Examples with DIDStructureType iso.std.iso_iec._24727.tech.schema.DIDStructureType used on opensource projects

Search in sources :

Example 11 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class PACEStep method getPaceMarker.

private PACEMarkerType getPaceMarker(CardStateEntry cardState, String pinType) {
    // TODO: replace with DIDGet call
    byte[] applicationIdentifier = cardState.getCurrentCardApplication().getApplicationIdentifier();
    DIDStructureType didStructure = cardState.getDIDStructure(pinType, applicationIdentifier);
    iso.std.iso_iec._24727.tech.schema.PACEMarkerType didMarker;
    didMarker = (iso.std.iso_iec._24727.tech.schema.PACEMarkerType) didStructure.getDIDMarker();
    return new PACEMarkerType(didMarker);
}
Also used : PACEMarkerType(org.openecard.sal.protocol.eac.anytype.PACEMarkerType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)

Example 12 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class DIDAuthenticateStep method perform.

@Override
public DIDAuthenticateResponse perform(DIDAuthenticate request, Map<String, Object> internalData) {
    DIDAuthenticateResponse response = WSHelper.makeResponse(DIDAuthenticateResponse.class, WSHelper.makeResultOK());
    char[] rawPIN = null;
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        String didName = SALUtils.getDIDName(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
        PINCompareDIDAuthenticateInputType pinCompareInput = new PINCompareDIDAuthenticateInputType(request.getAuthenticationProtocolData());
        PINCompareDIDAuthenticateOutputType pinCompareOutput = pinCompareInput.getOutputType();
        byte[] cardApplication;
        if (request.getDIDScope() != null && request.getDIDScope().equals(DIDScopeType.GLOBAL)) {
            cardApplication = cardStateEntry.getInfo().getApplicationIdByDidName(request.getDIDName(), request.getDIDScope());
        } else {
            cardApplication = connectionHandle.getCardApplication();
        }
        Assert.securityConditionDID(cardStateEntry, cardApplication, didName, DifferentialIdentityServiceActionName.DID_AUTHENTICATE);
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, cardApplication);
        PINCompareMarkerType pinCompareMarker = new PINCompareMarkerType(didStructure.getDIDMarker());
        byte keyRef = pinCompareMarker.getPINRef().getKeyRef()[0];
        byte[] slotHandle = connectionHandle.getSlotHandle();
        PasswordAttributesType attributes = pinCompareMarker.getPasswordAttributes();
        rawPIN = pinCompareInput.getPIN();
        // delete pin from memory of the structure
        pinCompareInput.setPIN(null);
        byte[] template = new byte[] { 0x00, 0x20, 0x00, keyRef };
        byte[] responseCode;
        // with [ISO7816-4] (Section 7.5.6).
        if (rawPIN == null || rawPIN.length == 0) {
            VerifyUser verify = new VerifyUser();
            verify.setSlotHandle(slotHandle);
            InputUnitType inputUnit = new InputUnitType();
            verify.setInputUnit(inputUnit);
            PinInputType pinInput = new PinInputType();
            inputUnit.setPinInput(pinInput);
            pinInput.setIndex(BigInteger.ZERO);
            pinInput.setPasswordAttributes(attributes);
            verify.setTemplate(template);
            VerifyUserResponse verifyR = (VerifyUserResponse) dispatcher.safeDeliver(verify);
            WSHelper.checkResult(verifyR);
            responseCode = verifyR.getResponse();
        } else {
            Transmit verifyTransmit = PINUtils.buildVerifyTransmit(rawPIN, attributes, template, slotHandle);
            try {
                TransmitResponse transResp = (TransmitResponse) dispatcher.safeDeliver(verifyTransmit);
                WSHelper.checkResult(transResp);
                responseCode = transResp.getOutputAPDU().get(0);
            } finally {
                // blank PIN APDU
                for (InputAPDUInfoType apdu : verifyTransmit.getInputAPDUInfo()) {
                    byte[] rawApdu = apdu.getInputAPDU();
                    if (rawApdu != null) {
                        java.util.Arrays.fill(rawApdu, (byte) 0);
                    }
                }
            }
        }
        CardResponseAPDU verifyResponseAPDU = new CardResponseAPDU(responseCode);
        if (verifyResponseAPDU.isWarningProcessed()) {
            pinCompareOutput.setRetryCounter(new BigInteger(Integer.toString((verifyResponseAPDU.getSW2() & 0x0F))));
        }
        cardStateEntry.addAuthenticated(didName, cardApplication);
        response.setAuthenticationProtocolData(pinCompareOutput.getAuthDataType());
    } catch (ECardException e) {
        LOG.error(e.getMessage(), e);
        response.setResult(e.getResult());
    } catch (Exception e) {
        if (e instanceof RuntimeException) {
            throw (RuntimeException) e;
        }
        LOG.error(e.getMessage(), e);
        response.setResult(WSHelper.makeResult(e));
    } finally {
        if (rawPIN != null) {
            Arrays.fill(rawPIN, ' ');
        }
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) Transmit(iso.std.iso_iec._24727.tech.schema.Transmit) PasswordAttributesType(iso.std.iso_iec._24727.tech.schema.PasswordAttributesType) VerifyUserResponse(iso.std.iso_iec._24727.tech.schema.VerifyUserResponse) PINCompareMarkerType(org.openecard.common.anytype.pin.PINCompareMarkerType) InputAPDUInfoType(iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType) PINCompareDIDAuthenticateInputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType) ECardException(org.openecard.common.ECardException) ECardException(org.openecard.common.ECardException) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) InputUnitType(iso.std.iso_iec._24727.tech.schema.InputUnitType) TransmitResponse(iso.std.iso_iec._24727.tech.schema.TransmitResponse) BigInteger(java.math.BigInteger) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) VerifyUser(iso.std.iso_iec._24727.tech.schema.VerifyUser) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) PINCompareDIDAuthenticateOutputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateOutputType) PinInputType(iso.std.iso_iec._24727.tech.schema.PinInputType)

