Examples with ConnectionHandleType iso.std.iso_iec._24727.tech.schema.ConnectionHandleType used on opensource projects

Example 26 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method aclList.

/**
 * The ACLList function returns the access control list for the stated target object (card application, data set, DID).
 * See BSI-TR-03112-4, version 1.1.2, section 3.7.1.
 *
 * @param request ACLList
 * @return ACLListResponse
 */
@Publish
@Override
public ACLListResponse aclList(ACLList request) {
    ACLListResponse response = WSHelper.makeResponse(ACLListResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        TargetNameType targetName = request.getTargetName();
        Assert.assertIncorrectParameter(targetName, "The parameter TargetName is empty.");
        // get the target values, according to the schema only one must exist, we pick the first existing ;-)
        byte[] targetAppId = targetName.getCardApplicationName();
        String targetDataSet = targetName.getDataSetName();
        String targetDid = targetName.getDIDName();
        CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
        byte[] handleAppId = connectionHandle.getCardApplication();
        if (targetDataSet != null) {
            DataSetInfoType dataSetInfo = cardInfoWrapper.getDataSet(targetDataSet, handleAppId);
            Assert.assertNamedEntityNotFound(dataSetInfo, "The given DataSet cannot be found.");
            response.setTargetACL(cardInfoWrapper.getDataSet(targetDataSet, handleAppId).getDataSetACL());
        } else if (targetDid != null) {
            DIDInfoType didInfo = cardInfoWrapper.getDIDInfo(targetDid, handleAppId);
            Assert.assertNamedEntityNotFound(didInfo, "The given DIDInfo cannot be found.");
            // TODO Check security condition ?
            response.setTargetACL(cardInfoWrapper.getDIDInfo(targetDid, handleAppId).getDIDACL());
        } else if (targetAppId != null) {
            CardApplicationWrapper cardApplication = cardInfoWrapper.getCardApplication(targetAppId);
            Assert.assertNamedEntityNotFound(cardApplication, "The given CardApplication cannot be found.");
            Assert.securityConditionApplication(cardStateEntry, targetAppId, AuthorizationServiceActionName.ACL_LIST);
            response.setTargetACL(cardInfoWrapper.getCardApplication(targetAppId).getCardApplicationACL());
        } else {
            throw new IncorrectParameterException("The given TargetName is invalid.");
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}

Example 27 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method cardApplicationDisconnect.

/**
 * The CardApplicationDisconnect function terminates the connection to a card application.
 * See BSI-TR-03112-4, version 1.1.2, section 3.2.2.
 *
 * @param request CardApplicationDisconnect
 * @return CardApplicationDisconnectResponse
 */
@Override
public CardApplicationDisconnectResponse cardApplicationDisconnect(CardApplicationDisconnect request) {
    CardApplicationDisconnectResponse response = WSHelper.makeResponse(CardApplicationDisconnectResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        byte[] slotHandle = connectionHandle.getSlotHandle();
        // check existence of required parameters
        if (slotHandle == null) {
            return WSHelper.makeResponse(CardApplicationDisconnectResponse.class, WSHelper.makeResultError(ECardConstants.Minor.App.INCORRECT_PARM, "ConnectionHandle is null"));
        }
        Disconnect disconnect = new Disconnect();
        disconnect.setSlotHandle(slotHandle);
        if (request.getAction() != null) {
            disconnect.setAction(request.getAction());
        }
        DisconnectResponse disconnectResponse = (DisconnectResponse) env.getDispatcher().safeDeliver(disconnect);
        // remove entries associated with this handle
        states.removeSlotHandleEntry(slotHandle);
        response.setResult(disconnectResponse.getResult());
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}

Example 28 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method dsiDelete.

/**
 * The DSIDelete function deletes a DSI (Data Structure for Interoperability) in the currently selected data set.
 * See BSI-TR-03112-4, version 1.1.2, section 3.4.7.
 *
 * @param request DSIDelete
 * @return DSIDeleteResponse
 */
// TODO: rewiew function and add @Publish annotation
@Override
public DSIDeleteResponse dsiDelete(DSIDelete request) {
    DSIDeleteResponse response = WSHelper.makeResponse(DSIDeleteResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle);
        CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
        String dsiName = request.getDSIName();
        Assert.assertIncorrectParameter(dsiName, "The parameter DSIName is empty.");
        if (cardStateEntry.getFCPOfSelectedEF() == null) {
            String msg = "No DataSet selected for deleting the DSI " + request.getDSIName();
            throw new PrerequisitesNotSatisfiedException(msg);
        }
        DataSetInfoType dataSet = cardInfoWrapper.getDataSetByDsiName(request.getDSIName());
        byte[] fidOrPath = dataSet.getDataSetPath().getEfIdOrPath();
        byte[] dataSetFid = new byte[] { fidOrPath[fidOrPath.length - 2], fidOrPath[fidOrPath.length - 1] };
        if (!Arrays.equals(dataSetFid, cardStateEntry.getFCPOfSelectedEF().getFileIdentifiers().get(0))) {
            String msg = "The wrong DataSet for the deletion of DSI " + request.getDSIName() + " is selected.";
            throw new PrerequisitesNotSatisfiedException(msg);
        }
        DataSetInfoType dSet = cardInfoWrapper.getDataSetByFid(cardStateEntry.getFCPOfSelectedEF().getFileIdentifiers().get(0));
        Assert.securityConditionDataSet(cardStateEntry, connectionHandle.getCardApplication(), dSet.getDataSetName(), NamedDataServiceActionName.DSI_DELETE);
        DSIType dsi = cardInfoWrapper.getDSIbyName(dsiName);
        // We have to define some allowed answers because if the file has an write operation counter we wont get an
        // 9000 response.
        ArrayList<byte[]> responses = new ArrayList<byte[]>() {

