Examples with PINCompareDIDAuthenticateInputType org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType used on opensource projects

Search in sources :

Example 1 with PINCompareDIDAuthenticateInputType

use of org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType in project open-ecard by ecsec.

the class DIDAuthenticateStep method perform.

@Override
public DIDAuthenticateResponse perform(DIDAuthenticate request, Map<String, Object> internalData) {
    DIDAuthenticateResponse response = WSHelper.makeResponse(DIDAuthenticateResponse.class, WSHelper.makeResultOK());
    char[] rawPIN = null;
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        String didName = SALUtils.getDIDName(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
        PINCompareDIDAuthenticateInputType pinCompareInput = new PINCompareDIDAuthenticateInputType(request.getAuthenticationProtocolData());
        PINCompareDIDAuthenticateOutputType pinCompareOutput = pinCompareInput.getOutputType();
        byte[] cardApplication;
        if (request.getDIDScope() != null && request.getDIDScope().equals(DIDScopeType.GLOBAL)) {
            cardApplication = cardStateEntry.getInfo().getApplicationIdByDidName(request.getDIDName(), request.getDIDScope());
        } else {
            cardApplication = connectionHandle.getCardApplication();
        }
        Assert.securityConditionDID(cardStateEntry, cardApplication, didName, DifferentialIdentityServiceActionName.DID_AUTHENTICATE);
        DIDStructureType didStructure = cardStateEntry.getDIDStructure(didName, cardApplication);
        PINCompareMarkerType pinCompareMarker = new PINCompareMarkerType(didStructure.getDIDMarker());
        byte keyRef = pinCompareMarker.getPINRef().getKeyRef()[0];
        byte[] slotHandle = connectionHandle.getSlotHandle();
        PasswordAttributesType attributes = pinCompareMarker.getPasswordAttributes();
        rawPIN = pinCompareInput.getPIN();
        // delete pin from memory of the structure
        pinCompareInput.setPIN(null);
        byte[] template = new byte[] { 0x00, 0x20, 0x00, keyRef };
        byte[] responseCode;
        // with [ISO7816-4] (Section 7.5.6).
        if (rawPIN == null || rawPIN.length == 0) {
            VerifyUser verify = new VerifyUser();
            verify.setSlotHandle(slotHandle);
            InputUnitType inputUnit = new InputUnitType();
            verify.setInputUnit(inputUnit);
            PinInputType pinInput = new PinInputType();
            inputUnit.setPinInput(pinInput);
            pinInput.setIndex(BigInteger.ZERO);
            pinInput.setPasswordAttributes(attributes);
            verify.setTemplate(template);
            VerifyUserResponse verifyR = (VerifyUserResponse) dispatcher.safeDeliver(verify);
            WSHelper.checkResult(verifyR);
            responseCode = verifyR.getResponse();
        } else {
            Transmit verifyTransmit = PINUtils.buildVerifyTransmit(rawPIN, attributes, template, slotHandle);
            try {
                TransmitResponse transResp = (TransmitResponse) dispatcher.safeDeliver(verifyTransmit);
                WSHelper.checkResult(transResp);
                responseCode = transResp.getOutputAPDU().get(0);
            } finally {
                // blank PIN APDU
                for (InputAPDUInfoType apdu : verifyTransmit.getInputAPDUInfo()) {
                    byte[] rawApdu = apdu.getInputAPDU();
                    if (rawApdu != null) {
                        java.util.Arrays.fill(rawApdu, (byte) 0);
                    }
                }
            }
        }
        CardResponseAPDU verifyResponseAPDU = new CardResponseAPDU(responseCode);
        if (verifyResponseAPDU.isWarningProcessed()) {
            pinCompareOutput.setRetryCounter(new BigInteger(Integer.toString((verifyResponseAPDU.getSW2() & 0x0F))));
        }
        cardStateEntry.addAuthenticated(didName, cardApplication);
        response.setAuthenticationProtocolData(pinCompareOutput.getAuthDataType());
    } catch (ECardException e) {
        LOG.error(e.getMessage(), e);
        response.setResult(e.getResult());
    } catch (Exception e) {
        if (e instanceof RuntimeException) {
            throw (RuntimeException) e;
        }
        LOG.error(e.getMessage(), e);
        response.setResult(WSHelper.makeResult(e));
    } finally {
        if (rawPIN != null) {
            Arrays.fill(rawPIN, ' ');
        }
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) Transmit(iso.std.iso_iec._24727.tech.schema.Transmit) PasswordAttributesType(iso.std.iso_iec._24727.tech.schema.PasswordAttributesType) VerifyUserResponse(iso.std.iso_iec._24727.tech.schema.VerifyUserResponse) PINCompareMarkerType(org.openecard.common.anytype.pin.PINCompareMarkerType) InputAPDUInfoType(iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType) PINCompareDIDAuthenticateInputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType) ECardException(org.openecard.common.ECardException) ECardException(org.openecard.common.ECardException) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) InputUnitType(iso.std.iso_iec._24727.tech.schema.InputUnitType) TransmitResponse(iso.std.iso_iec._24727.tech.schema.TransmitResponse) BigInteger(java.math.BigInteger) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) VerifyUser(iso.std.iso_iec._24727.tech.schema.VerifyUser) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) PINCompareDIDAuthenticateOutputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateOutputType) PinInputType(iso.std.iso_iec._24727.tech.schema.PinInputType)

