Search in sources :

Example 16 with CardApplicationConnectResponse

use of iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse in project open-ecard by ecsec.

the class SALFileUtils method selectApplication.

/**
 * Performs a CardApplicationConnect SAL call for the given handle.
 * The path part of the handle is used as a basis to connect the card.
 *
 * @param appId
 * @param handle
 * @return The handle of the card after performing the connect.
 * @throws org.openecard.common.WSHelper.WSException
 */
public ConnectionHandleType selectApplication(@Nonnull byte[] appId, @Nonnull ConnectionHandleType handle) throws WSException {
    CardApplicationConnect appConnectReq = new CardApplicationConnect();
    // copy path part of the handle and use it to identify the card
    CardApplicationPathType path = HandlerUtils.copyPath(handle);
    path.setCardApplication(appId);
    appConnectReq.setCardApplicationPath(path);
    CardApplicationConnectResponse resp = (CardApplicationConnectResponse) dispatcher.safeDeliver(appConnectReq);
    WSHelper.checkResult(resp);
    return resp.getConnectionHandle();
}
Also used : CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)

Example 17 with CardApplicationConnectResponse

use of iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse in project open-ecard by ecsec.

the class GenericCryptographyProtocolTest method testDIDGet.

@Test(enabled = TESTS_ENABLED)
public void testDIDGet() throws ParserConfigurationException {
    CardApplicationPath cardApplicationPath = new CardApplicationPath();
    CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
    cardApplicationPathType.setCardApplication(cardApplication);
    cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
    CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
    CardApplicationConnect parameters = new CardApplicationConnect();
    CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
    parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
    CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
    assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
    DIDList didList = new DIDList();
    didList.setConnectionHandle(result.getConnectionHandle());
    DIDQualifierType didQualifier = new DIDQualifierType();
    didQualifier.setApplicationIdentifier(cardApplication);
    didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
    didQualifier.setApplicationFunction("Compute-signature");
    didList.setFilter(didQualifier);
    DIDListResponse didListResponse = instance.didList(didList);
    assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
    DIDGet didGet = new DIDGet();
    didGet.setConnectionHandle(result.getConnectionHandle());
    didGet.setDIDName(didListResponse.getDIDNameList().getDIDName().get(0));
    didGet.setDIDScope(DIDScopeType.LOCAL);
    DIDGetResponse didGetResponse = instance.didGet(didGet);
    assertEquals(ECardConstants.Major.OK, didGetResponse.getResult().getResultMajor());
    org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
    assertEquals(cryptoMarker.getCertificateRefs().get(0).getDataSetName(), "EF.C.CH.AUT");
}
Also used : CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse) DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) DIDQualifierType(iso.std.iso_iec._24727.tech.schema.DIDQualifierType) DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse) CryptoMarkerType(iso.std.iso_iec._24727.tech.schema.CryptoMarkerType) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse) CardAppPathResultSet(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet) DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse) CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet) Test(org.testng.annotations.Test)

Example 18 with CardApplicationConnectResponse

use of iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse in project open-ecard by ecsec.

the class GenericCryptographyProtocolTest method testDecipher.

