use of iso.std.iso_iec._24727.tech.schema.CardApplicationPathType in project open-ecard by ecsec.
the class ListTokens method connectCards.
private ArrayList<ConnectionHandleType> connectCards() throws WSHelper.WSException {
// get all cards in the system
CardApplicationPath pathReq = new CardApplicationPath();
CardApplicationPathType pathType = new CardApplicationPathType();
pathReq.setCardAppPathRequest(pathType);
CardApplicationPathResponse pathRes = (CardApplicationPathResponse) dispatcher.safeDeliver(pathReq);
WSHelper.checkResult(pathRes);
// remove duplicates
TreeSet<CardApplicationPathType> paths = new TreeSet<>(new Comparator<CardApplicationPathType>() {
@Override
public int compare(CardApplicationPathType o1, CardApplicationPathType o2) {
int cmp1 = o1.getIFDName().compareTo(o2.getIFDName());
if (cmp1 == 0) {
return o1.getSlotIndex().compareTo(o2.getSlotIndex());
} else {
return cmp1;
}
}
});
paths.addAll(pathRes.getCardAppPathResultSet().getCardApplicationPathResult());
// connect every card in the set
ArrayList<ConnectionHandleType> connectedCards = new ArrayList<>();
for (CardApplicationPathType path : paths) {
try {
CardApplicationConnect conReq = new CardApplicationConnect();
conReq.setCardApplicationPath(path);
conReq.setExclusiveUse(false);
CardApplicationConnectResponse conRes = (CardApplicationConnectResponse) dispatcher.safeDeliver(conReq);
WSHelper.checkResult(conRes);
connectedCards.add(conRes.getConnectionHandle());
} catch (WSHelper.WSException ex) {
LOG.error("Failed to connect card, skipping this entry.", ex);
}
}
return connectedCards;
}
use of iso.std.iso_iec._24727.tech.schema.CardApplicationPathType in project open-ecard by ecsec.
the class GenericPINAction method updateConnectionHandle.
/**
* Update the connection handle.
* This is necessary after every step because we Disconnect the card with a reset if we have success or not.
*/
private void updateConnectionHandle() {
CardApplicationPath cPath = new CardApplicationPath();
CardApplicationPathType cPathType = new CardApplicationPathType();
cPath.setCardAppPathRequest(cPathType);
CardApplicationPathResponse cPathResp = (CardApplicationPathResponse) dispatcher.safeDeliver(cPath);
List<CardApplicationPathType> cRes = cPathResp.getCardAppPathResultSet().getCardApplicationPathResult();
for (CardApplicationPathType capt : cRes) {
CardApplicationConnect cConn = new CardApplicationConnect();
cConn.setCardApplicationPath(capt);
CardApplicationConnectResponse conRes = (CardApplicationConnectResponse) dispatcher.safeDeliver(cConn);
String cardType = conRes.getConnectionHandle().getRecognitionInfo().getCardType();
ConnectionHandleType cHandleNew = conRes.getConnectionHandle();
if (cardType.equals("http://bsi.bund.de/cif/npa.xml")) {
// ensure same terminal and get the new slothandle
if (cHandleNew.getIFDName().equals(cHandle.getIFDName()) && !Arrays.equals(cHandleNew.getSlotHandle(), slotHandle)) {
cHandle = cHandleNew;
slotHandle = cHandle.getSlotHandle();
break;
// also end if the connection handle found as before than it is still valid
} else if (cHandleNew.getIFDName().equals(cHandle.getIFDName()) && Arrays.equals(cHandleNew.getSlotHandle(), slotHandle)) {
break;
}
} else {
CardApplicationDisconnect disconnect = new CardApplicationDisconnect();
disconnect.setConnectionHandle(conRes.getConnectionHandle());
disconnect.setAction(ActionType.RESET);
dispatcher.safeDeliver(disconnect);
}
}
}
use of iso.std.iso_iec._24727.tech.schema.CardApplicationPathType in project open-ecard by ecsec.
the class TCTokenHandler method prepareHandle.
