Example 1 with EciesEncryptedResponse
use of io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse in project powerauth-restful-integration by lime-company.
the class PowerAuthEncryptionProviderBase method encryptResponse.
/**
* Encrypt response using ECIES.
*
* @param responseObject Response object which should be encrypted.
* @param eciesEncryption PowerAuth encryption object.
* @return ECIES encrypted response.
*/
@Nullable
public EciesEncryptedResponse encryptResponse(@Nonnull Object responseObject, @Nonnull PowerAuthEciesEncryption eciesEncryption) {
try {
final byte[] responseData = serializeResponseData(responseObject);
// Encrypt response using decryptor and return ECIES cryptogram
final EciesCryptogram cryptogram = eciesEncryption.getEciesDecryptor().encryptResponse(responseData);
final String encryptedDataBase64 = BaseEncoding.base64().encode(cryptogram.getEncryptedData());
final String macBase64 = BaseEncoding.base64().encode(cryptogram.getMac());
return new EciesEncryptedResponse(encryptedDataBase64, macBase64);
} catch (Exception ex) {
logger.debug("Response encryption failed, error: " + ex.getMessage(), ex);
return null;
}
}
Also used :
EciesCryptogram(io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesCryptogram)
EciesEncryptedResponse(io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse)
PowerAuthEncryptionException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthEncryptionException)
InvalidPowerAuthHttpHeaderException(io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
IOException(java.io.IOException)
Nullable(javax.annotation.Nullable)
Example 2 with EciesEncryptedResponse
use of io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse in project powerauth-restful-integration by lime-company.
the class ActivationService method prepareEncryptedResponse.
/**
* Prepare payload for the encrypted response.
*
* @param encryptedData Encrypted data.
* @param mac MAC code of the encrypted data.
* @param processedCustomAttributes Custom attributes to be returned.
* @return Encrypted response object.
*/
private ActivationLayer1Response prepareEncryptedResponse(String encryptedData, String mac, Map<String, Object> processedCustomAttributes) {
// Prepare encrypted response object for layer 2
final EciesEncryptedResponse encryptedResponseL2 = new EciesEncryptedResponse();
encryptedResponseL2.setEncryptedData(encryptedData);
encryptedResponseL2.setMac(mac);
// The response is encrypted once more before sent to client using ResponseBodyAdvice
final ActivationLayer1Response responseL1 = new ActivationLayer1Response();
responseL1.setCustomAttributes(processedCustomAttributes);
responseL1.setActivationData(encryptedResponseL2);
return responseL1;
}
Also used :
EciesEncryptedResponse(io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse)
ActivationLayer1Response(io.getlime.security.powerauth.rest.api.model.response.v3.ActivationLayer1Response)
Example 3 with EciesEncryptedResponse
use of io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse in project powerauth-restful-integration by lime-company.
the class ActivationService method createActivation.
/**
* Create activation.
*
* @param request Create activation layer 1 request.
* @param eciesContext PowerAuth ECIES encryption context.
* @return Create activation layer 1 response.
* @throws PowerAuthActivationException In case create activation fails.
* @throws PowerAuthRecoveryException In case activation recovery fails.