/**
 * Test for the Decipher Step of the Generic Cryptography protocol. After we connected to the ESIGN application
 * of the eGK, we use DIDList to get a List of DIDs that support the Decipher function. We then authenticate with
 * PIN.home and read the contents of the DIDs certificate. With it's public key we encrypt the contents of
 * plaintext.txt and finally let the card decrypt it through a call to Decipher. In the end we match the result with
 * the original plaintext.
 *
 * @throws Exception when something in this test went unexpectedly wrong
 */
@Test(enabled = TESTS_ENABLED)
public void testDecipher() throws Exception {
    CardApplicationPath cardApplicationPath = new CardApplicationPath();
    CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
    cardApplicationPathType.setCardApplication(cardApplication);
    cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
    CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
    WSHelper.checkResult(cardApplicationPathResponse);
    CardApplicationConnect parameters = new CardApplicationConnect();
    CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
    parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
    CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
    WSHelper.checkResult(result);
    assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
    DIDList didList = new DIDList();
    didList.setConnectionHandle(result.getConnectionHandle());
    DIDQualifierType didQualifier = new DIDQualifierType();
    didQualifier.setApplicationIdentifier(cardApplication);
    didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
    didQualifier.setApplicationFunction("Decipher");
    didList.setFilter(didQualifier);
    DIDListResponse didListResponse = instance.didList(didList);
    assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
    WSHelper.checkResult(didListResponse);
    DIDAuthenticate didAthenticate = new DIDAuthenticate();
    didAthenticate.setDIDName("PIN.home");
    PinCompareDIDAuthenticateInputType didAuthenticationData = new PinCompareDIDAuthenticateInputType();
    didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
    didAthenticate.setConnectionHandle(result.getConnectionHandle());
    didAthenticate.getConnectionHandle().setCardApplication(cardApplication_ROOT);
    didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
    didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
    DIDAuthenticateResponse didAuthenticateResult = instance.didAuthenticate(didAthenticate);
    WSHelper.checkResult(didAuthenticateResult);
    assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
    assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getAny().size(), 0);
    assertEquals(ECardConstants.Major.OK, didAuthenticateResult.getResult().getResultMajor());
    byte[] plaintextBytes = plaintext.getBytes();
    for (int numOfDIDs = 0; numOfDIDs < didListResponse.getDIDNameList().getDIDName().size(); numOfDIDs++) {
        String didName = didListResponse.getDIDNameList().getDIDName().get(numOfDIDs);
        DIDGet didGet = new DIDGet();
        didGet.setDIDName(didName);
        didGet.setDIDScope(DIDScopeType.LOCAL);
        didGet.setConnectionHandle(result.getConnectionHandle());
        didGet.getConnectionHandle().setCardApplication(cardApplication);
        DIDGetResponse didGetResponse = instance.didGet(didGet);
        org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
        ByteArrayOutputStream ciphertext = new ByteArrayOutputStream();
        // read the certificate
        DSIRead dsiRead = new DSIRead();
        dsiRead.setConnectionHandle(result.getConnectionHandle());
        dsiRead.getConnectionHandle().setCardApplication(cardApplication);
        dsiRead.setDSIName(cryptoMarker.getCertificateRefs().get(0).getDataSetName());
        DSIReadResponse dsiReadResponse = instance.dsiRead(dsiRead);
        assertEquals(ECardConstants.Major.OK, dsiReadResponse.getResult().getResultMajor());
        assertTrue(dsiReadResponse.getDSIContent().length > 0);
        // convert the contents to a certificate
        Certificate cert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(dsiReadResponse.getDSIContent()));
        Cipher cipher;
        int blocksize;
        String algorithmUri = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
        if (algorithmUri.equals(GenericCryptoUris.RSA_ENCRYPTION)) {
            cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(Cipher.ENCRYPT_MODE, cert);
            // keysize/8-pkcspadding = (2048)/8-11
            blocksize = 245;
        } else if (algorithmUri.equals(GenericCryptoUris.RSAES_OAEP)) {
            cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", new BouncyCastleProvider());
            cipher.init(Cipher.ENCRYPT_MODE, cert);
            blocksize = cipher.getBlockSize();
        } else {
            LOG.warn("Skipping decipher for the unsupported algorithmOID: {}", algorithmUri);
            continue;
        }
        int rest = plaintextBytes.length % blocksize;
        // encrypt block for block
        for (int offset = 0; offset < plaintextBytes.length; offset += blocksize) {
            if ((offset + blocksize) > plaintextBytes.length) {
                ciphertext.write(cipher.doFinal(plaintextBytes, offset, rest));
            } else {
                ciphertext.write(cipher.doFinal(plaintextBytes, offset, blocksize));
            }
        }
        Decipher decipher = new Decipher();
        decipher.setCipherText(ciphertext.toByteArray());
        decipher.setConnectionHandle(result.getConnectionHandle());
        decipher.getConnectionHandle().setCardApplication(cardApplication);
        decipher.setDIDName(didName);
        decipher.setDIDScope(DIDScopeType.LOCAL);
        DecipherResponse decipherResponse = instance.decipher(decipher);
        assertEquals(decipherResponse.getPlainText(), plaintextBytes);
        // test invalid ciphertext length (not divisible through blocksize without rest)
        decipher = new Decipher();
        decipher.setCipherText(ByteUtils.concatenate((byte) 0x00, ciphertext.toByteArray()));
        decipher.setConnectionHandle(result.getConnectionHandle());
        decipher.getConnectionHandle().setCardApplication(cardApplication);
        decipher.setDIDName(didName);
        decipher.setDIDScope(DIDScopeType.LOCAL);
        decipherResponse = instance.decipher(decipher);
        Result res = decipherResponse.getResult();
        assertEquals(res.getResultMajor(), ECardConstants.Major.ERROR);
        assertEquals(res.getResultMinor(), ECardConstants.Minor.App.INCORRECT_PARM);
    }
}
Also used : DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) PinCompareDIDAuthenticateInputType(iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType) CardAppPathResultSet(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet) DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse) Result(oasis.names.tc.dss._1_0.core.schema.Result) CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet) BouncyCastleProvider(org.openecard.bouncycastle.jce.provider.BouncyCastleProvider) DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate) CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse) DSIRead(iso.std.iso_iec._24727.tech.schema.DSIRead) DIDQualifierType(iso.std.iso_iec._24727.tech.schema.DIDQualifierType) DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse) CryptoMarkerType(iso.std.iso_iec._24727.tech.schema.CryptoMarkerType) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse) ByteArrayOutputStream(java.io.ByteArrayOutputStream) X509Certificate(java.security.cert.X509Certificate) CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) ByteArrayInputStream(java.io.ByteArrayInputStream) DecipherResponse(iso.std.iso_iec._24727.tech.schema.DecipherResponse) Cipher(javax.crypto.Cipher) Decipher(iso.std.iso_iec._24727.tech.schema.Decipher) DSIReadResponse(iso.std.iso_iec._24727.tech.schema.DSIReadResponse) X509Certificate(java.security.cert.X509Certificate) VerifyCertificate(iso.std.iso_iec._24727.tech.schema.VerifyCertificate) Certificate(java.security.cert.Certificate) Test(org.testng.annotations.Test)

Example 19 with CardApplicationConnectResponse

use of iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse in project open-ecard by ecsec.

the class AbstractPINAction method connectToRootApplication.

