RubyGems - smart-id-ruby-client - Versions diffs - 0.1.0 - Mend

smart-id-ruby-client 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (86) hide show

data/lib/smart_id_ruby/validation/signature_response_validator.rb ADDED Viewed

@@ -0,0 +1,345 @@
+# frozen_string_literal: true
+require "base64"
+require "openssl"
+module SmartIdRuby
+  module Validation
+    # Validates signature response data.
+    class SignatureResponseValidator
+      BASE64_PATTERN = /\A[a-zA-Z0-9+\/]+={0,2}\z/.freeze
+      CERTIFICATE_LEVEL_ORDER = { "ADVANCED" => 1, "QUALIFIED" => 2, "QSCD" => 2 }.freeze
+      SUPPORTED_FLOW_TYPES = ["QR", "Web2App", "App2App", "Notification"].freeze
+      SUPPORTED_TRAILER_FIELD = "0xbc"
+      SUPPORTED_MASK_GEN_ALGORITHM = "id-mgf1"
+      QC_STATEMENTS_EXTENSION_OID = "1.3.6.1.5.5.7.1.3"
+      QC_TYPE_STATEMENT_OID = "0.4.0.1862.1.6"
+      QUALIFIED_ELECTRONIC_SIGNATURE_OID = "0.4.0.1862.1.6.1"
+      SUPPORTED_HASH_ALGORITHMS = {
+        "SHA-256" => 32,
+        "SHA-384" => 48,
+        "SHA-512" => 64,
+        "SHA3-256" => 32,
+        "SHA3-384" => 48,
+        "SHA3-512" => 64
+      }.freeze
+      def initialize(certificate_validator: CertificateValidator.new)
+        @certificate_validator = certificate_validator
+      end
+      def validate(session_status, requested_certificate_level)
+        status = normalize_status(session_status)
+        if status.nil?
+          raise SmartIdRuby::Errors::RequestSetupError, "Parameter 'sessionStatus' is not provided"
+        end
+        if requested_certificate_level.nil?
+          raise SmartIdRuby::Errors::RequestSetupError, "Parameter 'requestedCertificateLevel' is not provided"
+        end
+        if blank?(status.state)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'state' is empty"
+        end
+        unless status.complete?
+          raise SmartIdRuby::Errors::RequestSetupError, "Session is not complete. State: #{status.state}"
+        end
+        validate_session_result(status, requested_certificate_level)
+      end
+      private
+      def validate_session_result(status, requested_certificate_level)
+        result = status.result
+        if result.nil?
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'result' is missing"
+        end
+        if blank?(result.end_result)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'result.endResult' is empty"
+        end
+        ErrorResultHandler.handle(result) unless result.end_result == "OK"
+        if blank?(result.document_number)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'result.documentNumber' is empty"
+        end
+        if blank?(status.interaction_type_used)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'interactionTypeUsed' is empty"
+        end
+        if blank?(status.signature_protocol)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'signatureProtocol' is empty"
+        end
+        certificate_level, certificate = validate_certificate(status.cert, requested_certificate_level)
+        validate_signature(status)
+        SmartIdRuby::Models::SignatureResponse.new(
+          end_result: result.end_result,
+          signature_value_in_base64: status.signature.value,
+          algorithm_name: status.signature.signature_algorithm,
+          flow_type: status.signature.flow_type,
+          certificate: certificate,
+          requested_certificate_level: requested_certificate_level,
+          certificate_level: certificate_level,
+          document_number: result.document_number,
+          interaction_flow_used: status.interaction_type_used,
+          device_ip_address: status.device_ip_address,
+          rsa_ssa_pss_parameters: status.signature.signature_algorithm_parameters
+        )
+      end
+      def validate_certificate(session_certificate, requested_certificate_level)
+        if session_certificate.nil?
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'cert' is missing"
+        end
+        if blank?(session_certificate.value)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'cert.value' is empty"
+        end
+        if blank?(session_certificate.certificate_level)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'cert.certificateLevel' is empty"
+        end
+        unless CERTIFICATE_LEVEL_ORDER.key?(session_certificate.certificate_level)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'cert.certificateLevel' has unsupported value"
+        end
+        level = session_certificate.certificate_level
+        requested_level = requested_certificate_level.to_s
+        requested_level = "QUALIFIED" if requested_level.strip.empty?
+        if CERTIFICATE_LEVEL_ORDER[level] < CERTIFICATE_LEVEL_ORDER.fetch(requested_level, CERTIFICATE_LEVEL_ORDER["QUALIFIED"])
+          raise SmartIdRuby::Errors::CertificateLevelMismatchError
+        end