Example 2 with PINCompareDIDAuthenticateInputType

use of org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType in project open-ecard by ecsec.

the class PINCompareProtocolTest method testDIDAuthenticate.

@Test(enabled = TESTS_ENABLED)
public void testDIDAuthenticate() throws ParserConfigurationException {
    CardApplicationPath cardApplicationPath = new CardApplicationPath();
    CardApplicationPathType cardApplicationPathType = new CardApplicationPathType();
    cardApplicationPathType.setCardApplication(this.appIdentifier_ROOT);
    cardApplicationPath.setCardAppPathRequest(cardApplicationPathType);
    CardApplicationPathResponse cardApplicationPathResponse = instance.cardApplicationPath(cardApplicationPath);
    CardApplicationConnect cardApplicationConnect = new CardApplicationConnect();
    cardApplicationPathType = cardApplicationPathResponse.getCardAppPathResultSet().getCardApplicationPathResult().get(0);
    cardApplicationConnect.setCardApplicationPath(cardApplicationPathType);
    CardApplicationConnectResponse result1 = instance.cardApplicationConnect(cardApplicationConnect);
    // /
    // / Test with a pin set.
    // /
    DIDAuthenticate parameters = new DIDAuthenticate();
    parameters.setDIDName("PIN.home");
    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    factory.setNamespaceAware(true);
    DocumentBuilder builder = factory.newDocumentBuilder();
    Document d = builder.newDocument();
    Element elemPin = d.createElementNS("urn:iso:std:iso-iec:24727:tech:schema", "Pin");
    elemPin.setTextContent("123456");
    DIDAuthenticationDataType didAuthenticationData = new DIDAuthenticationDataType();
    didAuthenticationData.getAny().add(elemPin);
    PINCompareDIDAuthenticateInputType pinCompareDIDAuthenticateInputType = new PINCompareDIDAuthenticateInputType(didAuthenticationData);
    parameters.setAuthenticationProtocolData(didAuthenticationData);
    parameters.setConnectionHandle(result1.getConnectionHandle());
    didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
    parameters.setAuthenticationProtocolData(didAuthenticationData);
    DIDAuthenticateResponse result = instance.didAuthenticate(parameters);
    assertEquals(result.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
    assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
    assertEquals(result.getAuthenticationProtocolData().getAny().size(), 0);
    // /
    // / Test without a pin set.
    // /
    parameters = new DIDAuthenticate();
    parameters.setDIDName("PIN.home");
    didAuthenticationData = new DIDAuthenticationDataType();
    parameters.setAuthenticationProtocolData(didAuthenticationData);
    parameters.setConnectionHandle(result1.getConnectionHandle());
    didAuthenticationData.setProtocol(ECardConstants.Protocol.PIN_COMPARE);
    parameters.setAuthenticationProtocolData(didAuthenticationData);
    result = instance.didAuthenticate(parameters);
    assertEquals(result.getAuthenticationProtocolData().getProtocol(), ECardConstants.Protocol.PIN_COMPARE);
    assertEquals(ECardConstants.Major.OK, result.getResult().getResultMajor());
    assertEquals(result.getAuthenticationProtocolData().getAny().size(), 0);
}
Also used : DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) CardApplicationPathResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse) Element(org.w3c.dom.Element) DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType) PINCompareDIDAuthenticateInputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType) CardApplicationConnectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse) Document(org.w3c.dom.Document) CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) CardApplicationPath(iso.std.iso_iec._24727.tech.schema.CardApplicationPath) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) CardApplicationConnect(iso.std.iso_iec._24727.tech.schema.CardApplicationConnect) DocumentBuilder(javax.xml.parsers.DocumentBuilder) Test(org.testng.annotations.Test)

Example 3 with PINCompareDIDAuthenticateInputType

use of org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType in project open-ecard by ecsec.

the class DidInfo method enterPin.