/**
 * Connect to the root application of the card specified with a connection handle using a empty CardApplicationPath
 * and afterwards a CardApplicationConnect.
 *
 * @param cHandle
 *            The connection handle for the card to connect to root application.
 * @return The updated connection handle (now including a SlotHandle) or null if connecting went wrong.
 */
protected ConnectionHandleType connectToRootApplication(ConnectionHandleType cHandle) {
    // Perform a CardApplicationPath and CardApplicationConnect to connect to the card application
    CardApplicationPath cardApplicationPath = new CardApplicationPath();
    cardApplicationPath.setCardAppPathRequest(cHandle);
    CardApplicationPathResponse cardApplicationPathResponse = (CardApplicationPathResponse) dispatcher.safeDeliver(cardApplicationPath);
    // Check CardApplicationPathResponse
    try {
        WSHelper.checkResult(cardApplicationPathResponse);
    } catch (WSException ex) {
        LOG.error("CardApplicationPath failed.", ex);
        return null;
    }
    CardApplicationConnect cardApplicationConnect = new CardApplicationConnect();
    cardApplicationConnect.setCardApplicationPath(cardApplicationPathResponse.getCardAppPathResultSet().getCardApplicationPathResult().get(0));
    CardApplicationConnectResponse cardApplicationConnectResponse = (CardApplicationConnectResponse) dispatcher.safeDeliver(cardApplicationConnect);
    // Check CardApplicationConnectResponse
    try {
        WSHelper.checkResult(cardApplicationConnectResponse);
    } catch (WSException ex) {
        LOG.error("CardApplicationConnect failed.", ex);
        return null;
    }
    // Update ConnectionHandle. It now includes a SlotHandle.
    cHandle = cardApplicationConnectResponse.getConnectionHandle();
    return cHandle;
}
Also used : CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath) CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) WSException(org.openecard.common.WSHelper.WSException) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)

Example 20 with CardApplicationConnectResponse

use of iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse in project open-ecard by ecsec.

the class ChangePinInSALAction method connectCards.

private List<ConnectionHandleType> connectCards() throws WSHelper.WSException {
    // get all cards in the system
    CardApplicationPath pathReq = new CardApplicationPath();
    CardApplicationPathType pathType = new CardApplicationPathType();
    pathReq.setCardAppPathRequest(pathType);
    CardApplicationPathResponse pathRes = (CardApplicationPathResponse) dispatcher.safeDeliver(pathReq);
    WSHelper.checkResult(pathRes);
    // connect every card in the set
    ArrayList<ConnectionHandleType> connectedCards = new ArrayList<>();
    for (CardApplicationPathType path : pathRes.getCardAppPathResultSet().getCardApplicationPathResult()) {
        try {
            CardApplicationConnect conReq = new CardApplicationConnect();
            conReq.setCardApplicationPath(path);
            conReq.setExclusiveUse(false);
            CardApplicationConnectResponse conRes = (CardApplicationConnectResponse) dispatcher.safeDeliver(conReq);
            WSHelper.checkResult(conRes);
            connectedCards.add(conRes.getConnectionHandle());
        } catch (WSHelper.WSException ex) {
            LOG.error("Failed to connect card, skipping this entry.", ex);
        }
    }
    return connectedCards;
}
Also used : CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) WSHelper(org.openecard.common.WSHelper) CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath) CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) ArrayList(java.util.ArrayList) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse) WSException(org.openecard.common.WSHelper.WSException)

Aggregations

CardApplicationConnectResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)36 CardApplicationConnect (iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)35 CardApplicationPathType (iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)35 CardApplicationPath (iso.std.iso_iec._24727.tech.schema.CardApplicationPath)33 CardApplicationPathResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse)33 Test (org.testng.annotations.Test)25 ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)11 DIDAuthenticate (iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)6 DIDAuthenticateResponse (iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)6 DIDGet (iso.std.iso_iec._24727.tech.schema.DIDGet)6 DIDGetResponse (iso.std.iso_iec._24727.tech.schema.DIDGetResponse)6 DIDList (iso.std.iso_iec._24727.tech.schema.DIDList)6 DIDListResponse (iso.std.iso_iec._24727.tech.schema.DIDListResponse)6 DIDQualifierType (iso.std.iso_iec._24727.tech.schema.DIDQualifierType)6 DataSetList (iso.std.iso_iec._24727.tech.schema.DataSetList)6 DataSetListResponse (iso.std.iso_iec._24727.tech.schema.DataSetListResponse)6 CardApplicationDisconnect (iso.std.iso_iec._24727.tech.schema.CardApplicationDisconnect)5 CardAppPathResultSet (iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet)4 CryptoMarkerType (iso.std.iso_iec._24727.tech.schema.CryptoMarkerType)4 CardStateEntry (org.openecard.common.sal.state.CardStateEntry)4