use of org.openecard.addons.cg.ex.InvalidRedirectUrlException in project open-ecard by ecsec.
the class ChipGateway method sendMessageInterruptable.
private <T> T sendMessageInterruptable(final String resource, final String msg, final Class<T> resClass) throws ConnectionError, InvalidRedirectUrlException, ChipGatewayDataError, ThreadTerminateException {
FutureTask<T> task = new FutureTask<>(new Callable<T>() {
@Override
public T call() throws Exception {
return sendMessage(resource, msg, resClass);
}
});
new Thread(task, "HTTP-Client-" + HTTP_THREAD_NUM.getAndIncrement()).start();
try {
return task.get();
} catch (ExecutionException ex) {
Throwable cause = ex.getCause();
if (cause instanceof ConnectionError) {
throw (ConnectionError) cause;
} else if (cause instanceof InvalidRedirectUrlException) {
throw (InvalidRedirectUrlException) cause;
} else if (cause instanceof ChipGatewayDataError) {
throw (ChipGatewayDataError) cause;
} else if (cause instanceof RuntimeException) {
throw (RuntimeException) cause;
} else {
throw new RuntimeException("Unexpected exception raised by HTTP message sending thread.", cause);
}
} catch (InterruptedException ex) {
LOG.debug("Sending HTTP message interrupted.");
task.cancel(true);
// force new connection because this one may be unfinished and thus unusable
try {
conn.shutdown();
} catch (IOException ignore) {
}
throw new ThreadTerminateException("Interrupt received while sending HTTP message.");
}
}
use of org.openecard.addons.cg.ex.InvalidRedirectUrlException in project open-ecard by ecsec.
the class ChipGateway method processCertificatesRequest.
private CommandType processCertificatesRequest(final ListCertificatesRequestType certReq) throws ConnectionError, JsonProcessingException, InvalidRedirectUrlException, ChipGatewayDataError {
// check if we have been interrupted
checkProcessCancelled();
BigInteger waitSecondsBig = certReq.getMaxWaitSeconds();
long waitMillis = getWaitMillis(waitSecondsBig);
// run the actual stuff in the background, so we can wait and terminate if needed
FutureTask<ListCertificatesResponseType> action = new FutureTask<>(new Callable<ListCertificatesResponseType>() {
@Override
public ListCertificatesResponseType call() throws Exception {
ListCertificatesResponseType certResp = new ListCertificatesResponseType();
certResp.setSessionIdentifier(sessionId);
char[] pin = null;
try {
pin = getPin(certReq.getPIN());
byte[] slotHandle = certReq.getSlotHandle();
ListCertificates helper = new ListCertificates(tokenCache, slotHandle, certReq.getCertificateFilter(), pin);
List<CertificateInfoType> certInfos = helper.getCertificates();
certResp.getCertificateInfo().addAll(certInfos);
certResp.setResult(ChipGatewayStatusCodes.OK);
return certResp;
} finally {
if (pin != null) {
Arrays.fill(pin, ' ');
}
}
}
});
Thread t = new Thread(action, "CertificatesRequest-Task-" + TASK_THREAD_NUM.getAndIncrement());
t.setDaemon(true);
t.start();
ListCertificatesResponseType certResp = new ListCertificatesResponseType();
certResp.setSessionIdentifier(sessionId);
try {
// wait for thread to finish
certResp = action.get(waitMillis, TimeUnit.MILLISECONDS);
} catch (TimeoutException ex) {
LOG.info("Background task took longer than the timeout value permitted.", ex);
// cancel task
action.cancel(true);
// wait for task to finish, so the SC stack can not get confused
try {
t.join();
certResp.setResult(ChipGatewayStatusCodes.TIMEOUT);
} catch (InterruptedException ignore) {
// send stop message
certResp.setResult(ChipGatewayStatusCodes.STOPPED);
}
} catch (ExecutionException ex) {
LOG.error("Background task produced an exception.", ex);
Throwable cause = ex.getCause();
if (cause instanceof RemotePinException) {
LOG.error("Error getting encrypted PIN.", ex);
certResp.setResult(ChipGatewayStatusCodes.INCORRECT_PARAMETER);
} else if (cause instanceof ParameterInvalid) {
LOG.error("Error while processing the certificate filter parameters.", ex);
certResp.setResult(ChipGatewayStatusCodes.INCORRECT_PARAMETER);