@Nullable
public BigInteger enterPin(@Nullable char[] pin) throws WSHelper.WSException {
    if (!isPinDid()) {
        throw new IllegalStateException("Enter PIN called for a DID which is not a PIN DID.");
    }
    try {
        PinCompareDIDAuthenticateInputType data = new PinCompareDIDAuthenticateInputType();
        data.setProtocol(getProtocol());
        // add PIN
        if (pin != null && pin.length != 0) {
            PINCompareDIDAuthenticateInputType builder = new PINCompareDIDAuthenticateInputType(data);
            builder.setPIN(pin);
            data = builder.getAuthDataType();
            builder.setPIN(null);
        }
        DIDAuthenticate req = new DIDAuthenticate();
        req.setConnectionHandle(didInfos.getHandle(application));
        req.setDIDName(didTarget.getDIDName());
        req.setDIDScope(this.didScope);
        req.setAuthenticationProtocolData(data);
        DIDAuthenticateResponse res = (DIDAuthenticateResponse) didInfos.getDispatcher().safeDeliver(req);
        WSHelper.checkResult(res);
        // check retry counter
        PINCompareDIDAuthenticateOutputType protoData;
        protoData = new PINCompareDIDAuthenticateOutputType(res.getAuthenticationProtocolData());
        BigInteger retryCounter = protoData.getRetryCounter();
        return retryCounter;
    } catch (ParserConfigurationException ex) {
        String msg = "Unexpected protocol data received in PIN Compare output.";
        LOG.error(msg, ex);
        throw new IllegalStateException(msg);
    }
}
Also used : DIDAuthenticate(iso.std.iso_iec._24727.tech.schema.DIDAuthenticate) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) PinCompareDIDAuthenticateInputType(iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType) BigInteger(java.math.BigInteger) PINCompareDIDAuthenticateInputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType) ParserConfigurationException(javax.xml.parsers.ParserConfigurationException) PINCompareDIDAuthenticateOutputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateOutputType) Nullable(javax.annotation.Nullable)

Example 4 with PINCompareDIDAuthenticateInputType

use of org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType in project open-ecard by ecsec.

the class MiddlewareSAL method didAuthenticate.

@Override
public DIDAuthenticateResponse didAuthenticate(DIDAuthenticate request) {
    DIDAuthenticateResponse response = WSHelper.makeResponse(DIDAuthenticateResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
        connectionHandle = cardStateEntry.handleCopy();
        byte[] application = cardStateEntry.getImplicitlySelectedApplicationIdentifier();
        byte[] slotHandle = connectionHandle.getSlotHandle();
        DIDAuthenticationDataType didAuthenticationData = request.getAuthenticationProtocolData();
        Assert.assertIncorrectParameter(didAuthenticationData, "The parameter AuthenticationProtocolData is empty.");
        String didName = SALUtils.getDIDName(request);
        DIDStructureType didStruct = cardStateEntry.getDIDStructure(didName, application);
        if (didStruct == null) {
            String msg = String.format("DID %s does not exist.", didName);
            throw new NamedEntityNotFoundException(msg);
        }
        PINCompareMarkerType pinCompareMarker = new PINCompareMarkerType(didStruct.getDIDMarker());
        String protocolURI = didAuthenticationData.getProtocol();
        if (!"urn:oid:1.3.162.15480.3.0.9".equals(protocolURI)) {
            String msg = String.format("Protocol %s is not supported by this SAL.", protocolURI);
            throw new UnknownProtocolException(msg);
        }
        PINCompareDIDAuthenticateInputType pinCompareInput = new PINCompareDIDAuthenticateInputType(didAuthenticationData);
        PINCompareDIDAuthenticateOutputType pinCompareOutput = pinCompareInput.getOutputType();
        // extract pin value from auth data
        char[] pinValue = pinCompareInput.getPIN();
        pinCompareInput.setPIN(null);
        MwSession session = managedSessions.get(slotHandle);
        boolean protectedAuthPath = connectionHandle.getSlotInfo().isProtectedAuthPath();
        boolean pinAuthenticated;
        boolean pinBlocked = false;
        if (!(pinValue == null || pinValue.length == 0) && !protectedAuthPath) {
            // we don't need a GUI if the PIN is known
            try {
                session.login(UserType.User, pinValue);
            } finally {
                Arrays.fill(pinValue, ' ');
            }
            pinAuthenticated = true;
        // TODO: display error GUI if the PIN entry failed
        } else {
            // omit GUI when Middleware has its own PIN dialog for class 2 readers
            if (protectedAuthPath && builtinPinDialog) {
                session.loginExternal(UserType.User);
                pinAuthenticated = true;
            } else {
                PinEntryDialog dialog = new PinEntryDialog(gui, protectedAuthPath, pinCompareMarker, session);
                dialog.show();
                pinAuthenticated = dialog.isPinAuthenticated();
                pinBlocked = dialog.isPinBlocked();
            }
        }
        if (pinAuthenticated) {
            cardStateEntry.addAuthenticated(didName, application);
        } else if (pinBlocked) {
            String msg = "PIN is blocked.";
            Result r = WSHelper.makeResultError(ECardConstants.Minor.IFD.PASSWORD_BLOCKED, msg);
            response.setResult(r);
        } else {
            String msg = "Failed to enter PIN.";
            Result r = WSHelper.makeResultError(ECardConstants.Minor.SAL.CANCELLATION_BY_USER, msg);
            response.setResult(r);
        }
        // create did authenticate response
        response.setAuthenticationProtocolData(pinCompareOutput.getAuthDataType());
    } catch (PinBlockedException ex) {
        // TODO: set retry counter
        String minor = ECardConstants.Minor.IFD.PASSWORD_BLOCKED;
        Result r = WSHelper.makeResultError(minor, ex.getMessage());
        response.setResult(r);
    } catch (PinIncorrectException ex) {
        // TODO: set retry counter
        String minor = ECardConstants.Minor.SAL.SECURITY_CONDITION_NOT_SATISFIED;
        Result r = WSHelper.makeResultError(minor, ex.getMessage());
        response.setResult(r);
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType) PINCompareMarkerType(org.openecard.common.anytype.pin.PINCompareMarkerType) PINCompareDIDAuthenticateInputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType) PinIncorrectException(org.openecard.mdlw.sal.exceptions.PinIncorrectException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) InitializationException(org.openecard.mdlw.sal.exceptions.InitializationException) ECardException(org.openecard.common.ECardException) FinalizationException(org.openecard.mdlw.sal.exceptions.FinalizationException) PinBlockedException(org.openecard.mdlw.sal.exceptions.PinBlockedException) CryptokiException(org.openecard.mdlw.sal.exceptions.CryptokiException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) TokenException(org.openecard.mdlw.sal.exceptions.TokenException) WSMarshallerException(org.openecard.ws.marshal.WSMarshallerException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) UnsupportedAlgorithmException(org.openecard.crypto.common.UnsupportedAlgorithmException) PinIncorrectException(org.openecard.mdlw.sal.exceptions.PinIncorrectException) Result(oasis.names.tc.dss._1_0.core.schema.Result) ECardException(org.openecard.common.ECardException) DIDAuthenticateResponse(iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) PinBlockedException(org.openecard.mdlw.sal.exceptions.PinBlockedException) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) PINCompareDIDAuthenticateOutputType(org.openecard.common.anytype.pin.PINCompareDIDAuthenticateOutputType)

Aggregations

DIDAuthenticateResponse (iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)4 PINCompareDIDAuthenticateInputType (org.openecard.common.anytype.pin.PINCompareDIDAuthenticateInputType)4 PINCompareDIDAuthenticateOutputType (org.openecard.common.anytype.pin.PINCompareDIDAuthenticateOutputType)3 ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)2 DIDAuthenticate (iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)2 DIDAuthenticationDataType (iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)2 DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)2 BigInteger (java.math.BigInteger)2 ECardException (org.openecard.common.ECardException)2 PINCompareMarkerType (org.openecard.common.anytype.pin.PINCompareMarkerType)2 CardStateEntry (org.openecard.common.sal.state.CardStateEntry)2 CardApplicationConnect (iso.std.iso_iec._24727.tech.schema.CardApplicationConnect)1 CardApplicationConnectResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationConnectResponse)1 CardApplicationPath (iso.std.iso_iec._24727.tech.schema.CardApplicationPath)1 CardApplicationPathResponse (iso.std.iso_iec._24727.tech.schema.CardApplicationPathResponse)1 CardApplicationPathType (iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)1 InputAPDUInfoType (iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType)1 InputUnitType (iso.std.iso_iec._24727.tech.schema.InputUnitType)1 PasswordAttributesType (iso.std.iso_iec._24727.tech.schema.PasswordAttributesType)1 PinCompareDIDAuthenticateInputType (iso.std.iso_iec._24727.tech.schema.PinCompareDIDAuthenticateInputType)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial