKERBEROS1.SOUTHINDIA.CLOUDAPP.AZURE.COM -# Username to access hdfs. Change this to application username (regprocessor,prereg or idrepo) -#mosip.kernel.fsadapter.hdfs.user-name=mosipuser -#keytab file path, must be set if authentication-enable is true -#read keytab file both classpath and physical path ,append appropriate prefix -#for classpath prefix classpath:mosip.keytab -#for physical path prefix file:/home/keys/mosip.keytab -mosip.kernel.fsadapter.hdfs.keytab-file=classpath:mosip.keytab - - - -#---------------Transliteration----------------------- -mosip.kernel.transliteration.arabic-language-code=ara -mosip.kernel.transliteration.franch-language-code=fra - - -#-------Registration processor Notification types------------ -mosip.registration.processor.notification.types=SMS|EMAIL - - -mosip.default.dob.month=01 -mosip.default.dob.day=01 -mosip.login.mode= email,mobile - - -#---Language orientation----- -mosip.right_to_left_orientation=ara -mosip.left_to_right_orientation=eng,fra - - -#**************** Notification Type ************* -mosip.notificationtype=SMS|EMAIL -#******** Notification lanugage types - either PRIMARY or BOTH ******** -mosip.notification.language-type=BOTH - - -#-------------------System--------------- -logging.level.org.springframework.web.filter.CommonsRequestLoggingFilter=INFO - -#-------------------Encryption and Decryption--------------------------- -mosip.kernel.encrypt.url=${mosip.base.url}/v1/keymanager/encrypt -mosip.kernel.decrypt.url=${mosip.base.url}/v1/keymanager/decrypt - -#------------------PDF Genration----------------------------------------- -mosip.kernel.pdf_owner_password=somepassword - -#-------UIN Alias------------------- -mosip.uin.alias= - - -#------------------Quality Check----------------------------------------- -#Quality threshold for applicant iris -mosip.iris_threshold=0 -#Quality threshold for applicant leftslap fingerprint -mosip.leftslap_fingerprint_threshold=0 -#Quality threshold for applicant rightslap fingerprint -mosip.rightslap_fingerprint_threshold=0 -#Quality threshold for applicant thumbs fingerprint -mosip.thumbs_fingerprint_threshold=0 -#Quality threshold for applicant face -mosip.facequalitythreshold=0 -#Bio SDK Integration -mosip.fingerprint.provider=ai.tech5.auth.service.T5AuthFingerImpl -mosip.face.provider=ai.tech5.auth.service.T5AuthFaceImpl -mosip.iris.provider=ai.tech5.auth.service.T5AuthIrisImpl - -#openapi properties to sort tag and operations of id-authentication services -springdoc.swagger-ui.tagsSorter=alpha -springdoc.swagger-ui.operationsSorter=alpha - diff --git a/authentication-demo-service/src/main/resources/application.properties b/authentication-demo-service/src/main/resources/application.properties deleted file mode 100644 index 435d631de71..00000000000 --- a/authentication-demo-service/src/main/resources/application.properties +++ /dev/null @@ -1,586 +0,0 @@ -subdomain=dev -mosip.api.public.host=api.${subdomain}.mosip.net -mosip.api.internal.host=api-internal.${subdomain}.mosip.net -mosip.api.internal.url=https://${mosip.api.internal.host} -mosip.base.url=${mosip.api.internal.url} - -websub.publisher.url=http://localhost:9191/websub/publish -websub.hub.url=http://localhost:9191/websub/hub -websub.secret=Kslk30SNF2AChs2 - -ida.internal.jwtSign.url=${mosip.base.url}/idauthentication/v1/internal/jwtSign - -mosip.kernel.partner.allowed.domains=Auth,FTM,Device - -# Biometric Validation - uncomment and provide data or pass as VM args -#bio.test.server.provider=com.identy.IdentyBioSDK - -# ********** IdRepo **************** -mosip.kernel.jsonvalidator.property-source=CONFIG_SERVER -mosip.kernel.jsonvalidator.file-storage-uri=http://104.211.212.28:51000/kernel-idrepo-service/dev/DEV/ -mosip.kernel.jsonvalidator.schema-name=mosip-identity-json-schema.json -# ********** Common Properties **************** -ida-demo.api.version=v1 -server.port = 8082 -ida.authRequest.template={"consentObtained":true,"id":"mosip.identity.$authType","individualId":"$id","keyIndex":"string","request":"$encRequest","requestHMAC":"$encHmac","requestSessionKey":"$encSessionKey","requestTime":"$timestamp","transactionID":"$txn","version":"$ver","domainUri":"$domainUri","env":"$env","specVersion":"1.0","thumbprint":"$thumbprint"} -ida.kycExchangeRequest.template={"consentObtained":["true"],"locales":["eng"],"id":"mosip.identity.$authType","individualId":"$id","individualIdType":"$individualIdType","kycToken":"$kycToken","respType":"$respType","metadata":"$request","requestTime":"$timestamp","transactionID":"$txn","version":"$ver"} -ida.vciExchangeRequest.template={"consentObtained":["true"],"locales":["eng"],"id":"mosip.identity.$authType","individualId":"$id","individualIdType":"$individualIdType","kycToken":"$kycToken","respType":"$respType","metadata":"$request","requestTime":"$timestamp","transactionID":"$txn","version":"$ver","vcAuthToken":"$vcAuthToken","credSubjectId":"$credSubjectId","vcAuthToken":"$vcAuthToken","vcFormat":"$vcFormat"} -otpRequestTemplate={\ - "id": "$reqId",\ - "individualId": "$id",\ - "otpChannel": [\ - $channels\ - ],\ - "requestTime": "$timestamp",\ - "transactionID": "$txn",\ - "version": "$ver"\ -} -server.servlet.context-path = /${ida-demo.api.version}/identity -logging.level.* = debug -# Application ID of IDA -application.id=IDA -#Application name of IDA -application.name=ID-Authentication - -# public key(Get public key using keymanager service and encode to base64) -publicKey.ida =TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFxWEpfMlZ1a0p0WWRtb0staGdqNkpJTlhraExheTBUT3MtNlZoTjF6Z1pEeTRVcXRqVzhoOFBpN09uaWdSRFRPak5QWXVvaTllUzlPZUoxVW13R3J0WkkzZ3pFRXprRmJWdVlqSjc0UElGeUVNaXc5WjRpdktNUTRLLXl4MExfOGVZLU9GNVc0Nlo4dms2aU1EZGdyNGNlNFdFUjJHOV9xU1BnNWx2YVc4aTZneE8taHZNZG5Mc09Hb25Qc18zdVZCeWhIVk51TWJ4YURXSnZhdlAwUl8zamdadkUyNXcySW4wY1dqU2tYbjFsWDgxVFliNllkZ29PTWNaT0xuZEN1YmZlMXJsRnpta3c0RXNPOWkwRThmYXBoZWlTQlVMSHQ4U3Z0U3VmUmdoOXZ1NUttcVJnbUZNMXVUTTJQcUNKcjFlcEhMTGRGMElBVElBdFBYMDJ4U1FJREFRQUI= -publicKey.kernel=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFqMUJpZWNDMFh0cnhZQkJyVG1jdmdXRVFITUlEMVRSZk5qc1lkMmNBQ0RYTVFJdWlmLVNTal9tcHh5NmVPOWZRUFB1emlMSmdfSjBabXh4LVFLekhrbk83OWx2WFlxRU04OThYbW00SWF2VmxZeGxQUWxUVTJ4YTJXQl9WV0VnZnZYUHlWZWU5TXZlZWh1UC1lbW1FVm53ZXlyM1pvWGxyamhFd2M0OTBwc1pRY29tNXZSTFVsRGN3WDBzTmx6WC03YlJ1MXo4ZmxzS1FyZkRBdzhnX0pBTTBxU1RPMTdja0l4NVBHMWwwMEJNNGhkSUdINWp6ZXdZWThIcEhObDZBb01nLW1NMkE2d2lXV2gwTUtEZzc5bVRfM0NBc1dCTGdyN1hkcVJxbW1sT0ZwNHg3b2ExM3U4ZmhraXJERVVOeHRXQ20wcjhucklEUDBHRmd0UWttZndJREFRQUI= -publicKey.sign=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFtekItX2t2WVNVWlJKNDFwMFVGeXFkLXJ0Y3JoVXVWSHJkcnlRQ2R6ZVJNc2hzdnlBUGkzX0xOallLZ3R1d0VBSTAyeXQtTHEwVUJKckF0MVJRamQyUVNyUzUybDllNDNvN29ySFJac2N0TUJhNEUwdjM2MzJUaF9Dbzl4TzFVVFBib1JOdi16YVpXX1M1STZVZktzRlBEWHRjT3I0akZJN20zX1B4SnhURk1ORnJ5aHNiYVdUU29peXh6czN5OVdaa1dGcExUYWtEbnNEaWdQSWxUVXpuS2N1SW8zRU5Ha0QwcVFpZjlwT01oZXQwRHA1UUgyOWdYSHRyWTFxQzRyZFdXa0YzbkN0blNhR0Zjb2tSbHFlSldIbnhJNWRGaVhKNzk2MmNIeVdBeXhFRDlhcjF2SDliMFAwWVNwcGhYYmRXTmFqRDJXZ0JQZWpjUDJOaXV1OFFJREFRQUI= -publicKey.partner=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFoNnhURmRoclRPOUdaSy1ZSlFwSURzSUVVWWJyZzJmRGRiTlByWkQtbkRWaVk3bzVrbW1HeW1LMHlQLU5VTEpRdW9nb2YzNzVNRzFSZk5DTkc2WEt4RTZNdzdNU2dVejY1OHFUeWJta1NieHZkeDIyb3B2NlU2SjdmSlpZSlNRT2lBVDYzWTVDMXg4S3FlVzcyT0pQQndOa0RwYWZ6aUVjbzVlVGt3ZU4yeklHU21nLUxvWXVpVzNhVldLOVpubEtZdnFMUTF0YzNnZ0lPekp6cDZQYmY4b2N4T0x5aTVVWWhpQUJGNWptLXlIV25fVjM0MXljNGZlLU5idTJZUG8xemE2VHBlb1FLdDBmRTB5eGYyRmRVYS1rUGp2dWNCZXFQbUEyVzIzSFJBTmxuUzY3WHdHSTkzckFsVGM0X2x0WG5IWHc3Y3FOM1o3Sk9NTEU1X1h5NFFJREFRQUI= -publicKey.ida_fir=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2azNGODJzQzctRm1YaGpRUGdlYXZ0czc2YWliV1dJbnBTMFVQUWdmZXVkSEpRb0EyLXNiZlp1TGdMMXVxM2tDQ1JpSzlPeFkzekk0TndtaFMwOEZLUVhCSjE5ODNLb0FsSDVrZndTOFZjc3VONUcyOGtfU2I2Y0pXX01ZZjlpMGd5RDhaY3FQa29CaGJkVUJBem1GaTd2TXhpV2ZpZFlDRWVqN0ZLMEJyaDhIRzdMSHNkd1Z0UldxbTNSTUtmSXRnRXVJZ1BzcmVpbU5mSXF2bHdKb25IUmtlR0pEcDM4Sk1EQkMweFZmVTA5cDMyYTFiZlJFMUppN2swTkhheEs1SThnRXdVMlN6ZG1NTE9RY2Jac19XbjZScDROVjlza3pEM21EMXdJcTZnTjNUZnlpNWhFZzVLV3p3eUMtNVdrRFhiazJVak02UkdTbG1PaXh1VEN3YlFJREFRQUI= -publicKey.internal=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF0a1NuaVRCY3VOaFFOdm82aEhSS0V1TENnZHQxTEpnQ3BfQko1eDRuMjM1QVpzaEUwcmx6d3kzdE1UcTBTWW13YUNncXN4WE1sUkFCdVNNZ0xJdnI1aGg2UHY2NUtTdXdHdlJMMzNuQS1SbWpnVEZqOEIzRExfMktHSlBKLTIxRG1tLW9WZUxZTWd2Qm1ZM1U5M3hnYk15NXl5QnBOX3AtMHlnS2k4aVdCVDlkMWp1cHRoUU5sU2tBQ3hPV3RpU0tvTGhhNE12OHA4OHp5RGRiWWl2azdzNnlGT0xUWDFpX011WFhRSW5jQkVfVkx0ZTVVMHNRblJ4cV9JX2FVeTU5NHloQjRFUmsxS3AtbnBqMWJEWHZMaXZyZlByRTVYZjFkR1RQeDBnMEFSaFN1R2N4bUh1b1A1WDBoQ25CSmpmc3Q4ekhyWGU0MWVraEZNNmIxbDNQMFFJREFRQUI - - -# Reference ID used for crypto manager in authentication -partner.reference.id=PARTNER -# Reference ID used for crypto manager in internal authentication -internal.reference.id=INTERNAL -# Reference ID used for crypto manager in authentication for biometrics -partner.biometric.reference.id=IDA-FIR -# Reference ID used for crypto manager in internal authentication for biometrics -internal.biometric.reference.id=INTERNAL - -keysplitter=#KEY_SPLITTER# - - -ida.api.version=1.0 - -# ********* Postgres Properties ************ -javax.persistence.jdbc.driver=org.postgresql.Driver -javax.persistence.jdbc.url=jdbc:postgresql://localhost:5432/ida_db -javax.persistence.jdbc.user=postgres -javax.persistence.jdbc.password=postgres - - -# ********* Hibernate Properties *********** -hibernate.dialect=org.hibernate.dialect.PostgreSQL95Dialect -hibernate.jdbc.lob.non_contextual_creation=true -#hibernate.hbm2ddl.auto=update -hibernate.show_sql=true -hibernate.format_sql=true -hibernate.connection.charSet=utf8 -hibernate.cache.use_second_level_cache=false -hibernate.cache.use_query_cache=false -hibernate.cache.use_structured_entries=false -hibernate.generate_statistics=false -spring.datasource.initialization-mode=never - - -# ******** Functional configurations ******** -datetime.pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' -date.pattern=yyyy-MM-dd -datetime.pattern.withzone=yyyy-MM-dd'T'HH:mm:ss.SSSXXX - - -demo.default.match.value=60 - -# ********* ADMIN Configurations ************ -authrequest.received-time-allowed.in-hours=24 - -#********* Store Private Key ********* -sample.privatekey.filepath={0}\Private_key - -mosip.kernel.encrypt-url=${mosip.base.url}/v1/keymanager/encrypt -mosip.kernel.decrypt-url=${mosip.base.url}/v1/keymanager/decrypt -mosip.kernel.publicKey-url=${mosip.base.url}/v1/keymanager/publickey/{appId} -kernel.validate.signature-url=${mosip.base.url}/v1/signature/validate - -mosip.ida.encrypt-url=${mosip.base.url}/idauthentication/v1/internal/encrypt -mosip.ida.decrypt-url=${mosip.base.url}/idauthentication/v1/internal/decrypt -mosip.ida.publicKey-url=${mosip.base.url}/idauthentication/v1/internal/getCertificate -mosip.ida.validate.signature-url=${mosip.base.url}/idauthentication/v1/internal/validate - -#Auth token -auth-token-generator.rest.uri=${mosip.base.url}/v1/authmanager/authenticate/clientidsecretkey -auth-token-generator.rest.clientId=mosip-resident-client -auth-token-generator.rest.secretKey=${mosip_resident_client_secret} -auth-token-generator.rest.appId=resident - - -auth-token-generator-user.rest.uri=${mosip.base.url}/v1/authmanager/authenticate/useridPwd -auth-token-generator-user.rest.userName=110006 -auth-token-generator-user.rest.password=mosip -auth-token-generator-user.rest.appId=ida - -add-device-provider-url=${mosip.base.url}/v1/masterdata/deviceprovider -add-device-provider-request-template={\ - "address": "test",\ - "certificateAlias": "added",\ - "contactNumber": "9663175928",\ - "email": "test@mosip.io",\ - "isActive": true,\ - "vendorName": "$DEVICE_PROVIDER_NAME"\ -} - -add-mds-request-url=${mosip.base.url}/v1/masterdata/mosipdeviceservice -add-mds-request-template={\ - "isActive": true,\ - "deviceProviderId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "regDeviceSubCode": "$DEVICE_SUB_TYPE_CODE",\ - "regDeviceTypeCode": "$DEVICE_TYPE_CODE",\ - "swBinaryHash": "test",\ - "swCreateDateTime": "2019-11-19T07:00:13.375Z",\ - "swExpiryDateTime": "2019-11-30T07:00:13.375Z",\ - "swVersion": "$SERVICE_VERSION"\ -} - -add-device-request-url=${mosip.base.url}/v1/masterdata/registereddevices -add-device-request-template={\ - "deviceData": {\ - "deviceId": "70959dd5-e45f-438a-9ff8-9b263908e572",\ - "purpose": "$PURPOSE",\ - "deviceInfo": {\ - "deviceSubId": "$DEVICE_SUB_ID",\ - "certification": "L0",\ - "digitalId": {\ - "serialNo": "$SERIAL_NO",\ - "deviceProvider": "$DEVICE_PROVIDER_NAME",\ - "deviceProviderId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "dateTime": "2020-01-13T07:20:42.195Z",\ - "type": "$DEVICE_TYPE_CODE",\ - "subType": "$DEVICE_SUB_TYPE_CODE"\ - },\ - "firmware": "firmware",\ - "deviceExpiry": "2020-01-13T12:50:42.196Z",\ - "timeStamp": "2020-01-13T12:50:42.208Z"\ - },\ - "foundationalTrustProviderId": ""\ - }\ -} - -validate-device-request-url=${mosip.base.url}/v1/masterdata/deviceprovidermanagement/validate -validate-device-request-template={\ - "deviceCode": "$DEVICE_CODE",\ - "digitalId": {\ - "serialNo": "$SERIAL_NO",\ - "dp": "$DEVICE_PROVIDER_NAME",\ - "dpId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "type": "$DEVICE_TYPE",\ - "subType": "$DEVICE_SUB_TYPE",\ - "dateTime": "2019-12-05T10:41:15.052Z"\ - },\ - "deviceServiceVersion": "$SERVICE_VERSION"\ -} - -dev.master.db.url=jdbc:postgresql://104.211.208.136:9001/mosip_master -qa.master.db.url=jdbc:postgresql://52.172.54.231:9001/mosip_master -int.master.db.url=jdbc:postgresql://104.211.202.203:9001/mosip_master -ext-int.master.db.url=jdbc:postgresql://52.172.14.84:9001/mosip_master -preprod.master.db.url=jdbc:postgresql://150.10.40.12:9001/mosip_master - -master.db.user=bWFzdGVydXNlcg -master.db.pass=TW9zaXBAZGV2MTIz - -dev.ida.db.url=jdbc:postgresql://104.211.208.136:9001/mosip_ida -qa.ida.db.url=jdbc:postgresql://52.172.54.231:9001/mosip_ida -int.ida.db.url=jdbc:postgresql://104.211.202.203:9001/mosip_ida -ext-int.ida.db.url=jdbc:postgresql://52.172.14.84:9001/mosip_ida -preprod.ida.db.url=jdbc:postgresql://104.211.242.168:9001/mosip_ida - -ida.db.user=aWRhdXNlcg -ida.db.pass=TW9zaXBAZGV2MTIz - -mosip.ida.publickey=IDA - -#---------------Global Config----------------- - - -#Kernel-idobjectalidator -# Plug in property source as either 'LOCAL' or 'CONFIG_SERVER' or 'APPLICATION_CONTEXT' through this key -mosip.kernel.idobjectvalidator.property-source=APPLICATION_CONTEXT -mosip.kernel.idobjectvalidator.schema-name=mosip-identity-json-schema.json -mosip.kernel.idobjectvalidator.file-storage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ - -mosip.kernel.idobjectvalidator.masterdata.languages.rest.uri=${mosip.base.url}/v1/masterdata/languages -mosip.kernel.idobjectvalidator.masterdata.gendertypes.rest.uri=${mosip.base.url}/v1/masterdata/gendertypes -mosip.kernel.idobjectvalidator.masterdata.documentcategories.rest.uri=${mosip.base.url}/v1/masterdata/documentcategories -mosip.kernel.idobjectvalidator.masterdata.documenttypes.rest.uri=${mosip.base.url}/v1/masterdata/documenttypes/{documentcategorycode}/{langcode} -mosip.kernel.idobjectvalidator.masterdata.locations.rest.uri=${mosip.base.url}/v1/masterdata/locations/{langcode} -mosip.kernel.idobjectvalidator.masterdata.locationhierarchy.rest.uri=${mosip.base.url}/v1/masterdata/locations/locationhierarchy/{hierarchyname} - -mosip.kernel.idobjectvalidator.mandatory-attributes.id-repository.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics - -# Business Validation for ID Schema attributes - These should not be changed, as it impacts all modules -mosip.id.validation.identity.dateOfBirth=^(19\\d\\d|20\\d\\d)/([0][1-9]|1[0-2])/([0][1-9]|[1-2]\\d|3[01])$ -mosip.id.validation.identity.phone=^([6-9]{1})([0-9]{9})$ -mosip.id.validation.identity.email=^[\\w-\\+]+(\\.[\\w]+)*@[\\w-]+(\\.[\\w]+)*(\\.[a-zA-Z]{2,})$ -mosip.id.validation.identity.postalCode=^[(?i)A-Z0-9]{5}$ -mosip.id.validation.identity.age=^(150|1[0-4][0-9]|[1-9]?[0-9])$ -mosip.id.validation.identity.fullName.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine1.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine2.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine3.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.region.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.province.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.city.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.[*].[*].language=^[(?i)a-z]{3}$ -mosip.id.validation.identity.referenceIdentityNumber=^([0-9]{10,30})$ -mosip.country.code=MOR - -# Language Supported By Platform - ISO -mosip.supported-languages=eng,ara,fra - -mosip.primary-language=eng -mosip.secondary-language=ara - -# Application IDs -mosip.prereg.app-id=PRE_REGISTRATION -mosip.reg.app-id=REGISTRATION -mosip.regproc.app-id=REGISTRATION_PROCESSOR -mosip.ida.app-id=IDA -mosip.idrepo.app-id=ID_REPO - -# UTC ISO Date Time Pattern -mosip.utc-datetime-pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' - -mosip.signed.response.header=response-signature - - -#----------------------- CBEFF Util-------------------------------------------------- -# Cbeff URL where the files will be stored in git, change it accordingly in case of change of storage location. -mosip.kernel.xsdstorage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ -# Cbeff XSD file name in config server -mosip.kernel.xsdfile=mosip-cbeff-extint.xsd - -#----------------------------- Applicant Type -------------------------------------------------- -mosip.kernel.applicant.type.age.limit = 5 - -#----------------------------- Static PIN -------------------------------------------------- -mosip.kernel.pin.length=6 - -#-----------------------------TspId ----------------------------------------------- -#length of the Tsp id -mosip.kernel.tspid.length=4 - -#-----------------------------partnerId ----------------------------------------------- -#length of the partner id -mosip.kernel.partnerid.length=4 - -#-----------------------------TOKEN-ID Properties--------------------------------- -#lenght of the token id -mosip.kernel.tokenid.length=36 - -#-----------------------------Registration Center Id ----------------------------------------------- -#length of the registration center id -mosip.kernel.registrationcenterid.length=5 - -#-----------------------------Machine Id ----------------------------------------------- -#length of the machine id -mosip.kernel.machineid.length=5 - -#-----------------------------RID Properties--------------------------------------- -# length of the rid -mosip.kernel.rid.length=29 -# length of the timestamp -mosip.kernel.rid.timestamp-length=14 -# rid sequence max digits -mosip.kernel.rid.sequence-length=5 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -mosip.kernel.tokenid.sequence-limit=3 - -#-----------------------------PRID Properties------------------------------------ - -#prid-length -mosip.kernel.prid.length=14 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -#to disable validation assign zero or negative value -mosip.kernel.prid.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -#to disable validation assign zero or negative value -mosip.kernel.prid.repeating-block-limit=3 - - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) to disable validation assign zero or negative value -mosip.kernel.prid.repeating-limit=2 - -# list of number that id should not be start with to disable null -mosip.kernel.prid.not-start-with=0,1 - -#restricted numbers for prid -mosip.kernel.prid.restricted-numbers=786,666 - - -#-----------------------------VID Properties-------------------------------------- -# length of the vid -mosip.kernel.vid.length=16 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -# to disable sequence limit validation assign 0 or negative value -mosip.kernel.vid.length.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -# to disable repeating block validation assign 0 or negative value -mosip.kernel.vid.length.repeating-block-limit=2 - - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) -# to disable repeating limit validation, assign 0 or negative value -mosip.kernel.vid.length.repeating-limit=2 - -# list of number that id should not be start with -# to disable null -mosip.kernel.vid.not-start-with=0,1 - -#restricted numbers for vid -mosip.kernel.vid.restricted-numbers=786,666 - -#-----------------------------UIN Properties-------------------------------------- -#length of the uin -mosip.kernel.uin.length=10 -#minimum threshold of unused uin -mosip.kernel.uin.min-unused-threshold=200000 -#number of uins to generate -mosip.kernel.uin.uins-to-generate=500000 -#restricted numbers for uin -mosip.kernel.uin.restricted-numbers=786,666 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -# to disable sequence limit validation assign 0 or negative value -mosip.kernel.uin.length.