use of org.openecard.mdlw.sal.exceptions.CryptokiException in project open-ecard by ecsec.
the class CIFCreator method createPinDID.
private DIDInfoType createPinDID() throws WSMarshallerException {
LOG.debug("Creating PinCompare DID object.");
DIDInfoType di = new DIDInfoType();
// create differential identity
DifferentialIdentityType did = new DifferentialIdentityType();
di.setDifferentialIdentity(did);
String didName = PIN_NAME;
did.setDIDName(didName);
did.setDIDProtocol("urn:oid:1.3.162.15480.3.0.9");
did.setDIDScope(DIDScopeType.GLOBAL);
// create pin compare marker
PinMarkerBuilder markerBuilder = new PinMarkerBuilder();
KeyRefType kr = new KeyRefType();
// value is irrelevant
kr.setKeyRef(new byte[] { 0x01 });
markerBuilder.setPinRef(kr);
try {
PasswordAttributesType pw = new PasswordAttributesType();
MwToken tok = session.getSlot().getTokenInfo();
long minPinLen = tok.getUlMinPinLen();
long maxPinLen = tok.getUlMinPinLen();
pw.setMinLength(BigInteger.valueOf(minPinLen));
pw.setMaxLength(BigInteger.valueOf(maxPinLen));
markerBuilder.setPwAttributes(pw);
} catch (CryptokiException | NullPointerException ex) {
LOG.warn("Unable to read min and max PIN length from middleware.");
}
// wrap pin compare marker and add to parent
PinCompareMarkerType marker = markerBuilder.build();
DIDMarkerType markerWrapper = new DIDMarkerType();
markerWrapper.setPinCompareMarker(marker);
did.setDIDMarker(markerWrapper);
// create acl
AccessControlListType acl = new AccessControlListType();
di.setDIDACL(acl);
List<AccessRuleType> rules = acl.getAccessRule();
rules.add(createRuleTrue(AuthorizationServiceActionName.ACL_LIST));
rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_LIST));
rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_GET));
rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_AUTHENTICATE));
return di;
}
use of org.openecard.mdlw.sal.exceptions.CryptokiException in project open-ecard by ecsec.
the class MwSession method getCertificates.
/**
* Returns all Certificates from the Token of the selected Session
*
* @return List of certificates.
* @throws CryptokiException
*/
public List<MwCertificate> getCertificates() throws CryptokiException {
NativeLongByReference temp = new NativeLongByReference(new NativeLong(CryptokiLibrary.CKO_CERTIFICATE, true));
CK_ATTRIBUTE pTemplate = new CK_ATTRIBUTE();
pTemplate.setType(CKA_CLASS);
pTemplate.setPValue(temp.getPointer());
pTemplate.setUlValueLen(new NativeLong(NativeLong.SIZE));
List<Long> res = findObjects(pTemplate);
List<MwCertificate> cerList = new ArrayList<>();
for (long l : res) {
try {
cerList.add(new MwCertificate(l, mw, this));
} catch (CryptokiException ex) {
LOG.warn("Skipping certificate due to error.", ex);
}
}
return cerList;
}
use of org.openecard.mdlw.sal.exceptions.CryptokiException in project open-ecard by ecsec.
the class MwSession method getData.
/**
* Returns all Data Objects from the Token of the selected Session
*
* @return List of data objects.
* @throws CryptokiException
*/
public List<MwData> getData() throws CryptokiException {
NativeLongByReference temp = new NativeLongByReference(new NativeLong(CryptokiLibrary.CKO_DATA, true));
CK_ATTRIBUTE pTemplate = new CK_ATTRIBUTE();
pTemplate.setType(CKA_CLASS);
pTemplate.setPValue(temp.getPointer());
pTemplate.setUlValueLen(new NativeLong(NativeLong.SIZE));
List<Long> res = findObjects(pTemplate);
List<MwData> dataList = new ArrayList<>();
for (long l : res) {
try {
dataList.add(new MwData(l, mw, this));
} catch (CryptokiException ex) {
LOG.warn("Skipping data object due to error.", ex);
}
}
return dataList;
}
use of org.openecard.mdlw.sal.exceptions.CryptokiException in project open-ecard by ecsec.
the class PinChangeStepAction method perform.
@Override
public StepActionResult perform(Map<String, ExecutionResults> oldResults, StepResult result) {
try {
if (pinStep.isCapturePuk()) {
if (pinStep.isProtectedAuthPath()) {
pinStep.getSession().loginExternal(UserType.Security_Officer);
pinStep.getSession().initPinExternal();
} else {
char[] puk = getPuk();
pinStep.getSession().login(UserType.Security_Officer, puk);
char[] newPin = getNewPin();
pinStep.getSession().initPin(newPin);
}
} else {
if (pinStep.isProtectedAuthPath()) {
// pinStep.getSession().loginExternal(UserType.User);
pinStep.getSession().changePinExternal();
} else {
char[] oldPin = getOldPin();
char[] newPin = getNewPin();
pinStep.getSession().changePin(oldPin, newPin);
}
}
pinStep.setPinChangeSuccessful();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (PinIncorrectException ex) {
if (LOG.isDebugEnabled()) {
LOG.debug("PIN incorrect.", ex);
} else {
LOG.info("PIN incorrect.");
}
pinStep.setLastTryFailed();
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex1) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (PinsDoNotMatchException ex) {
LOG.debug("Mismatching PINs entered.", ex);
try {
pinStep.setPinsDoNotMatch();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (PinBlockedException ex) {
// let the UI take care of producing a blocked error
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (AuthenticationException ex) {
LOG.error("Authentication error while entering the PIN.", ex);
try {
pinStep.setUnkownError();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (CryptokiException ex) {
LOG.error("Unknown error while entering the PIN.", ex);
try {
pinStep.setUnkownError();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
}
}
use of org.openecard.mdlw.sal.exceptions.CryptokiException in project open-ecard by ecsec.
the class PinEntryStepAction method perform.
@Override
public StepActionResult perform(Map<String, ExecutionResults> oldResults, StepResult result) {
try {
if (pinStep.isProtectedAuthPath()) {
pinStep.getSession().loginExternal(UserType.User);
} else {
char[] pPin = getPin();
pinStep.getSession().login(UserType.User, pPin);
}
pinStep.setPinAuthenticated();
return new StepActionResult(StepActionResultStatus.NEXT);
} catch (PinIncorrectException ex) {
if (LOG.isDebugEnabled()) {
LOG.debug("PIN incorrect.", ex);
} else {
LOG.info("PIN incorrect.");
}
pinStep.setLastTryFailed();
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex1) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (PinBlockedException ex) {
// let the UI take care of producing a blocked error
try {
pinStep.setPinBlocked();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (AuthenticationException ex) {
LOG.error("Authentication error while entering the PIN.", ex);
pinStep.setLastTryFailed();
pinStep.setUnkownError();
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex1) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (CryptokiException ex) {
LOG.error("Unkonw error while entering the PIN.", ex);
pinStep.setLastTryFailed();
pinStep.setUnkownError();
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex1) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
}
}
Aggregations