Search in sources :

Example 6 with DIDScopeType

use of iso.std.iso_iec._24727.tech.schema.DIDScopeType in project open-ecard by ecsec.

the class TinySAL method verifySignature.

/**
 * The VerifySignature function verifies a digital signature.
 * See BSI-TR-03112-4, version 1.1.2, section 3.5.6.
 *
 * @param request VerifySignature
 * @return VerifySignatureResponse
 */
@Override
public VerifySignatureResponse verifySignature(VerifySignature request) {
    VerifySignatureResponse response = WSHelper.makeResponse(VerifySignatureResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        String didName = SALUtils.getDIDName(request);
        byte[] signature = request.getSignature();
        Assert.assertIncorrectParameter(signature, "The parameter Signature is empty.");
        DIDScopeType didScope = request.getDIDScope();
        if (didScope == null) {
            didScope = DIDScopeType.LOCAL;
        }
        if (didScope.equals(DIDScopeType.LOCAL)) {
            byte[] necessarySelectedApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
            if (!Arrays.equals(necessarySelectedApp, applicationID)) {
                String msg = "Wrong application selected for the execution of VerifySignature with the DID " + didName + ".";
                throw new SecurityConditionNotSatisfiedException(msg);
            }
        }
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
        Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
        String protocolURI = didStructure.getDIDMarker().getProtocol();
        SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
        if (protocol.hasNextStep(FunctionType.VerifySignature)) {
            response = protocol.verifySignature(request);
            removeFinishedProtocol(connectionHandle, protocolURI, protocol);
        } else {
            throw new InappropriateProtocolForActionException("VerifySignature", protocol.toString());
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) ECardException(org.openecard.common.ECardException) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) SALProtocol(org.openecard.addon.sal.SALProtocol) DIDScopeType(iso.std.iso_iec._24727.tech.schema.DIDScopeType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) VerifySignatureResponse(iso.std.iso_iec._24727.tech.schema.VerifySignatureResponse) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) NameExistsException(org.openecard.common.sal.exception.NameExistsException) AddonNotFoundException(org.openecard.addon.AddonNotFoundException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) ECardException(org.openecard.common.ECardException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) TLVException(org.openecard.common.tlv.TLVException) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException)

Example 7 with DIDScopeType

use of iso.std.iso_iec._24727.tech.schema.DIDScopeType in project open-ecard by ecsec.

the class TinySAL method encipher.

/**
 * The Encipher function encrypts a transmitted plain text. The detailed behaviour of this function depends on
 * the protocol of the DID.
 * See BSI-TR-03112-4, version 1.1.2, section 3.5.1.
 *
 * @param request Encipher
 * @return EncipherResponse
 */
@Publish
@Override
public EncipherResponse encipher(Encipher request) {
    EncipherResponse response = WSHelper.makeResponse(EncipherResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        String didName = SALUtils.getDIDName(request);
        byte[] plainText = request.getPlainText();
        Assert.assertIncorrectParameter(plainText, "The parameter PlainText is empty.");
        DIDScopeType didScope = request.getDIDScope();
        if (didScope == null) {
            didScope = DIDScopeType.LOCAL;
        }
        if (didScope.equals(DIDScopeType.LOCAL)) {
            byte[] necessaryCardApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
            if (!Arrays.equals(necessaryCardApp, applicationID)) {
                throw new SecurityConditionNotSatisfiedException("Wrong application selected.");
            }
        }
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
        Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
        String protocolURI = didStructure.getDIDMarker().getProtocol();
        SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
        if (protocol.hasNextStep(FunctionType.Encipher)) {
            response = protocol.encipher(request);
            removeFinishedProtocol(connectionHandle, protocolURI, protocol);
        } else {
            throw new InappropriateProtocolForActionException("Encipher", protocol.toString());
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) ECardException(org.openecard.common.ECardException) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) EncipherResponse(iso.std.iso_iec._24727.tech.schema.EncipherResponse) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) SALProtocol(org.openecard.addon.sal.SALProtocol) DIDScopeType(iso.std.iso_iec._24727.tech.schema.DIDScopeType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) NameExistsException(org.openecard.common.sal.exception.NameExistsException) AddonNotFoundException(org.openecard.addon.AddonNotFoundException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) ECardException(org.openecard.common.ECardException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) TLVException(org.openecard.common.tlv.TLVException) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException) Publish(org.openecard.common.interfaces.Publish)

Example 8 with DIDScopeType

use of iso.std.iso_iec._24727.tech.schema.DIDScopeType in project open-ecard by ecsec.

the class TinySAL method verifyCertificate.

