Search in sources :

Example 21 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class PCSCChannel method transmit.

@Override
public CardResponseAPDU transmit(byte[] command) throws SCIOException {
    try {
        CommandAPDU convertCommand = new CommandAPDU(command);
        ResponseAPDU response = channel.transmit(convertCommand);
        return new CardResponseAPDU(response.getBytes());
    } catch (CardException ex) {
        String msg = "Failed to transmit APDU to the card in terminal '%s'.";
        throw new SCIOException(String.format(msg, card.getTerminal().getName()), getCode(ex), ex);
    }
}
Also used : SCIOException(org.openecard.common.ifd.scio.SCIOException) ResponseAPDU(javax.smartcardio.ResponseAPDU) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) CardException(javax.smartcardio.CardException) CardCommandAPDU(org.openecard.common.apdu.common.CardCommandAPDU) CommandAPDU(javax.smartcardio.CommandAPDU) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU)

Example 22 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class DecipherStep method perform.

@Override
public DecipherResponse perform(Decipher request, Map<String, Object> internalData) {
    DecipherResponse response = WSHelper.makeResponse(DecipherResponse.class, WSHelper.makeResultOK());
    try {
        ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
        String didName = SALUtils.getDIDName(request);
        byte[] applicationID = connectionHandle.getCardApplication();
        CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(internalData, connectionHandle);
        Assert.securityConditionDID(cardStateEntry, applicationID, didName, CryptographicServiceActionName.DECIPHER);
        DIDStructureType didStructure = SALUtils.getDIDStructure(request, didName, cardStateEntry, connectionHandle);
        CryptoMarkerType cryptoMarker = new CryptoMarkerType(didStructure.getDIDMarker());
        byte[] keyReference = cryptoMarker.getCryptoKeyInfo().getKeyRef().getKeyRef();
        byte[] algorithmIdentifier = cryptoMarker.getAlgorithmInfo().getCardAlgRef();
        byte[] slotHandle = connectionHandle.getSlotHandle();
        // See eGK specification, part 1, version 2.2.0, section 15.9.6.
        if (didStructure.getDIDScope().equals(DIDScopeType.LOCAL)) {
            keyReference[0] = (byte) (0x80 | keyReference[0]);
        }
        TLV tagKeyReference = new TLV();
        tagKeyReference.setTagNumWithClass(0x84);
        tagKeyReference.setValue(keyReference);
        TLV tagAlgorithmIdentifier = new TLV();
        tagAlgorithmIdentifier.setTagNumWithClass(0x80);
        tagAlgorithmIdentifier.setValue(algorithmIdentifier);
        byte[] mseData = ByteUtils.concatenate(tagKeyReference.toBER(), tagAlgorithmIdentifier.toBER());
        CardCommandAPDU apdu = new ManageSecurityEnvironment((byte) 0x41, ManageSecurityEnvironment.CT, mseData);
        apdu.transmit(dispatcher, slotHandle);
        byte[] ciphertext = request.getCipherText();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        BigInteger bitKeySize = cryptoMarker.getCryptoKeyInfo().getKeySize();
        int blocksize = bitKeySize.divide(new BigInteger("8")).intValue();
        // check if the ciphertext length is divisible by the blocksize without rest
        if ((ciphertext.length % blocksize) != 0) {
            return WSHelper.makeResponse(DecipherResponse.class, WSHelper.makeResultError(ECardConstants.Minor.App.INCORRECT_PARM, "The length of the ciphertext should be a multiple of the blocksize."));
        }
        // decrypt the ciphertext block for block
        for (int offset = 0; offset < ciphertext.length; offset += blocksize) {
            byte[] ciphertextblock = ByteUtils.copy(ciphertext, offset, blocksize);
            apdu = new PSODecipher(ByteUtils.concatenate(PADDING_INDICATOR_BYTE, ciphertextblock), (byte) blocksize);
            CardResponseAPDU responseAPDU = apdu.transmit(dispatcher, slotHandle);
            baos.write(responseAPDU.getData());
        }
        response.setPlainText(baos.toByteArray());
    } catch (ECardException e) {
        response.setResult(e.getResult());
    } catch (Exception e) {
        logger.error(e.getMessage(), e);
        response.setResult(WSHelper.makeResult(e));
    }
    return response;
}
Also used : ConnectionHandleType(iso.std.iso_iec._24727.tech.schema.ConnectionHandleType) CardCommandAPDU(org.openecard.common.apdu.common.CardCommandAPDU) CardStateEntry(org.openecard.common.sal.state.CardStateEntry) CryptoMarkerType(org.openecard.crypto.common.sal.did.CryptoMarkerType) ByteArrayOutputStream(java.io.ByteArrayOutputStream) PSODecipher(org.openecard.sal.protocol.genericcryptography.apdu.PSODecipher) ECardException(org.openecard.common.ECardException) ECardException(org.openecard.common.ECardException) BigInteger(java.math.BigInteger) DecipherResponse(iso.std.iso_iec._24727.tech.schema.DecipherResponse) DIDStructureType(iso.std.iso_iec._24727.tech.schema.DIDStructureType) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) ManageSecurityEnvironment(org.openecard.common.apdu.ManageSecurityEnvironment) TLV(org.openecard.common.tlv.TLV)

Example 23 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class GenericPINAction method performUnblockPIN.

private StepActionResult performUnblockPIN(Map<String, ExecutionResults> oldResults) {
    try {
        EstablishChannelResponse pukResponse = performPACEWithPUK(oldResults);
        if (pukResponse == null) {
            gPINStep.setWrongPUKFormat(true);
            gPINStep.setFailedPUKVerify(false);
            // to reset the text fields
            gPINStep.updateState(state);
            return new StepActionResult(StepActionResultStatus.REPEAT);
        }
        if (pukResponse.getResult().getResultMajor().equals(ECardConstants.Major.ERROR)) {
            if (pukResponse.getResult().getResultMinor().equals(ECardConstants.Minor.IFD.AUTHENTICATION_FAILED)) {
                // i think we should not display the counter
                // gPINStep.decreasePUKCounter();
                gPINStep.setWrongPUKFormat(false);
                gPINStep.setFailedPUKVerify(true);
                // to reset the text fields
                gPINStep.updateState(state);
                return new StepActionResult(StepActionResultStatus.REPEAT);
            } else {
                WSHelper.checkResult(pukResponse);
            }
        }
        // Here no exception is thrown so sent the ResetRetryCounter command
        ResetRetryCounter resetRetryCounter = new ResetRetryCounter((byte) 0x03);
        List<byte[]> responses = new ArrayList<>();
        responses.add(new byte[] { (byte) 0x90, (byte) 0x00 });
        responses.add(new byte[] { (byte) 0x69, (byte) 0x84 });
        CardResponseAPDU resetCounterResponse = resetRetryCounter.transmit(dispatcher, slotHandle, responses);
        if (Arrays.equals(resetCounterResponse.getTrailer(), new byte[] { (byte) 0x69, (byte) 0x84 })) {
            gPINStep.updateState(RecognizedState.PUK_blocked);
            return new StepActionResult(StepActionResultStatus.REPEAT);
        } else if (Arrays.equals(resetCounterResponse.getTrailer(), new byte[] { (byte) 0x90, (byte) 0x00 })) {
            gPINStep.updateState(RecognizedState.PIN_activated_RC3);
            return new StepActionResult(StepActionResultStatus.REPEAT, generateSuccessStep(lang.translationForKey(PUK_SUCCESS)));
        } else {
            gPINStep.updateState(RecognizedState.UNKNOWN);
            return new StepActionResult(StepActionResultStatus.REPEAT);
        }
    } catch (APDUException | ParserConfigurationException ex) {
        LOG.error("An internal error occurred while trying to unblock the PIN.", ex);
        return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_INTERNAL)));
    } catch (WSHelper.WSException ex) {
        // This is for PIN Pad Readers in case the user pressed the cancel button on the reader.
        if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.CANCELLATION_BY_USER)) {
            LOG.error("User canceled the authentication manually or removed the card.", ex);
            return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_USER_CANCELLATION_OR_CARD_REMOVED)));
        }
        // for users which forgot to type in something
        if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.TIMEOUT_ERROR)) {
            LOG.error("The terminal timed out no password was entered.", ex);
            return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_TIMEOUT)));
        }
        // for people which think they have to remove the card in the process
        if (ex.getResultMinor().equals(ECardConstants.Minor.IFD.INVALID_SLOT_HANDLE)) {
            LOG.error("The SlotHandle was invalid so probably the user removed the card or an reset occurred.", ex);
            return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_CARD_REMOVED)));
        }
        // We don't know what happend so just show an general error message
        LOG.error("An unknown error occurred while trying to verify the PUK.", ex);
        return new StepActionResult(StepActionResultStatus.REPEAT, generateErrorStep(lang.translationForKey(ERROR_UNKNOWN)));
    } finally {
        // destroy the pace channel
        DestroyChannel destChannel = new DestroyChannel();
        destChannel.setSlotHandle(slotHandle);
        dispatcher.safeDeliver(destChannel);
        // For readers which do not support DestroyChannel but have generic pace support
        Disconnect disconnect = new Disconnect();
        disconnect.setSlotHandle(slotHandle);
        disconnect.setAction(ActionType.RESET);
        dispatcher.safeDeliver(disconnect);
    }
}
Also used : WSHelper(org.openecard.common.WSHelper) APDUException(org.openecard.common.apdu.exception.APDUException) ResetRetryCounter(org.openecard.common.apdu.ResetRetryCounter) EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse) ArrayList(java.util.ArrayList) StepActionResult(org.openecard.gui.executor.StepActionResult) Disconnect(iso.std.iso_iec._24727.tech.schema.Disconnect) CardApplicationDisconnect(iso.std.iso_iec._24727.tech.schema.CardApplicationDisconnect) DestroyChannel(iso.std.iso_iec._24727.tech.schema.DestroyChannel) ParserConfigurationException(javax.xml.parsers.ParserConfigurationException) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU)

Example 24 with CardResponseAPDU

use of org.openecard.common.apdu.common.CardResponseAPDU in project open-ecard by ecsec.

the class TerminalAuthentication method getChallenge.

/**
 * Gets a challenge from the PICC.
 * Sends a Get Challenge APDU. (Protocol step 3)
 * See BSI-TR-03110, version 2.10, part 3, B.11.6.
 *
 * @return Challenge
 * @throws ProtocolException
 */
public byte[] getChallenge() throws ProtocolException {
    try {
        CardCommandAPDU getChallenge = new GetChallenge();
        CardResponseAPDU response = getChallenge.transmit(dispatcher, slotHandle);
        return response.getData();
    } catch (APDUException e) {
        throw new ProtocolException(e.getResult());
    }
}
Also used : CardCommandAPDU(org.openecard.common.apdu.common.CardCommandAPDU) ProtocolException(org.openecard.common.sal.protocol.exception.ProtocolException) APDUException(org.openecard.common.apdu.exception.APDUException) CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU) GetChallenge(org.openecard.common.apdu.GetChallenge)

Aggregations

CardResponseAPDU (org.openecard.common.apdu.common.CardResponseAPDU)24 CardCommandAPDU (org.openecard.common.apdu.common.CardCommandAPDU)9 ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)7 CardStateEntry (org.openecard.common.sal.state.CardStateEntry)7 ECardException (org.openecard.common.ECardException)6 APDUException (org.openecard.common.apdu.exception.APDUException)6 Select (org.openecard.common.apdu.Select)5 TLVException (org.openecard.common.tlv.TLVException)4 FCP (org.openecard.common.tlv.iso7816.FCP)4 InputAPDUInfoType (iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType)3 Transmit (iso.std.iso_iec._24727.tech.schema.Transmit)3 TransmitResponse (iso.std.iso_iec._24727.tech.schema.TransmitResponse)3 BigInteger (java.math.BigInteger)3 ArrayList (java.util.ArrayList)3 CardApplicationPathType (iso.std.iso_iec._24727.tech.schema.CardApplicationPathType)2 CardApplicationSelect (iso.std.iso_iec._24727.tech.schema.CardApplicationSelect)2 DIDAuthenticateResponse (iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)2 DIDStructureType (iso.std.iso_iec._24727.tech.schema.DIDStructureType)2 DataSetInfoType (iso.std.iso_iec._24727.tech.schema.DataSetInfoType)2 DataSetSelect (iso.std.iso_iec._24727.tech.schema.DataSetSelect)2