Search in sources :

Example 1 with JseCryptoHelper

use of es.gob.jmulticard.JseCryptoHelper in project jmulticard by ctt-gob-es.

the class SmartCafeKeyStoreImpl method engineLoad.

/**
 * {@inheritDoc}
 */
@Override
public void engineLoad(final KeyStore.LoadStoreParameter param) throws IOException {
    final ApduConnection conn = new es.gob.jmulticard.jse.smartcardio.SmartcardIoConnection();
    this.cryptoCard = new SmartCafePkcs15Applet(conn, new JseCryptoHelper());
    if (param != null) {
        final ProtectionParameter pp = param.getProtectionParameter();
        if (pp instanceof KeyStore.CallbackHandlerProtection) {
            if (((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler() == null) {
                // $NON-NLS-1$
                throw new IllegalArgumentException("El CallbackHandler no puede ser nulo");
            }
            this.cryptoCard.setCallbackHandler(((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler());
        } else if (pp instanceof KeyStore.PasswordProtection) {
            final PasswordCallback pwc = new CachePasswordCallback(((PasswordProtection) pp).getPassword());
            this.cryptoCard.setPasswordCallback(pwc);
        } else {
            LOGGER.warning(// $NON-NLS-1$ //$NON-NLS-2$
            "Se ha proporcionado un LoadStoreParameter de tipo no soportado, se ignorara: " + (pp != null ? pp.getClass().getName() : "NULO"));
        }
    }
    this.aliases = Arrays.asList(this.cryptoCard.getAliases());
}
Also used : SmartCafePkcs15Applet(es.gob.jmulticard.card.gide.smartcafe.SmartCafePkcs15Applet) PasswordProtection(java.security.KeyStore.PasswordProtection) KeyStore(java.security.KeyStore) PasswordCallback(javax.security.auth.callback.PasswordCallback) JseCryptoHelper(es.gob.jmulticard.JseCryptoHelper) ApduConnection(es.gob.jmulticard.apdu.connection.ApduConnection) PasswordProtection(java.security.KeyStore.PasswordProtection) ProtectionParameter(java.security.KeyStore.ProtectionParameter)

Example 2 with JseCryptoHelper

use of es.gob.jmulticard.JseCryptoHelper in project jmulticard by ctt-gob-es.

the class CeresKeyStoreImpl method engineLoad.

/**
 * {@inheritDoc}
 */
@Override
public void engineLoad(final KeyStore.LoadStoreParameter param) throws IOException {
    if (param != null) {
        final ProtectionParameter pp = param.getProtectionParameter();
        if (pp instanceof KeyStore.CallbackHandlerProtection) {
            if (((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler() == null) {
                // $NON-NLS-1$
                throw new IllegalArgumentException("El CallbackHandler no puede ser nulo");
            }
            this.cryptoCard = new Ceres(CeresProvider.getDefaultApduConnection(), new JseCryptoHelper());
            this.cryptoCard.setCallbackHandler(((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler());
        } else if (pp instanceof KeyStore.PasswordProtection) {
            final PasswordCallback pwc = new CeresPasswordCallback((PasswordProtection) pp);
            this.cryptoCard = new Ceres(CeresProvider.getDefaultApduConnection(), new JseCryptoHelper());
            this.cryptoCard.setPasswordCallback(pwc);
        } else {
            // $NON-NLS-1$
            Logger.getLogger("es.gob.jmulticard").warning(// $NON-NLS-1$ //$NON-NLS-2$
            "Se ha proporcionado un LoadStoreParameter de tipo no soportado, se ignorara: " + (pp != null ? pp.getClass().getName() : "NULO"));
        }
    } else {
        this.cryptoCard = new Ceres(CeresProvider.getDefaultApduConnection(), new JseCryptoHelper());
    }
    userCertAliases = Arrays.asList(this.cryptoCard.getAliases());
}
Also used : Ceres(es.gob.jmulticard.card.fnmt.ceres.Ceres) PasswordProtection(java.security.KeyStore.PasswordProtection) PasswordCallback(javax.security.auth.callback.PasswordCallback) JseCryptoHelper(es.gob.jmulticard.JseCryptoHelper) KeyStore(java.security.KeyStore) PasswordProtection(java.security.KeyStore.PasswordProtection) ProtectionParameter(java.security.KeyStore.ProtectionParameter)

Example 3 with JseCryptoHelper

use of es.gob.jmulticard.JseCryptoHelper in project jmulticard by ctt-gob-es.

the class DnieKeyStoreImpl method engineLoad.

