ELECTRONIC SIGNATURE ICR (4955)

Name

Value

NUMBER

4955

IA #

4955

CUSTODIAL PACKAGE

ELECTRONIC SIGNATURE

USAGE

Supported

TYPE

Other

DBIC APPROVAL STATUS

APPROVED

NAME

ELECTRONIC SIGNATURE

GENERAL DESCRIPTION

As HealtheVet-VistA developers migrate VistA
applications to modern technologies, interim solutions may be required until
enterprise solutions are mature and stable. The Electronic Signature (ESig)
service provides an interim solution for the use of electronic codes in place
of wet signatures while HealtheVet-VistA s security infrastructure and
architecture are being defined. The service duplicates for Java applications
(J2EE or J2SE) the Kernel 8.0 electronic signature functionality currently
used by VistA/M applications.

ESig furnishes a standard, consistent set of APIs that HealtheVet-VistA
developers can implement to provide users access to electronic signature data
stored on VistA/M systems. ESig APIs make calls from Java applications to
VistA/M systems to retrieve, validate, and store office phone, etc.).
Additional Java APIs provide encoding/decoding, hash, and checksum calculation
utilities, but do not interact with the VistA/M system.

This integration agreement describes the supported ESig Java APIs that are
contained in the esig-x.x.x.xxx.jar file. This JAR file can be included in a
HealtheVet package distribution.

SUMMARY

JAR: esig-x.x.x.xxx.jar
Package: gov.va.med.esig.utilities

Class: ESigDataAccess
Methods: isDefined
getESigCode
saveESigCode
getESigData
saveESigData