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -#to disable validation assign zero or negative value -mosip.kernel.uin.length.repeating-block-limit=2 - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) -# to disable repeating limit validation, assign 0 or negative value -mosip.kernel.uin.length.repeating-limit=2 - -#reverse group digit limit for uin filter -mosip.kernel.uin.length.reverse-digits-limit=5 - -#group digit limit for uin filter -mosip.kernel.uin.length.digits-limit=5 - -#should not start with -mosip.kernel.uin.not-start-with=0,1 - -#adjacent even digit limit for uin filter -mosip.kernel.uin.length.conjugative-even-digits-limit=3 - - - - -#----------------------- SMS Service-------------------------------------- -mosip.kernel.sms.country.code=91 -mosip.kernel.sms.number.length=10 - - -#------------------------Auth-Adapter----------------------------------------------- -auth.server.validate.url=${mosip.base.url}/v1/authmanager/authorize/validateToken -auth.jwt.secret=authjwtsecret -auth.jwt.base=Mosip-Token - - -#----------------------- Crypto -------------------------------------------------- -#Crypto asymmetric algorithm name -mosip.kernel.crypto.asymmetric-algorithm-name=RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING -#Crypto symmetric algorithm name -mosip.kernel.crypto.symmetric-algorithm-name=AES/GCM/PKCS5Padding -#Keygenerator asymmetric algorithm name -mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA -#Keygenerator symmetric algorithm name -mosip.kernel.keygenerator.symmetric-algorithm-name=AES -#Asymmetric algorithm key length -mosip.kernel.keygenerator.asymmetric-key-length=2048 -#Symmetric algorithm key length -mosip.kernel.keygenerator.symmetric-key-length=256 - -#Encrypted data and encrypted symmetric key separator -mosip.kernel.data-key-splitter=#KEY_SPLITTER# -#GCM tag length -mosip.kernel.crypto.gcm-tag-length=128 -#Hash algo name -mosip.kernel.crypto.hash-algorithm-name=PBKDF2WithHmacSHA512 -#Symmtric key length used in hash -mosip.kernel.crypto.hash-symmetric-key-length=256 -#No of iterations in hash -mosip.kernel.crypto.hash-iteration=100000 -#Sign algo name -mosip.kernel.crypto.sign-algorithm-name=RS512 - -mosip.kernel.keymanager-service-publickey-url=${mosip.base.url}/v1/keymanager/publickey/{applicationId} -mosip.kernel.keymanager-service-decrypt-url=${mosip.base.url}/v1/keymanager/decrypt -mosip.kernel.keymanager-service-auth-decrypt-url=${mosip.base.url}/v1/keymanager/auth/decrypt -mosip.kernel.keymanager-service-sign-url=${mosip.base.url}/v1/keymanager/sign -mosip.sign.applicationid=KERNEL -mosip.sign.refid=SIGN -mosip.kernel.cryptomanager.request_id=CRYPTOMANAGER.REQUEST -mosip.kernel.cryptomanager.request_version=v1.0 -mosip.kernel.signature.signature-request-id=SIGNATURE.REQUEST -mosip.kernel.signature.signature-version-id=v1.0 - - - -#----------------------------------ID Repo------------------------------------------ -mosip.idrepo.identity.uin-status.registered=ACTIVATED -mosip.idrepo.identity.uin-status=ACTIVATED,BLOCKED,DEACTIVATED - -#---------------------------------------otp manager service------------------------------- -#the default length for otp(in number) -mosip.kernel.otp.default-length=6 -#the default crypto function -#It can be: HmacSHA512, HmacSHA256, HmacSHA1. -mosip.kernel.otp.mac-algorithm=HmacSHA512 -#the OTP expires after the given time(in seconds). -mosip.kernel.otp.expiry-time=180 -#the key is freezed for the given time(in seconds). -mosip.kernel.otp.key-freeze-time=1800 -#the number of validation attempts allowed(in number). -#mosip.kernel.otp.validation-attempt-threshold =3 means , the validation and generation will be blocked from 4th time. -mosip.kernel.otp.validation-attempt-threshold=10 -#minimum length of key(in number). -mosip.kernel.otp.min-key-length=3 -#maximum length of key(in number). -mosip.kernel.otp.max-key-length=64 - - -#--------------------------------------Licensekeymanager Service-------------------------------------- -#the license key length. -mosip.kernel.licensekey.length=16 -#List of permissions -# NOTE: ',' in the below list is used as splitter in the implementation. -# Use of ',' in the values for below key should be avoided. -# Use of spaces before and after ',' also should be avoided. -mosip.kernel.licensekey.permissions=OTP Trigger,OTP Authentication,Demo Authentication - Identity Data Match,Demo Authentication - Address Data Match,Demo Authentication - Full Address Data Match,Demo Authentication - Secondary Language Match,Biometric Authentication - FMR Data Match,Biometric Authentication - IIR Data Match,Biometric Authentication - FID Data Match,Static Pin Authentication,eKYC - limited,eKYC - Full,eKYC - No - - - -#-----------------------------Virus Scanner-------------------------------------- -#Virus Scanner server url -mosip.kernel.virus-scanner.host=10.0.2.7 -#Virus Scanner server port -mosip.kernel.virus-scanner.port=3310 - - - -#-------------------------------FS Adapter- HDFS ------------------------------- -# Name node url for HDFS - Non Secured -mosip.kernel.fsadapter.hdfs.name-node-url=hdfs://13.71.117.37:51000 -# Name node url for HDFS - Secured (auth enabled) -#mosip.kernel.fsadapter.hdfs.name-node-url=hdfs://13.71.117.37:51000 -# Enable if hadoop security authorization is 'true', default is false -mosip.kernel.fsadapter.hdfs.authentication-enabled=false -# HDFS log level. Change this to debug to see hdfs logs -logging.level.org.apache.hadoop=warn -# If HDFS is security is configured with Kerberos, Key Distribution Center domain -mosip.kernel.fsadapter.hdfs.kdc-domain=HDFSKERBEROS1.SOUTHINDIA.CLOUDAPP.AZURE.COM -# Username to access hdfs. Change this to application username (regprocessor,prereg or idrepo) -#mosip.kernel.fsadapter.hdfs.user-name=mosipuser -#keytab file path, must be set if authentication-enable is true -#read keytab file both classpath and physical path ,append appropriate prefix -#for classpath prefix classpath:mosip.keytab -#for physical path prefix file:/home/keys/mosip.keytab -mosip.kernel.fsadapter.hdfs.keytab-file=classpath:mosip.keytab - - - -#---------------Transliteration----------------------- -mosip.kernel.transliteration.arabic-language-code=ara -mosip.kernel.transliteration.franch-language-code=fra - - -#-------Registration processor Notification types------------ -mosip.registration.processor.notification.types=SMS|EMAIL - - -mosip.default.dob.month=01 -mosip.default.dob.day=01 -mosip.login.mode= email,mobile - - -#---Language orientation----- -mosip.right_to_left_orientation=ara -mosip.left_to_right_orientation=eng,fra - - -#**************** Notification Type ************* -mosip.notificationtype=SMS|EMAIL -#******** Notification lanugage types - either PRIMARY or BOTH ******** -mosip.notification.language-type=BOTH - - -#-------------------System--------------- -logging.level.org.springframework.web.filter.CommonsRequestLoggingFilter=INFO - -#-------------------Encryption and Decryption--------------------------- -mosip.kernel.encrypt.url=${mosip.base.url}/v1/keymanager/encrypt -mosip.kernel.decrypt.url=${mosip.base.url}/v1/keymanager/decrypt - -#------------------PDF Genration----------------------------------------- -mosip.kernel.pdf_owner_password=somepassword - -#-------UIN Alias------------------- -mosip.uin.alias= - - -#------------------Quality Check----------------------------------------- -#Quality threshold for applicant iris -mosip.iris_threshold=0 -#Quality threshold for applicant leftslap fingerprint -mosip.leftslap_fingerprint_threshold=0 -#Quality threshold for applicant rightslap fingerprint -mosip.rightslap_fingerprint_threshold=0 -#Quality threshold for applicant thumbs fingerprint -mosip.thumbs_fingerprint_threshold=0 -#Quality threshold for applicant face -mosip.facequalitythreshold=0 -#Bio SDK Integration -mosip.fingerprint.provider=ai.tech5.auth.service.T5AuthFingerImpl -mosip.face.provider=ai.tech5.auth.service.T5AuthFaceImpl -mosip.iris.provider=ai.tech5.auth.service.T5AuthIrisImpl - - -#openapi properties to sort tag and operations of id-authentication services -springdoc.swagger-ui.tagsSorter=alpha -springdoc.swagger-ui.operationsSorter=alpha -p12.key.alias=keyalias diff --git a/authentication-demo-service/src/main/resources/bootstrap.properties b/authentication-demo-service/src/main/resources/bootstrap.properties deleted file mode 100644 index a46f99a38ba..00000000000 --- a/authentication-demo-service/src/main/resources/bootstrap.properties +++ /dev/null @@ -1,42 +0,0 @@ - -# Application name - the name appended at starting of file name to differentiate -# between different property files for different microservices -spring.application.name=id-authentication-demo - -#Active Profile - will relate to development properties file in the server. -#If this property is absent then default profile will be activated which is -#the property file without any environment name at the end. -spring.profiles.active=local - - -# defining current branch in which we are working as label -spring.cloud.config.label=master - - -# url where spring cloud config server is running -spring.cloud.config.uri=localhost - - -#management.security.enabled=false - -#exposing refresh endpoint so that whenevr configuration changes in git, -#post /actuator/refresh endpoint can be called for the client microservices -#to update the configuration -#management.endpoints.web.exposure.include=refresh,restart,env -management.endpoints.web.exposure.include=info,health,refresh,restart,env - -#disabling health check so that client doesnt try to load properties from sprint config server every -# 5 minutes (should not be done in production) -health.config.enabled=true - -#Swagger 3.0 -openapi.info.title=Authentication Service API documentation -openapi.info.description=Authentication Service API documentation -openapi.info.version=1.0 -openapi.info.license.name=Mosip -openapi.info.license.url=https://docs.mosip.io/platform/license - -#------OpenApi properties-------- -mosipbox.public.url=http://localhost:8082 -openapi.authDemoServiceServer.servers[0].url=${mosipbox.public.url}/v1/identity -openapi.authDemoServiceServer.servers[0].description=Authentication Demo Service \ No newline at end of file diff --git a/authentication-demo-service/src/main/resources/mosip-identity-json-schema.json b/authentication-demo-service/src/main/resources/mosip-identity-json-schema.json deleted file mode 100644 index 81b35dce1e6..00000000000 --- a/authentication-demo-service/src/main/resources/mosip-identity-json-schema.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "$id": "http://mosip.io/id_object/1.0/id_object.json", - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "MOSIP ID schema", - "description": "Sample ID schema", - "type": "object", - "additionalProperties": false, - "properties": { - "identity": { - "title": "identity", - "description": "This schema holds all the attributes of an Identity", - "type": "object", - "additionalProperties": false, - "properties": { - "IDSchemaVersion": { - "type": "number" - }, - "UIN": { - "type": "number" - }, - "fullName": { - "$ref": "#/definitions/simpleType" - }, - "dateOfBirth": { - "$ref": "#/definitions/dateOfBirthType" - }, - "age": { - "type": "number" - }, - "gender": { - "$ref": "#/definitions/simpleType" - }, - "addressLine1": { - "$ref": "#/definitions/simpleType" - }, - "addressLine2": { - "$ref": "#/definitions/simpleType" - }, - "addressLine3": { - "$ref": "#/definitions/simpleType" - }, - "region": { - "$ref": "#/definitions/simpleType" - }, - "province": { - "$ref": "#/definitions/simpleType" - }, - "city": { - "$ref": "#/definitions/simpleType" - }, - "postalCode": { - "$ref": "#/definitions/postalCodeType" - }, - "phone": { - "$ref": "#/definitions/phoneType" - }, - "email": { - "$ref": "#/definitions/emailType" - }, - "CNIENumber": { - "type": "number" - }, - "localAdministrativeAuthority": { - "$ref": "#/definitions/simpleType" - }, - "parentOrGuardianName": { - "$ref": "#/definitions/simpleType" - }, - "parentOrGuardianRIDOrUIN": { - "type": "number" - }, - "proofOfAddress": { - "$ref": "#/definitions/documentType" - }, - "proofOfIdentity": { - "$ref": "#/definitions/documentType" - }, - "proofOfRelationship": { - "$ref": "#/definitions/documentType" - }, - "proofOfDateOfBirth": { - "$ref": "#/definitions/documentType" - }, - "individualBiometrics": { - "$ref": "#/definitions/biometricsType" - }, - "parentOrGuardianBiometrics": { - "$ref": "#/definitions/biometricsType" - } - } - } - }, - "definitions": { - "simpleType": { - "type": "array", - "additionalItems": false, - "uniqueItems": true, - "items": { - "type": "object", - "required": [ - "language", - "value" - ], - "additionalProperties": false, - "properties": { - "language": { - "type": "string", - "pattern": "^[(?i)a-z]{3}$" - }, - "value": { - "type": "string" - } - } - } - }, - "dateOfBirthType": { - "type": "string", - "pattern": "^\\d{4}/([0]\\d|1[0-2])/([0-2]\\d|3[01])$" - }, - "phoneType": { - "type": "string", - "pattern": "^([9]{1})([234789]{1})([0-9]{8})$" - }, - "postalCodeType": { - "type": "string", - "pattern": "^[(?i)A-Z0-9]{6}$" - }, - "emailType": { - "type": "string", - "pattern": "^\\w+@[a-zA-Z_]+?\\.[a-zA-Z]{2,3}$" - }, - "documentType": { - "type": "object", - "properties": { - "format": { - "type": "string" - }, - "type": { - "type": "string" - }, - "fileReference": { - "type": "string" - } - } - }, - "biometricsType": { - "type": "object", - "properties": { - "format": { - "type": "string" - }, - "version": { - "type": "number" - }, - "fileReference": { - "type": "string" - } - } - } - } -} diff --git a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/AuthRequestControllerTest.java b/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/AuthRequestControllerTest.java deleted file mode 100644 index 2de51cb1a65..00000000000 --- a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/AuthRequestControllerTest.java +++ /dev/null @@ -1,311 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.test; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.nio.charset.StandardCharsets; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableEntryException; -import java.security.cert.CertificateException; -import java.security.spec.InvalidKeySpecException; -import java.util.Map; - -import javax.crypto.BadPaddingException; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import jakarta.servlet.ReadListener; -import jakarta.servlet.ServletInputStream; - -import org.jose4j.lang.JoseException; -import org.json.JSONException; -import org.junit.Before; -import org.junit.Ignore; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; -import org.springframework.core.env.Environment; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestContext; -import org.springframework.test.context.junit4.SpringRunner; -import org.springframework.test.util.ReflectionTestUtils; -import org.springframework.web.context.WebApplicationContext; - -import com.fasterxml.jackson.databind.ObjectMapper; - -import io.mosip.authentication.core.exception.IdAuthenticationAppException; -import io.mosip.authentication.core.exception.IdAuthenticationBusinessException; -import io.mosip.kernel.templatemanager.velocity.impl.TemplateManagerImpl; -import io.mosip.testrig.authentication.demo.service.controller.AuthRequestController; -import io.mosip.testrig.authentication.demo.service.controller.Encrypt; -import io.mosip.testrig.authentication.demo.service.controller.JWSSignAndVerifyController; -import io.mosip.testrig.authentication.demo.service.controller.Encrypt.SplittedEncryptedData; -import io.mosip.testrig.authentication.demo.service.dto.EncryptionResponseDto; - -// -/** - * The Class AuthRequestControllerTest tests the creation of auth request - * - * @author Arun Bose S - */ -//@RunWith(SpringRunner.class) -//@WebMvcTest -//@ContextConfiguration(classes = { TestContext.class, WebApplicationContext.class }) -public class AuthRequestControllerTest { - -// -// private final class ServletInputStreamExtension extends ServletInputStream { -// private final ByteArrayInputStream bais; -// -// private ServletInputStreamExtension(ByteArrayInputStream bais) { -// this.bais = bais; -// } -// -// @Override -// public int read() throws IOException { -// return bais.read(); -// } -// -// @Override -// public void setReadListener(ReadListener listener) { -// -// } -// -// @Override -// public boolean isReady() { -// return bais.available() != 0; -// } -// -// @Override -// public boolean isFinished() { -// return bais.available() == 0; -// } -// } -// -// -// @Autowired -// private Environment environment; -// -// @Autowired -// private ObjectMapper mapper; -// -// @InjectMocks -// private AuthRequestController authReqController; -// -// @Mock -// private Encrypt encrypt; -// -// @Mock -// private TemplateManagerImpl templateManager; -// -// @Mock -// JWSSignAndVerifyController jWSSignAndVerifyController; -// -// @Before -// public void before() { -// ReflectionTestUtils.setField(authReqController, "environment", environment); -// ReflectionTestUtils.setField(authReqController, "mapper", mapper); -// ReflectionTestUtils.setField(authReqController, "templateManager", templateManager); -// ReflectionTestUtils.setField(authReqController, "encrypt", encrypt); -// ReflectionTestUtils.setField(authReqController, "jWSSignAndVerifyController", jWSSignAndVerifyController); -// } -// -// /** -// * Auth controller test. -// * @throws JSONException -// * @throws IOException -// * @throws BadPaddingException -// * @throws IllegalBlockSizeException -// * @throws InvalidAlgorithmParameterException -// * @throws NoSuchPaddingException -// * @throws InvalidKeySpecException -// * @throws NoSuchAlgorithmException -// * @throws IdAuthenticationBusinessException -// * @throws IdAuthenticationAppException -// * @throws InvalidKeyException -// * @throws KeyManagementException -// * @throws JoseException -// * @throws UnrecoverableEntryException -// * @throws CertificateException -// * @throws KeyStoreException -// */ -// @SuppressWarnings("unchecked") -// @Test -// public void authControllerTest() throws KeyManagementException, InvalidKeyException, IdAuthenticationAppException, IdAuthenticationBusinessException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException, JSONException, KeyStoreException, CertificateException, UnrecoverableEntryException, JoseException { -// EncryptionResponseDto encryptionResponse=new EncryptionResponseDto(); -// Mockito.when(encrypt.encrypt(Mockito.any(), Mockito.any(), Mockito.anyBoolean(), Mockito.anyBoolean())).thenReturn(encryptionResponse); -// String reqData="{\r\n" + -// " \"biometrics\": [{\r\n" + -// " \"data\": {\r\n" + -// " \"bioSubType\": \"UNKNOWN\",\r\n" + -// " \"bioType\": \"IIR\",\r\n" + -// " \"bioValue\": \"LEFT\",\r\n" + -// " \"deviceCode\": \"cogent\",\r\n" + -// " \"deviceProviderID\": \"cogent\",\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }\r\n" + -// " },\r\n" + -// " {\r\n" + -// " \"data\": {\r\n" + -// " \"bioSubType\": \"UNKNOWN\",\r\n" + -// " \"bioType\": \"IIR\",\r\n" + -// " \"bioValue\": \"RIGHT\",\r\n" + -// " \"deviceCode\": \"cogent\",\r\n" + -// " \"deviceProviderID\": \"cogent\",\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }\r\n" + -// " }\r\n" + -// " ],\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }"; -// Map reqMap=mapper.readValue(reqData.getBytes(StandardCharsets.UTF_8), Map.class); -// Mockito.when(templateManager.merge(Mockito.any(), Mockito.any())).thenReturn(newServletInputStream()); -// SplittedEncryptedData value = new SplittedEncryptedData("123", "456"); -// Mockito.when(encrypt.encryptBiometrics(Mockito.any(), Mockito.any(), Mockito.anyBoolean())).thenReturn(value ); -// Mockito.when(jWSSignAndVerifyController.sign(Mockito.any())).thenReturn("1234"); -// -// authReqController.createAuthRequest("1234567890", "UIN", false, false, null, null, null, reqMap) ; -// -// -// } -// -// -// @SuppressWarnings("unchecked") -// @Test -// public void kycControllerTest() throws KeyManagementException, InvalidKeyException, IdAuthenticationAppException, IdAuthenticationBusinessException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException, JSONException, KeyStoreException, CertificateException, UnrecoverableEntryException, JoseException { -// EncryptionResponseDto encryptionResponse=new EncryptionResponseDto(); -// Mockito.when(encrypt.encrypt(Mockito.any(), Mockito.any(), Mockito.anyBoolean(), Mockito.anyBoolean())).thenReturn(encryptionResponse); -// String reqData="{\r\n" + -// " \"biometrics\": [{\r\n" + -// " \"data\": {\r\n" + -// " \"bioSubType\": \"UNKNOWN\",\r\n" + -// " \"bioType\": \"IIR\",\r\n" + -// " \"bioValue\": \"LEFT\",\r\n" + -// " \"deviceCode\": \"cogent\",\r\n" + -// " \"deviceProviderID\": \"cogent\",\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }\r\n" + -// " },\r\n" + -// " {\r\n" + -// " \"data\": {\r\n" + -// " \"bioSubType\": \"UNKNOWN\",\r\n" + -// " \"bioType\": \"IIR\",\r\n" + -// " \"bioValue\": \"RIGHT\",\r\n" + -// " \"deviceCode\": \"cogent\",\r\n" + -// " \"deviceProviderID\": \"cogent\",\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }\r\n" + -// " }\r\n" + -// " ],\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }"; -// Map reqMap=mapper.readValue(reqData.getBytes(StandardCharsets.UTF_8), Map.class); -// Mockito.when(templateManager.merge(Mockito.any(), Mockito.any())).thenReturn(newServletInputStream()); -// SplittedEncryptedData