+        certificate = parse_certificate(session_certificate.value, "Signature certificate is invalid")
+        @certificate_validator.validate(certificate) if @certificate_validator
+        validate_signature_certificate_purpose(certificate, level)
+        [level, certificate]
+      end
+      def validate_signature_certificate_purpose(certificate, certificate_level)
+        key_usage = certificate.extensions.find { |ext| ext.oid == "keyUsage" }&.value.to_s
+        unless key_usage.match?(/Non[- ]Repudiation/i)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Certificate does not have Non-Repudiation set in 'KeyUsage' extension"
+        end
+        return if certificate_level == "ADVANCED"
+        policy_oids = extract_certificate_policy_oids(certificate)
+        if policy_oids.empty?
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Certificate does not have certificate policy OIDs"
+        end
+        required = ["1.3.6.1.4.1.10015.17.2", "0.4.0.194112.1.2"]
+        unless (required - policy_oids).empty?
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Certificate does not contain required qualified certificate policy OIDs"
+        end
+        validate_certificate_can_be_used_for_qualified_electronic_signature(certificate)
+      end
+      def validate_certificate_can_be_used_for_qualified_electronic_signature(certificate)
+        extension = certificate.extensions.find do |ext|
+          ["qcStatements", QC_STATEMENTS_EXTENSION_OID].include?(ext.oid)
+        end
+        if extension.nil?
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Certificate does not have 'QCStatements' extension"
+        end
+        unless has_qualified_signature_oid?(extension)
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Certificate does not have electronic signature OID " \
+                "(#{QUALIFIED_ELECTRONIC_SIGNATURE_OID}) in QCStatements extension."
+        end
+      end
+      def has_qualified_signature_oid?(extension)
+        decoded = OpenSSL::ASN1.decode(extension.to_der)
+        octet_string = decoded.value.find { |node| node.is_a?(OpenSSL::ASN1::OctetString) }
+        return false if octet_string.nil?
+        inner = OpenSSL::ASN1.decode(octet_string.value)
+        contains_qc_type_statement_with_esign?(inner)
+      rescue OpenSSL::ASN1::ASN1Error
+        raise SmartIdRuby::Errors::RequestSetupError, "Unable to parse QCStatements extension"
+      end
+      def contains_qc_type_statement_with_esign?(root_node)
+        statement_nodes = collect_asn1_sequences(root_node)
+        statement_nodes.any? do |statement|
+          values = statement.value
+          next false unless values.is_a?(Array) && values.first.is_a?(OpenSSL::ASN1::ObjectId)
+          next false unless values.first.oid == QC_TYPE_STATEMENT_OID
+          contains_object_id?(statement, QUALIFIED_ELECTRONIC_SIGNATURE_OID)
+        end
+      end
+      def collect_asn1_sequences(node, acc = [])
+        return acc unless node.respond_to?(:value)
+        value = node.value
+        if node.is_a?(OpenSSL::ASN1::Sequence) && value.is_a?(Array)
+          acc << node
+          value.each { |child| collect_asn1_sequences(child, acc) }
+        elsif value.is_a?(Array)
+          value.each { |child| collect_asn1_sequences(child, acc) }
+        end
+        acc
+      end
+      def contains_object_id?(node, expected_oid)
+        return false unless node.respond_to?(:value)
+        value = node.value
+        return value == expected_oid if node.is_a?(OpenSSL::ASN1::ObjectId)
+        return false unless value.is_a?(Array)
+        value.any? { |child| contains_object_id?(child, expected_oid) }
+      end
+      def validate_signature(status)
+        unless status.signature_protocol.to_s.casecmp("RAW_DIGEST_SIGNATURE").zero?
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'signatureProtocol' has unsupported value"
+        end
+        signature = status.signature
+        if signature.nil?
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'signature' is missing"
+        end
+        validate_signature_value(signature.value)
+        validate_signature_algorithm_name(signature.signature_algorithm)
+        validate_flow_type(signature.flow_type)
+        validate_signature_algorithm_parameters(signature.signature_algorithm_parameters)
+      end
+      def validate_signature_value(value)
+        if blank?(value)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'signature.value' is empty"
+        end
+        return if BASE64_PATTERN.match?(value)
+        raise SmartIdRuby::Errors::UnprocessableResponseError,
+              "Signature session status field 'signature.value' does not have Base64-encoded value"
+      end
+      def validate_signature_algorithm_name(signature_algorithm)
