Search in sources :

Example 1 with CryptographicServiceActionName

use of iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName in project open-ecard by ecsec.

the class CIFCreator method createAction.

private ActionNameType createAction(CryptographicServiceActionName actionName) {
    ActionNameType action = new ActionNameType();
    action.setCryptographicServiceAction(actionName);
    return action;
}
Also used : ActionNameType(iso.std.iso_iec._24727.tech.schema.ActionNameType)

Example 2 with CryptographicServiceActionName

use of iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName in project open-ecard by ecsec.

the class CIFCreator method createRuleTrue.

private AccessRuleType createRuleTrue(CryptographicServiceActionName actionName) {
    AccessRuleType rule = new AccessRuleType();
    rule.setCardApplicationServiceName("CryptographicService");
    rule.setAction(createAction(actionName));
    rule.setSecurityCondition(createTrueCond());
    return rule;
}
Also used : AccessRuleType(iso.std.iso_iec._24727.tech.schema.AccessRuleType)

Example 3 with CryptographicServiceActionName

use of iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName in project open-ecard by ecsec.

the class ACLResolver method getMissingDids.

private List<DIDStructureType> getMissingDids(List<AccessRuleType> acls, TargetNameType target) throws WSException, SecurityConditionUnsatisfiable {
    // find the sign acl
    ArrayList<AccessRuleType> tmpAcls = new ArrayList<>();
    for (AccessRuleType next : acls) {
        if (target.getDIDName() != null) {
            CryptographicServiceActionName action = next.getAction().getCryptographicServiceAction();
            if (CryptographicServiceActionName.SIGN.equals(action)) {
                tmpAcls.add(next);
                // there can be only one
                break;
            }
        }
        if (target.getDataSetName() != null) {
            NamedDataServiceActionName action = next.getAction().getNamedDataServiceAction();
            if (NamedDataServiceActionName.DATA_SET_SELECT.equals(action)) {
                tmpAcls.add(next);
                continue;
            }
            if (NamedDataServiceActionName.DSI_READ.equals(action)) {
                tmpAcls.add(next);
                continue;
            }
        }
    }
    ArrayList<DIDStructureType> result = new ArrayList<>();
    for (AccessRuleType acl : tmpAcls) {
        // get the most suitable DID in the tree
        SecurityConditionType cond = normalize(acl.getSecurityCondition());
        cond = getBestSecurityCondition(cond);
        // flatten condition to list of unsatisfied dids
        List<DIDAuthenticationStateType> authStates = flattenCondition(cond);
        List<DIDStructureType> missingDIDs = filterSatisfiedDIDs(authStates);
        result.addAll(missingDIDs);
    }
    // remove duplicates
    TreeSet<String> newDids = new TreeSet<>();
    Iterator<DIDStructureType> it = result.iterator();
    while (it.hasNext()) {
        // this code bluntly assumes, that did names are unique per cardinfo file
        DIDStructureType next = it.next();
        if (newDids.contains(next.getDIDName())) {
            it.remove();
        } else {
            newDids.add(next.getDIDName());
        }
    }
    return result;
}
Also used : NamedDataServiceActionName(iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName) ArrayList(java.util.ArrayList) DIDAuthenticationStateType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType) TreeSet(java.util.TreeSet) CryptographicServiceActionName(iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName) AccessRuleType(iso.std.iso_iec._24727.tech.schema.AccessRuleType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) SecurityConditionType(iso.std.iso_iec._24727.tech.schema.SecurityConditionType)

Aggregations

AccessRuleType (iso.std.iso_iec._24727.tech.schema.AccessRuleType)2 ActionNameType (iso.std.iso_iec._24727.tech.schema.ActionNameType)1 CryptographicServiceActionName (iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName)1 DIDAuthenticationStateType (iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)1 DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)1 NamedDataServiceActionName (iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName)1 SecurityConditionType (iso.std.iso_iec._24727.tech.schema.SecurityConditionType)1 ArrayList (java.util.ArrayList)1 TreeSet (java.util.TreeSet)1