/**
 * {@inheritDoc}
 */
@Override
public void engineLoad(final InputStream stream, final char[] password) throws IOException {
    // Ponemos la conexion por defecto
    final ApduConnection conn;
    try {
        conn = DnieProvider.getDefaultApduConnection() == null ? // $NON-NLS-1$
        (ApduConnection) Class.forName("es.gob.jmulticard.jse.smartcardio.SmartcardIoConnection").getConstructor().newInstance() : DnieProvider.getDefaultApduConnection();
    } catch (final Exception e) {
        // $NON-NLS-1$
        throw new IllegalStateException("No hay una conexion de APDU por defecto: " + e);
    }
    // Aqui se realiza el acceso e inicializacion del DNIe
    this.cryptoCard = DnieFactory.getDnie(conn, password != null ? new CachePasswordCallback(password) : null, new JseCryptoHelper(), null);
    this.aliases = Arrays.asList(this.cryptoCard.getAliases());
}
Also used : JseCryptoHelper(es.gob.jmulticard.JseCryptoHelper) ApduConnection(es.gob.jmulticard.apdu.connection.ApduConnection) AuthenticationModeLockedException(es.gob.jmulticard.card.AuthenticationModeLockedException) CryptoCardException(es.gob.jmulticard.card.CryptoCardException) BadPinException(es.gob.jmulticard.card.BadPinException) ProviderException(java.security.ProviderException) IOException(java.io.IOException) PinException(es.gob.jmulticard.card.PinException)

Example 4 with JseCryptoHelper

use of es.gob.jmulticard.JseCryptoHelper in project jmulticard by ctt-gob-es.

the class PaceInitializerMrz method getMrzPswd.

/**
 * Calcula el valor de inicialización partiendo de una MRZ.
 * Siguiendo la especificaci&oacute;n ICAO 9303:<br>
 * <code>KDF&pi;(&pi;) = KDF(f(&pi;),3)</code><br>
 * <code>K= f(&pi;) = SHA-1(Serial Number || Date of Birth || Date of Expiry)</code><br>
 * En este m&eacute;todo se genera el valor de K que deber&aacute; posteriormente ser
 * pasado como par&aacute;metro de la funci&oacute;n KDF(K,3) para generar la contrase&ntilde;a.
 * @param mrz MRZ completa.
 * @return K Valor de inicializaci&oacute;n.
 * @throws IOException Si no se puede obtener el valor.
 */
private static byte[] getMrzPswd(final String mrz) throws IOException {
    final MrzInfoData mrzData = parseMrzInfo(mrz);
    final byte[] numberBytes = mrzData.getNumber().getBytes();
    final byte[] birthBytes = mrzData.getBirth().getBytes();
    final byte[] expiryBytes = mrzData.getExpiry().getBytes();
    final byte[] concatenation = HexUtils.concatenateByteArrays(numberBytes, mrzData.getNumberCheck(), birthBytes, mrzData.getBirthCheck(), expiryBytes, mrzData.getExpiryCheck());
    final CryptoHelper cryptoHelper = new JseCryptoHelper();
    return cryptoHelper.digest(CryptoHelper.DigestAlgorithm.SHA1, concatenation);
}
Also used : JseCryptoHelper(es.gob.jmulticard.JseCryptoHelper) CryptoHelper(es.gob.jmulticard.CryptoHelper) JseCryptoHelper(es.gob.jmulticard.JseCryptoHelper)

Example 5 with JseCryptoHelper

use of es.gob.jmulticard.JseCryptoHelper in project jmulticard by ctt-gob-es.

the class DnieNFC method getPaceConnection.

