diff options
Diffstat (limited to 'mocca-1.2.11/smcc/src/main/java/at/gv')
42 files changed, 0 insertions, 6950 deletions
diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java deleted file mode 100644 index 9b3b88ed..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java +++ /dev/null @@ -1,805 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import at.gv.egiz.smcc.pin.gui.ModifyPINGUI; -import at.gv.egiz.smcc.pin.gui.PINGUI; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.AlgorithmParameters; -import java.security.GeneralSecurityException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Arrays; -import java.util.List; - -import javax.crypto.Cipher; -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.DESedeKeySpec; -import javax.crypto.spec.IvParameterSpec; -import javax.smartcardio.Card; -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.smcc.util.ISO7816Utils; -import at.gv.egiz.smcc.util.SMCCHelper; -import at.gv.egiz.smcc.util.TransparentFileInputStream; - -public class ACOSCard extends AbstractSignatureCard implements PINMgmtSignatureCard { - - private static Log log = LogFactory.getLog(ACOSCard.class); - - public static final byte[] AID_DEC = new byte[] { (byte) 0xA0, (byte) 0x00, - (byte) 0x00, (byte) 0x01, (byte) 0x18, (byte) 0x45, (byte) 0x4E }; - - public static final byte[] DF_DEC = new byte[] { (byte) 0xdf, (byte) 0x71 }; - - public static final byte[] AID_SIG = new byte[] { (byte) 0xA0, (byte) 0x00, - (byte) 0x00, (byte) 0x01, (byte) 0x18, (byte) 0x45, (byte) 0x43 }; - - public static final byte[] DF_SIG = new byte[] { (byte) 0xdf, (byte) 0x70 }; - - public static final byte[] EF_C_CH_EKEY = new byte[] { (byte) 0xc0, - (byte) 0x01 }; - - public static final int EF_C_CH_EKEY_MAX_SIZE = 2000; - - public static final byte[] EF_C_CH_DS = new byte[] { (byte) 0xc0, (byte) 0x02 }; - - public static final int EF_C_CH_DS_MAX_SIZE = 2000; - - public static final byte[] EF_PK_CH_EKEY = new byte[] { (byte) 0xb0, - (byte) 0x01 }; - - public static final byte[] EF_INFOBOX = new byte[] { (byte) 0xc0, (byte) 0x02 }; - - public static final byte[] EF_INFO = new byte[] { (byte) 0xd0, (byte) 0x02 }; - - public static final int EF_INFOBOX_MAX_SIZE = 1500; - - public static final byte KID_PIN_SIG = (byte) 0x81; - - public static final byte KID_PUK_SIG = (byte) 0x83; - - public static final byte KID_PIN_DEC = (byte) 0x81; - - public static final byte KID_PUK_DEC = (byte) 0x82; - - public static final byte KID_PIN_INF = (byte) 0x83; - - public static final byte KID_PUK_INF = (byte) 0x84; - - public static final byte[] DST_SIG = new byte[] { (byte) 0x84, (byte) 0x01, // tag - // , - // length - // ( - // key - // ID - // ) - (byte) 0x88, // SK.CH.SIGN - (byte) 0x80, (byte) 0x01, // tag, length (algorithm ID) - (byte) 0x14 // ECDSA - }; - - public static final byte[] AT_DEC = new byte[] { (byte) 0x84, (byte) 0x01, // tag - // , - // length - // ( - // key - // ID - // ) - (byte) 0x88, // SK.CH.EKEY - (byte) 0x80, (byte) 0x01, // tag, length (algorithm ID) - (byte) 0x01 // RSA // TODO: Not verified yet - }; - - private static final PINSpec DEC_PIN_SPEC = new PINSpec(0, 8, "[0-9]", - "at/gv/egiz/smcc/ACOSCard", "dec.pin", KID_PIN_DEC, AID_DEC); - - private static final PINSpec SIG_PIN_SPEC = new PINSpec(0, 8, "[0-9]", - "at/gv/egiz/smcc/ACOSCard", "sig.pin", KID_PIN_SIG, AID_SIG); - - private static final PINSpec INF_PIN_SPEC = new PINSpec(0, 