Search in sources :

Example 1 with ExecutePACEResponse

use of org.openecard.ifd.scio.reader.ExecutePACEResponse in project open-ecard by ecsec.

the class IFD method destroyChannel.

@Override
public DestroyChannelResponse destroyChannel(DestroyChannel parameters) {
    try {
        DestroyChannelResponse destroyChannelResponse = new DestroyChannelResponse();
        byte[] slotHandle = parameters.getSlotHandle();
        SingleThreadChannel channel = cm.getSlaveChannel(slotHandle);
        TerminalInfo termInfo = new TerminalInfo(cm, channel);
        // check if it is PACE and try to perform native implementation
        // get pace capabilities
        List<PACECapabilities.PACECapability> paceCapabilities = termInfo.getPACECapabilities();
        if (paceCapabilities.contains(PACECapabilities.PACECapability.DestroyPACEChannel)) {
            ExecutePACERequest execPaceReq = new ExecutePACERequest(ExecutePACERequest.Function.DestroyPACEChannel);
            byte[] reqData = execPaceReq.toBytes();
            LOG.debug("executeCtrlCode request: {}", ByteUtils.toHexString(reqData));
            // execute pace
            Map<Integer, Integer> features = termInfo.getFeatureCodes();
            byte[] resData = channel.transmitControlCommand(features.get(PCSCFeatures.EXECUTE_PACE), reqData);
            LOG.debug("Response of executeCtrlCode: {}", ByteUtils.toHexString(resData));
            // evaluate response
            ExecutePACEResponse execPaceRes = new ExecutePACEResponse(resData);
            if (execPaceRes.isError()) {
                destroyChannelResponse = WSHelper.makeResponse(DestroyChannelResponse.class, execPaceRes.getResult());
            }
        }
        channel.removeSecureMessaging();
        if (destroyChannelResponse.getResult() == null) {
            Result r = new Result();
            r.setResultMajor(ECardConstants.Major.OK);
            destroyChannelResponse.setResult(r);
        }
        return destroyChannelResponse;
    } catch (Throwable t) {
        return WSHelper.makeResponse(DestroyChannelResponse.class, WSHelper.makeResult(t));
    }
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) BigInteger(java.math.BigInteger) SingleThreadChannel(org.openecard.ifd.scio.wrapper.SingleThreadChannel) TerminalInfo(org.openecard.ifd.scio.wrapper.TerminalInfo) ExecutePACEResponse(org.openecard.ifd.scio.reader.ExecutePACEResponse) ExecutePACERequest(org.openecard.ifd.scio.reader.ExecutePACERequest) DestroyChannelResponse(iso.std.iso_iec._24727.tech.schema.DestroyChannelResponse) Result(oasis.names.tc.dss._1_0.core.schema.Result)

Example 2 with ExecutePACEResponse

use of org.openecard.ifd.scio.reader.ExecutePACEResponse in project open-ecard by ecsec.

the class TerminalInfo method getPACECapabilities.

public List<PACECapabilities.PACECapability> getPACECapabilities() throws SCIOException {
    List<PACECapabilities.PACECapability> result = new LinkedList<>();
    if (PACECapabilities == null) {
        if (isConnected()) {
            if (supportsPace()) {
                int ctrlCode = getPaceCtrlCode();
                ExecutePACERequest.Function paceFunc = ExecutePACERequest.Function.GetReaderPACECapabilities;
                byte[] getCapabilityRequest = new ExecutePACERequest(paceFunc).toBytes();
                byte[] response = channel.transmitControlCommand(ctrlCode, getCapabilityRequest);
                ExecutePACEResponse paceResponse = new ExecutePACEResponse(response);
                if (paceResponse.isError()) {
                    String msg = "PACE is advertised but the result iss errornous.\n";
                    msg += paceResponse.getResult().getResultMessage().getValue();
                    throw new SCIOException(msg, SCIOErrorCode.SCARD_F_UNKNOWN_ERROR);
                }
                PACECapabilities cap = new PACECapabilities(paceResponse.getData());
                PACECapabilities = cap.getFeaturesEnum();
                result.addAll(PACECapabilities);
            }
        }
    } else {
        result.addAll(PACECapabilities);
    }
    return Collections.unmodifiableList(result);
}
Also used : PACECapabilities(org.openecard.common.ifd.PACECapabilities) SCIOException(org.openecard.common.ifd.scio.SCIOException) ExecutePACEResponse(org.openecard.ifd.scio.reader.ExecutePACEResponse) ExecutePACERequest(org.openecard.ifd.scio.reader.ExecutePACERequest) LinkedList(java.util.LinkedList)