Example 13 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class SignStep method perform.

@Override
public SignResponse perform(Sign sign, Map<String, Object> internalData) {
    SignResponse response = WSHelper.makeResponse(SignResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(sign);
        String didName = SALUtils.getDIDName(sign);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
        DIDStructureType didStructure = SALUtils.getDIDStructure(sign, didName, cardStateEntry, connectionHandle);
        CryptoMarkerType cryptoMarker = new CryptoMarkerType(didStructure.getDIDMarker());
        byte[] slotHandle = connectionHandle.getSlotHandle();
        byte[] applicationID = connectionHandle.getCardApplication();
        Assert.securityConditionDID(cardStateEntry, applicationID, didName, CryptographicServiceActionName.SIGN);
        byte[] message = sign.getMessage();
        byte[] keyReference = cryptoMarker.getCryptoKeyInfo().getKeyRef().getKeyRef();
        byte[] algorithmIdentifier = cryptoMarker.getAlgorithmInfo().getCardAlgRef();
        byte[] hashRef = cryptoMarker.getAlgorithmInfo().getHashAlgRef();
        HashGenerationInfoType hashInfo = cryptoMarker.getHashGenerationInfo();
        if (didStructure.getDIDScope() == DIDScopeType.LOCAL) {
            keyReference[0] = (byte) (0x80 | keyReference[0]);
        }
        if (cryptoMarker.getSignatureGenerationInfo() != null) {
            response = performSignature(cryptoMarker, keyReference, algorithmIdentifier, message, slotHandle, hashRef, hashInfo);
        } else {
            // assuming that legacySignatureInformation exists
            BaseTemplateContext templateContext = new BaseTemplateContext();
            templateContext.put(HASH_TO_SIGN, message);
            templateContext.put(KEY_REFERENCE, keyReference);
            templateContext.put(ALGORITHM_IDENTIFIER, algorithmIdentifier);
            templateContext.put(HASHALGORITHM_REFERENCE, hashRef);
            response = performLegacySignature(cryptoMarker, connectionHandle, templateContext);
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.warn(e.getMessage(), e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) ECardException(org.openecard.common.ECardException) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) SignResponse(iso.std.iso_iec._24727.tech.schema.SignResponse) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) CryptoMarkerType(org.openecard.crypto.common.sal.did.CryptoMarkerType) BaseTemplateContext(org.openecard.common.apdu.common.BaseTemplateContext) HashGenerationInfoType(iso.std.iso_iec._24727.tech.schema.HashGenerationInfoType) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) APDUException(org.openecard.common.apdu.exception.APDUException) InvocationTargetException(java.lang.reflect.InvocationTargetException) ECardException(org.openecard.common.ECardException) TLVException(org.openecard.common.tlv.TLVException) IOException(java.io.IOException) APDUTemplateException(org.openecard.common.apdu.common.APDUTemplateException)

Example 14 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class VerifySignatureStep method perform.

