Example 6 with DIDList
use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.
the class DidInfos method getDidNames.
synchronized Map<byte[], List<String>> getDidNames() throws WSHelper.WSException {
if (allDidNames == null) {
allDidNames = new TreeMap<>(new ByteComparator());
// check out all applications
for (byte[] application : getApplicationsInt()) {
try {
DIDList req = new DIDList();
req.setConnectionHandle(getHandle());
DIDQualifierType filter = new DIDQualifierType();
filter.setApplicationIdentifier(application);
req.setFilter(filter);
DIDListResponse res = (DIDListResponse) dispatcher.safeDeliver(req);
WSHelper.checkResult(res);
if (res.getDIDNameList() != null) {
allDidNames.put(application, Collections.unmodifiableList(res.getDIDNameList().getDIDName()));
}
} catch (WSHelper.WSException ex) {
// skip this application
}
}
// prevent modification
allDidNames = Collections.unmodifiableMap(allDidNames);
}
return allDidNames;
}
Also used :
ByteComparator(org.openecard.common.util.ByteComparator)
WSHelper(org.openecard.common.WSHelper)
DIDList(iso.std.iso_iec._24727.tech.schema.DIDList)
DIDQualifierType(iso.std.iso_iec._24727.tech.schema.DIDQualifierType)
DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse)
Example 7 with DIDList
use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.
the class GenericCryptographyProtocolTest method testSign.
/**
* Test for the Sign Step of the Generic Cryptography protocol. After we connected to the ESIGN application of the
* eGK, we use DIDList to get a List of DIDs that support the compute signature function. For each DID we let the
* card compute a signature. If the result is OK we're satisfied.
*
* @throws Exception
* when something in this test went unexpectedly wrong
*/
@Test(enabled = TESTS_ENABLED)
public void testSign() throws Exception {
CardApplicationPath cardApplicationPath = new CardApplicationPath();
CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
cardApplicationPathType.setCardApplication(cardApplication);
cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
WSHelper.checkResult(cardApplicationPathResponse);
CardApplicationConnect parameters = new CardApplicationConnect();
CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
WSHelper.checkResult(result);
assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
DIDList didList = new DIDList();
didList.setConnectionHandle(result.getConnectionHandle());
DIDQualifierType didQualifier = new DIDQualifierType();
didQualifier.setApplicationIdentifier(cardApplication);
didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
didQualifier.setApplicationFunction("Compute-signature");
didList.setFilter(didQualifier);
DIDListResponse didListResponse = instance.didList(didList);
assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
WSHelper.checkResult(didListResponse);
DIDAuthenticate didAthenticate = new DIDAuthenticate();
didAthenticate.setDIDName("PIN.home");
PinCompareDIDAuthenticateInputType didAuthenticationData = new PinCompareDIDAuthenticateInputType();
didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
didAthenticate.setConnectionHandle(result.getConnectionHandle());
didAthenticate.getConnectionHandle().setCardApplication(cardApplication_ROOT);
didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
DIDAuthenticateResponse didAuthenticateResult = instance.didAuthenticate(didAthenticate);
WSHelper.checkResult(didAuthenticateResult);
assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getAny().size(), 0);
assertEquals(ECardConstants.Major.OK, didAuthenticateResult.getResult().getResultMajor());
for (int numOfDIDs = 0; numOfDIDs < didListResponse.getDIDNameList().getDIDName().size(); numOfDIDs++) {
String didName = didListResponse.getDIDNameList().getDIDName().get(numOfDIDs);
System.out.println(didName);
DIDGet didGet = new DIDGet();
didGet.setDIDName(didName);
didGet.setDIDScope(DIDScopeType.LOCAL);
didGet.setConnectionHandle(result.getConnectionHandle());
didGet.getConnectionHandle().setCardApplication(cardApplication);
DIDGetResponse didGetResponse = instance.didGet(didGet);
org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
Sign sign = new Sign();
byte[] message = StringUtils.toByteArray("616263646263646563646566646566676566676861");
String algorithm = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
if (algorithm.equals(GenericCryptoUris.sigS_ISO9796_2rnd)) {
// TODO support for sign9796_2_DS2
continue;
}
sign.setMessage(message);
sign.setConnectionHandle(result.getConnectionHandle());
sign.getConnectionHandle().setCardApplication(cardApplication);
sign.setDIDName(didName);
sign.setDIDScope(DIDScopeType.LOCAL);
SignResponse signResponse = instance.sign(sign);
WSHelper.checkResult(signResponse);
assertTrue(signResponse.getSignature() != null);
}
}
Also used :
DIDList(iso.std.iso_iec._24727.tech.schema.DIDList)
PinCompareDIDAuthenticateInputType(iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType)
CardAppPathResultSet(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet)
DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse)
CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)
CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)
SignResponse(iso.std.iso_iec._24727.tech.schema.SignResponse)
DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet)
DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)
CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse)
DIDQualifierType(iso.std.iso_iec._24727.tech.schema.DIDQualifierType)
DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse)
CryptoMarkerType(iso.std.iso_iec._24727.tech.schema.CryptoMarkerType)
CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)
CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath)
DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)
Sign(iso.std.iso_iec._24727.tech.schema.Sign)
Test(org.testng.annotations.Test)
Example 8 with DIDList
use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.
the class GenericCryptographyProtocolTest method testVerifySignature.
/**
* Test for the VerifySignature Step of the Generic Cryptography protocol. After we connected to the ESIGN
* application of the eGK, we use DIDList to get a List of DIDs that support the compute signature function. We
* then authenticate with PIN.home and let the card sign our message. Afterwards we call VerifySignature for that
* signature which should return OK.
*
* @throws Exception
* when something in this test went unexpectedly wrong
*/
@Test(enabled = TESTS_ENABLED)
public void testVerifySignature() throws Exception {
CardApplicationPath cardApplicationPath = new CardApplicationPath();
CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
cardApplicationPathType.setCardApplication(cardApplication);
cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
WSHelper.checkResult(cardApplicationPathResponse);
CardApplicationConnect parameters = new CardApplicationConnect();
CardAppPathResultSet cardAppPathResultSet = cardApplicationPathResponse.getCardAppPathResultSet();
parameters.setCardApplicationPath(cardAppPathResultSet.getCardApplicationPathResult().get(0));
CardApplicationConnectResponse result = instance.cardApplicationConnect(parameters);
WSHelper.checkResult(result);
assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
DIDList didList = new DIDList();
didList.setConnectionHandle(result.getConnectionHandle());
DIDQualifierType didQualifier = new DIDQualifierType();
didQualifier.setApplicationIdentifier(cardApplication);
didQualifier.setObjectIdentifier(ECardConstants.Protocol.GENERIC_CRYPTO);
didQualifier.setApplicationFunction("Compute-signature");
didList.setFilter(didQualifier);
DIDListResponse didListResponse = instance.didList(didList);
assertTrue(didListResponse.getDIDNameList().getDIDName().size() > 0);
WSHelper.checkResult(didListResponse);
DIDAuthenticate didAthenticate = new DIDAuthenticate();
didAthenticate.setDIDName("PIN.home");
PinCompareDIDAuthenticateInputType didAuthenticationData = new PinCompareDIDAuthenticateInputType();
didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
didAthenticate.setConnectionHandle(result.getConnectionHandle());
didAthenticate.getConnectionHandle().setCardApplication(cardApplication_ROOT);
didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
didAthenticate.setAuthenticationProtocolData(didAuthenticationData);
DIDAuthenticateResponse didAuthenticateResult = instance.didAuthenticate(didAthenticate);
WSHelper.checkResult(didAuthenticateResult);
assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
assertEquals(didAuthenticateResult.getAuthenticationProtocolData().getAny().size(), 0);
assertEquals(ECardConstants.Major.OK, didAuthenticateResult.getResult().getResultMajor());
for (int numOfDIDs = 0; numOfDIDs < didListResponse.getDIDNameList().getDIDName().size(); numOfDIDs++) {
String didName = didListResponse.getDIDNameList().getDIDName().get(numOfDIDs);
DIDGet didGet = new DIDGet();
didGet.setDIDName(didName);
didGet.setDIDScope(DIDScopeType.LOCAL);
didGet.setConnectionHandle(result.getConnectionHandle());
didGet.getConnectionHandle().setCardApplication(cardApplication);
DIDGetResponse didGetResponse = instance.didGet(didGet);
Sign sign = new Sign();
byte[] message = new byte[] { 0x01, 0x02, 0x03 };
org.openecard.crypto.common.sal.did.CryptoMarkerType cryptoMarker = new org.openecard.crypto.common.sal.did.CryptoMarkerType((CryptoMarkerType) didGetResponse.getDIDStructure().getDIDMarker());
String algorithmIdentifier = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
if (algorithmIdentifier.equals(GenericCryptoUris.RSASSA_PSS_SHA256)) {
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
message = messageDigest.digest(message);
} else if (algorithmIdentifier.equals(GenericCryptoUris.RSA_ENCRYPTION)) {
// do nothing
