Example 6 with EstablishChannelResponse
use of iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse in project open-ecard by ecsec.
the class GenericPINAction method performPACEWithPUK.
private EstablishChannelResponse performPACEWithPUK(Map<String, ExecutionResults> oldResults) throws ParserConfigurationException {
DIDAuthenticationDataType paceInput = new DIDAuthenticationDataType();
paceInput.setProtocol(ECardConstants.Protocol.PACE);
AuthDataMap tmp = new AuthDataMap(paceInput);
AuthDataResponse paceInputMap = tmp.createResponse(paceInput);
if (capturePin) {
ExecutionResults executionResults = oldResults.get(getStepID());
PasswordField pukField = (PasswordField) executionResults.getResult(GenericPINStep.PUK_FIELD);
String pukValue = new String(pukField.getValue());
if (pukValue.length() != 10) {
// TODO inform user that something with his input is wrong
return null;
} else {
paceInputMap.addElement(PACEInputType.PIN, pukValue);
}
}
paceInputMap.addElement(PACEInputType.PIN_ID, PIN_ID_PUK);
EstablishChannel eChannel = createEstablishChannelStructure(paceInputMap);
return (EstablishChannelResponse) dispatcher.safeDeliver(eChannel);
}
Also used :
EstablishChannel(iso.std.iso_iec._24727.tech.schema.EstablishChannel)
AuthDataMap(org.openecard.common.anytype.AuthDataMap)
ExecutionResults(org.openecard.gui.executor.ExecutionResults)
EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)
DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)
AuthDataResponse(org.openecard.common.anytype.AuthDataResponse)
PasswordField(org.openecard.gui.definition.PasswordField)
Example 7 with EstablishChannelResponse
use of iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse in project open-ecard by ecsec.
the class GenericPINAction method performPINChange.
private StepActionResult performPINChange(Map<String, ExecutionResults> oldResults) {
String newPINValue = null;
String newPINRepeatValue = null;
if (capturePin) {
try {
ExecutionResults executionResults = oldResults.get(getStepID());
PasswordField newPINField = (PasswordField) executionResults.getResult(GenericPINStep.NEW_PIN_FIELD);
newPINValue = new String(newPINField.getValue());
PasswordField newPINRepeatField = (PasswordField) executionResults.getResult(GenericPINStep.NEW_PIN_REPEAT_FIELD);
newPINRepeatValue = new String(newPINRepeatField.getValue());
byte[] pin1 = newPINValue.getBytes(ISO_8859_1);
byte[] pin2 = newPINRepeatValue.getBytes(ISO_8859_1);
if (!ByteUtils.compare(pin1, pin2)) {
LOG.warn("New PIN does not match the value from the confirmation field.");
// to reset the text fields
gPINStep.updateState(state);
return new StepActionResult(StepActionResultStatus.REPEAT);
}
} catch (UnsupportedEncodingException ex) {
LOG.error("ISO_8859_1 charset is not support.", ex);
// to reset the text fields
gPINStep.updateState(state);
return new StepActionResult(StepActionResultStatus.REPEAT);
}
}
try {
EstablishChannelResponse pinResponse = performPACEWithPIN(oldResults);
if (pinResponse == null) {
// the entered pin has a wrong format repeat the entering of the data
gPINStep.setFailedPINVerify(false);
gPINStep.setWrongPINFormat(true);
return new StepActionResult(StepActionResultStatus.REPEAT);
}
if (pinResponse.getResult().getResultMajor().equals(ECardConstants.Major.ERROR)) {
switch(pinResponse.getResult().getResultMinor()) {
case ECardConstants.Minor.IFD.PASSWORD_ERROR:
gPINStep.setFailedPINVerify(true);
gPINStep.setWrongPINFormat(false);
gPINStep.updateState(RecognizedState.PIN_activated_RC2);
state = RecognizedState.PIN_activated_RC2;
return new StepActionResult(StepActionResultStatus.REPEAT);
case ECardConstants.Minor.IFD.PASSWORD_SUSPENDED:
gPINStep.setFailedPINVerify(true);
gPINStep.setWrongPINFormat(false);
gPINStep.updateState(RecognizedState.PIN_suspended);
state = RecognizedState.PIN_suspended;
return new StepActionResult(StepActionResultStatus.REPEAT);
case ECardConstants.Minor.IFD.PASSWORD_BLOCKED:
gPINStep.setFailedPINVerify(true);
gPINStep.setWrongPINFormat(false);
gPINStep.updateState(RecognizedState.PIN_blocked);
state = RecognizedState.PIN_blocked;
return new StepActionResult(StepActionResultStatus.REPEAT);
default:
WSHelper.checkResult(pinResponse);
break;
}
}
if (capturePin) {
if (newPINValue.equals(newPINRepeatValue) && newPINValue.length() == 6) {
// no result check necessary everything except a 9000 leads to an APDU exception
sendResetRetryCounter(newPINValue.getBytes(ISO_8859_1));
}
} else {
ControlIFDResponse resp = sendModifyPIN();
evaluateControlIFDResponse(resp);
}
// PIN modified successfully, proceed with next step
return new StepActionResult(StepActionResultStatus.REPEAT, generateSuccessStep(lang.translationForKey(CHANGE_SUCCESS)));
} catch (APDUException | IFDException | ParserConfigurationException ex) {
LOG.error("An internal error occurred while trying to change the PIN", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_INTERNAL)));
} catch (UnsupportedEncodingException ex) {
LOG.warn("The encoding of the PIN is wrong.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (WSHelper.WSException ex) {
// This is for PIN Pad Readers in case the user pressed the cancel button on the reader.
