Search in sources :

Example 16 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class CardUtils method selectApplicationByAID.

/**
 * Select an application by the application identifier.
 * This method requests the FCP of the application.
 *
 * @param dispatcher
 * @param slotHandle
 * @param aid Application identifier
 * @return Response APDU of the select command.
 * @throws APDUException Thrown in case there was an error while processing the command APDU.
 */
public static CardResponseAPDU selectApplicationByAID(Dispatcher dispatcher, byte[] slotHandle, byte[] aid) throws APDUException {
    Select selectApp = new Select((byte) 0x04, (byte) 0x04);
    selectApp.setData(aid);
    selectApp.setLE((byte) 0xFF);
    CardResponseAPDU result = selectApp.transmit(dispatcher, slotHandle);
    return result;
}
Also used : Select(org.openecard.common.apdu.Select) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU)

Example 17 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class CardUtils method selectApplicationByFID.

/**
 * Select an application by it's file identifier.
 *
 * @param dispatcher The message dispatcher for the interaction with the card.
 * @param slotHandle
 * @param fileID File identitfier of an application or a path to the application.
 * @return The {@link CardResponseAPDU} from the last select which means the select of the application to select.
 * @throws APDUException
 */
public static CardResponseAPDU selectApplicationByFID(Dispatcher dispatcher, byte[] slotHandle, byte[] fileID) throws APDUException {
    Select selectApp;
    CardResponseAPDU result = null;
    // respect the possibility that fileID could be a path
    int i = 0;
    while (i < fileID.length) {
        if (fileID[i] == (byte) 0x3F && fileID[i + 1] == (byte) 0x00 && i == 0 && i + 1 == 1) {
            selectApp = new MasterFile();
            i = i + 2;
        } else {
            selectApp = new Select.ChildDirectory(new byte[] { fileID[i], fileID[i + 1] });
            selectApp.setLE((byte) 0xFF);
            selectApp.setFCP();
            i = i + 2;
        }
        result = selectApp.transmit(dispatcher, slotHandle);
    }
    return result;
}
Also used : Select(org.openecard.common.apdu.Select) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) MasterFile(org.openecard.common.apdu.Select.MasterFile)

Example 18 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class TinySAL method cardApplicationSelect.

@Override
public CardApplicationSelectResponse cardApplicationSelect(CardApplicationSelect request) {
    CardApplicationSelectResponse response = WSHelper.makeResponse(CardApplicationSelectResponse.class, WSHelper.makeResultOK());
    try {
        byte[] slotHandle = request.getSlotHandle();
        ConnectionHandleType connectionHandle = SALUtils.createConnectionHandle(slotHandle);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle);
        byte[] reqApplicationID = request.getCardApplication();
        Assert.assertIncorrectParameter(reqApplicationID, "The parameter CardApplication is empty.");
        CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
        CardApplicationWrapper appInfo = cardInfoWrapper.getCardApplication(reqApplicationID);
        Assert.assertNamedEntityNotFound(appInfo, "The given Application cannot be found.");
        Assert.securityConditionApplication(cardStateEntry, reqApplicationID, ConnectionServiceActionName.CARD_APPLICATION_CONNECT);
        // check if the currently selected application is already what the caller wants
        byte[] curApplicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        if (!ByteUtils.compare(reqApplicationID, curApplicationID)) {
            // Select the card application
            CardCommandAPDU select;
            // TODO: proper determination of path, file and app id
            if (reqApplicationID.length == 2) {
                select = new Select.File(reqApplicationID);
                List<byte[]> responses = new ArrayList<>();
                responses.add(TrailerConstants.Success.OK());
                responses.add(TrailerConstants.Error.WRONG_P1_P2());
                CardResponseAPDU resp = select.transmit(env.getDispatcher(), slotHandle, responses);
                if (Arrays.equals(resp.getTrailer(), TrailerConstants.Error.WRONG_P1_P2())) {
                    select = new Select.AbsolutePath(reqApplicationID);
                    select.transmit(env.getDispatcher(), slotHandle);
                }
            } else {
                select = new Select.Application(reqApplicationID);
                select.transmit(env.getDispatcher(), slotHandle);
            }
            cardStateEntry.setCurrentCardApplication(reqApplicationID);
            // reset the ef FCP
            cardStateEntry.unsetFCPOfSelectedEF();
        }
        response.setConnectionHandle(cardStateEntry.handleCopy());
    } catch (ECardException e) {
        response.setResult(e.getResult());
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardCommandAPDU(org.openecard.common.apdu.common.CardCommandAPDU) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) CardApplicationSelectResponse(iso.std.iso_iec._24727.tech.schema.CardApplicationSelectResponse) CardInfoWrapper(org.openecard.common.sal.state.cif.CardInfoWrapper) ArrayList(java.util.ArrayList) ECardException(org.openecard.common.ECardException) CardApplicationWrapper(org.openecard.common.sal.state.cif.CardApplicationWrapper) Select(org.openecard.common.apdu.Select) CardApplicationSelect(iso.std.iso_iec._24727.tech.schema.CardApplicationSelect) DataSetSelect(iso.std.iso_iec._24727.tech.schema.DataSetSelect) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU)