+        if blank?(signature_algorithm)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field 'signature.signatureAlgorithm' is missing"
+        end
+        return if signature_algorithm == "rsassa-pss"
+        raise SmartIdRuby::Errors::UnprocessableResponseError,
+              "Signature session status field 'signature.signatureAlgorithm' has unsupported value"
+      end
+      def validate_flow_type(flow_type)
+        if blank?(flow_type)
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature session status field `signature.flowType` is empty"
+        end
+        return if SUPPORTED_FLOW_TYPES.include?(flow_type)
+        raise SmartIdRuby::Errors::UnprocessableResponseError,
+              "Signature session status field 'signature.flowType' has unsupported value"
+      end
+      def validate_signature_algorithm_parameters(params)
+        if params.nil?
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters' is missing"
+        end
+        hash_algorithm = params.hash_algorithm
+        if blank?(hash_algorithm)
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.hashAlgorithm' is empty"
+        end
+        unless SUPPORTED_HASH_ALGORITHMS.key?(hash_algorithm)
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.hashAlgorithm' has unsupported value"
+        end
+        mask_gen_algorithm = params.mask_gen_algorithm
+        if mask_gen_algorithm.nil?
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.maskGenAlgorithm' is missing"
+        end
+        mask_algorithm = fetch_hash_value(mask_gen_algorithm, :algorithm)
+        if blank?(mask_algorithm)
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.maskGenAlgorithm.algorithm' is empty"
+        end
+        unless mask_algorithm == SUPPORTED_MASK_GEN_ALGORITHM
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.maskGenAlgorithm.algorithm' has unsupported value"
+        end
+        mask_parameters = fetch_hash_value(mask_gen_algorithm, :parameters)
+        if mask_parameters.nil?
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.maskGenAlgorithm.parameters' is missing"
+        end
+        mask_hash_algorithm = fetch_hash_value(mask_parameters, :hashAlgorithm)
+        if blank?(mask_hash_algorithm)
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.maskGenAlgorithm.parameters.hashAlgorithm' is empty"
+        end
+        unless SUPPORTED_HASH_ALGORITHMS.key?(mask_hash_algorithm)
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.maskGenAlgorithm.parameters.hashAlgorithm' has unsupported value"
+        end
+        unless hash_algorithm == mask_hash_algorithm
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.maskGenAlgorithm.parameters.hashAlgorithm' value does not match 'signature.signatureAlgorithmParameters.hashAlgorithm' value"
+        end
+        if params.salt_length.nil?
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.saltLength' is missing"
+        end
+        unless params.salt_length == SUPPORTED_HASH_ALGORITHMS[hash_algorithm]
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature session status field 'signature.signatureAlgorithmParameters.saltLength' has invalid value"
+        end
+        if blank?(params.trailer_field)
+          raise SmartIdRuby::Errors::UnprocessableResponseError,
+                "Signature status field `signature.signatureAlgorithmParameters.trailerField` is empty"
+        end
+        return if params.trailer_field == SUPPORTED_TRAILER_FIELD
+        raise SmartIdRuby::Errors::UnprocessableResponseError,
+              "Signature status field `signature.signatureAlgorithmParameters.trailerField` has unsupported value"
+      end
+      def parse_certificate(value, error_message)
+        decoded = Base64.decode64(value.to_s)
+        certificate = OpenSSL::X509::Certificate.new(decoded)
+        now = Time.now
+        return certificate if certificate.not_before <= now && now <= certificate.not_after
+        raise SmartIdRuby::Errors::UnprocessableResponseError, error_message
+      rescue OpenSSL::X509::CertificateError, ArgumentError
+        raise SmartIdRuby::Errors::UnprocessableResponseError, error_message
+      end
+      def extract_certificate_policy_oids(certificate)
+        extension = certificate.extensions.find { |ext| ext.oid == "certificatePolicies" }
+        return [] unless extension
+        extension.value.scan(/\b\d+(?:\.\d+)+\b/)
+      end
+      def normalize_status(session_status)
+        return session_status if session_status.respond_to?(:result)
+        return SmartIdRuby::Models::SessionStatus.from_h(session_status) if session_status.is_a?(Hash)
+        nil
+      end
+      def fetch_hash_value(payload, key)
+        return nil unless payload.respond_to?(:[])
+        payload[key] || payload[key.to_s]
+      end
+      def blank?(value)
+        value.nil? || value.to_s.strip.empty?
+      end
+    end
+  end
+end