*/
public ActivationLayer1Response createActivation(ActivationLayer1Request request, EciesEncryptionContext eciesContext) throws PowerAuthActivationException, PowerAuthRecoveryException {
try {
final String applicationKey = eciesContext.getApplicationKey();
final EciesEncryptedRequest activationData = request.getActivationData();
final String ephemeralPublicKey = activationData.getEphemeralPublicKey();
final String encryptedData = activationData.getEncryptedData();
final String mac = activationData.getMac();
final String nonce = activationData.getNonce();
final Map<String, String> identity = request.getIdentityAttributes();
final Map<String, Object> customAttributes = (request.getCustomAttributes() != null) ? request.getCustomAttributes() : new HashMap<>();
// Validate inner encryption
if (nonce == null && !"3.0".equals(eciesContext.getVersion())) {
logger.warn("Missing nonce for protocol version: {}", eciesContext.getVersion());
throw new PowerAuthActivationException();
}
switch(request.getType()) {
// Regular activation which uses "code" identity attribute
case CODE:
{
// Check if identity attributes are present
if (identity == null || identity.isEmpty()) {
logger.warn("Identity attributes are missing for code activation");
throw new PowerAuthActivationException();
}
// Extract data from request and encryption object
final String activationCode = identity.get("code");
if (activationCode == null || activationCode.isEmpty()) {
logger.warn("Activation code is missing");
throw new PowerAuthActivationException();
}
// Call PrepareActivation method on PA server
final PrepareActivationResponse response = powerAuthClient.prepareActivation(activationCode, applicationKey, ephemeralPublicKey, encryptedData, mac, nonce);
// Create context for passing parameters between activation provider calls
final Map<String, Object> context = new LinkedHashMap<>();
Map<String, Object> processedCustomAttributes = customAttributes;
// In case a custom activation provider is enabled, process custom attributes and save any flags
if (activationProvider != null) {
processedCustomAttributes = activationProvider.processCustomActivationAttributes(customAttributes, response.getActivationId(), response.getUserId(), response.getApplicationId(), ActivationType.CODE, context);
List<String> activationFlags = activationProvider.getActivationFlags(identity, processedCustomAttributes, response.getActivationId(), response.getUserId(), response.getApplicationId(), ActivationType.CODE, context);
if (activationFlags != null && !activationFlags.isEmpty()) {
powerAuthClient.addActivationFlags(response.getActivationId(), activationFlags);
}
}
boolean notifyActivationCommit = false;
if (response.getActivationStatus() == ActivationStatus.ACTIVE) {
// Activation was committed instantly due to presence of Activation OTP.
notifyActivationCommit = true;
} else {
// Otherwise check if activation should be committed instantly and if yes, perform commit.
if (activationProvider != null && activationProvider.shouldAutoCommitActivation(identity, customAttributes, response.getActivationId(), response.getUserId(), response.getApplicationId(), ActivationType.CODE, context)) {
CommitActivationResponse commitResponse = powerAuthClient.commitActivation(response.getActivationId(), null);
notifyActivationCommit = commitResponse.isActivated();
}
}
// Notify activation provider about an activation commit.
if (activationProvider != null && notifyActivationCommit) {
activationProvider.activationWasCommitted(identity, customAttributes, response.getActivationId(), response.getUserId(), response.getApplicationId(), ActivationType.CODE, context);
}
// Prepare and return encrypted response
return prepareEncryptedResponse(response.getEncryptedData(), response.getMac(), processedCustomAttributes);
}
// Custom activation
case CUSTOM:
{
// Check if there is a custom activation provider available, return an error in case it is not available
if (activationProvider == null) {
logger.warn("Activation provider is not available");
throw new PowerAuthActivationException();
}
// Check if identity attributes are present
if (identity == null || identity.isEmpty()) {
logger.warn("Identity attributes are missing for custom activation");
throw new PowerAuthActivationException();
}
// Create context for passing parameters between activation provider calls
final Map<String, Object> context = new LinkedHashMap<>();
// Lookup user ID using a provided identity attributes
final String userId = activationProvider.lookupUserIdForAttributes(identity, context);
// If no user was found or user ID is invalid, return an error
if (userId == null || userId.equals("") || userId.length() > 255) {
logger.warn("Invalid user ID: {}", userId);
throw new PowerAuthActivationException();
}
// Resolve maxFailedCount and activationExpireTimestamp parameters, null value means use value configured on PowerAuth server
final Integer maxFailed = activationProvider.getMaxFailedAttemptCount(identity, customAttributes, userId, ActivationType.CUSTOM, context);
final Long maxFailedCount = maxFailed == null ? null : maxFailed.longValue();
final Long activationValidityPeriod = activationProvider.getValidityPeriodDuringActivation(identity, customAttributes, userId, ActivationType.CUSTOM, context);
Date activationExpireTimestamp = null;
if (activationValidityPeriod != null) {
Instant now = Instant.now();
Instant expiration = now.plusMillis(activationValidityPeriod);
activationExpireTimestamp = Date.from(expiration);
}
// Create activation for a looked up user and application related to the given application key
