Example 1 with NamedDataServiceActionName
use of iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName in project open-ecard by ecsec.
the class CIFCreator method createRuleTrue.
private AccessRuleType createRuleTrue(NamedDataServiceActionName actionName) {
AccessRuleType rule = new AccessRuleType();
rule.setCardApplicationServiceName("NamedDataService");
rule.setAction(createAction(actionName));
rule.setSecurityCondition(createTrueCond());
return rule;
}
Also used :
AccessRuleType(iso.std.iso_iec._24727.tech.schema.AccessRuleType)
Example 2 with NamedDataServiceActionName
use of iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName in project open-ecard by ecsec.
the class CIFCreator method createAction.
private ActionNameType createAction(NamedDataServiceActionName actionName) {
ActionNameType action = new ActionNameType();
action.setNamedDataServiceAction(actionName);
return action;
}
Also used :
ActionNameType(iso.std.iso_iec._24727.tech.schema.ActionNameType)
Example 3 with NamedDataServiceActionName
use of iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName in project open-ecard by ecsec.
the class ACLResolver method getMissingDids.
private List<DIDStructureType> getMissingDids(List<AccessRuleType> acls, TargetNameType target) throws WSException, SecurityConditionUnsatisfiable {
// find the sign acl
ArrayList<AccessRuleType> tmpAcls = new ArrayList<>();
for (AccessRuleType next : acls) {
if (target.getDIDName() != null) {
CryptographicServiceActionName action = next.getAction().getCryptographicServiceAction();
if (CryptographicServiceActionName.SIGN.equals(action)) {
tmpAcls.add(next);
// there can be only one
break;
}
}
if (target.getDataSetName() != null) {
NamedDataServiceActionName action = next.getAction().getNamedDataServiceAction();
if (NamedDataServiceActionName.DATA_SET_SELECT.equals(action)) {
tmpAcls.add(next);
continue;
}
if (NamedDataServiceActionName.DSI_READ.equals(action)) {
tmpAcls.add(next);
continue;
}
}
}
ArrayList<DIDStructureType> result = new ArrayList<>();
for (AccessRuleType acl : tmpAcls) {
// get the most suitable DID in the tree
SecurityConditionType cond = normalize(acl.getSecurityCondition());
cond = getBestSecurityCondition(cond);
// flatten condition to list of unsatisfied dids
List<DIDAuthenticationStateType> authStates = flattenCondition(cond);
List<DIDStructureType> missingDIDs = filterSatisfiedDIDs(authStates);
result.addAll(missingDIDs);
}
// remove duplicates
TreeSet<String> newDids = new TreeSet<>();
Iterator<DIDStructureType> it = result.iterator();
while (it.hasNext()) {
// this code bluntly assumes, that did names are unique per cardinfo file
DIDStructureType next = it.next();
if (newDids.contains(next.getDIDName())) {
it.remove();
} else {
newDids.add(next.getDIDName());
}
}
return result;
}
Also used :
NamedDataServiceActionName(iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName)
ArrayList(java.util.ArrayList)
DIDAuthenticationStateType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)
TreeSet(java.util.TreeSet)
CryptographicServiceActionName(iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName)
AccessRuleType(iso.std.iso_iec._24727.tech.schema.AccessRuleType)
DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType)
SecurityConditionType(iso.std.iso_iec._24727.tech.schema.SecurityConditionType)
Aggregations
AccessRuleType (iso.std.iso_iec._24727.tech.schema.AccessRuleType)2
ActionNameType (iso.std.iso_iec._24727.tech.schema.ActionNameType)1
CryptographicServiceActionName (iso.std.iso_iec._24727.tech.schema.CryptographicServiceActionName)1
DIDAuthenticationStateType (iso.std.iso_iec._24727.tech.schema.DIDAuthenticationStateType)1
DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)1
NamedDataServiceActionName (iso.std.iso_iec._24727.tech.schema.NamedDataServiceActionName)1
SecurityConditionType (iso.std.iso_iec._24727.tech.schema.SecurityConditionType)1
ArrayList (java.util.ArrayList)1
TreeSet (java.util.TreeSet)1
