use of org.openecard.mdlw.sal.exceptions.PinBlockedException in project open-ecard by ecsec.
the class PinChangeStepAction method perform.
@Override
public StepActionResult perform(Map<String, ExecutionResults> oldResults, StepResult result) {
try {
if (pinStep.isCapturePuk()) {
if (pinStep.isProtectedAuthPath()) {
pinStep.getSession().loginExternal(UserType.Security_Officer);
pinStep.getSession().initPinExternal();
} else {
char[] puk = getPuk();
pinStep.getSession().login(UserType.Security_Officer, puk);
char[] newPin = getNewPin();
pinStep.getSession().initPin(newPin);
}
} else {
if (pinStep.isProtectedAuthPath()) {
// pinStep.getSession().loginExternal(UserType.User);
pinStep.getSession().changePinExternal();
} else {
char[] oldPin = getOldPin();
char[] newPin = getNewPin();
pinStep.getSession().changePin(oldPin, newPin);
}
}
pinStep.setPinChangeSuccessful();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (PinIncorrectException ex) {
if (LOG.isDebugEnabled()) {
LOG.debug("PIN incorrect.", ex);
} else {
LOG.info("PIN incorrect.");
}
pinStep.setLastTryFailed();
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex1) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (PinsDoNotMatchException ex) {
LOG.debug("Mismatching PINs entered.", ex);
try {
pinStep.setPinsDoNotMatch();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (PinBlockedException ex) {
// let the UI take care of producing a blocked error
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (AuthenticationException ex) {
LOG.error("Authentication error while entering the PIN.", ex);
try {
pinStep.setUnkownError();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (CryptokiException ex) {
LOG.error("Unknown error while entering the PIN.", ex);
try {
pinStep.setUnkownError();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
}
}
use of org.openecard.mdlw.sal.exceptions.PinBlockedException in project open-ecard by ecsec.
the class PinEntryStepAction method perform.
@Override
public StepActionResult perform(Map<String, ExecutionResults> oldResults, StepResult result) {
try {
if (pinStep.isProtectedAuthPath()) {
pinStep.getSession().loginExternal(UserType.User);
} else {
char[] pPin = getPin();
pinStep.getSession().login(UserType.User, pPin);
}
pinStep.setPinAuthenticated();
return new StepActionResult(StepActionResultStatus.NEXT);
} catch (PinIncorrectException ex) {
if (LOG.isDebugEnabled()) {
LOG.debug("PIN incorrect.", ex);
} else {
LOG.info("PIN incorrect.");
}
pinStep.setLastTryFailed();
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex1) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (PinBlockedException ex) {
// let the UI take care of producing a blocked error
try {
pinStep.setPinBlocked();
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex2) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (AuthenticationException ex) {
LOG.error("Authentication error while entering the PIN.", ex);
pinStep.setLastTryFailed();
pinStep.setUnkownError();
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex1) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
} catch (CryptokiException ex) {
LOG.error("Unkonw error while entering the PIN.", ex);
pinStep.setLastTryFailed();
pinStep.setUnkownError();
try {
pinStep.updateState();
return new StepActionResult(StepActionResultStatus.REPEAT);
} catch (CryptokiException ex1) {
// I suspect user removed card
return new StepActionResult(StepActionResultStatus.CANCEL);
}
}
}
use of org.openecard.mdlw.sal.exceptions.PinBlockedException in project open-ecard by ecsec.
the class MiddlewareSAL method didAuthenticate.
@Override
public DIDAuthenticateResponse didAuthenticate(DIDAuthenticate request) {
DIDAuthenticateResponse response = WSHelper.makeResponse(DIDAuthenticateResponse.class, WSHelper.makeResultOK());
try {
ConnectionHandleType connectionHandle = SALUtils.getConnectionHandle(request);
CardStateEntry cardStateEntry = SALUtils.getCardStateEntry(states, connectionHandle, false);
connectionHandle = cardStateEntry.handleCopy();
byte[] application = cardStateEntry.getImplicitlySelectedApplicationIdentifier();
byte[] slotHandle = connectionHandle.getSlotHandle();
DIDAuthenticationDataType didAuthenticationData = request.getAuthenticationProtocolData();
Assert.assertIncorrectParameter(didAuthenticationData, "The parameter AuthenticationProtocolData is empty.");
String didName = SALUtils.getDIDName(request);
DIDStructureType didStruct = cardStateEntry.getDIDStructure(didName, application);
if (didStruct == null) {
String msg = String.format("DID %s does not exist.", didName);
throw new NamedEntityNotFoundException(msg);
}
PINCompareMarkerType pinCompareMarker = new PINCompareMarkerType(didStruct.getDIDMarker());
String protocolURI = didAuthenticationData.getProtocol();
if (!"urn:oid:1.3.162.15480.3.0.9".equals(protocolURI)) {
String msg = String.format("Protocol %s is not supported by this SAL.", protocolURI);
throw new UnknownProtocolException(msg);
}
PINCompareDIDAuthenticateInputType pinCompareInput = new PINCompareDIDAuthenticateInputType(didAuthenticationData);
PINCompareDIDAuthenticateOutputType pinCompareOutput = pinCompareInput.getOutputType();
// extract pin value from auth data
char[] pinValue = pinCompareInput.getPIN();
pinCompareInput.setPIN(null);
MwSession session = managedSessions.get(slotHandle);
boolean protectedAuthPath = connectionHandle.getSlotInfo().isProtectedAuthPath();
boolean pinAuthenticated;
boolean pinBlocked = false;
if (!(pinValue == null || pinValue.length == 0) && !protectedAuthPath) {
// we don't need a GUI if the PIN is known
try {
session.login(UserType.User, pinValue);
} finally {
Arrays.fill(pinValue, ' ');
}
pinAuthenticated = true;
// TODO: display error GUI if the PIN entry failed
} else {
// omit GUI when Middleware has its own PIN dialog for class 2 readers
if (protectedAuthPath && builtinPinDialog) {
session.loginExternal(UserType.User);
pinAuthenticated = true;
} else {
PinEntryDialog dialog = new PinEntryDialog(gui, protectedAuthPath, pinCompareMarker, session);
dialog.show();
pinAuthenticated = dialog.isPinAuthenticated();
pinBlocked = dialog.isPinBlocked();
}
}
if (pinAuthenticated) {
cardStateEntry.addAuthenticated(didName, application);
} else if (pinBlocked) {
String msg = "PIN is blocked.";
Result r = WSHelper.makeResultError(ECardConstants.Minor.IFD.PASSWORD_BLOCKED, msg);
response.setResult(r);
} else {
String msg = "Failed to enter PIN.";
Result r = WSHelper.makeResultError(ECardConstants.Minor.SAL.CANCELLATION_BY_USER, msg);
response.setResult(r);
}
// create did authenticate response
response.setAuthenticationProtocolData(pinCompareOutput.getAuthDataType());
} catch (PinBlockedException ex) {
// TODO: set retry counter
String minor = ECardConstants.Minor.IFD.PASSWORD_BLOCKED;
Result r = WSHelper.makeResultError(minor, ex.getMessage());
response.setResult(r);
} catch (PinIncorrectException ex) {
// TODO: set retry counter
String minor = ECardConstants.Minor.SAL.SECURITY_CONDITION_NOT_SATISFIED;
Result r = WSHelper.makeResultError(minor, ex.getMessage());
response.setResult(r);
} catch (ECardException e) {
response.setResult(e.getResult());
} catch (Exception e) {
LOG.error(e.getMessage(), e);
throwThreadKillException(e);
response.setResult(WSHelper.makeResult(e));
}
return response;
}
Aggregations