Search in sources :

Example 6 with DIDList

use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.

the class DidInfos method getDidNames.

synchronized Map<byte[], List<String>> getDidNames() throws WSHelper.WSException {
    if (allDidNames == null) {
        allDidNames = new TreeMap<>(new ByteComparator());
        // check out all applications
        for (byte[] application : getApplicationsInt()) {
            try {
                DIDList req = new DIDList();
                req.setConnectionHandle(getHandle());
                DIDQualifierType filter = new DIDQualifierType();
                filter.setApplicationIdentifier(application);
                req.setFilter(filter);
                DIDListResponse res = (DIDListResponse) dispatcher.safeDeliver(req);
                WSHelper.checkResult(res);
                if (res.getDIDNameList() != null) {
                    allDidNames.put(application, Collections.unmodifiableList(res.getDIDNameList().getDIDName()));
                }
            } catch (WSHelper.WSException ex) {
            // skip this application
            }
        }
        // prevent modification
        allDidNames = Collections.unmodifiableMap(allDidNames);
    }
    return allDidNames;
}
Also used : ByteComparator(org.openecard.common.util.ByteComparator) WSHelper(org.openecard.common.WSHelper) DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) DIDQualifierType(iso.std.iso_iec._24727.tech.schema.DIDQualifierType) DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse)

Example 7 with DIDList

use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.

the class GenericCryptographyProtocolTest method testSign.

/**
 * Test for the Sign Step of the Generic Cryptography protocol. After we connected to the ESIGN application of the
 * eGK, we use DIDList to get a List of DIDs that support the compute signature function. For each DID we let the
 * card compute a signature. If the result is OK we're satisfied.
 *
 * @throws Exception
 *             when something in this test went unexpectedly wrong
 */
@Test(enabled = TESTS_ENABLED)
public void testSign() throws Exception {
    CardApplicationPath cardApplicationPath = new CardApplicationPath();
    CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
    cardApplicationPathType.setCardApplication(cardApplication);
    cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
    CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
    WSHelper.checkResult(cardApplicationPathResponse);
    CardApplicationConnect parameters = new CardApplicationConnect();
    CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
    parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
    CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
    WSHelper.checkResult(result);
    assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
    DIDList didList = new DIDList();
    didList.setConnectionHandle(result.getConnectionHandle());
    DIDQualifierType didQualifier = new DIDQualifierType();
    didQualifier.setApplicationIdentifier(cardApplication);
    didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
    didQualifier.setApplicationFunction("Compute-signature");
    didList.setFilter(didQualifier);
    DIDListResponse didListResponse = instance.didList(didList);
    assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
    WSHelper.checkResult(didListResponse);
    DIDAuthenticate didAthenticate = new DIDAuthenticate();
    didAthenticate.setDIDName("PIN.home");
    PinCompareDIDAuthenticateInputType didAuthenticationData = new PinCompareDIDAuthenticateInputType();
    didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
    didAthenticate.setConnectionHandle(result.getConnectionHandle());
    didAthenticate.getConnectionHandle().setCardApplication(cardApplication_ROOT);
    didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
    didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
    DIDAuthenticateResponse didAuthenticateResult = instance.didAuthenticate(didAthenticate);
    WSHelper.checkResult(didAuthenticateResult);
    assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
    assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getAny().size(), 0);
    assertEquals(ECardConstants.Major.OK, didAuthenticateResult.getResult().getResultMajor());
    for (int numOfDIDs = 0; numOfDIDs < didListResponse.getDIDNameList().getDIDName().size(); numOfDIDs++) {
        String didName = didListResponse.getDIDNameList().getDIDName().get(numOfDIDs);
        System.out.println(didName);
        DIDGet didGet = new DIDGet();
        didGet.setDIDName(didName);
        didGet.setDIDScope(DIDScopeType.LOCAL);
        didGet.setConnectionHandle(result.getConnectionHandle());
        didGet.getConnectionHandle().setCardApplication(cardApplication);
        DIDGetResponse didGetResponse = instance.didGet(didGet);
        org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
        Sign sign = new Sign();
        byte[] message = StringUtils.toByteArray("616263646263646563646566646566676566676861");
        String algorithm = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
        if (algorithm.equals(GenericCryptoUris.sigS_ISO9796_2rnd)) {
            // TODO support for sign9796_2_DS2
            continue;
        }
        sign.setMessage(message);
        sign.setConnectionHandle(result.getConnectionHandle());
        sign.getConnectionHandle().setCardApplication(cardApplication);
        sign.setDIDName(didName);
        sign.setDIDScope(DIDScopeType.LOCAL);
        SignResponse signResponse = instance.sign(sign);
        WSHelper.checkResult(signResponse);
        assertTrue(signResponse.getSignature() != null);
    }
}
Also used : DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) PinCompareDIDAuthenticateInputType(iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType) CardAppPathResultSet(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet) DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse) CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) SignResponse(iso.std.iso_iec._24727.tech.schema.SignResponse) DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet) DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate) CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse) DIDQualifierType(iso.std.iso_iec._24727.tech.schema.DIDQualifierType) DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse) CryptoMarkerType(iso.std.iso_iec._24727.tech.schema.CryptoMarkerType) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse) CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) Sign(iso.std.iso_iec._24727.tech.schema.Sign) Test(org.testng.annotations.Test)

Example 8 with DIDList

use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.

the class GenericCryptographyProtocolTest method testVerifySignature.