/**
 * The VerifyCertificate function validates a given certificate.
 * See BSI-TR-03112-4, version 1.1.2, section 3.5.7.
 *
 * @param request VerifyCertificate
 * @return VerifyCertificateResponse
 */
@Override
public VerifyCertificateResponse verifyCertificate(VerifyCertificate request) {
    VerifyCertificateResponse response = WSHelper.makeResponse(VerifyCertificateResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        String didName = SALUtils.getDIDName(request);
        byte[] certificate = request.getCertificate();
        Assert.assertIncorrectParameter(certificate, "The parameter Certificate is empty.");
        String certificateType = request.getCertificateType();
        Assert.assertIncorrectParameter(certificateType, "The parameter CertificateType is empty.");
        String rootCert = request.getRootCert();
        Assert.assertIncorrectParameter(rootCert, "The parameter RootCert is empty.");
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, applicationID);
        Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
        DIDScopeType didScope = request.getDIDScope();
        if (didScope == null) {
            didScope = DIDScopeType.LOCAL;
        }
        if (didScope.equals(DIDScopeType.LOCAL)) {
            byte[] necessarySelectedApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
            if (!Arrays.equals(necessarySelectedApp, applicationID)) {
                String msg = "Wrong application selected for the execution of VerifyCertificate with the DID " + didName + ".";
                throw new SecurityConditionNotSatisfiedException(msg);
            }
        }
        String protocolURI = didStructure.getDIDMarker().getProtocol();
        SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
        if (protocol.hasNextStep(FunctionType.VerifyCertificate)) {
            response = protocol.verifyCertificate(request);
            removeFinishedProtocol(connectionHandle, protocolURI, protocol);
        } else {
            throw new InappropriateProtocolForActionException("VerifyCertificate", protocol.toString());
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) ECardException(org.openecard.common.ECardException) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) VerifyCertificateResponse(iso.std.iso_iec._24727.tech.schema.VerifyCertificateResponse) SALProtocol(org.openecard.addon.sal.SALProtocol) DIDScopeType(iso.std.iso_iec._24727.tech.schema.DIDScopeType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) NameExistsException(org.openecard.common.sal.exception.NameExistsException) AddonNotFoundException(org.openecard.addon.AddonNotFoundException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) ECardException(org.openecard.common.ECardException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) TLVException(org.openecard.common.tlv.TLVException) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException)

Example 9 with DIDScopeType

use of iso.std.iso_iec._24727.tech.schema.DIDScopeType in project open-ecard by ecsec.

the class CardInfoWrapper method getDIDStructure.

/**
 * @param didName Name of the DID to get the structure for
 * @param  didScope Scope of the DID
 * @return DIDStructure for the specified didName and card application or null, if no such did exists.
 */
public DIDStructureType getDIDStructure(String didName, DIDScopeType didScope) {
    DIDInfoType didInfo = this.getDIDInfo(didName, didScope);
    if (didInfo == null) {
        return null;
    }
    DIDStructureType didStructure = new DIDStructureType();
    didStructure.setDIDName(didInfo.getDifferentialIdentity().getDIDName());
    didStructure.setDIDScope(didInfo.getDifferentialIdentity().getDIDScope());
    if (didStructure.getDIDScope() == null) {
        // no scope is equal to local
        didStructure.setDIDScope(DIDScopeType.LOCAL);
    }
    DIDMarkerType didMarker = didInfo.getDifferentialIdentity().getDIDMarker();
    if (didMarker.getCAMarker() != null) {
        didStructure.setDIDMarker(didMarker.getCAMarker());
    } else if (didMarker.getCryptoMarker() != null) {
        didStructure.setDIDMarker(didMarker.getCryptoMarker());
    } else if (didMarker.getEACMarker() != null) {
        didStructure.setDIDMarker(didMarker.getEACMarker());
    } else if (didMarker.getMutualAuthMarker() != null) {
        didStructure.setDIDMarker(didMarker.getMutualAuthMarker());
    } else if (didMarker.getPACEMarker() != null) {
        didStructure.setDIDMarker(didMarker.getPACEMarker());
    } else if (didMarker.getPinCompareMarker() != null) {
        didStructure.setDIDMarker(didMarker.getPinCompareMarker());
    } else if (didMarker.getRIMarker() != null) {
        didStructure.setDIDMarker(didMarker.getRIMarker());
    } else if (didMarker.getRSAAuthMarker() != null) {
        didStructure.setDIDMarker(didMarker.getRSAAuthMarker());
    } else if (didMarker.getTAMarker() != null) {
        didStructure.setDIDMarker(didMarker.getTAMarker());
    }
    didStructure.setDIDQualifier(didInfo.getDifferentialIdentity().getDIDQualifier());
    return didStructure;
}
Also used : DIDMarkerType(iso.std.iso_iec._24727.tech.schema.DIDMarkerType) DIDInfoType(iso.std.iso_iec._24727.tech.schema.DIDInfoType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)

Aggregations

DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)9 DIDScopeType (iso.std.iso_iec._24727.tech.schema.DIDScopeType)8 ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)7 AddonNotFoundException (org.openecard.addon.AddonNotFoundException)7 SALProtocol (org.openecard.addon.sal.SALProtocol)7 ECardException (org.openecard.common.ECardException)7 ThreadTerminateException (org.openecard.common.ThreadTerminateException)7 InappropriateProtocolForActionException (org.openecard.common.sal.exception.InappropriateProtocolForActionException)7 IncorrectParameterException (org.openecard.common.sal.exception.IncorrectParameterException)7 NameExistsException (org.openecard.common.sal.exception.NameExistsException)7 NamedEntityNotFoundException (org.openecard.common.sal.exception.NamedEntityNotFoundException)7 PrerequisitesNotSatisfiedException (org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException)7 SecurityConditionNotSatisfiedException (org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException)7 UnknownConnectionHandleException (org.openecard.common.sal.exception.UnknownConnectionHandleException)7 UnknownProtocolException (org.openecard.common.sal.exception.UnknownProtocolException)7 CardStateEntry (org.openecard.common.sal.state.CardStateEntry)7 TLVException (org.openecard.common.tlv.TLVException)7 Publish (org.openecard.common.interfaces.Publish)3 DIDInfoType (iso.std.iso_iec._24727.tech.schema.DIDInfoType)1 DIDMarkerType (iso.std.iso_iec._24727.tech.schema.DIDMarkerType)1