summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorclemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2010-01-05 12:03:17 +0000
committerclemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2010-01-05 12:03:17 +0000
commitf2b5589ccf26d1f1fdea7dffbe587d2c7d976603 (patch)
tree30855a61a0dbb4f2454a650f87bdfa0db7788e9f
parent3da4655d011dfc2f04f9e4ac28b38aee42d01bc0 (diff)
downloadmocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.tar.gz
mocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.tar.bz2
mocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.zip
do not allow pinmanagement on not activated cards
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@566 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
-rw-r--r--smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java15
-rw-r--r--smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java26
2 files changed, 26 insertions, 15 deletions
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java
index ad05352f..b876847f 100644
--- a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java
+++ b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java
@@ -637,12 +637,13 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu
throw new NotActivatedException();
} else if (resp.getSW() >> 4 == 0x63c) {
return 0x0f & resp.getSW();
- } else if (version > 1.2 && resp.getSW() == 0x6400) {
- log.warn("cannot query pin status prior to card activation");
- throw new NotActivatedException();
+ } else if (version >= 1.2 && resp.getSW() == 0x6400) {
+ String msg = "VERIFY failed, card not activated. SW=0x6400";
+ log.error(msg);
+ throw new SignatureCardException(msg);
} else {
String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW());
- log.info(msg);
+ log.error(msg);
throw new SignatureCardException(msg);
}
}
@@ -673,7 +674,7 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu
return 0x0f & resp.getSW();
} else {
String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW());
- log.info(msg);
+ log.error(msg);
throw new SignatureCardException(msg);
}
}
@@ -709,7 +710,7 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu
return -1;
} else {
String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW());
- log.info(msg);
+ log.error(msg);
throw new SignatureCardException(msg);
}
}
@@ -745,7 +746,7 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu
return 0x0f & resp.getSW();
} else {
String msg = "RESET RETRY COUNTER failed. SW=" + Integer.toHexString(resp.getSW());
- log.info(msg);
+ log.error(msg);
throw new SignatureCardException(msg);
}
}
diff --git a/smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java b/smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java
index 0d49afd0..3a431a92 100644
--- a/smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java
+++ b/smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java
@@ -39,6 +39,7 @@ import at.gv.egiz.smcc.PINSpec;
import at.gv.egiz.smcc.SignatureCardException;
import at.gv.egiz.smcc.TimeoutException;
import at.gv.egiz.smcc.PINMgmtSignatureCard.PIN_STATE;
+import at.gv.egiz.smcc.SignatureCard.KeyboxName;
import at.gv.egiz.stal.ErrorResponse;
import at.gv.egiz.stal.STALRequest;
import at.gv.egiz.stal.STALResponse;
@@ -67,15 +68,24 @@ public class PINManagementRequestHandler extends AbstractRequestHandler {
if (card instanceof PINMgmtSignatureCard) {
- // update all PIN states
- for (PINSpec pinSpec : ((PINMgmtSignatureCard) card).getPINSpecs()) {
- updatePINState(pinSpec, STATUS.UNKNOWN);
+ try {
+ // check if activated
+ card.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR);
+
+ // update all PIN states
+ for (PINSpec pinSpec : ((PINMgmtSignatureCard) card).getPINSpecs()) {
+ updatePINState(pinSpec, STATUS.UNKNOWN);
+ }
+
+ gui.showPINManagementDialog(pinStates, this, "activate_enterpin",
+ "change_enterpin", "unblock_enterpuk", "verify_enterpin", this,
+ "cancel");
+
+ } catch (NotActivatedException ex) {
+ log.error("pin management not allowed, card not activated");
+ gui.showErrorDialog(PINManagementGUIFacade.ERR_CARD_NOTACTIVATED,
+ null, this, "cancel");
}
-
- gui.showPINManagementDialog(pinStates, this, "activate_enterpin",
- "change_enterpin", "unblock_enterpuk", "verify_enterpin", this,
- "cancel");
-
} else {
// card does not support PIN management