Search in sources :

Example 31 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method sign.

/**
 * The Sign function signs a transmitted message.
 * See BSI-TR-03112-4, version 1.1.2, section 3.5.5.
 *
 * @param request Sign
 * @return SignResponse
 */
@Override
public SignResponse sign(Sign request) {
    SignResponse response = WSHelper.makeResponse(SignResponse.class, WSHelper.makeResultOK());
    CardStateEntry cardStateEntry = null;
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        String didName = SALUtils.getDIDName(request);
        byte[] message = request.getMessage();
        Assert.assertIncorrectParameter(message, "The parameter Message is empty.");
        DIDScopeType didScope = request.getDIDScope();
        if (didScope == null) {
            didScope = DIDScopeType.LOCAL;
        }
        if (didScope.equals(DIDScopeType.LOCAL)) {
            byte[] necessarySelectedApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
            if (!Arrays.equals(necessarySelectedApp, applicationID)) {
                String msg = "Wrong application selected for the execution of Sign with the DID " + didName + ".";
                throw new SecurityConditionNotSatisfiedException(msg);
            }
        }
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
        Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
        String protocolURI = didStructure.getDIDMarker().getProtocol();
        SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
        if (protocol.hasNextStep(FunctionType.Sign)) {
            response = protocol.sign(request);
            removeFinishedProtocol(connectionHandle, protocolURI, protocol);
        } else {
            throw new InappropriateProtocolForActionException("Sign", protocol.toString());
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    // TODO: remove when PIN state tracking is implemented
    setPinNotAuth(cardStateEntry);
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) ECardException(org.openecard.common.ECardException) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) SignResponse(iso.std.iso_iec._24727.tech.schema.SignResponse) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) SALProtocol(org.openecard.addon.sal.SALProtocol) DIDScopeType(iso.std.iso_iec._24727.tech.schema.DIDScopeType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) NameExistsException(org.openecard.common.sal.exception.NameExistsException) AddonNotFoundException(org.openecard.addon.AddonNotFoundException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) ECardException(org.openecard.common.ECardException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) TLVException(org.openecard.common.tlv.TLVException) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException)

Example 32 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method didAuthenticate.

/**
 * The DIDAuthenticate function can be used to execute an authentication protocol using a DID addressed by DIDName.
 * See BSI-TR-03112-4, version 1.1.2, section 3.6.6.
 *
 * @param request DIDAuthenticate
 * @return DIDAuthenticateResponse
 */
@Publish
@Override
public DIDAuthenticateResponse didAuthenticate(DIDAuthenticate request) {
    DIDAuthenticateResponse response = WSHelper.makeResponse(DIDAuthenticateResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        DIDAuthenticationDataType didAuthenticationData = request.getAuthenticationProtocolData();
        Assert.assertIncorrectParameter(didAuthenticationData, "The parameter AuthenticationProtocolData is empty.");
        String protocolURI = didAuthenticationData.getProtocol();
        // FIXME: workaround for missing protocol URI from eID-Servers
        if (protocolURI == null) {
            LOG.warn("ProtocolURI was null");
            protocolURI = ECardConstants.Protocol.EAC_GENERIC;
        } else if (protocolURI.equals("urn:oid:1.0.24727.3.0.0.7.2")) {
            LOG.warn("ProtocolURI was urn:oid:1.0.24727.3.0.0.7.2");
            protocolURI = ECardConstants.Protocol.EAC_GENERIC;
        }
        didAuthenticationData.setProtocol(protocolURI);
        SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
        if (protocol.hasNextStep(FunctionType.DIDAuthenticate)) {
            response = protocol.didAuthenticate(request);
            removeFinishedProtocol(connectionHandle, protocolURI, protocol);
        } else {
            throw new InappropriateProtocolForActionException("DIDAuthenticate", protocol.toString());
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) ECardException(org.openecard.common.ECardException) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) SALProtocol(org.openecard.addon.sal.SALProtocol) DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) NameExistsException(org.openecard.common.sal.exception.NameExistsException) AddonNotFoundException(org.openecard.addon.AddonNotFoundException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) ECardException(org.openecard.common.ECardException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) TLVException(org.openecard.common.tlv.TLVException) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException) Publish(org.openecard.common.interfaces.Publish)

Example 33 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method hash.