Example 3 with ExecutePACEResponse

use of org.openecard.ifd.scio.reader.ExecutePACEResponse in project open-ecard by ecsec.

the class IFD method establishChannel.

@Override
public EstablishChannelResponse establishChannel(EstablishChannel parameters) {
    byte[] slotHandle = parameters.getSlotHandle();
    try {
        SingleThreadChannel channel = cm.getSlaveChannel(slotHandle);
        TerminalInfo termInfo = new TerminalInfo(cm, channel);
        DIDAuthenticationDataType protoParam = parameters.getAuthenticationProtocolData();
        String protocol = protoParam.getProtocol();
        // check if it is PACE and try to perform native implementation
        // get pace capabilities
        List<PACECapabilities.PACECapability> paceCapabilities = termInfo.getPACECapabilities();
        List<String> supportedProtos = TerminalInfo.buildPACEProtocolList(paceCapabilities);
        // i don't care which type is supported, i try it anyways
        if (!supportedProtos.isEmpty() && supportedProtos.get(0).startsWith(protocol)) {
            // yeah, PACE seems to be supported by the reader, big win
            PACEInputType paceParam = new PACEInputType(protoParam);
            // extract variables needed for pace
            byte pinID = paceParam.getPINID();
            // optional elements
            byte[] chat = paceParam.getCHAT();
            String pin = paceParam.getPIN();
            byte[] certDesc = paceParam.getCertificateDescription();
            // prepare pace data structures
            // TODO: add supplied PIN
            EstablishPACERequest estPaceReq = new EstablishPACERequest(pinID, chat, null, certDesc);
            ExecutePACERequest execPaceReq = new ExecutePACERequest(ExecutePACERequest.Function.EstablishPACEChannel, estPaceReq.toBytes());
            // TODO: check if this additional check is really necessary
            if (estPaceReq.isSupportedType(paceCapabilities)) {
                byte[] reqData = execPaceReq.toBytes();
                LOG.debug("executeCtrlCode request: {}", ByteUtils.toHexString(reqData));
                // execute pace
                Map<Integer, Integer> features = termInfo.getFeatureCodes();
                byte[] resData = channel.transmitControlCommand(features.get(PCSCFeatures.EXECUTE_PACE), reqData);
                LOG.debug("Response of executeCtrlCode: {}", ByteUtils.toHexString(resData));
                // evaluate response
                ExecutePACEResponse execPaceRes = new ExecutePACEResponse(resData);
                if (execPaceRes.isError()) {
                    return WSHelper.makeResponse(EstablishChannelResponse.class, execPaceRes.getResult());
                }
                EstablishPACEResponse estPaceRes = new EstablishPACEResponse(execPaceRes.getData());
                // get values and prepare response
                PACEOutputType authDataResponse = paceParam.getOutputType();
                // mandatory fields
                authDataResponse.setRetryCounter(estPaceRes.getRetryCounter());
                authDataResponse.setEFCardAccess(estPaceRes.getEFCardAccess());
                // optional fields
                if (estPaceRes.hasCurrentCAR()) {
                    authDataResponse.setCurrentCAR(estPaceRes.getCurrentCAR());
                }
                if (estPaceRes.hasPreviousCAR()) {
                    authDataResponse.setPreviousCAR(estPaceRes.getPreviousCAR());
                }
                if (estPaceRes.hasIDICC()) {
                    authDataResponse.setIDPICC(estPaceRes.getIDICC());
                }
                // create response type and return
                EstablishChannelResponse response = WSHelper.makeResponse(EstablishChannelResponse.class, WSHelper.makeResultOK());
                response.setAuthenticationProtocolData(authDataResponse.getAuthDataType());
                return response;
            }
        }
        // check out available software protocols
        if (this.protocolFactories.contains(protocol)) {
            ProtocolFactory factory = this.protocolFactories.get(protocol);
            Protocol protoImpl = factory.createInstance();
            EstablishChannelResponse response = protoImpl.establish(parameters, env.getDispatcher(), this.gui);
            // register protocol instance for secure messaging when protocol was processed successful
            if (response.getResult().getResultMajor().equals(ECardConstants.Major.OK)) {
                channel.addSecureMessaging(protoImpl);
            }
            return response;
        }
        // if this point is reached a native implementation is not present, try registered protocols
        Result r = WSHelper.makeResultUnknownError("No such protocol available in this IFD.");
        return WSHelper.makeResponse(EstablishChannelResponse.class, r);
    } catch (Throwable t) {
        return WSHelper.makeResponse(EstablishChannelResponse.class, WSHelper.makeResult(t));
    }
}
Also used : SingleThreadChannel(org.openecard.ifd.scio.wrapper.SingleThreadChannel) EstablishPACERequest(org.openecard.ifd.scio.reader.EstablishPACERequest) EstablishChannelResponse(iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse) DIDAuthenticationDataType(iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType) EstablishPACEResponse(org.openecard.ifd.scio.reader.EstablishPACEResponse) TerminalInfo(org.openecard.ifd.scio.wrapper.TerminalInfo) ExecutePACEResponse(org.openecard.ifd.scio.reader.ExecutePACEResponse) ExecutePACERequest(org.openecard.ifd.scio.reader.ExecutePACERequest) Result(oasis.names.tc.dss._1_0.core.schema.Result) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) BigInteger(java.math.BigInteger) ProtocolFactory(org.openecard.common.ifd.ProtocolFactory) PACEInputType(org.openecard.common.ifd.anytype.PACEInputType) PACEOutputType(org.openecard.common.ifd.anytype.PACEOutputType) Protocol(org.openecard.common.ifd.Protocol)

