Examples with DIDAuthenticateResponse iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse used on opensource projects

Example 11 with DIDAuthenticateResponse

use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse in project open-ecard by ecsec.

the class GenericCryptographyProtocolTest method testDecipher.

/**
 * Test for the Decipher Step of the Generic Cryptography protocol. After we connected to the ESIGN application
 * of the eGK, we use DIDList to get a List of DIDs that support the Decipher function. We then authenticate with
 * PIN.home and read the contents of the DIDs certificate. With it's public key we encrypt the contents of
 * plaintext.txt and finally let the card decrypt it through a call to Decipher. In the end we match the result with
 * the original plaintext.
 *
 * @throws Exception when something in this test went unexpectedly wrong
 */
@Test(enabled = TESTS_ENABLED)
public void testDecipher() throws Exception {
    CardApplicationPath cardApplicationPath = new CardApplicationPath();
    CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
    cardApplicationPathType.setCardApplication(cardApplication);
    cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
    CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
    WSHelper.checkResult(cardApplicationPathResponse);
    CardApplicationConnect parameters = new CardApplicationConnect();
    CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
    parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
    CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
    WSHelper.checkResult(result);
    assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
    DIDList didList = new DIDList();
    didList.setConnectionHandle(result.getConnectionHandle());
    DIDQualifierType didQualifier = new DIDQualifierType();
    didQualifier.setApplicationIdentifier(cardApplication);
    didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
    didQualifier.setApplicationFunction("Decipher");
    didList.setFilter(didQualifier);
    DIDListResponse didListResponse = instance.didList(didList);
    assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
    WSHelper.checkResult(didListResponse);
    DIDAuthenticate didAthenticate = new DIDAuthenticate();
    didAthenticate.setDIDName("PIN.home");
    PinCompareDIDAuthenticateInputType didAuthenticationData = new PinCompareDIDAuthenticateInputType();
    didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
    didAthenticate.setConnectionHandle(result.getConnectionHandle());
    didAthenticate.getConnectionHandle().setCardApplication(cardApplication_ROOT);
    didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
    didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
    DIDAuthenticateResponse didAuthenticateResult = instance.didAuthenticate(didAthenticate);
    WSHelper.checkResult(didAuthenticateResult);
    assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
    assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getAny().size(), 0);
    assertEquals(ECardConstants.Major.OK, didAuthenticateResult.getResult().getResultMajor());
    byte[] plaintextBytes = plaintext.getBytes();
    for (int numOfDIDs = 0; numOfDIDs < didListResponse.getDIDNameList().getDIDName().size(); numOfDIDs++) {
        String didName = didListResponse.getDIDNameList().getDIDName().get(numOfDIDs);
        DIDGet didGet = new DIDGet();
        didGet.setDIDName(didName);
        didGet.setDIDScope(DIDScopeType.LOCAL);
        didGet.setConnectionHandle(result.getConnectionHandle());
        didGet.getConnectionHandle().setCardApplication(cardApplication);
        DIDGetResponse didGetResponse = instance.didGet(didGet);
        org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
        ByteArrayOutputStream ciphertext = new ByteArrayOutputStream();
        // read the certificate
        DSIRead dsiRead = new DSIRead();
        dsiRead.setConnectionHandle(result.getConnectionHandle());
        dsiRead.getConnectionHandle().setCardApplication(cardApplication);
        dsiRead.setDSIName(cryptoMarker.getCertificateRefs().get(0).getDataSetName());
        DSIReadResponse dsiReadResponse = instance.dsiRead(dsiRead);
        assertEquals(ECardConstants.Major.OK, dsiReadResponse.getResult().getResultMajor());
        assertTrue(dsiReadResponse.getDSIContent().length > 0);
        // convert the contents to a certificate
        Certificate cert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(dsiReadResponse.getDSIContent()));
        Cipher cipher;
        int blocksize;
        String algorithmUri = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
        if (algorithmUri.equals(GenericCryptoUris.RSA_ENCRYPTION)) {
            cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(Cipher.ENCRYPT_MODE, cert);
            // keysize/8-pkcspadding = (2048)/8-11
            blocksize = 245;
        } else if (algorithmUri.equals(GenericCryptoUris.RSAES_OAEP)) {
            cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", new BouncyCastleProvider());
            cipher.init(Cipher.ENCRYPT_MODE, cert);
            blocksize = cipher.getBlockSize();
        } else {
            LOG.warn("Skipping decipher for the unsupported algorithmOID: {}", algorithmUri);
            continue;
        }
        int rest = plaintextBytes.length % blocksize;
        // encrypt block for block
        for (int offset = 0; offset < plaintextBytes.length; offset += blocksize) {
            if ((offset + blocksize) > plaintextBytes.length) {
                ciphertext.write(cipher.doFinal(plaintextBytes, offset, rest));
            } else {
                ciphertext.write(cipher.doFinal(plaintextBytes, offset, blocksize));
            }
        }
        Decipher decipher = new Decipher();
        decipher.setCipherText(ciphertext.toByteArray());
        decipher.setConnectionHandle(result.getConnectionHandle());
        decipher.getConnectionHandle().setCardApplication(cardApplication);
        decipher.setDIDName(didName);
        decipher.setDIDScope(DIDScopeType.LOCAL);
        DecipherResponse decipherResponse = instance.decipher(decipher);
        assertEquals(decipherResponse.getPlainText(), plaintextBytes);
        // test invalid ciphertext length (not divisible through blocksize without rest)
        decipher = new Decipher();
        decipher.setCipherText(ByteUtils.concatenate((byte) 0x00, ciphertext.toByteArray()));
        decipher.setConnectionHandle(result.getConnectionHandle());
        decipher.getConnectionHandle().setCardApplication(cardApplication);
        decipher.setDIDName(didName);
        decipher.setDIDScope(DIDScopeType.LOCAL);
        decipherResponse = instance.decipher(decipher);
        Result res = decipherResponse.getResult();
        assertEquals(res.getResultMajor(), ECardConstants.Major.ERROR);
        assertEquals(res.getResultMinor(), ECardConstants.Minor.App.INCORRECT_PARM);
    }
}