value = new SplittedEncryptedData("123", "456"); -// Mockito.when(encrypt.encryptBiometrics(Mockito.any(), Mockito.any(), Mockito.anyBoolean())).thenReturn(value ); -// Mockito.when(jWSSignAndVerifyController.sign(Mockito.any())).thenReturn("1234"); -// -// authReqController.createAuthRequest("1234567890", "UIN", false, false, null, null, null, reqMap) ; -// -// -// } -// -// -// -// -// -// -// @SuppressWarnings("unchecked") -// @Test -// public void authControllerAuthTypeTest() throws KeyManagementException, InvalidKeyException, IdAuthenticationAppException, IdAuthenticationBusinessException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException, JSONException, KeyStoreException, CertificateException, UnrecoverableEntryException, JoseException { -// EncryptionResponseDto encryptionResponse=new EncryptionResponseDto(); -// Mockito.when(encrypt.encrypt(Mockito.any(), Mockito.any(), Mockito.anyBoolean(), Mockito.anyBoolean())).thenReturn(encryptionResponse); -// String reqData="{\r\n" + -// " \"biometrics\": [{\r\n" + -// " \"data\": {\r\n" + -// " \"bioSubType\": \"UNKNOWN\",\r\n" + -// " \"bioType\": \"IIR\",\r\n" + -// " \"bioValue\": \"LEFT\",\r\n" + -// " \"deviceCode\": \"cogent\",\r\n" + -// " \"deviceProviderID\": \"cogent\",\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }\r\n" + -// " },\r\n" + -// " {\r\n" + -// " \"data\": {\r\n" + -// " \"bioSubType\": \"UNKNOWN\",\r\n" + -// " \"bioType\": \"IIR\",\r\n" + -// " \"bioValue\": \"RIGHT\",\r\n" + -// " \"deviceCode\": \"cogent\",\r\n" + -// " \"deviceProviderID\": \"cogent\",\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }\r\n" + -// " }\r\n" + -// " ],\r\n" + -// " \"timestamp\": \"2019-03-27T10:01:57.086+05:30\",\r\n" + -// " \"transactionID\": \"1234567890\"\r\n" + -// " }"; -// Map reqMap=mapper.readValue(reqData.getBytes(StandardCharsets.UTF_8), Map.class); -// Mockito.when(templateManager.merge(Mockito.any(), Mockito.any())).thenReturn(newServletInputStream()); -// SplittedEncryptedData value = new SplittedEncryptedData("123", "456"); -// Mockito.when(encrypt.encryptBiometrics(Mockito.any(), Mockito.any(), Mockito.anyBoolean())).thenReturn(value ); -// Mockito.when(jWSSignAndVerifyController.sign(Mockito.any())).thenReturn("1234"); -// -// authReqController.createAuthRequest("1234567890", "UIN", true, false, "bio,otp,demo,pin", null, null, reqMap) ; -// } -// -// @Ignore -// @SuppressWarnings("unchecked") -// @Test(expected=IdAuthenticationBusinessException.class) -// public void noRequest() throws KeyManagementException, InvalidKeyException, IdAuthenticationAppException, IdAuthenticationBusinessException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException, JSONException, KeyStoreException, CertificateException, UnrecoverableEntryException, JoseException { -// EncryptionResponseDto encryptionResponse=new EncryptionResponseDto(); -// Mockito.when(encrypt.encrypt(Mockito.any(), Mockito.anyString(), Mockito.anyBoolean(), Mockito.anyBoolean())).thenReturn(encryptionResponse); -// String reqData="{}"; -// Map reqMap=mapper.readValue(reqData.getBytes(StandardCharsets.UTF_8), Map.class); -// Mockito.when(templateManager.merge(Mockito.any(), Mockito.any())).thenReturn(newServletInputStream()); -// authReqController.createAuthRequest("1234567890", "UIN", false, false, "bio", null, null, reqMap) ; -// } -// -// -// -// -// -// -// private ServletInputStreamExtension newServletInputStream() { -// String req = "{\r\n" + -// " \"consentObtained\": true,\r\n" + -// " \"id\": \"mosip.identity.auth\",\r\n" + -// " \"individualId\": \"6521768301\",\r\n" + -// " \"individualIdType\": \"UIN\",\r\n" + -// " \"request\": \"7sBCLgrrSNhB-6vNR_MKtzv0wgjaKzB6HCnf1mx0u0YH0IiUL0PaUDOqaQi1RuN4Ar0yAlhJsIJIW-uxWHNxFEoD6h-r75pzKyBoyefMdpLHboLbljUBrPHoqrJLfv1nkas9RS-fD6M5S4e0D5YbZ5c9toNpb4thjj-QbHkEsOKQsVv7R7g59wMzMYx49NHSWnYnB4Dphsks-EGdCkHYR6IUR_Ys4OB1aZTGwfHrnXw8iWRhkrkv2hJA7QkpA9TGG_I9_dQT3amIWB3cDISlW0tKnaG7EVMApuPkeKO5LaxwKhE6_0RWCCvr9LSzVl6b8l8tZ8zybcRnrNS22nGAxytuwkx_BeEFdqnGrht0Q7y23pMmjn5JPYN3mnfQbuENYXKU5f5LGslUZm48ouqa1_-oPktSIq6K0PrTEKGlSukkmitqBXApuSbS1VJJ6uqhpudMnWB7QyO37XDPfMqsJKQueGbdLObdq_wT81-c5PT3h1QhFBe16N5Sf3qg0AgzRxzZ6T3kNiFIy7CkLZD9B7dKCmuL4nV-ixSyjzNQUALvEbDeatSF2-wjlTVVewtwcYzByCJbet2agYqfG0hdiTR5LbyclO8E67E1k73pJT07OgBihlXb9oIw0ljIZo_9smN_shoJUfxy1f8UUKJVWg\",\r\n" + -// " \"requestHMAC\": \"OPDtwdW7bHnQ3d7T8pQURjIyNYBt3hkE8ZbY7H1cBFtufkjYKd9rpcE7w57hZg6xUGsN2QZM8PtbEUjWShjrZIezI7nmGnlPS2lhIE1F6pw4Nl9AJ3oabrN4D7sULeVs\",\r\n" + -// " \"requestSessionKey\": \"AmbpO_u3WC83w4emk0f8G4RDdwIhk8KablUfBw6OVy_3a4UrHxx8TE7mpHgRMp-M7V01qAoYguO3XwWKFQfWHTZNaVuXYMkf3biNHWQiPm4UKob3MZjhyLUXaacy0MPFj8OIRYoRcQ5uwtpknzUC6qyjfyh9CdGlvvREyCgjSOFaBalFW3pFPkeZK7J7BfHv0OF1BoncE5Z4ITgUFAwyCAHBp3RrU0Oy6DqJXsm5I2ICuZKqYzE-bCK85Gw2eq-ECllQzmTvE34ILWpAOgmcUwie62rJnNtGJTzFoLCuzOxo7qtJBpi2ida4rzd1_jWVWGwe2cW4l2jGSEtDMve-Og\",\r\n" + -// " \"requestTime\": \"2019-03-28T10:01:57.086+05:30\",\r\n" + -// " \"requestedAuth\": {\r\n" + -// " \"bio\": true,\r\n" + -// " \"demo\": false,\r\n" + -// " \"otp\": false,\r\n" + -// " \"pin\": false\r\n" + -// " },\r\n" + -// " \"transactionID\": \"1234567890\",\r\n" + -// " \"version\": \"0.9\"\r\n" + -// "}"; -// ByteArrayInputStream bais = new ByteArrayInputStream(req.getBytes()); -// return new ServletInputStreamExtension(bais); -// } - -} diff --git a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/DecryptTest.java b/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/DecryptTest.java deleted file mode 100644 index bcabe1dee40..00000000000 --- a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/DecryptTest.java +++ /dev/null @@ -1,76 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.test; - -import java.io.IOException; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; - -import org.json.JSONException; -import org.junit.Before; -import org.junit.Ignore; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestContext; -import org.springframework.test.context.junit4.SpringRunner; -import org.springframework.web.client.RestClientException; -import org.springframework.web.context.WebApplicationContext; - -import io.mosip.testrig.authentication.demo.service.controller.Decrypt; - -/** - * @author Arun Bose S The Class DecryptTest. - */ -@Ignore -@RunWith(SpringRunner.class) -@WebMvcTest -@ContextConfiguration(classes = { TestContext.class, WebApplicationContext.class }) -public class DecryptTest { - - /** The decrypt mock. */ - @InjectMocks - private Decrypt decryptMock; - - /** - * Before. - */ - @Before - public void before() { - } - - /** - * Decrypt test. - * - * @throws KeyManagementException the key management exception - * @throws RestClientException the rest client exception - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws IOException Signals that an I/O exception has occurred. - * @throws JSONException the JSON exception - * @throws InvalidKeySpecException the invalid key spec exception - */ - @Test - public void decryptTest() throws KeyManagementException, RestClientException, NoSuchAlgorithmException, IOException, - JSONException, InvalidKeySpecException { - String testData = "IXBo95Kc+8+OLBUdISp+tfY+uaa2UX2iBStyJ4T9KQB1f6qKOUdQevBl0bSEdMQCu/nSlX1HxTtXpbjH24vWUZuwM6V2HMmsSKYYcoPGQONojKTw214PB32pYbeHT0g8yXgPhn/wyBOEg3RaESOTXwujEmCmmHIEtbhMOmLv8M0MHNQHhx8gr+LUBovrm1Om5S/06VOHzli7BPjbMgN9tahYDDMVuTpkeMrrJhfI5aa/QCY0zhajd9SYYaqSe7Os5/jP/fBRkIXnNxttn5z7rCaNMGc4DosyNkt8ORttOxGcCNHscomA+eI79zm+BZS7+MY1aix/4qhssL0lWPokFg==rg3WqmbbFkhUTPQdKcvntxy5n7TjOHHsyZUyIfqJOXs1iBQNShfDD4bbjUnqI64l9v7grEm3s2el5bwwgibeK2eDhQzZNXQyN/fGmFWOwY8B6tySDQRZelc5ltRHUvHDfzSMyNK5PhMDP6S4LNCFPjuN/yrSxh2HMzGzcz2+MYpQ8ZASXmtWNgHt6mvYOEyUKwNB3OFyjtRPjZddbg4f/WqmJ70PTsTm1wWvkPVSivZMEeN+RV7Jx+tIgGbZvGWZpuNxc03bMY9WLqks3Tzlj37xsmtgMjSeqx2Cp1ytHrC6cNcyIPBWtM1dFbUz1dZwifvvsFz/H5L7LuR62WN8kzGhzHBsu9tpZ99l+83tNyz7jWg/GB5A8qMjVJr26C1x85oR/HXk1EnZl7kY9aandLdE9qXdOFDMbqvN/zR3YGG1eDr17JkTwyqI9JE/Gf6Vl8Ha2MOY9ejXazUOo7MUhnra54ZNtvOsioh+0ECkV9kx45G3v49bqYylt16rrhMN3C1LWsjLE6nWsre2Q30NNz665lbjd8TPL3yomTjLn14NOP3kA1sXBwqZ16RKsazU/9/6THBhMDCvY9z0g3fwSqCtZ/a0PwK7YmX9uN3l8+9DA7fVxRjTbKgt8tmprcmcUV2qvmVOq9jGJYXCGkMYI058Pcx1lFxDiLX9tKjZgIh5e90mCImiDk0T2frUndioBYTwghakVXL8xmUWKH6R4ISu219BfCXuDMHr+MLDK7gjSCeC36oeH/Q+cVpW9BiJn8lRsiQeM+vP1jb/guKo+D69kyKwf5Sv+5bCALE2F46adeNOBu5BHvvIiTfbp1nVgIQu+VHdZnCda+heELMYYNy13/eudb+7HpU49VYGER5e79DUV9mm2KpgmljbmQ+plGXJd9zjw9NQOqwvSH8kbOJJQrnsWWlZoASiz/Oe5OqWnCVpkvs5muvcmZWhpxpOTIHsZs0J7kNgKErbgi0x9ov6ID902b8RTjISQSXnHQ/14ofTtighXniwxq3t3IkRAbc2hOEkBspPti20ivDrIh/pHS8g7jZkfYToEiiFUyvyJdc4brQhamtiWDBDexfLvEf9w7m/LygC7AUIhCG1GSu3h63FXKyTmxeq0sljYMLci0DBsMli6Tv4Yylgm3u9ZPKYe+K6A4lUmkmzrB2lfgbsJJWE88MYdE5mLDh1raDyBrj3TdvyRVsO3BTygGjAC5HgeXI0kzCsQTuPwxcklJr6HyRQmGXrXB1kCKoeTwmOsB/mOayiFxOkJRR5Y66hlHr/Xq/4dTx0zz9AvwjB3+dSm1XQRdVkFNoQJQbaq/qRrNPxv8XgXa5GmW59ZyRlJVTYpL5mH8ZWJsWX8gkAtWDZ35wwS813KoM1ExKbLw5Ya62fBKihEH68H437M3rcipk4hxbKp49p5S5HZoMWYQNaOCfi4qtsEuCGGJLjMV4WNZYOS4HYwMXZP06oXQb8Rvzu1H65r1/z7UiBqxlyYu1oEF0nXIgfMk5ohqWr9Nk4guaMrN1yo+N/yzs8haQABeBBW2zbI5s8xKbUAoN4Z1vYDUsxwP36Zxpik1yw40JFP9RL7gPEKwkf0T2RJG4nqz+mMYLp2WwgI1ro2VEUnrw5UkOr/2wtpjTbOStsOjJO+ux3NxvWDu1K+sTiTE89DP3ap5rrw+h9+6Z/e/cPzt28QLGfpHjvvI1CzQrX1ZWTS0BB/bExwPieWvAnSs8lur5XvvJ2B5TzyJbGhpz35vp7QG4m5ui6rCINa9DZO84ZbE3TOJxYq4MfGOksjzni+7YMIbhND24WTuNWzg0EwpunVihug05xKQti5gGe2gYq7iZZBG22TbucOVbqCwWYQ+ox1la6HZAcvjYJg3WWXdyk1kqLCtz8xwdHAyLMRsPjcYa4eZiNsDruUdSpqzU5WuK9JHkzq6QTgdoBys9ZvAAlro9soiZ44o46Dr3szxf0tCBujzfLI+D4iRauzs/CmjQ8Dc5tHArs8Zp5SKM+vGIieRgmTSa9O3y/AnUoBgAixHoOfzZavdZNB+ubfsPHPNUxDMnxuUSAybOfy44zrceMJ5lK5dsTlFl9fNj10BL/G16Gy0Jtpuz4wMVUmNrBQyrHE8CooPPQJWIFusqIZLM2KpwVksi7eSIXa8ircNglJ7fAFYsLB/FM7Yvsu9kL3l5zPHWibkdBsh2uEJKcH3vGszt856fhV6eqx9gf2fISQYZElNrBOx0N3a9dX2/Oghef4P+rQevEUs/93HWKHRlLjnfFmhYre1HYhDW8jfR1mnATBQ1XSyueiVvIUsSapwfJWdx2qAmVXzKaPJ7qWsBraGUJUVQo9zbsBslId+tWjjPtwHcSkegK5AVLGJf1Hm7/ySrF+UMVhKmJ8+k84f6Tfpof501zdoDO6b1wmSmcyfhRM6RDFEild1s8Fu0DBcvlb8btKxXBvCs1EU+Rv/SnQJ9nzh8g5yulpoQ4Cbp0pp335sP+Yz1Ykf/c8wkmiqzPgUJBXFFudDWT25O5pc0amimL19owMhFSsZIOXsjR4L7wwcsx4dO8gFKHRU0vFi0gAwgw+a0/0hjdOU7A6ySg1+9yI4UasiQSP9ZSknd5F2ZYezJYGO4PbmInvgAwxOCeY76MfzQuZgvphQ7t6Gp2HW0mHK7kaQbntz16tZiv3hpZrQWNBVN0edLhWlu1OIv1GEOY680sV2qzfEgKZOl3i2UQBV76++wlizDLhP33b8KPvmtCWSIECFHiahDpoJcGTNtRWT1fRUyzDppeyVVxCrfKU71nvcUcahHayS/seVaDVQ3xdpf5F2OPK/E88InHPxfA4wsPFL6IROmfum/gnqnvjZtE6sYPTU3lP5qu7Ron/dO1qXdk/rvPBENnToNMMO7rj3paPqGF//PftC0JXw5lXpoFCvFpxZk9NkZ2QZJTG+KqLSVgErR4sw/fr/k84n9FIZQCLMfmbn3n92yvMyFgkdJAynL0/2JJ/ryHq71N+i9scUrqMLdnCjbidCi6RhV55Xq8ZB+8Ttv7ym0+xB7J3O4dp/PnndCz3S97A9NhoUC/SEd9aZVK2xPre7ttQZlOszwQ/NjO0oq1XjQbLCOawA0liT/BLnUxxn+fr8E0YC0jI5nN8HBUqL6/AYE32B+zMm0nP81cGqsYGIa19fHiQrG0+/Z8mFpVM/YqbGxPnb8DEybGM8NyccG/B9ST4eJDTHMfDT6XOS4loXtrbf2BzPjCa79RVqkdgeFgYIELz2f7CaY9ujefiQMmkDCvcGRxxZzFUz62LId4SSTLzbqdDq2o6kPWqjrhdIe9vkUzidQi51HyQi0NdaUbo9jdnAcZLYHg/dtxH3DGoUJ43yfvFEDkA37YL5OI5dRS3NqNBpF7hisChfpoz9x1u88c+zHW4Iiong9HLqAMbOa1a/K4gyydHPb1WnNSpysVgeciJdZPtsINO2o5O67OGqdERilLGa3gba+JLvXPkDuM+DbWpol7p0f3ZTufrP1uNCY3DC1+vmFpfxXaf+sprgi/m25fsnSOUSBR4S4mdbVkKhKgzldLHv57PAeYjzOBWUaYlRZmT0pTeDipDgFl0MKdwCi98q+38rizn66MZDoVOsaiNtWF98L973+GR9edjSn5n6imPsfcfn7EoM8MmWBsjsOGce7D2eQHxlMHMpW6rMcaaemdscxgiP2A0vw3avyamad09pSCxuU2r8W2q37vRJreHRm08wLGm/5RflCPeEbirOpSXyVSbxQzwfcdnrdCqeasQ2H6T86+ibXPKJN+50D+j8+m5xCdHvc6kTf9UJyRlSFTP25zNrrpXKXjWSJdAm8gNUbvoTlYMkB34WHfQxIqv+zu7rTxmbGodr6N0wFSda+uBi4fybrn9AJZMzRsnYiWCLoVNsnjzySmdzfoPkiy4Z9viaG42IOURDxWkfCLbLIPYauGIknwX6PVhNmE73PRuAOTMTrW8dzbyXjCr0EbGHfI9pYU3MGNY/T2g3Av/WHoU7OITm6BdyySAXnLShoSvye8pwoEnCEprbOxy/r9SXspgRRUq9RHQTctDC0jzosF2CMjXnp9niuIsMmpZ+UTyS0oR8WdGoUGch6MZ/OK/MagNgwkdclZ5UEWpDBU2D23ose6e2XWieTydU7Q76Zvdy21YFiZH9Qxqtm65+U9bjeyZ1DhgkGdn6S7RQUJm/okEUoA+aydqo5ufXvHfyrTPvBN40OXk1fE59CqFFxl950mDN3EoQhm/Qsxya5NtVsaYYvBvALtiowk+Hza6sMfNDWkQMI5pEqIv5vqcg/MU1MKOv7Hqhq8L+wQ+H98fyTJJUEmnaixGnWmow43aR6MVm9msQWiM0CzAXv+za3EygGyeWyWPah4lWUygnbIt8qTxhvKCFtmgF+1Qf73GKumnlpMUOjiKqzwrNANd+G2lG9xKvCm600+WnWSFiVyr6YCg8hbsvB+F9USGoRXWkldsAt60f8BaIL0G4HgBBvQ8OWTZNrzSEppmQNoWIvniRuGQ0qi6wcyAKsRoyar8bHID4buKfJmpt/vcVucYjzevEIuLxcoU4DkI7rCbwv4MYbtEOLXkAJIKhfM2kIsSkPk+FwsQNdB2nu135WGhSWCZvKnjdOmfWGMNdXg8k43T7DFLyVrojdqXgu3L2pEdDlvsIda4k0MIrx+QoIKZuCvuynMccFi3ZGfyqTktOGi7bbR+MOOH75k2BD+ypcpm+yNt9YMCLmCrMw76Cgc8xK3ew6Del0/8QXQofv+CaNh/ZD4kxEVw2ulyE/WwjEF02OZuoVVMHJFfWgDSRRjPe+3GkaXrEVuQh5rqjWZhb1Xee+r2iC6GB47YL9+l0ugO9lGgAWGA+XaZ8WylT+oZXGWI/UU//gMlu4EtnenU3kpkUBVWuy3Z7aYKq3y/8rpMSUsDY0u34cAJfBSgI6VoOejQiKJIqosDrVMF/ifaKKEihhB/Opz7cwjVURzzUq5AMW74DkaWG2OnHiz0VmDk8oVIfoPXA6sWLixnljJz9HZa60FPq/yiR76OGkDro//Aijs34FkeakBwEskTY3G8lSLXYj0AUcUsfYXwiLnr9eC12WfHv9oyWF9o8wgrD15XOihDgNnfxw/E15LjwudLvyMFG61bLv/PtJpvyCHSF4hsCM8N7G1h4JU9M3as1lLeMmTsJLydPvxa5rOqS+WxEDS1NZ+H92c1Kpwlfb2x5XbMQCQCOdItR7Cn7Pzxl2gtfLiUjs9qWSKwZgPXAhfYjeoPueXVu7SrFavTPgX1IavQxKBkoGjn3XLpBhIWm3VYy1DWczLGKDzw6D15GO8DpEcsJNbdHWZaa9aaJhQZEpZgd7V7kGu0D8PfiPoa9DQHiQIPZGAGgkNMLssKDDFOTDSFjwXo+9FlwrvpVP9IGSbPEtYPhptisuQfR7EowMdBQmZ9TOI3YAf3+L7vf1qbvWrc2Uvr7NhS6rzUQ8MK0R4h3HWEXwKUfxebleEjDZkDMzEhrc2IiJKvymSLNmAJlz5d4p1eVpzao265XxC/rUu/xPinTcnzzOtFhuzcWHMo4pbAmj7lA/YOpVXuhn8Twpy1y/TxBl7+kXOSQ/2rB9YhBi7YfjQcp36F37NvufeLvSMLXXReFktXZH+2HD6g9KW7eloIdYlM5vjgBzBDhweCu+x27Bq39iS0naDyYw4apP4KMVcssYoNeiLc/XotlOWPIbsAkdUGh1xlVy8EEv1KWY29/36yOj78vQDasPd8F7Jop5ifUCGu0iKXv/3YV+Hs0v8Pmivfu9FAv3CZ6EfeSs6JNaPIZWfjv1mvnFh873Sz0p5+OSE1tKCj3GMgdSavmUFNMfrZWeFj+m7jZWkw9PBEEL2/zrs56mrI7idefUPXcQdBTexAh4zDRUQ6n7ZgUSEoXWlWDjE5JZ6nviP5pP+mY50R2bmc3N48LIyogxvtFEDoMFjNXZx6vjCkkIaS10HHvQqwRJNtZE+mc3Me5Q6K31KCcrqelAUmnOcaF9mAOAosxlCDgVxamLrFsYLkdjuFXIrDWeHSuksA5ecK5JXtSaOoa9erhUtUCwKD96C9QbGW4AdCIsZ+YLjy9cqcTStRfZUL83TuBn7ElBa1pinmKAUSsMT+gyEpfXzyujP1f4DIK8/UkWt02wvoSxCGD4UFw9KAwE+1QglYlofTOnlvYbxP4UsHvFBAxQtzuC9MIqdGn8EsAShcpKgAwMTrT6Aoy0LjBZEgzzgkFbRrzCDCkQXEKAYv1qAZbNsz6pyrJvjFMvAR5rmWN6x7Ug+1dxklDSqL9HkIFqVgKsxeonX/qO/pVxp02KWysyTnWVpVpfsxZNnJ+HyjZY0XSc++l9OX2raP2Ph0cQwbiXzW1s7XtTA2rc78X79eZ/oh0dKjMHDGaMT8b6BJmCTdLdKk0Jhk3yDx1n7nR76gJ2AW5mNODrP3qIfLVw2zi1oBGDazBlnMaO9cWZHQFWQFKogWMsX4o7HgTIu5+pd0nLmftznIVMBBCxOXOTzNT4hZTYWgpxoEvcxxPtCwNq84rNa0Popi9SSB2GyvJ1XMOD3cHibKU7+5z2WQst1ERE0fUeUwo0HhWGtU8lbGuUNmt8lmuvFFcXD/okZSxY8mb+/G5Pq3UTEMSCsE2wj2fhE+eWpR1Fdv9aTWpcRsDj2DJ7V8FQct9TRGSBRcjiBviAH6rH8ugaJO2cl4uoZXb2jcmrloz9Gv6j6bYFblXL/yEWVIDoYtiPTfF1n9bvvZnuVEAWVhfUpAxq6W5BoBDK9SqRrh9q76Ba2Q8MfdfRTKquA+h2rOBuedwsOQYPRd4CtBrhOlxHE7L9eo1DkObkS27G+jevC2p5NNLjiPQs1vA0S+hO7uMfDs+sbA5pTzgpX+cvWCMsTahuTHyV9Og5gI+5hxuGfRZHOXlNSul1ZuO42XwYdgURroEo4c8GwUvrizzI/RggB5wQuO9CSjOmtE8a+zcu8mM8lZKVKq71ywaQ9XgN89cHuvqkkQyyOE8fpa6P4FO0kK0W315Uy1rKzgtvkAY1wnf6ON3oqxf3xCRIWl0qbAMAuCREAOwtfVOFeoZaWiNJEtVDSmMgY8XK/pcghkiKPPwRlDSWjz85zIRNZ8zVyf40q0++BvBlil+oTxOCO/3xioh3H3Shfpy41FgstKKvkGuOjHR3PK/w7IyJ3dti8K5xe+eeFgSMCGad1pwDEyLTJNdkriDby03jvI0C5nVLYUIKb+4K0neAi1O59h81x3bcIYMO09/CEr9vO3puB855ZLYQtYQSorfkWnsLbpKqZ54Pory4oOmhIFF34j3k4Aqm/gmvfEj31EJqwKOALwscsJ6/gJSr8NclRezIiXrXr0QgQzID5+HkLJQIM4hrxXrqjTnsNkP78VTI2HJowXLeHvk/WtB7/5oclwSxuvR/uxuZ5pCWP/T3L4FqPDUOh1O9kw63IaNwQ7Z/NySMsqJhGhMyVhsVsx2cxJ4Zl8EO3COA7YRqR7QAU6+2RLxY3MniNL6A/gudga901MdOCFWAj7tOTU9uqgqaV9yyRefzgMxYIThNtyHgFulhPcKirbgAxPs/shmHMOa1kxp+fUbddnqdMJfXDKPzdA3+GiFMUN3NBv2XNKCuyU2XXaohXMMAf3/valf1wD4/cXkHkdXKpoteV2lwP1rhF4OdWdaxt/5qly/L1qvCX3EYPBzAVULrmJStd9f3neEEs84xKrglBnohsVVsXR0T+rOPC71DxblRFLBHn2dJeNaJgKWIhXS28FV86vzyZqkMQ9kh8nQKr9NlTyQgmCT4R1s/Gq+1M60zi5/Bp8rEBxQLWqrIw9xfE9o6hqWHxSiRO5Z98xoOxq/XMZc4JfJ9NqoeAxYePESST0vq20wWKOSherup+Za/aaqMWOlCPv0x5sM1fhQW6J807KzvMgmQCXj97aG49/51NRYFoub9q4o8Ozk0DR0It3RC20SJFmdVRXG/6A+6xlD25CZmStOFnRra5OU7bI8WTjeXwtgOBk63Mvo2gCiabmiBacZFThnD0Vsb7hqwpGOgMuEUOO04UhGAJyiG1e6rxElq6/X6FtaYbIthUlFpC48CGmkd9ey00GwMe8nL9bvC5YnK+/MG36Az8/GTEzJvjD+W57Fl7siN5pNEDHMJSHlN5HAVVdrid0ABMgQoSW8n8Gat7rCroCbn40ME47fPdUlZi2TXj/DV0B6tADVw+xJ4xMOdwRyuZzN2S/LaZOplRnhqO28dMt2h7CB2qlVwa+GSCPWASYU3r0U3i9VxTh+FBA5BqhVFO/qb0X+Et7dMSBceVDhhNV6ptFED9iwpILwhU5HL5KRoIYcFoNnmFHeVjRmVodsgTXn/UAuYng+nqiUfzRzDq65kJcuZTrTGPcxKtoWumiMnHm4+64AgiEMdZKO4l4mjmqeI6HsNG4wozC1tpviynSDKc0Gl/P9KzrjiD+g/uH9ExatriDzdCeKwVlDJgQLXqBO1rxZNU7JClCIvR05J9hyMrlYpxyH8D7ThYtfSO+gEpagcQSNnwaei/kO9JZNEFkX5SpvkrR5dasgiKY4/Q+9/BB2fX6i/b4M4JJZtCdYw/+2FyUcbqDRjplZ6JR9BY5RjUeJdwRWQFvR+Xd3pQwdhyYrNsvo4q57IhJMNJyexU2aJcidO9dyzby17vV7tWBTeskJhXJWa/cm+G6Sj4cT1VsGIPVy3OXdGruzQQF57YB+hOPhQpA68ZJUzdoF8LwB6AFi+ouBlKt/Nmv3/CtFgrIRXQApd8SteKO6b/nd2ctkLCi434oxeh24a/oH2pQcyHv9XSClt6+fNFmKh0l9BN401KVY6J1Mj5gVLFGRqy1cVoxycYeRBo7RMueIH9zdIR+GToPjxDACBC9H/mrKveaKeKp30I5Yh0KcIESuW9qKdmxGwPlza5JpVlmU6+6XFykjPm81j4/mU4H7i5PC7LvNqWS8tHUB2mNixnnDVR8bzHnWl3oMCAxz0IAUV48lvWfdHB30eybPFAifONBNleUQqVVTH0N6Svx2RH+vB7hmC65up49Dsm7nvErKUo4y+YIvolDpYVxX1WkraGakOob2e6qbKHWBH14js5zQX+mHRMVTI4JoBALJJe2EJeiIzkwWbx/3SiaSGN7uloQiprjQIcrZs4y7fQscDUlhGfxRKt+9LP99HYsCNTFCHWUGbJSAZZg4rsQKF/+sGRRAmt02YoNSE69r653dOGXVChJ4rS6lGLeoGY0PR0nPWsNcz7HRD7W2bIpAyPJ9NgvNLaoYziNyjSYg5BVgB8uOjbiSkp8dMsrC32QwCilbCH+RjeapxJq7CvU1jii4NTWxjzyx9B/noZnaAMLBIewND9GdmZUv5WW2A0SqF4k781qHvwMbW/a0A4YnbJmkJ9qO+D7A85twZR+CNW/mk+/+kWUAbGd1yG65ihLSWa7RgXBxu6ceONI9iktLRfzo5/IoYNzDt0MQX5zUuuZMikkXiZdTe8z5fADYPHgtKNHZ+xOql+u3LTLYbfCFv6wjk/7LMeOotTWwn6ztGiA6Q6Xw2aKQ49zyQbJ4D8b+IbM87pcdi5W3vkunI+H5XqEvpsHtqJ58RDcLPm4kAHayjo1alkzOWdsfZu2kcwpbU1IqeDmD3/A5rmMdY7MG1snw3UCHRHVnXpOCCarLzXg0dkl0DN/EoD8GkZpBbfQLcsrQJ/5PqU5qjM89N+5VntoPxdhq/9G7L+sRkw10xT/aRs/PydZGf9L2QefirZkFrW1tAghgDYkkNtVdZe4Ewm9x95kipiioRjIMuWoI87DqYRg9YRmBOcJVSQfgCuc91gItW7deYV6M88odGKgHhS0k9KdjjGDXzxEnvRdVpYLf890zs0yTAFJ4hco46aDJX0ZHpwhiIrXl+KlwpfkrhMgCc3MRYRNXjQPs2O1kbKNS7JLwCc74RjAHKaPBawCH7y9M7c9cr+o31HDq7s+1fLB3bMJwvGg3VK2ZP6Fh1UTE4orvjQOIVGZ115lPHDCyJ0LBh8S8uVR9qol6UEIEvsNsBO8IihR2nsccXgUWCRgOusF5cySWBPhgGOeFCUkRBmXW/sLavhsfZuR+IpbtTp3fxeEthJAhBrXFgZ3UY77UXlsBMfvLczbeUxjm3OPFAk6HI6g53H9guwCn2GYxXJu50yb200bq6gM0N7RA1gpKhuivMTaOpRSosJOAghc3oMfFWB/zBFSJx1vYtRvilZKF698dY/s1QZFyzeAobSlqwfg/VuW0t7JqLljrVUltZ+EhxU/v0hV0SVE9i5DwAiSLek1w5YfX7n5NkpfK7Je/OF2o5zVFodsiYKKf0ySOG11KxGMk7f97+IQg0mVblt5u45Ur1yR5kM1SZ6B1dMWik6s2nbQ7ht/kKNKneuGrPfZstcgih1NGNnr2Va6idU3Yhw2dVEITaZCDcs5kaAXJ/17UWBKifwAxRr9TL2J2VdIBXdYJ5W4uv+9WRHkNElNIqgMjXVi6X67hOVe6ZnRpWNyk+VOoTlAex+N4M3sDdJg6mZST5FR9L3b47t9UIIJmP9mOaY7/9Rf6A761pXrvVJTsNHydisZkY+TKVkYnmpxHjduPtRIILTDvwL/UzHtzx9ou8LmS9UZeLE/vhuIzaqGf82tACWGRLrhnCW7VM3kfzycfyEm0jo8oQ5QAzu6flokwBxPdb2jWtwaegrDbgf+6xke01sqxviQrxCOMSKM4OebR/nra6J88i5KGF0FkJxFNWYSwtZuPlhpp8lKYguMXttK1gZPSdAB7RPvLNam2qQD/doczdoh9OyD+3PS/yVgBg56YYuJlR2e9o4EG6Nw6Focc3R9NwAEyDj+pJVJlsz8ihvOPFJZpvEM1aPBd2CJrRNVaglZ3nfZ0HfhaFcPObM3662N2RRm1lFn42Jmb0gzFVr368OyvBTt1G2h1JFZeGsglrcarsKIqR79lupwRgfInDHijMi8I8DbZbm6AMKze5V+OrIYKvHCDZwqcC0u40USJGEQRI2XV426ZIympvXnqW/C9RL5UVxmTAnz0KLFX3CM6Nhx3OX+4Y98LMxKJtJN3gM9moYzwTiZny3Q+n6/hhFL9cCc+Z5qwiUh4ffAC5yz2Z+HAZ8nEGfO/H7xQ8c4RZ//y/ve4tf8GnIlwFR/LuUgcX+WA2vmPcNS2FdjO0er5ALNZBMkxW96PO/fXvaPooAREi/9uGeFe3pK5mNXzdaIV1R88xrtqi6lN1TigJmTfnOGPPE7KXs1Sfu21fnJ6CnrdyPBYKJmtPwI4BpxXpXz7KFyHvYA6xwPF+3L63cn5siMmBR+77Thc+4fEB+bquGCMQM5R/Sdvbvx4Z9HDbquEmYvXlkp69W2pYNM8DWGw6gbOjIvMuHnjHNUVAjgJN1QErFp6xAt71B24CQ6fUtPyKbhmk19TUpqWHlFQ8wXEWIYsaBmPYJbkv4mbrm4JI9+Z9QriOGJxfuRTdmfDDk1hhub2iLm6xpx/ch4IuXh2egMv9oavuHIfHF/qAih3/aqr69siZois6QXaZPDqkBnesWm4kRQ/PG55OSgNvfeqKRQRoyuOOJH8jIWwgIFOe6Cazvr6mHGFsJmWStp7FvVkEdy7aVwXm4SkuEvg1TjNR997H+Ijwm9Am87G5m3Lknr/k3AQjKeMHJE/WkOFY9ph521fp7uR1CMuiSCQ7CQ3TL7NFgoz6W9JrfGdXtwz8nr96qzRqjyGD/nrgszosjlmq3b4LvlR6WjDVP9ZNip7cdbRX6Cs8VnLWOmZM9sj0IMvgvvdsNSYLJhP+1wmlotAi+v9zd5+e2T+mb5BDXOo95+x7hD0owHvD4b0578Tge/lBG5TA3wv+Ecux0E30UXZc6qRz80hLV0ijMyeFrWismXrz7wvyTuZC6211AFfVpgoJd0q9g+lGzyvuvJSy/AYz5jdp1uKKPCI+SyHmlOzDLkgY767DV4YKqDdJtvH9Lh9ZeGNSdeJfE3BrBAW4vglW4tRNyOSPq9Y9YhdfDxZyrYRasi+jjthmcmpmk7S5PIcc6nc/V9uYbbj35l8kJZJFimo9bsCQ0qweMTYeE2s4FB43DudS4oi7W8yiVLcbsH2fEKBnOKDcWWPFeXbwvkX0EAJiOj6wme8VsLJS5qXjfcFgIdm8gyRlbSY4A3TP/izhtqBznMaLZO4TGHONL4oiRkPf1mnqPshuLjr1x50cF2jMa5vmr82iNO1t3QjRtFlRzjAy5bQkEz3e8BRhttGCOTQlPQ2LqMm112rc9ProD/lVf6bmVpK1q6stYhZuPYb5NQTrvgOrY3J2TZJUFOKPO9Qax9qhLRyaWQbuu2YxhXIPXqdzcThQH7suFq/K/fmXhC4RxVkUDdKzTCyixWXC4m3Mj6wCH8JwZ3hqZcSwYRfvEACvUW+JlCW2RHXxpIctWQtaiNTiOyV0JyeH8wOVIm7gD9BRa8A4ScEnjQPIy/heX7krpHDNbjeaR60qrYkcAFzSDcYuulgrIDK9AXDP5S0TAGxSraTCsFJgG6bMOm9ApDXnJsLJLsyGRDDVRch/YblpP+bOs2Yz5F2i7BBv+mBYareS1CXCficUN1dkELz5Oa5DNjSGBQqTOFT5ka9pdOp/ZpJBd1P4Jt+2XHLZ9FXjfH9ahSQenh3KBgCDojQaf8szNiQH5FSiMxySH/trFprIoCeNKMP1v0up04kwn/HZgQ3LaFONR64xJOGwgerz737EXNSsXq0qp27pD+mZsoDHBwm2XDU/+BVxGtYcg//4ciMPIABlNtu6A8uS8lVmLUzr+4wH7p8MzC4UarKAoaGVd2CutIye+4K6KITw9ANV7pvSw1m64O6nZHKQX6qN8E+bHPRGFl7h8Sw1X1WL2sYvt/lnhzHIr26txvYjcx8PZfEPP14vNoHFDwLmd5W+cQInHPjUol7sIhTGJUtj/pmyQItSIh5/837rKIu+nWwMvO9qZ0wLYapjVK4X4Rv03YESNgDJhNyyqJgFJ13z6ooA3NvZo8TKPYmW+bqG+WQKqc4YdpfXC70CGHfAHw+Vga+IvqNDN+TtI/tZ2fNVh14S2J4e/avL7uTEOIh+OwLeFO9S3lRgpJIcXhoJ3bfYWbpRGp7LuS4tfGUQ5vhyhtaLQhBwWKK0G4Z0UWGbXV/7pC74LgbnSLT3e26m6hI5D8Qp0Q4A7YD1navEUC8mtGCu31FxzkrcR5jGqzRCOe5zFwGICysIe1dnTI26dLp6zsiCLuNjHEZv9bVQEeadIq8X0099LwzNkLoEGTk+POUeTVFsp/X92UXKfY6cE6u8d4ad+hO9P8k8T44zq4Q/cX3B1Ac50PbFvxRlBkxOkMeAWGveB6KYiuAmNC7qePjartcCZ4zuvtG7HDI1OSvM89wjJuJgw4anobFCI2EoIKURDlkfEEh3S3JGTq/4uDsag/lfVPy0hp9GAZNqK4CoPDTi91QNisuL3RRVebt4/UnPEorJxuzOm8EXqR94kFgUUesoh3Ywb8VO/luNP6cO352tczM6kEfHwe54MEUoNdahPltys4ZdNBKOlpDTPtDcolRfJy+a2cfVS+/a86/Zbx6Ef1IGIyXR7nOZzslpq4F9ZjqmxGQRHf1n90wwjXF2StpCgR15y1FBG2Wt0nPjkKvfoFLIf6gODyP