Example 1 with ACLList
use of iso.std.iso_iec._24727.tech.schema.ACLList in project open-ecard by ecsec.
the class TinySAL method aclList.
/**
* The ACLList function returns the access control list for the stated target object (card application, data set, DID).
* See BSI-TR-03112-4, version 1.1.2, section 3.7.1.
*
* @param request ACLList
* @return ACLListResponse
*/
@Publish
@Override
public ACLListResponse aclList(ACLList request) {
ACLListResponse response = WSHelper.makeResponse(ACLListResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
TargetNameType targetName = request.getTargetName();
Assert.assertIncorrectParameter(targetName, "The parameter TargetName is empty.");
// get the target values, according to the schema only one must exist, we pick the first existing ;-)
byte[] targetAppId = targetName.getCardApplicationName();
String targetDataSet = targetName.getDataSetName();
String targetDid = targetName.getDIDName();
CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
byte[] handleAppId = connectionHandle.getCardApplication();
if (targetDataSet != null) {
DataSetInfoType dataSetInfo = cardInfoWrapper.getDataSet(targetDataSet, handleAppId);
Assert.assertNamedEntityNotFound(dataSetInfo, "The given DataSet cannot be found.");
response.setTargetACL(cardInfoWrapper.getDataSet(targetDataSet, handleAppId).getDataSetACL());
} else if (targetDid != null) {
DIDInfoType didInfo = cardInfoWrapper.getDIDInfo(targetDid, handleAppId);
Assert.assertNamedEntityNotFound(didInfo, "The given DIDInfo cannot be found.");
// TODO Check security condition ?
response.setTargetACL(cardInfoWrapper.getDIDInfo(targetDid, handleAppId).getDIDACL());
} else if (targetAppId != null) {
CardApplicationWrapper cardApplication = cardInfoWrapper.getCardApplication(targetAppId);
Assert.assertNamedEntityNotFound(cardApplication, "The given CardApplication cannot be found.");
Assert.securityConditionApplication(cardStateEntry, targetAppId, AuthorizationServiceActionName.ACL_LIST);
response.setTargetACL(cardInfoWrapper.getCardApplication(targetAppId).getCardApplicationACL());
} else {
throw new IncorrectParameterException("The given TargetName is invalid.");
}
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
Also used :
ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)
TargetNameType(iso.std.iso_iec._24727.tech.schema.TargetNameType)
CardStateEntry(org.openecard.common.sal.state.CardStateEntry)
CardInfoWrapper(org.openecard.common.sal.state.cif.CardInfoWrapper)
ACLListResponse(iso.std.iso_iec._24727.tech.schema.ACLListResponse)
PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException)
NameExistsException(org.openecard.common.sal.exception.NameExistsException)
AddonNotFoundException(org.openecard.addon.AddonNotFoundException)
ThreadTerminateException(org.openecard.common.ThreadTerminateException)
ECardException(org.openecard.common.ECardException)
NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException)
UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException)
IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException)
InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException)
TLVException(org.openecard.common.tlv.TLVException)
SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException)
UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException)
ECardException(org.openecard.common.ECardException)
DIDInfoType(iso.std.iso_iec._24727.tech.schema.DIDInfoType)
DataSetInfoType(iso.std.iso_iec._24727.tech.schema.DataSetInfoType)
CardApplicationWrapper(org.openecard.common.sal.state.cif.CardApplicationWrapper)
IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException)
Publish(org.openecard.common.interfaces.Publish)
Example 2 with ACLList
use of iso.std.iso_iec._24727.tech.schema.ACLList in project open-ecard by ecsec.
the class DataSetInfo method getACL.
public AccessControlListType getACL() throws WSHelper.WSException {
ACLList req = new ACLList();
req.setConnectionHandle(didInfos.getHandle(application));
req.setTargetName(datasetNameTarget);
ACLListResponse res = (ACLListResponse) didInfos.getDispatcher().safeDeliver(req);
WSHelper.checkResult(res);
return res.getTargetACL();
}
Also used :
ACLList(iso.std.iso_iec._24727.tech.schema.ACLList)
ACLListResponse(iso.std.iso_iec._24727.tech.schema.ACLListResponse)
Example 3 with ACLList
use of iso.std.iso_iec._24727.tech.schema.ACLList in project open-ecard by ecsec.
the class DidInfo method getACL.
public AccessControlListType getACL() throws WSHelper.WSException {
ACLList req = new ACLList();
req.setConnectionHandle(didInfos.getHandle(application));
req.setTargetName(didTarget);
ACLListResponse res = (ACLListResponse) didInfos.getDispatcher().safeDeliver(req);
WSHelper.checkResult(res);
return res.getTargetACL();
}
Also used :
ACLList(iso.std.iso_iec._24727.tech.schema.ACLList)
ACLListResponse(iso.std.iso_iec._24727.tech.schema.ACLListResponse)
Example 4 with ACLList
use of iso.std.iso_iec._24727.tech.schema.ACLList in project open-ecard by ecsec.
the class TinySALTest method testAclList.
/**
* Test of aclList method, of class TinySAL.