private ConnectionHandleType prepareHandle(ConnectionHandleType connectionHandle) throws WSException {
// Perform a CardApplicationPath and CardApplicationConnect to connect to the card application
CardApplicationPath appPath = new CardApplicationPath();
appPath.setCardAppPathRequest(connectionHandle);
CardApplicationPathResponse appPathRes = (CardApplicationPathResponse) dispatcher.safeDeliver(appPath);
// Check CardApplicationPathResponse
WSHelper.checkResult(appPathRes);
CardApplicationConnect appConnect = new CardApplicationConnect();
List<CardApplicationPathType> pathRes;
pathRes = appPathRes.getCardAppPathResultSet().getCardApplicationPathResult();
appConnect.setCardApplicationPath(pathRes.get(0));
CardApplicationConnectResponse appConnectRes;
appConnectRes = (CardApplicationConnectResponse) dispatcher.safeDeliver(appConnect);
// Update ConnectionHandle. It now includes a SlotHandle.
connectionHandle = appConnectRes.getConnectionHandle();
// Check CardApplicationConnectResponse
WSHelper.checkResult(appConnectRes);
return connectionHandle;
}
use of iso.std.iso_iec._24727.tech.schema.CardApplicationPathType in project open-ecard by ecsec.
the class GenericCryptographyProtocolTest method testSign.
/**
* Test for the Sign Step of the Generic Cryptography protocol. After we connected to the ESIGN application of the
* eGK, we use DIDList to get a List of DIDs that support the compute signature function. For each DID we let the
* card compute a signature. If the result is OK we're satisfied.
*
* @throws Exception
* when something in this test went unexpectedly wrong
*/
@Test(enabled = TESTS_ENABLED)
public void testSign() throws Exception {
CardApplicationPath cardApplicationPath = new CardApplicationPath();
CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
cardApplicationPathType.setCardApplication(cardApplication);
cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
WSHelper.checkResult(cardApplicationPathResponse);
CardApplicationConnect parameters = new CardApplicationConnect();
CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
WSHelper.checkResult(result);
assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
DIDList didList = new DIDList();
didList.setConnectionHandle(result.getConnectionHandle());
DIDQualifierType didQualifier = new DIDQualifierType();
didQualifier.setApplicationIdentifier(cardApplication);
didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
didQualifier.setApplicationFunction("Compute-signature");
didList.setFilter(didQualifier);
DIDListResponse didListResponse = instance.didList(didList);
assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
WSHelper.checkResult(didListResponse);
DIDAuthenticate didAthenticate = new DIDAuthenticate();
didAthenticate.setDIDName("PIN.home");
PinCompareDIDAuthenticateInputType didAuthenticationData = new PinCompareDIDAuthenticateInputType();
didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
didAthenticate.setConnectionHandle(result.getConnectionHandle());
didAthenticate.getConnectionHandle().setCardApplication(cardApplication_ROOT);
didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
DIDAuthenticateResponse didAuthenticateResult = instance.didAuthenticate(didAthenticate);
WSHelper.checkResult(didAuthenticateResult);
assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getAny().size(), 0);
assertEquals(ECardConstants.Major.OK, didAuthenticateResult.getResult().getResultMajor());
for (int numOfDIDs = 0; numOfDIDs < didListResponse.getDIDNameList().getDIDName().size(); numOfDIDs++) {
String didName = didListResponse.getDIDNameList().getDIDName().get(numOfDIDs);
System.out.println(didName);
DIDGet didGet = new DIDGet();
didGet.setDIDName(didName);
didGet.setDIDScope(DIDScopeType.LOCAL);
didGet.setConnectionHandle(result.getConnectionHandle());
didGet.getConnectionHandle().setCardApplication(cardApplication);
DIDGetResponse didGetResponse = instance.didGet(didGet);
org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
Sign sign = new Sign();
byte[] message = StringUtils.toByteArray("616263646263646563646566646566676566676861");
String algorithm = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
if (algorithm.equals(GenericCryptoUris.sigS_ISO9796_2rnd)) {
// TODO support for sign9796_2_DS2
continue;
}
sign.setMessage(message);
sign.setConnectionHandle(result.getConnectionHandle());
sign.getConnectionHandle().setCardApplication(cardApplication);
sign.setDIDName(didName);
sign.setDIDScope(DIDScopeType.LOCAL);
SignResponse signResponse = instance.sign(sign);
WSHelper.checkResult(signResponse);
assertTrue(signResponse.getSignature() != null);
}
}
use of iso.std.iso_iec._24727.tech.schema.CardApplicationPathType in project open-ecard by ecsec.
the class GenericCryptographyProtocolTest method testVerifySignature.
