Examples with DIDStructureType iso.std.iso_iec._24727.tech.schema.DIDStructureType used on opensource projects

Search in sources :

Example 26 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class ACLResolver method getMissingDids.

private List<DIDStructureType> getMissingDids(List<AccessRuleType> acls, TargetNameType target) throws WSException, SecurityConditionUnsatisfiable {
    // find the sign acl
    ArrayList<AccessRuleType> tmpAcls = new ArrayList<>();
    for (AccessRuleType next : acls) {
        if (target.getDIDName() != null) {
            CryptographicServiceActionName action = next.getAction().getCryptographicServiceAction();
            if (CryptographicServiceActionName.SIGN.equals(action)) {
                tmpAcls.add(next);
                // there can be only one
                break;
            }
        }
        if (target.getDataSetName() != null) {
            NamedDataServiceActionName action = next.getAction().getNamedDataServiceAction();
            if (NamedDataServiceActionName.DATA_SET_SELECT.equals(action)) {
                tmpAcls.add(next);
                continue;
            }
            if (NamedDataServiceActionName.DSI_READ.equals(action)) {
                tmpAcls.add(next);
                continue;
            }
        }
    }
    ArrayList<DIDStructureType> result = new ArrayList<>();
    for (AccessRuleType acl : tmpAcls) {
        // get the most suitable DID in the tree
        SecurityConditionType cond = normalize(acl.getSecurityCondition());
        cond = getBestSecurityCondition(cond);
        // flatten condition to list of unsatisfied dids
        List<DIDAuthenticationStateType> authStates = flattenCondition(cond);
        List<DIDStructureType> missingDIDs = filterSatisfiedDIDs(authStates);
        result.addAll(missingDIDs);
    }
    // remove duplicates
    TreeSet<String> newDids = new TreeSet<>();
    Iterator<DIDStructureType> it = result.iterator();
    while (it.hasNext()) {
        // this code bluntly assumes, that did names are unique per cardinfo file
        DIDStructureType next = it.next();
        if (newDids.contains(next.getDIDName())) {
            it.remove();
        } else {
            newDids.add(next.getDIDName());
        }
    }
    return result;
}
Also used : NamedDataServiceActionName(iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName) ArrayList(java.util.ArrayList) DIDAuthenticationStateType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType) TreeSet(java.util.TreeSet) CryptographicServiceActionName(iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName) AccessRuleType(iso.std.iso_iec._24727.tech.schema.AccessRuleType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) SecurityConditionType(iso.std.iso_iec._24727.tech.schema.SecurityConditionType)

Example 27 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class CardInfoWrapper method getDIDStructure.

/**
 * @param didName Name of the DID to get the structure for
 * @param  didScope Scope of the DID
 * @return DIDStructure for the specified didName and card application or null, if no such did exists.
 */
public DIDStructureType getDIDStructure(String didName, DIDScopeType didScope) {
    DIDInfoType didInfo = this.getDIDInfo(didName, didScope);
    if (didInfo == null) {
        return null;
    }
    DIDStructureType didStructure = new DIDStructureType();
    didStructure.setDIDName(didInfo.getDifferentialIdentity().getDIDName());
    didStructure.setDIDScope(didInfo.getDifferentialIdentity().getDIDScope());
    if (didStructure.getDIDScope() == null) {
        // no scope is equal to local
        didStructure.setDIDScope(DIDScopeType.LOCAL);
    }
    DIDMarkerType didMarker = didInfo.getDifferentialIdentity().getDIDMarker();
    if (didMarker.getCAMarker() != null) {
        didStructure.setDIDMarker(didMarker.getCAMarker());
    } else if (didMarker.getCryptoMarker() != null) {
        didStructure.setDIDMarker(didMarker.getCryptoMarker());
    } else if (didMarker.getEACMarker() != null) {
        didStructure.setDIDMarker(didMarker.getEACMarker());
    } else if (didMarker.getMutualAuthMarker() != null) {
        didStructure.setDIDMarker(didMarker.getMutualAuthMarker());
    } else if (didMarker.getPACEMarker() != null) {
        didStructure.setDIDMarker(didMarker.getPACEMarker());
    } else if (didMarker.getPinCompareMarker() != null) {
        didStructure.setDIDMarker(didMarker.getPinCompareMarker());
    } else if (didMarker.getRIMarker() != null) {
        didStructure.setDIDMarker(didMarker.getRIMarker());
    } else if (didMarker.getRSAAuthMarker() != null) {
        didStructure.setDIDMarker(didMarker.getRSAAuthMarker());
    } else if (didMarker.getTAMarker() != null) {
        didStructure.setDIDMarker(didMarker.getTAMarker());
    }
    didStructure.setDIDQualifier(didInfo.getDifferentialIdentity().getDIDQualifier());
    return didStructure;
}
Also used : DIDMarkerType(iso.std.iso_iec._24727.tech.schema.DIDMarkerType) DIDInfoType(iso.std.iso_iec._24727.tech.schema.DIDInfoType) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)

Example 28 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class DecipherStep method perform.