@Override
public VerifySignatureResponse perform(VerifySignature request, Map<String, Object> internalData) {
    VerifySignatureResponse response = WSHelper.makeResponse(VerifySignatureResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
        String didName = SALUtils.getDIDName(request);
        DIDStructureType didStructure = SALUtils.getDIDStructure(request, didName, cardStateEntry, connectionHandle);
        // required
        byte[] signature = request.getSignature();
        // optional
        byte[] message = request.getMessage();
        CryptoMarkerType cryptoMarker = new CryptoMarkerType(didStructure.getDIDMarker());
        String dataSetNameCertificate = cryptoMarker.getCertificateRefs().get(0).getDataSetName();
        String algorithmIdentifier = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
        DSIRead dsiRead = new DSIRead();
        dsiRead.setConnectionHandle(connectionHandle);
        dsiRead.setDSIName(dataSetNameCertificate);
        DSIReadResponse dsiReadResponse = (DSIReadResponse) dispatcher.safeDeliver(dsiRead);
        WSHelper.checkResult(dsiReadResponse);
        CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
        Certificate cert = (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(dsiReadResponse.getDSIContent()));
        Signature signatureAlgorithm;
        if (algorithmIdentifier.equals(GenericCryptoUris.RSA_ENCRYPTION)) {
            signatureAlgorithm = Signature.getInstance("RSA", new BouncyCastleProvider());
        } else if (algorithmIdentifier.equals(GenericCryptoUris.RSASSA_PSS_SHA256)) {
            signatureAlgorithm = Signature.getInstance("RAWRSASSA-PSS", new BouncyCastleProvider());
            signatureAlgorithm.setParameter(new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 32, 1));
        } else if (algorithmIdentifier.equals(GenericCryptoUris.sigS_ISO9796_2)) {
            return WSHelper.makeResponse(VerifySignatureResponse.class, WSHelper.makeResultUnknownError(algorithmIdentifier + " Not supported yet."));
        } else if (algorithmIdentifier.equals(GenericCryptoUris.sigS_ISO9796_2rnd)) {
            return WSHelper.makeResponse(VerifySignatureResponse.class, WSHelper.makeResultUnknownError(algorithmIdentifier + " Not supported yet."));
        } else {
            throw new IncorrectParameterException("Unknown signature algorithm.");
        }
        signatureAlgorithm.initVerify(cert);
        if (message != null) {
            signatureAlgorithm.update(message);
        }
        if (!signatureAlgorithm.verify(signature)) {
            throw new InvalidSignatureException();
        }
    } catch (ECardException e) {
        LOG.error(e.getMessage(), e);
        response.setResult(e.getResult());
    } catch (Exception e) {
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) InvalidSignatureException(org.openecard.common.sal.exception.InvalidSignatureException) DSIRead(iso.std.iso_iec._24727.tech.schema.DSIRead) CryptoMarkerType(org.openecard.crypto.common.sal.did.CryptoMarkerType) VerifySignatureResponse(iso.std.iso_iec._24727.tech.schema.VerifySignatureResponse) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) ECardException(org.openecard.common.ECardException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InvalidSignatureException(org.openecard.common.sal.exception.InvalidSignatureException) ECardException(org.openecard.common.ECardException) ByteArrayInputStream(java.io.ByteArrayInputStream) PSSParameterSpec(java.security.spec.PSSParameterSpec) Signature(java.security.Signature) VerifySignature(iso.std.iso_iec._24727.tech.schema.VerifySignature) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) DSIReadResponse(iso.std.iso_iec._24727.tech.schema.DSIReadResponse) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) BouncyCastleProvider(org.openecard.bouncycastle.jce.provider.BouncyCastleProvider) MGF1ParameterSpec(java.security.spec.MGF1ParameterSpec)

Example 15 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class CardInfoWrapper method getDIDStructure.

