Example 1 with UserConsentDescription
use of org.openecard.gui.definition.UserConsentDescription in project open-ecard by ecsec.
the class AbstractTerminal method pinUserConsent.
private UserConsentDescription pinUserConsent(String title, int minLength, int maxLength) {
UserConsentDescription uc = new UserConsentDescription(LANG.translationForKey(title), "pin_entry_dialog");
// create step
Step s = new Step("enter-pin", LANG.translationForKey("action.changepin.userconsent.pinstep.title"));
uc.getSteps().add(s);
// add text instructing user
// add text instructing user
Text i1 = new Text();
s.getInputInfoUnits().add(i1);
i1.setText(LANG.translationForKey("action.pinentry.userconsent.pinstep.enter_pin"));
PasswordField i2 = new PasswordField("pin");
s.getInputInfoUnits().add(i2);
i2.setDescription("PIN");
i2.setMinLength(minLength);
i2.setMaxLength(maxLength);
return uc;
}
Also used :
UserConsentDescription(org.openecard.gui.definition.UserConsentDescription)
Text(org.openecard.gui.definition.Text)
Step(org.openecard.gui.definition.Step)
PasswordField(org.openecard.gui.definition.PasswordField)
Example 2 with UserConsentDescription
use of org.openecard.gui.definition.UserConsentDescription in project open-ecard by ecsec.
the class AbstractTerminal method verifyUser.
public VerifyUserResponse verifyUser(VerifyUser verify) throws SCIOException, IFDException {
byte[] handle = verify.getSlotHandle();
// get capabilities
getCapabilities();
// check if is possible to perform PinCompare protocol
List<String> protoList = this.capabilities.getSlotCapability().get(0).getProtocol();
if (!protoList.contains(ECardConstants.Protocol.PIN_COMPARE)) {
throw new IFDException("PinCompare protocol is not supported by this IFD.");
}
// get values from requested command
InputUnitType inputUnit = verify.getInputUnit();
AltVUMessagesType allMsgs = getMessagesOrDefaults(verify.getAltVUMessages());
BigInteger firstTimeout = verify.getTimeoutUntilFirstKey();
firstTimeout = (firstTimeout == null) ? BigInteger.valueOf(60000) : firstTimeout;
BigInteger otherTimeout = verify.getTimeoutAfterFirstKey();
otherTimeout = (otherTimeout == null) ? BigInteger.valueOf(15000) : otherTimeout;
final byte[] template = verify.getTemplate();
VerifyUserResponse response;
Result result;
// check which type of authentication to perform
if (inputUnit.getBiometricInput() != null) {
// TODO: implement
String msg = "Biometric authentication not supported by IFD.";
IFDException ex = new IFDException(ECardConstants.Minor.IFD.IO.UNKNOWN_INPUT_UNIT, msg);
LOG.warn(ex.getMessage(), ex);
throw ex;
} else if (inputUnit.getPinInput() != null) {
final PinInputType pinInput = inputUnit.getPinInput();
// we have a sophisticated card reader
if (terminalInfo.supportsPinCompare()) {
// create custom pinAction to submit pin to terminal
NativePinStepAction pinAction = new NativePinStepAction("enter-pin", pinInput, channel, terminalInfo, template);
// display message instructing user what to do
UserConsentDescription uc = pinUserConsent("action.changepin.userconsent.pinstep.title", pinAction);
UserConsentNavigator ucr = gui.obtainNavigator(uc);
ExecutionEngine exec = new ExecutionEngine(ucr);
// run gui
ResultStatus status = exec.process();
if (status == ResultStatus.CANCEL) {
String msg = "PIN entry cancelled by user.";
LOG.warn(msg);
result = WSHelper.makeResultError(ECardConstants.Minor.IFD.CANCELLATION_BY_USER, msg);
response = WSHelper.makeResponse(VerifyUserResponse.class, result);
} else if (pinAction.exception != null) {
LOG.warn(pinAction.exception.getMessage(), pinAction.exception);
result = WSHelper.makeResultError(ECardConstants.Minor.IFD.AUTHENTICATION_FAILED, pinAction.exception.getMessage());
response = WSHelper.makeResponse(VerifyUserResponse.class, result);
} else {
// input by user
byte[] verifyResponse = pinAction.response;
// evaluate result
result = checkNativePinVerify(verifyResponse);
response = WSHelper.makeResponse(VerifyUserResponse.class, result);
response.setResponse(verifyResponse);
}
return response;
} else if (isVirtual()) {
// software method
// get pin, encode and send
int minLength = pinInput.getPasswordAttributes().getMinLength().intValue();