/**
 * Test for the VerifySignature Step of the Generic Cryptography protocol. After we connected to the ESIGN
 * application of the eGK, we use DIDList to get a List of DIDs that support the compute signature function. We
 * then authenticate with PIN.home and let the card sign our message. Afterwards we call VerifySignature for that
 * signature which should return OK.
 *
 * @throws Exception
 *             when something in this test went unexpectedly wrong
 */
@Test(enabled = TESTS_ENABLED)
public void testVerifySignature() throws Exception {
    CardApplicationPath cardApplicationPath = new CardApplicationPath();
    CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
    cardApplicationPathType.setCardApplication(cardApplication);
    cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
    CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
    WSHelper.checkResult(cardApplicationPathResponse);
    CardApplicationConnect parameters = new CardApplicationConnect();
    CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
    parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
    CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
    WSHelper.checkResult(result);
    assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
    DIDList didList = new DIDList();
    didList.setConnectionHandle(result.getConnectionHandle());
    DIDQualifierType didQualifier = new DIDQualifierType();
    didQualifier.setApplicationIdentifier(cardApplication);
    didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
    didQualifier.setApplicationFunction("Compute-signature");
    didList.setFilter(didQualifier);
    DIDListResponse didListResponse = instance.didList(didList);
    assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
    WSHelper.checkResult(didListResponse);
    DIDAuthenticate didAthenticate = new DIDAuthenticate();
    didAthenticate.setDIDName("PIN.home");
    PinCompareDIDAuthenticateInputType didAuthenticationData = new PinCompareDIDAuthenticateInputType();
    didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
    didAthenticate.setConnectionHandle(result.getConnectionHandle());
    didAthenticate.getConnectionHandle().setCardApplication(cardApplication_ROOT);
    didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
    didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
    DIDAuthenticateResponse didAuthenticateResult = instance.didAuthenticate(didAthenticate);
    WSHelper.checkResult(didAuthenticateResult);
    assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
    assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getAny().size(), 0);
    assertEquals(ECardConstants.Major.OK, didAuthenticateResult.getResult().getResultMajor());
    for (int numOfDIDs = 0; numOfDIDs < didListResponse.getDIDNameList().getDIDName().size(); numOfDIDs++) {
        String didName = didListResponse.getDIDNameList().getDIDName().get(numOfDIDs);
        DIDGet didGet = new DIDGet();
        didGet.setDIDName(didName);
        didGet.setDIDScope(DIDScopeType.LOCAL);
        didGet.setConnectionHandle(result.getConnectionHandle());
        didGet.getConnectionHandle().setCardApplication(cardApplication);
        DIDGetResponse didGetResponse = instance.didGet(didGet);
        Sign sign = new Sign();
        byte[] message = new byte[] { 0x01, 0x02, 0x03 };
        org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
        String algorithmIdentifier = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
        if (algorithmIdentifier.equals(GenericCryptoUris.RSASSA_PSS_SHA256)) {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            message = messageDigest.digest(message);
        } else if (algorithmIdentifier.equals(GenericCryptoUris.RSA_ENCRYPTION)) {
        // do nothing
        } else {
            LOG.warn("Skipping decipher for the unsupported algorithmIdentifier: {}", algorithmIdentifier);
            continue;
        }
        sign.setMessage(message);
        sign.setConnectionHandle(result.getConnectionHandle());
        sign.getConnectionHandle().setCardApplication(cardApplication);
        sign.setDIDName(didName);
        sign.setDIDScope(DIDScopeType.LOCAL);
        SignResponse signResponse = instance.sign(sign);
        assertEquals(ECardConstants.Major.OK, signResponse.getResult().getResultMajor());
        WSHelper.checkResult(signResponse);
        byte[] signature = signResponse.getSignature();
        VerifySignature verifySignature = new VerifySignature();
        verifySignature.setConnectionHandle(sign.getConnectionHandle());
        verifySignature.setDIDName(didName);
        verifySignature.setDIDScope(DIDScopeType.LOCAL);
        verifySignature.setMessage(message);
        verifySignature.setSignature(signature);
        VerifySignatureResponse verifySignatureResponse = instance.verifySignature(verifySignature);
        WSHelper.checkResult(verifySignatureResponse);
    }
}
Also used : DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) PinCompareDIDAuthenticateInputType(iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType) CardAppPathResultSet(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet) DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse) CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) SignResponse(iso.std.iso_iec._24727.tech.schema.SignResponse) DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet) MessageDigest(java.security.MessageDigest) DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate) CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse) DIDQualifierType(iso.std.iso_iec._24727.tech.schema.DIDQualifierType) DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse) CryptoMarkerType(iso.std.iso_iec._24727.tech.schema.CryptoMarkerType) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse) VerifySignatureResponse(iso.std.iso_iec._24727.tech.schema.VerifySignatureResponse) VerifySignature(iso.std.iso_iec._24727.tech.schema.VerifySignature) CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) Sign(iso.std.iso_iec._24727.tech.schema.Sign) Test(org.testng.annotations.Test)

Example 9 with DIDList

use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.

the class ChangePinInSALAction method getPinDid.

