Examples with DIDInfoType iso.std.iso_iec._24727.tech.schema.DIDInfoType used on opensource projects

Example 1 with DIDInfoType

use of iso.std.iso_iec._24727.tech.schema.DIDInfoType in project open-ecard by ecsec.

the class MiddlewareSAL method setPinNotAuth.

private void setPinNotAuth(CardStateEntry cardStateEntry) {
    LOG.info("Logout card session.");
    // This method only works in a avery limited way. All PIN DIDs get status unauth here.
    for (DIDInfoType didInfo : Collections.unmodifiableCollection(cardStateEntry.getAuthenticatedDIDs())) {
        if ("urn:oid:1.3.162.15480.3.0.9".equals(didInfo.getDifferentialIdentity().getDIDProtocol())) {
            cardStateEntry.removeAuthenticated(didInfo);
        }
    }
    // logout from session, or middleware doesn't hear the shot
    try {
        MwSession session = managedSessions.get(cardStateEntry.handleCopy().getSlotHandle());
        session.logout();
    } catch (CryptokiException ex) {
        LOG.info("Failed to logout from card.");
    }
}

Example 2 with DIDInfoType

use of iso.std.iso_iec._24727.tech.schema.DIDInfoType in project open-ecard by ecsec.

the class CIFCreator method addTokenInfo.

public CardInfoType addTokenInfo() throws WSMarshallerException, CryptokiException {
    LOG.debug("Adding information to CardInfo file for card type {}.", cif.getCardType().getObjectIdentifier());
    PIN_NAME = "USER_PIN";
    DIDInfoType pinDid = createPinDID();
    List<DIDInfoType> cryptoDids = getSignatureCryptoDIDs();
    List<DataSetInfoType> datasets = getCertificateDatasets();
    CardApplicationType app = cif.getApplicationCapabilities().getCardApplication().get(0);
    app.getDIDInfo().add(pinDid);
    app.getDIDInfo().addAll(cryptoDids);
    app.getDataSetInfo().addAll(datasets);
    return cif;
}

Example 3 with DIDInfoType

use of iso.std.iso_iec._24727.tech.schema.DIDInfoType in project open-ecard by ecsec.

the class CIFCreator method createPinDID.

private DIDInfoType createPinDID() throws WSMarshallerException {
    LOG.debug("Creating PinCompare DID object.");
    DIDInfoType di = new DIDInfoType();
    // create differential identity
    DifferentialIdentityType did = new DifferentialIdentityType();
    di.setDifferentialIdentity(did);
    String didName = PIN_NAME;
    did.setDIDName(didName);
    did.setDIDProtocol("urn:oid:1.3.162.15480.3.0.9");
    did.setDIDScope(DIDScopeType.GLOBAL);
    // create pin compare marker
    PinMarkerBuilder markerBuilder = new PinMarkerBuilder();
    KeyRefType kr = new KeyRefType();
    // value is irrelevant
    kr.setKeyRef(new byte[] { 0x01 });
    markerBuilder.setPinRef(kr);
    try {
        PasswordAttributesType pw = new PasswordAttributesType();
        MwToken tok = session.getSlot().getTokenInfo();
        long minPinLen = tok.getUlMinPinLen();
        long maxPinLen = tok.getUlMinPinLen();
        pw.setMinLength(BigInteger.valueOf(minPinLen));
        pw.setMaxLength(BigInteger.valueOf(maxPinLen));
        markerBuilder.setPwAttributes(pw);
    } catch (CryptokiException | NullPointerException ex) {
        LOG.warn("Unable to read min and max PIN length from middleware.");
    }
    // wrap pin compare marker and add to parent
    PinCompareMarkerType marker = markerBuilder.build();
    DIDMarkerType markerWrapper = new DIDMarkerType();
    markerWrapper.setPinCompareMarker(marker);
    did.setDIDMarker(markerWrapper);
    // create acl
    AccessControlListType acl = new AccessControlListType();
    di.setDIDACL(acl);
    List<AccessRuleType> rules = acl.getAccessRule();
    rules.add(createRuleTrue(AuthorizationServiceActionName.ACL_LIST));
    rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_LIST));
    rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_GET));
    rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_AUTHENTICATE));
    return di;
}

Example 4 with DIDInfoType

use of iso.std.iso_iec._24727.tech.schema.DIDInfoType in project open-ecard by ecsec.

the class TinySAL method aclList.