private static ApduConnection getPaceConnection(final ApduConnection con, final CallbackHandler ch) throws ApduConnectionException, PaceException {
    // Primero obtenemos el CAN/MRZ
    Callback tic = new CustomTextInputCallback();
    SecureMessaging sm = null;
    boolean wrongInit = true;
    int counter = 0;
    paceInitValue = null;
    paceInitType = null;
    while (wrongInit) {
        // El contador permite hacer dos verificaciones del can por si en la primera no se hubiera reseteado la tarjeta
        if (paceInitValue == null || paceInitType == null || counter > 0) {
            try {
                ch.handle(new Callback[] { tic });
            } catch (final Exception e) {
                // $NON-NLS-1$
                throw new PaceException("Error obteniendo el CAN: " + e, e);
            }
            paceInitValue = ((CustomTextInputCallback) tic).getText();
            // Se obtiene el tipo de inicializador analizando el valor introducido.
            paceInitType = getPasswordType(paceInitValue);
            if (paceInitValue == null || paceInitValue.isEmpty() || paceInitType == null) {
                // $NON-NLS-1$
                throw new InvalidCanException("El CAN/MRZ no puede ser nulo ni vacio");
            }
        }
        try {
            final PaceInitializer paceInitializer;
            switch(paceInitType) {
                case MRZ:
                    paceInitializer = PaceInitializerMrz.deriveMrz(paceInitValue);
                    break;
                case CAN:
                    paceInitializer = new PaceInitializerCan(paceInitValue);
                    break;
                default:
                    throw new UnsupportedOperationException(// $NON-NLS-1$
                    "Tipo de inicializador PACE no soportado: " + paceInitType);
            }
            sm = PaceChannelHelper.openPaceChannel((byte) 0x00, paceInitializer, con, new JseCryptoHelper());
            // En caso de establecer correctamente el canal inicializamos el contador para que
            // siempre obtenga el can mediante el callback
            counter = 0;
            wrongInit = false;
        } catch (final PaceException e) {
            // $NON-NLS-1$
            Logger.getLogger("es.gob.jmulticard").warning(// $NON-NLS-1$
            "Error estableciendo canal PACE (probablemente por CAN/MRZ invalido): " + e);
            // Si el CAN/MRZ es incorrecto modificamos el mensaje del dialogo y volvemos a pedirlo
            wrongInit = true;
            tic = new CustomTextInputCallback();
            counter++;
        }
    }
    // Establecemos el canal PACE
    return new PaceConnection(con, new JseCryptoHelper(), sm);
}
Also used : SecureMessaging(es.gob.jmulticard.de.tsenger.androsmex.iso7816.SecureMessaging) PaceInitializerCan(es.gob.jmulticard.card.pace.PaceInitializerCan) PaceConnection(es.gob.jmulticard.card.pace.PaceConnection) ApduConnectionException(es.gob.jmulticard.apdu.connection.ApduConnectionException) InvalidCanException(es.gob.jmulticard.card.pace.InvalidCanException) CryptoCardException(es.gob.jmulticard.card.CryptoCardException) PaceException(es.gob.jmulticard.card.pace.PaceException) PinException(es.gob.jmulticard.card.PinException) PaceException(es.gob.jmulticard.card.pace.PaceException) InvalidCanException(es.gob.jmulticard.card.pace.InvalidCanException) PasswordCallback(javax.security.auth.callback.PasswordCallback) Callback(javax.security.auth.callback.Callback) PaceInitializer(es.gob.jmulticard.card.pace.PaceInitializer) JseCryptoHelper(es.gob.jmulticard.JseCryptoHelper)

Aggregations

JseCryptoHelper (es.gob.jmulticard.JseCryptoHelper)13 CommandApdu (es.gob.jmulticard.apdu.CommandApdu)4 ApduConnection (es.gob.jmulticard.apdu.connection.ApduConnection)4 Test (org.junit.Test)4 CryptoCardException (es.gob.jmulticard.card.CryptoCardException)3 PinException (es.gob.jmulticard.card.PinException)3 PasswordCallback (javax.security.auth.callback.PasswordCallback)3 ApduEncrypter (es.gob.jmulticard.apdu.connection.ApduEncrypter)2 ApduEncrypterDes (es.gob.jmulticard.apdu.connection.ApduEncrypterDes)2 AuthenticationModeLockedException (es.gob.jmulticard.card.AuthenticationModeLockedException)2 BadPinException (es.gob.jmulticard.card.BadPinException)2 Ceres (es.gob.jmulticard.card.fnmt.ceres.Ceres)2 SmartCafePkcs15Applet (es.gob.jmulticard.card.gide.smartcafe.SmartCafePkcs15Applet)2 PaceConnection (es.gob.jmulticard.card.pace.PaceConnection)2 PaceInitializer (es.gob.jmulticard.card.pace.PaceInitializer)2 PaceInitializerCan (es.gob.jmulticard.card.pace.PaceInitializerCan)2 SecureMessaging (es.gob.jmulticard.de.tsenger.androsmex.iso7816.SecureMessaging)2 IOException (java.io.IOException)2 KeyStore (java.security.KeyStore)2 PasswordProtection (java.security.KeyStore.PasswordProtection)2