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.CANCELLATION_BY_USER)) {
LOG.error("User canceled the authentication manually or removed the card.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_USER_CANCELLATION_OR_CARD_REMOVED)));
}
// for people which think they have to remove the card in the process
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.INVALID_SLOT_HANDLE)) {
LOG.error("The SlotHandle was invalid so probably the user removed the card or an reset occurred.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_CARD_REMOVED)));
}
// for users which forgot to type in something
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.TIMEOUT_ERROR)) {
LOG.error("The terminal timed out no password was entered.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_TIMEOUT)));
}
// the verification of the new pin failed
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.PASSWORDS_DONT_MATCH)) {
LOG.error("The verification of the new PIN failed.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_NON_MATCHING_PASSWORDS)));
}
// We don't know what happend so just show an general error message
LOG.error("An unknown error occurred while trying to change the PIN.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_UNKNOWN)));
} finally {
// destroy the pace channel
DestroyChannel destChannel = new DestroyChannel();
destChannel.setSlotHandle(slotHandle);
dispatcher.safeDeliver(destChannel);
// Transaction based communication does not work on java 8 so the PACE channel is not closed after an
// EndTransaction call. So do a reset of the card to close the PACE channel.
Disconnect disconnect = new Disconnect();
disconnect.setSlotHandle(slotHandle);
disconnect.setAction(ActionType.RESET);
dispatcher.safeDeliver(disconnect);
}
}
Also used :
WSHelper(org.openecard.common.WSHelper)
APDUException(org.openecard.common.apdu.exception.APDUException)
ExecutionResults(org.openecard.gui.executor.ExecutionResults)
EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
StepActionResult(org.openecard.gui.executor.StepActionResult)
Disconnect(iso.std.iso_iec._24727.tech.schema.Disconnect)
CardApplicationDisconnect(iso.std.iso_iec._24727.tech.schema.CardApplicationDisconnect)
ControlIFDResponse(iso.std.iso_iec._24727.tech.schema.ControlIFDResponse)
DestroyChannel(iso.std.iso_iec._24727.tech.schema.DestroyChannel)
PasswordField(org.openecard.gui.definition.PasswordField)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
IFDException(org.openecard.ifd.scio.IFDException)
Example 8 with EstablishChannelResponse
use of iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse in project open-ecard by ecsec.
the class PINStepAction method performPACEWithPIN.
private EstablishChannelResponse performPACEWithPIN(Map<String, ExecutionResults> oldResults) {
DIDAuthenticationDataType protoData = eacData.didRequest.getAuthenticationProtocolData();
AuthDataMap paceAuthMap;
try {
paceAuthMap = new AuthDataMap(protoData);
} catch (ParserConfigurationException ex) {
LOG.error("Failed to read EAC Protocol data.", ex);
return null;
}
AuthDataResponse paceInputMap = paceAuthMap.createResponse(protoData);
if (capturePin) {
ExecutionResults executionResults = oldResults.get(getStepID());
PasswordField p = (PasswordField) executionResults.getResult(PINStep.PIN_FIELD);
char[] pinIn = p.getValue();
// TODO: check pin length and possibly allowed charset with CardInfo file
if (pinIn.length == 0) {
return null;
} else {
// NOTE: saving pin as string prevents later removal of the value from memory !!!
paceInputMap.addElement(PACEInputType.PIN, new String(pinIn));
}
}
// perform PACE
paceInputMap.addElement(PACEInputType.PIN_ID, PasswordID.parse(eacData.pinID).getByteAsString());
paceInputMap.addElement(PACEInputType.CHAT, eacData.selectedCHAT.toString());
String certDesc = ByteUtils.toHexString(eacData.rawCertificateDescription);
paceInputMap.addElement(PACEInputType.CERTIFICATE_DESCRIPTION, certDesc);
EstablishChannel eChannel = createEstablishChannelStructure(paceInputMap);
return (EstablishChannelResponse) dispatcher.safeDeliver(eChannel);
}
Also used :
EstablishChannel(iso.std.iso_iec._24727.tech.schema.EstablishChannel)
AuthDataMap(org.openecard.common.anytype.AuthDataMap)
ExecutionResults(org.openecard.gui.executor.ExecutionResults)
EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)
DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)
AuthDataResponse(org.openecard.common.anytype.AuthDataResponse)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
PasswordField(org.openecard.gui.definition.PasswordField)
Example 9 with EstablishChannelResponse
use of iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse in project open-ecard by ecsec.
the class PINStepAction method perform.
@Override
public StepActionResult perform(Map<String, ExecutionResults> oldResults, StepResult result) {
if (retryCounter == 2) {
try {
EstablishChannelResponse response = performPACEWithCAN(oldResults);
if (response == null) {
LOG.debug("The CAN does not meet the format requirements.");
step.setStatus(EacPinStatus.RC1);
return new StepActionResult(StepActionResultStatus.REPEAT);
}
if (response.getResult().getResultMajor().equals(ECardConstants.Major.ERROR)) {
if (response.getResult().getResultMinor().equals(ECardConstants.Minor.IFD.AUTHENTICATION_FAILED)) {
LOG.error("Failed to authenticate with the given CAN.");
step.setStatus(EacPinStatus.RC1);
return new StepActionResult(StepActionResultStatus.REPEAT);
} else {
WSHelper.checkResult(response);
}
}
} catch (WSException ex) {
// This is for PIN Pad Readers in case the user pressed the cancel button on the reader.
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.CANCELLATION_BY_USER)) {
LOG.error("User canceled the authentication manually.", ex);
ctx.put(EACProtocol.PACE_EXCEPTION, ex);
return new StepActionResult(StepActionResultStatus.CANCEL);
}
// for people which think they have to remove the card in the process
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.INVALID_SLOT_HANDLE)) {
LOG.error("The SlotHandle was invalid so probably the user removed the card or an reset occurred.", ex);
ctx.put(EACProtocol.PACE_EXCEPTION, ex);
return new StepActionResult(StepActionResultStatus.REPEAT, new ErrorStep(lang.translationForKey(ERROR_TITLE), langPin.translationForKey(ERROR_CARD_REMOVED)));
}
}
}
try {
EstablishChannelResponse establishChannelResponse = performPACEWithPIN(oldResults);
if (establishChannelResponse.getResult().getResultMajor().equals(ECardConstants.Major.ERROR)) {
if (establishChannelResponse.getResult().getResultMinor().equals(ECardConstants.Minor.IFD.PASSWORD_ERROR)) {
// increase counters and the related displays
retryCounter++;
step.updateAttemptsDisplay(3 - retryCounter);
// repeat the step
LOG.info("Wrong PIN entered, trying again (try number {}).", retryCounter);
this.step.setStatus(EacPinStatus.RC2);
return new StepActionResult(StepActionResultStatus.REPEAT);
} else if (establishChannelResponse.getResult().getResultMinor().equals(ECardConstants.Minor.IFD.PASSWORD_SUSPENDED)) {
// increase counters and the related displays
retryCounter++;
step.updateAttemptsDisplay(3 - retryCounter);
LOG.info("Wrong PIN entered, trying again (try number {}).", retryCounter);
step.setStatus(EacPinStatus.RC1);
if (capturePin) {
step.addCANEntry();
} else {
step.addNativeCANNotice();
}
return new StepActionResult(StepActionResultStatus.REPEAT);
} else if (establishChannelResponse.getResult().getResultMinor().equals(ECardConstants.Minor.IFD.PASSWORD_BLOCKED)) {
LOG.warn("Wrong PIN entered. The PIN is blocked.");
ctx.put(EACProtocol.PIN_BLOCKED_STATUS, EacPinStatus.BLOCKED);
return new StepActionResult(StepActionResultStatus.REPEAT, new ErrorStep(lang.translationForKey("step_error_title_blocked", pin), lang.translationForKey("step_error_pin_blocked", pin, pin, puk, pin), WSHelper.createException(establishChannelResponse.getResult())));
} else {
WSHelper.checkResult(establishChannelResponse);
}
}
eacData.paceResponse = establishChannelResponse;
// PACE completed successfully, proceed with next step
ctx.put(EACProtocol.PACE_EXCEPTION, null);
return new StepActionResult(StepActionResultStatus.NEXT);
} catch (WSException ex) {
// This is for PIN Pad Readers in case the user pressed the cancel button on the reader.
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.CANCELLATION_BY_USER)) {
LOG.error("User canceled the authentication manually.", ex);
ctx.put(EACProtocol.PACE_EXCEPTION, ex);
return new StepActionResult(StepActionResultStatus.CANCEL);
}
// for people which think they have to remove the card in the process
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.INVALID_SLOT_HANDLE)) {
LOG.error("The SlotHandle was invalid so probably the user removed the card or an reset occurred.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, new ErrorStep(lang.translationForKey(ERROR_TITLE), langPin.translationForKey(ERROR_CARD_REMOVED), ex));
}
// repeat the step
LOG.error("An unknown error occured while trying to verify the PIN.");
return new StepActionResult(StepActionResultStatus.REPEAT, new ErrorStep(langPin.translationForKey(ERROR_TITLE), langPin.translationForKey(ERROR_UNKNOWN), ex));
}
}
Also used :
EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)
WSException(org.openecard.common.WSHelper.WSException)
StepActionResult(org.openecard.gui.executor.StepActionResult)
Example 10 with EstablishChannelResponse
use of iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse in project open-ecard by ecsec.
the class AndroidMarshallerTest method testConversionOfEstablishChannelResponse.
@Test
public void testConversionOfEstablishChannelResponse() throws Exception {
EstablishChannelResponse establishChannelResponse = new EstablishChannelResponse();
Result r = new Result();
r.setResultMajor("major");
r.setResultMinor("minor");
InternationalStringType internationalStringType = new InternationalStringType();
internationalStringType.setLang("en");
internationalStringType.setValue("message");
r.setResultMessage(internationalStringType);
establishChannelResponse.setResult(r);
}
Also used :
EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)
InternationalStringType(oasis.names.tc.dss._1_0.core.schema.InternationalStringType)
Result(oasis.names.tc.dss._1_0.core.schema.Result)
Test(org.testng.annotations.Test)
Aggregations
EstablishChannelResponse (iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)20
EstablishChannel (iso.std.iso_iec._24727.tech.schema.EstablishChannel)13
DIDAuthenticationDataType (iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)10
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)9
ExecutionResults (org.openecard.gui.executor.ExecutionResults)9
AuthDataMap (org.openecard.common.anytype.AuthDataMap)8
AuthDataResponse (org.openecard.common.anytype.AuthDataResponse)8
PasswordField (org.openecard.gui.definition.PasswordField)6
Connect (iso.std.iso_iec._24727.tech.schema.Connect)5
DestroyChannel (iso.std.iso_iec._24727.tech.schema.DestroyChannel)5
EstablishContext (iso.std.iso_iec._24727.tech.schema.EstablishContext)5
ListIFDs (iso.std.iso_iec._24727.tech.schema.ListIFDs)5
StepActionResult (org.openecard.gui.executor.StepActionResult)5
CardApplicationDisconnect (iso.std.iso_iec._24727.tech.schema.CardApplicationDisconnect)4
Disconnect (iso.std.iso_iec._24727.tech.schema.Disconnect)4
WSException (org.openecard.common.WSHelper.WSException)3
BeginTransaction (iso.std.iso_iec._24727.tech.schema.BeginTransaction)2
BeginTransactionResponse (iso.std.iso_iec._24727.tech.schema.BeginTransactionResponse)2
CardApplicationConnect (iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)2
CardApplicationConnectResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)2
