use of org.openecard.addon.sal.SALProtocol in project open-ecard by ecsec.
the class TinySAL method sign.
/**
* The Sign function signs a transmitted message.
* See BSI-TR-03112-4, version 1.1.2, section 3.5.5.
*
* @param request Sign
* @return SignResponse
*/
@Override
public SignResponse sign(Sign request) {
SignResponse response = WSHelper.makeResponse(SignResponse.class, WSHelper.makeResultOK());
CardStateEntry cardStateEntry = null;
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
String didName = SALUtils.getDIDName(request);
byte[] message = request.getMessage();
Assert.assertIncorrectParameter(message, "The parameter Message is empty.");
DIDScopeType didScope = request.getDIDScope();
if (didScope == null) {
didScope = DIDScopeType.LOCAL;
}
if (didScope.equals(DIDScopeType.LOCAL)) {
byte[] necessarySelectedApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
if (!Arrays.equals(necessarySelectedApp, applicationID)) {
String msg = "Wrong application selected for the execution of Sign with the DID " + didName + ".";
throw new SecurityConditionNotSatisfiedException(msg);
}
}
DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
String protocolURI = didStructure.getDIDMarker().getProtocol();
SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
if (protocol.hasNextStep(FunctionType.Sign)) {
response = protocol.sign(request);
removeFinishedProtocol(connectionHandle, protocolURI, protocol);
} else {
throw new InappropriateProtocolForActionException("Sign", protocol.toString());
}
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
// TODO: remove when PIN state tracking is implemented
setPinNotAuth(cardStateEntry);
return response;
}
use of org.openecard.addon.sal.SALProtocol in project open-ecard by ecsec.
the class TinySAL method didAuthenticate.
/**
* The DIDAuthenticate function can be used to execute an authentication protocol using a DID addressed by DIDName.
* See BSI-TR-03112-4, version 1.1.2, section 3.6.6.
*
* @param request DIDAuthenticate
* @return DIDAuthenticateResponse
*/
@Publish
@Override
public DIDAuthenticateResponse didAuthenticate(DIDAuthenticate request) {
DIDAuthenticateResponse response = WSHelper.makeResponse(DIDAuthenticateResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
DIDAuthenticationDataType didAuthenticationData = request.getAuthenticationProtocolData();
Assert.assertIncorrectParameter(didAuthenticationData, "The parameter AuthenticationProtocolData is empty.");
String protocolURI = didAuthenticationData.getProtocol();
// FIXME: workaround for missing protocol URI from eID-Servers
if (protocolURI == null) {
LOG.warn("ProtocolURI was null");
protocolURI = ECardConstants.Protocol.EAC_GENERIC;
} else if (protocolURI.equals("urn:oid:1.0.24727.3.0.0.7.2")) {
LOG.warn("ProtocolURI was urn:oid:1.0.24727.3.0.0.7.2");
protocolURI = ECardConstants.Protocol.EAC_GENERIC;
}
didAuthenticationData.setProtocol(protocolURI);
SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
if (protocol.hasNextStep(FunctionType.DIDAuthenticate)) {
response = protocol.didAuthenticate(request);
removeFinishedProtocol(connectionHandle, protocolURI, protocol);
} else {
throw new InappropriateProtocolForActionException("DIDAuthenticate", protocol.toString());
}
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
use of org.openecard.addon.sal.SALProtocol in project open-ecard by ecsec.
the class TinySAL method hash.
/**
* The Hash function calculates the hash value of a transmitted message.
* See BSI-TR-03112-4, version 1.1.2, section 3.5.4.
*
* @param request Hash
* @return HashResponse
*/
@Publish
@Override
public HashResponse hash(Hash request) {
HashResponse response = WSHelper.makeResponse(HashResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
String didName = SALUtils.getDIDName(request);
byte[] message = request.getMessage();
Assert.assertIncorrectParameter(message, "The parameter Message is empty.");
DIDScopeType didScope = request.getDIDScope();
if (didScope == null) {
didScope = DIDScopeType.LOCAL;
}
if (didScope.equals(DIDScopeType.LOCAL)) {
byte[] necesssaryApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
if (!Arrays.equals(necesssaryApp, applicationID)) {
String msg = "Wrong application for executing Hash with the specified DID " + didName + ".";
throw new SecurityConditionNotSatisfiedException(msg);
}
}
DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
String protocolURI = didStructure.getDIDMarker().getProtocol();
SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
if (protocol.hasNextStep(FunctionType.Hash)) {
response = protocol.hash(request);
removeFinishedProtocol(connectionHandle, protocolURI, protocol);
} else {
throw new InappropriateProtocolForActionException("Hash", protocol.toString());
}
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
use of org.openecard.addon.sal.SALProtocol in project open-ecard by ecsec.
the class TinySAL method getRandom.
/**
* The GetRandom function returns a random number which is suitable for authentication with the DID addressed with
* DIDName.
* See BSI-TR-03112-4, version 1.1.2, section 3.5.3.
*
* @param request GetRandom
* @return GetRandomResponse
*/
@Publish
@Override
public GetRandomResponse getRandom(GetRandom request) {
GetRandomResponse response = WSHelper.makeResponse(GetRandomResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
String didName = SALUtils.getDIDName(request);
DIDScopeType didScope = request.getDIDScope();
if (didScope == null) {
didScope = DIDScopeType.LOCAL;
}
if (didScope.equals(DIDScopeType.LOCAL)) {
byte[] necessaryApp = cardStateEntry.getInfo().getApplicationIdByDidName(didName, didScope);
if (!Arrays.equals(necessaryApp, applicationID)) {
throw new SecurityConditionNotSatisfiedException("The wrong application is selected for getRandom()");
}
}
DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, didScope);
Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
String protocolURI = didStructure.getDIDMarker().getProtocol();
SALProtocol protocol = getProtocol(connectionHandle, request.getDIDScope(), protocolURI);
if (protocol.hasNextStep(FunctionType.GetRandom)) {
response = protocol.getRandom(request);
removeFinishedProtocol(connectionHandle, protocolURI, protocol);
} else {
throw new InappropriateProtocolForActionException("GetRandom", protocol.toString());
}
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
use of org.openecard.addon.sal.SALProtocol in project open-ecard by ecsec.
the class TinySAL method cardApplicationEndSession.
/**
* The CardApplicationEndSession function closes the session between the client application and the card application.
* See BSI-TR-03112-4, version 1.1.2, section 3.2.4.
*
* @param request CardApplicationEndSession
* @return CardApplicationEndSessionResponse
*/
@Publish
@Override
public CardApplicationEndSessionResponse cardApplicationEndSession(CardApplicationEndSession request) {
CardApplicationEndSessionResponse response = WSHelper.makeResponse(CardApplicationEndSessionResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle);
byte[] cardApplicationID = connectionHandle.getCardApplication();
String didName = SALUtils.getDIDName(request);
DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, cardApplicationID);
Assert.assertNamedEntityNotFound(didStructure, "The given DIDName cannot be found.");
Assert.securityConditionApplication(cardStateEntry, cardApplicationID, ConnectionServiceActionName.CARD_APPLICATION_END_SESSION);
String protocolURI = didStructure.getDIDMarker().getProtocol();
SALProtocol protocol = getProtocol(connectionHandle, null, protocolURI);
if (protocol.hasNextStep(FunctionType.CardApplicationEndSession)) {
response = protocol.cardApplicationEndSession(request);
removeFinishedProtocol(connectionHandle, protocolURI, protocol);
} else {
throw new InappropriateProtocolForActionException("CardApplicationEndSession", protocol.toString());
}
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
Aggregations