} else {
LOG.warn("Skipping decipher for the unsupported algorithmIdentifier: {}", algorithmIdentifier);
continue;
}
sign.setMessage(message);
sign.setConnectionHandle(result.getConnectionHandle());
sign.getConnectionHandle().setCardApplication(cardApplication);
sign.setDIDName(didName);
sign.setDIDScope(DIDScopeType.LOCAL);
SignResponse signResponse = instance.sign(sign);
assertEquals(ECardConstants.Major.OK, signResponse.getResult().getResultMajor());
WSHelper.checkResult(signResponse);
byte[] signature = signResponse.getSignature();
VerifySignature verifySignature = new VerifySignature();
verifySignature.setConnectionHandle(sign.getConnectionHandle());
verifySignature.setDIDName(didName);
verifySignature.setDIDScope(DIDScopeType.LOCAL);
verifySignature.setMessage(message);
verifySignature.setSignature(signature);
VerifySignatureResponse verifySignatureResponse = instance.verifySignature(verifySignature);
WSHelper.checkResult(verifySignatureResponse);
}
}
Also used :
DIDList(iso.std.iso_iec._24727.tech.schema.DIDList)
PinCompareDIDAuthenticateInputType(iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType)
CardAppPathResultSet(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet)
DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse)
CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)
CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)
SignResponse(iso.std.iso_iec._24727.tech.schema.SignResponse)
DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet)
MessageDigest(java.security.MessageDigest)
DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)
CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse)
DIDQualifierType(iso.std.iso_iec._24727.tech.schema.DIDQualifierType)
DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse)
CryptoMarkerType(iso.std.iso_iec._24727.tech.schema.CryptoMarkerType)
CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)
VerifySignatureResponse(iso.std.iso_iec._24727.tech.schema.VerifySignatureResponse)
VerifySignature(iso.std.iso_iec._24727.tech.schema.VerifySignature)
CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath)
DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)
Sign(iso.std.iso_iec._24727.tech.schema.Sign)
Test(org.testng.annotations.Test)
Example 9 with DIDList
use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.
the class ChangePinInSALAction method getPinDid.
@Nonnull
private String getPinDid(ConnectionHandleType handle) throws WSException {
// get all DIDs
DIDList listReq = new DIDList();
listReq.setConnectionHandle(handle);
DIDListResponse listRes = (DIDListResponse) dispatcher.safeDeliver(listReq);
WSHelper.checkResult(listRes);
// find pin did
for (String didName : listRes.getDIDNameList().getDIDName()) {
DIDGet getReq = new DIDGet();
getReq.setConnectionHandle(handle);
getReq.setDIDName(didName);
DIDGetResponse getRes = (DIDGetResponse) dispatcher.safeDeliver(getReq);
// don't check result, just see if we have a response
DIDStructureType struct = getRes.getDIDStructure();
if (struct != null) {
if ("urn:oid:1.3.162.15480.3.0.9".equals(struct.getDIDMarker().getProtocol())) {
return didName;
}
}
}
Result r = WSHelper.makeResultError(ECardConstants.Minor.SAL.INAPPROPRIATE_PROTOCOL_FOR_ACTION, "No PIN DID found.");
throw WSHelper.createException(r);
}
Also used :
DIDList(iso.std.iso_iec._24727.tech.schema.DIDList)
DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet)
DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse)
DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)
DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse)
Result(oasis.names.tc.dss._1_0.core.schema.Result)
Nonnull(javax.annotation.Nonnull)
Example 10 with DIDList
use of iso.std.iso_iec._24727.tech.schema.DIDList in project open-ecard by ecsec.
the class SALFileUtils method selectAppByDID.