Example 19 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class TinySAL method dsiRead.

/**
 * The DSIRead function reads out the content of a specific DSI (Data Structure for Interoperability).
 * See BSI-TR-03112-4, version 1.1.2, section 3.4.9.
 *
 * @param request DSIRead
 * @return DSIReadResponse
 */
@Publish
@Override
public DSIReadResponse dsiRead(DSIRead request) {
    DSIReadResponse response = WSHelper.makeResponse(DSIReadResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle);
        byte[] applicationID = cardStateEntry.getCurrentCardApplication().getApplicationIdentifier();
        String dsiName = request.getDSIName();
        byte[] slotHandle = connectionHandle.getSlotHandle();
        Assert.assertIncorrectParameter(dsiName, "The parameter DSIName is empty.");
        Assert.securityConditionDataSet(cardStateEntry, applicationID, dsiName, NamedDataServiceActionName.DSI_READ);
        if (cardStateEntry.getFCPOfSelectedEF() == null) {
            throw new PrerequisitesNotSatisfiedException("No DataSet to read selected.");
        }
        CardInfoWrapper cardInfoWrapper = cardStateEntry.getInfo();
        DataSetInfoType dataSetInfo = cardInfoWrapper.getDataSetByDsiName(dsiName);
        if (dataSetInfo == null) {
            // there is no data set which contains the given dsi name so the name should be an data set name
            dataSetInfo = cardInfoWrapper.getDataSetByName(dsiName);
            if (dataSetInfo != null) {
                if (!cardStateEntry.getFCPOfSelectedEF().getFileIdentifiers().isEmpty()) {
                    byte[] path = dataSetInfo.getDataSetPath().getEfIdOrPath();
                    byte[] fid = Arrays.copyOfRange(path, path.length - 2, path.length);
                    if (!Arrays.equals(fid, cardStateEntry.getFCPOfSelectedEF().getFileIdentifiers().get(0))) {
                        String msg = "Wrong DataSet for reading the DSI " + dsiName + " is selected.";
                        throw new PrerequisitesNotSatisfiedException(msg);
                    }
                }
                byte[] fileContent = CardUtils.readFile(cardStateEntry.getFCPOfSelectedEF(), env.getDispatcher(), slotHandle);
                response.setDSIContent(fileContent);
            } else {
                String msg = "The given DSIName does not related to any know DSI or DataSet.";
                throw new IncorrectParameterException(msg);
            }
        } else {
            // There exists a data set with the given dsi name
            // check whether the correct file is selected
            byte[] dataSetPath = dataSetInfo.getDataSetPath().getEfIdOrPath();
            byte[] dataSetFID = new byte[] { dataSetPath[dataSetPath.length - 2], dataSetPath[dataSetPath.length - 1] };
            if (Arrays.equals(dataSetFID, cardStateEntry.getFCPOfSelectedEF().getFileIdentifiers().get(0))) {
                DSIType dsi = cardInfoWrapper.getDSIbyName(dsiName);
                PathType dsiPath = dsi.getDSIPath();
                if (dsiPath.getTagRef() != null) {
                    TagRef tagReference = dsiPath.getTagRef();
                    byte[] tag = tagReference.getTag();
                    GetData getDataRequest;
                    if (tag.length == 2) {
                        getDataRequest = new GetData(GetData.INS_DATA, tag[0], tag[1]);
                        CardResponseAPDU cardResponse = getDataRequest.transmit(env.getDispatcher(), slotHandle, Collections.EMPTY_LIST);
                        byte[] responseData = cardResponse.getData();
                        while (cardResponse.getTrailer()[0] == (byte) 0x61) {
                            GetResponse allData = new GetResponse();
                            cardResponse = allData.transmit(env.getDispatcher(), slotHandle, Collections.EMPTY_LIST);
                            responseData = ByteUtils.concatenate(responseData, cardResponse.getData());
                        }
                        response.setDSIContent(responseData);
                    } else if (tag.length == 1) {
                        // how to determine Simple- or BER-TLV in this case correctly?
                        // Now try Simple-TLV first and if it fail try BER-TLV
                        getDataRequest = new GetData(GetData.INS_DATA, GetData.SIMPLE_TLV, tag[0]);
                        CardResponseAPDU cardResponse = getDataRequest.transmit(env.getDispatcher(), slotHandle, Collections.EMPTY_LIST);
                        byte[] responseData = cardResponse.getData();
                        // just an assumption
                        if (Arrays.equals(cardResponse.getTrailer(), new byte[] { (byte) 0x6A, (byte) 0x88 })) {
                            getDataRequest = new GetData(GetData.INS_DATA, GetData.BER_TLV_ONE_BYTE, tag[0]);
                            cardResponse = getDataRequest.transmit(env.getDispatcher(), slotHandle, Collections.EMPTY_LIST);
                            responseData = cardResponse.getData();
                        }