} else if (cause instanceof SlotHandleInvalid) {
LOG.error("No token for the given slot handle found.", cause);
certResp.setResult(ChipGatewayStatusCodes.UNKNOWN_SLOT);
} else if (cause instanceof NoSuchDid) {
LOG.error("DID does not exist.", cause);
certResp.setResult(ChipGatewayStatusCodes.UNKNOWN_DID);
} else if (cause instanceof SecurityConditionUnsatisfiable) {
LOG.error("DID can not be authenticated.", cause);
certResp.setResult(ChipGatewayStatusCodes.SECURITY_NOT_SATISFIED);
} else if (cause instanceof CertificateException) {
LOG.error("Certificate could not be processed.", cause);
certResp.setResult(ChipGatewayStatusCodes.OTHER);
} else if (cause instanceof WSHelper.WSException) {
LOG.error("Unknown error.", cause);
certResp.setResult(ChipGatewayStatusCodes.OTHER);
} else if (cause instanceof ThreadTerminateException) {
LOG.error("Chipgateway process interrupted.", cause);
certResp.setResult(ChipGatewayStatusCodes.STOPPED);
} else {
LOG.error("Unknown error during list certificate operation.", cause);
certResp.setResult(ChipGatewayStatusCodes.OTHER);
}
} catch (InterruptedException ex) {
String msg = "Interrupted while waiting for background task.";
if (LOG.isDebugEnabled()) {
LOG.debug(msg, ex);
} else {
LOG.info(msg);
}
// cancel task
action.cancel(true);
// send stop message
certResp.setResult(ChipGatewayStatusCodes.STOPPED);
}
return sendMessageInterruptableAndCheckTermination(getResource(listCertsUrl), certResp);
}
use of org.openecard.addons.cg.ex.InvalidRedirectUrlException in project open-ecard by ecsec.
the class ChipGateway method processSignRequest.
private CommandType processSignRequest(final SignRequestType signReq) throws ConnectionError, JsonProcessingException, InvalidRedirectUrlException, ChipGatewayDataError {
// check if we have been interrupted
checkProcessCancelled();
BigInteger waitSecondsBig = signReq.getMaxWaitSeconds();
long waitMillis = getWaitMillis(waitSecondsBig);
// run the actual stuff in the background, so we can wait and terminate if needed
FutureTask<SignResponseType> action = new FutureTask<>(new Callable<SignResponseType>() {
@Override
public SignResponseType call() throws Exception {
SignResponseType signResp = new SignResponseType();
signResp.setSessionIdentifier(sessionId);
byte[] slotHandle = signReq.getSlotHandle();
String didName = signReq.getDIDName();
char[] pin = null;
try {
pin = getPin(signReq.getPIN());
Signer signer = new Signer(tokenCache, slotHandle, didName, pin);
byte[] signature = signer.sign(signReq.getMessage());
signResp.setSignature(signature);
signResp.setResult(ChipGatewayStatusCodes.OK);
return signResp;
} finally {
if (pin != null) {
Arrays.fill(pin, ' ');
}
}
}
});
Thread t = new Thread(action, "SignRequest-Task-" + TASK_THREAD_NUM.getAndIncrement());
t.setDaemon(true);
t.start();
SignResponseType signResp = new SignResponseType();
signResp.setSessionIdentifier(sessionId);
try {
// wait for thread to finish
signResp = action.get(waitMillis, TimeUnit.MILLISECONDS);
} catch (TimeoutException ex) {
LOG.info("Background task took longer than the timeout value permitted.", ex);
// cancel task
action.cancel(true);
// wait for task to finish, so the SC stack can not get confused
try {
t.join();
signResp.setResult(ChipGatewayStatusCodes.TIMEOUT);
} catch (InterruptedException ignore) {
// send stop message
signResp.setResult(ChipGatewayStatusCodes.STOPPED);
}
} catch (ExecutionException ex) {
LOG.error("Background task produced an exception.", ex);
Throwable cause = ex.getCause();
if (cause instanceof RemotePinException) {
LOG.error("Error getting encrypted PIN.", cause);
signResp.setResult(ChipGatewayStatusCodes.INCORRECT_PARAMETER);
} else if (cause instanceof ParameterInvalid) {
LOG.error("Error while processing the certificate filter parameters.", cause);
signResp.setResult(ChipGatewayStatusCodes.INCORRECT_PARAMETER);
} else if (cause instanceof SlotHandleInvalid) {
LOG.error("No token for the given slot handle found.", cause);
signResp.setResult(ChipGatewayStatusCodes.UNKNOWN_SLOT);