5T78d6lk88oqpKA6WTcdahgcSNu8iGiPOG5R41SwNdYaOBER3eu6VhSU4GaPd23+tVRdHSpGwLzjTs3CgGUsyjJ7mkueD+xsNW9iF8yja5zw51UHi8PxXhu0dMm4DxEfpSoizlURsz5Eicisdiww5PX+v0f6eSGuMSNT23LmNLc9QSiIwnzWXsBggmtQx5My0/zNTtZjIRZTOVOHws7jH6HbS2tttxNXUfIUwfTOjmZN0P3BYGfabsMp5QsR0pz2miAUKWSk3p58szJv4OcoGNVVemykBYqSA8R8nqja0PT2fB1SOEowxdAynbCaRTrxjcXg6xSD34JpnNzWLm+1Z9Q879xFnceyX4t7MRflUIZJNlcrV8439m2HX3YpQ0DCsEQcHnD7u0TJKp+UwHijjn6UZOXcwth8fvHRLL3dAEYQ69ECDNPNtle0rsKKrCxIyZv50l+MSGx3XeH31YOnWH11iFkcV6qXcpzhtVYP3/uy8/U8bjws7BsqVFhZw2dFVxKfNK5QRzQDrQfkBI2MwCzeUFEh0q7zaUghO5II+L38YAXnM4E1KqP8asjo+H3/YDxVB02/74pvjmmuUB78fB5EalXn0AXY2gQeQ1UDQkhONCHg7FyiilUqHxB6G7sPkebgFQNEixQaqY+2dZYmx6RBu62pkK5nJBDSxgPTAHvQlfkVFtz4B1GNTATcn5RDEvj1i1ATk0xGIpLA79fzU1MDVY+7ToAqFnCWcc5OmzpSasrddZlWmiIlbrrFdnR6lK7rEK8kAvZBYJXsTCMEWN13dkZCoFS96YsoIb+pTF9hyJVnYdzI6igOwDdQRUrvLSJzVLW0HQse5v+madTbOm7B6bxXu0i4cT9LYk1iHtgHVKT4FMwtwIFet7xmM5KXUlKJ5m/mNuuG93pXxQe989680Hd/M/IGWv0wNyfbXtVgmq+4I63CTts8rkus7kv01Pxyjt9q+fc10OBeGVrGpU10wsLojS2bCgNN+VHOaLv6SwXKlUPXJA/bVZrkcO8TLez88SBBwGlNvou8iXtSfwGUxNODq39CyBCfu/A9Q0khx8RDBNV7QvIIJAVrz/MLJaOIDR0jp8hmXOf7QZnNTTi6CrHLkRiTXvWCIe/TILB4uJDbcgq03gUBp+a+AC5xIGT0ARTrjD2Pqb0LngBUx8upKvLFy/hyc9WwrmDDjjKA6XBQ4JoW4P5F7Bpff/qshpEFcumgNJXhmV41GB36xxPF208HQVj6exb4tgRzaqS13Iu3nr9tuBpturCqFmz6DBKQ3egEYE5IELdhELSWVw9jFtf8O/tFkEwXdzEbLK1L8uV11iMOAL51HXZv6TMBWTdpn38ba9FkE0MomGf4DNKUePjN3GhLSnOzm3k0Nf+pxhbTh/IUJoyqmk4I4Xh8HfpvxBZale3xjl/I3f8wo49gmu7n/03Hiu6A3ChujnzpmjYLE/iOcWnxnwlG8X2L0UXbU2/K9DDfePBpIrWKid+iFqWYKGajWnH0o9dwAg7HQlHvQ6RBY5M8bZaLMZy3U+2gv3zzMnLB5DTomBWQT+9IPr50N8C78zBYpxYOGnRXbC4DIfnKdIBkS0pk/XAM79TnaKztWY8BZ5O225SMxDBlpTM7clbgjKV9uGCS2sBJyWG4FiTNteBvxM2mpCFLPLlis0Co1YVcQOsPp2guPQHklNkjG0Yyd+41YEYrxUaAG6/6SGJZvARQHJfzRKUpRQXzbQ7wsnn60qVeAUBZJxXltudFs5DpLotCB4Ncw2Jk8BdSJaG2ESbXgVebFDr1a6PG2Z7rFctD0OpOUmih68BSUlKhBHAcT5nyIPTU+antMyHbGBy0m4xUvnRTSF6WtKD/P62FdznPnENRGmd2pStHxoeLSw3vPl3KDHDrccloER2PgFC+i/1HolYOlw/nRnYQVzOBYnRrqmAnnePe5qVCbtU80ROv1MPyC4F/eXrcy/Xs8PKLyMVPwl0N3X5dL7903PCBwLZwtFc9h+qqdHeoGTX01XX5yU2xSehuGYMiGHNiCdm3a5oIceTH0wlBK14TPFkgcqz/gM7uHFiFOQbYXSm1AgN0VFsnD879mzZHm95n0/x3bOD3JHAsyJt9qm9kw11B5xbHaiTo0q1GULy8YKVUk4FAzxwPjqJl3Br5n/0/g2MHW9H8eZRcfZIo12JpA1qGyk038Y4l1KZSU7A3ZoSJYcEcE+O0y6t0Yk8cOFDPwSZ0B/9onkQIpMdjWv3eliMjjLjeB575zVNwtxu/shkbXJYLjQu3pnouLVDwTfxKUuoMjtOIHXzoU52JNNIArx8FokNiKC2AWhz6NjurXc4VPtRFWEg8WCgFJLkVynY7rrMC0IagR2EAkB9lwRjiLKR0KOt7aoHQky8H4dhGPKuLYvOLn+U1w13HP5qIJCNDtQ28FzivYA3AwQDu8KuiLxT33DCZWAY/N/UHZTud5USo5ccXXcsszG9u3kyFSaJn8i1BaTkmEp5M47Yo/PecEAbO90oV8or+You7rsBST7tF1YafuGnhgPELk32Phk/HiTRUzXhWECyjvupIO03ARLq7j9p50Ovh2203o9BlYY47yKLDalWVjyiuwqfyytW6Iv/LgANszkEEk2LHoOmSGaGan+2ieWiaPIGfHd3/5yfAlmxL4QfOyCvTpjaVta0wqM8wctOtlVRRtoy5xRsScu4LCugogLoLjuVCG4oyXtAyfTqIjOwHoUIwIeXEl4E/YRRHqCLMqwbLKV0MAhsgZTm2E9dFjqN56GzuXWVQElspnmsD7Q6Fl0bxXuEDQnt9U1/uBiIexJE+NESB13YcX1y3uWDuRjmaQJowlGKE8ZzeAJ1zVB5MfwVZ8iQm/I0ReSlVe2+ymW9zemKQX5VhzahCw9dDPHWPKMctVy7ONyKpElTKEAddKSiOdVmQMmfz8P46+6Q/Rgw5gyyU7Gvi+JDye8rIVM/zSf3OC/5oENXZuZi+Ch0SvNngYFnaT/vQajNPM3+DTRbFX778lkcpxAohdHbuTsL3FZB9tCFxk0bppzASIGiNg5F3F8PgWY45rRUcpC2pyd+qZmjvVAPiCPNRcr+jGziGlnZZdO9pTie11xBzba8vCYrk5ruPZ+rMIQuICjoBNjh8atcuOTak1gpaELpZqKdiVnSTTvUmHKyyCWzWmTFsni/4XMtnUi5E1polN2AoBiqur2X/jdgfkeWqF/dwWex1QEKkQbkPkjBxPgLaN9qxvrvzoBsOC55CsN5ijrQeloQ6CUPyHIkldEp9ZszOSbdoXzcNkuZ5mXC2iwuRnkHiIDS7HnQ8gB8MxnXB7HB+pNE94dDzCVc38jNlxCXUUzICs9lws3rb7XCs/srXZV/OiNr/LwuYvlPEVfQ5Mm5UfiNtxEGcEWmN+Sb5j2NZ0wsFW0utS4FDxsiu36Dpfyg7+qznbvWzMP3fVdshnCm1CSzV9Jkmsl2tjBkJza4bP8xcbc2+fSBy6/eKWWHHwxpNsIvamV59mphbmgeploPEAReb3EjiFJwrQgEScRWtiDY422KBwA8BvJj+GUOGkJYcNMU3m8G7u9V38ShU2/pFYrYQ/5GtGGAHkJ8wDdCczYxcKhmj888dfI8hYh5c7TLXWiEaPKrZf4jgfJ3TMWxp3X35OTCSLSPFluWDXWvLXDbvsgHviI6+t4gGt4uNsj/yJv4L8dzNYuZ3XaOhY6HzxoVrJbRz5lGwoqiqODZjz04NEJ/cb24BOMhfQZwJu/2IPT5mcSYDZrZ1HHJp2Kb28uDDXZoELJx7Vr/QDrmon3qkbGvFZgFES/LyZmutOiHcuutkNHyTRhZGwHyr2NAA35hQDXH7rGj9ipregw+u5SS/Lequ3pvgSZQhuZaJ6NwgUrJC7kUDj8r6l6F2ZOfFb46geiAp7Def8Pd1ojBddb8J+euc4Ytz6ThQaW4eATcdG9uWooFBO2p5U3mM1NFF6Iv8pKEiIjwdEiAJP9KwbOCzVEqjKloo1qLE0PMdiYdh6/e8wF4tZrug7/9u6Y6/4GMeTmnb+/Ezn28z9MlhrW3CIP6ZleaUqx9dbNlyRFrAJ8rAySGyDeQ2w2gGDcCb06McoZ0XK/Dooy2GKfF5gLUVjLd7PPfm/zqNmiL4023qFFas6giovRPoF3AsbI/xFBiETNSs5QOUAWokr9WbrraPsVvL3nFoYHX8UwHORQtG77rdwvtCQiZ6zUSds7hEEH9rox40Z2/c+dSzVG9G2QWtr1cQ2EInH0Hs/WBABwD3XeqAVSKHstKZB6nmYQXGWYrIF7LDPqORjDwrOxvCx293bKKSwx7YxlK7r3X26Ax0n1uHj4V5bL8MO/c/dBNqVtQL2DOJ2wT1AmFOWfbSNvwAWMRYi67ZlKerzsC2M5JLFqwbN8+BCnhRNZfvcHLkLTgbLHvVkZig1ul3wKrqEXSFdnq9Gm9Gba/6zi7NdA1Uu5W/jIGutlX6IhK3zuKeFKg+W1/rATqSzo+maVFxTQPpg0LQ21z8brBtGiEwKtgU1qH6MeFJMmuBK8XMVpWZCvW7w6LKI1OTWK3AU9mpevcmC/nMQ13k99Rqp0lyLZJ9Fax+ZgSQGDxnRcpqLV9P8R/yx7ZDipno5jy2bYzBjUIn9MwOtOoiRZjwKsNsgcGKRpAVgmnYBLvaK2xykGGEeNiQVL5U5eczquiLCXA/HVhDpUpRBjqEhIDTw2q5pLgpIGGNz7tmHmArTtUbbLZh+1jH69VIbH2sz8AhvgqQdWW5id8HYgoZwtcG0BfV28iOKafQW2ORqwy5JcdCVzGwINHSYw00uJFU2+cXhvtVhGC6pTkvhQklPai/nEyMDYRg6USt6fFUdQufud5AdjF7hhcxdN5KNvGK3/K4jwwUeDwbA+EL+bc5+Wkakcd/tHXC5SUlcjz6O5wdIWJqz23+dLNAQN7SE7MTeAh7jCW37PBAu9fpcFoJj5G54Hp2MAdmQf4DvBrYSnHTrPjUasQcP7aKvVBlZT7APFJKVtSp0mPJ5dz3cga+Re7Clir2C29m3+x7UzkEC2BPMPQ8DHicPBBPjKu4aFSnM+vDoAsQisWzbibWUzwy2qQtXQv7AHLcWniAzgvLSkwBDnEYbNGc7e8n4/QergqPBKFt1NsyNFjM/1K1P2GAZNXZN2xPwZ9xyEYoc9B34o4fauFUAMFj2PSdSYO5y+ZhF13nD3j2gZ7gRhfuilZDtiTh3EFWjzlfdKfx//v9M+fXdLx2Kf+ThfP0S/IUsMb0MbMde1uIzmMcKC/4S2CsAfMhO+s1TkHC6DPmiNDYbF5K8Yj3Tp/9oGsL4xX9l/jJ2eZsrxessszzEoFtvpXml3oYsK3M04mItWXz11l+HDVnZhCpdW436u+JgKkw5wB0XAxE38e3i8LWLNPodgUY+drYaXjgYQ2jn/3wdOwqkKURW6f6IMYugr1WCdZjIcX4nIbOtBYSmoDMAX4zPTvl5WGsmClYNxSQWkb2plRXe/irQ2fZKsUuD3Xku2qBAs5yMiwPXzmEZNXfEtoAH9pskdrimG5NANL3dfdwIuqBM/j3XUXvisiTak7mbEtbuwpCsVSXOWZP1tAJt0sn0eoykiVmJ7x3+HtAecQ7p61vLtXFa9p6hJy4R+QbXNqVJcFWJtQuseTPh/MUATTDrovrCH7gGB1ffA+SX9zGluz/wAQQ0GQKPa6RniR9Ozvwd/HQ8BMczLdSjyjanjidIvqGrPPsVOUw6tLvF89tT1ATI+u7tG2k1rQ6ZP0wMyjizRKTIKx792kFOpPK0PTGhxYNAVc6Tw2HgigkIzMhfBW6YC/4N4ZbbcSxAtDDdTaPTQsLUdBFyAvDQQl6uk4dWQVUtJDTjMpfHygA36crfg0qnT7+fSIQCvEN6go0nnXw3vTGa3fQtT1h8rFTWSMamwkyKTzWMmUSQ5SMnLiUSxlZ34Kyr9o4HJgZwMydWgX4bxSbKXC9FEy3XV190fiMkEErc7zJcuDjJbvQzpRl48R0F6M//d+bzryfvmFu9KllWbpjOPE43zKtyzoCQfC13bBOdgKDR5DtjIm3BzQiylyKxmc6Jzz/jUN0EXlFtX3uzI030+liaYxXUAmazZsNU7hBlxJ2jurIKHmB5LoGe3EwoL2XDVkrPPSJ96ArKB732rZHPLcGNvppYdVv9zxK6JnVVoxkOH+fz23Vxs+u/pI/QUKlqbrKKeWhMY8ohISUAbc+PWnQ7iVjrJElnbUhFnwYRBC0KtVnMB/tHCGN0OBq7DFqOk6w454wblkOonfcpSbNos6JVxCl4etNbRxtamrdgeasFTcwA+QyXHKwHsLL3yfki6YafnN9nDXvudj0oMWPlsoiPG3vafiB2koXtuDwGg3BZVFBdvcpmWXHr5c17E6tSo7w7TCRSvQE3TkWTxMhqlKzBzhJLu/1lvnltMVc7qKPjMXcqlhCIK9d4fp6nV+hF1xoRCYhxZ/t/bcnzAhis4nFyPKjjU5CEeOcb/rNdv+rD7/VT5mreIXXi9K2lgGXGOlQiwANZ/8K9iPBvm2ZBBrsp29wlw2Yy2zh8oN5vgOSZgTgedCPlf49G0SDZ5dZXBnVjQsYIXx3rYNorzwjWPCUZPWbSGrY0Bdn3xE7TtUoTqvFQS/E9qSE6pB087qmFus89Kdwp3+oM+qbyAgEpogm5e4dlObZ8QwIHKAgvIRDUunGQwIzQHG3RtlfC55FVS0tXVJ+IXPdzR4JOyDVAc8gMZPS5h39QQYTv46of3uQ7VMTB1Slxx8Tbun6xlW7OwTFQlkNgfYz16I0jEeS/if78MCmiKxeARzw+HAarShxWIjLfQeadpUD3h9aUz00xWUHYtDT7Jpuf0rBHHH5nOnsF8g9akaP0bbkndr0a5mMzwgavsMf5QJTc3f3Cun8SebxiLwIZrErFr2gtpgwfKEmXPBt1RUCn4+JmKA5E0M5kkOwC2nz9N5letKiWroyqpfHupcNgHBZtG2AXnjrJhNVspBSsRUWYY3Wv7GtFop11kbLYRxqRQ0xmSXTiOkMesi+rU3HlSD7+hvocOrie3rl8rWLBVHvUAhofLuCjvB2+xerlt/93iE7/rar2dyU10eUQPtcBrDzy7I50lgZVZJVI34jodNc4WjC0YdqPdJ0yS21y1hXTLTAIDEeqzgJfBN4hHgrXerLIdj74Ta6eAItbzEMplc+kq2GKOIX2uBiomiojKm+8nBjQ8UQJsPoQzJCE00pqbT9x+A3XLcJm6/omGfxu0I4wK5Xe2+VoY154n7n1Wqgo4TgKPTpYDO4IxOxPXEfz/MuD3Puh0vJ0z4x5AtBnY8qKlasAPnPlPplFgylio/mOvwaZpoRsgbqHU/E/7v7LeH9BXCz0wYVKxZGI4XHhTmr+03hlA+scEni0Ex850C9KXj9EAj2c+CWX2dcF19K8uGOC/Gmafh7B+igcZfmJ8dGjaQ4dLaAwqh50Pf+nX9qEbC3vDUEGntGldgtLecw+eXj+wDqzcMpMeJb/Mpx74ZFIs/CwOLEv1pcO4xLAp8uezOUAADULPlCEkw1qd5kDzhTAwddJG99hxVlygxKKv89n0lk+NqmekkOQ5DyWCxn2MoJVvEaAi1cRDM5YEJfoLnz+tOveFdSY8/N+RMioVzoE4ZOj5BAg7mCviWdg0RIFpoxF4po3krm9CuADAyT68CXO+a8J8E+mH/O5czvarkdRm71sTEy/3AB7i6X9qgNeQSWbfH7gCk5OgzEA8+XCfZJfDuYqeZ8lLpWt1xHhpkqfjhi2V1tAvxi8EOW1c74A03xzGO7ClQuv3HNGB5P5yX0dUNg5gh/ZcCD4a3uMZ9IVe8tfFASpxmY8GccDOH9LVmYQVEf8vbzqhzO38CXq0JNGU0G5XrDJxMnrd+3i1IZivCXPwY9tEOhuqFKvGUMTNSWvQsYeVu/ZCPFvHZn9rFH5e2GihnwCG1EuVcJwVzS1pPRgkEN0a5MYgR4uFqeBAOj+RsHBenbxEGrpSXbNcWrUGeycFtXG11czB+VrUMiZlf8B/7Ko8Mu8dF3MiMES1XqqJuWfNW9Wq5UUHUWz5DwkF18DciwpVk2G6h/Ge2aci3VMSnTLxBuvxpDUiss7GA8mpBw2RfUOPrPycRrm8N8s7foDi6sG+WB5huOOlYUjA747+wfjuTIVCf8eATDL39Vl76lre/jLAB7xxTejCm6Xp0Hgg8x0RLg3M/OLB9BNeOIQylht9Izyy0G3Metqx78dsOX9gMMLORYSpkxE6s5Fk61OESCXTue1RTlXkAXjrQzTxkPxsfK11q//ltOoPKW7jWh4aox0e5VF/HmHThZyHtrwsrs7okkJYQCDeCBN6EByENTGzFetTkA68L4wpyhNGTX2YK/hfz3VHQ7+bPkn8oHHbddw+AcHTHcM4/SMi/kCALecCKFGhlb/45dqzOssTK6LnbvVvMr6IhZTU7lyGhIiDScWVieZ7A7VUgh21ceQpWSM75FgXhRE/DAZlC9U0slKOahKgEJJ6VBB6E6BuVrKL6hnKdw8OfxIvMC6+bld9UUb1h1dnOhuLzpvKPapNizxjBbUCIhlnQ+nMgPc2xqxE/1P6tHVgfvV5pY0PA4U1dNlrQ+UOvhTcFaHgfMj0K5TLPUDdWeK6PezPShG5rAE/LC7IBjVAwsC0yT0DyX6A93++QANrtW8jm19Ub98wc6zXDdBl5s6kwpC7/h5B6UN3jklIFOTADW6f8I80MXLuoof1AM6oTJK64hPug7Ue4tHkklRaMxFQu8NAn2pUIMWTMMiqqgKpOECfof/Ub8dwDgGsP4JZOV/NUTfPMqxW17isnJDiLrSJWt1rU25hVdxtBrBcnxzRsW6MLMESdiyEwDhAeAB/F60ujHxz1L9cqgWn9Uz+CwxYD+P3rRDVTj4Q6j49cGdkyipLw3scvX5HIHI4HQz1XLJ2nzFYKXMa1onljWxEg1QG3JsNkhoqsG7wcDSwOPJku2qUrfarRb4c4w9G0YJ9kkPmowqlHPa2NYmDzlK+5obHmAENDwEjz6qgo/LEtO7KQdpHjwdm4rlnqiMnxAHWZozjo3Pj1tcOQIzTxw1GNGb1yheYiwk8/w7JZz7mcU7iFAXvZKiyc1g/4Hncsuce78OQ5LeV2OKYj4rlmhBsQJif9J+Ua0ryIKGKrduScMwOCFBmzrcPpWRtIan55t9tv4kW+KlFSz0Mn9KktW9XnpLdIWza75XmO5u0NhARdWqV7nBb79TbcyI+S6lYyCqJSuhnzmQoDQ0CCJkVJkv+viHUpasRT9wDA+wa4xniYCTh6hgFwLCuBk5gCnaqRLrBkuL0JITlB9BiAIN5F0c4D5tBrT9QYrEJo09GQv0u7HCwuKHXbmsKa9U38bEIha6sQac9X/u9AyF+q78ygSXyldqqGL2vQf+ww9Yj5kAXZVJMW8bjlIek5LzvvpzUoDFvIAGlPRmsI8qRO0OCQxn7oLUDbRyEi4aDHbel+qai47M5k76gAA0jvWUvHYiVImu+m1bGVMsjHadRDJb2fJ/jdvaMRGrKmm2CdC+GXNEDqUtIZgE05ycEsHERFeGswpQKdsK5semUlylkt6mqUYW8wqlntogkUnyca5I9xmGAQsZguPuou97I5bSjN3ewuKMGrIjxRimGzS5YndNgDHYysf5+zozW3UG0ReggrvbOxcGvQReNK8FLy8BeGlr9+aFIY0OxBhfRm0lbae9ABjFudqRMMtWF2SorsL3GIDjrFKxfZ9U7FLFS+KqwnYsX9cmd3Z6RAdbmXKZ2K6nPygez4+GccpRNX1XcvB2PZhZ1iuCs5XWGWgt+Ympugp2FmdnKL/F8hrPuQZMvVWqPg4LaSKpYU3l2BPhdwZutNtv2nT9jQVRX1ELCqAOw/F22zTSEdl0VmNZDPZtWFitDNGe3fHNbbCXNBYTVsTnSEqjOhi1Dr3iO5GUAgrP+rwsq5pIHCZ3rmSVoWzvl9R0ue/GW8bW+a23xEPeoa0YH7Z7G2kwGL9tvtr5J7I2l4TgxFZ0wKhSYtHd+WmtbdDQsFilzZ0YqxbfVSFOLuN3CJ3oGhKVs6AYRp324EDZYmZOmIzix7UU2o3U5tQULwwG81nSh5lRr+CZv4kI/5Hr6x/rIW5To8UNpBnyTLXRMLteqlfHDt+MdctUjXXvXcoQD/yGWldQi9049whsYaCZp5NrBENee9mTL4to3m9rr2jWl/v2Gap2ZHYYHUKgJ+jMyLe5HYcosMML1Rc45aq+CTov3/loO2ERRibfA7QA6McDqufG7ljLDOVzJfH0Hz2fjYCrZC8+geGSeyNeXK0OL1dyg/oVXW1b1UEALhr9v8MHFEDQ5r0c5BsPBiF1+9PX5A+j8KQ0TCLgK7awMPAPAtTkBdynXFmh2hR0ciOKUGX0PeWEcqgLiwfbLq3fmlNfX/r8dpKbz2Ba7t4Uv7I6WpSMNgpYtrm/ZZDNOMGzfSCl/vvUo945SjD2NDpz7XPbHlRpD/exf8SMRmFc9eg/1KkpfRNIT8V2hGWAbKz+E1wSJqU7KBuqVBPK4pjDupN7JGRfFDjmzjQwVTQycJTBnc+VbJljGYWB22rvdE6yZHdkcDjjGzomiV8J2MN/BLB6JWfAx5pw/e465KJ10jOHbal4aJeIKqFTJd+nveLhheJYTMpzhC+1C35M+iUdSdOXTjUDyMlCmu2nt5Sn4IyAHw5EjYnu/yyieiaGM9E8JvGDI+mpDx+UX+LatRLLFdC8pu8R3xEoQYQO0yzTNjsejSgcpoWaIJgIzaoiCOsoBUNuE87N3neuERe/5urKuLAxcad5lcp2SevyZrfzOyzgrJvy61Aijvg7dIJF6xquRHgl4PNlM176T0Ko0VE6ZiaGrpFLdC/OyulfF+rKr8v291qcKDXjtcHs6I44EFJySW2E33tRE4JyBg8frk0OAY+T0YvlxCPwM2GkTNwjrbOGGxIvOlASjOp/nIbRx4hWDAwOJFgkKoTh8wpcvXvNG1bxqzi1WEpPyz22tu6aAT1zXt4L8PPxV7glc6M8o3upqtPjeAQJwWrHGZ6YX4tk0RYU8BtbGfaANu/mTsyYyzJO5foc+9IrOhAAg42Mf2JXReSrIm1/MuSmPmLysme2p5iMD5Gm9sMSil+BwJwuvfF/A/xVcaDavUocc3sDevbNkJTgSNw9kz00EDuYZ1BQGmOJQ4McC9FIbpc1eW1GezLVssk1MYTCGn4yfaMp5gr3taR10e87aXE6URhfcpu28IrFhD+e8f6nmsjjlmBoO0AwQ6Blpbo1yXurygsRxJDgRGOkD89C+BhNHAYAStKOi2YWwShqmocobnIiX4RThhlXC5+nDOL25bELNZwfx9JNq9P3lDRqRCE5BpTrPsM6sTmKRt395wZF0dtWdW8db9BpOrsWUV7XWMR8JA+7G8G1hx/jcMbclCP6iZw32tUy6XqGPr4SBDZdLgCxnXYdzekoqO6oDrNWna7Tn0MRrgP0p61dJUctUS6ENGG6QQXli/gNJXguY08sJeiy9oV3v1Ljucg4+kTSpDC+3ELnq5ziU0iAT3xizUtKU4I4RXaPekh8iPLvWp1/CavcN82kvD2qvMGKVU5yhH/n+w6xDYO4Ro6nPKc5g54jap7UgCdwiD8e6cc/P/mspsCORFZZuHp2UJoXKME3HdxlHLLBq+wDK5KYRoP12PP/ti2K/5wadTVK+j9ksGsNSzvogCZ0sNOLe36u63yVZqWbMKyazXrMJ1BgjP/5bR+9IhLULlJpXlkMYuQWCN3s42f9sMupWhyKf8+iY6YQhBH6APFJAZjispuFv0NucNomhqv/EKQCbNUYhmertOTYBtN7dXIPIfCUGC7FvAJ9nZ0u2AMLIu/oqwpcJMsMmhb9ZSKEJlsG3a47wtw/KfDe60ZJLP62UapmuyS1KV2HbqJwKoDLHGss4UQkbWoK1mvmC8JzzlkQVH6PVezwbsnhbTy+HgSQx2z5cDYaHPY1ccBlhdiHQJeV6zAD82OCktdI4svG1I3G1FFkq5jQuytLODBg3BJlltyMLaW4t9w/9FkYNaacZ0GwQb5TlAK7iDOQIQor99aO993pZnrTRBGQVseEzlWL8dkd2Ep5zoUf12QZBMTVZuFiGFfnPu4cFuRLucgpD/IqwAiCYul2CXoI9T2Cd5kv9P1h+6PNYXtG8kypfmSfTEfjRJkSRb7lR/h0i5QOp2I0ufhaU8AvjIkO3izj5JptOWhUIVnebdmgfMJFkDsc0ZAWj4s+oOJHuMevkpZhM7Z9JR9qz/6k98d/7RbCdzpRhGXvKgkSSVOceeQdDWOOdvptgtLgzPCkfJI3oJ43a4MC5qhSaYArw7PZZjKVfSbci1K6nv6m2EP7GDpZJNCQhN+tWf9nyoE0PSMtdADhTuh8oPH5KKtSamTXe/JdAOyckHbSXeHS1NUdwgvwUM5DlawwFmuK/37z6MCeUhFoBd4hn/jH772eVUv0oKcSOMEyXDyRLsYK00pSnkrFKyFBf7bhg4t2xNJr5Pjz/7vb7S1NrzwqxpLDhHM6sSGmI5EHuhUIplf+Lhr/YwCRTF1xixGcm1Mb7RGI/e+V0TFALcjwWUpjkrp4CED0NQ+YmXDABDf1hd8wJobiOVZbBkMJluE3t7nF5JyMicqwGF5bCnQ9bjf5iRhrs7XBgNAimjhxqL28zGSADjKUEFTey1IVPxkY18qcA7evR6MoitCAaVpSM5V2U9iCZqFILBYxNdNi3Nct+bO7Vek9ackXzm46OO5xRCMvxJ+eiosTf1VK9Oh/+8+nFeWcih3guaLk3QX7ZL1hKhujFsWC8wdZVAcPsiKtYHENdpPaBQ1+hnwXVuQnwAhkV5y9yw//ocvWBWSlQtzDxBjqNT7KGPpsHJmPMSNljtUPw70Xrv28C9ugC+75MYQkTga0woiREv4wQ4I7Jsv5UOzRTymVoXF/x0uj3rnzIXFRL/o51sqRyF7XwqQvVnUk8Ne+HtC+W7yFmnLZVpR8LVlVhZG8zapl3jweV3aUJZQxI31ccgatFA+/EXGcPmhYPfLfJlevgDxUvX3CA9KRTSWASx+nhFzhIwyQUV1SlCnhZwoMpphZxEd0zk1E9h5+5/LADJlZdC73Zbtu3ldw1buVvZFi9BSNji8cBIO2BjnW/KWedVP6Ds4MFuCCF62ogMyz/x+aOtoNDvM8X8g1ST3ohgGDowCKWDdLMwOAzpQO/9/W5CFSpaLY3dmLi4F+0IXeD/aixn/vKtKtTBgYvm0QMM8Crwazd9XqqmGXVc2qdMp+QD5Ah+R78BhBjng+p914nN1CUId8x42UKk/m0u74EZJc+x5Eqvr7eITn/qFQ/NwH++iwxgm1j+d+BcxACe93sHaeXCQa2/kJfk6me/GztzQWqTeJfgEbZs+HYSU4XGc0DcpWSeKFYKkVaOsXwAbWj/8LXyvm6sF150DMAeZ2zgg0OuFw1G7i39Wu/5XNOS39MDvJPt5q2zVZ3293JIWscflJsFDKpxKJVbam3VKtKIFYj7GGmquwJ4xhWbVDkgxXw8RHNbFuCZo931B+iRMeSG+jPDKYrb3bv7HEG9Yc2q8BXbJzNTWYJ6AqazhoyIhbC3r5dzgWpkfXOFN2YSLNd3YMePP9jhHFqMpk4sLP2T/oT2KcvZjp8c9Xsr+YsgpiTKsbdqN0gsFF26/E7X+LNmcQYga13/D8hfOCu300K9CFUPLFtG+BwDCZSYBo48ylHOwDZUhG9OhTXXjB1TqLAuoFotpI+lq3Vknq5tL/N3jV+Wwo/Sv8dVXVJA0BzkTguv7XgGyhEudp/P356ZFhgMN3jCeRiYW4qy8Dx73NLsp7Jayt32GlNrVfh2tX76+lKOfqww2Mr+iug5H58iVaQNzU6Ugy0sUtDg1EKAPGlgySPf/+6QZhOOMgdqNuXuRtrI7eOZEKpSpLuZ1uNLYZPqIM1N7i3BDrITpavPPlKRQS6+Ux5tZZ0Nt0WzR1lhIBkJyRZbzgUfT/zDns3t1agYQxrwZJA7AaTPVvYoaKl8yF1+rCmSBHq25UjANTElW1VoxJ0/Ut2b4j/bWyC4fYIUvra4UP25+UOQTG6rpLR60mmHKwadNArxNtsHgiduE9ZW64QwuFTgrDuYkivouBfmRQopwCLfE5rtzQKKLLRCaLM42cRDw1Mr6xgMHPuqcPXw/YkfkZZHJ4qBDEPZ0rs+jqdBrPtw+n288TlgvKTQuEEA/V0nBi2z5t/rh6wsBjxmLdKZPTNAOiS7xhUjbGzqTaUWCM9mvkMVNzdHKxUqmuOz9ICQwUISxfMoyR/z9PH0j31SEOLC2OsOIv+wgSJ7RVfb5Tetb0dEr8PmsByzS3B2iY1oD68wAZcgX+BywfKNC3z9K69no8v3cMpHixkBsWx/m7cLcmrDRgBuL2956HRn1q9oiuqsZ5Pljm+vy/PUvJqkpYoxKbXQH9VaMxxbaQBCudq7jfHbAeEBXFO89VVau7u2h/6Fit1X0rkdjojWPddQ5wGpXQXz5YwmwIKIU1zM+F6nm+moNI6p0WO54cyGnzLvotvJfKRfq9oqHWG261pWgGIBD4v1AkJtw9c8qQAEusc1MwsSEMoaLZLO/miEZHys8v7FUu41UqdhSAzjpmiekvQi7sTl7/tOo5j0iLy1lJgvo74Y8LUlpt43RKYEkO8El//DEvLcjKJo8D2nOxW2D8hjsPXocNlzOC8RisX2oSotKWwyho96coXayuS6Swoet2CbymmTB/XA+QUFpJM4B1SRbI9QE4szdPaDARbbhcNDp7prONlBB6zMq+RGzgXTcA+cGrn1oJkTCAOlPWTeTtJO7aKmw2vHznCYZigqi5QUVOcsNH3f0Wq7GM6rZZo3ZyXNDqkem5Gan6OD82oab306fbVGFOs+3DYPzJ57rWR6yDG05GkdNk3LL5M/ZQ6iaXc1wRNNZZ9YiDD7b1WzKV+9Y97YK+1P17Ai2NhWEbx4CTCnPjl5ZV/xm4YnRa75s0jOCNyAWLDa90SgpUNcjilImEuzWqXMQfMXn1/Z/cVNm8N5mfhiHyN/GuUipOsomSiDjMWXX9qgc5T98mHr24zJUYsaq2FJQbCKlGLaVBJNazKsCEM0y0oZLqikdEYoavAuvff750nF8LGtzRQ7Cd3W3IjNcLV9HDTPEJmHepM4dpNQIRX1COqX6opFKoul1UX0+DVquIFid1SSZUy+LZEbVr2YV7/f6FnXngkguCnKw4FpCcJRacF8yhDOTuDL2n9HXYPugrbNnRSAmDDvGfhw1rP/CFxbadQPndYjSWTDL5K/1nbqFjKF9xOmZtj7r88PyeIOUza7stT8rdcWpG+IL9vmyRyIhzY3YHP+tpt6LTDQGB1TlGw8Wx0zDCx1tpyNmlFc1onne0e7wTIM3VtnCBXPHKfezY2O4g0hiMkmMXBhcA7u/CJUWsqmVOPfUYzYrAwEml7L2va6DAyuyV5NmSdlieBRoinY9MBzvNdlzxQ7plc+qbs0gHOQUY9QxuFlBTnMB4q7EQrgQ9shqJL0EnekUbb6GucRYKHBEh+wakH7woao81Xhkwen93D9whp/JtODhTvByUwiI8XemJ/bwRHJVlUSJOA2VT8UXxytUI4dqU1StBEcytgcACz4nhUa/d8f9tbrQFj6TnFRg5BXpXgDrBw4RmMf3KZJ4J1HeaflSPjeIcI+rEwG58Y7BdSVKXeRSP5/skeah3+KuUYpGOmNiKXpfmMEpkax8d/jDSUKutWARmwanXuDOCabMqBf4ZIx2Tuis+B4skxyxhzIens/s8AwgZH+9mW19tR7SMQzQujRXXlxVrSgQIvIZeXyoOHfsD+G0D188RIXgfG5KK4B7504gtMvnW98Y6Fuze2wwCk0qM2OnxP6ktgVwoBA3irWFTU9RIyiGLfkOmebbWjvIJyKUq+QiNQPz5NrRpdAT9k9F7ICqPWOwtipIOvnuZXWmUtAlnoDhlcl34Dzkq4LU+sK/yMI4uUzZJstUtuB9jmKkqk00CDL0+nWRNF0EdaSpMaWbBl5JJSwYHpEHn3zXDx60RcFK+4P32S7R/rJrf8slOPz3diVajauLL55PRUPEbRm0JLtex975nQyC+D0it72eUIJWSzoTMrkNHMgbYBE769OgRf8tKNJ5H6EzQXD1Hhbh12nDXLI27CiIDxTEyOqrOm+zX1/LFLrie8Wfee9uffaHINyXI43CzE+1Ny9YgTscY1SFBcLcrsLljWK+i9RDA/R9WrbhHLUm8YYvggqJrTtXBtiEHa0H3FbYzQQfC759xIuQCMjpS2DMoeFVoHlHZXfhFyjExhJaUZb6vLwl/CUrNtCDNw/ZzAKIqmGhT4qy84wOrrND8D/rA2snzxQrk7P7twkawZN3E4FSDQBZA5Y0qyuHXLwmGP4zl3yJ/rBzYrb3sSJStriuns6NRFo+ok6TnJ7Y9pKFuvoMIZ/eGFw6j8T5VhYcceU8yggbqgLuz+A64GGmIOSgZKnuE8tdiktgDAYb9LPYFRgQ06LspEwr2SHgajriAIt8Z58Zw96Ayb54AKnjzQ3LhnJieZ4bb+vP6mG0jSmbZuzFMYBG8KXw0njDBeVgDR6GoWKKVXWpTp0rUMx69aGR5fSygbx0kIJ7oEVMVHkiTNnBhFZmWOy4jYrZ3CaN1/9L9D1HfVhxdxC55IidT4P1PmhoaQtaDP3CRpnuKEjVrz7tKcyKscjXTAD/wnfOqRHVJzdyTg33DB/7X9euBRKeaiRZlGoEG4EqxHMNRDsr1YJPv8/miXbqeOxR808MHDePGdp4hMzNPfaPL+bMi3IAZkStLqwYz6rpPJ14NaQnUcFXR2f5E+/pnW1SJEFZ2hqZTwCCxhaFgfbjmvlbawaD4E1lCmVzxlxZk3JViMbkWiuSiwvW35mLypdnmTdqY1bNM1h7qfeMj71SkVATmklSQefmip4sxD8RAcy7C/Ely2AHGgv7UXvQWmano06gYVfUzCZpDwXQKErs0ktDGa9MQPlbAzWDPRyAgxMvAHc2iQANTqxSQJiltMFY9QUqn0KoWG8HLQIR5piXzoS1fN9tRq2Or7jmcm88GxhU7PiHTghrZNCIwGCN3x/V2Mpa7K8pHYK/QDQu5+vWKYmtQz/Ycll7DnM3iIuDN95t3wVbY4H6GbEPgRt6muMXOAS20WaKYm1gwaauRVAlTvIUOusaRxE54O8Dp0XKCS50zLKvjiIlwWxYbkyDVk22W1FxWcZAWgOmZPcZruOhpGk054HSvUsPBmxcENuXXxEfSHngBsPpMEVRWdx2QC9evFP4Eh9MXEq8B2IabPXwIl95cO3lfXk8i0adpRjRNHzglYAvzx7HmQaRje9UcirsekqnBEi4gEJPbu9nZJlQmkimtBFtUuyMy8evZ/Kx/H20BzQCjCSo4kjT+/pmeFF4divQgmkOaA3LDNzNyBQhm8216K6menqvDTi3AZE+ljdmd6Oj4Us/3z1RvyE6OnUwx0JvPIh2iSbaK/XqYi0fypeah7FpwNJ5ef4KCpLk2D6oBgtRLjFVMVQmLGA8zLauDFJ6HMRDYBoIu8SXxjXc+/7wGcW7W/0ybt5AiExDTu/+IYoHkm55zJ2H3akVAo62K/FLJ0vEZqWw7vFjKpEIacixSEH3yrrEiopEqZ9AaI/AH/uuCq7ZqRf7fBOaa2BfQBNf+eCpDFQGt/aUoRnmeHzSpGKgJ9mvuSI508isCafAQC9Samg/WSoRGOq1RDNPR8uJX/LhdK05o87QwI33swfBczjNCmAKy0mF1Qu+h9n0uV74BG8YMokhlWOXGbVlNkXQjXf92vMntNucamnXhO38e/UiawzvjJHxuYJN0FZC3ZP2luuPUxffQzjANvqfw/UmkwJlACVxgjVzIK+auBxZvSkKslkJhMGrac3JZHaMbXiCmvrjSlzIdtqaqHtCWONEvfWVogJX9ck9sDaCk5hXdzSY8QQe7Id5Cpt3WMoTi80/sS1+U+SBYfecoO6ZJ6z+ckuzsXjMOoqiZUrNszh8CsBkDx4hF8SPS2xJg/XULaj6H3eu2Y4Yzm2JploUUr27culNW2uaYPAg2gXJdgcd2N0/L4Frl+Lg500GVZGgB0eh41Ydd9P/Kh46xPekQZP5HZHrChx6pRYBbwf9Eb+QTyV11Z9Mn2+yoJ59wnRzXqy+PoOXQm3Otlkvq1oQRXz+7KqGaoW9O+7WMX3Q4J4D3LFoutlAWu9Gn2bTbDl4BhRJ0Q6O//XF115qwaLOTHMw9E80QKon3Cw/+JcsKUB23xe2sFdLUHrimmEXscsYY4UDAYZJlKSZzj+q81MYvzJGxls8NgJM58dhIIRQxEr4kCSFW/VbxmRUu0iksd3Z6JIvTyYxaACVuVYQ8TFHTCpOeg6Sxb+aROj4UKanOkly3bLOgeHpmEy+NbO+vjG60/VsGnfKoUAHN5OW35I8F3MaW215oPDNlzR7IYhklI0/g5H9Q6b2lY9Bm94cHb/bXUM9ZnwgmPG+P2f7UOTJbeeYx1836eZCVdEEs8NdIxycZ72nAy6KPIdeSeDkMw600CpeqZSFWGZKSaWJ6iiKROFZvc8Dm5JZEYNDZeypymck1kEvsKD9fugX/yNDHZooRSbKeZpGHVN2IGfa4g1J5qNWE8tctTkfpSy4614OyUbuAqwwahX/AkExKwTZ/1x7XOfGxw7Ncg0NqDYaVxeMLn6vCnzwWhK9hp/1zXCzTU40m8dr/kjmIu08ptephalqIl/yO8qhVtiEiwork//lr7I+gyyknsqq9QmDD9pSFHYl3dD372ecL25B4EbmWIQauI8voYsIc+QxSkYkSnTG4MXy0dL59ufiyknXNejVXIvHIMTw9X4kv/7F3fEFCcwuIs/s7U06ROGJ+zJOGPE7h48CRUXQUuyxehLB7w2JzcfCDAAxpBc0CJt8emUpVNXgHTV+D5M2m7E9NLNFuB5a1iLDr+Pa7vDS9IhSLuc/GX6KGFcoaJBVepiHZdBL9jD8ubfnX+1jaqq3nES25UXgnKW1/kH8kE01N8I8HYjfrEC1xdMxeuLoEMklOiBQNeyA9zAHE7Jgu8/FJceVqh5CsNgTCNvlEGEOgB18D2kw+H3a90z/doylhEWmWw+WdwWR7axNcDOUK3Xjoy0XkxBUMvPVbl7c5X0IwBY++vuHkJsmo+2BhODy6QHF/a9MXgow/zLp64o0gKreiR8GhpkaCO6ryMntfC2qORovEaUvPKIQ1yiuhbHIj9RN+DL2e1sik+aDrcDaC0ywPxQeLOJ17fb1J1/vWK0U5L3P8ZxlHk9p52jPrpQX6sfftDm4bw8agmFstq8Mv4Ufs7TeYgw3uk1xEdsK/dNJaOBrFKeE2/u+N+fNEO5WKcL4CDOMGa+rncMzV4ArkXfq1ZZyqM7/9qQslu9K87v1kLIyulB3lSd2hoUc/ByWtvbOU41lKU4gW+fDOkZz2xVS3ibWtD1ELXkXdoHoZCtV6MKLd2PxRl+Cykf2WMRIDiATFAkGqhvRxXySvwiYjPXPx04TUzLg=="; - decryptMock.decrypt(testData, "IDA", false, false, null, null); - } - - /** - * Old decrypt test. - * - * @throws InvalidKeySpecException the invalid key spec exception - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws IOException Signals that an I/O exception has occurred. - *//* - * @Test public void oldDecryptTest() throws InvalidKeySpecException, - * NoSuchAlgorithmException, IOException { String