Example 1 with AuthDataMap
use of org.openecard.common.anytype.AuthDataMap in project open-ecard by ecsec.
the class PACEStep method perform.
@Override
public DIDAuthenticateResponse perform(DIDAuthenticate request, Map<String, Object> internalData) {
// get context to save values in
DynamicContext dynCtx = DynamicContext.getInstance(TR03112Keys.INSTANCE_KEY);
DIDAuthenticate didAuthenticate = request;
DIDAuthenticateResponse response = new DIDAuthenticateResponse();
ConnectionHandleType conHandle = (ConnectionHandleType) dynCtx.get(TR03112Keys.CONNECTION_HANDLE);
try {
ObjectSchemaValidator valid = (ObjectSchemaValidator) dynCtx.getPromise(EACProtocol.SCHEMA_VALIDATOR).deref();
boolean messageValid = valid.validateObject(request);
if (!messageValid) {
String msg = "Validation of the EAC1InputType message failed.";
LOG.error(msg);
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
response.setResult(WSHelper.makeResultError(ECardConstants.Minor.App.INCORRECT_PARM, msg));
return response;
}
} catch (ObjectValidatorException ex) {
String msg = "Validation of the EAC1InputType message failed due to invalid input data.";
LOG.error(msg, ex);
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
response.setResult(WSHelper.makeResultError(ECardConstants.Minor.App.INT_ERROR, msg));
return response;
} catch (InterruptedException ex) {
String msg = "Thread interrupted while waiting for schema validator instance.";
LOG.error(msg, ex);
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
response.setResult(WSHelper.makeResultError(ECardConstants.Minor.App.INT_ERROR, msg));
return response;
}
if (!ByteUtils.compare(conHandle.getSlotHandle(), didAuthenticate.getConnectionHandle().getSlotHandle())) {
String msg = "Invalid connection handle given in DIDAuthenticate message.";
Result r = WSHelper.makeResultError(ECardConstants.Minor.SAL.UNKNOWN_HANDLE, msg);
response.setResult(r);
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
return response;
}
byte[] slotHandle = conHandle.getSlotHandle();
dynCtx.put(EACProtocol.SLOT_HANDLE, slotHandle);
dynCtx.put(EACProtocol.DISPATCHER, dispatcher);
try {
EAC1InputType eac1Input = new EAC1InputType(didAuthenticate.getAuthenticationProtocolData());
EAC1OutputType eac1Output = eac1Input.getOutputType();
AuthenticatedAuxiliaryData aad = new AuthenticatedAuxiliaryData(eac1Input.getAuthenticatedAuxiliaryData());
byte pinID = PasswordID.valueOf(didAuthenticate.getDIDName()).getByte();
final String passwordType = PasswordID.parse(pinID).getString();
// determine PACE capabilities of the terminal
boolean nativePace = genericPACESupport(conHandle);
dynCtx.put(EACProtocol.IS_NATIVE_PACE, nativePace);
// Certificate chain
CardVerifiableCertificateChain certChain = new CardVerifiableCertificateChain(eac1Input.getCertificates());
byte[] rawCertificateDescription = eac1Input.getCertificateDescription();
CertificateDescription certDescription = CertificateDescription.getInstance(rawCertificateDescription);
// put CertificateDescription into DynamicContext which is needed for later checks
dynCtx.put(TR03112Keys.ESERVICE_CERTIFICATE_DESC, certDescription);
// according to BSI-INSTANCE_KEY-7 we MUST perform some checks immediately after receiving the eService cert
Result activationChecksResult = performChecks(certDescription, dynCtx);
if (!ECardConstants.Major.OK.equals(activationChecksResult.getResultMajor())) {
response.setResult(activationChecksResult);
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
return response;
}
CHAT requiredCHAT = new CHAT(eac1Input.getRequiredCHAT());
CHAT optionalCHAT = new CHAT(eac1Input.getOptionalCHAT());
// get the PACEMarker
CardStateEntry cardState = (CardStateEntry) internalData.get(EACConstants.IDATA_CARD_STATE_ENTRY);
PACEMarkerType paceMarker = getPaceMarker(cardState, passwordType);
dynCtx.put(EACProtocol.PACE_MARKER, paceMarker);
// Verify that the certificate description matches the terminal certificate
CardVerifiableCertificate taCert = certChain.getTerminalCertificate();
CardVerifiableCertificateVerifier.verify(taCert, certDescription);
// Verify that the required CHAT matches the terminal certificate's CHAT
CHAT taCHAT = taCert.getCHAT();
// an other role.