/**
* The method connects the given card to the CardApplication containing the requested DID Name.
*
* @param didName Name of the DID which is contained in the application to connect.
* @param handle ConnectionHandle which identifies Card and Terminal.
* @return The handle describing the new state of the card.
* @throws WSException Thrown in case any of the requested eCard API methods returned an error, or no application of
* the specified card contains the requested DID name.
*/
@Nonnull
public ConnectionHandleType selectAppByDID(@Nonnull String didName, @Nonnull ConnectionHandleType handle) throws WSException {
// copy handle so that the given handle is not damaged
handle = HandlerUtils.copyHandle(handle);
// get all card applications
CardApplicationList cardApps = new CardApplicationList();
cardApps.setConnectionHandle(handle);
CardApplicationListResponse cardAppsResp = (CardApplicationListResponse) dispatcher.safeDeliver(cardApps);
WSHelper.checkResult(cardAppsResp);
List<byte[]> cardApplications = cardAppsResp.getCardApplicationNameList().getCardApplicationName();
// check if our data set is in any of the applications
for (byte[] app : cardApplications) {
DIDList didListReq = new DIDList();
handle.setCardApplication(app);
didListReq.setConnectionHandle(handle);
DIDListResponse didListResp = (DIDListResponse) dispatcher.safeDeliver(didListReq);
WSHelper.checkResult(didListResp);
if (didListResp.getDIDNameList().getDIDName().contains(didName)) {
handle = selectApplication(app, handle);
return handle;
}
}
// data set not found
String msg = "Failed to find the requested DID (%s) in any of the applications of the specified card.";
msg = String.format(msg, didName);
Result r = WSHelper.makeResultError(ECardConstants.Minor.SAL.FILE_NOT_FOUND, msg);
throw WSHelper.createException(r);
}
Also used :
CardApplicationListResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationListResponse)
DIDList(iso.std.iso_iec._24727.tech.schema.DIDList)
CardApplicationList(iso.std.iso_iec._24727.tech.schema.CardApplicationList)
DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse)
Result(oasis.names.tc.dss._1_0.core.schema.Result)
Nonnull(javax.annotation.Nonnull)
Aggregations
DIDListResponse (iso.std.iso_iec._24727.tech.schema.DIDListResponse)10
DIDList (iso.std.iso_iec._24727.tech.schema.DIDList)9
DIDQualifierType (iso.std.iso_iec._24727.tech.schema.DIDQualifierType)8
CardApplicationConnect (iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)6
CardApplicationConnectResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)6
CardApplicationPath (iso.std.iso_iec._24727.tech.schema.CardApplicationPath)6
CardApplicationPathResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse)6
CardApplicationPathType (iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)6
DIDGet (iso.std.iso_iec._24727.tech.schema.DIDGet)6
DIDGetResponse (iso.std.iso_iec._24727.tech.schema.DIDGetResponse)6
Test (org.testng.annotations.Test)6
CardAppPathResultSet (iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse.CardAppPathResultSet)4
CryptoMarkerType (iso.std.iso_iec._24727.tech.schema.CryptoMarkerType)4
DIDAuthenticate (iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)3
DIDAuthenticateResponse (iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)3
PinCompareDIDAuthenticateInputType (iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType)3
Result (oasis.names.tc.dss._1_0.core.schema.Result)3
Sign (iso.std.iso_iec._24727.tech.schema.Sign)2
SignResponse (iso.std.iso_iec._24727.tech.schema.SignResponse)2
Nonnull (javax.annotation.Nonnull)2