testData= - * "IXBo95Kc+8+OLBUdISp+tfY+uaa2UX2iBStyJ4T9KQB1f6qKOUdQevBl0bSEdMQCu/nSlX1HxTtXpbjH24vWUZuwM6V2HMmsSKYYcoPGQONojKTw214PB32pYbeHT0g8yXgPhn/wyBOEg3RaESOTXwujEmCmmHIEtbhMOmLv8M0MHNQHhx8gr+LUBovrm1Om5S/06VOHzli7BPjbMgN9tahYDDMVuTpkeMrrJhfI5aa/QCY0zhajd9SYYaqSe7Os5/jP/fBRkIXnNxttn5z7rCaNMGc4DosyNkt8ORttOxGcCNHscomA+eI79zm+BZS7+MY1aix/4qhssL0lWPokFg==rg3WqmbbFkhUTPQdKcvntxy5n7TjOHHsyZUyIfqJOXs1iBQNShfDD4bbjUnqI64l9v7grEm3s2el5bwwgibeK2eDhQzZNXQyN/fGmFWOwY8B6tySDQRZelc5ltRHUvHDfzSMyNK5PhMDP6S4LNCFPjuN/yrSxh2HMzGzcz2+MYpQ8ZASXmtWNgHt6mvYOEyUKwNB3OFyjtRPjZddbg4f/WqmJ70PTsTm1wWvkPVSivZMEeN+RV7Jx+tIgGbZvGWZpuNxc03bMY9WLqks3Tzlj37xsmtgMjSeqx2Cp1ytHrC6cNcyIPBWtM1dFbUz1dZwifvvsFz/H5L7LuR62WN8kzGhzHBsu9tpZ99l+83tNyz7jWg/GB5A8qMjVJr26C1x85oR/HXk1EnZl7kY9aandLdE9qXdOFDMbqvN/zR3YGG1eDr17JkTwyqI9JE/Gf6Vl8Ha2MOY9ejXazUOo7MUhnra54ZNtvOsioh+0ECkV9kx45G3v49bqYylt16rrhMN3C1LWsjLE6nWsre2Q30NNz665lbjd8TPL3yomTjLn14NOP3kA1sXBwqZ16RKsazU/9/6THBhMDCvY9z0g3fwSqCtZ/a0PwK7YmX9uN3l8+9DA7fVxRjTbKgt8tmprcmcUV2qvmVOq9jGJYXCGkMYI058Pcx1lFxDiLX9tKjZgIh5e90mCImiDk0T2frUndioBYTwghakVXL8xmUWKH6R4ISu219BfCXuDMHr+MLDK7gjSCeC36oeH/Q+cVpW9BiJn8lRsiQeM+vP1jb/guKo+D69kyKwf5Sv+5bCALE2F46adeNOBu5BHvvIiTfbp1nVgIQu+VHdZnCda+heELMYYNy13/eudb+7HpU49VYGER5e79DUV9mm2KpgmljbmQ+plGXJd9zjw9NQOqwvSH8kbOJJQrnsWWlZoASiz/Oe5OqWnCVpkvs5muvcmZWhpxpOTIHsZs0J7kNgKErbgi0x9ov6ID902b8RTjISQSXnHQ/14ofTtighXniwxq3t3IkRAbc2hOEkBspPti20ivDrIh/pHS8g7jZkfYToEiiFUyvyJdc4brQhamtiWDBDexfLvEf9w7m/LygC7AUIhCG1GSu3h63FXKyTmxeq0sljYMLci0DBsMli6Tv4Yylgm3u9ZPKYe+K6A4lUmkmzrB2lfgbsJJWE88MYdE5mLDh1raDyBrj3TdvyRVsO3BTygGjAC5HgeXI0kzCsQTuPwxcklJr6HyRQmGXrXB1kCKoeTwmOsB/mOayiFxOkJRR5Y66hlHr/Xq/4dTx0zz9AvwjB3+dSm1XQRdVkFNoQJQbaq/qRrNPxv8XgXa5GmW59ZyRlJVTYpL5mH8ZWJsWX8gkAtWDZ35wwS813KoM1ExKbLw5Ya62fBKihEH68H437M3rcipk4hxbKp49p5S5HZoMWYQNaOCfi4qtsEuCGGJLjMV4WNZYOS4HYwMXZP06oXQb8Rvzu1H65r1/z7UiBqxlyYu1oEF0nXIgfMk5ohqWr9Nk4guaMrN1yo+N/yzs8haQABeBBW2zbI5s8xKbUAoN4Z1vYDUsxwP36Zxpik1yw40JFP9RL7gPEKwkf0T2RJG4nqz+mMYLp2WwgI1ro2VEUnrw5UkOr/2wtpjTbOStsOjJO+ux3NxvWDu1K+sTiTE89DP3ap5rrw+h9+6Z/e/cPzt28QLGfpHjvvI1CzQrX1ZWTS0BB/bExwPieWvAnSs8lur5XvvJ2B5TzyJbGhpz35vp7QG4m5ui6rCINa9DZO84ZbE3TOJxYq4MfGOksjzni+7YMIbhND24WTuNWzg0EwpunVihug05xKQti5gGe2gYq7iZZBG22TbucOVbqCwWYQ+ox1la6HZAcvjYJg3WWXdyk1kqLCtz8xwdHAyLMRsPjcYa4eZiNsDruUdSpqzU5WuK9JHkzq6QTgdoBys9ZvAAlro9soiZ44o46Dr3szxf0tCBujzfLI+D4iRauzs/CmjQ8Dc5tHArs8Zp5SKM+vGIieRgmTSa9O3y/AnUoBgAixHoOfzZavdZNB+ubfsPHPNUxDMnxuUSAybOfy44zrceMJ5lK5dsTlFl9fNj10BL/G16Gy0Jtpuz4wMVUmNrBQyrHE8CooPPQJWIFusqIZLM2KpwVksi7eSIXa8ircNglJ7fAFYsLB/FM7Yvsu9kL3l5zPHWibkdBsh2uEJKcH3vGszt856fhV6eqx9gf2fISQYZElNrBOx0N3a9dX2/Oghef4P+rQevEUs/93HWKHRlLjnfFmhYre1HYhDW8jfR1mnATBQ1XSyueiVvIUsSapwfJWdx2qAmVXzKaPJ7qWsBraGUJUVQo9zbsBslId+tWjjPtwHcSkegK5AVLGJf1Hm7/ySrF+UMVhKmJ8+k84f6Tfpof501zdoDO6b1wmSmcyfhRM6RDFEild1s8Fu0DBcvlb8btKxXBvCs1EU+Rv/SnQJ9nzh8g5yulpoQ4Cbp0pp335sP+Yz1Ykf/c8wkmiqzPgUJBXFFudDWT25O5pc0amimL19owMhFSsZIOXsjR4L7wwcsx4dO8gFKHRU0vFi0gAwgw+a0/0hjdOU7A6ySg1+9yI4UasiQSP9ZSknd5F2ZYezJYGO4PbmInvgAwxOCeY76MfzQuZgvphQ7t6Gp2HW0mHK7kaQbntz16tZiv3hpZrQWNBVN0edLhWlu1OIv1GEOY680sV2qzfEgKZOl3i2UQBV76++wlizDLhP33b8KPvmtCWSIECFHiahDpoJcGTNtRWT1fRUyzDppeyVVxCrfKU71nvcUcahHayS/seVaDVQ3xdpf5F2OPK/E88InHPxfA4wsPFL6IROmfum/gnqnvjZtE6sYPTU3lP5qu7Ron/dO1qXdk/rvPBENnToNMMO7rj3paPqGF//PftC0JXw5lXpoFCvFpxZk9NkZ2QZJTG+KqLSVgErR4sw/fr/k84n9FIZQCLMfmbn3n92yvMyFgkdJAynL0/2JJ/ryHq71N+i9scUrqMLdnCjbidCi6RhV55Xq8ZB+8Ttv7ym0+xB7J3O4dp/PnndCz3S97A9NhoUC/SEd9aZVK2xPre7ttQZlOszwQ/NjO0oq1XjQbLCOawA0liT/BLnUxxn+fr8E0YC0jI5nN8HBUqL6/AYE32B+zMm0nP81cGqsYGIa19fHiQrG0+/Z8mFpVM/YqbGxPnb8DEybGM8NyccG/B9ST4eJDTHMfDT6XOS4loXtrbf2BzPjCa79RVqkdgeFgYIELz2f7CaY9ujefiQMmkDCvcGRxxZzFUz62LId4SSTLzbqdDq2o6kPWqjrhdIe9vkUzidQi51HyQi0NdaUbo9jdnAcZLYHg/dtxH3DGoUJ43yfvFEDkA37YL5OI5dRS3NqNBpF7hisChfpoz9x1u88c+zHW4Iiong9HLqAMbOa1a/K4gyydHPb1WnNSpysVgeciJdZPtsINO2o5O67OGqdERilLGa3gba+JLvXPkDuM+DbWpol7p0f3ZTufrP1uNCY3DC1+vmFpfxXaf+sprgi/m25fsnSOUSBR4S4mdbVkKhKgzldLHv57PAeYjzOBWUaYlRZmT0pTeDipDgFl0MKdwCi98q+38rizn66MZDoVOsaiNtWF98L973+GR9edjSn5n6imPsfcfn7EoM8MmWBsjsOGce7D2eQHxlMHMpW6rMcaaemdscxgiP2A0vw3avyamad09pSCxuU2r8W2q37vRJreHRm08wLGm/5RflCPeEbirOpSXyVSbxQzwfcdnrdCqeasQ2H6T86+ibXPKJN+50D+j8+m5xCdHvc6kTf9UJyRlSFTP25zNrrpXKXjWSJdAm8gNUbvoTlYMkB34WHfQxIqv+zu7rTxmbGodr6N0wFSda+uBi4fybrn9AJZMzRsnYiWCLoVNsnjzySmdzfoPkiy4Z9viaG42IOURDxWkfCLbLIPYauGIknwX6PVhNmE73PRuAOTMTrW8dzbyXjCr0EbGHfI9pYU3MGNY/T2g3Av/WHoU7OITm6BdyySAXnLShoSvye8pwoEnCEprbOxy/r9SXspgRRUq9RHQTctDC0jzosF2CMjXnp9niuIsMmpZ+UTyS0oR8WdGoUGch6MZ/OK/MagNgwkdclZ5UEWpDBU2D23ose6e2XWieTydU7Q76Zvdy21YFiZH9Qxqtm65+U9bjeyZ1DhgkGdn6S7RQUJm/okEUoA+aydqo5ufXvHfyrTPvBN40OXk1fE59CqFFxl950mDN3EoQhm/Qsxya5NtVsaYYvBvALtiowk+Hza6sMfNDWkQMI5pEqIv5vqcg/MU1MKOv7Hqhq8L+wQ+H98fyTJJUEmnaixGnWmow43aR6MVm9msQWiM0CzAXv+za3EygGyeWyWPah4lWUygnbIt8qTxhvKCFtmgF+1Qf73GKumnlpMUOjiKqzwrNANd+G2lG9xKvCm600+WnWSFiVyr6YCg8hbsvB+F9USGoRXWkldsAt60f8BaIL0G4HgBBvQ8OWTZNrzSEppmQNoWIvniRuGQ0qi6wcyAKsRoyar8bHID4buKfJmpt/vcVucYjzevEIuLxcoU4DkI7rCbwv4MYbtEOLXkAJIKhfM2kIsSkPk+FwsQNdB2nu135WGhSWCZvKnjdOmfWGMNdXg8k43T7DFLyVrojdqXgu3L2pEdDlvsIda4k0MIrx+QoIKZuCvuynMccFi3ZGfyqTktOGi7bbR+MOOH75k2BD+ypcpm+yNt9YMCLmCrMw76Cgc8xK3ew6Del0/8QXQofv+CaNh/ZD4kxEVw2ulyE/WwjEF02OZuoVVMHJFfWgDSRRjPe+3GkaXrEVuQh5rqjWZhb1Xee+r2iC6GB47YL9+l0ugO9lGgAWGA+XaZ8WylT+oZXGWI/UU//gMlu4EtnenU3kpkUBVWuy3Z7aYKq3y/8rpMSUsDY0u34cAJfBSgI6VoOejQiKJIqosDrVMF/ifaKKEihhB/Opz7cwjVURzzUq5AMW74DkaWG2OnHiz0VmDk8oVIfoPXA6sWLixnljJz9HZa60FPq/yiR76OGkDro//Aijs34FkeakBwEskTY3G8lSLXYj0AUcUsfYXwiLnr9eC12WfHv9oyWF9o8wgrD15XOihDgNnfxw/E15LjwudLvyMFG61bLv/PtJpvyCHSF4hsCM8N7G1h4JU9M3as1lLeMmTsJLydPvxa5rOqS+WxEDS1NZ+H92c1Kpwlfb2x5XbMQCQCOdItR7Cn7Pzxl2gtfLiUjs9qWSKwZgPXAhfYjeoPueXVu7SrFavTPgX1IavQxKBkoGjn3XLpBhIWm3VYy1DWczLGKDzw6D15GO8DpEcsJNbdHWZaa9aaJhQZEpZgd7V7kGu0D8PfiPoa9DQHiQIPZGAGgkNMLssKDDFOTDSFjwXo+9FlwrvpVP9IGSbPEtYPhptisuQfR7EowMdBQmZ9TOI3YAf3+L7vf1qbvWrc2Uvr7NhS6rzUQ8MK0R4h3HWEXwKUfxebleEjDZkDMzEhrc2IiJKvymSLNmAJlz5d4p1eVpzao265XxC/rUu/xPinTcnzzOtFhuzcWHMo4pbAmj7lA/YOpVXuhn8Twpy1y/TxBl7+kXOSQ/2rB9YhBi7YfjQcp36F37NvufeLvSMLXXReFktXZH+2HD6g9KW7eloIdYlM5vjgBzBDhweCu+x27Bq39iS0naDyYw4apP4KMVcssYoNeiLc/XotlOWPIbsAkdUGh1xlVy8EEv1KWY29/36yOj78vQDasPd8F7Jop5ifUCGu0iKXv/3YV+Hs0v8Pmivfu9FAv3CZ6EfeSs6JNaPIZWfjv1mvnFh873Sz0p5+OSE1tKCj3GMgdSavmUFNMfrZWeFj+m7jZWkw9PBEEL2/zrs56mrI7idefUPXcQdBTexAh4zDRUQ6n7ZgUSEoXWlWDjE5JZ6nviP5pP+mY50R2bmc3N48LIyogxvtFEDoMFjNXZx6vjCkkIaS10HHvQqwRJNtZE+mc3Me5Q6K31KCcrqelAUmnOcaF9mAOAosxlCDgVxamLrFsYLkdjuFXIrDWeHSuksA5ecK5JXtSaOoa9erhUtUCwKD96C9QbGW4AdCIsZ+YLjy9cqcTStRfZUL83TuBn7ElBa1pinmKAUSsMT+gyEpfXzyujP1f4DIK8/UkWt02wvoSxCGD4UFw9KAwE+1QglYlofTOnlvYbxP4UsHvFBAxQtzuC9MIqdGn8EsAShcpKgAwMTrT6Aoy0LjBZEgzzgkFbRrzCDCkQXEKAYv1qAZbNsz6pyrJvjFMvAR5rmWN6x7Ug+1dxklDSqL9HkIFqVgKsxeonX/qO/pVxp02KWysyTnWVpVpfsxZNnJ+HyjZY0XSc++l9OX2raP2Ph0cQwbiXzW1s7XtTA2rc78X79eZ/oh0dKjMHDGaMT8b6BJmCTdLdKk0Jhk3yDx1n7nR76gJ2AW5mNODrP3qIfLVw2zi1oBGDazBlnMaO9cWZHQFWQFKogWMsX4o7HgTIu5+pd0nLmftznIVMBBCxOXOTzNT4hZTYWgpxoEvcxxPtCwNq84rNa0Popi9SSB2GyvJ1XMOD3cHibKU7+5z2WQst1ERE0fUeUwo0HhWGtU8lbGuUNmt8lmuvFFcXD/okZSxY8mb+/G5Pq3UTEMSCsE2wj2fhE+eWpR1Fdv9aTWpcRsDj2DJ7V8FQct9TRGSBRcjiBviAH6rH8ugaJO2cl4uoZXb2jcmrloz9Gv6j6bYFblXL/yEWVIDoYtiPTfF1n9bvvZnuVEAWVhfUpAxq6W5BoBDK9SqRrh9q76Ba2Q8MfdfRTKquA+h2rOBuedwsOQYPRd4CtBrhOlxHE7L9eo1DkObkS27G+jevC2p5NNLjiPQs1vA0S+hO7uMfDs+sbA5pTzgpX+cvWCMsTahuTHyV9Og5gI+5hxuGfRZHOXlNSul1ZuO42XwYdgURroEo4c8GwUvrizzI/RggB5wQuO9CSjOmtE8a+zcu8mM8lZKVKq71ywaQ9XgN89cHuvqkkQyyOE8fpa6P4FO0kK0W315Uy1rKzgtvkAY1wnf6ON3oqxf3xCRIWl0qbAMAuCREAOwtfVOFeoZaWiNJEtVDSmMgY8XK/pcghkiKPPwRlDSWjz85zIRNZ8zVyf40q0++BvBlil+oTxOCO/3xioh3H3Shfpy41FgstKKvkGuOjHR3PK/w7IyJ3dti8K5xe+eeFgSMCGad1pwDEyLTJNdkriDby03jvI0C5nVLYUIKb+4K0neAi1O59h81x3bcIYMO09/CEr9vO3puB855ZLYQtYQSorfkWnsLbpKqZ54Pory4oOmhIFF34j3k4Aqm/gmvfEj31EJqwKOALwscsJ6/gJSr8NclRezIiXrXr0QgQzID5+HkLJQIM4hrxXrqjTnsNkP78VTI2HJowXLeHvk/WtB7/5oclwSxuvR/uxuZ5pCWP/T3L4FqPDUOh1O9kw63IaNwQ7Z/NySMsqJhGhMyVhsVsx2cxJ4Zl8EO3COA7YRqR7QAU6+2RLxY3MniNL6A/gudga901MdOCFWAj7tOTU9uqgqaV9yyRefzgMxYIThNtyHgFulhPcKirbgAxPs/shmHMOa1kxp+fUbddnqdMJfXDKPzdA3+GiFMUN3NBv2XNKCuyU2XXaohXMMAf3/valf1wD4/cXkHkdXKpoteV2lwP1rhF4OdWdaxt/5qly/L1qvCX3EYPBzAVULrmJStd9f3neEEs84xKrglBnohsVVsXR0T+rOPC71DxblRFLBHn2dJeNaJgKWIhXS28FV86vzyZqkMQ9kh8nQKr9NlTyQgmCT4R1s/Gq+1M60zi5/Bp8rEBxQLWqrIw9xfE9o6hqWHxSiRO5Z98xoOxq/XMZc4JfJ9NqoeAxYePESST0vq20wWKOSherup+Za/aaqMWOlCPv0x5sM1fhQW6J807KzvMgmQCXj97aG49/51NRYFoub9q4o8Ozk0DR0It3RC20SJFmdVRXG/6A+6xlD25CZmStOFnRra5OU7bI8WTjeXwtgOBk63Mvo2gCiabmiBacZFThnD0Vsb7hqwpGOgMuEUOO04UhGAJyiG1e6rxElq6/X6FtaYbIthUlFpC48CGmkd9ey00GwMe8nL9bvC5YnK+/MG36Az8/GTEzJvjD+W57Fl7siN5pNEDHMJSHlN5HAVVdrid0ABMgQoSW8n8Gat7rCroCbn40ME47fPdUlZi2TXj/DV0B6tADVw+xJ4xMOdwRyuZzN2S/LaZOplRnhqO28dMt2h7CB2qlVwa+GSCPWASYU3r0U3i9VxTh+FBA5BqhVFO/qb0X+Et7dMSBceVDhhNV6ptFED9iwpILwhU5HL5KRoIYcFoNnmFHeVjRmVodsgTXn/UAuYng+nqiUfzRzDq65kJcuZTrTGPcxKtoWumiMnHm4+64AgiEMdZKO4l4mjmqeI6HsNG4wozC1tpviynSDKc0Gl/P9KzrjiD+g/uH9ExatriDzdCeKwVlDJgQLXqBO1rxZNU7JClCIvR05J9hyMrlYpxyH8D7ThYtfSO+gEpagcQSNnwaei/kO9JZNEFkX5SpvkrR5dasgiKY4/Q+9/BB2fX6i/b4M4JJZtCdYw/+2FyUcbqDRjplZ6JR9BY5RjUeJdwRWQFvR+Xd3pQwdhyYrNsvo4q57IhJMNJyexU2aJcidO9dyzby17vV7tWBTeskJhXJWa/cm+G6Sj4cT1VsGIPVy3OXdGruzQQF57YB+hOPhQpA68ZJUzdoF8LwB6AFi+ouBlKt/Nmv3/CtFgrIRXQApd8SteKO6b/nd2ctkLCi434oxeh24a/oH2pQcyHv9XSClt6+fNFmKh0l9BN401KVY6J1Mj5gVLFGRqy1cVoxycYeRBo7RMueIH9zdIR+GToPjxDACBC9H/mrKveaKeKp30I5Yh0KcIESuW9qKdmxGwPlza5JpVlmU6+6XFykjPm81j4/mU4H7i5PC7LvNqWS8tHUB2mNixnnDVR8bzHnWl3oMCAxz0IAUV48lvWfdHB30eybPFAifONBNleUQqVVTH0N6Svx2RH+vB7hmC65up49Dsm7nvErKUo4y+YIvolDpYVxX1WkraGakOob2e6qbKHWBH14js5zQX+mHRMVTI4JoBALJJe2EJeiIzkwWbx/3SiaSGN7uloQiprjQIcrZs4y7fQscDUlhGfxRKt+9LP99HYsCNTFCHWUGbJSAZZg4rsQKF/+sGRRAmt02YoNSE69r653dOGXVChJ4rS6lGLeoGY0PR0nPWsNcz7HRD7W2bIpAyPJ9NgvNLaoYziNyjSYg5BVgB8uOjbiSkp8dMsrC32QwCilbCH+RjeapxJq7CvU1jii4NTWxjzyx9B/noZnaAMLBIewND9GdmZUv5WW2A0SqF4k781qHvwMbW/a0A4YnbJmkJ9qO+D7A85twZR+CNW/mk+/+kWUAbGd1yG65ihLSWa7RgXBxu6ceONI9iktLRfzo5/IoYNzDt0MQX5zUuuZMikkXiZdTe8z5fADYPHgtKNHZ+xOql+u3LTLYbfCFv6wjk/7LMeOotTWwn6ztGiA6Q6Xw2aKQ49zyQbJ4D8b+IbM87pcdi5W3vkunI+H5XqEvpsHtqJ58RDcLPm4kAHayjo1alkzOWdsfZu2kcwpbU1IqeDmD3/A5rmMdY7MG1snw3UCHRHVnXpOCCarLzXg0dkl0DN/EoD8GkZpBbfQLcsrQJ/5PqU5qjM89N+5VntoPxdhq/9G7L+sRkw10xT/aRs/PydZGf9L2QefirZkFrW1tAghgDYkkNtVdZe4Ewm9x95kipiioRjIMuWoI87DqYRg9YRmBOcJVSQfgCuc91gItW7deYV6M88odGKgHhS0k9KdjjGDXzxEnvRdVpYLf890zs0yTAFJ4hco46aDJX0ZHpwhiIrXl+KlwpfkrhMgCc3MRYRNXjQPs2O1kbKNS7JLwCc74RjAHKaPBawCH7y9M7c9cr+o31HDq7s+1fLB3bMJwvGg3VK2ZP6Fh1UTE4orvjQOIVGZ115lPHDCyJ0LBh8S8uVR9qol6UEIEvsNsBO8IihR2nsccXgUWCRgOusF5cySWBPhgGOeFCUkRBmXW/sLavhsfZuR+IpbtTp3fxeEthJAhBrXFgZ3UY77UXlsBMfvLczbeUxjm3OPFAk6HI6g53H9guwCn2GYxXJu50yb200bq6gM0N7RA1gpKhuivMTaOpRSosJOAghc3oMfFWB/zBFSJx1vYtRvilZKF698dY/s1QZFyzeAobSlqwfg/VuW0t7JqLljrVUltZ+EhxU/v0hV0SVE9i5DwAiSLek1w5YfX7n5NkpfK7Je/OF2o5zVFodsiYKKf0ySOG11KxGMk7f97+IQg0mVblt5u45Ur1yR5kM1SZ6B1dMWik6s2nbQ7ht/kKNKneuGrPfZstcgih1NGNnr2Va6idU3Yhw2dVEITaZCDcs5kaAXJ/17UWBKifwAxRr9TL2J2VdIBXdYJ5W4uv+9WRHkNElNIqgMjXVi6X67hOVe6ZnRpWNyk+VOoTlAex+N4M3sDdJg6mZST5FR9L3b47t9UIIJmP9mOaY7/9Rf6A761pXrvVJTsNHydisZkY+TKVkYnmpxHjduPtRIILTDvwL/UzHtzx9ou8LmS9UZeLE/vhuIzaqGf82tACWGRLrhnCW7VM3kfzycfyEm0jo8oQ5QAzu6flokwBxPdb2jWtwaegrDbgf+6xke01sqxviQrxCOMSKM4OebR/nra6J88i5KGF0FkJxFNWYSwtZuPlhpp8lKYguMXttK1gZPSdAB7RPvLNam2qQD/doczdoh9OyD+3PS/yVgBg56YYuJlR2e9o4EG6Nw6Focc3R9NwAEyDj+pJVJlsz8ihvOPFJZpvEM1aPBd2CJrRNVaglZ3nfZ0HfhaFcPObM3662N2RRm1lFn42Jmb0gzFVr368OyvBTt1G2h1JFZeGsglrcarsKIqR79lupwRgfInDHijMi8I8DbZbm6AMKze5V+OrIYKvHCDZwqcC0u40USJGEQRI2XV426ZIympvXnqW/C9RL5UVxmTAnz0KLFX3CM6Nhx3OX+4Y98LMxKJtJN3gM9moYzwTiZny3Q+n6/hhFL9cCc+Z5qwiUh4ffAC5yz2Z+HAZ8nEGfO/H7xQ8c4RZ//y/ve4tf8GnIlwFR/LuUgcX+WA2vmPcNS2FdjO0er5ALNZBMkxW96PO/fXvaPooAREi/9uGeFe3pK5mNXzdaIV1R88xrtqi6lN1TigJmTfnOGPPE7KXs1Sfu21fnJ6CnrdyPBYKJmtPwI4BpxXpXz7KFyHvYA6xwPF+3L63cn5siMmBR+77Thc+4fEB+bquGCMQM5R/Sdvbvx4Z9HDbquEmYvXlkp69W2pYNM8DWGw6gbOjIvMuHnjHNUVAjgJN1QErFp6xAt71B24CQ6fUtPyKbhmk19TUpqWHlFQ8wXEWIYsaBmPYJbkv4mbrm4JI9+Z9QriOGJxfuRTdmfDDk1hhub2iLm6xpx/ch4IuXh2egMv9oavuHIfHF/qAih3/aqr69siZois6QXaZPDqkBnesWm4kRQ/PG55OSgNvfeqKRQRoyuOOJH8jIWwgIFOe6Cazvr6mHGFsJmWStp7FvVkEdy7aVwXm4SkuEvg1TjNR997H+Ijwm9Am87G5m3Lknr/k3AQjKeMHJE/WkOFY9ph521fp7uR1CMuiSCQ7CQ3TL7NFgoz6W9JrfGdXtwz8nr96qzRqjyGD/nrgszosjlmq3b4LvlR6WjDVP9ZNip7cdbRX6Cs8VnLWOmZM9sj0IMvgvvdsNSYLJhP+1wmlotAi+v9zd5+e2T+mb5BDXOo95+x7hD0owHvD4b0578Tge/lBG5TA3wv+Ecux0E30UXZc6qRz80hLV0ijMyeFrWismXrz7wvyTuZC6211AFfVpgoJd0q9g+lGzyvuvJSy/AYz5jdp1uKKPCI+SyHmlOzDLkgY767DV4YKqDdJtvH9Lh9ZeGNSdeJfE3BrBAW4vglW4tRNyOSPq9Y9YhdfDxZyrYRasi+jjthmcmpmk7S5PIcc6nc/V9uYbbj35l8kJZJFimo9bsCQ0qweMTYeE2s4FB43DudS4oi7W8yiVLcbsH2fEKBnOKDcWWPFeXbwvkX0EAJiOj6wme8VsLJS5qXjfcFgIdm8gyRlbSY4A3TP/izhtqBznMaLZO4TGHONL4oiRkPf1mnqPshuLjr1x50cF2jMa5vmr82iNO1t3QjRtFlRzjAy5bQkEz3e8BRhttGCOTQlPQ2LqMm112rc9ProD/lVf6bmVpK1q6stYhZuPYb5NQTrvgOrY3J2TZJUFOKPO9Qax9qhLRyaWQbuu2YxhXIPXqdzcThQH7suFq/K/fmXhC4RxVkUDdKzTCyixWXC4m3Mj6wCH8JwZ3hqZcSwYRfvEACvUW+JlCW2RHXxpIctWQtaiNTiOyV0JyeH8wOVIm7gD9BRa8A4ScEnjQPIy/heX7krpHDNbjeaR60qrYkcAFzSDcYuulgrIDK9AXDP5S0TAGxSraTCsFJgG6bMOm9ApDXnJsLJLsyGRDDVRch/YblpP+bOs2Yz5F2i7BBv+mBYareS1CXCficUN1dkELz5Oa5DNjSGBQqTOFT5ka9pdOp/ZpJBd1P4Jt+2XHLZ9FXjfH9ahSQenh3KBgCDojQaf8szNiQH5FSiMxySH/trFprIoCeNKMP1v0up04kwn/HZgQ3LaFONR64xJOGwgerz737EXNSsXq0qp27pD+mZsoDHBwm2XDU/+BVxGtYcg//4ciMPIABlNtu6A8uS8lVmLUzr+4wH7p8MzC4UarKAoaGVd2CutIye+4K6KITw9ANV7pvSw1m64O6nZHKQX6qN8E+bHPRGFl7h8Sw1X1WL2sYvt/lnhzHIr26txvYjcx8PZfEPP14vNoHFDwLmd5W+cQInHPjUol7sIhTGJUtj/pmyQItSIh5/837rKIu+nWwMvO9qZ0wLYapjVK4X4Rv03YESNgDJhNyyqJgFJ13z6ooA3NvZo8TKPYmW+bqG+WQKqc4YdpfXC70CGHfAHw+Vga+IvqNDN+TtI/tZ2fNVh14S2J4e/avL7uTEOIh+OwLeFO9S3lRgpJIcXhoJ3bfYWbpRGp7LuS4tfGUQ5vhyhtaLQhBwWKK0G4Z0UWGbXV/7pC74LgbnSLT3e26m6hI5D8Qp0Q4A7YD1navEUC8mtGCu31FxzkrcR5jGqzRCOe5zFwGICysIe1dnTI26dLp6zsiCLuNjHEZv9bVQEeadIq8X0099LwzNkLoEGTk+POUeTVFsp/X92UXKfY6cE6u8d4ad+hO9P8k8T44zq4Q/cX3B1Ac50PbFvxRlBkxOkMeAWGveB6KYiuAmNC7qePjartcCZ4zuvtG7HDI1OSvM89wjJuJgw4anobFCI2EoIKURDlkfEEh3S3JGTq/4uDsag/lfVPy0hp9GAZNqK4CoPDTi91QNisuL3RRVebt4/UnPEorJxuzOm8EXqR94kFgUUesoh3Ywb8VO/luNP6cO352tczM6kEfHwe54MEUoNdahPltys4ZdNBKOlpDTPtDcolRfJy+a2cfVS+/a86/Zbx6Ef1IGIyXR7nOZzslpq4F9ZjqmxGQRHf1n90wwjXF2StpCgR15y1FBG2Wt0nPjkKvfoFLIf6gODyP5T78d6lk88oqpKA6WTcdahgcSNu8iGiPOG5R41SwNdYaOBER3eu6VhSU4GaPd23+tVRdHSpGwLzjTs3CgGUsyjJ7mkueD+xsNW9iF8yja5zw51UHi8PxXhu0dMm4DxEfpSoizlURsz5Eicisdiww5PX+v0f6eSGuMSNT23LmNLc9QSiIwnzWXsBggmtQx5My0/zNTtZjIRZTOVOHws7jH6HbS2tttxNXUfIUwfTOjmZN0P3BYGfabsMp5QsR0pz2miAUKWSk3p58szJv4OcoGNVVemykBYqSA8R8nqja0PT2fB1SOEowxdAynbCaRTrxjcXg6xSD34JpnNzWLm+1Z9Q879xFnceyX4t7MRflUIZJNlcrV8439m2HX3YpQ0DCsEQcHnD7u0TJKp+UwHijjn6UZOXcwth8fvHRLL3dAEYQ69ECDNPNtle0rsKKrCxIyZv50l+MSGx3XeH31YOnWH11iFkcV6qXcpzhtVYP3/uy8/U8bjws7BsqVFhZw2dFVxKfNK5QRzQDrQfkBI2MwCzeUFEh0q7zaUghO5II+L38YAXnM4E1KqP8asjo+H3/YDxVB02/74pvjmmuUB78fB5EalXn0AXY2gQeQ1UDQkhONCHg7FyiilUqHxB6G7sPkebgFQNEixQaqY+2dZYmx6RBu62pkK5nJBDSxgPTAHvQlfkVFtz4B1GNTATcn5RDEvj1i1ATk0xGIpLA79fzU1MDVY+7ToAqFnCWcc5OmzpSasrddZlWmiIlbrrFdnR6lK7rEK8kAvZBYJXsTCMEWN13dkZCoFS96YsoIb+pTF9hyJVnYdzI6igOwDdQRUrvLSJzVLW0HQse5v+madTbOm7B6bxXu0i4cT9LYk1iHtgHVKT4FMwtwIFet7xmM5KXUlKJ5m/mNuuG93pXxQe989680Hd/M/IGWv0wNyfbXtVgmq+4I63CTts8rkus7kv01Pxyjt9q+fc10OBeGVrGpU10wsLojS2bCgNN+VHOaLv6SwXKlUPXJA/bVZrkcO8TLez88SBBwGlNvou8iXtSfwGUxNODq39CyBCfu/A9Q0khx8RDBNV7QvIIJAVrz/MLJaOIDR0jp8hmXOf7QZnNTTi6CrHLkRiTXvWCIe/TILB4uJDbcgq03gUBp+a+AC5xIGT0ARTrjD2Pqb0LngBUx8upKvLFy/hyc9WwrmDDjjKA6XBQ4JoW4P5F7Bpff/qshpEFcumgNJXhmV41GB36xxPF208HQVj6exb4tgRzaqS13Iu3nr9tuBpturCqFmz6DBKQ3egEYE5IELdhELSWVw9jFtf8O/tFkEwXdzEbLK1L8uV11iMOAL51HXZv6TMBWTdpn38ba9FkE0MomGf4DNKUePjN3GhLSnOzm3k0Nf+pxhbTh/IUJoyqmk4I4Xh8HfpvxBZale3xjl/I3f8wo49gmu7n/03Hiu6A3ChujnzpmjYLE/iOcWnxnwlG8X2L0UXbU2/K9DDfePBpIrWKid+iFqWYKGajWnH0o9dwAg7HQlHvQ6RBY5M8bZaLMZy3U+2gv3zzMnLB5DTomBWQT+9IPr50N8C78zBYpxYOGnRXbC4DIfnKdIBkS0pk/XAM79TnaKztWY8BZ5O225SMxDBlpTM7clbgjKV9uGCS2sBJyWG4FiTNteBvxM2mpCFLPLlis0Co1YVcQOsPp2guPQHklNkjG0Yyd+41YEYrxUaAG6/6SGJZvARQHJfzRKUpRQXzbQ7wsnn60qVeAUBZJxXltudFs5DpLotCB4Ncw2Jk8BdSJaG2ESbXgVebFDr1a6PG2Z7rFctD0OpOUmih68BSUlKhBHAcT5nyIPTU+antMyHbGBy0m4xUvnRTSF6WtKD/P62FdznPnENRGmd2pStHxoeLSw3vPl3KDHDrccloER2PgFC+i/1HolYOlw/nRnYQVzOBYnRrqmAnnePe5qVCbtU80ROv1MPyC4F/eXrcy/Xs8PKLyMVPwl0N3X5dL7903PCBwLZwtFc9h+qqdHeoGTX01XX5yU2xSehuGYMiGHNiCdm3a5oIceTH0wlBK14TPFkgcqz/gM7uHFiFOQbYXSm1AgN0VFsnD879mzZHm95n0/x3bOD3JHAsyJt9qm9kw11B5xbHaiTo0q1GULy8YKVUk4FAzxwPjqJl3Br5n/0/g2MHW9H8eZRcfZIo12JpA1qGyk038Y4l1KZSU7A3ZoSJYcEcE+O0y6t0Yk8cOFDPwSZ0B/9onkQIpMdjWv3eliMjjLjeB575zVNwtxu/shkbXJYLjQu3pnouLVDwTfxKUuoMjtOIHXzoU52JNNIArx8FokNiKC2AWhz6NjurXc4VPtRFWEg8WCgFJLkVynY7rrMC0IagR2EAkB9lwRjiLKR0KOt7aoHQky8H4dhGPKuLYvOLn+U1w13HP5qIJCNDtQ28FzivYA3AwQDu8KuiLxT33DCZWAY/N/UHZTud5USo5ccXXcsszG9u3kyFSaJn8i1BaTkmEp5M47Yo/PecEAbO90oV8or+You7rsBST7tF1YafuGnhgPELk32Phk/HiTRUzXhWECyjvupIO03ARLq7j9p50Ovh2203o9BlYY47yKLDalWVjyiuwqfyytW6Iv/LgANszkEEk2LHoOmSGaGan+2ieWiaPIGfHd3/5yfAlmxL4QfOyCvTpjaVta0wqM8wctOtlVRRtoy5xRsScu4LCugogLoLjuVCG4oyXtAyfTqIjOwHoUIwIeXEl4E/YRRHqCLMqwbLKV0MAhsgZTm2E9dFjqN56GzuXWVQElspnmsD7Q6Fl0bxXuEDQnt9U1/uBiIexJE+NESB13YcX1y3uWDuRjmaQJowlGKE8ZzeAJ1zVB5MfwVZ8iQm/I0ReSlVe2+ymW9zemKQX5VhzahCw9dDPHWPKMctVy7ONyKpElTKEAddKSiOdVmQMmfz8P46+6Q/Rgw5gyyU7Gvi+JDye8rIVM/zSf3OC/5oENXZuZi+Ch0SvNngYFnaT/vQajNPM3+DTRbFX778lkcpxAohdHbuTsL3FZB9tCFxk0bppzASIGiNg5F3F8PgWY45rRUcpC2pyd+qZmjvVAPiCPNRcr+jGziGlnZZdO9pTie11xBzba8vCYrk5ruPZ+rMIQuICjoBNjh8atcuOTak1gpaELpZqKdiVnSTTvUmHKyyCWzWmTFsni/4XMtnUi5E1polN2AoBiqur2X/jdgfkeWqF/dwWex1QEKkQbkPkjBxPgLaN9qxvrvzoBsOC55CsN5ijrQeloQ6CUPyHIkldEp9ZszOSbdoXzcNkuZ5mXC2iwuRnkHiIDS7HnQ8gB8MxnXB7HB+pNE94dDzCVc38jNlxCXUUzICs9lws3rb7XCs/srXZV/OiNr/LwuYvlPEVfQ5Mm5UfiNtxEGcEWmN+Sb5j2NZ0wsFW0utS4FDxsiu36Dpfyg7+qznbvWzMP3fVdshnCm1CSzV9Jkmsl2tjBkJza4bP8xcbc2+fSBy6/eKWWHHwxpNsIvamV59mphbmgeploPEAReb3EjiFJwrQgEScRWtiDY422KBwA8BvJj+GUOGkJYcNMU3m8G7u9V38ShU2/pFYrYQ/5GtGGAHkJ8wDdCczYxcKhmj888dfI8hYh5c7TLXWiEaPKrZf4jgfJ3TMWxp3X35OTCSLSPFluWDXWvLXDbvsgHviI6+t4gGt4uNsj/yJv4L8dzNYuZ3XaOhY6HzxoVrJbRz5lGwoqiqODZjz04NEJ/cb24BOMhfQZwJu/2IPT5mcSYDZrZ1HHJp2Kb28uDDXZoELJx7Vr/QDrmon3qkbGvFZgFES/LyZmutOiHcuutkNHyTRhZGwHyr2NAA35hQDXH7rGj9ipregw+u5SS/Lequ3pvgSZQhuZaJ6NwgUrJC7kUDj8r6l6F2ZOfFb46geiAp7Def8Pd1ojBddb8J+euc4Ytz6ThQaW4eATcdG9uWooFBO2p5U3mM1NFF6Iv8pKEiIjwdEiAJP9KwbOCzVEqjKloo1qLE0PMdiYdh6/e8wF4tZrug7/9u6Y6/4GMeTmnb+/Ezn28z9MlhrW3CIP6ZleaUqx9dbNlyRFrAJ8rAySGyDeQ2w2gGDcCb06McoZ0XK/Dooy2GKfF5gLUVjLd7PPfm/zqNmiL4023qFFas6giovRPoF3AsbI/xFBiETNSs5QOUAWokr9WbrraPsVvL3nFoYHX8UwHORQtG77rdwvtCQiZ6zUSds7hEEH9rox40Z2/c+dSzVG9G2QWtr1cQ2EInH0Hs/WBABwD3XeqAVSKHstKZB6nmYQXGWYrIF7LDPqORjDwrOxvCx293bKKSwx7YxlK7r3X26Ax0n1uHj4V5bL8MO/c/dBNqVtQL2DOJ2wT1AmFOWfbSNvwAWMRYi67ZlKerzsC2M5JLFqwbN8+BCnhRNZfvcHLkLTgbLHvVkZig1ul3wKrqEXSFdnq9Gm9Gba/6zi7NdA1Uu5W/jIGutlX6IhK3zuKeFKg+W1/rATqSzo+maVFxTQPpg0LQ21z8brBtGiEwKtgU1qH6MeFJMmuBK8XMVpWZCvW7w6LKI1OTWK3AU9mpevcmC/nMQ13k99Rqp0lyLZJ9Fax+ZgSQGDxnRcpqLV9P8R/yx7ZDipno5jy2bYzBjUIn9MwOtOoiRZjwKsNsgcGKRpAVgmnYBLvaK2xykGGEeNiQVL5U5eczquiLCXA/HVhDpUpRBjqEhIDTw2q5pLgpIGGNz7tmHmArTtUbbLZh+1jH69VIbH2sz8AhvgqQdWW5id8HYgoZwtcG0BfV28iOKafQW2ORqwy5JcdCVzGwINHSYw00uJFU2+cXhvtVhGC6pTkvhQklPai/nEyMDYRg6USt6fFUdQufud5AdjF7hhcxdN5KNvGK3/K4jwwUeDwbA+EL+bc5+Wkakcd/tHXC5SUlcjz6O5wdIWJqz23+dLNAQN7SE7MTeAh7jCW37PBAu9fpcFoJj5G54Hp2MAdmQf4DvBrYSnHTrPjUasQcP7aKvVBlZT7APFJKVtSp0mPJ5dz3cga+Re7Clir2C29m3+x7UzkEC2BPMPQ8DHicPBBPjKu4aFSnM+vDoAsQisWzbibWUzwy2qQtXQv7AHLcWniAzgvLSkwBDnEYbNGc7e8n4/QergqPBKFt1NsyNFjM/1K1P2GAZNXZN2xPwZ9xyEYoc9B34o4fauFUAMFj2PSdSYO5y+ZhF13nD3j2gZ7gRhfuilZDtiTh3EFWjzlfdKfx//v9M+fXdLx2Kf+ThfP0S/IUsMb0MbMde1uIzmMcKC/4S2CsAfMhO+s1TkHC6DPmiNDYbF5K8Yj3Tp/9oGsL4xX9l/jJ2eZsrxessszzEoFtvpXml3oYsK3M04mItWXz11l+HDVnZhCpdW436u+JgKkw5wB0XAxE38e3i8LWLNPodgUY+drYaXjgYQ2jn/3wdOwqkKURW6f6IMYugr1WCdZjIcX4nIbOtBYSmoDMAX4zPTvl5WGsmClYNxSQWkb2plRXe/irQ2fZKsUuD3Xku2qBAs5yMiwPXzmEZNXfEtoAH9pskdrimG5NANL3dfdwIuqBM/j3XUXvisiTak7mbEtbuwpCsVSXOWZP1tAJt0sn0eoykiVmJ7x3+HtAecQ7p61vLtXFa9p6hJy4R+QbXNqVJcFWJtQuseTPh/MUATTDrovrCH7gGB1ffA+SX9zGluz/wAQQ0GQKPa6RniR9Ozvwd/HQ8BMczLdSjyjanjidIvqGrPPsVOUw6tLvF89tT1ATI+u7tG2k1rQ6ZP0wMyjizRKTIKx792kFOpPK0PTGhxYNAVc6Tw2HgigkIzMhfBW6YC/4N4ZbbcSxAtDDdTaPTQsLUdBFyAvDQQl6uk4dWQVUtJDTjMpfHygA36crfg0qnT7+fSIQCvEN6go0nnXw3vTGa3fQtT1h8rFTWSMamwkyKTzWMmUSQ5SMnLiUSxlZ34Kyr9o4HJgZwMydWgX4bxSbKXC9FEy3XV190fiMkEErc7zJcuDjJbvQzpRl48R0F6M//d+bzryfvmFu9KllWbpjOPE43zKtyzoCQfC13bBOdgKDR5DtjIm3BzQiylyKxmc6Jzz/jUN0EXlFtX3uzI030+liaYxXUAmazZsNU7hBlxJ2jurIKHmB5LoGe3EwoL2XDVkrPPSJ96ArKB732rZHPLcGNvppYdVv9zxK6JnVVoxkOH+fz23Vxs+u/pI/QUKlqbrKKeWhMY8ohISUAbc+PWnQ7iVjrJElnbUhFnwYRBC0KtVnMB/tHCGN0OBq7DFqOk6w454wblkOonfcpSbNos6JVxCl4etNbRxtamrdgeasFTcwA+QyXHKwHsLL3yfki6YafnN9nDXvudj0oMWPlsoiPG3vafiB2koXtuDwGg3BZVFBdvcpmWXHr5c17E6tSo7w7TCRSvQE3TkWTxMhqlKzBzhJLu/1lvnltMVc7qKPjMXcqlhCIK9d4fp6nV+hF1xoRCYhxZ/t/bcnzAhis4nFyPKjjU5CEeOcb/rNdv+rD7/VT5mreIXXi9K2lgGXGOlQiwANZ/8K9iPBvm2ZBBrsp29wlw2Yy2zh8oN5vgOSZgTgedCPlf49G0SDZ5dZXBnVjQsYIXx3rYNorzwjWPCUZPWbSGrY0Bdn3xE7TtUoTqvFQS/E9qSE6pB087qmFus89Kdwp3+oM+qbyAgEpogm5e4dlObZ8QwIHKAgvIRDUunGQwIzQHG3RtlfC55FVS0tXVJ+IXPdzR4JOyDVAc8gMZPS5h39QQYTv46of3uQ7VMTB1Slxx8Tbun6xlW7OwTFQlkNgfYz16I0jEeS/if78MCmiKxeARzw+HAarShxWIjLfQeadpUD3h9aUz00xWUHYtDT7Jpuf0rBHHH5nOnsF8g9akaP0bbkndr0a5mMzwgavsMf5QJTc3f3Cun8SebxiLwIZrErFr2gtpgwfKEmXPBt1RUCn4+JmKA5E0M5kkOwC2nz9N5letKiWroyqpfHupcNgHBZtG2AXnjrJhNVspBSsRUWYY3Wv7GtFop11kbLYRxqRQ0xmSXTiOkMesi+rU3HlSD7+hvocOrie3rl8rWLBVHvUAhofLuCjvB2+xerlt/93iE7/rar2dyU10eUQPtcBrDzy7I50lgZVZJVI34jodNc4WjC0YdqPdJ0yS21y1hXTLTAIDEeqzgJfBN4hHgrXerLIdj74Ta6eAItbzEMplc+kq2GKOIX2uBiomiojKm+8nBjQ8UQJsPoQzJCE00pqbT9x+A3XLcJm6/omGfxu0I4wK5Xe2+VoY154n7n1Wqgo4TgKPTpYDO4IxOxPXEfz/MuD3Puh0vJ0z4x5AtBnY8qKlasAPnPlPplFgylio/mOvwaZpoRsgbqHU/E/7v7LeH9BXCz0wYVKxZGI4XHhTmr+03hlA+scEni0Ex850C9KXj9EAj2c+CWX2dcF19K8uGOC/Gmafh7B+igcZfmJ8dGjaQ4dLaAwqh50Pf+nX9qEbC3vDUEGntGldgtLecw+eXj+wDqzcMpMeJb/Mpx74ZFIs/CwOLEv1pcO4xLAp8uezOUAADULPlCEkw1qd5kDzhTAwddJG99hxVlygxKKv89n0lk+NqmekkOQ5DyWCxn2MoJVvEaAi1cRDM5YEJfoLnz+tOveFdSY8/N+RMioVzoE4ZOj5BAg7mCviWdg0RIFpoxF4po3krm9CuADAyT68CXO+a8J8E+mH/O5czvarkdRm71sTEy/3AB7i6X9qgNeQSWbfH7gCk5OgzEA8+XCfZJfDuYqeZ8lLpWt1xHhpkqfjhi2V1tAvxi8EOW1c74A03xzGO7ClQuv3HNGB5P5yX0dUNg5gh/ZcCD4a3uMZ9IVe8tfFASpxmY8GccDOH9LVmYQVEf8vbzqhzO38CXq0JNGU0G5XrDJxMnrd+3i1IZivCXPwY9tEOhuqFKvGUMTNSWvQsYeVu/ZCPFvHZn9rFH5e2GihnwCG1EuVcJwVzS1pPRgkEN0a5MYgR4uFqeBAOj+RsHBenbxEGrpSXbNcWrUGeycFtXG11czB+VrUMiZlf8B/7Ko8Mu8dF3MiMES1XqqJuWfNW9Wq5UUHUWz5DwkF18DciwpVk2G6h/Ge2aci3VMSnTLxBuvxpDUiss7GA8mpBw2RfUOPrPycRrm8N8s7foDi6sG+WB5huOOlYUjA747+wfjuTIVCf8eATDL39Vl76lre/jLAB7xxTejCm6Xp0Hgg8x0RLg3M/OLB9BNeOIQylht9Izyy0G3Metqx78dsOX9gMMLORYSpkxE6s5Fk61OESCXTue1RTlXkAXjrQzTxkPxsfK11q//ltOoPKW7jWh4aox0e5VF/HmHThZyHtrwsrs7okkJYQCDeCBN6EByENTGzFetTkA68L4wpyhNGTX2YK/hfz3VHQ7+bPkn8oHHbddw+AcHTHcM4/SMi