if (taCHAT.getRole() != CHAT.Role.AUTHENTICATION_TERMINAL) {
String msg = "Unsupported terminal type in Terminal Certificate referenced. Refernced terminal type is " + taCHAT.getRole().toString() + ".";
response.setResult(WSHelper.makeResultError(ECardConstants.Minor.App.INCORRECT_PARM, msg));
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
return response;
}
CHATVerifier.verfiy(taCHAT, requiredCHAT);
// remove overlapping values from optional chat
optionalCHAT.restrictAccessRights(taCHAT);
// Prepare data in DIDAuthenticate for GUI
final EACData eacData = new EACData();
eacData.didRequest = didAuthenticate;
eacData.certificate = certChain.getTerminalCertificate();
eacData.certificateDescription = certDescription;
eacData.rawCertificateDescription = rawCertificateDescription;
eacData.transactionInfo = eac1Input.getTransactionInfo();
eacData.requiredCHAT = requiredCHAT;
eacData.optionalCHAT = optionalCHAT;
eacData.selectedCHAT = requiredCHAT;
eacData.aad = aad;
eacData.pinID = pinID;
eacData.passwordType = passwordType;
dynCtx.put(EACProtocol.EAC_DATA, eacData);
// get initial pin status
InputAPDUInfoType input = new InputAPDUInfoType();
input.setInputAPDU(new byte[] { (byte) 0x00, (byte) 0x22, (byte) 0xC1, (byte) 0xA4, (byte) 0x0F, (byte) 0x80, (byte) 0x0A, (byte) 0x04, (byte) 0x00, (byte) 0x7F, (byte) 0x00, (byte) 0x07, (byte) 0x02, (byte) 0x02, (byte) 0x04, (byte) 0x02, (byte) 0x02, (byte) 0x83, (byte) 0x01, (byte) 0x03 });
input.getAcceptableStatusCode().addAll(EacPinStatus.getCodes());
Transmit transmit = new Transmit();
transmit.setSlotHandle(slotHandle);
transmit.getInputAPDUInfo().add(input);
TransmitResponse pinCheckResponse = (TransmitResponse) dispatcher.safeDeliver(transmit);
WSHelper.checkResult(pinCheckResponse);
byte[] output = pinCheckResponse.getOutputAPDU().get(0);
CardResponseAPDU outputApdu = new CardResponseAPDU(output);
byte[] status = outputApdu.getStatusBytes();
dynCtx.put(EACProtocol.PIN_STATUS, EacPinStatus.fromCode(status));
// define GUI depending on the PIN status
final UserConsentDescription uc = new UserConsentDescription(LANG.translationForKey(TITLE));
final CardMonitor cardMon;
uc.setDialogType("EAC");
// create GUI and init executor
cardMon = new CardMonitor();
CardRemovedFilter filter = new CardRemovedFilter(conHandle.getIFDName(), conHandle.getSlotIndex());
eventDispatcher.add(cardMon, filter);
CVCStep cvcStep = new CVCStep(eacData);
cvcStep.setBackgroundTask(cardMon);
CVCStepAction cvcStepAction = new CVCStepAction(cvcStep);
cvcStep.setAction(cvcStepAction);
uc.getSteps().add(cvcStep);
uc.getSteps().add(CHATStep.createDummy());
uc.getSteps().add(PINStep.createDummy(passwordType));
ProcessingStep procStep = new ProcessingStep();
ProcessingStepAction procStepAction = new ProcessingStepAction(procStep);
procStep.setAction(procStepAction);
uc.getSteps().add(procStep);
Thread guiThread = new Thread(new Runnable() {
@Override
public void run() {
try {
// get context here because it is thread local
DynamicContext dynCtx = DynamicContext.getInstance(TR03112Keys.INSTANCE_KEY);
if (!uc.getSteps().isEmpty()) {
UserConsentNavigator navigator = gui.obtainNavigator(uc);
dynCtx.put(TR03112Keys.OPEN_USER_CONSENT_NAVIGATOR, navigator);
ExecutionEngine exec = new ExecutionEngine(navigator);
ResultStatus guiResult = exec.process();
dynCtx.put(EACProtocol.GUI_RESULT, guiResult);
if (guiResult == ResultStatus.CANCEL) {
Promise<Object> pPaceSuccessful = dynCtx.getPromise(EACProtocol.PACE_EXCEPTION);
if (!pPaceSuccessful.isDelivered()) {
pPaceSuccessful.deliver(WSHelper.createException(WSHelper.makeResultError(ECardConstants.Minor.SAL.CANCELLATION_BY_USER, "User canceled the PACE dialog.")));
}
}
}
} finally {
if (cardMon != null) {
eventDispatcher.del(cardMon);
}
}
}
}, "EAC-GUI");
guiThread.start();
// wait for PACE to finish
Promise<Object> pPaceException = dynCtx.getPromise(EACProtocol.PACE_EXCEPTION);
Object pPaceError = pPaceException.deref();
if (pPaceError != null) {
if (pPaceError instanceof WSHelper.WSException) {
response.setResult(((WSHelper.WSException) pPaceError).getResult());
return response;
} else if (pPaceError instanceof DispatcherException | pPaceError instanceof InvocationTargetException) {
String msg = "Internal error while PACE authentication.";
Result r = WSHelper.makeResultError(ECardConstants.Minor.App.INT_ERROR, msg);
response.setResult(r);
return response;
} else {
String msg = "Unknown error while PACE authentication.";
Result r = WSHelper.makeResultError(ECardConstants.Minor.App.UNKNOWN_ERROR, msg);
response.setResult(r);
return response;
}
}
// get challenge from card
TerminalAuthentication ta = new TerminalAuthentication(dispatcher, slotHandle);
byte[] challenge = ta.getChallenge();
// prepare DIDAuthenticationResponse
DIDAuthenticationDataType data = eacData.paceResponse.getAuthenticationProtocolData();
AuthDataMap paceOutputMap = new AuthDataMap(data);
// int retryCounter = Integer.valueOf(paceOutputMap.getContentAsString(PACEOutputType.RETRY_COUNTER));
byte[] efCardAccess = paceOutputMap.getContentAsBytes(PACEOutputType.EF_CARD_ACCESS);
byte[] currentCAR = paceOutputMap.getContentAsBytes(PACEOutputType.CURRENT_CAR);
byte[] previousCAR = paceOutputMap.getContentAsBytes(PACEOutputType.PREVIOUS_CAR);
byte[] idpicc = paceOutputMap.getContentAsBytes(PACEOutputType.ID_PICC);
// Store SecurityInfos
SecurityInfos securityInfos = SecurityInfos.getInstance(efCardAccess);
internalData.put(EACConstants.IDATA_SECURITY_INFOS, securityInfos);
// Store additional data
internalData.put(EACConstants.IDATA_AUTHENTICATED_AUXILIARY_DATA, aad);
internalData.put(EACConstants.IDATA_CERTIFICATES, certChain);
internalData.put(EACConstants.IDATA_CURRENT_CAR, currentCAR);
internalData.put(EACConstants.IDATA_PREVIOUS_CAR, previousCAR);
internalData.put(EACConstants.IDATA_CHALLENGE, challenge);
// Create response
// eac1Output.setRetryCounter(retryCounter);
eac1Output.setCHAT(eacData.selectedCHAT.toByteArray());
eac1Output.setCurrentCAR(currentCAR);
eac1Output.setPreviousCAR(previousCAR);
eac1Output.setEFCardAccess(efCardAccess);
eac1Output.setIDPICC(idpicc);
eac1Output.setChallenge(challenge);
response.setResult(WSHelper.makeResultOK());
response.setAuthenticationProtocolData(eac1Output.getAuthDataType());
} catch (CertificateException ex) {
LOG.error(ex.getMessage(), ex);
String msg = ex.getMessage();
response.setResult(WSHelper.makeResultError(ECardConstants.Minor.SAL.EAC.DOC_VALID_FAILED, msg));
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
} catch (WSHelper.WSException e) {
LOG.error(e.getMessage(), e);
response.setResult(e.getResult());
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
} catch (ElementParsingException ex) {
LOG.error(ex.getMessage(), ex);
response.setResult(WSHelper.makeResultError(ECardConstants.Minor.App.INCORRECT_PARM, ex.getMessage()));
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
} catch (Exception e) {
LOG.error(e.getMessage(), e);
response.setResult(WSHelper.makeResultUnknownError(e.getMessage()));
dynCtx.put(EACProtocol.AUTHENTICATION_FAILED, true);
}
return response;
}
Also used :
ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)
PACEMarkerType(org.openecard.sal.protocol.eac.anytype.PACEMarkerType)
ProcessingStepAction(org.openecard.sal.protocol.eac.gui.ProcessingStepAction)
CertificateException(java.security.cert.CertificateException)
CardMonitor(org.openecard.sal.protocol.eac.gui.CardMonitor)
UserConsentNavigator(org.openecard.gui.UserConsentNavigator)
Result(oasis.names.tc.dss._1_0.core.schema.Result)
ObjectValidatorException(org.openecard.common.interfaces.ObjectValidatorException)
ObjectSchemaValidator(org.openecard.common.interfaces.ObjectSchemaValidator)
UserConsentDescription(org.openecard.gui.definition.UserConsentDescription)
DispatcherException(org.openecard.common.interfaces.DispatcherException)
DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Promise(org.openecard.common.util.Promise)
ExecutionEngine(org.openecard.gui.executor.ExecutionEngine)
AuthenticatedAuxiliaryData(org.openecard.crypto.common.asn1.eac.AuthenticatedAuxiliaryData)
CardVerifiableCertificate(org.openecard.crypto.common.asn1.cvc.CardVerifiableCertificate)
AuthDataMap(org.openecard.common.anytype.AuthDataMap)
CVCStepAction(org.openecard.sal.protocol.eac.gui.CVCStepAction)
DynamicContext(org.openecard.common.DynamicContext)
CardRemovedFilter(org.openecard.sal.protocol.eac.gui.CardRemovedFilter)
CardStateEntry(org.openecard.common.sal.state.CardStateEntry)
CVCStep(org.openecard.sal.protocol.eac.gui.CVCStep)
CHAT(org.openecard.crypto.common.asn1.cvc.CHAT)
InputAPDUInfoType(iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType)
ElementParsingException(org.openecard.sal.protocol.eac.anytype.ElementParsingException)
EAC1OutputType(org.openecard.sal.protocol.eac.anytype.EAC1OutputType)
CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU)
CardVerifiableCertificateChain(org.openecard.crypto.common.asn1.cvc.CardVerifiableCertificateChain)
EAC1InputType(org.openecard.sal.protocol.eac.anytype.EAC1InputType)
WSHelper(org.openecard.common.WSHelper)
DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)
Transmit(iso.std.iso_iec._24727.tech.schema.Transmit)
ResultStatus(org.openecard.gui.ResultStatus)
SecurityInfos(org.openecard.crypto.common.asn1.eac.SecurityInfos)
CertificateDescription(org.openecard.crypto.common.asn1.cvc.CertificateDescription)
ProcessingStep(org.openecard.sal.protocol.eac.gui.ProcessingStep)
DispatcherException(org.openecard.common.interfaces.DispatcherException)
ObjectValidatorException(org.openecard.common.interfaces.ObjectValidatorException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
ElementParsingException(org.openecard.sal.protocol.eac.anytype.ElementParsingException)
MalformedURLException(java.net.MalformedURLException)
CertificateException(java.security.cert.CertificateException)
DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)
TransmitResponse(iso.std.iso_iec._24727.tech.schema.TransmitResponse)
Example 2 with AuthDataMap
use of org.openecard.common.anytype.AuthDataMap in project open-ecard by ecsec.
