use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.
the class TinySAL method aclList.
/**
* The ACLList function returns the access control list for the stated target object (card application, data set, DID).
* See BSI-TR-03112-4, version 1.1.2, section 3.7.1.
*
* @param request ACLList
* @return ACLListResponse
*/
@Publish
@Override
public ACLListResponse aclList(ACLList request) {
ACLListResponse response = WSHelper.makeResponse(ACLListResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
TargetNameType targetName = request.getTargetName();
Assert.assertIncorrectParameter(targetName, "The parameter TargetName is empty.");
// get the target values, according to the schema only one must exist, we pick the first existing ;-)
byte[] targetAppId = targetName.getCardApplicationName();
String targetDataSet = targetName.getDataSetName();
String targetDid = targetName.getDIDName();
CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
byte[] handleAppId = connectionHandle.getCardApplication();
if (targetDataSet != null) {
DataSetInfoType dataSetInfo = cardInfoWrapper.getDataSet(targetDataSet, handleAppId);
Assert.assertNamedEntityNotFound(dataSetInfo, "The given DataSet cannot be found.");
response.setTargetACL(cardInfoWrapper.getDataSet(targetDataSet, handleAppId).getDataSetACL());
} else if (targetDid != null) {
DIDInfoType didInfo = cardInfoWrapper.getDIDInfo(targetDid, handleAppId);
Assert.assertNamedEntityNotFound(didInfo, "The given DIDInfo cannot be found.");
// TODO Check security condition ?
response.setTargetACL(cardInfoWrapper.getDIDInfo(targetDid, handleAppId).getDIDACL());
} else if (targetAppId != null) {
CardApplicationWrapper cardApplication = cardInfoWrapper.getCardApplication(targetAppId);
Assert.assertNamedEntityNotFound(cardApplication, "The given CardApplication cannot be found.");
Assert.securityConditionApplication(cardStateEntry, targetAppId, AuthorizationServiceActionName.ACL_LIST);
response.setTargetACL(cardInfoWrapper.getCardApplication(targetAppId).getCardApplicationACL());
} else {
throw new IncorrectParameterException("The given TargetName is invalid.");
}
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.
the class TinySAL method cardApplicationDisconnect.
/**
* The CardApplicationDisconnect function terminates the connection to a card application.
* See BSI-TR-03112-4, version 1.1.2, section 3.2.2.
*
* @param request CardApplicationDisconnect
* @return CardApplicationDisconnectResponse
*/
@Override
public CardApplicationDisconnectResponse cardApplicationDisconnect(CardApplicationDisconnect request) {
CardApplicationDisconnectResponse response = WSHelper.makeResponse(CardApplicationDisconnectResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
byte[] slotHandle = connectionHandle.getSlotHandle();
// check existence of required parameters
if (slotHandle == null) {
return WSHelper.makeResponse(CardApplicationDisconnectResponse.class, WSHelper.makeResultError(ECardConstants.Minor.App.INCORRECT_PARM, "ConnectionHandle is null"));
}
Disconnect disconnect = new Disconnect();
disconnect.setSlotHandle(slotHandle);
if (request.getAction() != null) {
disconnect.setAction(request.getAction());
}
DisconnectResponse disconnectResponse = (DisconnectResponse) env.getDispatcher().safeDeliver(disconnect);
// remove entries associated with this handle
states.removeSlotHandleEntry(slotHandle);
response.setResult(disconnectResponse.getResult());
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.
the class TinySAL method dsiDelete.
/**
* The DSIDelete function deletes a DSI (Data Structure for Interoperability) in the currently selected data set.
* See BSI-TR-03112-4, version 1.1.2, section 3.4.7.
*
* @param request DSIDelete
* @return DSIDeleteResponse
*/
// TODO: rewiew function and add @Publish annotation
@Override
public DSIDeleteResponse dsiDelete(DSIDelete request) {
DSIDeleteResponse response = WSHelper.makeResponse(DSIDeleteResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle);
CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
String dsiName = request.getDSIName();
Assert.assertIncorrectParameter(dsiName, "The parameter DSIName is empty.");
if (cardStateEntry.getFCPOfSelectedEF() == null) {
String msg = "No DataSet selected for deleting the DSI " + request.getDSIName();
throw new PrerequisitesNotSatisfiedException(msg);
}
DataSetInfoType dataSet = cardInfoWrapper.getDataSetByDsiName(request.getDSIName());
byte[] fidOrPath = dataSet.getDataSetPath().getEfIdOrPath();
byte[] dataSetFid = new byte[] { fidOrPath[fidOrPath.length - 2], fidOrPath[fidOrPath.length - 1] };
if (!Arrays.equals(dataSetFid, cardStateEntry.getFCPOfSelectedEF().getFileIdentifiers().get(0))) {
String msg = "The wrong DataSet for the deletion of DSI " + request.getDSIName() + " is selected.";
throw new PrerequisitesNotSatisfiedException(msg);
}
DataSetInfoType dSet = cardInfoWrapper.getDataSetByFid(cardStateEntry.getFCPOfSelectedEF().getFileIdentifiers().get(0));
Assert.securityConditionDataSet(cardStateEntry, connectionHandle.getCardApplication(), dSet.getDataSetName(), NamedDataServiceActionName.DSI_DELETE);
DSIType dsi = cardInfoWrapper.getDSIbyName(dsiName);
// We have to define some allowed answers because if the file has an write operation counter we wont get an
// 9000 response.
