use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.
the class PCSCChannel method transmit.
@Override
public CardResponseAPDU transmit(byte[] command) throws SCIOException {
try {
CommandAPDU convertCommand = new CommandAPDU(command);
ResponseAPDU response = channel.transmit(convertCommand);
return new CardResponseAPDU(response.getBytes());
} catch (CardException ex) {
String msg = "Failed to transmit APDU to the card in terminal '%s'.";
throw new SCIOException(String.format(msg, card.getTerminal().getName()), getCode(ex), ex);
}
}
use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.
the class DecipherStep method perform.
@Override
public DecipherResponse perform(Decipher request, Map<String, Object> internalData) {
DecipherResponse response = WSHelper.makeResponse(DecipherResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
String didName = SALUtils.getDIDName(request);
byte[] applicationID = connectionHandle.getCardApplication();
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
Assert.securityConditionDID(cardStateEntry, applicationID, didName, CryptographicServiceActionName.DECIPHER);
DIDStructureType didStructure = SALUtils.getDIDStructure(request, didName, cardStateEntry, connectionHandle);
CryptoMarkerType cryptoMarker = new CryptoMarkerType(didStructure.getDIDMarker());
byte[] keyReference = cryptoMarker.getCryptoKeyInfo().getKeyRef().getKeyRef();
byte[] algorithmIdentifier = cryptoMarker.getAlgorithmInfo().getCardAlgRef();
byte[] slotHandle = connectionHandle.getSlotHandle();
// See eGK specification, part 1, version 2.2.0, section 15.9.6.
if (didStructure.getDIDScope().equals(DIDScopeType.LOCAL)) {
keyReference[0] = (byte) (0x80 | keyReference[0]);
}
TLV tagKeyReference = new TLV();
tagKeyReference.setTagNumWithClass(0x84);
tagKeyReference.setValue(keyReference);
TLV tagAlgorithmIdentifier = new TLV();
tagAlgorithmIdentifier.setTagNumWithClass(0x80);
tagAlgorithmIdentifier.setValue(algorithmIdentifier);
byte[] mseData = ByteUtils.concatenate(tagKeyReference.toBER(), tagAlgorithmIdentifier.toBER());
CardCommandAPDU apdu = new ManageSecurityEnvironment((byte) 0x41, ManageSecurityEnvironment.CT, mseData);
apdu.transmit(dispatcher, slotHandle);
byte[] ciphertext = request.getCipherText();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
BigInteger bitKeySize = cryptoMarker.getCryptoKeyInfo().getKeySize();
int blocksize = bitKeySize.divide(new BigInteger("8")).intValue();
// check if the ciphertext length is divisible by the blocksize without rest
if ((ciphertext.length % blocksize) != 0) {
return WSHelper.makeResponse(DecipherResponse.class, WSHelper.makeResultError(ECardConstants.Minor.App.INCORRECT_PARM, "The length of the ciphertext should be a multiple of the blocksize."));
}
// decrypt the ciphertext block for block
for (int offset = 0; offset < ciphertext.length; offset += blocksize) {
byte[] ciphertextblock = ByteUtils.copy(ciphertext, offset, blocksize);
apdu = new PSODecipher(ByteUtils.concatenate(PADDING_INDICATOR_BYTE, ciphertextblock), (byte) blocksize);
CardResponseAPDU responseAPDU = apdu.transmit(dispatcher, slotHandle);
baos.write(responseAPDU.getData());
}
response.setPlainText(baos.toByteArray());
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
logger.error(e.getMessage(), e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.
the class GenericPINAction method performUnblockPIN.
private StepActionResult performUnblockPIN(Map<String, ExecutionResults> oldResults) {
try {
EstablishChannelResponse pukResponse = performPACEWithPUK(oldResults);
if (pukResponse == null) {
gPINStep.setWrongPUKFormat(true);
gPINStep.setFailedPUKVerify(false);
// to reset the text fields
gPINStep.updateState(state);
return new StepActionResult(StepActionResultStatus.REPEAT);
}
if (pukResponse.getResult().getResultMajor().equals(ECardConstants.Major.ERROR)) {
if (pukResponse.getResult().getResultMinor().equals(ECardConstants.Minor.IFD.AUTHENTICATION_FAILED)) {
// i think we should not display the counter
// gPINStep.decreasePUKCounter();
gPINStep.setWrongPUKFormat(false);
gPINStep.setFailedPUKVerify(true);
// to reset the text fields
gPINStep.updateState(state);
return new StepActionResult(StepActionResultStatus.REPEAT);
} else {
WSHelper.checkResult(pukResponse);
}
}
// Here no exception is thrown so sent the ResetRetryCounter command
ResetRetryCounter resetRetryCounter = new ResetRetryCounter((byte) 0x03);
List<byte[]> responses = new ArrayList<>();
responses.add(new byte[] { (byte) 0x90, (byte) 0x00 });
responses.add(new byte[] { (byte) 0x69, (byte) 0x84 });
CardResponseAPDU resetCounterResponse = resetRetryCounter.transmit(dispatcher, slotHandle, responses);
if (Arrays.equals(resetCounterResponse.getTrailer(), new byte[] { (byte) 0x69, (byte) 0x84 })) {
gPINStep.updateState(RecognizedState.PUK_blocked);
return new StepActionResult(StepActionResultStatus.REPEAT);
} else if (Arrays.equals(resetCounterResponse.getTrailer(), new byte[] { (byte) 0x90, (byte) 0x00 })) {
gPINStep.updateState(RecognizedState.PIN_activated_RC3);
return new StepActionResult(StepActionResultStatus.REPEAT, generateSuccessStep(lang.translationForKey(PUK_SUCCESS)));
} else {
gPINStep.updateState(RecognizedState.UNKNOWN);
return new StepActionResult(StepActionResultStatus.REPEAT);
}
} catch (APDUException | ParserConfigurationException ex) {
LOG.error("An internal error occurred while trying to unblock the PIN.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_INTERNAL)));
} catch (WSHelper.WSException ex) {
// This is for PIN Pad Readers in case the user pressed the cancel button on the reader.
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.CANCELLATION_BY_USER)) {
LOG.error("User canceled the authentication manually or removed the card.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_USER_CANCELLATION_OR_CARD_REMOVED)));
}
// for users which forgot to type in something
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.TIMEOUT_ERROR)) {
LOG.error("The terminal timed out no password was entered.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_TIMEOUT)));
}
// for people which think they have to remove the card in the process
if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.INVALID_SLOT_HANDLE)) {
LOG.error("The SlotHandle was invalid so probably the user removed the card or an reset occurred.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_CARD_REMOVED)));
}
// We don't know what happend so just show an general error message
LOG.error("An unknown error occurred while trying to verify the PUK.", ex);
return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_UNKNOWN)));
} finally {
// destroy the pace channel
DestroyChannel destChannel = new DestroyChannel();
destChannel.setSlotHandle(slotHandle);
dispatcher.safeDeliver(destChannel);
// For readers which do not support DestroyChannel but have generic pace support
Disconnect disconnect = new Disconnect();
disconnect.setSlotHandle(slotHandle);
disconnect.setAction(ActionType.RESET);
dispatcher.safeDeliver(disconnect);
}
}
use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.
the class TerminalAuthentication method getChallenge.
/**
* Gets a challenge from the PICC.
* Sends a Get Challenge APDU. (Protocol step 3)
* See BSI-TR-03110, version 2.10, part 3, B.11.6.
*
* @return Challenge
* @throws ProtocolException
*/
public byte[] getChallenge() throws ProtocolException {
try {
CardCommandAPDU getChallenge = new GetChallenge();
CardResponseAPDU response = getChallenge.transmit(dispatcher, slotHandle);
return response.getData();
} catch (APDUException e) {
throw new ProtocolException(e.getResult());
}
}
Aggregations