the class GenericPINAction method performPACEWithCAN.
private EstablishChannelResponse performPACEWithCAN(Map<String, ExecutionResults> oldResults) throws ParserConfigurationException {
DIDAuthenticationDataType paceInput = new DIDAuthenticationDataType();
paceInput.setProtocol(ECardConstants.Protocol.PACE);
AuthDataMap tmp = new AuthDataMap(paceInput);
AuthDataResponse paceInputMap = tmp.createResponse(paceInput);
if (capturePin) {
ExecutionResults executionResults = oldResults.get(getStepID());
PasswordField canField = (PasswordField) executionResults.getResult(GenericPINStep.CAN_FIELD);
String canValue = new String(canField.getValue());
if (canValue.length() != 6) {
// let the user enter the can again, when input verification failed
return null;
} else {
paceInputMap.addElement(PACEInputType.PIN, canValue);
}
}
paceInputMap.addElement(PACEInputType.PIN_ID, PIN_ID_CAN);
// perform PACE by EstablishChannelCommand
EstablishChannel eChannel = createEstablishChannelStructure(paceInputMap);
return (EstablishChannelResponse) dispatcher.safeDeliver(eChannel);
}
Also used :
EstablishChannel(iso.std.iso_iec._24727.tech.schema.EstablishChannel)
AuthDataMap(org.openecard.common.anytype.AuthDataMap)
ExecutionResults(org.openecard.gui.executor.ExecutionResults)
EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)
DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)
AuthDataResponse(org.openecard.common.anytype.AuthDataResponse)
PasswordField(org.openecard.gui.definition.PasswordField)
Example 3 with AuthDataMap
use of org.openecard.common.anytype.AuthDataMap in project open-ecard by ecsec.
the class GenericPINAction method performPACEWithPUK.
private EstablishChannelResponse performPACEWithPUK(Map<String, ExecutionResults> oldResults) throws ParserConfigurationException {
DIDAuthenticationDataType paceInput = new DIDAuthenticationDataType();
paceInput.setProtocol(ECardConstants.Protocol.PACE);
AuthDataMap tmp = new AuthDataMap(paceInput);
AuthDataResponse paceInputMap = tmp.createResponse(paceInput);
if (capturePin) {
ExecutionResults executionResults = oldResults.get(getStepID());
PasswordField pukField = (PasswordField) executionResults.getResult(GenericPINStep.PUK_FIELD);
String pukValue = new String(pukField.getValue());
if (pukValue.length() != 10) {
// TODO inform user that something with his input is wrong
return null;
} else {
paceInputMap.addElement(PACEInputType.PIN, pukValue);
}
}
paceInputMap.addElement(PACEInputType.PIN_ID, PIN_ID_PUK);
EstablishChannel eChannel = createEstablishChannelStructure(paceInputMap);
return (EstablishChannelResponse) dispatcher.safeDeliver(eChannel);
}
Also used :
EstablishChannel(iso.std.iso_iec._24727.tech.schema.EstablishChannel)
AuthDataMap(org.openecard.common.anytype.AuthDataMap)
ExecutionResults(org.openecard.gui.executor.ExecutionResults)
EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)
DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)
AuthDataResponse(org.openecard.common.anytype.AuthDataResponse)
PasswordField(org.openecard.gui.definition.PasswordField)
Example 4 with AuthDataMap
use of org.openecard.common.anytype.AuthDataMap in project open-ecard by ecsec.
the class PINStepAction method performPACEWithPIN.
private EstablishChannelResponse performPACEWithPIN(Map<String, ExecutionResults> oldResults) {
DIDAuthenticationDataType protoData = eacData.didRequest.getAuthenticationProtocolData();
AuthDataMap paceAuthMap;
try {
paceAuthMap = new AuthDataMap(protoData);
} catch (ParserConfigurationException ex) {
LOG.error("Failed to read EAC Protocol data.", ex);
return null;
}
AuthDataResponse paceInputMap = paceAuthMap.createResponse(protoData);
if (capturePin) {
ExecutionResults executionResults = oldResults.get(getStepID());
PasswordField p = (PasswordField) executionResults.getResult(PINStep.PIN_FIELD);
char[] pinIn = p.getValue();
// TODO: check pin length and possibly allowed charset with CardInfo file
if (pinIn.length == 0) {
return null;
} else {
// NOTE: saving pin as string prevents later removal of the value from memory !!!