Aggregations

ExecutePACERequest (org.openecard.ifd.scio.reader.ExecutePACERequest)3 ExecutePACEResponse (org.openecard.ifd.scio.reader.ExecutePACEResponse)3 BigInteger (java.math.BigInteger)2 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)2 Result (oasis.names.tc.dss._1_0.core.schema.Result)2 SingleThreadChannel (org.openecard.ifd.scio.wrapper.SingleThreadChannel)2 TerminalInfo (org.openecard.ifd.scio.wrapper.TerminalInfo)2 DIDAuthenticationDataType (iso.std.iso_iec._24727.tech.schema.DIDAuthenticationDataType)1 DestroyChannelResponse (iso.std.iso_iec._24727.tech.schema.DestroyChannelResponse)1 EstablishChannelResponse (iso.std.iso_iec._24727.tech.schema.EstablishChannelResponse)1 LinkedList (java.util.LinkedList)1 PACECapabilities (org.openecard.common.ifd.PACECapabilities)1 Protocol (org.openecard.common.ifd.Protocol)1 ProtocolFactory (org.openecard.common.ifd.ProtocolFactory)1 PACEInputType (org.openecard.common.ifd.anytype.PACEInputType)1 PACEOutputType (org.openecard.common.ifd.anytype.PACEOutputType)1 SCIOException (org.openecard.common.ifd.scio.SCIOException)1 EstablishPACERequest (org.openecard.ifd.scio.reader.EstablishPACERequest)1 EstablishPACEResponse (org.openecard.ifd.scio.reader.EstablishPACEResponse)1