multipaz/org.multipaz.mdoc.util/MdocUtil

MdocUtil

object MdocUtil

Utilities for working with mdoc data structures.

On the issuance-side, generateIssuerNameSpaces and stripIssuerNameSpaces can be used with org.multipaz.mdoc.mso.MobileSecurityObjectGenerator and calculateDigestsForNameSpace can be used to prepare PII and multiple static authentication data packages (each including signed MSOs).

On the device-side, mergeIssuerNamesSpaces can be used to generate the DeviceResponse CBOR from the above-mentioned PII and static authentication data packages.

Functions

Link copied to clipboard
fun calculateDigestsForNameSpace(nameSpaceName: String, issuerNameSpaces: Map<String, List<ByteArray>>, digestAlgorithm: Algorithm): Map<Long, ByteArray>

Calculates all digests in a given name space.

Link copied to clipboard
fun generateDocumentRequest(documentRequest: DeviceRequestParser.DocRequest): DocumentRequest

Helper function to generate a DocumentRequest.

Link copied to clipboard
fun generateDsCertificate(iacaCert: X509Cert, iacaKey: EcPrivateKey, dsKey: EcPublicKey, subject: X500Name, serial: ASN1Integer, validFrom: Instant, validUntil: Instant): X509Cert

Generates a Document Signing certificate according to ISO/IEC 18013-5:2021 Annex B.1.4.

Link copied to clipboard
fun generateIacaCertificate(iacaKey: EcPrivateKey, subject: X500Name, serial: ASN1Integer, validFrom: Instant, validUntil: Instant, issuerAltNameUrl: String, crlUrl: String): X509Cert

Generates a self-signed IACA certificate according to ISO/IEC 18013-5:2021 Annex B.1.2.

Link copied to clipboard
fun generateIssuerNameSpaces(data: NameSpacedData, randomProvider: Random, dataElementRandomSize: Int, overrides: Map<String, Map<String, ByteArray>>?): Map<String, List<ByteArray>>

Generates randoms and digest identifiers for data.

Link copied to clipboard
fun generateReaderCertificate(readerRootCert: X509Cert, readerRootKey: EcPrivateKey, readerKey: EcPublicKey, subject: X500Name, serial: ASN1Integer, validFrom: Instant, validUntil: Instant): X509Cert

Generates a reader auth certificate according to ISO/IEC 18013-5:2021 Annex B.1.7.

Link copied to clipboard
fun generateReaderRootCertificate(readerRootKey: EcPrivateKey, subject: X500Name, serial: ASN1Integer, validFrom: Instant, validUntil: Instant, crlUrl: String): X509Cert

Generates a self-signed reader root certificate.

Link copied to clipboard
fun generateRequestedClaims(docType: String, requestedData: Map<String, List<Pair<String, Boolean>>>, documentTypeRepository: DocumentTypeRepository, mdocCredential: MdocCredential?): List<MdocRequestedClaim>

Helper function to generate a list of claims for an mdoc.

Link copied to clipboard
fun mergeIssuerNamesSpaces(dataElements: Map<String, List<String>>, documentData: NameSpacedData, staticAuthData: StaticAuthDataParser.StaticAuthData): Map<String, MutableList<ByteArray>>
fun mergeIssuerNamesSpaces(request: DocumentRequest, documentData: NameSpacedData, staticAuthData: StaticAuthDataParser.StaticAuthData): Map<String, MutableList<ByteArray>>

Combines document data with static authentication data for a given request.

Link copied to clipboard
fun stripIssuerNameSpaces(issuerNameSpaces: Map<String, List<ByteArray>>, exceptions: Map<String, List<String>>?): Map<String, List<ByteArray>>

Strips issuer name spaces.