@Nonnull
private String getPinDid(ConnectionHandleType handle) throws WSException {
    // get all DIDs
    DIDList listReq = new DIDList();
    listReq.setConnectionHandle(handle);
    DIDListResponse listRes = (DIDListResponse) dispatcher.safeDeliver(listReq);
    WSHelper.checkResult(listRes);
    // find pin did
    for (String didName : listRes.getDIDNameList().getDIDName()) {
        DIDGet getReq = new DIDGet();
        getReq.setConnectionHandle(handle);
        getReq.setDIDName(didName);
        DIDGetResponse getRes = (DIDGetResponse) dispatcher.safeDeliver(getReq);
        // don't check result, just see if we have a response
        DIDStructureType struct = getRes.getDIDStructure();
        if (struct != null) {
            if ("urn:oid:1.3.162.15480.3.0.9".equals(struct.getDIDMarker().getProtocol())) {
                return didName;
            }
        }
    }
    Result r = WSHelper.makeResultError(ECardConstants.Minor.SAL.INAPPROPRIATE_PROTOCOL_FOR_ACTION, "No PIN DID found.");
    throw WSHelper.createException(r);
}
Also used : DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet) DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse) Result(oasis.names.tc.dss._1_0.core.schema.Result) Nonnull(javax.annotation.Nonnull)

Example 10 with DIDList

use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.

the class SALFileUtils method selectAppByDID.

/**
 * The method connects the given card to the CardApplication containing the requested DID Name.
 *
 * @param didName Name of the DID which is contained in the application to connect.
 * @param handle ConnectionHandle which identifies Card and Terminal.
 * @return The handle describing the new state of the card.
 * @throws WSException Thrown in case any of the requested eCard API methods returned an error, or no application of
 *   the specified card contains the requested DID name.
 */
@Nonnull
public ConnectionHandleType selectAppByDID(@Nonnull String didName, @Nonnull ConnectionHandleType handle) throws WSException {
    // copy handle so that the given handle is not damaged
    handle = HandlerUtils.copyHandle(handle);
    // get all card applications
    CardApplicationList cardApps = new CardApplicationList();
    cardApps.setConnectionHandle(handle);
    CardApplicationListResponse cardAppsResp = (CardApplicationListResponse) dispatcher.safeDeliver(cardApps);
    WSHelper.checkResult(cardAppsResp);
    List<byte[]> cardApplications = cardAppsResp.getCardApplicationNameList().getCardApplicationName();
    // check if our data set is in any of the applications
    for (byte[] app : cardApplications) {
        DIDList didListReq = new DIDList();
        handle.setCardApplication(app);
        didListReq.setConnectionHandle(handle);
        DIDListResponse didListResp = (DIDListResponse) dispatcher.safeDeliver(didListReq);
        WSHelper.checkResult(didListResp);
        if (didListResp.getDIDNameList().getDIDName().contains(didName)) {
            handle = selectApplication(app, handle);
            return handle;
        }
    }
    // data set not found
    String msg = "Failed to find the requested DID (%s) in any of the applications of the specified card.";
    msg = String.format(msg, didName);
    Result r = WSHelper.makeResultError(ECardConstants.Minor.SAL.FILE_NOT_FOUND, msg);
    throw WSHelper.createException(r);
}
Also used : CardApplicationListResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationListResponse) DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) CardApplicationList(iso.std.iso_iec._24727.tech.schema.CardApplicationList) DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse) Result(oasis.names.tc.dss._1_0.core.schema.Result) Nonnull(javax.annotation.Nonnull)

Aggregations

DIDListResponse (iso.std.iso_iec._24727.tech.schema.DIDListResponse)10 DIDList (iso.std.iso_iec._24727.tech.schema.DIDList)9 DIDQualifierType (iso.std.iso_iec._24727.tech.schema.DIDQualifierType)8 CardApplicationConnect (iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)6 CardApplicationConnectResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)6 CardApplicationPath (iso.std.iso_iec._24727.tech.schema.CardApplicationPath)6 CardApplicationPathResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse)6 CardApplicationPathType (iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)6 DIDGet (iso.std.iso_iec._24727.tech.schema.DIDGet)6 DIDGetResponse (iso.std.iso_iec._24727.tech.schema.DIDGetResponse)6 Test (org.testng.annotations.Test)6 CardAppPathResultSet (iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet)4 CryptoMarkerType (iso.std.iso_iec._24727.tech.schema.CryptoMarkerType)4 DIDAuthenticate (iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)3 DIDAuthenticateResponse (iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)3 PinCompareDIDAuthenticateInputType (iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType)3 Result (oasis.names.tc.dss._1_0.core.schema.Result)3 Sign (iso.std.iso_iec._24727.tech.schema.Sign)2 SignResponse (iso.std.iso_iec._24727.tech.schema.SignResponse)2 Nonnull (javax.annotation.Nonnull)2