ArrayList<byte[]> responses = new ArrayList<byte[]>() {
{
add(new byte[] { (byte) 0x90, (byte) 0x00 });
add(new byte[] { (byte) 0x63, (byte) 0xC1 });
add(new byte[] { (byte) 0x63, (byte) 0xC2 });
add(new byte[] { (byte) 0x63, (byte) 0xC3 });
add(new byte[] { (byte) 0x63, (byte) 0xC4 });
add(new byte[] { (byte) 0x63, (byte) 0xC5 });
add(new byte[] { (byte) 0x63, (byte) 0xC6 });
add(new byte[] { (byte) 0x63, (byte) 0xC7 });
add(new byte[] { (byte) 0x63, (byte) 0xC8 });
add(new byte[] { (byte) 0x63, (byte) 0xC9 });
add(new byte[] { (byte) 0x63, (byte) 0xCA });
add(new byte[] { (byte) 0x63, (byte) 0xCB });
add(new byte[] { (byte) 0x63, (byte) 0xCC });
add(new byte[] { (byte) 0x63, (byte) 0xCD });
add(new byte[] { (byte) 0x63, (byte) 0xCE });
add(new byte[] { (byte) 0x63, (byte) 0xCF });
}
};
if (cardStateEntry.getFCPOfSelectedEF().getDataElements().isLinear()) {
EraseRecord rmRecord = new EraseRecord(dsi.getDSIPath().getIndex()[0], EraseRecord.ERASE_JUST_P1);
rmRecord.transmit(env.getDispatcher(), connectionHandle.getSlotHandle(), responses);
} else {
// NOTE: Erase binary allows to erase only everything after the offset or everything in front of the offset.
// currently erasing everything after the offset is used.
EraseBinary rmBinary = new EraseBinary((byte) 0x00, (byte) 0x00, dsi.getDSIPath().getIndex());
rmBinary.transmit(env.getDispatcher(), connectionHandle.getSlotHandle(), responses);
}
} catch (ECardException e) {
LOG.error(e.getMessage(), e);
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.
the class TinySAL method decipher.
/**
* The Decipher function decrypts a given cipher text. The detailed behaviour of this function depends on
* the protocol of the DID.
* See BSI-TR-03112-4, version 1.1.2, section 3.5.2.
*
* @param request Decipher
* @return DecipherResponse
*/
@Override
public DecipherResponse decipher(Decipher request) {
DecipherResponse response = WSHelper.makeResponse(DecipherResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
String didName = SALUtils.getDIDName(request);
byte[] cipherText = request.getCipherText();
Assert.assertIncorrectParameter(cipherText, "The parameter CipherText is empty.");
DIDScopeType didScope = request.getDIDScope();
if (didScope == null) {
didScope = DIDScopeType.LOCAL;
}
if (didScope.equals(DIDScopeType.LOCAL)) {
byte[] necessaryCardApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
if (!Arrays.equals(necessaryCardApp, applicationID)) {
throw new SecurityConditionNotSatisfiedException("Wrong application selected.");
}
}
DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
String protocolURI = didStructure.getDIDMarker().getProtocol();
SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
if (protocol.hasNextStep(FunctionType.Decipher)) {
response = protocol.decipher(request);
removeFinishedProtocol(connectionHandle, protocolURI, protocol);
} else {
throw new InappropriateProtocolForActionException("Decipher", protocol.toString());
}
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.
the class TinySAL method dataSetSelect.
/**
* The DataSetSelect function selects a data set in a card application.
* See BSI-TR-03112-4, version 1.1.2, section 3.4.3.
*
* @param request DataSetSelect
* @return DataSetSelectResponse
*/
@Publish
@Override
public DataSetSelectResponse dataSetSelect(DataSetSelect request) {
DataSetSelectResponse response = WSHelper.makeResponse(DataSetSelectResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle);
byte[] applicationID = connectionHandle.getCardApplication();
String dataSetName = request.getDataSetName();
Assert.assertIncorrectParameter(dataSetName, "The parameter DataSetName is empty.");
CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
DataSetInfoType dataSetInfo = cardInfoWrapper.getDataSet(dataSetName, applicationID);
Assert.assertNamedEntityNotFound(dataSetInfo, "The given DataSet cannot be found.");
Assert.securityConditionDataSet(cardStateEntry, applicationID, dataSetName, NamedDataServiceActionName.DATA_SET_SELECT);
byte[] fileID = dataSetInfo.getDataSetPath().getEfIdOrPath();
byte[] slotHandle = connectionHandle.getSlotHandle();
CardResponseAPDU result = CardUtils.selectFileWithOptions(env.getDispatcher(), slotHandle, fileID, null, CardUtils.FCP_RESPONSE_DATA);
FCP fcp = null;
if (result != null && result.getData().length > 0) {
try {
fcp = new FCP(result.getData());
} catch (TLVException ex) {
LOG.warn("Invalid FCP received.");
}
}
if (fcp == null) {
LOG.info("Using fake FCP.");
fcp = new FCP(createFakeFCP(Arrays.copyOfRange(fileID, fileID.length - 2, fileID.length)));
}
cardStateEntry.setFCPOfSelectedEF(fcp);
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
Aggregations