paceInputMap.addElement(PACEInputType.PIN, new String(pinIn));
}
}
// perform PACE
paceInputMap.addElement(PACEInputType.PIN_ID, PasswordID.parse(eacData.pinID).getByteAsString());
paceInputMap.addElement(PACEInputType.CHAT, eacData.selectedCHAT.toString());
String certDesc = ByteUtils.toHexString(eacData.rawCertificateDescription);
paceInputMap.addElement(PACEInputType.CERTIFICATE_DESCRIPTION, certDesc);
EstablishChannel eChannel = createEstablishChannelStructure(paceInputMap);
return (EstablishChannelResponse) dispatcher.safeDeliver(eChannel);
}
Also used :
EstablishChannel(iso.std.iso_iec._24727.tech.schema.EstablishChannel)
AuthDataMap(org.openecard.common.anytype.AuthDataMap)
ExecutionResults(org.openecard.gui.executor.ExecutionResults)
EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)
DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)
AuthDataResponse(org.openecard.common.anytype.AuthDataResponse)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
PasswordField(org.openecard.gui.definition.PasswordField)
Example 5 with AuthDataMap
use of org.openecard.common.anytype.AuthDataMap in project open-ecard by ecsec.
the class AndroidMarshallerTest method testConversionOfDIDAutheticate.
@Test
public void testConversionOfDIDAutheticate() throws Exception {
WSMarshaller m = new AndroidMarshaller();
Document d = m.str2doc(DID_AUTHENTICATE_PACE);
Object o = m.unmarshal(d);
if (!(o instanceof DIDAuthenticate)) {
throw new Exception("Object should be an instace of DIDAuthenticate");
}
DIDAuthenticate didAuthenticate = (DIDAuthenticate) o;
assertEquals(didAuthenticate.getDIDName(), "PIN");
assertEquals(didAuthenticate.getConnectionHandle().getSlotHandle(), StringUtils.toByteArray("93F25BA574EF3F94F8AE42796DAF7C05"));
assertEquals(EAC1InputType.class, didAuthenticate.getAuthenticationProtocolData().getClass());
for (int i = 0; i < didAuthenticate.getAuthenticationProtocolData().getAny().size(); i++) {
if (didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getLocalName().equals("Certificate")) {
assertEquals("7F218201487F4E8201005F2901004210444544566549444454523130313430317F494F060A04007F000702020202038641041994E6E55DD1F021180CC705C001FECB4BF5B7E978E8F148002D2D4FDBC1E57A159592681039A041E0036C007E784C36A372528C89365AAB77402E07EED6D4115F200E44453030303030303330303542387F4C12060904007F0007030102025305000100D8005F25060102000102065F2406010200010207655E732D060904007F0007030103028020B90F0EB18F30BCB878EE68924E413A2F5D5DE2F844030141EDB64383C3958C56732D060904007F00070301030180207B0E75C3F613B50011CCB5CF95704B91A6B4AC6EC100377C60BC312A2CE6BE1E5F3740A9A8B9829D2820F96FDB96D09303B01A61F09BC10C766581CAB2BBD2609EC32217C8FEB73F7CAB52CC3A0D16DC1B02F348A3049A246F3790B9687F1F72ACE722", didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getTextContent());
} else if (didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getLocalName().equals("CertificateDescription")) {
assertEquals("3082032D060A04007F00070301030101A10E0C0C442D547275737420476D6248A2181316687474703A2F2F7777772E642D74727573742E6E6574A32F0C2D436F736D6F73204C6562656E73766572736963686572756E677320416B7469656E676573656C6C736368616674A41513137777772E636F736D6F73646972656B742E6465A58202410C82023D4E616D652C20416E7363687269667420756E6420452D4D61696C2D4164726573736520646573204469656E737465616E626965746572733A0D0A436F736D6F73204C6562656E73766572736963686572756E677320416B7469656E676573656C6C7363686166740D0A48616C6265726773747261C39F652035302D36300D0A363631