/**
 * The Hash function calculates the hash value of a transmitted message.
 * See BSI-TR-03112-4, version 1.1.2, section 3.5.4.
 *
 * @param request Hash
 * @return HashResponse
 */
@Publish
@Override
public HashResponse hash(Hash request) {
    HashResponse response = WSHelper.makeResponse(HashResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        String didName = SALUtils.getDIDName(request);
        byte[] message = request.getMessage();
        Assert.assertIncorrectParameter(message, "The parameter Message is empty.");
        DIDScopeType didScope = request.getDIDScope();
        if (didScope == null) {
            didScope = DIDScopeType.LOCAL;
        }
        if (didScope.equals(DIDScopeType.LOCAL)) {
            byte[] necesssaryApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
            if (!Arrays.equals(necesssaryApp, applicationID)) {
                String msg = "Wrong application for executing Hash with the specified DID " + didName + ".";
                throw new SecurityConditionNotSatisfiedException(msg);
            }
        }
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
        Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
        String protocolURI = didStructure.getDIDMarker().getProtocol();
        SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
        if (protocol.hasNextStep(FunctionType.Hash)) {
            response = protocol.hash(request);
            removeFinishedProtocol(connectionHandle, protocolURI, protocol);
        } else {
            throw new InappropriateProtocolForActionException("Hash", protocol.toString());
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) ECardException(org.openecard.common.ECardException) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) HashResponse(iso.std.iso_iec._24727.tech.schema.HashResponse) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) SALProtocol(org.openecard.addon.sal.SALProtocol) DIDScopeType(iso.std.iso_iec._24727.tech.schema.DIDScopeType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) NameExistsException(org.openecard.common.sal.exception.NameExistsException) AddonNotFoundException(org.openecard.addon.AddonNotFoundException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) ECardException(org.openecard.common.ECardException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) TLVException(org.openecard.common.tlv.TLVException) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException) Publish(org.openecard.common.interfaces.Publish)

Example 34 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method getRandom.

/**
 * The GetRandom function returns a random number which is suitable for authentication with the DID addressed with
 * DIDName.
 * See BSI-TR-03112-4, version 1.1.2, section 3.5.3.
 *
 * @param request GetRandom
 * @return GetRandomResponse
 */
@Publish
@Override
public GetRandomResponse getRandom(GetRandom request) {
    GetRandomResponse response = WSHelper.makeResponse(GetRandomResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        String didName = SALUtils.getDIDName(request);
        DIDScopeType didScope = request.getDIDScope();
        if (didScope == null) {
            didScope = DIDScopeType.LOCAL;
        }
        if (didScope.equals(DIDScopeType.LOCAL)) {
            byte[] necessaryApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
            if (!Arrays.equals(necessaryApp, applicationID)) {
                throw new SecurityConditionNotSatisfiedException("The wrong application is selected for getRandom()");
            }
        }
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
        Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
        String protocolURI = didStructure.getDIDMarker().getProtocol();
        SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
        if (protocol.hasNextStep(FunctionType.GetRandom)) {
            response = protocol.getRandom(request);
            removeFinishedProtocol(connectionHandle, protocolURI, protocol);
        } else {
            throw new InappropriateProtocolForActionException("GetRandom", protocol.toString());
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) ECardException(org.openecard.common.ECardException) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) GetRandomResponse(iso.std.iso_iec._24727.tech.schema.GetRandomResponse) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) SALProtocol(org.openecard.addon.sal.SALProtocol) DIDScopeType(iso.std.iso_iec._24727.tech.schema.DIDScopeType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) NameExistsException(org.openecard.common.sal.exception.NameExistsException) AddonNotFoundException(org.openecard.addon.AddonNotFoundException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) ECardException(org.openecard.common.ECardException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) TLVException(org.openecard.common.tlv.TLVException) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException) Publish(org.openecard.common.interfaces.Publish)

Example 35 with ConnectionHandleType

use of iso.std.iso_iec._24727.tech.schema.ConnectionHandleType in project open-ecard by ecsec.

the class TinySAL method cardApplicationConnect.