/**
* Test for the VerifySignature Step of the Generic Cryptography protocol. After we connected to the ESIGN
* application of the eGK, we use DIDList to get a List of DIDs that support the compute signature function. We
* then authenticate with PIN.home and let the card sign our message. Afterwards we call VerifySignature for that
* signature which should return OK.
*
* @throws Exception
* when something in this test went unexpectedly wrong
*/
@Test(enabled = TESTS_ENABLED)
public void testVerifySignature() throws Exception {
CardApplicationPath cardApplicationPath = new CardApplicationPath();
CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
cardApplicationPathType.setCardApplication(cardApplication);
cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
WSHelper.checkResult(cardApplicationPathResponse);
CardApplicationConnect parameters = new CardApplicationConnect();
CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
WSHelper.checkResult(result);
assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
DIDList didList = new DIDList();
didList.setConnectionHandle(result.getConnectionHandle());
DIDQualifierType didQualifier = new DIDQualifierType();
didQualifier.setApplicationIdentifier(cardApplication);
didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
didQualifier.setApplicationFunction("Compute-signature");
didList.setFilter(didQualifier);
DIDListResponse didListResponse = instance.didList(didList);
assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
WSHelper.checkResult(didListResponse);
DIDAuthenticate didAthenticate = new DIDAuthenticate();
didAthenticate.setDIDName("PIN.home");
PinCompareDIDAuthenticateInputType didAuthenticationData = new PinCompareDIDAuthenticateInputType();
didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
didAthenticate.setConnectionHandle(result.getConnectionHandle());
didAthenticate.getConnectionHandle().setCardApplication(cardApplication_ROOT);
didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
DIDAuthenticateResponse didAuthenticateResult = instance.didAuthenticate(didAthenticate);
WSHelper.checkResult(didAuthenticateResult);
assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getAny().size(), 0);
assertEquals(ECardConstants.Major.OK, didAuthenticateResult.getResult().getResultMajor());
for (int numOfDIDs = 0; numOfDIDs < didListResponse.getDIDNameList().getDIDName().size(); numOfDIDs++) {
String didName = didListResponse.getDIDNameList().getDIDName().get(numOfDIDs);
DIDGet didGet = new DIDGet();
didGet.setDIDName(didName);
didGet.setDIDScope(DIDScopeType.LOCAL);
didGet.setConnectionHandle(result.getConnectionHandle());
didGet.getConnectionHandle().setCardApplication(cardApplication);
DIDGetResponse didGetResponse = instance.didGet(didGet);
Sign sign = new Sign();
byte[] message = new byte[] { 0x01, 0x02, 0x03 };
org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
String algorithmIdentifier = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
if (algorithmIdentifier.equals(GenericCryptoUris.RSASSA_PSS_SHA256)) {
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
message = messageDigest.digest(message);
} else if (algorithmIdentifier.equals(GenericCryptoUris.RSA_ENCRYPTION)) {
// do nothing
} else {
LOG.warn("Skipping decipher for the unsupported algorithmIdentifier: {}", algorithmIdentifier);
continue;
}
sign.setMessage(message);
sign.setConnectionHandle(result.getConnectionHandle());
sign.getConnectionHandle().setCardApplication(cardApplication);
sign.setDIDName(didName);
sign.setDIDScope(DIDScopeType.LOCAL);
SignResponse signResponse = instance.sign(sign);
assertEquals(ECardConstants.Major.OK, signResponse.getResult().getResultMajor());
WSHelper.checkResult(signResponse);
byte[] signature = signResponse.getSignature();
VerifySignature verifySignature = new VerifySignature();
verifySignature.setConnectionHandle(sign.getConnectionHandle());
verifySignature.setDIDName(didName);
verifySignature.setDIDScope(DIDScopeType.LOCAL);
verifySignature.setMessage(message);
verifySignature.setSignature(signature);
VerifySignatureResponse verifySignatureResponse = instance.verifySignature(verifySignature);
WSHelper.checkResult(verifySignatureResponse);
}
}
Aggregations