            {
                add(new byte[] { (byte) 0x90, (byte) 0x00 });
                add(new byte[] { (byte) 0x63, (byte) 0xC1 });
                add(new byte[] { (byte) 0x63, (byte) 0xC2 });
                add(new byte[] { (byte) 0x63, (byte) 0xC3 });
                add(new byte[] { (byte) 0x63, (byte) 0xC4 });
                add(new byte[] { (byte) 0x63, (byte) 0xC5 });
                add(new byte[] { (byte) 0x63, (byte) 0xC6 });
                add(new byte[] { (byte) 0x63, (byte) 0xC7 });
                add(new byte[] { (byte) 0x63, (byte) 0xC8 });
                add(new byte[] { (byte) 0x63, (byte) 0xC9 });
                add(new byte[] { (byte) 0x63, (byte) 0xCA });
                add(new byte[] { (byte) 0x63, (byte) 0xCB });
                add(new byte[] { (byte) 0x63, (byte) 0xCC });
                add(new byte[] { (byte) 0x63, (byte) 0xCD });
                add(new byte[] { (byte) 0x63, (byte) 0xCE });
                add(new byte[] { (byte) 0x63, (byte) 0xCF });
            }
        };
        if (cardStateEntry.getFCPOfSelectedEF().getDataElements().isLinear()) {
            EraseRecord rmRecord = new EraseRecord(dsi.getDSIPath().getIndex()[0], EraseRecord.ERASE_JUST_P1);
            rmRecord.transmit(env.getDispatcher(), connectionHandle.getSlotHandle(), responses);
        } else {
            // NOTE: Erase binary allows to erase only everything after the offset or everything in front of the offset.
            // currently erasing everything after the offset is used.
            EraseBinary rmBinary = new EraseBinary((byte) 0x00, (byte) 0x00, dsi.getDSIPath().getIndex());
            rmBinary.transmit(env.getDispatcher(), connectionHandle.getSlotHandle(), responses);
        }
    } catch (ECardException e) {
        LOG.error(e.getMessage(), e);
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}

Example 29 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method decipher.

/**
 * The Decipher function decrypts a given cipher text. The detailed behaviour of this function depends on
 * the protocol of the DID.
 * See BSI-TR-03112-4, version 1.1.2, section 3.5.2.
 *
 * @param request Decipher
 * @return DecipherResponse
 */
@Override
public DecipherResponse decipher(Decipher request) {
    DecipherResponse response = WSHelper.makeResponse(DecipherResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        String didName = SALUtils.getDIDName(request);
        byte[] cipherText = request.getCipherText();
        Assert.assertIncorrectParameter(cipherText, "The parameter CipherText is empty.");
        DIDScopeType didScope = request.getDIDScope();
        if (didScope == null) {
            didScope = DIDScopeType.LOCAL;
        }
        if (didScope.equals(DIDScopeType.LOCAL)) {
            byte[] necessaryCardApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
            if (!Arrays.equals(necessaryCardApp, applicationID)) {
                throw new SecurityConditionNotSatisfiedException("Wrong application selected.");
            }
        }
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
        Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
        String protocolURI = didStructure.getDIDMarker().getProtocol();
        SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
        if (protocol.hasNextStep(FunctionType.Decipher)) {
            response = protocol.decipher(request);
            removeFinishedProtocol(connectionHandle, protocolURI, protocol);
        } else {
            throw new InappropriateProtocolForActionException("Decipher", protocol.toString());
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}

Example 30 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method dataSetSelect.

/**
 * The DataSetSelect function selects a data set in a card application.
 * See BSI-TR-03112-4, version 1.1.2, section 3.4.3.
 *
 * @param request DataSetSelect
 * @return DataSetSelectResponse
 */
@Publish
@Override
public DataSetSelectResponse dataSetSelect(DataSetSelect request) {
    DataSetSelectResponse response = WSHelper.makeResponse(DataSetSelectResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle);
        byte[] applicationID = connectionHandle.getCardApplication();
        String dataSetName = request.getDataSetName();
        Assert.assertIncorrectParameter(dataSetName, "The parameter DataSetName is empty.");
        CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
        DataSetInfoType dataSetInfo = cardInfoWrapper.getDataSet(dataSetName, applicationID);
        Assert.assertNamedEntityNotFound(dataSetInfo, "The given DataSet cannot be found.");
        Assert.securityConditionDataSet(cardStateEntry, applicationID, dataSetName, NamedDataServiceActionName.DATA_SET_SELECT);
        byte[] fileID = dataSetInfo.getDataSetPath().getEfIdOrPath();
        byte[] slotHandle = connectionHandle.getSlotHandle();
        CardResponseAPDU result = CardUtils.selectFileWithOptions(env.getDispatcher(), slotHandle, fileID, null, CardUtils.FCP_RESPONSE_DATA);
        FCP fcp = null;
        if (result != null && result.getData().length > 0) {
            try {
                fcp = new FCP(result.getData());
            } catch (TLVException ex) {
                LOG.warn("Invalid FCP received.");
            }
        }
        if (fcp == null) {
            LOG.info("Using fake FCP.");
            fcp = new FCP(createFakeFCP(Arrays.copyOfRange(fileID, fileID.length - 2, fileID.length)));
        }
        cardStateEntry.setFCPOfSelectedEF(fcp);
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}