/**
 * @param didName Name of the DID to get the structure for
 * @param cardApplication Identifier of the card application
 * @return DIDStructure for the specified didName and card application or null, if no such did exists.
 */
public DIDStructureType getDIDStructure(String didName, byte[] cardApplication) {
    DIDInfoType didInfo = this.getDIDInfo(didName, cardApplication);
    if (didInfo == null) {
        return null;
    }
    DIDStructureType didStructure = new DIDStructureType();
    didStructure.setDIDName(didInfo.getDifferentialIdentity().getDIDName());
    didStructure.setDIDScope(didInfo.getDifferentialIdentity().getDIDScope());
    if (didStructure.getDIDScope() == null) {
        // no scope is equal to local
        didStructure.setDIDScope(DIDScopeType.LOCAL);
    }
    DIDMarkerType didMarker = didInfo.getDifferentialIdentity().getDIDMarker();
    if (didMarker.getCAMarker() != null) {
        didStructure.setDIDMarker(didMarker.getCAMarker());
    } else if (didMarker.getCryptoMarker() != null) {
        didStructure.setDIDMarker(didMarker.getCryptoMarker());
    } else if (didMarker.getEACMarker() != null) {
        didStructure.setDIDMarker(didMarker.getEACMarker());
    } else if (didMarker.getMutualAuthMarker() != null) {
        didStructure.setDIDMarker(didMarker.getMutualAuthMarker());
    } else if (didMarker.getPACEMarker() != null) {
        didStructure.setDIDMarker(didMarker.getPACEMarker());
    } else if (didMarker.getPinCompareMarker() != null) {
        didStructure.setDIDMarker(didMarker.getPinCompareMarker());
    } else if (didMarker.getRIMarker() != null) {
        didStructure.setDIDMarker(didMarker.getRIMarker());
    } else if (didMarker.getRSAAuthMarker() != null) {
        didStructure.setDIDMarker(didMarker.getRSAAuthMarker());
    } else if (didMarker.getTAMarker() != null) {
        didStructure.setDIDMarker(didMarker.getTAMarker());
    }
    didStructure.setDIDQualifier(didInfo.getDifferentialIdentity().getDIDQualifier());
    return didStructure;
}
Also used : DIDMarkerType(iso.std.iso_iec._24727.tech.schema.DIDMarkerType) DIDInfoType(iso.std.iso_iec._24727.tech.schema.DIDInfoType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)

Aggregations

DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)28 ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)21 ECardException (org.openecard.common.ECardException)20 CardStateEntry (org.openecard.common.sal.state.CardStateEntry)20 IncorrectParameterException (org.openecard.common.sal.exception.IncorrectParameterException)17 ThreadTerminateException (org.openecard.common.ThreadTerminateException)15 NamedEntityNotFoundException (org.openecard.common.sal.exception.NamedEntityNotFoundException)15 UnknownProtocolException (org.openecard.common.sal.exception.UnknownProtocolException)15 TLVException (org.openecard.common.tlv.TLVException)13 AddonNotFoundException (org.openecard.addon.AddonNotFoundException)12 InappropriateProtocolForActionException (org.openecard.common.sal.exception.InappropriateProtocolForActionException)12 NameExistsException (org.openecard.common.sal.exception.NameExistsException)12 PrerequisitesNotSatisfiedException (org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException)12 SecurityConditionNotSatisfiedException (org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException)12 UnknownConnectionHandleException (org.openecard.common.sal.exception.UnknownConnectionHandleException)12 SALProtocol (org.openecard.addon.sal.SALProtocol)11 DIDScopeType (iso.std.iso_iec._24727.tech.schema.DIDScopeType)8 Publish (org.openecard.common.interfaces.Publish)6 CryptoMarkerType (org.openecard.crypto.common.sal.did.CryptoMarkerType)5 DIDGetResponse (iso.std.iso_iec._24727.tech.schema.DIDGetResponse)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial