Examples with CertificateInfoType - org.openecard.ws.chipgateway.CertificateInfoType

Example 1 with CertificateInfoType

use of org.openecard.ws.chipgateway.CertificateInfoType in project open-ecard by ecsec.

the class ListCertificates method getCertificates.

public List<CertificateInfoType> getCertificates() throws WSHelper.WSException, NoSuchDid, CertificateException, CertificateEncodingException, SecurityConditionUnsatisfiable, ParameterInvalid, SlotHandleInvalid {
    try {
        ArrayList<CertificateInfoType> result = new ArrayList<>();
        // get crypto dids
        DidInfos didInfos = tokenCache.getInfo(pin, handle);
        List<DidInfo> cryptoDids = didInfos.getCryptoDidInfos();
        // get certificates for each crypto did
        for (DidInfo nextDid : cryptoDids) {
            LOG.debug("Reading certificates from DID={}.", nextDid.getDidName());
            List<X509Certificate> certChain = getCertChain(nextDid);
            if (!certChain.isEmpty() && matchesFilter(certChain)) {
                AlgorithmInfoType algInfo = nextDid.getGenericCryptoMarker().getAlgorithmInfo();
                try {
                    String jcaAlg = convertAlgInfo(algInfo);
                    X509Certificate cert = certChain.get(0);
                    CertificateInfoType certInfo = new CertificateInfoType();
                    for (X509Certificate nextCert : certChain) {
                        certInfo.getCertificate().add(nextCert.getEncoded());
                    }
                    certInfo.setUniqueSSN(getUniqueIdentifier(cert));
                    certInfo.setAlgorithm(jcaAlg);
                    certInfo.setDIDName(nextDid.getDidName());
                    result.add(certInfo);
                } catch (UnsupportedAlgorithmException ex) {
                    // ignore this DID
                    String algId = algInfo.getAlgorithmIdentifier().getAlgorithm();
                    LOG.warn("Ignoring DID with unsupported algorithm ({}).", algId);
                }
            }
        }
        return result;
    } catch (WSHelper.WSException ex) {
        String minor = StringUtils.nullToEmpty(ex.getResultMinor());
        switch(minor) {
            case ECardConstants.Minor.App.INCORRECT_PARM:
                throw new ParameterInvalid(ex.getMessage(), ex);
            case ECardConstants.Minor.IFD.INVALID_SLOT_HANDLE:
                throw new SlotHandleInvalid(ex.getMessage(), ex);
            case ECardConstants.Minor.SAL.SECURITY_CONDITION_NOT_SATISFIED:
                throw new SecurityConditionUnsatisfiable(ex.getMessage(), ex);
            case ECardConstants.Minor.IFD.CANCELLATION_BY_USER:
            case ECardConstants.Minor.SAL.CANCELLATION_BY_USER:
                throw new ThreadTerminateException("Certificate retrieval interrupted.", ex);
            default:
                throw ex;
        }
    } catch (InvocationTargetExceptionUnchecked ex) {
        if (ex.getCause() instanceof InterruptedException || ex.getCause() instanceof ThreadTerminateException) {
            String msg = "Certificate retrieval interrupted.";
            LOG.debug(msg, ex);
            throw new ThreadTerminateException(msg);
        } else {
            String msg = ex.getCause().getMessage();
            throw WSHelper.createException(WSHelper.makeResultError(ECardConstants.Minor.App.INT_ERROR, msg));
        }
    } finally {
        tokenCache.clearPins();
    }
}

Also used : WSHelper(org.openecard.common.WSHelper) InvocationTargetExceptionUnchecked(org.openecard.common.interfaces.InvocationTargetExceptionUnchecked) ArrayList(java.util.ArrayList) SecurityConditionUnsatisfiable(org.openecard.common.SecurityConditionUnsatisfiable) CertificateInfoType(org.openecard.ws.chipgateway.CertificateInfoType) SlotHandleInvalid(org.openecard.addons.cg.ex.SlotHandleInvalid) ASN1String(org.openecard.bouncycastle.asn1.ASN1String) ASN1OctetString(org.openecard.bouncycastle.asn1.ASN1OctetString) X509Certificate(java.security.cert.X509Certificate) DidInfo(org.openecard.crypto.common.sal.did.DidInfo) AlgorithmInfoType(iso.std.iso_iec._24727.tech.schema.AlgorithmInfoType) UnsupportedAlgorithmException(org.openecard.crypto.common.UnsupportedAlgorithmException) ParameterInvalid(org.openecard.addons.cg.ex.ParameterInvalid) ThreadTerminateException(org.openecard.common.ThreadTerminateException) DidInfos(org.openecard.crypto.common.sal.did.DidInfos)

Aggregations

AlgorithmInfoType (iso.std.iso_iec._24727.tech.schema.AlgorithmInfoType)1 X509Certificate (java.security.cert.X509Certificate)1 ArrayList (java.util.ArrayList)1 ParameterInvalid (org.openecard.addons.cg.ex.ParameterInvalid)1 SlotHandleInvalid (org.openecard.addons.cg.ex.SlotHandleInvalid)1 ASN1OctetString (org.openecard.bouncycastle.asn1.ASN1OctetString)1 ASN1String (org.openecard.bouncycastle.asn1.ASN1String)1 SecurityConditionUnsatisfiable (org.openecard.common.SecurityConditionUnsatisfiable)1 ThreadTerminateException (org.openecard.common.ThreadTerminateException)1 WSHelper (org.openecard.common.WSHelper)1 InvocationTargetExceptionUnchecked (org.openecard.common.interfaces.InvocationTargetExceptionUnchecked)1 UnsupportedAlgorithmException (org.openecard.crypto.common.UnsupportedAlgorithmException)1 DidInfo (org.openecard.crypto.common.sal.did.DidInfo)1 DidInfos (org.openecard.crypto.common.sal.did.DidInfos)1 CertificateInfoType (org.openecard.ws.chipgateway.CertificateInfoType)1