diff options
-rw-r--r-- | BKUAppletExt/keystore.ks | bin | 0 -> 5635 bytes | |||
-rw-r--r-- | BKUAppletExt/pom.xml | 97 | ||||
-rw-r--r-- | BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/ext/BKUAppletExt.java | 80 | ||||
-rw-r--r-- | BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/CardMgmtRequestHandler.java | 151 | ||||
-rw-r--r-- | BKUAppletExt/src/test/resources/appletTest.html | 34 |
5 files changed, 362 insertions, 0 deletions
diff --git a/BKUAppletExt/keystore.ks b/BKUAppletExt/keystore.ks Binary files differnew file mode 100644 index 00000000..824c3a40 --- /dev/null +++ b/BKUAppletExt/keystore.ks diff --git a/BKUAppletExt/pom.xml b/BKUAppletExt/pom.xml new file mode 100644 index 00000000..3ff88ed8 --- /dev/null +++ b/BKUAppletExt/pom.xml @@ -0,0 +1,97 @@ + +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <artifactId>bku</artifactId> + <groupId>at.gv.egiz</groupId> + <version>1.0.5-SNAPSHOT</version> + </parent> + <modelVersion>4.0.0</modelVersion> + <groupId>at.gv.egiz</groupId> + <artifactId>BKUAppletExt</artifactId> + <name>BKU Applet Extension</name> + <version>1.0.2-SNAPSHOT</version> + <description/> + <dependencies> + <dependency> + <groupId>at.gv.egiz</groupId> + <artifactId>STALExt</artifactId> + <version>1.0.2-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>at.gv.egiz</groupId> + <artifactId>STALXService</artifactId> + <version>1.0.2-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>at.gv.egiz</groupId> + <artifactId>smccSTAL</artifactId> + <version>1.0.5-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>at.gv.egiz</groupId> + <artifactId>BKUApplet</artifactId> + <version>1.0.5-SNAPSHOT</version> + </dependency> + </dependencies> + <build> + <plugins> + <plugin> + <artifactId>maven-jar-plugin</artifactId> + <executions> + <execution> + <goals> + <goal>sign</goal> + </goals> + </execution> + </executions> + <configuration> + <archive> + <addMavenDescriptor>false</addMavenDescriptor> + <index>false</index> + <manifest> + <addClasspath>false</addClasspath> + <addDefaultImplementationEntries>true</addDefaultImplementationEntries> + </manifest> + </archive> + <alias>test-applet signer</alias> + <keystore>./keystore.ks</keystore> + <storepass>storepass</storepass> + <keypass>keypass</keypass> + <verify>true</verify> + </configuration> + </plugin> + <plugin> + <artifactId>maven-dependency-plugin</artifactId> + <executions> + <execution> + <id>unpack</id> + <goals> + <goal>unpack-dependencies</goal> + </goals> + <configuration> + <includeGroupIds>at.gv.egiz</includeGroupIds> + <excludeTransitive>true</excludeTransitive> + <outputDirectory>${project.build.outputDirectory}</outputDirectory> + <excludes>META-INF\/</excludes> + </configuration> + </execution> + <execution> + <!-- appletviewer target/test-classes/appletTest.html + | commons-logging and iaik_jce_me4se are transitive dependencies + |--> + <id>copy_testapplet</id> + <goals> + <goal>copy-dependencies</goal> + </goals> + <configuration> + <outputDirectory>${project.build.directory}/test-classes</outputDirectory> + <includeGroupIds>commons-logging,iaik</includeGroupIds> + <includeArtifactIds>commons-logging,iaik_jce_me4se</includeArtifactIds> + <stripVersion>true</stripVersion> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> +</project>
\ No newline at end of file diff --git a/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/ext/BKUAppletExt.java b/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/ext/BKUAppletExt.java new file mode 100644 index 00000000..d9df5536 --- /dev/null +++ b/BKUAppletExt/src/main/java/at/gv/egiz/bku/online/applet/ext/BKUAppletExt.java @@ -0,0 +1,80 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * + */ +package at.gv.egiz.bku.online.applet.ext; + +import at.gv.egiz.stal.service.translator.STALTranslator; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.online.applet.BKUApplet; +import at.gv.egiz.bku.smccstal.AbstractBKUWorker; +import at.gv.egiz.bku.smccstal.ext.CardMgmtRequestHandler; +import at.gv.egiz.stal.ext.APDUScriptRequest; +import at.gv.egiz.stal.service.STALPortType; +import at.gv.egiz.stalx.service.STALService; +import at.gv.egiz.stalx.service.translator.STALXTranslationHandler; +import java.net.MalformedURLException; +import java.net.URL; +import javax.xml.namespace.QName; + +/** + * @author mcentner + */ +public class BKUAppletExt extends BKUApplet { + + private static final long serialVersionUID = 1L; + private static Log log = LogFactory.getLog(BKUAppletExt.class); + + @Override + public void init() { + super.init(); + if (worker instanceof AbstractBKUWorker) { + CardMgmtRequestHandler handler = new CardMgmtRequestHandler(); + ((AbstractBKUWorker) worker).addRequestHandler(APDUScriptRequest.class, handler); + log.debug("Registered CardMgmtRequestHandler"); + } else { + log.warn("Cannot register CardMgmtRequestHandler."); + } + } + + /** + * creates a STAL-X enabled webservice port + * @return + * @throws java.net.MalformedURLException + */ + @Override + protected STALPortType getSTALPort() throws MalformedURLException { + URL wsdlURL = getURLParameter(WSDL_URL, null); + log.debug("setting STAL WSDL: " + wsdlURL); + QName endpointName = new QName(STAL_WSDL_NS, STAL_SERVICE); + log.info("creating STAL-X enabled webservice port"); + STALService stal = new STALService(wsdlURL, endpointName); + return stal.getSTALPort(); + } + + @Override + protected STALTranslator getSTALTranslator() { + STALTranslator translator = super.getSTALTranslator(); + translator.registerTranslationHandler(new STALXTranslationHandler()); + return translator; + } + + +} diff --git a/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/CardMgmtRequestHandler.java b/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/CardMgmtRequestHandler.java new file mode 100644 index 00000000..f499de7e --- /dev/null +++ b/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/CardMgmtRequestHandler.java @@ -0,0 +1,151 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +/** + * + */ +package at.gv.egiz.bku.smccstal.ext; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import javax.smartcardio.Card; +import javax.smartcardio.CardChannel; +import javax.smartcardio.CardException; +import javax.smartcardio.CommandAPDU; +import javax.smartcardio.ResponseAPDU; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.smccstal.AbstractRequestHandler; +import at.gv.egiz.smcc.SignatureCardException; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.ext.APDUScriptRequest; +import at.gv.egiz.stal.ext.APDUScriptResponse; +import at.gv.egiz.stal.ext.APDUScriptRequest.Command; +import at.gv.egiz.stal.ext.APDUScriptRequest.RequestScriptElement; +import at.gv.egiz.stal.ext.APDUScriptRequest.Reset; +import at.gv.egiz.stal.ext.APDUScriptResponse.Response; +import at.gv.egiz.stal.ext.APDUScriptResponse.ATR; +import at.gv.egiz.stal.ext.APDUScriptResponse.ResponseScriptElement; + +/** + * @author mcentner + * + */ +public class CardMgmtRequestHandler extends AbstractRequestHandler { + + /** + * Logging facility. + */ + private static Log log = LogFactory.getLog(CardMgmtRequestHandler.class); + + /** + * The sequence counter. + */ + private int sequenceNum = 0; + + @Override + public STALResponse handleRequest(STALRequest request) + throws InterruptedException { + + // APDU Script Request + if (request instanceof APDUScriptRequest) { + + gui.showWaitDialog("CardChannel"); + + Card icc = card.getCard(); + + if (icc == null) { + log.error("SignatureCard instance '" + card.getClass().getName() + "' does not support card management requests."); + return new ErrorResponse(1000); + } + + List<RequestScriptElement> script = ((APDUScriptRequest) request).getScript(); + ArrayList<ResponseScriptElement> responses = new ArrayList<ResponseScriptElement>(script.size()); + + try { + icc.beginExclusive(); + + for (RequestScriptElement scriptElement : script) { + if (scriptElement instanceof Command) { + Command command = (Command) scriptElement; + CommandAPDU commandAPDU = new CommandAPDU(command.getCommandAPDU()); + + CardChannel channel = icc.getBasicChannel(); + + sequenceNum = command.getSequence(); + log.debug("Transmit " + sequenceNum + " " + commandAPDU.toString()); + ResponseAPDU responseAPDU = channel.transmit(commandAPDU); + log.debug("" + responseAPDU); + + byte[] sw = new byte[] { + (byte) (0xFF & responseAPDU.getSW1()), + (byte) (0xFF & responseAPDU.getSW2()) }; + + responses.add(new Response(sequenceNum, responseAPDU.getData(), sw, 0)); + + if (command.getExpectedSW() != null && + !Arrays.equals(sw, command.getExpectedSW())) { + // unexpected SW + log.info("Got unexpected SW. APDU-script execution stopped."); + break; + } + + } else if (scriptElement instanceof Reset) { + + sequenceNum = 0; + card.reset(); + responses.add(new ATR(icc.getATR().getBytes())); + + } + + } + + } catch (CardException e) { + log.info("Failed to execute APDU script.", e); + responses.add(new Response(sequenceNum, null, null, Response.RC_UNSPECIFIED)); + } catch (SignatureCardException e) { + log.info("Failed to reset smart card.", e); + responses.add(new Response(sequenceNum, null, null, Response.RC_UNSPECIFIED)); + } finally { + try { + icc.endExclusive(); + } catch (CardException e) { + log.info(e); + } + } + + gui.showWaitDialog("wait for server..."); + return new APDUScriptResponse(responses); + + } else { + log.error("Got unexpected STAL request: " + request); + return new ErrorResponse(1000); + } + + } + + @Override + public boolean requireCard() { + return true; + } + +} diff --git a/BKUAppletExt/src/test/resources/appletTest.html b/BKUAppletExt/src/test/resources/appletTest.html new file mode 100644 index 00000000..f7a47d0a --- /dev/null +++ b/BKUAppletExt/src/test/resources/appletTest.html @@ -0,0 +1,34 @@ +<!-- + Copyright 2008 Federal Chancellery Austria and + Graz University of Technology + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<html> + <body> + <center> + <applet code="at.gv.egiz.bku.online.applet.ext.BKUAppletExt.class" + archive="../BKUAppletExt-1.0.2-SNAPSHOT.jar, commons-logging.jar , iaik_jce_me4se.jar" + width=152 height=145> + <param name="GuiStyle" value="activation"/> + <param name="Locale" value="ja_JA"/> + <!--param name="Background" value="jar:file:/home/clemens/workspace/mocca/BKUApplet/target/BKUApplet-1.0-SNAPSHOT.jar!/images/help.png"/--> + <!--param name="Background" value="http://localhost:3495/img/BackgroundChipperling.png"/--> + <param name="WSDL_URL" value="https://danu.gv.at:3496/stal?wsdl"/> + <param name="HelpURL" value="http://apps.egiz.gv.at/bkuonline/help/"/> + <param name="SessionId" value="TestSession"/> + <param name="RedirectURL" value="http://localhost:3495/bkuResult"/> + </applet> + </center> + </body> +</html>
\ No newline at end of file |