/kCALecCKFGhlb/45dqzOssTK6LnbvVvMr6IhZTU7lyGhIiDScWVieZ7A7VUgh21ceQpWSM75FgXhRE/DAZlC9U0slKOahKgEJJ6VBB6E6BuVrKL6hnKdw8OfxIvMC6+bld9UUb1h1dnOhuLzpvKPapNizxjBbUCIhlnQ+nMgPc2xqxE/1P6tHVgfvV5pY0PA4U1dNlrQ+UOvhTcFaHgfMj0K5TLPUDdWeK6PezPShG5rAE/LC7IBjVAwsC0yT0DyX6A93++QANrtW8jm19Ub98wc6zXDdBl5s6kwpC7/h5B6UN3jklIFOTADW6f8I80MXLuoof1AM6oTJK64hPug7Ue4tHkklRaMxFQu8NAn2pUIMWTMMiqqgKpOECfof/Ub8dwDgGsP4JZOV/NUTfPMqxW17isnJDiLrSJWt1rU25hVdxtBrBcnxzRsW6MLMESdiyEwDhAeAB/F60ujHxz1L9cqgWn9Uz+CwxYD+P3rRDVTj4Q6j49cGdkyipLw3scvX5HIHI4HQz1XLJ2nzFYKXMa1onljWxEg1QG3JsNkhoqsG7wcDSwOPJku2qUrfarRb4c4w9G0YJ9kkPmowqlHPa2NYmDzlK+5obHmAENDwEjz6qgo/LEtO7KQdpHjwdm4rlnqiMnxAHWZozjo3Pj1tcOQIzTxw1GNGb1yheYiwk8/w7JZz7mcU7iFAXvZKiyc1g/4Hncsuce78OQ5LeV2OKYj4rlmhBsQJif9J+Ua0ryIKGKrduScMwOCFBmzrcPpWRtIan55t9tv4kW+KlFSz0Mn9KktW9XnpLdIWza75XmO5u0NhARdWqV7nBb79TbcyI+S6lYyCqJSuhnzmQoDQ0CCJkVJkv+viHUpasRT9wDA+wa4xniYCTh6hgFwLCuBk5gCnaqRLrBkuL0JITlB9BiAIN5F0c4D5tBrT9QYrEJo09GQv0u7HCwuKHXbmsKa9U38bEIha6sQac9X/u9AyF+q78ygSXyldqqGL2vQf+ww9Yj5kAXZVJMW8bjlIek5LzvvpzUoDFvIAGlPRmsI8qRO0OCQxn7oLUDbRyEi4aDHbel+qai47M5k76gAA0jvWUvHYiVImu+m1bGVMsjHadRDJb2fJ/jdvaMRGrKmm2CdC+GXNEDqUtIZgE05ycEsHERFeGswpQKdsK5semUlylkt6mqUYW8wqlntogkUnyca5I9xmGAQsZguPuou97I5bSjN3ewuKMGrIjxRimGzS5YndNgDHYysf5+zozW3UG0ReggrvbOxcGvQReNK8FLy8BeGlr9+aFIY0OxBhfRm0lbae9ABjFudqRMMtWF2SorsL3GIDjrFKxfZ9U7FLFS+KqwnYsX9cmd3Z6RAdbmXKZ2K6nPygez4+GccpRNX1XcvB2PZhZ1iuCs5XWGWgt+Ympugp2FmdnKL/F8hrPuQZMvVWqPg4LaSKpYU3l2BPhdwZutNtv2nT9jQVRX1ELCqAOw/F22zTSEdl0VmNZDPZtWFitDNGe3fHNbbCXNBYTVsTnSEqjOhi1Dr3iO5GUAgrP+rwsq5pIHCZ3rmSVoWzvl9R0ue/GW8bW+a23xEPeoa0YH7Z7G2kwGL9tvtr5J7I2l4TgxFZ0wKhSYtHd+WmtbdDQsFilzZ0YqxbfVSFOLuN3CJ3oGhKVs6AYRp324EDZYmZOmIzix7UU2o3U5tQULwwG81nSh5lRr+CZv4kI/5Hr6x/rIW5To8UNpBnyTLXRMLteqlfHDt+MdctUjXXvXcoQD/yGWldQi9049whsYaCZp5NrBENee9mTL4to3m9rr2jWl/v2Gap2ZHYYHUKgJ+jMyLe5HYcosMML1Rc45aq+CTov3/loO2ERRibfA7QA6McDqufG7ljLDOVzJfH0Hz2fjYCrZC8+geGSeyNeXK0OL1dyg/oVXW1b1UEALhr9v8MHFEDQ5r0c5BsPBiF1+9PX5A+j8KQ0TCLgK7awMPAPAtTkBdynXFmh2hR0ciOKUGX0PeWEcqgLiwfbLq3fmlNfX/r8dpKbz2Ba7t4Uv7I6WpSMNgpYtrm/ZZDNOMGzfSCl/vvUo945SjD2NDpz7XPbHlRpD/exf8SMRmFc9eg/1KkpfRNIT8V2hGWAbKz+E1wSJqU7KBuqVBPK4pjDupN7JGRfFDjmzjQwVTQycJTBnc+VbJljGYWB22rvdE6yZHdkcDjjGzomiV8J2MN/BLB6JWfAx5pw/e465KJ10jOHbal4aJeIKqFTJd+nveLhheJYTMpzhC+1C35M+iUdSdOXTjUDyMlCmu2nt5Sn4IyAHw5EjYnu/yyieiaGM9E8JvGDI+mpDx+UX+LatRLLFdC8pu8R3xEoQYQO0yzTNjsejSgcpoWaIJgIzaoiCOsoBUNuE87N3neuERe/5urKuLAxcad5lcp2SevyZrfzOyzgrJvy61Aijvg7dIJF6xquRHgl4PNlM176T0Ko0VE6ZiaGrpFLdC/OyulfF+rKr8v291qcKDXjtcHs6I44EFJySW2E33tRE4JyBg8frk0OAY+T0YvlxCPwM2GkTNwjrbOGGxIvOlASjOp/nIbRx4hWDAwOJFgkKoTh8wpcvXvNG1bxqzi1WEpPyz22tu6aAT1zXt4L8PPxV7glc6M8o3upqtPjeAQJwWrHGZ6YX4tk0RYU8BtbGfaANu/mTsyYyzJO5foc+9IrOhAAg42Mf2JXReSrIm1/MuSmPmLysme2p5iMD5Gm9sMSil+BwJwuvfF/A/xVcaDavUocc3sDevbNkJTgSNw9kz00EDuYZ1BQGmOJQ4McC9FIbpc1eW1GezLVssk1MYTCGn4yfaMp5gr3taR10e87aXE6URhfcpu28IrFhD+e8f6nmsjjlmBoO0AwQ6Blpbo1yXurygsRxJDgRGOkD89C+BhNHAYAStKOi2YWwShqmocobnIiX4RThhlXC5+nDOL25bELNZwfx9JNq9P3lDRqRCE5BpTrPsM6sTmKRt395wZF0dtWdW8db9BpOrsWUV7XWMR8JA+7G8G1hx/jcMbclCP6iZw32tUy6XqGPr4SBDZdLgCxnXYdzekoqO6oDrNWna7Tn0MRrgP0p61dJUctUS6ENGG6QQXli/gNJXguY08sJeiy9oV3v1Ljucg4+kTSpDC+3ELnq5ziU0iAT3xizUtKU4I4RXaPekh8iPLvWp1/CavcN82kvD2qvMGKVU5yhH/n+w6xDYO4Ro6nPKc5g54jap7UgCdwiD8e6cc/P/mspsCORFZZuHp2UJoXKME3HdxlHLLBq+wDK5KYRoP12PP/ti2K/5wadTVK+j9ksGsNSzvogCZ0sNOLe36u63yVZqWbMKyazXrMJ1BgjP/5bR+9IhLULlJpXlkMYuQWCN3s42f9sMupWhyKf8+iY6YQhBH6APFJAZjispuFv0NucNomhqv/EKQCbNUYhmertOTYBtN7dXIPIfCUGC7FvAJ9nZ0u2AMLIu/oqwpcJMsMmhb9ZSKEJlsG3a47wtw/KfDe60ZJLP62UapmuyS1KV2HbqJwKoDLHGss4UQkbWoK1mvmC8JzzlkQVH6PVezwbsnhbTy+HgSQx2z5cDYaHPY1ccBlhdiHQJeV6zAD82OCktdI4svG1I3G1FFkq5jQuytLODBg3BJlltyMLaW4t9w/9FkYNaacZ0GwQb5TlAK7iDOQIQor99aO993pZnrTRBGQVseEzlWL8dkd2Ep5zoUf12QZBMTVZuFiGFfnPu4cFuRLucgpD/IqwAiCYul2CXoI9T2Cd5kv9P1h+6PNYXtG8kypfmSfTEfjRJkSRb7lR/h0i5QOp2I0ufhaU8AvjIkO3izj5JptOWhUIVnebdmgfMJFkDsc0ZAWj4s+oOJHuMevkpZhM7Z9JR9qz/6k98d/7RbCdzpRhGXvKgkSSVOceeQdDWOOdvptgtLgzPCkfJI3oJ43a4MC5qhSaYArw7PZZjKVfSbci1K6nv6m2EP7GDpZJNCQhN+tWf9nyoE0PSMtdADhTuh8oPH5KKtSamTXe/JdAOyckHbSXeHS1NUdwgvwUM5DlawwFmuK/37z6MCeUhFoBd4hn/jH772eVUv0oKcSOMEyXDyRLsYK00pSnkrFKyFBf7bhg4t2xNJr5Pjz/7vb7S1NrzwqxpLDhHM6sSGmI5EHuhUIplf+Lhr/YwCRTF1xixGcm1Mb7RGI/e+V0TFALcjwWUpjkrp4CED0NQ+YmXDABDf1hd8wJobiOVZbBkMJluE3t7nF5JyMicqwGF5bCnQ9bjf5iRhrs7XBgNAimjhxqL28zGSADjKUEFTey1IVPxkY18qcA7evR6MoitCAaVpSM5V2U9iCZqFILBYxNdNi3Nct+bO7Vek9ackXzm46OO5xRCMvxJ+eiosTf1VK9Oh/+8+nFeWcih3guaLk3QX7ZL1hKhujFsWC8wdZVAcPsiKtYHENdpPaBQ1+hnwXVuQnwAhkV5y9yw//ocvWBWSlQtzDxBjqNT7KGPpsHJmPMSNljtUPw70Xrv28C9ugC+75MYQkTga0woiREv4wQ4I7Jsv5UOzRTymVoXF/x0uj3rnzIXFRL/o51sqRyF7XwqQvVnUk8Ne+HtC+W7yFmnLZVpR8LVlVhZG8zapl3jweV3aUJZQxI31ccgatFA+/EXGcPmhYPfLfJlevgDxUvX3CA9KRTSWASx+nhFzhIwyQUV1SlCnhZwoMpphZxEd0zk1E9h5+5/LADJlZdC73Zbtu3ldw1buVvZFi9BSNji8cBIO2BjnW/KWedVP6Ds4MFuCCF62ogMyz/x+aOtoNDvM8X8g1ST3ohgGDowCKWDdLMwOAzpQO/9/W5CFSpaLY3dmLi4F+0IXeD/aixn/vKtKtTBgYvm0QMM8Crwazd9XqqmGXVc2qdMp+QD5Ah+R78BhBjng+p914nN1CUId8x42UKk/m0u74EZJc+x5Eqvr7eITn/qFQ/NwH++iwxgm1j+d+BcxACe93sHaeXCQa2/kJfk6me/GztzQWqTeJfgEbZs+HYSU4XGc0DcpWSeKFYKkVaOsXwAbWj/8LXyvm6sF150DMAeZ2zgg0OuFw1G7i39Wu/5XNOS39MDvJPt5q2zVZ3293JIWscflJsFDKpxKJVbam3VKtKIFYj7GGmquwJ4xhWbVDkgxXw8RHNbFuCZo931B+iRMeSG+jPDKYrb3bv7HEG9Yc2q8BXbJzNTWYJ6AqazhoyIhbC3r5dzgWpkfXOFN2YSLNd3YMePP9jhHFqMpk4sLP2T/oT2KcvZjp8c9Xsr+YsgpiTKsbdqN0gsFF26/E7X+LNmcQYga13/D8hfOCu300K9CFUPLFtG+BwDCZSYBo48ylHOwDZUhG9OhTXXjB1TqLAuoFotpI+lq3Vknq5tL/N3jV+Wwo/Sv8dVXVJA0BzkTguv7XgGyhEudp/P356ZFhgMN3jCeRiYW4qy8Dx73NLsp7Jayt32GlNrVfh2tX76+lKOfqww2Mr+iug5H58iVaQNzU6Ugy0sUtDg1EKAPGlgySPf/+6QZhOOMgdqNuXuRtrI7eOZEKpSpLuZ1uNLYZPqIM1N7i3BDrITpavPPlKRQS6+Ux5tZZ0Nt0WzR1lhIBkJyRZbzgUfT/zDns3t1agYQxrwZJA7AaTPVvYoaKl8yF1+rCmSBHq25UjANTElW1VoxJ0/Ut2b4j/bWyC4fYIUvra4UP25+UOQTG6rpLR60mmHKwadNArxNtsHgiduE9ZW64QwuFTgrDuYkivouBfmRQopwCLfE5rtzQKKLLRCaLM42cRDw1Mr6xgMHPuqcPXw/YkfkZZHJ4qBDEPZ0rs+jqdBrPtw+n288TlgvKTQuEEA/V0nBi2z5t/rh6wsBjxmLdKZPTNAOiS7xhUjbGzqTaUWCM9mvkMVNzdHKxUqmuOz9ICQwUISxfMoyR/z9PH0j31SEOLC2OsOIv+wgSJ7RVfb5Tetb0dEr8PmsByzS3B2iY1oD68wAZcgX+BywfKNC3z9K69no8v3cMpHixkBsWx/m7cLcmrDRgBuL2956HRn1q9oiuqsZ5Pljm+vy/PUvJqkpYoxKbXQH9VaMxxbaQBCudq7jfHbAeEBXFO89VVau7u2h/6Fit1X0rkdjojWPddQ5wGpXQXz5YwmwIKIU1zM+F6nm+moNI6p0WO54cyGnzLvotvJfKRfq9oqHWG261pWgGIBD4v1AkJtw9c8qQAEusc1MwsSEMoaLZLO/miEZHys8v7FUu41UqdhSAzjpmiekvQi7sTl7/tOo5j0iLy1lJgvo74Y8LUlpt43RKYEkO8El//DEvLcjKJo8D2nOxW2D8hjsPXocNlzOC8RisX2oSotKWwyho96coXayuS6Swoet2CbymmTB/XA+QUFpJM4B1SRbI9QE4szdPaDARbbhcNDp7prONlBB6zMq+RGzgXTcA+cGrn1oJkTCAOlPWTeTtJO7aKmw2vHznCYZigqi5QUVOcsNH3f0Wq7GM6rZZo3ZyXNDqkem5Gan6OD82oab306fbVGFOs+3DYPzJ57rWR6yDG05GkdNk3LL5M/ZQ6iaXc1wRNNZZ9YiDD7b1WzKV+9Y97YK+1P17Ai2NhWEbx4CTCnPjl5ZV/xm4YnRa75s0jOCNyAWLDa90SgpUNcjilImEuzWqXMQfMXn1/Z/cVNm8N5mfhiHyN/GuUipOsomSiDjMWXX9qgc5T98mHr24zJUYsaq2FJQbCKlGLaVBJNazKsCEM0y0oZLqikdEYoavAuvff750nF8LGtzRQ7Cd3W3IjNcLV9HDTPEJmHepM4dpNQIRX1COqX6opFKoul1UX0+DVquIFid1SSZUy+LZEbVr2YV7/f6FnXngkguCnKw4FpCcJRacF8yhDOTuDL2n9HXYPugrbNnRSAmDDvGfhw1rP/CFxbadQPndYjSWTDL5K/1nbqFjKF9xOmZtj7r88PyeIOUza7stT8rdcWpG+IL9vmyRyIhzY3YHP+tpt6LTDQGB1TlGw8Wx0zDCx1tpyNmlFc1onne0e7wTIM3VtnCBXPHKfezY2O4g0hiMkmMXBhcA7u/CJUWsqmVOPfUYzYrAwEml7L2va6DAyuyV5NmSdlieBRoinY9MBzvNdlzxQ7plc+qbs0gHOQUY9QxuFlBTnMB4q7EQrgQ9shqJL0EnekUbb6GucRYKHBEh+wakH7woao81Xhkwen93D9whp/JtODhTvByUwiI8XemJ/bwRHJVlUSJOA2VT8UXxytUI4dqU1StBEcytgcACz4nhUa/d8f9tbrQFj6TnFRg5BXpXgDrBw4RmMf3KZJ4J1HeaflSPjeIcI+rEwG58Y7BdSVKXeRSP5/skeah3+KuUYpGOmNiKXpfmMEpkax8d/jDSUKutWARmwanXuDOCabMqBf4ZIx2Tuis+B4skxyxhzIens/s8AwgZH+9mW19tR7SMQzQujRXXlxVrSgQIvIZeXyoOHfsD+G0D188RIXgfG5KK4B7504gtMvnW98Y6Fuze2wwCk0qM2OnxP6ktgVwoBA3irWFTU9RIyiGLfkOmebbWjvIJyKUq+QiNQPz5NrRpdAT9k9F7ICqPWOwtipIOvnuZXWmUtAlnoDhlcl34Dzkq4LU+sK/yMI4uUzZJstUtuB9jmKkqk00CDL0+nWRNF0EdaSpMaWbBl5JJSwYHpEHn3zXDx60RcFK+4P32S7R/rJrf8slOPz3diVajauLL55PRUPEbRm0JLtex975nQyC+D0it72eUIJWSzoTMrkNHMgbYBE769OgRf8tKNJ5H6EzQXD1Hhbh12nDXLI27CiIDxTEyOqrOm+zX1/LFLrie8Wfee9uffaHINyXI43CzE+1Ny9YgTscY1SFBcLcrsLljWK+i9RDA/R9WrbhHLUm8YYvggqJrTtXBtiEHa0H3FbYzQQfC759xIuQCMjpS2DMoeFVoHlHZXfhFyjExhJaUZb6vLwl/CUrNtCDNw/ZzAKIqmGhT4qy84wOrrND8D/rA2snzxQrk7P7twkawZN3E4FSDQBZA5Y0qyuHXLwmGP4zl3yJ/rBzYrb3sSJStriuns6NRFo+ok6TnJ7Y9pKFuvoMIZ/eGFw6j8T5VhYcceU8yggbqgLuz+A64GGmIOSgZKnuE8tdiktgDAYb9LPYFRgQ06LspEwr2SHgajriAIt8Z58Zw96Ayb54AKnjzQ3LhnJieZ4bb+vP6mG0jSmbZuzFMYBG8KXw0njDBeVgDR6GoWKKVXWpTp0rUMx69aGR5fSygbx0kIJ7oEVMVHkiTNnBhFZmWOy4jYrZ3CaN1/9L9D1HfVhxdxC55IidT4P1PmhoaQtaDP3CRpnuKEjVrz7tKcyKscjXTAD/wnfOqRHVJzdyTg33DB/7X9euBRKeaiRZlGoEG4EqxHMNRDsr1YJPv8/miXbqeOxR808MHDePGdp4hMzNPfaPL+bMi3IAZkStLqwYz6rpPJ14NaQnUcFXR2f5E+/pnW1SJEFZ2hqZTwCCxhaFgfbjmvlbawaD4E1lCmVzxlxZk3JViMbkWiuSiwvW35mLypdnmTdqY1bNM1h7qfeMj71SkVATmklSQefmip4sxD8RAcy7C/Ely2AHGgv7UXvQWmano06gYVfUzCZpDwXQKErs0ktDGa9MQPlbAzWDPRyAgxMvAHc2iQANTqxSQJiltMFY9QUqn0KoWG8HLQIR5piXzoS1fN9tRq2Or7jmcm88GxhU7PiHTghrZNCIwGCN3x/V2Mpa7K8pHYK/QDQu5+vWKYmtQz/Ycll7DnM3iIuDN95t3wVbY4H6GbEPgRt6muMXOAS20WaKYm1gwaauRVAlTvIUOusaRxE54O8Dp0XKCS50zLKvjiIlwWxYbkyDVk22W1FxWcZAWgOmZPcZruOhpGk054HSvUsPBmxcENuXXxEfSHngBsPpMEVRWdx2QC9evFP4Eh9MXEq8B2IabPXwIl95cO3lfXk8i0adpRjRNHzglYAvzx7HmQaRje9UcirsekqnBEi4gEJPbu9nZJlQmkimtBFtUuyMy8evZ/Kx/H20BzQCjCSo4kjT+/pmeFF4divQgmkOaA3LDNzNyBQhm8216K6menqvDTi3AZE+ljdmd6Oj4Us/3z1RvyE6OnUwx0JvPIh2iSbaK/XqYi0fypeah7FpwNJ5ef4KCpLk2D6oBgtRLjFVMVQmLGA8zLauDFJ6HMRDYBoIu8SXxjXc+/7wGcW7W/0ybt5AiExDTu/+IYoHkm55zJ2H3akVAo62K/FLJ0vEZqWw7vFjKpEIacixSEH3yrrEiopEqZ9AaI/AH/uuCq7ZqRf7fBOaa2BfQBNf+eCpDFQGt/aUoRnmeHzSpGKgJ9mvuSI508isCafAQC9Samg/WSoRGOq1RDNPR8uJX/LhdK05o87QwI33swfBczjNCmAKy0mF1Qu+h9n0uV74BG8YMokhlWOXGbVlNkXQjXf92vMntNucamnXhO38e/UiawzvjJHxuYJN0FZC3ZP2luuPUxffQzjANvqfw/UmkwJlACVxgjVzIK+auBxZvSkKslkJhMGrac3JZHaMbXiCmvrjSlzIdtqaqHtCWONEvfWVogJX9ck9sDaCk5hXdzSY8QQe7Id5Cpt3WMoTi80/sS1+U+SBYfecoO6ZJ6z+ckuzsXjMOoqiZUrNszh8CsBkDx4hF8SPS2xJg/XULaj6H3eu2Y4Yzm2JploUUr27culNW2uaYPAg2gXJdgcd2N0/L4Frl+Lg500GVZGgB0eh41Ydd9P/Kh46xPekQZP5HZHrChx6pRYBbwf9Eb+QTyV11Z9Mn2+yoJ59wnRzXqy+PoOXQm3Otlkvq1oQRXz+7KqGaoW9O+7WMX3Q4J4D3LFoutlAWu9Gn2bTbDl4BhRJ0Q6O//XF115qwaLOTHMw9E80QKon3Cw/+JcsKUB23xe2sFdLUHrimmEXscsYY4UDAYZJlKSZzj+q81MYvzJGxls8NgJM58dhIIRQxEr4kCSFW/VbxmRUu0iksd3Z6JIvTyYxaACVuVYQ8TFHTCpOeg6Sxb+aROj4UKanOkly3bLOgeHpmEy+NbO+vjG60/VsGnfKoUAHN5OW35I8F3MaW215oPDNlzR7IYhklI0/g5H9Q6b2lY9Bm94cHb/bXUM9ZnwgmPG+P2f7UOTJbeeYx1836eZCVdEEs8NdIxycZ72nAy6KPIdeSeDkMw600CpeqZSFWGZKSaWJ6iiKROFZvc8Dm5JZEYNDZeypymck1kEvsKD9fugX/yNDHZooRSbKeZpGHVN2IGfa4g1J5qNWE8tctTkfpSy4614OyUbuAqwwahX/AkExKwTZ/1x7XOfGxw7Ncg0NqDYaVxeMLn6vCnzwWhK9hp/1zXCzTU40m8dr/kjmIu08ptephalqIl/yO8qhVtiEiwork//lr7I+gyyknsqq9QmDD9pSFHYl3dD372ecL25B4EbmWIQauI8voYsIc+QxSkYkSnTG4MXy0dL59ufiyknXNejVXIvHIMTw9X4kv/7F3fEFCcwuIs/s7U06ROGJ+zJOGPE7h48CRUXQUuyxehLB7w2JzcfCDAAxpBc0CJt8emUpVNXgHTV+D5M2m7E9NLNFuB5a1iLDr+Pa7vDS9IhSLuc/GX6KGFcoaJBVepiHZdBL9jD8ubfnX+1jaqq3nES25UXgnKW1/kH8kE01N8I8HYjfrEC1xdMxeuLoEMklOiBQNeyA9zAHE7Jgu8/FJceVqh5CsNgTCNvlEGEOgB18D2kw+H3a90z/doylhEWmWw+WdwWR7axNcDOUK3Xjoy0XkxBUMvPVbl7c5X0IwBY++vuHkJsmo+2BhODy6QHF/a9MXgow/zLp64o0gKreiR8GhpkaCO6ryMntfC2qORovEaUvPKIQ1yiuhbHIj9RN+DL2e1sik+aDrcDaC0ywPxQeLOJ17fb1J1/vWK0U5L3P8ZxlHk9p52jPrpQX6sfftDm4bw8agmFstq8Mv4Ufs7TeYgw3uk1xEdsK/dNJaOBrFKeE2/u+N+fNEO5WKcL4CDOMGa+rncMzV4ArkXfq1ZZyqM7/9qQslu9K87v1kLIyulB3lSd2hoUc/ByWtvbOU41lKU4gW+fDOkZz2xVS3ibWtD1ELXkXdoHoZCtV6MKLd2PxRl+Cykf2WMRIDiATFAkGqhvRxXySvwiYjPXPx04TUzLg=="; - * PrivateKey privateKey=decryptMock.fileReader(); String encodedKey = - * testData.substring(0, 343); String encodeData = testData.substring(344, - * testData.length()-1); byte[] finalValue=null; - * ReflectionTestUtils.invokeMethod(decryptMock, "oldDecrypt",finalValue, - * privateKey, encodedKey, encodeData); } - */ -} diff --git a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/DigitalSignatureTest.java b/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/DigitalSignatureTest.java deleted file mode 100644 index 3635e893607..00000000000 --- a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/DigitalSignatureTest.java +++ /dev/null @@ -1,56 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.test; - -import java.io.IOException; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableEntryException; -import java.security.cert.CertificateException; -import java.security.spec.InvalidKeySpecException; - -import org.jose4j.lang.JoseException; -import org.junit.Ignore; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestContext; -import org.springframework.test.context.junit4.SpringRunner; -import org.springframework.web.context.WebApplicationContext; - -import io.mosip.testrig.authentication.demo.service.controller.JWSSignAndVerifyController; - -/** - * @author Arun Bose S The Class DigitalSignatureTest. - */ -@Ignore -@RunWith(SpringRunner.class) -@WebMvcTest -@ContextConfiguration(classes = { TestContext.class, WebApplicationContext.class }) -public class DigitalSignatureTest { - - /** The digital sign mock. */ - @InjectMocks - private JWSSignAndVerifyController digitalSignMock; - - /** - * Digital sign test. - * - * @throws KeyStoreException the key store exception - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws CertificateException the certificate exception - * @throws UnrecoverableEntryException the unrecoverable entry exception - * @throws InvalidKeySpecException the invalid key spec exception - * @throws IOException Signals that an I/O exception has - * occurred. - * @throws JoseException the jose exception - * @throws KeyManagementException - */ - @Test - public void digitalSignTest() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, - UnrecoverableEntryException, InvalidKeySpecException, IOException, JoseException, KeyManagementException { - digitalSignMock.sign("sdfsdfsdfsdf", false); - } - -} diff --git a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/EncryptTest.java b/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/EncryptTest.java deleted file mode 100644 index b6152110bd7..00000000000 --- a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/EncryptTest.java +++ /dev/null @@ -1,152 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.test; - -import java.io.IOException; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; -import java.util.Map; - -import javax.crypto.BadPaddingException; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; - -import org.json.JSONException; -import org.junit.Before; -import org.junit.Ignore; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; -import org.springframework.core.env.Environment; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestContext; -import org.springframework.test.context.junit4.SpringRunner; -import org.springframework.test.util.ReflectionTestUtils; -import org.springframework.web.client.RestClientException; -import org.springframework.web.context.WebApplicationContext; - -import com.fasterxml.jackson.databind.ObjectMapper; - -import io.mosip.testrig.authentication.demo.service.controller.Encrypt; -import io.mosip.testrig.authentication.demo.service.dto.EncryptionRequestDto; - - -/** - * @author Arun Bose S - * The Class EncryptTest. - */ -@Ignore -@RunWith(SpringRunner.class) -@WebMvcTest -@ContextConfiguration(classes = { TestContext.class, WebApplicationContext.class }) -public class EncryptTest { - - - - /** The encrypt mock. */ - @InjectMocks - private Encrypt encryptMock; - - /** The obj mapper. */ - @Autowired - private ObjectMapper objMapper; - - /** The environment. */ - @Autowired - private Environment environment; - - /** - * Before. - */ - @Before - public void before() { - ReflectionTestUtils.setField(encryptMock, "publicKeyURL", environment.getProperty("mosip.ida.publicKey-url")); - ReflectionTestUtils.setField(encryptMock, "appID", environment.getProperty("application.id")); - ReflectionTestUtils.setField(encryptMock, "keySplitter", environment.getProperty("mosip.kernel.data-key-splitter")); - ReflectionTestUtils.setField(encryptMock, "objMapper", objMapper); - - } - - //@Mock - - - /** - * Encrypt test. - * - * @throws KeyManagementException the key management exception - * @throws RestClientException the rest client exception - * @throws NoSuchAlgorithmException the no such algorithm exception - * @throws IOException Signals that an I/O exception has occurred. - * @throws JSONException the JSON exception - * @throws InvalidKeySpecException the invalid key spec exception - * @throws BadPaddingException - * @throws IllegalBlockSizeException - * @throws InvalidAlgorithmParameterException - * @throws NoSuchPaddingException - * @throws InvalidKeyException - */ - @SuppressWarnings("unchecked") - @Test - public void encryptTest() throws KeyManagementException, RestClientException, NoSuchAlgorithmException, IOException, JSONException, InvalidKeySpecException, InvalidKeyException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { - String testData="{\r\n" + - " \"identityRequest\": {\r\n" + - " \"identity\": {\r\n" + - " \"leftEye\": [{\r\n" + - " \"value\": \"Rk1SACAyMAAAAAFcAAABPAFiAMUAxQEAAAAoNUB9AMF0V4CBAKBBPEC0AL68ZIC4AKjNZEBiAJvWXUBPANPWNUDSAK7RUIC2AQIfZEDJAPMxPEByAGwPXYCpARYPZECfAFjoZECGAEv9ZEBEAFmtV0BpAUGNXUC/AUEESUCUAVIEPEC2AVNxPICcALWuZICuALm3ZECNAJqxQ0CUAI3GQ0CXAPghV0BVAKDOZEBfAPqHXUBDAKe/ZIB9AG3xXUDPAIbZUEBcAGYhZECIASgHXYBJAGAnV0DjAR4jG0DKATqJIUCGADGSZEDSAUYGIUAxAD+nV0CXAK+oSUBoALr6Q4CSAOuKXUCiAIvNZEC9AJzQZIBNALbTXUBBAL68V0CeAHDZZECwAHPaZEBRAPwHUIBHAHW2XUDXARAUDUC4AS4HZEDXAS0CQ0CYADL4ZECsAUzuPEBkACgRZAAA\"\r\n" + - " }]\r\n" + - " }\r\n" + - " },\r\n" + - " \"tspID\": \"TEMP\"\r\n" + - "}"; - //EncryptionResponseDto encryptionResponseDTO=new EncryptionResponseDto(); - // testData=encryptMock.getEncryptedValue(testData,"TEMP"); - //ReflectionTestUtils.invokeMethod(encryptMock, "split", testData); - -// EncryptionRequestDto encryptionRequestDto=new EncryptionRequestDto(); -// encryptionRequestDto.setIdentityRequest(new ObjectMapper().readValue(testData.getBytes(), Map.class)); -// encryptMock.encrypt(encryptionRequestDto, null, false, false); - } - - - /** - * Old encrypt test. - * - * @throws JsonParseException the json parse exception - * @throws JsonMappingException the json mapping exception - * @throws IOException Signals that an I/O exception has occurred. - *//* - @Test - public void oldEncryptTest() throws JsonParseException, JsonMappingException, IOException { - String testData="{\r\n" + - " \"identityRequest\": {\r\n" + - " \"identity\": {\r\n" + - " \"leftEye\": [{\r\n" + - " \"value\": \"Rk1SACAyMAAAAAFcAAABPAFiAMUAxQEAAAAoNUB9AMF0V4CBAKBBPEC0AL68ZIC4AKjNZEBiAJvWXUBPANPWNUDSAK7RUIC2AQIfZEDJAPMxPEByAGwPXYCpARYPZECfAFjoZECGAEv9ZEBEAFmtV0BpAUGNXUC/AUEESUCUAVIEPEC2AVNxPICcALWuZICuALm3ZECNAJqxQ0CUAI3GQ0CXAPghV0BVAKDOZEBfAPqHXUBDAKe/ZIB9AG3xXUDPAIbZUEBcAGYhZECIASgHXYBJAGAnV0DjAR4jG0DKATqJIUCGADGSZEDSAUYGIUAxAD+nV0CXAK+oSUBoALr6Q4CSAOuKXUCiAIvNZEC9AJzQZIBNALbTXUBBAL68V0CeAHDZZECwAHPaZEBRAPwHUIBHAHW2XUDXARAUDUC4AS4HZEDXAS0CQ0CYADL4ZECsAUzuPEBkACgRZAAA\"\r\n" + - " }]\r\n" + - " }\r\n" + - " },\r\n" + - " \"tspID\": \"TEMP\"\r\n" + - "}"; - //EncryptionResponseDto encryptionResponseDTO=new EncryptionResponseDto(); - // testData=encryptMock.getEncryptedValue(testData,"TEMP"); - //ReflectionTestUtils.invokeMethod(encryptMock, "split", testData); - EncryptionRequestDto encryptionRequestDto=new EncryptionRequestDto(); - encryptionRequestDto.setTspID("TEMP"); - encryptionRequestDto.setIdentityRequest(new ObjectMapper().readValue(testData.getBytes(), Map.class)); - ReflectionTestUtils.invokeMethod(encryptMock, "oldEncrypt", encryptionRequestDto); - } - */ - /** - * Turnoff SSL check test. - * - * @throws KeyManagementException the key management exception - * @throws NoSuchAlgorithmException the no such algorithm exception - */ - @Test - public void turnoffSSLCheckTest() throws KeyManagementException, NoSuchAlgorithmException { - Encrypt.turnOffSslChecking(); - } -} diff --git a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/SignatureTest.java b/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/SignatureTest.java deleted file mode 100644 index 6237af5a2e9..00000000000 --- a/authentication-demo-service/src/test/java/io/mosip/testrig/authentication/demo/service/test/SignatureTest.java +++ /dev/null @@ -1,44 +0,0 @@ -package io.mosip.testrig.authentication.demo.service.test; - -import java.security.cert.X509Certificate; -import java.util.Arrays; -import java.util.List; -import java.util.stream.Collectors; - -import org.jose4j.jws.JsonWebSignature; -import org.jose4j.lang.JoseException; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestContext; -import org.springframework.test.context.junit4.SpringRunner; -import org.springframework.web.context.WebApplicationContext; - -import io.mosip.kernel.crypto.jce.core.CryptoCore; - - -@RunWith(SpringRunner.class) -@WebMvcTest -@ContextConfiguration(classes = { TestContext.class, WebApplicationContext.class, CryptoCore.class }) - -public class SignatureTest { - - @Autowired - CryptoCore cryptoCore; - - @Test - public void testSign() throws JoseException { - String signatureTxt = "eyJhbGciOiJSUzI1NiIsInR5cCI6Imp3dCIsIng1YyI6WyJNSUlFSnpDQ0F3K2dBd0lCQWdJR0FXNGJwTTArTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUhDTVNVd0l3WUpLb1pJaHZjTkFRa0JGaFp6ZFhKbGMyaGlZV0oxUUhONWJtTmllWFJsTG1sdU1SZ3dGZ1lEVlFRREV3OVRWVkpGVTBnZ1FrRkNWU0JOUTBzeEd6QVpCZ05WQkFzVEVsTnZablIzWVhKbElGTnZiSFYwYVc5dWN6RXRNQ3NHQTFVRUNoTWtVM2x1WTJKNWRHVWdTVzV1YjNaaGRHbHZibk1nVUhKcGRtRjBaU0JNYVcxcGRHVmtNUkl3RUFZRFZRUUhFd2xDUVU1SFFVeFBVa1V4RWpBUUJnTlZCQWdUQ1V0QlVrNUJWRUZMUVRFTE1Ba0dBMVVFQmhNQ1NVNHdIaGNOTVRreE1ETXdNRGMxTURFMVdoY05NVGt4TVRJNU1EYzFNREUxV2pDQnh6RXdNQzRHQTFVRUF3d25jbVJmWW1Nd1lqWTRORGd0Tm1RME5TMDBObVF4TFdFNVltUXRZak16TkRReE1HSm1PREl6TVFzd0NRWURWUVFHRXdKSlRqRVNNQkFHQTFVRUNCTUpTMkZ5Ym1GMFlXdGhNUkl3RUFZRFZRUUhFd2xDWVc1bllXeHZjbVV4SVRBZkJna3Foa2lHOXcwQkNRRVdFbUZrYldsdVFITjVibU5pZVhSbExtTnZiVEVNTUFvR0ExVUVDeE1EWkdWMk1TMHdLd1lEVlFRS0V5UlRXVTVEUWxsVVJTQkpUazVQVmtGVVNVOU9VeUJRVWtsV1FWUkZJRXhKVFVsVVJVUXdnZ0VoTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRGdBd2dnRUpBb0lCQUxIWEl5MzVVMnJnRGpOZStvZHEza2dYNC9CT0UxMkVFQkIrb3pMYUVnWnVRbjBGOVNDVWxGckZtZlFPbzVuZlBHbi9FQnlpdEg4cXVLM1F5SUw0OVRYWnZmUlFpcG4rcW0xSUMvNzJUQ1k4WmZPR2dkeUduVExSUEhkc25JcnJ5dlB2NlBJOTl6UzU5WjlndG9kSmFNV04waHBwamZYek1xd0pSbkpabEpZbVExRzMxRlhzbVBNYVkrSFhNSURoY0MyUFBjVEhESGtsRTdUZkNlQzk5dVMwNit4OUt3VDRGTkJqdGErQURsRlZoc2ZlYnNsQmVDbjRVSjl3aGNmcTF5dGdRSlYyZlZnRXBndXp0aVk3M2ZHWnFxZDA0UEViNmorVGlTeE0zeUE3aVhOeS9FTDRFVVROajVrc2R3Q0FqUlRGalhINS94TXpvalF2bVR3eHl5a0NBd0VBQWFNZE1Cc3dEQVlEVlIwVEJBVXdBd0VCL3pBTEJnTlZIUThFQkFNQ0FZWXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSGJDSEVmaHJkS3pKajU1L2p3WGVqTzFsclVVZjcycWRtVE03MTRSbFNETnBaK1JlQUZ1Z1UwejlwMHY0ZU93eFpHZWNwN0Eyc3k2UGZUMmF0TzY3eEp4UHMrQkVBZTY2cnNNK09pZmFxM0Fhd3EvcklTNTRmYkQ3VE9yOE10NmlncHJJRUdZY2x2WDIrbVJjNmpBMGVjaDEva3lBMEZHSnRxalNhSTdpQjVVWHFqWE5zU3NxaS92OUhpNkhnaHdTRTlod3FUQ2hrZkF4VDdjVHJwNUVZaDQ5YytCVHdIU2c1bjNrN2FqaENaRUY5OVZwd2ZOSUtaV0RLS0NNdmpDRzFQM2pWeVBoVG4xSjN1VVhteGRWZmNwdkpaSlZoaEVmTFJEUnd4MkxiVTRCcnUyekpzUzRKUXovdXNTNkxBZGxQQ1FPVHhiWmZYWXBhZWRpNElvVnhVPSJdfQ.RTYwQ0Y0MzkxQUNCQzY2MDY2RDIxNEI2REQ1MUE0NDE3QUIzNzg2ODM4RkZBMDNDOTc5NkNFRTZBMDFDRUYxQg.SLGXASbv9e82KNH_dwkI243yoZVsjWiUjf4y8kzxgQtSszAyqvsurPmzGg63kO89JWtS5zKUDi0EbHzfpU0ddi8XgPAPt3ES61GKpJbzqrsi0wGXGvSTgebB7_MiaXfyA0X_lHBoH5Fx1zBl1xdUoqNRFkG3Ujcir0Fmgsx4y4ENdSeQsg_098e8gJnBYpx6pVeQSKhRyh1prRh210smZFH_Xgi28TD4TsRV4MYTN9iQ8GUGKcD9C2gD5LMa8nPcznS9TdtzdvZGgD1bZY6f4aLZiEXWBJFumU1fUOz5LXNdy7kbWfQbtYGukM9Fs4EHHKCnZiKCvdk37yiATT7oKw.eyJhbGciOiJSUzI1NiIsInR5cCI6Imp3dCIsIng1YyI6WyJNSUlFSnpDQ0F3K2dBd0lCQWdJR0FXNGJwTTArTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUhDTVNVd0l3WUpLb1pJaHZjTkFRa0JGaFp6ZFhKbGMyaGlZV0oxUUhONWJtTmllWFJsTG1sdU1SZ3dGZ1lEVlFRREV3OVRWVkpGVTBnZ1FrRkNWU0JOUTBzeEd6QVpCZ05WQkFzVEVsTnZablIzWVhKbElGTnZiSFYwYVc5dWN6RXRNQ3NHQTFVRUNoTWtVM2x1WTJKNWRHVWdTVzV1YjNaaGRHbHZibk1nVUhKcGRtRjBaU0JNYVcxcGRHVmtNUkl3RUFZRFZRUUhFd2xDUVU1SFFVeFBVa1V4RWpBUUJnTlZCQWdUQ1V0QlVrNUJWRUZMUVRFTE1Ba0dBMVVFQmhNQ1NVNHdIaGNOTVRreE1ETXdNRGMxTURFMVdoY05NVGt4TVRJNU1EYzFNREUxV2pDQnh6RXdNQzRHQTFVRUF3d25jbVJmWW1Nd1lqWTRORGd0Tm1RME5TMDBObVF4TFdFNVltUXRZak16TkRReE1HSm1PREl6TVFzd0NRWURWUVFHRXdKSlRqRVNNQkFHQTFVRUNCTUpTMkZ5Ym1GMFlXdGhNUkl3RUFZRFZRUUhFd2xDWVc1bllXeHZjbVV4SVRBZkJna3Foa2lHOXcwQkNRRVdFbUZrYldsdVFITjVibU5pZVhSbExtTnZiVEVNTUFvR0ExVUVDeE1EWkdWMk1TMHdLd1lEVlFRS0V5UlRXVTVEUWxsVVJTQkpUazVQVmtGVVNVOU9VeUJRVWtsV1FWUkZJRXhKVFVsVVJVUXdnZ0VoTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRGdBd2dnRUpBb0lCQUxIWEl5MzVVMnJnRGpOZStvZHEza2dYNC9CT0UxMkVFQkIrb3pMYUVnWnVRbjBGOVNDVWxGckZtZlFPbzVuZlBHbi9FQnlpdEg4cXVLM1F5SUw0OVRYWnZmUlFpcG4rcW0xSUMvNzJUQ1k4WmZPR2dkeUduVExSUEhkc25JcnJ5dlB2NlBJOTl6UzU5WjlndG9kSmFNV04waHBwamZYek1xd0pSbkpabEpZbVExRzMxRlhzbVBNYVkrSFhNSURoY0MyUFBjVEhESGtsRTdUZkNlQzk5dVMwNit4OUt3VDRGTkJqdGErQURsRlZoc2ZlYnNsQmVDbjRVSjl3aGNmcTF5dGdRSlYyZlZnRXBndXp0aVk3M2ZHWnFxZDA0UEViNmorVGlTeE0zeUE3aVhOeS9FTDRFVVROajVrc2R3Q0FqUlRGalhINS94TXpvalF2bVR3eHl5a0NBd0VBQWFNZE1Cc3dEQVlEVlIwVEJBVXdBd0VCL3pBTEJnTlZIUThFQkFNQ0FZWXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSGJDSEVmaHJkS3pKajU1L2p3WGVqTzFsclVVZjcycWRtVE03MTRSbFNETnBaK1JlQUZ1Z1UwejlwMHY0ZU93eFpHZWNwN0Eyc3k2UGZUMmF0TzY3eEp4UHMrQkVBZTY2cnNNK09pZmFxM0Fhd3EvcklTNTRmYkQ3VE9yOE10NmlncHJJRUdZY2x2WDIrbVJjNmpBMGVjaDEva3lBMEZHSnRxalNhSTdpQjVVWHFqWE5zU3NxaS92OUhpNkhnaHdTRTlod3FUQ2hrZkF4VDdjVHJwNUVZaDQ5YytCVHdIU2c1bjNrN2FqaENaRUY5OVZwd2ZOSUtaV0RLS0NNdmpDRzFQM2pWeVBoVG4xSjN1VVhteGRWZmNwdkpaSlZoaEVmTFJEUnd4MkxiVTRCcnUyekpzUzRKUXovdXNTNkxBZGxQQ1FPVHhiWmZYWXBhZWRpNElvVnhVPSJdfQ.MEI4NDYyNDA5RkQxMTE3QjU2QTVBNEEyQkNFRDY1RkIxMUQxMUI5NjFBQ0I5MjE0NUVDN0I4RTkxNzM4OEQ4Qw.hEr3KRLV8BqS0-9gBtmZfz8sfEGJDZx5xx9Zd6nfvfh8-HB_5e_soROtGPoJVUVgszto53FJSdQ4rjUBtXY3wLeq6KptFe4gl3shCxvEAkwRtlDLav4Qfaaat16_Y2N738PAI1vZ1bXpXN1VUyohxmbFLoMc3BYND62qAyibzH1A3bswqyS4IhEN7ksCT-rMmJ9izkxKgjF4o3kZYWj1FvvseqKiOR54Q5WAWYRS_9pc0RqvTl0YV-Bu1kVsFORy-ELQ2-4p-qnm5KhLBve8vmVEx51JHTknIljEQzv7LuoJHxvy1he3hEKQIDZizqdzoo74NGznATgIWzqNBdmo1g"; - String[] payloadSignTxt = Arrays.stream(signatureTxt.split("\\.")).skip(3).toArray(s -> new String[s]); - String bioSign = Arrays.stream(payloadSignTxt).collect(Collectors.joining(".")); - JsonWebSignature jws = new JsonWebSignature(); - jws.setCompactSerialization(bioSign); - List certificateChainHeaderValue = jws.getCertificateChainHeaderValue(); - System.out.println(certificateChainHeaderValue.get(0)); - X509Certificate certificate = certificateChainHeaderValue.get(0); - //cryptoCore.sign(arg0, arg1) - } - -} diff --git a/authentication-demo-service/src/test/resources/application.properties b/authentication-demo-service/src/test/resources/application.properties deleted file mode 100644 index fbc302453d3..00000000000 --- a/authentication-demo-service/src/test/resources/application.properties +++ /dev/null @@ -1,552 +0,0 @@ -mosip.base.url=https://qa-1201-b2.mosip.io - - -# Biometric Validation - uncomment and provide data or pass as VM args -#bio.test.server.provider=com.identy.IdentyBioSDK - -# ********** IdRepo **************** -mosip.kernel.jsonvalidator.property-source=CONFIG_SERVER -mosip.kernel.jsonvalidator.file-storage-uri=http://104.211.212.28:51000/kernel-idrepo-service/dev/DEV/ -mosip.kernel.jsonvalidator.schema-name=mosip-identity-json-schema.json -# ********** Common Properties **************** -ida-demo.api.version=v1 -server.port = 8081 -server.servlet.context-path = /${ida-demo.api.version}/identity -logging.level.* = debug -# Application ID of IDA -application.id=IDA -#Application name of IDA -application.name=ID-Authentication - -# public key -publicKey.ida =TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUExQ09PMFVPRmxYem5tSXkybXJfYWVrMHhHYjh3WkQ1YjBTaHgwSTlVNHBEd0NnbldIRThONUlCX3NMNUpMX3NHdGdHUDJzNDZlTEJ0M2Nkc251eEhtbi1NNnV3cnlnX0tMSktSRUlZMEt0VkRxOTRVUlhBbXNIUWw5dmVIQUpqSE1GdVRQaEd0WDZtaU5JdGV5Y2d5Zi0tT3lEU3hPcXUzbUptVFNVbjhwUWdiWGJ1NVByblkwLVJ1YW5MRzFqSHZtQ0djMThqQUZITlB2a1RZUE90RVo4N3ItVng3N3J0MHhfdDM1eWpjZkJWb2s1dFMyaDB0a3EzdWY4alRHbGJSOVhSOGF1TWxmVnJPdWVjbkU0QVAyYjZWOUlENVFCV3hjaG45VUNqTi10Yl9LUm43QnVJZUhrdDJ3MW5xTlF2WjM4YmZYc2F5cU9vMTJEcENXNmFHUlFJREFRQUI= -publicKey.kernel=TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUExQ09PMFVPRmxYem5tSXkybXJfYWVrMHhHYjh3WkQ1YjBTaHgwSTlVNHBEd0NnbldIRThONUlCX3NMNUpMX3NHdGdHUDJzNDZlTEJ0M2Nkc251eEhtbi1NNnV3cnlnX0tMSktSRUlZMEt0VkRxOTRVUlhBbXNIUWw5dmVIQUpqSE1GdVRQaEd0WDZtaU5JdGV5Y2d5Zi0tT3lEU3hPcXUzbUptVFNVbjhwUWdiWGJ1NVByblkwLVJ1YW5MRzFqSHZtQ0djMThqQUZITlB2a1RZUE90RVo4N3ItVng3N3J0MHhfdDM1eWpjZkJWb2s1dFMyaDB0a3EzdWY4alRHbGJSOVhSOGF1TWxmVnJPdWVjbkU0QVAyYjZWOUlENVFCV3hjaG45VUNqTi10Yl9LUm43QnVJZUhrdDJ3MW5xTlF2WjM4YmZYc2F5cU9vMTJEcENXNmFHUlFJREFRQUI= -publicKey.sign =TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUExQ09PMFVPRmxYem5tSXkybXJfYWVrMHhHYjh3WkQ1YjBTaHgwSTlVNHBEd0NnbldIRThONUlCX3NMNUpMX3NHdGdHUDJzNDZlTEJ0M2Nkc251eEhtbi1NNnV3cnlnX0tMSktSRUlZMEt0VkRxOTRVUlhBbXNIUWw5dmVIQUpqSE1GdVRQaEd0WDZtaU5JdGV5Y2d5Zi0tT3lEU3hPcXUzbUptVFNVbjhwUWdiWGJ1NVByblkwLVJ1YW5MRzFqSHZtQ0djMThqQUZITlB2a1RZUE90RVo4N3ItVng3N3J0MHhfdDM1eWpjZkJWb2s1dFMyaDB0a3EzdWY4alRHbGJSOVhSOGF1TWxmVnJPdWVjbkU0QVAyYjZWOUlENVFCV3hjaG45VUNqTi10Yl9LUm43QnVJZUhrdDJ3MW5xTlF2WjM4YmZYc2F5cU9vMTJEcENXNmFHUlFJREFRQUI= -publicKey.partner =TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUExQ09PMFVPRmxYem5tSXkybXJfYWVrMHhHYjh3WkQ1YjBTaHgwSTlVNHBEd0NnbldIRThONUlCX3NMNUpMX3NHdGdHUDJzNDZlTEJ0M2Nkc251eEhtbi1NNnV3cnlnX0tMSktSRUlZMEt0VkRxOTRVUlhBbXNIUWw5dmVIQUpqSE1GdVRQaEd0WDZtaU5JdGV5Y2d5Zi0tT3lEU3hPcXUzbUptVFNVbjhwUWdiWGJ1NVByblkwLVJ1YW5MRzFqSHZtQ0djMThqQUZITlB2a1RZUE90RVo4N3ItVng3N3J0MHhfdDM1eWpjZkJWb2s1dFMyaDB0a3EzdWY4alRHbGJSOVhSOGF1TWxmVnJPdWVjbkU0QVAyYjZWOUlENVFCV3hjaG45VUNqTi10Yl9LUm43QnVJZUhrdDJ3MW5xTlF2WjM4YmZYc2F5cU9vMTJEcENXNmFHUlFJREFRQUI= -publicKey.internal =TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUExQ09PMFVPRmxYem5tSXkybXJfYWVrMHhHYjh3WkQ1YjBTaHgwSTlVNHBEd0NnbldIRThONUlCX3NMNUpMX3NHdGdHUDJzNDZlTEJ0M2Nkc251eEhtbi1NNnV3cnlnX0tMSktSRUlZMEt0VkRxOTRVUlhBbXNIUWw5dmVIQUpqSE1GdVRQaEd0WDZtaU5JdGV5Y2d5Zi0tT3lEU3hPcXUzbUptVFNVbjhwUWdiWGJ1NVByblkwLVJ1YW5MRzFqSHZtQ0djMThqQUZITlB2a1RZUE90RVo4N3ItVng3N3J0MHhfdDM1eWpjZkJWb2s1dFMyaDB0a3EzdWY4alRHbGJSOVhSOGF1TWxmVnJPdWVjbkU0QVAyYjZWOUlENVFCV3hjaG45VUNqTi10Yl9LUm43QnVJZUhrdDJ3MW5xTlF2WjM4YmZYc2F5cU9vMTJEcENXNmFHUlFJREFRQUI= -publicKey.ida_fir =TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUExQ09PMFVPRmxYem5tSXkybXJfYWVrMHhHYjh3WkQ1YjBTaHgwSTlVNHBEd0NnbldIRThONUlCX3NMNUpMX3NHdGdHUDJzNDZlTEJ0M2Nkc251eEhtbi1NNnV3cnlnX0tMSktSRUlZMEt0VkRxOTRVUlhBbXNIUWw5dmVIQUpqSE1GdVRQaEd0WDZtaU5JdGV5Y2d5Zi0tT3lEU3hPcXUzbUptVFNVbjhwUWdiWGJ1NVByblkwLVJ1YW5MRzFqSHZtQ0djMThqQUZITlB2a1RZUE90RVo4N3ItVng3N3J0MHhfdDM1eWpjZkJWb2s1dFMyaDB0a3EzdWY4alRHbGJSOVhSOGF1TWxmVnJPdWVjbkU0QVAyYjZWOUlENVFCV3hjaG45VUNqTi10Yl9LUm43QnVJZUhrdDJ3MW5xTlF2WjM4YmZYc2F5cU9vMTJEcENXNmFHUlFJREFRQUI= - -# Reference ID used for crypto manager in authentication -partner.reference.id=PARTNER -# Reference ID used for crypto manager in internal authentication -internal.reference.id=INTERNAL -# Reference ID used for crypto manager in authentication for biometrics -partner.biometric.reference.id=IDA-FIR -# Reference ID used for crypto manager in internal authentication for biometrics -internal.biometric.reference.id=INTERNAL - -keysplitter=#KEY_SPLITTER# - - -ida.api.version=1.0 - -# ********* Postgres Properties ************ -javax.persistence.jdbc.driver=org.postgresql.Driver -javax.persistence.jdbc.url=jdbc:postgresql://localhost:5432/ida_db -javax.persistence.jdbc.user=postgres -javax.persistence.jdbc.password=admin - - -# ********* Hibernate Properties *********** -hibernate.dialect=org.hibernate.dialect.PostgreSQL95Dialect -hibernate.jdbc.lob.non_contextual_creation=true -#hibernate.hbm2ddl.auto=update -hibernate.show_sql=true -hibernate.format_sql=true -hibernate.connection.charSet=utf8 -hibernate.cache.use_second_level_cache=false -hibernate.cache.use_query_cache=false -hibernate.cache.use_structured_entries=false -hibernate.generate_statistics=false -spring.datasource.initialization-mode=never - - -# ******** Functional configurations ******** -datetime.pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' -date.pattern=yyyy-MM-dd -datetime.pattern.withzone=yyyy-MM-dd'T'HH:mm:ss.SSSXXX - - -demo.default.match.value=60 - -# ********* ADMIN Configurations ************ -authrequest.received-time-allowed.in-hours=24 - -#********* Store Private Key ********* -sample.privatekey.filepath={0}\Private_key - -mosip.ida.encrypt-url=${mosip.base.url}/v1/keymanager/encrypt -mosip.ida.decrypt-url=${mosip.base.url}/v1/keymanager/decrypt -mosip.ida.publicKey-url=${mosip.base.url}/v1/keymanager/publickey/{appId} -mosip.ida.validate.signature-url=${mosip.base.url}/v1/keymanager/validate - -#Auth token -auth-token-generator.rest.uri=${mosip.base.url}/v1/authmanager/authenticate/clientidsecretkey -auth-token-generator.rest.clientId=ida -auth-token-generator.rest.secretKey=bad25866-e6a5-4f93-831a-08923ea6eee0 -auth-token-generator.rest.appId=ida - - -auth-token-generator-user.rest.uri=${mosip.base.url}/v1/authmanager/authenticate/useridPwd -auth-token-generator-user.rest.userName=110006 -auth-token-generator-user.rest.password=mosip -auth-token-generator-user.rest.appId=ida - -add-device-provider-url=${mosip.base.url}/v1/masterdata/deviceprovider -add-device-provider-request-template={\ - "address": "test",\ - "certificateAlias": "added",\ - "contactNumber": "9663175928",\ - "email": "test@mosip.io",\ - "isActive": true,\ - "vendorName": "$DEVICE_PROVIDER_NAME"\ -} - -add-mds-request-url=${mosip.base.url}/v1/masterdata/mosipdeviceservice -add-mds-request-template={\ - "isActive": true,\ - "deviceProviderId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "regDeviceSubCode": "$DEVICE_SUB_TYPE_CODE",\ - "regDeviceTypeCode": "$DEVICE_TYPE_CODE",\ - "swBinaryHash": "test",\ - "swCreateDateTime": "2019-11-19T07:00:13.375Z",\ - "swExpiryDateTime": "2019-11-30T07:00:13.375Z",\ - "swVersion": "$SERVICE_VERSION"\ -} - -add-device-request-url=${mosip.base.url}/v1/masterdata/registereddevices -add-device-request-template={\ - "deviceData": {\ - "deviceId": "70959dd5-e45f-438a-9ff8-9b263908e572",\ - "purpose": "$PURPOSE",\ - "deviceInfo": {\ - "deviceSubId": "$DEVICE_SUB_ID",\ - "certification": "L0",\ - "digitalId": {\ - "serialNo": "$SERIAL_NO",\ - "deviceProvider": "$DEVICE_PROVIDER_NAME",\ - "deviceProviderId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "dateTime": "2020-01-13T07:20:42.195Z",\ - "type": "$DEVICE_TYPE_CODE",\ - "subType": "$DEVICE_SUB_TYPE_CODE"\ - },\ - "firmware": "firmware",\ - "deviceExpiry": "2020-01-13T12:50:42.196Z",\ - "timeStamp": "2020-01-13T12:50:42.208Z"\ - },\ - "foundationalTrustProviderId": ""\ - }\ -} - -validate-device-request-url=${mosip.base.url}/v1/masterdata/deviceprovidermanagement/validate -validate-device-request-template={\ - "deviceCode": "$DEVICE_CODE",\ - "digitalId": {\ - "serialNo": "$SERIAL_NO",\ - "dp": "$DEVICE_PROVIDER_NAME",\ - "dpId": "$DEVICE_PROVIDER_ID",\ - "make": "$MAKE",\ - "model": "$MODEL",\ - "type": "$DEVICE_TYPE",\ - "subType": "$DEVICE_SUB_TYPE",\ - "dateTime": "2019-12-05T10:41:15.052Z"\ - },\ - "deviceServiceVersion": "$SERVICE_VERSION"\ -} - -dev.master.db.url=jdbc:postgresql://104.211.208.136:9001/mosip_master -qa.master.db.url=jdbc:postgresql://52.172.54.231:9001/mosip_master -int.master.db.url=jdbc:postgresql://104.211.202.203:9001/mosip_master -ext-int.master.db.url=jdbc:postgresql://52.172.14.84:9001/mosip_master -preprod.master.db.url=jdbc:postgresql://150.10.40.12:9001/mosip_master - -master.db.user=bWFzdGVydXNlcg -master.db.pass=TW9zaXBAZGV2MTIz - -dev.ida.db.url=jdbc:postgresql://104.211.208.136:9001/mosip_ida -qa.ida.db.url=jdbc:postgresql://52.172.54.231:9001/mosip_ida -int.ida.db.url=jdbc:postgresql://104.211.202.203:9001/mosip_ida -ext-int.ida.db.url=jdbc:postgresql://52.172.14.84:9001/mosip_ida -preprod.ida.db.url=jdbc:postgresql://104.211.242.168:9001/mosip_ida - -ida.db.user=aWRhdXNlcg -ida.db.pass=TW9zaXBAZGV2MTIz - -mosip.ida.publickey=IDA - -ida.authRequest.template={"consentObtained": true, "id": "mosip.identity.$authType", "individualId": "$id", "individualIdType": "$idType", "keyIndex": "string", "request":"$encRequest", "requestHMAC": "$encHmac", "requestSessionKey": "$encSessionKey", "requestTime": "$timestamp", "requestedAuth": { "bio": $bio, "demo": $demo, "otp": $otp, "pin": $pin }, "transactionID": "$txn", "version": "$ver" } - -#---------------Global Config----------------- - - -#Kernel-idobjectalidator -# Plug in property source as either 'LOCAL' or 'CONFIG_SERVER' or 'APPLICATION_CONTEXT' through this key -mosip.kernel.idobjectvalidator.property-source=APPLICATION_CONTEXT -mosip.kernel.idobjectvalidator.schema-name=mosip-identity-json-schema.json -mosip.kernel.idobjectvalidator.file-storage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ - -mosip.kernel.idobjectvalidator.masterdata.languages.rest.uri=${mosip.base.url}/v1/masterdata/languages -mosip.kernel.idobjectvalidator.masterdata.gendertypes.rest.uri=${mosip.base.url}/v1/masterdata/gendertypes -mosip.kernel.idobjectvalidator.masterdata.documentcategories.rest.uri=${mosip.base.url}/v1/masterdata/documentcategories -mosip.kernel.idobjectvalidator.masterdata.documenttypes.rest.uri=${mosip.base.url}/v1/masterdata/documenttypes/{documentcategorycode}/{langcode} -mosip.kernel.idobjectvalidator.masterdata.locations.rest.uri=${mosip.base.url}/v1/masterdata/locations/{langcode} -mosip.kernel.idobjectvalidator.masterdata.locationhierarchy.rest.uri=${mosip.base.url}/v1/masterdata/locations/locationhierarchy/{hierarchyname} - -mosip.kernel.idobjectvalidator.mandatory-attributes.id-repository.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.new-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.pre-registration.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-client.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics -mosip.kernel.idobjectvalidator.mandatory-attributes.reg-processor.child-registration=fullName,dateOfBirth|age,gender,addressLine1,region,province,city,zone,postalCode,referenceIdentityNumber,residenceStatus,parentOrGuardianName,parentOrGuardianRID|parentOrGuardianUIN,parentOrGuardianBiometrics - -# Business Validation for ID Schema attributes - These should not be changed, as it impacts all modules -mosip.id.validation.identity.dateOfBirth=^(19\\d\\d|20\\d\\d)/([0][1-9]|1[0-2])/([0][1-9]|[1-2]\\d|3[01])$ -mosip.id.validation.identity.phone=^([6-9]{1})([0-9]{9})$ -mosip.id.validation.identity.email=^[\\w-\\+]+(\\.[\\w]+)*@[\\w-]+(\\.[\\w]+)*(\\.[a-zA-Z]{2,})$ -mosip.id.validation.identity.postalCode=^[(?i)A-Z0-9]{5}$ -mosip.id.validation.identity.age=^(150|1[0-4][0-9]|[1-9]?[0-9])$ -mosip.id.validation.identity.fullName.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine1.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine2.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.addressLine3.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.region.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.province.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.city.[*].value=^(?=.{0,50}$).* -mosip.id.validation.identity.[*].[*].language=^[(?i)a-z]{3}$ -mosip.id.validation.identity.referenceIdentityNumber=^([0-9]{10,30})$ -mosip.country.code=MOR - -# Language Supported By Platform - ISO -mosip.supported-languages=eng,ara,fra - -mosip.primary-language=eng -mosip.secondary-language=ara - -# Application IDs -mosip.prereg.app-id=PRE_REGISTRATION -mosip.reg.app-id=REGISTRATION -mosip.regproc.app-id=REGISTRATION_PROCESSOR -mosip.ida.app-id=IDA -mosip.idrepo.app-id=ID_REPO - -# UTC ISO Date Time Pattern -mosip.utc-datetime-pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z' - -mosip.signed.response.header=response-signature - - -#----------------------- CBEFF Util-------------------------------------------------- -# Cbeff URL where the files will be stored in git, change it accordingly in case of change of storage location. -mosip.kernel.xsdstorage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/ -# Cbeff XSD file name in config server -mosip.kernel.xsdfile=mosip-cbeff-extint.xsd - -#----------------------------- Applicant Type -------------------------------------------------- -mosip.kernel.applicant.type.age.limit = 5 - -#----------------------------- Static PIN -------------------------------------------------- -mosip.kernel.pin.length=6 - -#-----------------------------TspId ----------------------------------------------- -#length of the Tsp id -mosip.kernel.tspid.length=4 - -#-----------------------------partnerId ----------------------------------------------- -#length of the partner id -mosip.kernel.partnerid.length=4 - -#-----------------------------TOKEN-ID Properties--------------------------------- -#lenght of the token id -mosip.kernel.tokenid.length=36 - -#-----------------------------Registration Center Id ----------------------------------------------- -#length of the registration center id -mosip.kernel.registrationcenterid.length=5 - -#-----------------------------Machine Id ----------------------------------------------- -#length of the machine id -mosip.kernel.machineid.length=5 - -#-----------------------------RID Properties--------------------------------------- -# length of the rid -mosip.kernel.rid.length=29 -# length of the timestamp -mosip.kernel.rid.timestamp-length=14 -# rid sequence max digits -mosip.kernel.rid.sequence-length=5 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -mosip.kernel.tokenid.sequence-limit=3 - -#-----------------------------PRID Properties------------------------------------ - -#prid-length -mosip.kernel.prid.length=14 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -#to disable validation assign zero or negative value -mosip.kernel.prid.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -#to disable validation assign zero or negative value -mosip.kernel.prid.repeating-block-limit=3 - - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) to disable validation assign zero or negative value -mosip.kernel.prid.repeating-limit=2 - -# list of number that id should not be start with to disable null -mosip.kernel.prid.not-start-with=0,1 - -#restricted numbers for prid -mosip.kernel.prid.restricted-numbers=786,666 - - -#-----------------------------VID Properties-------------------------------------- -# length of the vid -mosip.kernel.vid.length=16 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -# to disable sequence limit validation assign 0 or negative value -mosip.kernel.vid.length.