Example 12 with DIDAuthenticateResponse

use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse in project open-ecard by ecsec.

the class GenericCryptographyProtocolTest method testDIDAuthenticate.

@Test(enabled = TESTS_ENABLED)
public void testDIDAuthenticate() {
    // TODO write test as soon as implemented
    DIDAuthenticateResponse resp = instance.didAuthenticate(new DIDAuthenticate());
    assertEquals(resp.getResult().getResultMajor(), ECardConstants.Major.ERROR);
}

Example 13 with DIDAuthenticateResponse

use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse in project open-ecard by ecsec.

the class DidInfo method enterPin.

@Nullable
public BigInteger enterPin(@Nullable char[] pin) throws WSHelper.WSException {
    if (!isPinDid()) {
        throw new IllegalStateException("Enter PIN called for a DID which is not a PIN DID.");
    }
    try {
        PinCompareDIDAuthenticateInputType data = new PinCompareDIDAuthenticateInputType();
        data.setProtocol(getProtocol());
        // add PIN
        if (pin != null && pin.length != 0) {
            PINCompareDIDAuthenticateInputType builder = new PINCompareDIDAuthenticateInputType(data);
            builder.setPIN(pin);
            data = builder.getAuthDataType();
            builder.setPIN(null);
        }
        DIDAuthenticate req = new DIDAuthenticate();
        req.setConnectionHandle(didInfos.getHandle(application));
        req.setDIDName(didTarget.getDIDName());
        req.setDIDScope(this.didScope);
        req.setAuthenticationProtocolData(data);
        DIDAuthenticateResponse res = (DIDAuthenticateResponse) didInfos.getDispatcher().safeDeliver(req);
        WSHelper.checkResult(res);
        // check retry counter
        PINCompareDIDAuthenticateOutputType protoData;
        protoData = new PINCompareDIDAuthenticateOutputType(res.getAuthenticationProtocolData());
        BigInteger retryCounter = protoData.getRetryCounter();
        return retryCounter;
    } catch (ParserConfigurationException ex) {
        String msg = "Unexpected protocol data received in PIN Compare output.";
        LOG.error(msg, ex);
        throw new IllegalStateException(msg);
    }
}

Example 14 with DIDAuthenticateResponse

use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse in project open-ecard by ecsec.

the class TinySALTest method testDidAuthenticate.

/**
 * Test of didAuthenticate method, of class TinySAL.
 *
 * @throws ParserConfigurationException
 */
@Test(enabled = TESTS_ENABLED)
public void testDidAuthenticate() throws ParserConfigurationException {
    System.out.println("didAuthenticate");
    DIDAuthenticate parameters = new DIDAuthenticate();
    DIDAuthenticateResponse result = instance.didAuthenticate(parameters);
    assertEquals(ECardConstants.Major.ERROR, result.getResult().getResultMajor());
}

Example 15 with DIDAuthenticateResponse

use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse in project open-ecard by ecsec.

the class AndroidMarshallerTest method testConversionOfDIDAuthenticateResponseTA.

@Test
public void testConversionOfDIDAuthenticateResponseTA() throws Exception {
    WSMarshaller m = new AndroidMarshaller();
    DIDAuthenticateResponse didAuthResponse = new DIDAuthenticateResponse();
    Result r = new Result();
    r.setResultMajor("major");
    r.setResultMinor("minor");
    InternationalStringType internationalStringType = new InternationalStringType();
    internationalStringType.setLang("en");
    internationalStringType.setValue("message");
    r.setResultMessage(internationalStringType);
    didAuthResponse.setResult(r);
    EAC2OutputType didAuthenticationDataType = new EAC2OutputType();
    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    factory.setNamespaceAware(true);
    DocumentBuilder builder = factory.newDocumentBuilder();
    Document d = builder.newDocument();
    Element e = d.createElementNS("urn:iso:std:iso-iec:24727:tech:schema", "Challenge");
    e.setTextContent("1331F2B1571E6DC2");
    didAuthenticationDataType.getAny().add(e);
    didAuthResponse.setAuthenticationProtocolData(didAuthenticationDataType);
    marshalLog(didAuthResponse);
    Document doc = m.marshal(didAuthResponse);
    String s = m.doc2str(doc);
    LOG.debug(s);
    StringReader sr = new StringReader(s);
    DIDAuthenticateResponse didaresp = JAXB.unmarshal(sr, DIDAuthenticateResponse.class);
    marshalLog(didaresp);
}