} else if (cause instanceof NoSuchDid) {
LOG.error("DID does not exist.", cause);
signResp.setResult(ChipGatewayStatusCodes.UNKNOWN_DID);
} else if (cause instanceof PinBlocked) {
LOG.error("PIN is blocked.", ex);
signResp.setResult(ChipGatewayStatusCodes.PIN_BLOCKED);
} else if (cause instanceof SecurityConditionUnsatisfiable) {
LOG.error("DID can not be authenticated.", cause);
signResp.setResult(ChipGatewayStatusCodes.SECURITY_NOT_SATISFIED);
} else if (cause instanceof WSHelper.WSException) {
LOG.error("Unknown error.", cause);
signResp.setResult(ChipGatewayStatusCodes.OTHER);
} else if (cause instanceof ThreadTerminateException) {
LOG.error("Chipgateway process interrupted.", cause);
signResp.setResult(ChipGatewayStatusCodes.STOPPED);
} else {
LOG.error("Unknown error during sign operation.", cause);
signResp.setResult(ChipGatewayStatusCodes.OTHER);
}
} catch (InterruptedException ex) {
String msg = "Interrupted while waiting for background task.";
if (LOG.isDebugEnabled()) {
LOG.debug(msg, ex);
} else {
LOG.info(msg);
}
// cancel task
action.cancel(true);
// send stop message
signResp.setResult(ChipGatewayStatusCodes.STOPPED);
}
return sendMessageInterruptableAndCheckTermination(getResource(signUrl), signResp);
}
use of org.openecard.addons.cg.ex.InvalidRedirectUrlException in project open-ecard by ecsec.
the class ActivateCGAction method execute.
@Override
public BindingResult execute(RequestBody body, Map<String, String> params, Headers headers, List<Attachment> att) {
BindingResult response;
boolean aquired = false;
try {
checkMethod(headers);
final TCToken token = TCToken.generateToken(params);
Runnable cgAction = new Runnable() {
@Override
public void run() {
try {
tokenHandler.handleNoCardActivate(token);
// run a full GC to free some heap memory
System.gc();
System.runFinalization();
System.gc();
} catch (ThreadTerminateException ex) {
LOG.debug("Activation task terminated by an interrupt.", ex);
} catch (RuntimeException ex) {
LOG.error("Unhandled exception in activation process.", ex);
} finally {
currentTaskThread = null;
// in some cases an error does not lead to a removal of the dynamic context so remove it here
DynamicContext.remove();
}
}
};
// guard thread creation
MUTEX.acquire();
aquired = true;
Thread t = currentTaskThread;
if (t != null) {
if (token.isForceProcessing()) {
LOG.info("Stopping already running ChipGateway Protocol instance.");
t.interrupt();
// wait for other task to complete
t.join();
} else {
LOG.info("Another ChipGateway Protocol instance is already running, return status=busy.");
response = new BindingResult(BindingResultCode.REDIRECT);
response.getAuxResultData().put(AuxDataKeys.REDIRECT_LOCATION, token.finalizeBusyAddress());
return response;
}
}
// perform ChipGateway Protocol in background thread, so that we can return directly
currentTaskThread = new Thread(cgAction);
currentTaskThread.setDaemon(true);
currentTaskThread.setName("ChipGateway-Activation-" + THREAD_NUM.getAndIncrement());
currentTaskThread.start();
// create redirect
response = new BindingResult(BindingResultCode.REDIRECT);
response.getAuxResultData().put(AuxDataKeys.REDIRECT_LOCATION, token.finalizeOkAddress());
} catch (WrongMethodException ex) {
LOG.warn(ex.getMessage());
response = new BindingResult(BindingResultCode.WRONG_PARAMETER);
response.setResultMessage(ex.getMessage());
} catch (NoMethodException ex) {
LOG.error("No method given in headers, maybe wrong binging.", ex);
response = new BindingResult(BindingResultCode.INTERNAL_ERROR);
response.setResultMessage(ex.getMessage());
} catch (InvalidRedirectUrlException | InvalidTCTokenElement ex) {
LOG.error("Failed to create TCToken.", ex);
response = ex.getBindingResult();
} catch (InterruptedException ex) {
LOG.info("ChipGateway activation interrupted.");
response = new BindingResult(BindingResultCode.INTERNAL_ERROR);
response.setResultMessage(ex.getMessage());
} finally {
if (aquired) {
MUTEX.release();
}
}
return response;
}
Aggregations