/**
 * The ACLList function returns the access control list for the stated target object (card application, data set, DID).
 * See BSI-TR-03112-4, version 1.1.2, section 3.7.1.
 *
 * @param request ACLList
 * @return ACLListResponse
 */
@Publish
@Override
public ACLListResponse aclList(ACLList request) {
    ACLListResponse response = WSHelper.makeResponse(ACLListResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        TargetNameType targetName = request.getTargetName();
        Assert.assertIncorrectParameter(targetName, "The parameter TargetName is empty.");
        // get the target values, according to the schema only one must exist, we pick the first existing ;-)
        byte[] targetAppId = targetName.getCardApplicationName();
        String targetDataSet = targetName.getDataSetName();
        String targetDid = targetName.getDIDName();
        CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
        byte[] handleAppId = connectionHandle.getCardApplication();
        if (targetDataSet != null) {
            DataSetInfoType dataSetInfo = cardInfoWrapper.getDataSet(targetDataSet, handleAppId);
            Assert.assertNamedEntityNotFound(dataSetInfo, "The given DataSet cannot be found.");
            response.setTargetACL(cardInfoWrapper.getDataSet(targetDataSet, handleAppId).getDataSetACL());
        } else if (targetDid != null) {
            DIDInfoType didInfo = cardInfoWrapper.getDIDInfo(targetDid, handleAppId);
            Assert.assertNamedEntityNotFound(didInfo, "The given DIDInfo cannot be found.");
            // TODO Check security condition ?
            response.setTargetACL(cardInfoWrapper.getDIDInfo(targetDid, handleAppId).getDIDACL());
        } else if (targetAppId != null) {
            CardApplicationWrapper cardApplication = cardInfoWrapper.getCardApplication(targetAppId);
            Assert.assertNamedEntityNotFound(cardApplication, "The given CardApplication cannot be found.");
            Assert.securityConditionApplication(cardStateEntry, targetAppId, AuthorizationServiceActionName.ACL_LIST);
            response.setTargetACL(cardInfoWrapper.getCardApplication(targetAppId).getCardApplicationACL());
        } else {
            throw new IncorrectParameterException("The given TargetName is invalid.");
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}

Example 5 with DIDInfoType

use of iso.std.iso_iec._24727.tech.schema.DIDInfoType in project open-ecard by ecsec.

the class AndroidMarshaller method parseDIDInfo.

private DIDInfoType parseDIDInfo(XmlPullParser parser) throws XmlPullParserException, IOException {
    DIDInfoType didInfo = new DIDInfoType();
    int eventType;
    do {
        parser.next();
        eventType = parser.getEventType();
        if (eventType == XmlPullParser.START_TAG) {
            if (parser.getName().equals("RequirementLevel")) {
                didInfo.setRequirementLevel(BasicRequirementsType.fromValue(parser.nextText()));
            } else if (parser.getName().equals("DIDACL")) {
                didInfo.setDIDACL(this.parseACL(parser, "DIDACL"));
            } else if (parser.getName().equals("DifferentialIdentity")) {
                didInfo.setDifferentialIdentity(this.parseDifferentialIdentity(parser));
            } else {
                throw new IOException(parser.getName() + " not yet implemented");
            }
        }
    } while (!(eventType == XmlPullParser.END_TAG && parser.getName().equals("DIDInfo")));
    return didInfo;
}