/**
 * The CardApplicationConnect function establishes an unauthenticated connection between the client
 * application and the card application.
 * See BSI-TR-03112-4, version 1.1.2, section 3.2.1.
 *
 * @param request CardApplicationConnect
 * @return CardApplicationConnectResponse
 */
@Override
public CardApplicationConnectResponse cardApplicationConnect(CardApplicationConnect request) {
    CardApplicationConnectResponse response = WSHelper.makeResponse(CardApplicationConnectResponse.class, WSHelper.makeResultOK());
    try {
        CardApplicationPathType cardAppPath = request.getCardApplicationPath();
        Assert.assertIncorrectParameter(cardAppPath, "The parameter CardAppPathRequest is empty.");
        Set<CardStateEntry> cardStateEntrySet = states.getMatchingEntries(cardAppPath, false);
        Assert.assertIncorrectParameter(cardStateEntrySet, "The given ConnectionHandle is invalid.");
        /*
	     * [TR-03112-4] If the provided path fragments are valid for more than one card application
	     * the eCard-API-Framework SHALL return any of the possible choices.
	     */
        CardStateEntry cardStateEntry = cardStateEntrySet.iterator().next();
        byte[] applicationID = cardAppPath.getCardApplication();
        if (applicationID == null) {
            if (cardStateEntry.getImplicitlySelectedApplicationIdentifier() != null) {
                applicationID = cardStateEntry.getImplicitlySelectedApplicationIdentifier();
            } else {
                applicationID = MF;
            }
        }
        Assert.securityConditionApplication(cardStateEntry, applicationID, ConnectionServiceActionName.CARD_APPLICATION_CONNECT);
        // Connect to the card
        ConnectionHandleType handle = cardStateEntry.handleCopy();
        cardStateEntry = cardStateEntry.derive(handle);
        Connect connect = new Connect();
        connect.setContextHandle(handle.getContextHandle());
        connect.setIFDName(handle.getIFDName());
        connect.setSlot(handle.getSlotIndex());
        ConnectResponse connectResponse = (ConnectResponse) env.getDispatcher().safeDeliver(connect);
        WSHelper.checkResult(connectResponse);
        // Select the card application
        CardCommandAPDU select;
        // TODO: proper determination of path, file and app id
        if (applicationID.length == 2) {
            select = new Select.File(applicationID);
            List<byte[]> responses = new ArrayList<>();
            responses.add(TrailerConstants.Success.OK());
            responses.add(TrailerConstants.Error.WRONG_P1_P2());
            CardResponseAPDU resp = select.transmit(env.getDispatcher(), connectResponse.getSlotHandle(), responses);
            if (Arrays.equals(resp.getTrailer(), TrailerConstants.Error.WRONG_P1_P2())) {
                select = new Select.AbsolutePath(applicationID);
                select.transmit(env.getDispatcher(), connectResponse.getSlotHandle());
            }
        } else {
            select = new Select.Application(applicationID);
            select.transmit(env.getDispatcher(), connectResponse.getSlotHandle());
        }
        cardStateEntry.setCurrentCardApplication(applicationID);
        cardStateEntry.setSlotHandle(connectResponse.getSlotHandle());
        // reset the ef FCP
        cardStateEntry.unsetFCPOfSelectedEF();
        states.addEntry(cardStateEntry);
        response.setConnectionHandle(cardStateEntry.handleCopy());
        response.getConnectionHandle().setCardApplication(applicationID);
    } catch (ECardException e) {
        response.setResult(e.getResult());
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardCommandAPDU(org.openecard.common.apdu.common.CardCommandAPDU) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) ConnectResponse(iso.std.iso_iec._24727.tech.schema.ConnectResponse) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) Connect(iso.std.iso_iec._24727.tech.schema.Connect) ArrayList(java.util.ArrayList) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse) CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) ECardException(org.openecard.common.ECardException) Select(org.openecard.common.apdu.Select) CardApplicationSelect(iso.std.iso_iec._24727.tech.schema.CardApplicationSelect) DataSetSelect(iso.std.iso_iec._24727.tech.schema.DataSetSelect) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU)

Aggregations

ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)110 CardStateEntry (org.openecard.common.sal.state.CardStateEntry)47 ECardException (org.openecard.common.ECardException)43 IncorrectParameterException (org.openecard.common.sal.exception.IncorrectParameterException)37 ThreadTerminateException (org.openecard.common.ThreadTerminateException)36 NamedEntityNotFoundException (org.openecard.common.sal.exception.NamedEntityNotFoundException)34 UnknownProtocolException (org.openecard.common.sal.exception.UnknownProtocolException)34 TLVException (org.openecard.common.tlv.TLVException)29 AddonNotFoundException (org.openecard.addon.AddonNotFoundException)28 InappropriateProtocolForActionException (org.openecard.common.sal.exception.InappropriateProtocolForActionException)28 NameExistsException (org.openecard.common.sal.exception.NameExistsException)28 PrerequisitesNotSatisfiedException (org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException)28 SecurityConditionNotSatisfiedException (org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException)28 UnknownConnectionHandleException (org.openecard.common.sal.exception.UnknownConnectionHandleException)28 DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)22 Publish (org.openecard.common.interfaces.Publish)17 CardApplicationConnectResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)15 ArrayList (java.util.ArrayList)15 CardApplicationConnect (iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)14 CardApplicationPathType (iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)14