*/
@Test(enabled = TESTS_ENABLED)
public void testAclList() {
System.out.println("aclList");
// get path to esign
CardApplicationPath cardApplicationPath = new CardApplicationPath();
CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
cardApplicationPathType.setCardApplication(appIdentifier_ESIGN);
cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
// connect to esign
CardApplicationConnect cardApplicationConnect = new CardApplicationConnect();
cardApplicationConnect.setCardApplicationPath(cardApplicationPathResponse.getCardAppPathResultSet().getCardApplicationPathResult().get(0));
CardApplicationConnectResponse result = instance.cardApplicationConnect(cardApplicationConnect);
assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
ACLList aclList = new ACLList();
aclList.setConnectionHandle(result.getConnectionHandle());
TargetNameType targetName = new TargetNameType();
targetName.setCardApplicationName(appIdentifier_ESIGN);
aclList.setTargetName(targetName);
ACLListResponse aclListResponse = instance.aclList(aclList);
assertEquals(aclListResponse.getResult().getResultMajor(), ECardConstants.Major.OK);
assertTrue(aclListResponse.getTargetACL().getAccessRule().size() > 0);
// test null connectionhandle
aclList = new ACLList();
aclList.setConnectionHandle(null);
targetName = new TargetNameType();
targetName.setCardApplicationName(appIdentifier_ESIGN);
aclList.setTargetName(targetName);
aclListResponse = instance.aclList(aclList);
assertEquals(ECardConstants.Major.ERROR, aclListResponse.getResult().getResultMajor());
assertEquals(ECardConstants.Minor.App.INCORRECT_PARM, aclListResponse.getResult().getResultMinor());
// test missing targetname
aclList = new ACLList();
aclList.setConnectionHandle(null);
targetName = new TargetNameType();
aclList.setTargetName(targetName);
aclListResponse = instance.aclList(aclList);
assertEquals(ECardConstants.Major.ERROR, aclListResponse.getResult().getResultMajor());
assertEquals(ECardConstants.Minor.App.INCORRECT_PARM, aclListResponse.getResult().getResultMinor());
// test invalid applicationIdentifier
aclList = new ACLList();
aclList.setConnectionHandle(result.getConnectionHandle());
targetName = new TargetNameType();
targetName.setCardApplicationName(new byte[] { 0x0, 0x0, 0x0 });
aclList.setTargetName(targetName);
aclListResponse = instance.aclList(aclList);
assertEquals(ECardConstants.Major.ERROR, aclListResponse.getResult().getResultMajor());
assertEquals(ECardConstants.Minor.SAL.NAMED_ENTITY_NOT_FOUND, aclListResponse.getResult().getResultMinor());
// test invalid connectionhandle
aclList = new ACLList();
aclList.setConnectionHandle(result.getConnectionHandle());
aclList.getConnectionHandle().setIFDName("invalid");
targetName = new TargetNameType();
targetName.setCardApplicationName(appIdentifier_ESIGN);
aclList.setTargetName(targetName);
aclListResponse = instance.aclList(aclList);
assertEquals(ECardConstants.Major.ERROR, aclListResponse.getResult().getResultMajor());
assertEquals(ECardConstants.Minor.App.INCORRECT_PARM, aclListResponse.getResult().getResultMinor());
}
Also used :
CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)
TargetNameType(iso.std.iso_iec._24727.tech.schema.TargetNameType)
CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath)
CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse)
ACLList(iso.std.iso_iec._24727.tech.schema.ACLList)
CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)
ACLListResponse(iso.std.iso_iec._24727.tech.schema.ACLListResponse)
CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)
Test(org.testng.annotations.Test)
Example 5 with ACLList
use of iso.std.iso_iec._24727.tech.schema.ACLList in project open-ecard by ecsec.
the class ACLResolver method getUnsatisfiedDIDs.
public List<DIDStructureType> getUnsatisfiedDIDs(TargetNameType target) throws WSException, SecurityConditionUnsatisfiable {
// get the ACL first
ACLList aclReq = new ACLList();
aclReq.setConnectionHandle(handle);
aclReq.setTargetName(target);
ACLListResponse aclRes = (ACLListResponse) dispatcher.safeDeliver(aclReq);
WSHelper.checkResult(aclRes);
List<AccessRuleType> acls = aclRes.getTargetACL().getAccessRule();
List<DIDStructureType> dids = getMissingDids(acls, target);
return dids;
}
Also used :
ACLList(iso.std.iso_iec._24727.tech.schema.ACLList)
ACLListResponse(iso.std.iso_iec._24727.tech.schema.ACLListResponse)
AccessRuleType(iso.std.iso_iec._24727.tech.schema.AccessRuleType)
DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)
Aggregations
ACLListResponse (iso.std.iso_iec._24727.tech.schema.ACLListResponse)5
ACLList (iso.std.iso_iec._24727.tech.schema.ACLList)4
TargetNameType (iso.std.iso_iec._24727.tech.schema.TargetNameType)2
AccessRuleType (iso.std.iso_iec._24727.tech.schema.AccessRuleType)1
CardApplicationConnect (iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)1
CardApplicationConnectResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)1
CardApplicationPath (iso.std.iso_iec._24727.tech.schema.CardApplicationPath)1
CardApplicationPathResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse)1
CardApplicationPathType (iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)1
ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)1
DIDInfoType (iso.std.iso_iec._24727.tech.schema.DIDInfoType)1
DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)1
DataSetInfoType (iso.std.iso_iec._24727.tech.schema.DataSetInfoType)1
AddonNotFoundException (org.openecard.addon.AddonNotFoundException)1
ECardException (org.openecard.common.ECardException)1
ThreadTerminateException (org.openecard.common.ThreadTerminateException)1
Publish (org.openecard.common.interfaces.Publish)1
InappropriateProtocolForActionException (org.openecard.common.sal.exception.InappropriateProtocolForActionException)1
IncorrectParameterException (org.openecard.common.sal.exception.IncorrectParameterException)1
NameExistsException (org.openecard.common.sal.exception.NameExistsException)1