data/lib/smart_id_ruby/validation/signature_value_validator.rb ADDED Viewed

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+require "base64"
+require "openssl"
+module SmartIdRuby
+  module Validation
+    # Validates RSASSA-PSS signature value in authentication/signature responses.
+    class SignatureValueValidator
+      def validate(signature_value:, payload:, certificate:, signature_algorithm_parameters:)
+        validate_inputs(signature_value, payload, certificate, signature_algorithm_parameters)
+        decoded_signature_value = decode_signature_value(signature_value)
+        digest = openssl_digest(signature_algorithm_parameters.hash_algorithm)
+        mgf_hash_algorithm = fetch_hash_value(signature_algorithm_parameters.mask_gen_algorithm, :parameters)
+        mgf_hash_algorithm = fetch_hash_value(mgf_hash_algorithm, :hashAlgorithm)
+        mgf_digest = openssl_digest(mgf_hash_algorithm)
+        valid = certificate.public_key.verify_pss(
+          digest,
+          decoded_signature_value,
+          payload,
+          salt_length: signature_algorithm_parameters.salt_length,
+          mgf1_hash: mgf_digest
+        )
+        return if valid
+        raise SmartIdRuby::Errors::UnprocessableResponseError,
+              "Provided signature value does not match the calculated signature value"
+      rescue OpenSSL::PKey::PKeyError, ArgumentError
+        raise SmartIdRuby::Errors::UnprocessableResponseError, "Invalid signature algorithm parameters were provided"
+      rescue SmartIdRuby::Errors::UnprocessableResponseError
+        raise
+      rescue StandardError
+        raise SmartIdRuby::Errors::UnprocessableResponseError, "Signature value validation failed"
+      end
+      private
+      def validate_inputs(signature_value, payload, certificate, signature_algorithm_parameters)
+        raise SmartIdRuby::Errors::RequestSetupError, "Parameter 'signatureValue' is not provided" if signature_value.nil?
+        raise SmartIdRuby::Errors::RequestSetupError, "Parameter 'payload' is not provided" if payload.nil?
+        raise SmartIdRuby::Errors::RequestSetupError, "Parameter 'certificate' is not provided" if certificate.nil?
+        return unless signature_algorithm_parameters.nil?
+        raise SmartIdRuby::Errors::RequestSetupError, "Parameter 'rsaSsaPssParameters' is not provided"
+      end
+      def decode_signature_value(signature_value_in_base64)
+        Base64.decode64(signature_value_in_base64)
+      rescue ArgumentError
+        raise SmartIdRuby::Errors::UnprocessableResponseError,
+              "Failed to parse signature value in base64. Incorrectly encoded base64 string: '#{signature_value_in_base64}'"
+      end
+      def openssl_digest(hash_algorithm)
+        case hash_algorithm
+        when "SHA-256" then OpenSSL::Digest.new("SHA256")
+        when "SHA-384" then OpenSSL::Digest.new("SHA384")
+        when "SHA-512" then OpenSSL::Digest.new("SHA512")
+        when "SHA3-256" then OpenSSL::Digest.new("SHA3-256")
+        when "SHA3-384" then OpenSSL::Digest.new("SHA3-384")
+        when "SHA3-512" then OpenSSL::Digest.new("SHA3-512")
+        else
+          raise SmartIdRuby::Errors::UnprocessableResponseError, "Invalid signature algorithm parameters were provided"
+        end
+      end
+      def fetch_hash_value(payload, key)
+        return nil unless payload.respond_to?(:[])
+        payload[key] || payload[key.to_s]
+      end
+    end
+  end
+end

data/lib/smart_id_ruby/validation/trusted_ca_cert_store.rb ADDED Viewed

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+module SmartIdRuby
+  module Validation
+    # Container for trust anchors and CA certificates used in validation.
+    class TrustedCaCertStore
+      attr_reader :trust_anchors, :trusted_ca_certificates, :ocsp_enabled
+      def initialize(trust_anchors:, trusted_ca_certificates:, ocsp_enabled: false)
+        @trust_anchors = Array(trust_anchors).dup.freeze
+        @trusted_ca_certificates = Array(trusted_ca_certificates).dup.freeze
+        @ocsp_enabled = !!ocsp_enabled
+      end
+      def ocsp_enabled?
+        ocsp_enabled
+      end
+    end
+  end
+end

data/lib/smart_id_ruby/verification_code_calculator.rb ADDED Viewed

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+require "openssl"
+module SmartIdRuby
+  # Utility class for calculating verification code from a hash input.
+  class VerificationCodeCalculator
+    class << self
+      # The Verification Code (VC) is computed as:
+      # integer(SHA256(data)[-2..-1]) mod 10000
+      # where SHA256 rightmost 2 bytes are interpreted as unsigned big-endian.
+      def calculate(data)
+        validate_data!(data)
+        digest = OpenSSL::Digest::SHA256.digest(data.b)
+        rightmost_two_bytes = digest[-2, 2]
+        unsigned_value = rightmost_two_bytes.unpack1("n")
+        format("%04d", unsigned_value % 10_000)
+      end
+      private
+      def validate_data!(data)
+        return if data.is_a?(String) && !data.empty?
+        raise SmartIdRuby::Errors::RequestValidationError, "Parameter 'data' cannot be empty"
+      end
+    end
+  end
+end

data/lib/smart_id_ruby/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+module SmartIdRuby
+  VERSION = "0.1.0"
+end

data/lib/smart_id_ruby.rb ADDED Viewed

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+require "json"
+require "logger"
+require "openssl"
+require_relative "smart_id_ruby/configuration"
+#
+# Top-level namespace for the Smart-ID Ruby client library.
+# Provides configuration, logging, and access to Smart-ID API flows and models.
+module SmartIdRuby
+  class Error < StandardError; end
+  extend Configuration
+  class << self
+    attr_writer :logger
+    def logger
+      @logger ||= if defined?(Rails) && Rails.respond_to?(:logger) && Rails.logger
+                    Rails.logger
+                  else
+                    Logger.new($stdout).tap do |instance|
+                      instance.progname = "smart_id"
+                      instance.level = Logger::WARN
+                    end
+                  end
+    end
+  end
+end
+require_relative "smart_id_ruby/version"
+require_relative "smart_id_ruby/errors"
+require_relative "smart_id_ruby/client"
+require_relative "smart_id_ruby/rp_challenge"
+require_relative "smart_id_ruby/rp_challenge_generator"
+require_relative "smart_id_ruby/verification_code_calculator"
+require_relative "smart_id_ruby/semantics_identifier"
+require_relative "smart_id_ruby/callback_url"
+require_relative "smart_id_ruby/callback_url_util"
+require_relative "smart_id_ruby/device_link_builder"
+require_relative "smart_id_ruby/qr_code_generator"
+require_relative "smart_id_ruby/device_link_interaction"
+require_relative "smart_id_ruby/notification_interaction"
+require_relative "smart_id_ruby/rest/connector"
+require_relative "smart_id_ruby/rest/session_status_poller"
+require_relative "smart_id_ruby/models/authentication_response"
+require_relative "smart_id_ruby/models/authentication_identity"
+require_relative "smart_id_ruby/models/device_link_session_response"
+require_relative "smart_id_ruby/models/notification_authentication_session_response"
+require_relative "smart_id_ruby/models/notification_certificate_choice_session_response"
+require_relative "smart_id_ruby/models/notification_signature_session_response"
+require_relative "smart_id_ruby/models/signature_response"
+require_relative "smart_id_ruby/models/certificate_choice_response"
+require_relative "smart_id_ruby/models/session_status"
+require_relative "smart_id_ruby/flows/base_builder"
+require_relative "smart_id_ruby/flows/device_link_authentication_session_request_builder"
+require_relative "smart_id_ruby/flows/notification_authentication_session_request_builder"
+require_relative "smart_id_ruby/flows/device_link_signature_session_request_builder"
+require_relative "smart_id_ruby/flows/notification_signature_session_request_builder"
+require_relative "smart_id_ruby/flows/device_link_certificate_choice_session_request_builder"
+require_relative "smart_id_ruby/flows/notification_certificate_choice_session_request_builder"
+require_relative "smart_id_ruby/flows/linked_notification_signature_session_request_builder"
+require_relative "smart_id_ruby/flows/certificate_by_document_number_request_builder"
+require_relative "smart_id_ruby/validation/signature_value_validator"
+require_relative "smart_id_ruby/validation/signature_payload_builder"
+require_relative "smart_id_ruby/validation/trusted_ca_cert_store"
+require_relative "smart_id_ruby/validation/certificate_validator"
+require_relative "smart_id_ruby/validation/authentication_certificate_validator"
+require_relative "smart_id_ruby/validation/authentication_identity_mapper"
+require_relative "smart_id_ruby/validation/error_result_handler"
+require_relative "smart_id_ruby/validation/base_authentication_response_validator"
+require_relative "smart_id_ruby/validation/device_link_authentication_response_validator"
+require_relative "smart_id_ruby/validation/notification_authentication_response_validator"
+require_relative "smart_id_ruby/validation/signature_response_validator"
+require_relative "smart_id_ruby/validation/certificate_choice_response_validator"