@Override
public DecipherResponse perform(Decipher request, Map<String, Object> internalData) {
    DecipherResponse response = WSHelper.makeResponse(DecipherResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        String didName = SALUtils.getDIDName(request);
        byte[] applicationID = connectionHandle.getCardApplication();
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
        Assert.securityConditionDID(cardStateEntry, applicationID, didName, CryptographicServiceActionName.DECIPHER);
        DIDStructureType didStructure = SALUtils.getDIDStructure(request, didName, cardStateEntry, connectionHandle);
        CryptoMarkerType cryptoMarker = new CryptoMarkerType(didStructure.getDIDMarker());
        byte[] keyReference = cryptoMarker.getCryptoKeyInfo().getKeyRef().getKeyRef();
        byte[] algorithmIdentifier = cryptoMarker.getAlgorithmInfo().getCardAlgRef();
        byte[] slotHandle = connectionHandle.getSlotHandle();
        // See eGK specification, part 1, version 2.2.0, section 15.9.6.
        if (didStructure.getDIDScope().equals(DIDScopeType.LOCAL)) {
            keyReference[0] = (byte) (0x80 | keyReference[0]);
        }
        TLV tagKeyReference = new TLV();
        tagKeyReference.setTagNumWithClass(0x84);
        tagKeyReference.setValue(keyReference);
        TLV tagAlgorithmIdentifier = new TLV();
        tagAlgorithmIdentifier.setTagNumWithClass(0x80);
        tagAlgorithmIdentifier.setValue(algorithmIdentifier);
        byte[] mseData = ByteUtils.concatenate(tagKeyReference.toBER(), tagAlgorithmIdentifier.toBER());
        CardCommandAPDU apdu = new ManageSecurityEnvironment((byte) 0x41, ManageSecurityEnvironment.CT, mseData);
        apdu.transmit(dispatcher, slotHandle);
        byte[] ciphertext = request.getCipherText();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        BigInteger bitKeySize = cryptoMarker.getCryptoKeyInfo().getKeySize();
        int blocksize = bitKeySize.divide(new BigInteger("8")).intValue();
        // check if the ciphertext length is divisible by the blocksize without rest
        if ((ciphertext.length % blocksize) != 0) {
            return WSHelper.makeResponse(DecipherResponse.class, WSHelper.makeResultError(ECardConstants.Minor.App.INCORRECT_PARM, "The length of the ciphertext should be a multiple of the blocksize."));
        }
        // decrypt the ciphertext block for block
        for (int offset = 0; offset < ciphertext.length; offset += blocksize) {
            byte[] ciphertextblock = ByteUtils.copy(ciphertext, offset, blocksize);
            apdu = new PSODecipher(ByteUtils.concatenate(PADDING_INDICATOR_BYTE, ciphertextblock), (byte) blocksize);
            CardResponseAPDU responseAPDU = apdu.transmit(dispatcher, slotHandle);
            baos.write(responseAPDU.getData());
        }
        response.setPlainText(baos.toByteArray());
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        logger.error(e.getMessage(), e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardCommandAPDU(org.openecard.common.apdu.common.CardCommandAPDU) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) CryptoMarkerType(org.openecard.crypto.common.sal.did.CryptoMarkerType) ByteArrayOutputStream(java.io.ByteArrayOutputStream) PSODecipher(org.openecard.sal.protocol.genericcryptography.apdu.PSODecipher) ECardException(org.openecard.common.ECardException) ECardException(org.openecard.common.ECardException) BigInteger(java.math.BigInteger) DecipherResponse(iso.std.iso_iec._24727.tech.schema.DecipherResponse) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) ManageSecurityEnvironment(org.openecard.common.apdu.ManageSecurityEnvironment) TLV(org.openecard.common.tlv.TLV)

Example 29 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class HashStep method perform.

@Override
public HashResponse perform(Hash request, Map<String, Object> internalData) {
    HashResponse response = WSHelper.makeResponse(HashResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        String didName = SALUtils.getDIDName(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
        DIDStructureType didStructure = SALUtils.getDIDStructure(request, didName, cardStateEntry, connectionHandle);
        CryptoMarkerType cryptoMarker = new CryptoMarkerType(didStructure.getDIDMarker());
        HashGenerationInfoType hashInfo = cryptoMarker.getHashGenerationInfo();
        if (hashInfo != null) {
            if (hashInfo == HashGenerationInfoType.NOT_ON_CARD) {
                String algId = cryptoMarker.getAlgorithmInfo().getAlgorithmIdentifier().getAlgorithm();
                SignatureAlgorithms alg = SignatureAlgorithms.fromAlgId(algId);
                HashAlgorithms hashAlg = alg.getHashAlg();
                if (hashAlg == null) {
                    String msg = String.format("Algorithm %s does not specify a Hash algorithm.", algId);
                    LOG.error(msg);
                    String minor = ECardConstants.Minor.App.INCORRECT_PARM;
                    response.setResult(WSHelper.makeResultError(minor, msg));
                } else {
                    // calculate hash
                    MessageDigest md = MessageDigest.getInstance(hashAlg.getJcaAlg());
                    md.update(request.getMessage());
                    byte[] digest = md.digest();
                    response.setHash(digest);
                }
            } else {
                // TODO: implement hashing on card
                String msg = String.format("Unsupported Hash generation type (%s) requested.", hashInfo);
                LOG.error(msg);
                String minor = ECardConstants.Minor.SAL.INAPPROPRIATE_PROTOCOL_FOR_ACTION;
                response.setResult(WSHelper.makeResultError(minor, msg));
            }
        } else {
            // no hash alg specified, this is an error
            String msg = String.format("No Hash generation type specified in CIF.");
            LOG.error(msg);
            String minor = ECardConstants.Minor.SAL.INAPPROPRIATE_PROTOCOL_FOR_ACTION;
            response.setResult(WSHelper.makeResultError(minor, msg));
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (UnsupportedAlgorithmException | NoSuchAlgorithmException ex) {
    } catch (Exception e) {
        LOG.warn(e.getMessage(), e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) HashAlgorithms(org.openecard.crypto.common.HashAlgorithms) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) CryptoMarkerType(org.openecard.crypto.common.sal.did.CryptoMarkerType) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) HashGenerationInfoType(iso.std.iso_iec._24727.tech.schema.HashGenerationInfoType) UnsupportedAlgorithmException(org.openecard.crypto.common.UnsupportedAlgorithmException) ECardException(org.openecard.common.ECardException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ECardException(org.openecard.common.ECardException) HashResponse(iso.std.iso_iec._24727.tech.schema.HashResponse) SignatureAlgorithms(org.openecard.crypto.common.SignatureAlgorithms) UnsupportedAlgorithmException(org.openecard.crypto.common.UnsupportedAlgorithmException) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) MessageDigest(java.security.MessageDigest)

Example 30 with DIDStructureType

use of iso.std.iso_iec._24727.tech.schema.DIDStructureType in project open-ecard by ecsec.

the class ChangePinInSALAction method getPinDid.

@Nonnull
private String getPinDid(ConnectionHandleType handle) throws WSException {
    // get all DIDs
    DIDList listReq = new DIDList();
    listReq.setConnectionHandle(handle);
    DIDListResponse listRes = (DIDListResponse) dispatcher.safeDeliver(listReq);
    WSHelper.checkResult(listRes);
    // find pin did
    for (String didName : listRes.getDIDNameList().getDIDName()) {
        DIDGet getReq = new DIDGet();
        getReq.setConnectionHandle(handle);
        getReq.setDIDName(didName);
        DIDGetResponse getRes = (DIDGetResponse) dispatcher.safeDeliver(getReq);
        // don't check result, just see if we have a response
        DIDStructureType struct = getRes.getDIDStructure();
        if (struct != null) {
            if ("urn:oid:1.3.162.15480.3.0.9".equals(struct.getDIDMarker().getProtocol())) {
                return didName;
            }
        }
    }
    Result r = WSHelper.makeResultError(ECardConstants.Minor.SAL.INAPPROPRIATE_PROTOCOL_FOR_ACTION, "No PIN DID found.");
    throw WSHelper.createException(r);
}
Also used : DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) DIDGet(iso.std.iso_iec._24727.tech.schema.DIDGet) DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) DIDListResponse(iso.std.iso_iec._24727.tech.schema.DIDListResponse) Result(oasis.names.tc.dss._1_0.core.schema.Result) Nonnull(javax.annotation.Nonnull)

Aggregations

DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)28 ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)21 ECardException (org.openecard.common.ECardException)20 CardStateEntry (org.openecard.common.sal.state.CardStateEntry)20 IncorrectParameterException (org.openecard.common.sal.exception.IncorrectParameterException)17 ThreadTerminateException (org.openecard.common.ThreadTerminateException)15 NamedEntityNotFoundException (org.openecard.common.sal.exception.NamedEntityNotFoundException)15 UnknownProtocolException (org.openecard.common.sal.exception.UnknownProtocolException)15 TLVException (org.openecard.common.tlv.TLVException)13 AddonNotFoundException (org.openecard.addon.AddonNotFoundException)12 InappropriateProtocolForActionException (org.openecard.common.sal.exception.InappropriateProtocolForActionException)12 NameExistsException (org.openecard.common.sal.exception.NameExistsException)12 PrerequisitesNotSatisfiedException (org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException)12 SecurityConditionNotSatisfiedException (org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException)12 UnknownConnectionHandleException (org.openecard.common.sal.exception.UnknownConnectionHandleException)12 SALProtocol (org.openecard.addon.sal.SALProtocol)11 DIDScopeType (iso.std.iso_iec._24727.tech.schema.DIDScopeType)8 Publish (org.openecard.common.interfaces.Publish)6 CryptoMarkerType (org.openecard.crypto.common.sal.did.CryptoMarkerType)5 DIDGetResponse (iso.std.iso_iec._24727.tech.schema.DIDGetResponse)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial