Examples with PinCompareMarkerType iso.std.iso_iec._24727.tech.schema.PinCompareMarkerType used on opensource projects

Example 1 with PinCompareMarkerType

use of iso.std.iso_iec._24727.tech.schema.PinCompareMarkerType in project open-ecard by ecsec.

the class CIFCreator method createPinDID.

private DIDInfoType createPinDID() throws WSMarshallerException {
    LOG.debug("Creating PinCompare DID object.");
    DIDInfoType di = new DIDInfoType();
    // create differential identity
    DifferentialIdentityType did = new DifferentialIdentityType();
    di.setDifferentialIdentity(did);
    String didName = PIN_NAME;
    did.setDIDName(didName);
    did.setDIDProtocol("urn:oid:1.3.162.15480.3.0.9");
    did.setDIDScope(DIDScopeType.GLOBAL);
    // create pin compare marker
    PinMarkerBuilder markerBuilder = new PinMarkerBuilder();
    KeyRefType kr = new KeyRefType();
    // value is irrelevant
    kr.setKeyRef(new byte[] { 0x01 });
    markerBuilder.setPinRef(kr);
    try {
        PasswordAttributesType pw = new PasswordAttributesType();
        MwToken tok = session.getSlot().getTokenInfo();
        long minPinLen = tok.getUlMinPinLen();
        long maxPinLen = tok.getUlMinPinLen();
        pw.setMinLength(BigInteger.valueOf(minPinLen));
        pw.setMaxLength(BigInteger.valueOf(maxPinLen));
        markerBuilder.setPwAttributes(pw);
    } catch (CryptokiException | NullPointerException ex) {
        LOG.warn("Unable to read min and max PIN length from middleware.");
    }
    // wrap pin compare marker and add to parent
    PinCompareMarkerType marker = markerBuilder.build();
    DIDMarkerType markerWrapper = new DIDMarkerType();
    markerWrapper.setPinCompareMarker(marker);
    did.setDIDMarker(markerWrapper);
    // create acl
    AccessControlListType acl = new AccessControlListType();
    di.setDIDACL(acl);
    List<AccessRuleType> rules = acl.getAccessRule();
    rules.add(createRuleTrue(AuthorizationServiceActionName.ACL_LIST));
    rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_LIST));
    rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_GET));
    rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_AUTHENTICATE));
    return di;
}

Example 2 with PinCompareMarkerType

use of iso.std.iso_iec._24727.tech.schema.PinCompareMarkerType in project open-ecard by ecsec.

the class PinMarkerBuilder method build.

public PinCompareMarkerType build() {
    PinCompareMarkerType marker = new PinCompareMarkerType();
    marker.setProtocol(PROTOCOL);
    if (pinRef != null) {
        try {
            JAXBElement<KeyRefType> e;
            e = new JAXBElement<>(new QName(ISONS, "PinRef"), KeyRefType.class, pinRef);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal PinRef element.", ex);
        }
    }
    if (pinValue != null) {
        try {
            JAXBElement<String> e;
            e = new JAXBElement<>(new QName(ISONS, "PinValue"), String.class, pinValue);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal PinValue element.", ex);
        }
    }
    if (pwAttributes != null) {
        try {
            JAXBElement<PasswordAttributesType> e;
            e = new JAXBElement(new QName(ISONS, "PasswordAttributes"), PasswordAttributesType.class, pinRef);
            Document d = m.marshal(e);
            marker.getAny().add(d.getDocumentElement());
        } catch (MarshallingTypeException ex) {
            LOG.error("Failed to marshal PasswordAttributes element.", ex);
        }
    }
    return marker;
}

Example 3 with PinCompareMarkerType

use of iso.std.iso_iec._24727.tech.schema.PinCompareMarkerType in project open-ecard by ecsec.

the class AndroidMarshaller method parseDIDMarkerType.

private DIDMarkerType parseDIDMarkerType(XmlPullParser parser) throws XmlPullParserException, IOException {
    DIDMarkerType didMarker = new DIDMarkerType();
    int eventType;
    do {
        parser.next();
        eventType = parser.getEventType();
        if (eventType == XmlPullParser.START_TAG) {
            if (parser.getName().equals("PACEMarker")) {
                didMarker.setPACEMarker((PACEMarkerType) this.parseMarker(parser, PACEMarkerType.class));
            } else if (parser.getName().equals("TAMarker")) {
                didMarker.setTAMarker((TAMarkerType) this.parseMarker(parser, TAMarkerType.class));
            } else if (parser.getName().equals("CAMarker")) {
                didMarker.setCAMarker((CAMarkerType) this.parseMarker(parser, CAMarkerType.class));
            } else if (parser.getName().equals("RIMarker")) {
                didMarker.setRIMarker((RIMarkerType) this.parseMarker(parser, RIMarkerType.class));
            } else if (parser.getName().equals("CryptoMarker")) {
                didMarker.setCryptoMarker((CryptoMarkerType) this.parseMarker(parser, CryptoMarkerType.class));
            } else if (parser.getName().equals("PinCompareMarker")) {
                didMarker.setPinCompareMarker((PinCompareMarkerType) this.parseMarker(parser, PinCompareMarkerType.class));
            } else if (parser.getName().equals("RSAAuthMarker")) {
                didMarker.setRSAAuthMarker((RSAAuthMarkerType) this.parseMarker(parser, RSAAuthMarkerType.class));
            } else if (parser.getName().equals("MutualAuthMarker")) {
                didMarker.setMutualAuthMarker((MutualAuthMarkerType) this.parseMarker(parser, MutualAuthMarkerType.class));
            } else if (parser.getName().equals("EACMarker")) {
                didMarker.setEACMarker((EACMarkerType) this.parseMarker(parser, EACMarkerType.class));
            } else {
                LOG.error(parser.getName() + " not yet implemented");
            }
        }
    } while (!(eventType == XmlPullParser.END_TAG && parser.getName().equals("DIDMarker")));
    return didMarker;
}

Example 4 with PinCompareMarkerType

use of iso.std.iso_iec._24727.tech.schema.PinCompareMarkerType in project open-ecard by ecsec.

the class DIDAuthenticateStep method perform.

@Override
public DIDAuthenticateResponse perform(DIDAuthenticate request, Map<String, Object> internalData) {
    DIDAuthenticateResponse response = WSHelper.makeResponse(DIDAuthenticateResponse.class, WSHelper.makeResultOK());
    char[] rawPIN = null;
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        String didName = SALUtils.getDIDName(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
        PINCompareDIDAuthenticateInputType pinCompareInput = new PINCompareDIDAuthenticateInputType(request.getAuthenticationProtocolData());
        PINCompareDIDAuthenticateOutputType pinCompareOutput = pinCompareInput.getOutputType();
        byte[] cardApplication;
        if (request.getDIDScope() != null && request.getDIDScope().equals(DIDScopeType.GLOBAL)) {
            cardApplication = cardStateEntry.getInfo().getApplicationIdByDidName(request.getDIDName(), request.getDIDScope());
        } else {
            cardApplication = connectionHandle.getCardApplication();
        }
        Assert.securityConditionDID(cardStateEntry, cardApplication, didName, DifferentialIdentityServiceActionName.DID_AUTHENTICATE);
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, cardApplication);
        PINCompareMarkerType pinCompareMarker = new PINCompareMarkerType(didStructure.getDIDMarker());
        byte keyRef = pinCompareMarker.getPINRef().getKeyRef()[0];
        byte[] slotHandle = connectionHandle.getSlotHandle();
        PasswordAttributesType attributes = pinCompareMarker.getPasswordAttributes();
        rawPIN = pinCompareInput.getPIN();
        // delete pin from memory of the structure
        pinCompareInput.setPIN(null);
        byte[] template = new byte[] { 0x00, 0x20, 0x00, keyRef };
        byte[] responseCode;
        // with [ISO7816-4] (Section 7.5.6).
        if (rawPIN == null || rawPIN.length == 0) {
            VerifyUser verify = new VerifyUser();
            verify.setSlotHandle(slotHandle);
            InputUnitType inputUnit = new InputUnitType();
            verify.setInputUnit(inputUnit);
            PinInputType pinInput = new PinInputType();
            inputUnit.setPinInput(pinInput);
            pinInput.setIndex(BigInteger.ZERO);
            pinInput.setPasswordAttributes(attributes);
            verify.setTemplate(template);
            VerifyUserResponse verifyR = (VerifyUserResponse) dispatcher.safeDeliver(verify);
            WSHelper.checkResult(verifyR);
            responseCode = verifyR.getResponse();
        } else {
            Transmit verifyTransmit = PINUtils.buildVerifyTransmit(rawPIN, attributes, template, slotHandle);
            try {
                TransmitResponse transResp = (TransmitResponse) dispatcher.safeDeliver(verifyTransmit);
                WSHelper.checkResult(transResp);
                responseCode = transResp.getOutputAPDU().get(0);
            } finally {
                // blank PIN APDU
                for (InputAPDUInfoType apdu : verifyTransmit.getInputAPDUInfo()) {
                    byte[] rawApdu = apdu.getInputAPDU();
                    if (rawApdu != null) {
                        java.util.Arrays.fill(rawApdu, (byte) 0);
                    }
                }
            }
        }
        CardResponseAPDU verifyResponseAPDU = new CardResponseAPDU(responseCode);
        if (verifyResponseAPDU.isWarningProcessed()) {
            pinCompareOutput.setRetryCounter(new BigInteger(Integer.toString((verifyResponseAPDU.getSW2() & 0x0F))));
        }
        cardStateEntry.addAuthenticated(didName, cardApplication);
        response.setAuthenticationProtocolData(pinCompareOutput.getAuthDataType());
    } catch (ECardException e) {
        LOG.error(e.getMessage(), e);
        response.setResult(e.getResult());
    } catch (Exception e) {
        if (e instanceof RuntimeException) {
            throw (RuntimeException) e;
        }
        LOG.error(e.getMessage(), e);
        response.setResult(WSHelper.makeResult(e));
    } finally {
        if (rawPIN != null) {
            Arrays.fill(rawPIN, ' ');
        }
    }
    return response;
}

Example 5 with PinCompareMarkerType

use of iso.std.iso_iec._24727.tech.schema.PinCompareMarkerType in project open-ecard by ecsec.

the class PinCompareMarkerTypeTest method testPinCompareMarkerType.

/**
 * Simple test for PinCompareMarkerType. After getting the PinCompareMarker for the PIN.home DID in the the root
 * application we check if the get-methods return the expected values.
 *
 * @throws Exception when something in this test went unexpectedly wrong
 */
@Test
public void testPinCompareMarkerType() throws Exception {
    JAXBContext ctx = JAXBContext.newInstance(PinCompareMarkerType.class);
    Unmarshaller um = ctx.createUnmarshaller();
    InputStream res = getClass().getResourceAsStream("/anytype/pin/egk_pin_home_marker.xml");
    JAXBElement<PinCompareMarkerType> elem = um.unmarshal(new StreamSource(res), PinCompareMarkerType.class);
    PINCompareMarkerType pinCompareMarker = new PINCompareMarkerType(elem.getValue());
    assertEquals(pinCompareMarker.getPINRef().getKeyRef(), new byte[] { 0x02 });
    assertNull(pinCompareMarker.getPINValue());
    assertEquals(pinCompareMarker.getPasswordAttributes().getMaxLength(), new BigInteger("8"));
    assertEquals(pinCompareMarker.getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
}