303120536161726272C3BC636B656E0D0A696E666F40636F736D6F73646972656B742E64650D0A0D0A4765736368C3A46674737A7765636B3A0D0A2D2052656769737472696572756E67202F204C6F67696E2066C3BC7220226D65696E436F736D6F73446972656B7422202D0D0A0D0A48696E7765697320617566206469652066C3BC722064656E204469656E737465616E626965746572207A757374C3A46E646967656E205374656C6C656E2C20646965206469652045696E68616C74756E672064657220566F7273636872696674656E207A756D20446174656E73636875747A206B6F6E74726F6C6C696572656E3A0D0A4D696E697374657269756D2066C3BC7220496E6E6572657320756E64204575726F7061616E67656C6567656E68656974656E0D0A4D61696E7A65722053747261C39F65203133360D0A363631323120536161726272C3BC636B656E0D0A303638312035303120E280932030300D0A706F73747374656C6C6540696E6E656E2E736161726C616E642E64650D0A687474703A2F2F7777772E696E6E656E2E736161726C616E642E64650D0A416E737072656368706172746E65723A20526F6C616E64204C6F72656E7AA768316604202E15788858E56A91A459BB7086943A5A3AB879F88F72EEE72D5B8202B035943D04206D26166C2748B08BFC3AC0A37109C406A8D35317140F6C69C27C4AB77FDD21F80420805AD754568E472C4761D52D410FB99128AB4CE2D750FDA3A8DA8FBA67BB14EB", didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getTextContent());
} else if (didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getLocalName().equals("RequiredCHAT")) {
assertEquals("7F4C12060904007F00070301020253050001009800", didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getTextContent());
} else if (didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getLocalName().equals("OptionalCHAT")) {
assertEquals("7F4C12060904007F00070301020253050000004000", didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getTextContent());
} else if (didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getLocalName().equals("AuthenticatedAuxiliaryData")) {
assertEquals("67177315060904007F00070301040253083230313230313236", didAuthenticate.getAuthenticationProtocolData().getAny().get(i).getTextContent());
}
}
d = m.str2doc(DID_AUTHENTICATE_TA);
o = m.unmarshal(d);
if (!(o instanceof DIDAuthenticate)) {
throw new Exception("Object should be an instace of DIDAuthenticate");
}
didAuthenticate = (DIDAuthenticate) o;
assertEquals(didAuthenticate.getDIDName(), "PIN");
assertEquals(didAuthenticate.getConnectionHandle().getSlotHandle(), StringUtils.toByteArray("05D4F40AEBD9919383C22216055EA3DB15056C51"));
assertEquals(EAC2InputType.class, didAuthenticate.getAuthenticationProtocolData().getClass());
AuthDataMap eac2input = new AuthDataMap(didAuthenticate.getAuthenticationProtocolData());
assertEquals(eac2input.getContentAsString("EphemeralPublicKey"), "8D44E99377DA28436D2F7E8620347D7C08B186B179633E3654842E940AB179B498F974970D990D47C61FE5D4D91EBB10831E824EC6F2600D89D6661CDF47F734");
// assertEquals(eac2input.getContentAsString("Certificate"),
// "7F2181E47F4E819D5F290100420D5A5A43564341415441303030317F494F060A04007F0007020202020386410452DD32EAFE1FBBB4000CD9CE75F66636CFCF1EDD44F7B1EDAE25B84193DA04A91C77EE87F5C8F959ED276200DE33AB574CE9801135FF4497A37162B7C8548A0C5F200E5A5A4456434141544130303030357F4C12060904007F0007030102025305700301FFB75F25060100000601015F24060100010003015F37406F13AE9A6F4EDDB7839FF3F04D71E0DC377BC4B08FAD295EED241B524328AD0730EB553497B4FB66E9BB7AB90815F04273F09E751D7FD4B861439B4EE65381C3");
