do not allow pinmanagement on not activated cards

git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@566 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
author: clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> 2010-01-05 12:03:17 +0000
committer: clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> 2010-01-05 12:03:17 +0000
commit: f2b5589ccf26d1f1fdea7dffbe587d2c7d976603 (patch)
tree: 30855a61a0dbb4f2454a650f87bdfa0db7788e9f
parent: 3da4655d011dfc2f04f9e4ac28b38aee42d01bc0 (diff)
download: mocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.tar.gz
mocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.tar.bz2
mocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.zip
2 files changed, 26 insertions, 15 deletions
diff --git a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java
index ad05352f..b876847f 100644
--- a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java
+++ b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java
@@ -637,12 +637,13 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu
       throw new NotActivatedException();
     } else if (resp.getSW() >> 4 == 0x63c) {
       return 0x0f & resp.getSW();
-    } else if (version > 1.2 && resp.getSW() == 0x6400) {
-      log.warn("cannot query pin status prior to card activation");
-      throw new NotActivatedException();
+    } else if (version >= 1.2 && resp.getSW() == 0x6400) {
+      String msg = "VERIFY failed, card not activated. SW=0x6400";
+      log.error(msg);
+      throw new SignatureCardException(msg);
     } else {
       String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW()); 
-      log.info(msg);
+      log.error(msg);
       throw new SignatureCardException(msg);
     }
   }
@@ -673,7 +674,7 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu
       return 0x0f & resp.getSW();
     } else {
       String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW()); 
-      log.info(msg);
+      log.error(msg);
       throw new SignatureCardException(msg);
     }
   }
@@ -709,7 +710,7 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu
       return -1;
     } else {
       String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW());
-      log.info(msg);
+      log.error(msg);
       throw new SignatureCardException(msg);
     }
   }
@@ -745,7 +746,7 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu
       return 0x0f & resp.getSW();
     } else {
       String msg = "RESET RETRY COUNTER failed. SW=" + Integer.toHexString(resp.getSW());
-      log.info(msg);
+      log.error(msg);
       throw new SignatureCardException(msg);
     }
   }
diff --git a/smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java b/smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java
index 0d49afd0..3a431a92 100644
--- a/smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java
+++ b/smccSTALExt/src/main/java/at/gv/egiz/bku/smccstal/PINManagementRequestHandler.java
@@ -39,6 +39,7 @@ import at.gv.egiz.smcc.PINSpec;
 import at.gv.egiz.smcc.SignatureCardException;
 import at.gv.egiz.smcc.TimeoutException;
 import at.gv.egiz.smcc.PINMgmtSignatureCard.PIN_STATE;
+import at.gv.egiz.smcc.SignatureCard.KeyboxName;
 import at.gv.egiz.stal.ErrorResponse;
 import at.gv.egiz.stal.STALRequest;
 import at.gv.egiz.stal.STALResponse;
@@ -67,15 +68,24 @@ public class PINManagementRequestHandler extends AbstractRequestHandler {
 
       if (card instanceof PINMgmtSignatureCard) {
 
-        // update all PIN states
-        for (PINSpec pinSpec : ((PINMgmtSignatureCard) card).getPINSpecs()) {
-          updatePINState(pinSpec, STATUS.UNKNOWN);
+        try {
+          // check if activated
+          card.getCertificate(KeyboxName.SECURE_SIGNATURE_KEYPAIR);
+
+          // update all PIN states
+          for (PINSpec pinSpec : ((PINMgmtSignatureCard) card).getPINSpecs()) {
+            updatePINState(pinSpec, STATUS.UNKNOWN);
+          }
+
+          gui.showPINManagementDialog(pinStates, this, "activate_enterpin",
+                "change_enterpin", "unblock_enterpuk", "verify_enterpin", this,
+                "cancel");
+
+        } catch (NotActivatedException ex) {
+          log.error("pin management not allowed, card not activated");
+          gui.showErrorDialog(PINManagementGUIFacade.ERR_CARD_NOTACTIVATED,
+              null, this, "cancel");
         }
-        
-        gui.showPINManagementDialog(pinStates, this, "activate_enterpin",
-              "change_enterpin", "unblock_enterpuk", "verify_enterpin", this,
-              "cancel");
-        
       } else {
         
         // card does not support PIN management
author	clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>	2010-01-05 12:03:17 +0000
committer	clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>	2010-01-05 12:03:17 +0000
commit	f2b5589ccf26d1f1fdea7dffbe587d2c7d976603 (patch)
tree	30855a61a0dbb4f2454a650f87bdfa0db7788e9f
parent	3da4655d011dfc2f04f9e4ac28b38aee42d01bc0 (diff)
download	mocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.tar.gz mocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.tar.bz2 mocca-f2b5589ccf26d1f1fdea7dffbe587d2c7d976603.zip