int maxLength = pinInput.getPasswordAttributes().getMaxLength().intValue();
UserConsentDescription uc = pinUserConsent("action.changepin.userconsent.pinstep.title", minLength, maxLength);
UserConsentNavigator ucr = gui.obtainNavigator(uc);
ExecutionEngine exec = new ExecutionEngine(ucr);
ResultStatus status = exec.process();
if (status == ResultStatus.CANCEL) {
String msg = "PIN entry cancelled by user.";
LOG.warn(msg);
result = WSHelper.makeResultError(ECardConstants.Minor.IFD.CANCELLATION_BY_USER, msg);
response = WSHelper.makeResponse(VerifyUserResponse.class, result);
return response;
}
char[] rawPIN = getPinFromUserConsent(exec);
PasswordAttributesType attributes = pinInput.getPasswordAttributes();
Transmit verifyTransmit;
try {
verifyTransmit = PINUtils.buildVerifyTransmit(rawPIN, attributes, template, handle);
} catch (UtilException e) {
String msg = "Failed to create the verifyTransmit message.";
LOG.error(msg, e);
result = WSHelper.makeResultError(ECardConstants.Minor.IFD.UNKNOWN_ERROR, msg);
response = WSHelper.makeResponse(VerifyUserResponse.class, result);
return response;
} finally {
Arrays.fill(rawPIN, ' ');
}
// send to reader
TransmitResponse transResp;
try {
transResp = ifd.transmit(verifyTransmit);
} finally {
// blank PIN APDU
for (InputAPDUInfoType apdu : verifyTransmit.getInputAPDUInfo()) {
byte[] rawApdu = apdu.getInputAPDU();
if (rawApdu != null) {
Arrays.fill(rawApdu, (byte) 0);
}
}
}
// produce messages
if (transResp.getResult().getResultMajor().equals(ECardConstants.Major.ERROR)) {
if (transResp.getOutputAPDU().isEmpty()) {
result = WSHelper.makeResultError(ECardConstants.Minor.IFD.AUTHENTICATION_FAILED, transResp.getResult().getResultMessage().getValue());
response = WSHelper.makeResponse(VerifyUserResponse.class, result);
return response;
} else {
response = WSHelper.makeResponse(VerifyUserResponse.class, transResp.getResult());
response.setResponse(transResp.getOutputAPDU().get(0));
// TODO: move this code to the PIN Compare protocol
if (response.getResponse() != null) {
CardResponseAPDU resApdu = new CardResponseAPDU(response.getResponse());
byte[] statusBytes = resApdu.getStatusBytes();
boolean isMainStatus = statusBytes[0] == (byte) 0x63;
boolean isMinorStatus = (statusBytes[1] & (byte) 0xF0) == (byte) 0xC0;
int triesLeft = statusBytes[1] & 0x0F;
if (isMainStatus && isMinorStatus && triesLeft > 0) {
LOG.info("PIN not entered successful. There are {} tries left.", statusBytes[1] & 0x0F);
return verifyUser(verify);
}
}
return response;
}
} else {
response = WSHelper.makeResponse(VerifyUserResponse.class, transResp.getResult());
response.setResponse(transResp.getOutputAPDU().get(0));
return response;
}
} else {
IFDException ex = new IFDException("No input unit available to perform PinCompare protocol.");
LOG.warn(ex.getMessage(), ex);
throw ex;
}
} else {
String msg = "Unsupported authentication input method requested.";
IFDException ex = new IFDException(ECardConstants.Minor.IFD.IO.UNKNOWN_INPUT_UNIT, msg);
LOG.warn(ex.getMessage(), ex);
throw ex;
}
}
Also used :
Transmit(iso.std.iso_iec._24727.tech.schema.Transmit)
PasswordAttributesType(iso.std.iso_iec._24727.tech.schema.PasswordAttributesType)
ResultStatus(org.openecard.gui.ResultStatus)
AltVUMessagesType(iso.std.iso_iec._24727.tech.schema.AltVUMessagesType)
VerifyUserResponse(iso.std.iso_iec._24727.tech.schema.VerifyUserResponse)
UtilException(org.openecard.common.util.UtilException)
InputAPDUInfoType(iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType)
UserConsentNavigator(org.openecard.gui.UserConsentNavigator)
Result(oasis.names.tc.dss._1_0.core.schema.Result)
InputUnitType(iso.std.iso_iec._24727.tech.schema.InputUnitType)
ExecutionEngine(org.openecard.gui.executor.ExecutionEngine)
UserConsentDescription(org.openecard.gui.definition.UserConsentDescription)
BigInteger(java.math.BigInteger)
TransmitResponse(iso.std.iso_iec._24727.tech.schema.TransmitResponse)
CardResponseAPDU(org.openecard.common.apdu.common.CardResponseAPDU)
PinInputType(iso.std.iso_iec._24727.tech.schema.PinInputType)
Example 3 with UserConsentDescription
use of org.openecard.gui.definition.UserConsentDescription in project open-ecard by ecsec.
the class RunGUI method setUp.
@BeforeTest
public void setUp() throws Exception {
uc = new UserConsentDescription("Identitätsnachweis");
uc.getSteps().add(identityCheckStep());
uc.getSteps().add(providerInfoStep());
Step requestedDataStep = requestedDataStep();
uc.getSteps().add(requestedDataStep);
uc.getSteps().add(pinInputStep(requestedDataStep));
uc.getSteps().add(checkDataStep());
GUIDefaults.initialize();
}
Also used :
UserConsentDescription(org.openecard.gui.definition.UserConsentDescription)
Step(org.openecard.gui.definition.Step)
BeforeTest(org.testng.annotations.BeforeTest)
Example 4 with UserConsentDescription
use of org.openecard.gui.definition.UserConsentDescription in project open-ecard by ecsec.
the class PinEntryDialog method createUserConsentDescription.
private UserConsentDescription createUserConsentDescription() throws CryptokiException {
String title = LANG.translationForKey("action.changepin.userconsent.pinstep.title");
UserConsentDescription uc = new UserConsentDescription(title, "pin_entry_dialog");
pinStep = new PinEntryStep(protectedAuthPath, pinMarker, session);
uc.getSteps().add(pinStep);
return uc;
}
Also used :
UserConsentDescription(org.openecard.gui.definition.UserConsentDescription)
Example 5 with UserConsentDescription
use of org.openecard.gui.definition.UserConsentDescription in project open-ecard by ecsec.
the class PACEUserConsent method show.
/**
* Shows the user consent.
*
* @param content GUI content
*/
public void show(GUIContentMap content) {
final UserConsentDescription uc = new UserConsentDescription(lang.translationForKey(USER_CONSENT));
final PINStep pinStep = new PINStep(content);
uc.getSteps().add(pinStep.getStep());
UserConsentNavigator navigator = gui.obtainNavigator(uc);
ExecutionEngine exec = new ExecutionEngine(navigator);
exec.process();
pinStep.processResult(exec.getResults());
}
Also used :
ExecutionEngine(org.openecard.gui.executor.ExecutionEngine)
PINStep(org.openecard.ifd.protocol.pace.gui.PINStep)
UserConsentDescription(org.openecard.gui.definition.UserConsentDescription)
UserConsentNavigator(org.openecard.gui.UserConsentNavigator)
Aggregations
UserConsentDescription (org.openecard.gui.definition.UserConsentDescription)18
Step (org.openecard.gui.definition.Step)8
Text (org.openecard.gui.definition.Text)7
ExecutionEngine (org.openecard.gui.executor.ExecutionEngine)6
UserConsentNavigator (org.openecard.gui.UserConsentNavigator)4
ResultStatus (org.openecard.gui.ResultStatus)3
ConnectionHandleType (iso.std.iso_iec._24727.tech.schema.ConnectionHandleType)2
InputAPDUInfoType (iso.std.iso_iec._24727.tech.schema.InputAPDUInfoType)2
Transmit (iso.std.iso_iec._24727.tech.schema.Transmit)2
TransmitResponse (iso.std.iso_iec._24727.tech.schema.TransmitResponse)2
Result (oasis.names.tc.dss._1_0.core.schema.Result)2
CardResponseAPDU (org.openecard.common.apdu.common.CardResponseAPDU)2
UserConsent (org.openecard.gui.UserConsent)2
Test (org.testng.annotations.Test)2
AltVUMessagesType (iso.std.iso_iec._24727.tech.schema.AltVUMessagesType)1
DIDAuthenticate (iso.std.iso_iec._24727.tech.schema.DIDAuthenticate)1
DIDAuthenticateResponse (iso.std.iso_iec._24727.tech.schema.DIDAuthenticateResponse)1
DIDAuthenticationDataType (iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)1
InputUnitType (iso.std.iso_iec._24727.tech.schema.InputUnitType)1
PasswordAttributesType (iso.std.iso_iec._24727.tech.schema.PasswordAttributesType)1