final CreateActivationResponse response = powerAuthClient.createActivation(userId, activationExpireTimestamp, maxFailedCount, applicationKey, ephemeralPublicKey, encryptedData, mac, nonce);
// Process custom attributes using a custom logic
final Map<String, Object> processedCustomAttributes = activationProvider.processCustomActivationAttributes(customAttributes, response.getActivationId(), userId, response.getApplicationId(), ActivationType.CUSTOM, context);
// Save activation flags in case the provider specified any flags
final List<String> activationFlags = activationProvider.getActivationFlags(identity, processedCustomAttributes, response.getActivationId(), userId, response.getApplicationId(), ActivationType.CUSTOM, context);
if (activationFlags != null && !activationFlags.isEmpty()) {
powerAuthClient.addActivationFlags(response.getActivationId(), activationFlags);
}
// Check if activation should be committed instantly and if yes, perform commit
if (activationProvider.shouldAutoCommitActivation(identity, customAttributes, response.getActivationId(), userId, response.getApplicationId(), ActivationType.CUSTOM, context)) {
final CommitActivationResponse commitResponse = powerAuthClient.commitActivation(response.getActivationId(), null);
if (commitResponse.isActivated()) {
activationProvider.activationWasCommitted(identity, customAttributes, response.getActivationId(), userId, response.getApplicationId(), ActivationType.CUSTOM, context);
}
}
// Prepare encrypted activation data
final EciesEncryptedResponse encryptedActivationData = new EciesEncryptedResponse(response.getEncryptedData(), response.getMac());
// Prepare the created activation response data
final ActivationLayer1Response responseL1 = new ActivationLayer1Response();
responseL1.setCustomAttributes(processedCustomAttributes);
responseL1.setActivationData(encryptedActivationData);
// Return response
return responseL1;
}
// Activation using recovery code
case RECOVERY:
{
// Check if identity attributes are present
if (identity == null || identity.isEmpty()) {
logger.warn("Identity attributes are missing for activation recovery");
throw new PowerAuthActivationException();
}
// Extract data from request and encryption object
final String recoveryCode = identity.get("recoveryCode");
final String recoveryPuk = identity.get("puk");
if (recoveryCode == null || recoveryCode.isEmpty()) {
logger.warn("Recovery code is missing");
throw new PowerAuthActivationException();
}
if (recoveryPuk == null || recoveryPuk.isEmpty()) {
logger.warn("Recovery PUK is missing");
throw new PowerAuthActivationException();
}
// Create context for passing parameters between activation provider calls
final Map<String, Object> context = new LinkedHashMap<>();
// Resolve maxFailedCount, user ID is not known
Long maxFailedCount = null;
if (activationProvider != null) {
final Integer maxFailed = activationProvider.getMaxFailedAttemptCount(identity, customAttributes, null, ActivationType.RECOVERY, context);
maxFailedCount = maxFailed == null ? null : maxFailed.longValue();
}
// Call RecoveryCodeActivation method on PA server
final RecoveryCodeActivationResponse response = powerAuthClient.createActivationUsingRecoveryCode(recoveryCode, recoveryPuk, applicationKey, maxFailedCount, ephemeralPublicKey, encryptedData, mac, nonce);
Map<String, Object> processedCustomAttributes = customAttributes;
// In case a custom activation provider is enabled, process custom attributes and save any flags
if (activationProvider != null) {
processedCustomAttributes = activationProvider.processCustomActivationAttributes(customAttributes, response.getActivationId(), response.getUserId(), response.getApplicationId(), ActivationType.RECOVERY, context);
final List<String> activationFlags = activationProvider.getActivationFlags(identity, processedCustomAttributes, response.getActivationId(), response.getUserId(), response.getApplicationId(), ActivationType.RECOVERY, context);
if (activationFlags != null && !activationFlags.isEmpty()) {
powerAuthClient.addActivationFlags(response.getActivationId(), activationFlags);
}
}
// Automatically commit activation by default, the optional activation provider can override automatic commit
if (activationProvider == null || activationProvider.shouldAutoCommitActivation(identity, customAttributes, response.getActivationId(), response.getUserId(), response.getApplicationId(), ActivationType.RECOVERY, context)) {
final CommitActivationResponse commitResponse = powerAuthClient.commitActivation(response.getActivationId(), null);
if (activationProvider != null && commitResponse.isActivated()) {
activationProvider.activationWasCommitted(identity, customAttributes, response.getActivationId(), response.getUserId(), response.getApplicationId(), ActivationType.RECOVERY, context);
}
}
// Prepare and return encrypted response
return prepareEncryptedResponse(response.getEncryptedData(), response.getMac(), processedCustomAttributes);
}
default:
logger.warn("Invalid activation request");
throw new PowerAuthInvalidRequestException();
}
} catch (PowerAuthClientException ex) {
if (ex.getPowerAuthError() instanceof PowerAuthErrorRecovery) {
final PowerAuthErrorRecovery errorRecovery = (PowerAuthErrorRecovery) ex.getPowerAuthError();
logger.debug("Invalid recovery code, current PUK index: {}", errorRecovery.getCurrentRecoveryPukIndex());
throw new PowerAuthRecoveryException(ex.getMessage(), "INVALID_RECOVERY_CODE", errorRecovery.getCurrentRecoveryPukIndex());
}
logger.warn("Creating PowerAuth activation failed, error: {}", ex.getMessage());
logger.debug(ex.getMessage(), ex);
throw new PowerAuthActivationException();
} catch (PowerAuthActivationException ex) {
// Do not swallow PowerAuthActivationException for custom activations.
// See: https://github.com/wultra/powerauth-restful-integration/issues/199
logger.warn("Creating PowerAuth activation failed, error: {}", ex.getMessage());
throw ex;
} catch (Exception ex) {
logger.warn("Creating PowerAuth activation failed, error: {}", ex.getMessage());
logger.debug(ex.getMessage(), ex);
throw new PowerAuthActivationException();
}
}
Also used :
PowerAuthClientException(com.wultra.security.powerauth.client.model.error.PowerAuthClientException)
PowerAuthInvalidRequestException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException)
ActivationLayer1Response(io.getlime.security.powerauth.rest.api.model.response.v3.ActivationLayer1Response)
Instant(java.time.Instant)
EciesEncryptedRequest(io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest)
PowerAuthActivationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException)
PowerAuthInvalidRequestException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException)
PowerAuthClientException(com.wultra.security.powerauth.client.model.error.PowerAuthClientException)
PowerAuthRecoveryException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthRecoveryException)
PowerAuthActivationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthActivationException)
PowerAuthRecoveryException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthRecoveryException)
PowerAuthErrorRecovery(com.wultra.security.powerauth.client.model.error.PowerAuthErrorRecovery)
EciesEncryptedResponse(io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse)
Example 4 with EciesEncryptedResponse
use of io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse in project powerauth-restful-integration by lime-company.
the class SecureVaultService method vaultUnlock.
/**
* Unlock secure vault.
* @param header PowerAuth signature HTTP header.
* @param request ECIES encrypted vault unlock request.
* @param httpServletRequest HTTP servlet request.
* @return ECIES encrypted vault unlock response.
* @throws PowerAuthSecureVaultException In case vault unlock request fails.
* @throws PowerAuthAuthenticationException In case authentication fails.
*/
public EciesEncryptedResponse vaultUnlock(PowerAuthSignatureHttpHeader header, EciesEncryptedRequest request, HttpServletRequest httpServletRequest) throws PowerAuthSecureVaultException, PowerAuthAuthenticationException {
try {
final SignatureTypeConverter converter = new SignatureTypeConverter();
final String activationId = header.getActivationId();
final String applicationKey = header.getApplicationKey();
final String signature = header.getSignature();
final SignatureType signatureType = converter.convertFrom(header.getSignatureType());
if (signatureType == null) {
logger.warn("Invalid signature type: {}", header.getSignatureType());
throw new PowerAuthSignatureTypeInvalidException();
}
final String signatureVersion = header.getVersion();
final String nonce = header.getNonce();
// Fetch data from the request
final String ephemeralPublicKey = request.getEphemeralPublicKey();
final String encryptedData = request.getEncryptedData();
final String mac = request.getMac();
final String eciesNonce = request.getNonce();
// Prepare data for signature to allow signature verification on PowerAuth server
final byte[] requestBodyBytes = authenticationProvider.extractRequestBodyBytes(httpServletRequest);
final String data = PowerAuthHttpBody.getSignatureBaseString("POST", "/pa/vault/unlock", BaseEncoding.base64().decode(nonce), requestBodyBytes);
// Verify signature and get encrypted vault encryption key from PowerAuth server
final VaultUnlockResponse paResponse = powerAuthClient.unlockVault(activationId, applicationKey, signature, signatureType, signatureVersion, data, ephemeralPublicKey, encryptedData, mac, eciesNonce);
if (!paResponse.isSignatureValid()) {
logger.debug("Signature validation failed");
throw new PowerAuthSignatureInvalidException();
}
return new EciesEncryptedResponse(paResponse.getEncryptedData(), paResponse.getMac());
} catch (PowerAuthAuthenticationException ex) {
throw ex;
} catch (Exception ex) {
logger.warn("PowerAuth vault unlock failed, error: {}", ex.getMessage());
logger.debug(ex.getMessage(), ex);
throw new PowerAuthSecureVaultException();
}
}
Also used :
PowerAuthSecureVaultException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException)
PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException)
PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException)
EciesEncryptedResponse(io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse)
PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException)
SignatureType(com.wultra.security.powerauth.client.v3.SignatureType)
VaultUnlockResponse(com.wultra.security.powerauth.client.v3.VaultUnlockResponse)
PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException)
PowerAuthSignatureTypeInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException)
PowerAuthSecureVaultException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthSecureVaultException)
PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException)
SignatureTypeConverter(io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)
Example 5 with EciesEncryptedResponse
use of io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse in project powerauth-restful-integration by lime-company.