                        while (cardResponse.getTrailer()[0] == (byte) 0x61) {
                            GetResponse allData = new GetResponse();
                            cardResponse = allData.transmit(env.getDispatcher(), slotHandle, Collections.EMPTY_LIST);
                            responseData = ByteUtils.concatenate(responseData, cardResponse.getData());
                        }
                        response.setDSIContent(responseData);
                    }
                } else if (dsiPath.getIndex() != null) {
                    byte[] index = dsiPath.getIndex();
                    byte[] length = dsiPath.getLength();
                    List<byte[]> allowedResponse = new ArrayList<>();
                    allowedResponse.add(new byte[] { (byte) 0x90, (byte) 0x00 });
                    allowedResponse.add(new byte[] { (byte) 0x62, (byte) 0x82 });
                    if (cardStateEntry.getFCPOfSelectedEF().getDataElements().isLinear()) {
                        // in this case we use the index as record number and the length as length of record
                        ReadRecord readRecord = new ReadRecord(index[0]);
                        // NOTE: For record based files TR-0312-4 states to ignore the length field in case of records
                        CardResponseAPDU cardResponse = readRecord.transmit(env.getDispatcher(), slotHandle, allowedResponse);
                        response.setDSIContent(cardResponse.getData());
                    } else {
                        // in this case we use index as offset and length as the expected length
                        ReadBinary readBinary = new ReadBinary(ByteUtils.toShort(index), ByteUtils.toShort(length));
                        CardResponseAPDU cardResponse = readBinary.transmit(env.getDispatcher(), slotHandle, allowedResponse);
                        response.setDSIContent(cardResponse.getData());
                    }
                } else {
                    String msg = "The currently selected data set does not contain the DSI with the name " + dsiName;
                    throw new PrerequisitesNotSatisfiedException(msg);
                }
            }
        }
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throwThreadKillException(e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) DSIType(iso.std.iso_iec._24727.tech.schema.DSIType) CardInfoWrapper(org.openecard.common.sal.state.cif.CardInfoWrapper) TagRef(iso.std.iso_iec._24727.tech.schema.PathType.TagRef) GetResponse(org.openecard.common.apdu.GetResponse) DIDGetResponse(iso.std.iso_iec._24727.tech.schema.DIDGetResponse) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) NameExistsException(org.openecard.common.sal.exception.NameExistsException) AddonNotFoundException(org.openecard.addon.AddonNotFoundException) ThreadTerminateException(org.openecard.common.ThreadTerminateException) ECardException(org.openecard.common.ECardException) NamedEntityNotFoundException(org.openecard.common.sal.exception.NamedEntityNotFoundException) UnknownProtocolException(org.openecard.common.sal.exception.UnknownProtocolException) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) InappropriateProtocolForActionException(org.openecard.common.sal.exception.InappropriateProtocolForActionException) TLVException(org.openecard.common.tlv.TLVException) SecurityConditionNotSatisfiedException(org.openecard.common.sal.exception.SecurityConditionNotSatisfiedException) UnknownConnectionHandleException(org.openecard.common.sal.exception.UnknownConnectionHandleException) PathType(iso.std.iso_iec._24727.tech.schema.PathType) CardApplicationPathType(iso.std.iso_iec._24727.tech.schema.CardApplicationPathType) ECardException(org.openecard.common.ECardException) PrerequisitesNotSatisfiedException(org.openecard.common.sal.exception.PrerequisitesNotSatisfiedException) ReadRecord(org.openecard.common.apdu.ReadRecord) ReadBinary(org.openecard.common.apdu.ReadBinary) GetData(org.openecard.common.apdu.GetData) DataSetInfoType(iso.std.iso_iec._24727.tech.schema.DataSetInfoType) IncorrectParameterException(org.openecard.common.sal.exception.IncorrectParameterException) DataSetList(iso.std.iso_iec._24727.tech.schema.DataSetList) DSIList(iso.std.iso_iec._24727.tech.schema.DSIList) CardApplicationList(iso.std.iso_iec._24727.tech.schema.CardApplicationList) CardApplicationServiceList(iso.std.iso_iec._24727.tech.schema.CardApplicationServiceList) ArrayList(java.util.ArrayList) DIDList(iso.std.iso_iec._24727.tech.schema.DIDList) ACLList(iso.std.iso_iec._24727.tech.schema.ACLList) List(java.util.List) CardApplicationServiceNameList(iso.std.iso_iec._24727.tech.schema.CardApplicationServiceListResponse.CardApplicationServiceNameList) CardApplicationNameList(iso.std.iso_iec._24727.tech.schema.CardApplicationListResponse.CardApplicationNameList) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) DSIReadResponse(iso.std.iso_iec._24727.tech.schema.DSIReadResponse) Publish(org.openecard.common.interfaces.Publish)

Example 20 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class PACEProtocol method establish.

@Override
public EstablishChannelResponse establish(EstablishChannel req, Dispatcher dispatcher, UserConsent gui) {
    EstablishChannelResponse response = new EstablishChannelResponse();
    try {
        // Get parameters for the PACE protocol
        PACEInputType paceInput = new PACEInputType(req.getAuthenticationProtocolData());
        byte[] pin;
        byte pinID = paceInput.getPINID();
        byte[] chat = paceInput.getCHAT();
        if (paceInput.getPIN() == null || paceInput.getPIN().isEmpty()) {
            // GUI request
            GUIContentMap content = new GUIContentMap();
            content.add(GUIContentMap.ELEMENT.PIN_ID, pinID);
            PACEUserConsent paceUserConsent = new PACEUserConsent(gui);
            paceUserConsent.show(content);
            pin = ((String) content.get(GUIContentMap.ELEMENT.PIN)).getBytes(PACEConstants.PIN_CHARSET);
        } else {
            pin = paceInput.getPIN().getBytes(PACEConstants.PIN_CHARSET);
        }
        if (pin == null || pin.length == 0) {
            response.setResult(WSHelper.makeResultError(ECardConstants.Minor.IFD.CANCELLATION_BY_USER, "No PIN was entered."));
            return response;
        }
        // Read EF.CardAccess from card
        byte[] slotHandle = req.getSlotHandle();
        CardResponseAPDU resp = CardUtils.selectFileWithOptions(dispatcher, slotHandle, ShortUtils.toByteArray(PACEConstants.EF_CARDACCESS_FID), null, CardUtils.FCP_RESPONSE_DATA);
        FCP efCardAccessFCP = new FCP(TLV.fromBER(resp.getData()));
        byte[] efcadata = CardUtils.readFile(efCardAccessFCP, dispatcher, slotHandle);
        // Parse SecurityInfos and get PACESecurityInfos
        SecurityInfos sis = SecurityInfos.getInstance(efcadata);
        EFCardAccess efca = new EFCardAccess(sis);
        PACESecurityInfos psi = efca.getPACESecurityInfos();
        // Start PACE
        PACEImplementation pace = new PACEImplementation(dispatcher, slotHandle, psi);
        pace.execute(pin, pinID, chat);
        // Establish Secure Messaging channel
        sm = new SecureMessaging(pace.getKeyMAC(), pace.getKeyENC());
        // Create AuthenticationProtocolData (PACEOutputType)
        PACEOutputType paceOutput = paceInput.getOutputType();
        paceOutput.setEFCardAccess(efcadata);
        paceOutput.setCurrentCAR(pace.getCurrentCAR());
        paceOutput.setPreviousCAR(pace.getPreviousCAR());
        paceOutput.setIDPICC(pace.getIDPICC());
        paceOutput.setRetryCounter(pace.getRetryCounter());
        // Create EstablishChannelResponse
        response.setResult(WSHelper.makeResultOK());
        response.setAuthenticationProtocolData(paceOutput.getAuthDataType());
    } catch (UnsupportedEncodingException ex) {
        logger.error(ex.getMessage(), ex);
        response.setResult(WSHelper.makeResultError(ECardConstants.Minor.IFD.IO.UNKNOWN_PIN_FORMAT, "Cannot encode the PIN in " + PACEConstants.PIN_CHARSET + " charset."));
    } catch (ProtocolException ex) {
        logger.error(ex.getMessage(), ex);
        response.setResult(WSHelper.makeResult(ex));
    } catch (Throwable ex) {
        logger.error(ex.getMessage(), ex);
        response.setResult(WSHelper.makeResult(ex));
    }
    return response;
}
Also used : ProtocolException(org.openecard.common.ifd.protocol.exception.ProtocolException) EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse) EFCardAccess(org.openecard.crypto.common.asn1.eac.ef.EFCardAccess) PACESecurityInfos(org.openecard.crypto.common.asn1.eac.PACESecurityInfos) SecurityInfos(org.openecard.crypto.common.asn1.eac.SecurityInfos) UnsupportedEncodingException(java.io.UnsupportedEncodingException) PACEInputType(org.openecard.common.ifd.anytype.PACEInputType) FCP(org.openecard.common.tlv.iso7816.FCP) PACESecurityInfos(org.openecard.crypto.common.asn1.eac.PACESecurityInfos) PACEOutputType(org.openecard.common.ifd.anytype.PACEOutputType) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) GUIContentMap(org.openecard.ifd.protocol.pace.gui.GUIContentMap)

Aggregations

CardResponseAPDU (org.openecard.common.apdu.common.CardResponseAPDU)24 CardCommandAPDU (org.openecard.common.apdu.common.CardCommandAPDU)9 ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)7 CardStateEntry (org.openecard.common.sal.state.CardStateEntry)7 ECardException (org.openecard.common.ECardException)6 APDUException (org.openecard.common.apdu.exception.APDUException)6 Select (org.openecard.common.apdu.Select)5 TLVException (org.openecard.common.tlv.TLVException)4 FCP (org.openecard.common.tlv.iso7816.FCP)4 InputAPDUInfoType (iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType)3 Transmit (iso.std.iso_iec._24727.tech.schema.Transmit)3 TransmitResponse (iso.std.iso_iec._24727.tech.schema.TransmitResponse)3 BigInteger (java.math.BigInteger)3 ArrayList (java.util.ArrayList)3 CardApplicationPathType (iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)2 CardApplicationSelect (iso.std.iso_iec._24727.tech.schema.CardApplicationSelect)2 DIDAuthenticateResponse (iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)2 DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)2 DataSetInfoType (iso.std.iso_iec._24727.tech.schema.DataSetInfoType)2 DataSetSelect (iso.std.iso_iec._24727.tech.schema.DataSetSelect)2