Class: ESigEncryption
Methods: checksum
encrypt
decrypt
hash

Class: ESigValidation
Methods: isValid
isValidFormat

STATUS

Active

COMPONENT/ENTRY POINT

COMPONENT/ENTRY POINT	COMPONENT DESCRIPTION
isDefined(VistaLinkConnection)	The isDefined method returns true if the user has an electronic signature code defined on the M server. Class: gov.va.med.esig.utilities.ESigDataAccess Method: public static final boolean isDefined (gov.va.med.vistalink.adapter.cci.VistaLinkConnection connection) throws ESigConnectionException, ESigNotAValidUserException Parameters: connection - The VistaLinkConnection handle. Returns: true if the user has an Electronic Signature Code defined on the M server. Throws: ESigConnectionException - if the RPC request fails. ESigNotAValidUserException - if the DUZ of the user does not correspond to a valid entry in the New Person file. Example: try { if (ESigDataAccess.isDefined(myConnection)) { System.out.println("Your electronic signature code is defined on the M server."); } else { System.out.println("You currently have no electronic signature code defined."); } } catch (FoundationsException e) { System.out.println(e.getMessage()); }
getESigCode(VistaLinkConnection)	The getESigCode method retrieves the encrypted electronic signature code from the M server. Class: gov.va.med.esig.utilities.ESigDataAccess Method: public static final java.lang.String getESigCode (gov.va.med.vistalink.adapter.cci.VistaLinkConnection connection) throws ESigConnectionException, ESigNotAValidUserException Parameters: connection - The VistaLinkConnection handle. Returns: A String that contains the user's encrypted Electronic Signature Code. Throws: ESigConnectionException - if the RPC request fails. ESigNotAValidUserException - if the DUZ of the user does not correspond to a valid entry in the New Person file. Example: try { String eSig = ESigDataAccess.getESigCode(myConnection); System.out.println(" ESig obtained from VistA: " + eSig); } catch (Exception e) { System.out.println(e.getMessage()); }
saveESigCode(char[] or String, VistaLinkConnection)	The overloaded saveESigCode method take the unencrypted electronic signature code either in a character array or a String, and saves the encrypted form of the electronic signature code in the New Person file on the M server. Class: gov.va.med.esig.utilities.ESigDataAccess Method: public static final void saveESigCode(char[] eSigCode, gov.va.med.vistalink.adapter.cci.VistaLinkConnection connection) throws ESigConnectionException, ESigNotAValidUserException, ESigUnchangedElectronicSignatureException, ESigInvalidFormatException public static final void saveESigCode(java.lang.String eSigCode, gov.va.med.vistalink.adapter.cci.VistaLinkConnection connection) throws ESigConnectionException, ESigNotAValidUserException, ESigUnchangedElectronicSignatureException, ESigInvalidFormatException Parameters: eSigCode - An array of characters or a String that contains the user-supplied (unencrypted) electronic signature code. connection - The VistaLinkConnection handle. Throws: ESigConnectionException - if the RPC request fails. ESigNotAValidUserException - if the DUZ of the user does not correspond to a valid entry in the New Person file. ESigUnchangedElectronicSignatureException - if the electronic signature on the M server is the same as the electronic signature code passed in. ESigInvalidFormatException - if the format of the electronic signature code passed in is not valid. VistA electronic signatures codes must be between 6 and 20 characters in length, and cannot contain control characters. That is, they must contain only the printable characters in the 7-bit ASCII character set, decimal ASCII values 32 through 126 Example: try { String esig = "NEW ESIG VALUE"; System.out.println("Value attempting to save: " + esig); ESigDataAccess.saveESigCode(esig, myConnection); System.out.println("Value " + esig + " saved successfully."); } catch (Exception e) { System.out.println(e.getMessage()); }
getESigData(VistaLinkConnection)	The getESigData method obtains other electronic signature related data from the M server and returns it in a HashMap. The key values in the HashMap are: - initial - signature block printed name - signature block title - office phone - voice pager - digital pager Class: gov.va.med.esig.utilities.ESigDataAccess Method: public static final java.util.HashMap getESigData (gov.va.med.vistalink.adapter.cci.VistaLinkConnection connection) throws ESigConnectionException, ESigNotAValidUserException Parameters: connection - The VistaLinkConnection handle. Returns: A HashMap that contains the user's data. Throws: ESigConnectionException - if the RPC request fails. ESigNotAValidUserException - if the DUZ of the user does not correspond to a valid entry in the New Person file. Example: Map oldValues = null try { oldValues = ESigDataAccess.getESigData(myConnection); System.out.println("Values of Map returned:"); System.out.println(" INITIAL: " + oldValues.get("initial")); System.out.println("SIGNATURE BLOCK PRINTED NAME: " + oldValues.get("signature block printed name")); System.out.println(" SIGNATURE BLOCK TITLE: " + oldValues.get("signature block title")); System.out.println(" OFFICE PHONE: " + oldValues.get("office phone")); System.out.println(" VOICE PAGER: " + oldValues.get("voice pager")); System.out.println(" DIGITAL PAGER: " + oldValues.get("digital pager")); } catch (Exception e) { System.out.println(e.getMessage()); }
saveESigData(Map, VistaLinkConnection)	The saveESigData method accepts the following values in a Map, and saves the values in the New Person file on the M server: - initial - signature block printed name - signature block title - office phone - voice pager - digital pager Class: gov.va.med.esig.utilities.ESigDataAccess Method: public static final void saveESigData(java.util.Map values, gov.va.med.vistalink.adapter.cci.VistaLinkConnection connection) throws ESigConnectionException, ESigNotAValidUserException, ESigInvalidFormatException Parameters: values - The values passed in a HashMap connection - The VistaLinkConnection handle. Throws: ESigConnectionException - if the RPC request fails. ESigNotAValidUserException - if the DUZ of the user does not correspond to a valid entry in the New Person file. ESigInvalidFormatException - if the format of any of the data passed in is not valid. In this case, none of the data is filed. Example: HashMap newValues = new HashMap(); newValues.put("initial", "TAS"); newValues.put("signature block printed name", "Test A. Smith"); newValues.put("signature block title", "Dietician"); newValues.put("office phone", "(123) 123-4567"); newValues.put("voice pager", "(234) 234-5678"); newValues.put("digital pager", "(345) 345-6789"); try { ESigDataAccess.saveESigData(newValues, myConnection); LOGGER.info("New values saved successfully."); } catch (Exception e) { System.out.println(e.getMessage()); }
