Example 1 with DIDAuthenticationStateType
use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType in project open-ecard by ecsec.
the class AndroidMarshaller method parseDIDAuthenticationState.
private DIDAuthenticationStateType parseDIDAuthenticationState(XmlPullParser parser) throws XmlPullParserException, IOException {
DIDAuthenticationStateType didAuthenticationState = new DIDAuthenticationStateType();
int eventType;
do {
parser.next();
eventType = parser.getEventType();
if (eventType == XmlPullParser.START_TAG) {
if (parser.getName().equals("DIDName")) {
didAuthenticationState.setDIDName(parser.nextText());
} else if (parser.getName().equals("DIDScope")) {
didAuthenticationState.setDIDScope(DIDScopeType.fromValue(parser.nextText()));
} else if (parser.getName().equals("DIDState")) {
didAuthenticationState.setDIDState(Boolean.parseBoolean(parser.nextText()));
} else if (parser.getName().equals("DIDStateQualifier")) {
didAuthenticationState.setDIDStateQualifier(StringUtils.toByteArray(parser.nextText()));
} else {
throw new IOException(parser.getName() + " not yet implemented");
}
}
} while (!(eventType == XmlPullParser.END_TAG && parser.getName().equals("DIDAuthentication")));
return didAuthenticationState;
}
Also used :
IOException(java.io.IOException)
DIDAuthenticationStateType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)
Example 2 with DIDAuthenticationStateType
use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType in project open-ecard by ecsec.
the class CIFCreator method createDidCond.
private SecurityConditionType createDidCond(String didName) {
SecurityConditionType cond = new SecurityConditionType();
DIDAuthenticationStateType authState = new DIDAuthenticationStateType();
authState.setDIDName(didName);
authState.setDIDState(true);
cond.setDIDAuthentication(authState);
return cond;
}
Also used :
SecurityConditionType(iso.std.iso_iec._24727.tech.schema.SecurityConditionType)
DIDAuthenticationStateType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)
Example 3 with DIDAuthenticationStateType
use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType in project open-ecard by ecsec.
the class ACLResolver method filterSatisfiedDIDs.
private List<DIDStructureType> filterSatisfiedDIDs(List<DIDAuthenticationStateType> states) throws WSException {
ArrayList<DIDStructureType> result = new ArrayList<>(states.size());
for (DIDAuthenticationStateType state : states) {
if (state.isDIDState()) {
// perform DIDGet to see if the DID is authenticated
DIDGet req = new DIDGet();
req.setConnectionHandle(handle);
req.setDIDName(state.getDIDName());
// search everywhere
req.setDIDScope(DIDScopeType.GLOBAL);
DIDGetResponse res = (DIDGetResponse) dispatcher.safeDeliver(req);
WSHelper.checkResult(res);
// add it if not authenticated
if (!res.getDIDStructure().isAuthenticated()) {
result.add(res.getDIDStructure());
}
}
}
return result;
}
Also used :
ArrayList(java.util.ArrayList)
DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet)
DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse)
DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)
DIDAuthenticationStateType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)
Example 4 with DIDAuthenticationStateType
use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType in project open-ecard by ecsec.
the class ACLResolver method getMissingDids.
private List<DIDStructureType> getMissingDids(List<AccessRuleType> acls, TargetNameType target) throws WSException, SecurityConditionUnsatisfiable {
// find the sign acl
ArrayList<AccessRuleType> tmpAcls = new ArrayList<>();
for (AccessRuleType next : acls) {
if (target.getDIDName() != null) {
CryptographicServiceActionName action = next.getAction().getCryptographicServiceAction();
if (CryptographicServiceActionName.SIGN.equals(action)) {
tmpAcls.add(next);
// there can be only one
break;
}
}
if (target.getDataSetName() != null) {
NamedDataServiceActionName action = next.getAction().getNamedDataServiceAction();
if (NamedDataServiceActionName.DATA_SET_SELECT.equals(action)) {
tmpAcls.add(next);
continue;
}
if (NamedDataServiceActionName.DSI_READ.equals(action)) {
tmpAcls.add(next);
continue;
}
}
}
ArrayList<DIDStructureType> result = new ArrayList<>();
for (AccessRuleType acl : tmpAcls) {
// get the most suitable DID in the tree
SecurityConditionType cond = normalize(acl.getSecurityCondition());
cond = getBestSecurityCondition(cond);
// flatten condition to list of unsatisfied dids
List<DIDAuthenticationStateType> authStates = flattenCondition(cond);
List<DIDStructureType> missingDIDs = filterSatisfiedDIDs(authStates);
result.addAll(missingDIDs);
}
// remove duplicates
TreeSet<String> newDids = new TreeSet<>();
Iterator<DIDStructureType> it = result.iterator();
while (it.hasNext()) {
// this code bluntly assumes, that did names are unique per cardinfo file
DIDStructureType next = it.next();
if (newDids.contains(next.getDIDName())) {
it.remove();
} else {
newDids.add(next.getDIDName());
}
}
return result;
}
Also used :
NamedDataServiceActionName(iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName)
ArrayList(java.util.ArrayList)
DIDAuthenticationStateType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)
TreeSet(java.util.TreeSet)
CryptographicServiceActionName(iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName)
AccessRuleType(iso.std.iso_iec._24727.tech.schema.AccessRuleType)
DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)
SecurityConditionType(iso.std.iso_iec._24727.tech.schema.SecurityConditionType)
Example 5 with DIDAuthenticationStateType
use of iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType in project open-ecard by ecsec.
the class CardStateEntry method checkSecurityCondition.
private boolean checkSecurityCondition(SecurityConditionType securityCondition) {
byte[] cardApplication;
try {
if (securityCondition.isAlways()) {
return true;
}
} catch (NullPointerException e) {
// ignore
}
if (securityCondition.getDIDAuthentication() != null) {
DIDAuthenticationStateType didAuthenticationState = securityCondition.getDIDAuthentication();
cardApplication = getInfo().getApplicationIdByDidName(didAuthenticationState.getDIDName(), null);
if (didAuthenticationState.isDIDState()) {
return isAuthenticated(didAuthenticationState.getDIDName(), cardApplication);
} else {
return !isAuthenticated(didAuthenticationState.getDIDName(), cardApplication);
}
} else if (securityCondition.getOr() != null) {
for (SecurityConditionType securityConditionOR : securityCondition.getOr().getSecurityCondition()) {
if (checkSecurityCondition(securityConditionOR)) {
return true;
}
}
} else if (securityCondition.getAnd() != null) {
for (SecurityConditionType securityConditionAND : securityCondition.getAnd().getSecurityCondition()) {
if (!checkSecurityCondition(securityConditionAND)) {
return false;
}
}
return true;
} else if (securityCondition.getNot() != null) {
return !checkSecurityCondition(securityCondition.getNot());
}
return false;
}
Also used :
DIDAuthenticationStateType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)
SecurityConditionType(iso.std.iso_iec._24727.tech.schema.SecurityConditionType)
Aggregations
DIDAuthenticationStateType (iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)5
SecurityConditionType (iso.std.iso_iec._24727.tech.schema.SecurityConditionType)3
DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)2
ArrayList (java.util.ArrayList)2
AccessRuleType (iso.std.iso_iec._24727.tech.schema.AccessRuleType)1
CryptographicServiceActionName (iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName)1
DIDGet (iso.std.iso_iec._24727.tech.schema.DIDGet)1
DIDGetResponse (iso.std.iso_iec._24727.tech.schema.DIDGetResponse)1
NamedDataServiceActionName (iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName)1
IOException (java.io.IOException)1
TreeSet (java.util.TreeSet)1