the class UpgradeService method upgradeStart.
/**
* Start upgrade of activation to version 3.
* @param request ECIES encrypted upgrade start request.
* @param header PowerAuth encryption HTTP header.
* @return ECIES encrypted upgrade activation response.
* @throws PowerAuthUpgradeException In case upgrade start fails.
*/
public EciesEncryptedResponse upgradeStart(EciesEncryptedRequest request, PowerAuthEncryptionHttpHeader header) throws PowerAuthUpgradeException {
try {
// Fetch data from the request
final String ephemeralPublicKey = request.getEphemeralPublicKey();
final String encryptedData = request.getEncryptedData();
final String mac = request.getMac();
final String nonce = request.getNonce();
// Get ECIES headers
final String activationId = header.getActivationId();
final String applicationKey = header.getApplicationKey();
// Start upgrade on PowerAuth server
final StartUpgradeResponse upgradeResponse = powerAuthClient.startUpgrade(activationId, applicationKey, ephemeralPublicKey, encryptedData, mac, nonce);
// Prepare a response
final EciesEncryptedResponse response = new EciesEncryptedResponse();
response.setMac(upgradeResponse.getMac());
response.setEncryptedData(upgradeResponse.getEncryptedData());
return response;
} catch (Exception ex) {
logger.warn("PowerAuth upgrade start failed, error: {}", ex.getMessage());
logger.debug(ex.getMessage(), ex);
throw new PowerAuthUpgradeException();
}
}
Also used :
StartUpgradeResponse(com.wultra.security.powerauth.client.v3.StartUpgradeResponse)
PowerAuthUpgradeException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthUpgradeException)
EciesEncryptedResponse(io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse)
PowerAuthUpgradeException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthUpgradeException)
PowerAuthAuthenticationException(io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException)
PowerAuthInvalidRequestException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException)
PowerAuthSignatureInvalidException(io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException)
Aggregations
EciesEncryptedResponse (io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse)8
PowerAuthAuthenticationException (io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException)4
PowerAuthInvalidRequestException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException)3
SignatureType (com.wultra.security.powerauth.client.v3.SignatureType)2
EciesCryptogram (io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesCryptogram)2
PowerAuthSignatureHttpHeader (io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader)2
ActivationLayer1Response (io.getlime.security.powerauth.rest.api.model.response.v3.ActivationLayer1Response)2
SignatureTypeConverter (io.getlime.security.powerauth.rest.api.spring.converter.v3.SignatureTypeConverter)2
PowerAuthSignatureInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException)2
PowerAuthSignatureTypeInvalidException (io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureTypeInvalidException)2
IOException (java.io.IOException)2
JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1
PowerAuthClientException (com.wultra.security.powerauth.client.model.error.PowerAuthClientException)1
PowerAuthErrorRecovery (com.wultra.security.powerauth.client.model.error.PowerAuthErrorRecovery)1
ConfirmRecoveryCodeResponse (com.wultra.security.powerauth.client.v3.ConfirmRecoveryCodeResponse)1
CreateTokenResponse (com.wultra.security.powerauth.client.v3.CreateTokenResponse)1
StartUpgradeResponse (com.wultra.security.powerauth.client.v3.StartUpgradeResponse)1
VaultUnlockResponse (com.wultra.security.powerauth.client.v3.VaultUnlockResponse)1
EciesDecryptor (io.getlime.security.powerauth.crypto.lib.encryptor.ecies.EciesDecryptor)1
PowerAuthSignatureTypes (io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes)1