assertEquals(eac2input.getContentAsString("Certificate"), "7F218201427F4E81FB5F290100420E5A5A4456434141544130303030357F494F060A04007F0007020202020386410470C07FAA329E927D961F490F5430B395EECF3D2A538194D8B637DE0F8ACF60A9031816AC51B594097EB211FB8F55FAA8507D5800EF7B94E024F9630314116C755F200B5A5A444B423230303033557F4C12060904007F0007030102025305000301DF045F25060100000601085F2406010000070001655E732D060904007F00070301030280207C1901932DB75D08539F2D4A27C938F79E69E083C442C068B299D185BC8AFA78732D060904007F0007030103018020BFD2A6A2E4237948D7DCCF7975D71D40F15307AA59F580A48777CBEED093F54B5F3740618F584E4293F75DDE8977311694B69A3ED73BBE43FDAFEC11B7ECF054F84ACB1231615338CE8D6EC332480883E14E0664950F85134290DD716B7C153232BC96");
marshalLog(didAuthenticate);
d = m.str2doc(DID_AUTHENTICATE_CA);
o = m.unmarshal(d);
if (!(o instanceof DIDAuthenticate)) {
throw new Exception("Object should be an instace of DIDAuthenticate");
}
didAuthenticate = (DIDAuthenticate) o;
assertEquals(didAuthenticate.getDIDName(), "PIN");
assertEquals(didAuthenticate.getConnectionHandle().getSlotHandle(), StringUtils.toByteArray("05D4F40AEBD9919383C22216055EA3DB15056C51"));
assertEquals(EACAdditionalInputType.class, didAuthenticate.getAuthenticationProtocolData().getClass());
AuthDataMap eacadditionalinput = new AuthDataMap(didAuthenticate.getAuthenticationProtocolData());
assertEquals(eacadditionalinput.getContentAsString("Signature"), "7117D7BF95D8D6BD437A0D43DE48F42528273A98F2605758D6A3A2BFC38141E7577CABB4F8FBC8DF152E3A097D1B3A703597331842425FE4A9D0F1C9067AC4A9");
// assertEquals(eac2input.getContentAsString("Certificate"),
// "7F2181E47F4E819D5F290100420D5A5A43564341415441303030317F494F060A04007F0007020202020386410452DD32EAFE1FBBB4000CD9CE75F66636CFCF1EDD44F7B1EDAE25B84193DA04A91C77EE87F5C8F959ED276200DE33AB574CE9801135FF4497A37162B7C8548A0C5F200E5A5A4456434141544130303030357F4C12060904007F0007030102025305700301FFB75F25060100000601015F24060100010003015F37406F13AE9A6F4EDDB7839FF3F04D71E0DC377BC4B08FAD295EED241B524328AD0730EB553497B4FB66E9BB7AB90815F04273F09E751D7FD4B861439B4EE65381C3");
marshalLog(didAuthenticate);
}
Also used :
DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)
AuthDataMap(org.openecard.common.anytype.AuthDataMap)
WSMarshaller(org.openecard.ws.marshal.WSMarshaller)
Document(org.w3c.dom.Document)
IOException(java.io.IOException)
Test(org.testng.annotations.Test)
Aggregations
AuthDataMap (org.openecard.common.anytype.AuthDataMap)10
DIDAuthenticationDataType (iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)9
EstablishChannel (iso.std.iso_iec._24727.tech.schema.EstablishChannel)8
EstablishChannelResponse (iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)8
AuthDataResponse (org.openecard.common.anytype.AuthDataResponse)8
ExecutionResults (org.openecard.gui.executor.ExecutionResults)8
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)5
PasswordField (org.openecard.gui.definition.PasswordField)5
WSException (org.openecard.common.WSHelper.WSException)3
StepActionResult (org.openecard.gui.executor.StepActionResult)3
DIDAuthenticate (iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)2
Step (org.openecard.gui.definition.Step)2
ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)1
DIDAuthenticateResponse (iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)1
DestroyChannel (iso.std.iso_iec._24727.tech.schema.DestroyChannel)1
InputAPDUInfoType (iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType)1
Transmit (iso.std.iso_iec._24727.tech.schema.Transmit)1
TransmitResponse (iso.std.iso_iec._24727.tech.schema.TransmitResponse)1
IOException (java.io.IOException)1
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