checksum(String)	The checksum method calculates a checksum number for a String using the same algorithm as the Kernel $$CHKSUM^XUSESIG1 function. Class: gov.va.med.esig.utilities.ESigEncryption Method: public static final java.lang.String checksum (java.lang.String document) Parameters: document - A String containing the document for which to calculate a checksum value. Returns: The checksum value. Example: String aDocument = "This is a sample document.\nA second line.\n"; String checksum = ESigEncryption.checksum(aDocument); System.out.println(" Java checksum: " + checksum); System.out.println(" aDocument:\n" + aDocument);
encrypt(String, double, double)	This method encrypts a String using the same algorithm as the Kernel EN^XUSHSHP entry point. Class: gov.va.med.esig.utilities.ESigEncryption Method: public static final java.lang.String encrypt(java.lang.String text, double idNumber, double docNumber) Parameters: text - The String to be encrypted. idNumber - An identification number, such as DUZ. docNumber - A document number (or the number one). Returns: The encrypted version of the input String. Example: String aStringToEncrypt = "John A. Smith, MD"; double id = 101.0; double doc = 53684791; String encryptedText = ESigEncryption.encrypt(aStringToEncrypt, id, doc); System.out.println(" aString: " + aStringToEncrypt); System.out.println(" Java encrypted value: " + encryptedText);
decrypt(String, double, double)	This method decrypts a String using the same algorithm as the Kernel DE^XUSHSHP entry point. Class: gov.va.med.esig.utilities.ESigEncryption Method: public static final java.lang.String decrypt(java.lang.String text, double idNumber, double docNumber) Parameters: text - The String to be decrypted. idNumber - The identification number used as the idNumber input parameter to the encrypt call. docNumber - The document numbers used as the docNumber input parameter to the encrypt call. Returns: The decrypted version of the input String. Example: String decryptedText = ESigEncryption.decrypt(encryptedText, id, doc); System.out.println(" aString: " + encryptedText); System.out.println(" Java decrypted value: " + decryptedText);
hash(String or char[])	This overloaded method hashes a String or characters in a character array using the same algorithm as the Kernel HASH^XUSHSHP entry point. This method is used to hash an electronic signature code entered by the user. Class: gov.va.med.esig.utilities.ESigEncryption Method: public static final java.lang.String hash(java.lang.String text) public static final java.lang.String hash(char[] text) Parameters: text - The text to hash, contained in a String or character array. Returns: A String that is the hashed form of the text in the input array. Example: String aString = "AnESigForTesting"; String hashedText = ESigEncryption.hash(aString); System.out.println(" aString: " + aString); System.out.println(" Java hashed string: " + hashedText);
isValid(char[] or String, VistaLinkConnection)	The overloaded isValid method validates a user-supplied electronic signature code against the electronic signature code stored in the New Person file (#200) on the M server. It returns true if the electronic signature code passed matches the code stored on the M server. A VistALink connection is assumed, and the VistaLinkConnection object must be passed to the method along with the electronic signature code being validated. Class: gov.va.med.esig.utilities.ESigValidation Method: public static final boolean isValid(char[] code, gov.va.med.vistalink.adapter.cci.VistaLinkConnection connection) throws ESigConnectionException, ESigNotAValidUserException, ESigNoElectronicSignatureDefinedException public static final boolean isValid(java.lang.String code, gov.va.med.vistalink.adapter.cci.VistaLinkConnection connection) throws ESigConnectionException, ESigNotAValidUserException, ESigNoElectronicSignatureDefinedException Parameters: code - A character array or String containing the unencrypted user-supplied electronic signature code. connection - The VistaLinkConnection handle. Returns: true if the electronic signature code matches the code store on the M server. Throws: ESigConnectionException - if an error occurred while attempting to make an RPC call on the M server. ESigNotAValidUserException - if the user identified by DUZ on the M server does not correspond to an entry in the New Person file. ESigNoElectronicSignatureDefinedException - if the user has no electronic signature defined on the M server. Example: try { boolean valid = ESigValidation.isValid(userESig.toCharArray(), myConnection); if (valid) { System.out.println("Electronic signature code is valid."); } else { System.out.pritnln("Electronic signature is not valid."); } } catch (ESigConnectionException e) { System.out.println(e.getMessage()); } catch (ESigNotAValidUserException e) { System.out.println(e.getMessage()); } catch (ESigNoElectronicSignatureDefinedException e) { System.out.println(e.getMessage()); }
isValidFormat(char[] or String)	The overloaded isValidFormat method checks whether the format of the user-supplied electronic signature code is valid. Electronic signatures codes must be between 6 and 20 characters in length, and cannot contain control characters; that is, they must contain only the printable characters in the 7-bit ASCII character set, decimal ASCII values 32 through 126. Class: gov.va.med.esig.utilities.ESigValidation Method: public static final boolean isValidFormat(char[] code) public static final boolean isValidFormat(java.lang.String code) Parameters: code - A character array containing the unencrypted user-supplied electronic signature code. Returns: true if the format of the electronic signature code is valid. Example: String[] validESigCodes = { "6CHARS", "LENGTH 20 CHARACTERS", "`~!@#$%^&*()-_=+", "[]\\{}\|;:'\",./<>?", "VALID_INCL.PUNC" }; String[] invalidESigCodes = { "SHORT", "", "THIS ELECTRONIC SIGNATURE IS TOO LONG", "Invalid mixed case", }; System.out.println(" Valid e-sig codes:"); for (int i = 0; i < validESigCodes.length; i++) { System.out.println(" " + validESigCodes[i]); System.out.println(" --> " + (ESigValidation.isValidFormat(validESigCodes[i]) ? "valid" : "invalid")); } System.out.println(""); System.out.println(" Invalid e-sig codes:"); for (int i = 0; i < invalidESigCodes.length; i++) { if (invalidESigCodes[i].equals("")) { System.out.println(" <null> string"); } else { System.out.println(" " + invalidESigCodes[i]); } System.out.println(" --> " + (ESigValidation.isValidFormat(invalidESigCodes[i]) ? "valid" : "invalid")); } DATE ACTIVATED: JAN 22, 2007