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -# to disable repeating block validation assign 0 or negative value -mosip.kernel.vid.length.repeating-block-limit=2 - - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) -# to disable repeating limit validation, assign 0 or negative value -mosip.kernel.vid.length.repeating-limit=2 - -# list of number that id should not be start with -# to disable null -mosip.kernel.vid.not-start-with=0,1 - -#restricted numbers for vid -mosip.kernel.vid.restricted-numbers=786,666 - -#-----------------------------UIN Properties-------------------------------------- -#length of the uin -mosip.kernel.uin.length=10 -#minimum threshold of unused uin -mosip.kernel.uin.min-unused-threshold=200000 -#number of uins to generate -mosip.kernel.uin.uins-to-generate=500000 -#restricted numbers for uin -mosip.kernel.uin.restricted-numbers=786,666 - -# Upper bound of number of digits in sequence allowed in id. For example if -# limit is 3, then 12 is allowed but 123 is not allowed in id (in both -# ascending and descending order) -# to disable sequence limit validation assign 0 or negative value -mosip.kernel.uin.length.sequence-limit=3 - -# Number of digits in repeating block allowed in id. For example if limit is 2, -# then 4xxx4 is allowed but 48xxx48 is not allowed in id (x is any digit) -#to disable validation assign zero or negative value -mosip.kernel.uin.length.repeating-block-limit=2 - -# Lower bound of number of digits allowed in between two repeating digits in -# id. For example if limit is 2, then 11 and 1x1 is not allowed in id (x is any digit) -# to disable repeating limit validation, assign 0 or negative value -mosip.kernel.uin.length.repeating-limit=2 - -#reverse group digit limit for uin filter -mosip.kernel.uin.length.reverse-digits-limit=5 - -#group digit limit for uin filter -mosip.kernel.uin.length.digits-limit=5 - -#should not start with -mosip.kernel.uin.not-start-with=0,1 - -#adjacent even digit limit for uin filter -mosip.kernel.uin.length.conjugative-even-digits-limit=3 - - - - -#----------------------- SMS Service-------------------------------------- -mosip.kernel.sms.country.code=91 -mosip.kernel.sms.number.length=10 - - -#------------------------Auth-Adapter----------------------------------------------- -auth.server.validate.url=${mosip.base.url}/v1/authmanager/authorize/validateToken -auth.jwt.secret=authjwtsecret -auth.jwt.base=Mosip-Token - - -#----------------------- Crypto -------------------------------------------------- -#Crypto asymmetric algorithm name -mosip.kernel.crypto.asymmetric-algorithm-name=RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING -#Crypto symmetric algorithm name -mosip.kernel.crypto.symmetric-algorithm-name=AES/GCM/PKCS5Padding -#Keygenerator asymmetric algorithm name -mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA -#Keygenerator symmetric algorithm name -mosip.kernel.keygenerator.symmetric-algorithm-name=AES -#Asymmetric algorithm key length -mosip.kernel.keygenerator.asymmetric-key-length=2048 -#Symmetric algorithm key length -mosip.kernel.keygenerator.symmetric-key-length=256 - -#Encrypted data and encrypted symmetric key separator -mosip.kernel.data-key-splitter=#KEY_SPLITTER# -#GCM tag length -mosip.kernel.crypto.gcm-tag-length=128 -#Hash algo name -mosip.kernel.crypto.hash-algorithm-name=PBKDF2WithHmacSHA512 -#Symmtric key length used in hash -mosip.kernel.crypto.hash-symmetric-key-length=256 -#No of iterations in hash -mosip.kernel.crypto.hash-iteration=100000 -#Sign algo name -mosip.kernel.crypto.sign-algorithm-name=RS512 - -mosip.kernel.keymanager-service-publickey-url=${mosip.base.url}/v1/keymanager/publickey/{applicationId} -mosip.kernel.keymanager-service-decrypt-url=${mosip.base.url}/v1/keymanager/decrypt -mosip.kernel.keymanager-service-auth-decrypt-url=${mosip.base.url}/v1/keymanager/auth/decrypt -mosip.kernel.keymanager-service-sign-url=${mosip.base.url}/v1/keymanager/sign -mosip.sign.applicationid=KERNEL -mosip.sign.refid=SIGN -mosip.kernel.cryptomanager.request_id=CRYPTOMANAGER.REQUEST -mosip.kernel.cryptomanager.request_version=v1.0 -mosip.kernel.signature.signature-request-id=SIGNATURE.REQUEST -mosip.kernel.signature.signature-version-id=v1.0 - - - -#----------------------------------ID Repo------------------------------------------ -mosip.idrepo.identity.uin-status.registered=ACTIVATED -mosip.idrepo.identity.uin-status=ACTIVATED,BLOCKED,DEACTIVATED - -#---------------------------------------otp manager service------------------------------- -#the default length for otp(in number) -mosip.kernel.otp.default-length=6 -#the default crypto function -#It can be: HmacSHA512, HmacSHA256, HmacSHA1. -mosip.kernel.otp.mac-algorithm=HmacSHA512 -#the OTP expires after the given time(in seconds). -mosip.kernel.otp.expiry-time=180 -#the key is freezed for the given time(in seconds). -mosip.kernel.otp.key-freeze-time=1800 -#the number of validation attempts allowed(in number). -#mosip.kernel.otp.validation-attempt-threshold =3 means , the validation and generation will be blocked from 4th time. -mosip.kernel.otp.validation-attempt-threshold=10 -#minimum length of key(in number). -mosip.kernel.otp.min-key-length=3 -#maximum length of key(in number). -mosip.kernel.otp.max-key-length=64 - - -#--------------------------------------Licensekeymanager Service-------------------------------------- -#the license key length. -mosip.kernel.licensekey.length=16 -#List of permissions -# NOTE: ',' in the below list is used as splitter in the implementation. -# Use of ',' in the values for below key should be avoided. -# Use of spaces before and after ',' also should be avoided. -mosip.kernel.licensekey.permissions=OTP Trigger,OTP Authentication,Demo Authentication - Identity Data Match,Demo Authentication - Address Data Match,Demo Authentication - Full Address Data Match,Demo Authentication - Secondary Language Match,Biometric Authentication - FMR Data Match,Biometric Authentication - IIR Data Match,Biometric Authentication - FID Data Match,Static Pin Authentication,eKYC - limited,eKYC - Full,eKYC - No - - - -#-----------------------------Virus Scanner-------------------------------------- -#Virus Scanner server url -mosip.kernel.virus-scanner.host=10.0.2.7 -#Virus Scanner server port -mosip.kernel.virus-scanner.port=3310 - - - -#-------------------------------FS Adapter- HDFS ------------------------------- -# Name node url for HDFS - Non Secured -mosip.kernel.fsadapter.hdfs.name-node-url=hdfs://13.71.117.37:51000 -# Name node url for HDFS - Secured (auth enabled) -#mosip.kernel.fsadapter.hdfs.name-node-url=hdfs://13.71.117.37:51000 -# Enable if hadoop security authorization is 'true', default is false -mosip.kernel.fsadapter.hdfs.authentication-enabled=false -# HDFS log level. Change this to debug to see hdfs logs -logging.level.org.apache.hadoop=warn -# If HDFS is security is configured with Kerberos, Key Distribution Center domain -mosip.kernel.fsadapter.hdfs.kdc-domain=HDFSKERBEROS1.SOUTHINDIA.CLOUDAPP.AZURE.COM -# Username to access hdfs. Change this to application username (regprocessor,prereg or idrepo) -#mosip.kernel.fsadapter.hdfs.user-name=mosipuser -#keytab file path, must be set if authentication-enable is true -#read keytab file both classpath and physical path ,append appropriate prefix -#for classpath prefix classpath:mosip.keytab -#for physical path prefix file:/home/keys/mosip.keytab -mosip.kernel.fsadapter.hdfs.keytab-file=classpath:mosip.keytab - - - -#---------------Transliteration----------------------- -mosip.kernel.transliteration.arabic-language-code=ara -mosip.kernel.transliteration.franch-language-code=fra - - -#-------Registration processor Notification types------------ -mosip.registration.processor.notification.types=SMS|EMAIL - - -mosip.default.dob.month=01 -mosip.default.dob.day=01 -mosip.login.mode= email,mobile - - -#---Language orientation----- -mosip.right_to_left_orientation=ara -mosip.left_to_right_orientation=eng,fra - - -#**************** Notification Type ************* -mosip.notificationtype=SMS|EMAIL -#******** Notification lanugage types - either PRIMARY or BOTH ******** -mosip.notification.language-type=BOTH - - -#-------------------System--------------- -logging.level.org.springframework.web.filter.CommonsRequestLoggingFilter=INFO - -#-------------------Encryption and Decryption--------------------------- -mosip.kernel.encrypt.url=${mosip.base.url}/v1/keymanager/encrypt -mosip.kernel.decrypt.url=${mosip.base.url}/v1/keymanager/decrypt - -#------------------PDF Genration----------------------------------------- -mosip.kernel.pdf_owner_password=somepassword - -#-------UIN Alias------------------- -mosip.uin.alias= - - -#------------------Quality Check----------------------------------------- -#Quality threshold for applicant iris -mosip.iris_threshold=0 -#Quality threshold for applicant leftslap fingerprint -mosip.leftslap_fingerprint_threshold=0 -#Quality threshold for applicant rightslap fingerprint -mosip.rightslap_fingerprint_threshold=0 -#Quality threshold for applicant thumbs fingerprint -mosip.thumbs_fingerprint_threshold=0 -#Quality threshold for applicant face -mosip.facequalitythreshold=0 -#Bio SDK Integration -mosip.fingerprint.provider=ai.tech5.auth.service.T5AuthFingerImpl -mosip.face.provider=ai.tech5.auth.service.T5AuthFaceImpl -mosip.iris.provider=ai.tech5.auth.service.T5AuthIrisImpl \ No newline at end of file diff --git a/authentication-demo-service/src/test/resources/bootstrap.properties b/authentication-demo-service/src/test/resources/bootstrap.properties deleted file mode 100644 index 40812aa5f03..00000000000 --- a/authentication-demo-service/src/test/resources/bootstrap.properties +++ /dev/null @@ -1,5 +0,0 @@ -spring.cloud.config.enabled=false - -#disabling health check so that client doesnt try to load properties from sprint config server every -# 5 minutes (should not be done in production) -health.config.enabled=false \ No newline at end of file diff --git a/authentication-demo-service/src/test/resources/errormessages.properties b/authentication-demo-service/src/test/resources/errormessages.properties deleted file mode 100644 index 4924e33426f..00000000000 --- a/authentication-demo-service/src/test/resources/errormessages.properties +++ /dev/null @@ -1,47 +0,0 @@ -IDA-OTA-001=Phone no and e-mail not registered. Individual has to register and try again -IDA-OTA-002=Request received at MOSIP is {0} min post the initiation at TSP -IDA-OTA-003=Innumerous OTP requests received -IDA-OTA-004=Could not generate/send OTP -IDA-OTA-005=OTP has expired -IDA-OTA-006=OTP is invalid -IDA-OTA-007=Input txnID does not match txnID of OTP Request -IDA-OTA-009=Missing OTP value -IDA-OTA-010=Request could not be processed. Please try again -IDA-OTA-101=Key is Null or Invalid -IDA-OTA-102=Kernel Validate OTP request failed -IDA-OTA-103=Kernel Generate OTP request failed - -IDA-MLC-001=Request to be received at MOSIP within {0} hrs/min -IDA-MLC-002=Invalid UIN -IDA-MLC-003=UIN has been deactivated -IDA-MLC-004=Invalid VID -IDA-MLC-005=Expired VID -IDA-MLC-101=Unknown error occured - -IDA-IDV-001=Input Data Validation Failed -IDA-IDV-002=Invalid Input Parameter - {0} _EN -IDA-IDV-003=Missing Input Parameter - {0} -IDA-IDV-005=Inactive VID -IDA-IDV-101=VID is not present or not matched -IDA-IDV-102=Invalid Id-Type - -IDA-AUT-501=Authentication failed - -IDA-RST-001=URI should not be empty -IDA-RST-002=httpMethod is empty or invalid -IDA-RST-003=returnType is empty -IDA-RST-004=Rest service name is empty or invalid -IDA-RST-005=Timeout is invalid -IDA-RST-006=4XX - Client Error occured -IDA-RST-007=5XX - Server Error occured -IDA-RST-008=Connection timed out - -IDA-RQV-101=Invalid Auth Request - -IDA-DEA-014=Required Address(ad) attribute is missing -IDA-DEA-015=Required Full Address(fad) attribute is missing -IDA-DEA-033=Demographic data DOB Type (pi) did not match - -IDA-AD-RQV-003=Full Address and Address are mutually exclusive -IDA-PRSNL-RQV-001=Atleast one valid attribute should be present -IDA-PRSNL-RQV-001=Atleat one valid attribute should be present \ No newline at end of file diff --git a/authentication-demo-service/src/test/resources/ida-mapping.json b/authentication-demo-service/src/test/resources/ida-mapping.json deleted file mode 100644 index a83d942340c..00000000000 --- a/authentication-demo-service/src/test/resources/ida-mapping.json +++ /dev/null @@ -1,101 +0,0 @@ -{ - "ida-mapping" : - { - "name" : - [ - "firstName", - "middleName", - "lastName" - ], - "dob" : - [ - "dateOfBirth" - ], - "dobType": - [ - "dateOfBirthType" - ], - "age" : - [ - "age" - ], - "gender" : - [ - "gender" - ], - "phoneNumber" : - [ - "mobileNumber" - ], - "emailId" : - [ - "emailId" - ], - "addressLine1" : - [ - "addressLine1" - ], - "addressLine2" : - [ - "addressLine2" - ], - "addressLine3" : - [ - "addressLine3" - ], - "location1" : - [ - "city" - ], - "location2" : [ - "region" - ], - "location3" : [ - "province" - ], - "pinCode" : - [ - "pinCode" - ], - "fullAddress" : - [ - "addressLine1", - "addressLine2", - "addressLine3", - "location1", - "location2", - "location3", - "pinCode" - ], - "otp" : - [ - "otp" - ], - "pin" : - [ - "pin" - ], - "iris" : - [ - "leftEye", - "rightEye" - ], - "fingerprint" : - [ - "leftIndex", - "leftLittle", - "leftMiddle", - "leftRing", - "leftThumb", - "rightIndex", - "rightLittle", - "rightMiddle", - "rightRing", - "rightThumb" - ], - "face" : - [ - "face" - ] - } -} \ No newline at end of file diff --git a/authentication-demo-service/src/test/resources/idaLogger.xml b/authentication-demo-service/src/test/resources/idaLogger.xml deleted file mode 100644 index 45bc626f5d0..00000000000 --- a/authentication-demo-service/src/test/resources/idaLogger.xml +++ /dev/null @@ -1,11 +0,0 @@ - - - true - logs/id-auth.log - true - true - logs/id-auth-%d{yyyy-MM-dd}-%i.log - 1mb - 3 - 10mb - \ No newline at end of file diff --git a/deploy/apitestrig/install.sh b/deploy/apitestrig/install.sh index cfaed8c31eb..2ff0fa80d29 100755 --- a/deploy/apitestrig/install.sh +++ b/deploy/apitestrig/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=apitestrig -CHART_VERSION=0.0.1-develop +CHART_VERSION=1.3.2 echo Create $NS namespace kubectl create ns $NS diff --git a/deploy/apitestrig/values.yaml b/deploy/apitestrig/values.yaml index c72ff991cdf..937169416c1 100644 --- a/deploy/apitestrig/values.yaml +++ b/deploy/apitestrig/values.yaml @@ -1,69 +1,75 @@ modules: prereg: - enabled: true + enabled: false image: - repository: mosipqa/apitest-prereg - tag: develop + repository: mosipid/apitest-prereg + tag: 1.3.0-beta.1 pullPolicy: Always masterdata: - enabled: true + enabled: false image: - repository: mosipqa/apitest-masterdata - tag: develop + repository: mosipid/apitest-masterdata + tag: 1.3.0-beta.1 pullPolicy: Always idrepo: - enabled: true + enabled: false image: - repository: mosipqa/apitest-idrepo - tag: develop + repository: mosipid/apitest-idrepo + tag: 1.3.0-beta.1 pullPolicy: Always partner: - enabled: true + enabled: false image: - repository: mosipqa/apitest-pms - tag: develop + repository: mosipid/apitest-pms + tag: 1.2.2.0 pullPolicy: Always pms: - enabled: true + enabled: false image: - repository: mosipdev/apitest-pms - tag: develop + repository: mosipid/apitest-pms + tag: 1.2.2.0 pullPolicy: Always resident: - enabled: true + enabled: false image: - repository: mosipqa/apitest-resident - tag: develop + repository: mosipid/apitest-resident + tag: 1.3.0-beta.2 pullPolicy: Always auth: - enabled: true + enabled: false image: - repository: mosipqa/apitest-auth - tag: develop + repository: mosipid/apitest-auth + tag: 1.3.0-beta.1 pullPolicy: Always esignet: - enabled: true + enabled: false image: - repository: mosipqa/apitest-esignet - tag: develop + repository: mosipid/apitest-esignet + tag: 1.5.1 pullPolicy: Always mimoto: - enabled: true + enabled: false image: - repository: mosipqa/apitest-mimoto - tag: develop + repository: mosipid/apitest-mimoto + tag: 0.15.2 pullPolicy: Always injicertify: - enabled: true + enabled: false image: - repository: mosipqa/apitest-injicertify + repository: mosipid/apitest-inji-certify + tag: 0.10.2 + pullPolicy: Always + injiverify: + enabled: false + image: + repository: mosipqa/apitest-inji-verify tag: develop pullPolicy: Always esignet-signup: - enabled: true + enabled: false image: - repository: mosipqa/apitest-esignet-signup - tag: develop + repository: mosipid/apitest-esignet-signup + tag: 1.1.1 pullPolicy: Always variables: push_reports_to_s3: "yes" diff --git a/deploy/uitestrig/copy_cm.sh b/deploy/uitestrig/copy_cm.sh old mode 100644 new mode 100755 diff --git a/deploy/uitestrig/copy_secrets.sh b/deploy/uitestrig/copy_secrets.sh old mode 100644 new mode 100755 diff --git a/deploy/uitestrig/delete.sh b/deploy/uitestrig/delete.sh old mode 100644 new mode 100755 diff --git a/deploy/uitestrig/install.sh b/deploy/uitestrig/install.sh old mode 100644 new mode 100755 index 98c0577ff12..c7127a99cfb --- a/deploy/uitestrig/install.sh +++ b/deploy/uitestrig/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=uitestrig -CHART_VERSION=0.0.1-develop +CHART_VERSION=1.3.2 echo Create $NS namespace kubectl create ns $NS @@ -88,4 +88,4 @@ set -o errexit ## set -e : exit the script if any statement returns a non-true set -o nounset ## set -u : exit the script if you try to use an uninitialised variable set -o errtrace # trace ERR through 'time command' and other functions set -o pipefail # trace ERR through pipes -installing_uitestrig # calling function \ No newline at end of file +installing_uitestrig # calling function diff --git a/deploy/uitestrig/values.yaml b/deploy/uitestrig/values.yaml index 014727441d4..9724f500cc9 100644 --- a/deploy/uitestrig/values.yaml +++ b/deploy/uitestrig/values.yaml @@ -10,8 +10,8 @@ modules: enabled: false image: registry: docker.io - repository: mosipqa/uitest-pmp - tag: develop + repository: mosipid/uitest-pmp + tag: 1.2.2.0 pullPolicy: Always - name: resident-ui enabled: false diff --git a/helm/apitestrig/Chart.yaml b/helm/apitestrig/Chart.yaml index ffa48e31d3a..cc3a008d093 100644 --- a/helm/apitestrig/Chart.yaml +++ b/helm/apitestrig/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: apitestrig description: A Helm chart to deploy APITESTRIG for MOSIP modules type: application -version: 0.0.1-develop +version: 1.3.2 appVersion: "" dependencies: - name: common diff --git a/helm/apitestrig/values.yaml b/helm/apitestrig/values.yaml index 21dfef9a975..5cb528f5cd9 100644 --- a/helm/apitestrig/values.yaml +++ b/helm/apitestrig/values.yaml @@ -443,62 +443,62 @@ modules: prereg: enabled: false image: - repository: mosipqa/apitest-prereg - tag: develop + repository: mosipid/apitest-prereg + tag: 1.3.0-beta.1 pullPolicy: Always masterdata: enabled: false image: - repository: mosipqa/apitest-masterdata - tag: develop + repository: mosipid/apitest-masterdata + tag: 1.3.0-beta.1 pullPolicy: Always idrepo: enabled: false image: repository: mosipqa/apitest-idrepo - tag: develop + tag: 1.3.0-beta.1 pullPolicy: Always partner: enabled: false image: - repository: mosipqa/apitest-pms - tag: develop + repository: mosipid/apitest-pms + tag: 1.2.2.0 pullPolicy: Always pms: enabled: false image: - repository: mosipdev/apitest-pms - tag: develop + repository: mosipid/apitest-pms + tag: 1.2.2.0 pullPolicy: Always resident: enabled: false image: - repository: mosipqa/apitest-resident - tag: develop + repository: mosipid/apitest-resident + tag: 1.3.0-beta.1 pullPolicy: Always auth: enabled: false image: - repository: mosipqa/apitest-auth - tag: develop + repository: mosipid/apitest-auth + tag: 1.3.0-beta.1 pullPolicy: Always esignet: enabled: false image: - repository: mosipqa/apitest-esignet - tag: develop + repository: mosipid/apitest-esignet + tag: 1.5.1 pullPolicy: Always mimoto: enabled: false image: - repository: mosipqa/apitest-mimoto - tag: develop + repository: mosipid/apitest-mimoto + tag: 0.15.2 pullPolicy: Always injicertify: enabled: false image: - repository: mosipqa/apitest-injicertify - tag: develop + repository: mosipid/apitest-inji-certify + tag: 0.10.2 pullPolicy: Always injiverify: enabled: false @@ -509,8 +509,8 @@ modules: esignet-signup: enabled: false image: - repository: mosipqa/apitest-esignet-signup - tag: develop + repository: mosipid/apitest-esignet-signup + tag: 1.1.1 pullPolicy: Always crontime: "0 3 * * *" ## run cronjob every day at 3 AM (time hr: 0-23 ) diff --git a/helm/uitestrig/Chart.yaml b/helm/uitestrig/Chart.yaml index 8763cc302a7..62c0201856c 100644 --- a/helm/uitestrig/Chart.yaml +++ b/helm/uitestrig/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: uitestrig description: A Helm chart to deploy uitestrig to test working of MOSIP modules type: application -version: 0.0.1-develop +version: 1.3.2 appVersion: "" dependencies: - name: common diff --git a/helm/uitestrig/values.yaml b/helm/uitestrig/values.yaml index 75e39c80a18..8f7e3281956 100644 --- a/helm/uitestrig/values.yaml +++ b/helm/uitestrig/values.yaml @@ -449,8 +449,8 @@ modules: enabled: true image: registry: docker.io - repository: mosipqa/uitest-pmp - tag: develop + repository: mosipid/uitest-pmp + tag: 1.2.2.0 pullPolicy: Always - name: resident-ui enabled: true