diff options
Diffstat (limited to 'BKUAppletExt/src/main/java/at/gv')
-rw-r--r-- | BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java | 4 | ||||
-rw-r--r-- | BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java | 170 |
2 files changed, 21 insertions, 153 deletions
diff --git a/BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java b/BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java index ffdc230d..6b083e16 100644 --- a/BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java +++ b/BKUAppletExt/src/main/java/at/gv/egiz/bku/gui/PINManagementGUIFacade.java @@ -32,6 +32,10 @@ public interface PINManagementGUIFacade extends BKUGUIFacade { public static final String TITLE_ACTIVATE_PIN = "title.activate.pin"; public static final String TITLE_CHANGE_PIN = "title.change.pin"; public static final String TITLE_UNBLOCK_PIN = "title.unblock.pin"; + public static final String TITLE_ACTIVATE_SUCCESS = "title.activate.success"; + public static final String TITLE_CHANGE_SUCCESS = "title.change.success"; + public static final String MESSAGE_ACTIVATE_SUCCESS = "message.activate.success"; + public static final String MESSAGE_CHANGE_SUCCESS = "message.change.success"; public static final String MESSAGE_PINMGMT = "message.pin.mgmt"; public static final String MESSAGE_ACTIVATE_PIN = "message.activate.pin"; public static final String MESSAGE_CHANGE_PIN = "message.change.pin"; diff --git a/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java b/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java index 851bff21..c8472c97 100644 --- a/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java +++ b/BKUAppletExt/src/main/java/at/gv/egiz/bku/smccstal/ext/PINManagementRequestHandler.java @@ -32,8 +32,6 @@ import at.gv.egiz.stal.ext.PINManagementResponse; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.logging.Level; -import java.util.logging.Logger; import javax.smartcardio.Card; import javax.smartcardio.CardChannel; import javax.smartcardio.CardException; @@ -50,11 +48,6 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { protected static final Log log = LogFactory.getLog(PINManagementRequestHandler.class); -// protected ResourceBundle messages; - -// public PINManagementRequestHandler(ResourceBundle messages) { -// this.messages = messages; -// } @Override public STALResponse handleRequest(STALRequest request) throws InterruptedException { if (request instanceof PINManagementRequest) { @@ -86,8 +79,14 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { gui.showUnblockPINDialog(selectedPIN, this, "unblock", this, "back"); } else if ("activate".equals(actionCommand)) { try { - byte[] pin = encodePIN(gui.getPin()); - activatePIN(selectedPIN.getKID(), selectedPIN.getContextAID(), pin); + card.activatePIN(selectedPIN.getKID(), + selectedPIN.getContextAID(), + String.valueOf(gui.getPin())); + gui.showMessageDialog(PINManagementGUIFacade.TITLE_ACTIVATE_SUCCESS, + PINManagementGUIFacade.MESSAGE_ACTIVATE_SUCCESS, + new Object[] {selectedPIN.getLocalizedName()}, + this, "ok"); + waitForAction(); showPINManagementDialog(gui); } catch (SignatureCardException ex) { log.error("failed to activate " + selectedPIN.getLocalizedName() + ": " + ex.getMessage()); @@ -97,9 +96,15 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { } } else if ("change".equals(actionCommand)) { try { - byte[] oldPin = encodePIN(gui.getOldPin()); //new byte[]{(byte) 0x25, (byte) 0x40, (byte) 0x01}; - byte[] pin = encodePIN(gui.getPin()); //new byte[]{(byte) 0x25, (byte) 0x40}; - changePIN(selectedPIN.getKID(), selectedPIN.getContextAID(), oldPin, pin); + card.changePIN(selectedPIN.getKID(), + selectedPIN.getContextAID(), + String.valueOf(gui.getOldPin()), + String.valueOf(gui.getPin())); + gui.showMessageDialog(PINManagementGUIFacade.TITLE_CHANGE_SUCCESS, + PINManagementGUIFacade.MESSAGE_CHANGE_SUCCESS, + new Object[] {selectedPIN.getLocalizedName()}, + this, "ok"); + waitForAction(); showPINManagementDialog(gui); } catch (VerificationFailedException ex) { log.error("failed to change " + selectedPIN.getLocalizedName() + ": " + ex.getMessage()); @@ -131,137 +136,6 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { return true; } - /** - * pin.length < 4bit - * @param kid - * @param contextAID - * @param pin - * @throws at.gv.egiz.smcc.SignatureCardException - */ - private void activatePIN(byte kid, byte[] contextAID, byte[] pin) throws SignatureCardException { - Card icc = card.getCard(); - try { - icc.beginExclusive(); - CardChannel channel = icc.getBasicChannel(); - - if (contextAID != null) { - CommandAPDU selectAPDU = new CommandAPDU(0x00, 0xa4, 0x04, 0x0c, contextAID); - ResponseAPDU responseAPDU = channel.transmit(selectAPDU); - if (responseAPDU.getSW() != 0x9000) { - icc.endExclusive(); - String msg = "Failed to activate PIN " + SMCCHelper.toString(new byte[]{kid}) + - ": Failed to select AID " + SMCCHelper.toString(contextAID) + - ": " + SMCCHelper.toString(responseAPDU.getBytes()); - log.error(msg); - throw new SignatureCardException(msg); - } - } - - if (pin.length > 7) { - icc.endExclusive(); - log.error("PIN too long"); - throw new SignatureCardException("PIN too long"); - } - byte length = (byte) (0x20 | pin.length * 2); - - byte[] apdu = new byte[]{ - (byte) 0x00, (byte) 0x24, (byte) 0x01, kid, (byte) 0x08, - (byte) length, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - for (int i = 0; i < pin.length; i++) { - apdu[i + 6] = pin[i]; - } - - CommandAPDU verifyAPDU = new CommandAPDU(apdu); - ResponseAPDU responseAPDU = channel.transmit(verifyAPDU); - - if (responseAPDU.getSW() != 0x9000) { - icc.endExclusive(); - String msg = "Failed to activate PIN " + SMCCHelper.toString(new byte[]{kid}) + ": " + SMCCHelper.toString(responseAPDU.getBytes()); - log.error(msg); - throw new SignatureCardException(msg); - } - icc.endExclusive(); - } catch (CardException ex) { - log.error("Failed to activate PIN: " + ex.getMessage()); - throw new SignatureCardException(ex.getMessage(), ex); - } finally { - try { - icc.endExclusive(); - } catch (CardException ex) { - log.trace("failed to end exclusive card access"); - } - } - } - - private void changePIN(byte kid, byte[] contextAID, byte[] oldPIN, byte[] newPIN) throws SignatureCardException, VerificationFailedException { - Card icc = card.getCard(); - try { - icc.beginExclusive(); - CardChannel channel = icc.getBasicChannel(); - - if (contextAID != null) { - CommandAPDU selectAPDU = new CommandAPDU(0x00, 0xa4, 0x04, 0x0c, contextAID); - ResponseAPDU responseAPDU = channel.transmit(selectAPDU); - if (responseAPDU.getSW() != 0x9000) { - icc.endExclusive(); - String msg = "Failed to change PIN " + SMCCHelper.toString(new byte[]{kid}) + - ": Failed to select AID " + SMCCHelper.toString(contextAID) + - ": " + SMCCHelper.toString(responseAPDU.getBytes()); - log.error(msg); - throw new SignatureCardException(msg); - } - } - - if (oldPIN.length > 7 || newPIN.length > 7) { - icc.endExclusive(); - log.error("PIN too long"); - throw new SignatureCardException("PIN too long"); - } - byte oldLength = (byte) (0x20 | oldPIN.length * 2); - byte newLength = (byte) (0x20 | newPIN.length * 2); - - byte[] apdu = new byte[]{ - (byte) 0x00, (byte) 0x24, (byte) 0x00, kid, (byte) 0x10, - oldLength, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - newLength, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - for (int i = 0; i < oldPIN.length; i++) { - apdu[i + 6] = oldPIN[i]; - } - for (int i = 0; i < newPIN.length; i++) { - apdu[i + 14] = newPIN[i]; - } - - CommandAPDU verifyAPDU = new CommandAPDU(apdu); - ResponseAPDU responseAPDU = channel.transmit(verifyAPDU); - - if (responseAPDU.getSW1() == 0x63 && responseAPDU.getSW2() >> 4 == 0xc) { - icc.endExclusive(); - int retries = responseAPDU.getSW2() & 0x0f; - log.error("Wrong PIN, " + retries + " tries left"); - throw new VerificationFailedException(retries); - } - if (responseAPDU.getSW() != 0x9000) { - icc.endExclusive(); - String msg = "Failed to change PIN " - + SMCCHelper.toString(new byte[]{kid}) + ": " - + SMCCHelper.toString(responseAPDU.getBytes()); - log.error(msg); - throw new SignatureCardException(msg); - } - - - } catch (CardException ex) { - log.error("Failed to change PIN: " + ex.getMessage()); - throw new SignatureCardException(ex.getMessage(), ex); - } finally { - try { - icc.endExclusive(); - } catch (CardException ex) { - log.trace("failed to end exclusive card access"); - } - } - } - public Map<PINSpec, STATUS> getPINStatuses() throws SignatureCardException { Card icc = card.getCard(); try { @@ -321,16 +195,6 @@ public class PINManagementRequestHandler extends AbstractRequestHandler { } } - private byte[] encodePIN(char[] pinChars) { - int length = (int) Math.ceil(pinChars.length/2); - byte[] pin = new byte[length]; - for (int i = 0; i < length; i++) { - pin[i] = (byte) (16*Character.digit(pinChars[i*2], 16) + Character.digit(pinChars[i*2+1], 16)); - } -// log.trace("***** " + SMCCHelper.toString(pin) + " ******"); - return pin; - } - private void showPINManagementDialog(PINManagementGUIFacade gui) { try { Map<PINSpec, STATUS> pins = getPINStatuses(); |