8, "[0-9]", - "at/gv/egiz/smcc/ACOSCard", "inf.pin", KID_PIN_INF, AID_DEC); - - static { - if (SignatureCardFactory.ENFORCE_RECOMMENDED_PIN_LENGTH) { - DEC_PIN_SPEC.setRecLength(4); - SIG_PIN_SPEC.setRecLength(6); - INF_PIN_SPEC.setRecLength(4); - } - } - - /** - * The version of the card's digital signature application. - */ - protected int appVersion = -1; - - public ACOSCard() { - super("at/gv/egiz/smcc/ACOSCard"); - } - - @Override - public void init(Card card, CardTerminal cardTerminal) { - super.init(card, cardTerminal); - - // determine application version - try { - CardChannel channel = getCardChannel(); - // SELECT application - execSELECT_AID(channel, AID_SIG); - // SELECT file - execSELECT_FID(channel, EF_INFO); - // READ BINARY - TransparentFileInputStream is = ISO7816Utils.openTransparentFileInputStream(channel, 8); - appVersion = is.read(); - log.info("a-sign premium application version = " + appVersion); - } catch (FileNotFoundException e) { - appVersion = 1; - log.info("a-sign premium application version = " + appVersion); - } catch (SignatureCardException e) { - log.warn(e); - appVersion = 0; - } catch (IOException e) { - log.warn(e); - appVersion = 0; - } catch (CardException e) { - log.warn(e); - appVersion = 0; - } - - pinSpecs.add(DEC_PIN_SPEC); - pinSpecs.add(SIG_PIN_SPEC); - if (appVersion < 2) { - pinSpecs.add(INF_PIN_SPEC); - } - - } - - @Override - @Exclusive - public byte[] getCertificate(KeyboxName keyboxName) - throws SignatureCardException, InterruptedException { - - byte[] aid; - byte[] fid; - if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - aid = AID_SIG; - fid = EF_C_CH_DS; - } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { - aid = AID_DEC; - fid = EF_C_CH_EKEY; - } else { - throw new IllegalArgumentException("Keybox " + keyboxName - + " not supported."); - } - - try { - CardChannel channel = getCardChannel(); - // SELECT application - execSELECT_AID(channel, aid); - // SELECT file - byte[] fcx = execSELECT_FID(channel, fid); - int maxSize = -1; - if (getAppVersion() < 2) { - maxSize = ISO7816Utils.getLengthFromFCx(fcx); - log.debug("Size of selected file = " + maxSize); - } - // READ BINARY - byte[] certificate = ISO7816Utils.readTransparentFileTLV(channel, maxSize, (byte) 0x30); - if (certificate == null) { - throw new NotActivatedException(); - } - return certificate; - } catch (FileNotFoundException e) { - throw new NotActivatedException(); - } catch (CardException e) { - log.info("Failed to get certificate.", e); - throw new SignatureCardException(e); - } - - - } - - @Override - @Exclusive - public byte[] getInfobox(String infobox, PINGUI provider, String domainId) - throws SignatureCardException, InterruptedException { - - if ("IdentityLink".equals(infobox)) { - if (getAppVersion() < 2) { - return getIdentityLinkV1(provider, domainId); - } else { - return getIdentityLinkV2(provider, domainId); - } - } else { - throw new IllegalArgumentException("Infobox '" + infobox - + "' not supported."); - } - - } - - protected byte[] getIdentityLinkV1(PINGUI provider, String domainId) - throws SignatureCardException, InterruptedException { - - try { - CardChannel channel = getCardChannel(); - // SELECT application - execSELECT_AID(channel, AID_DEC); - // SELECT file - byte[] fcx = execSELECT_FID(channel, EF_INFOBOX); - int maxSize = ISO7816Utils.getLengthFromFCx(fcx); - log.debug("Size of selected file = " + maxSize); - // READ BINARY - while(true) { - try { - return ISO7816Utils.readTransparentFileTLV(channel, maxSize, (byte) 0x30); - } catch (SecurityStatusNotSatisfiedException e) { - verifyPINLoop(channel, INF_PIN_SPEC, provider); - } - } - - } catch (FileNotFoundException e) { - throw new NotActivatedException(); - } catch (CardException e) { - log.info("Faild to get infobox.", e); - throw new SignatureCardException(e); - } - - } - - protected byte[] getIdentityLinkV2(PINGUI provider, String domainId) - throws SignatureCardException, InterruptedException { - - try { - CardChannel channel = getCardChannel(); - // SELECT application - execSELECT_AID(channel, AID_DEC); - // SELECT file - execSELECT_FID(channel, EF_INFOBOX); - - // READ BINARY - TransparentFileInputStream is = ISO7816Utils.openTransparentFileInputStream(channel, -1); - - int b = is.read(); - if (b == 0x00) { - return null; - } - if (b != 0x41 || is.read() != 0x49 || is.read() != 0x4b) { - String msg = "Infobox structure invalid."; - log.info(msg); - throw new SignatureCardException(msg); - } - - b = is.read(); - if (b != 0x01) { - String msg = "Infobox structure v" + b + " not supported."; - log.info(msg); - throw new SignatureCardException(msg); - } - - while ((b = is.read()) != 0x01 && b != 00) { - is.read(); // modifiers - is.skip(is.read() + (is.read() << 8)); // length - } - - if (b != 0x01) { - return null; - } - - int modifiers = is.read(); - int length = is.read() + (is.read() << 8); - - byte[] bytes; - byte[] key = null; - - switch (modifiers) { - case 0x00: - bytes = new byte[length]; - break; - case 0x01: - key = new byte[is.read() + (is.read() << 8)]; - is.read(key); - bytes = new byte[length - key.length - 2]; - break; - default: - String msg = "Compressed infobox structure not yet supported."; - log.info(msg); - throw new SignatureCardException(msg); - } - - is.read(bytes); - - if (key == null) { - return bytes; - } - - execMSE(channel, 0x41, 0xb8, new byte[] { - (byte) 0x84, (byte) 0x01, (byte) 0x88, (byte) 0x80, (byte) 0x01, - (byte) 0x02 }); - - - byte[] plainKey = null; - - while (true) { - try { - plainKey = execPSO_DECIPHER(channel, key); - break; - } catch(SecurityStatusNotSatisfiedException e) { - verifyPINLoop(channel, DEC_PIN_SPEC, provider); - } - } - - try { - Cipher cipher = Cipher - .getInstance("DESede/CBC/PKCS5Padding"); - byte[] iv = new byte[8]; - Arrays.fill(iv, (byte) 0x00); - IvParameterSpec ivParameterSpec = new IvParameterSpec(iv); - AlgorithmParameters parameters = AlgorithmParameters - .getInstance("DESede"); - parameters.init(ivParameterSpec); - - DESedeKeySpec keySpec = new DESedeKeySpec(plainKey); - SecretKeyFactory keyFactory = SecretKeyFactory - .getInstance("DESede"); - SecretKey secretKey = keyFactory.generateSecret(keySpec); - - cipher.init(Cipher.DECRYPT_MODE, secretKey, parameters); - - return cipher.doFinal(bytes); - - } catch (GeneralSecurityException e) { - String msg = "Failed to decrypt infobox."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } - - - } catch (FileNotFoundException e) { - throw new NotActivatedException(); - } catch (CardException e) { - log.info("Faild to get infobox.", e); - throw new SignatureCardException(e); - } catch (IOException e) { - if (e.getCause() instanceof SignatureCardException) { - throw (SignatureCardException) e.getCause(); - } else { - throw new SignatureCardException(e); - } - } - - } - - @Override - @Exclusive - public byte[] createSignature(InputStream input, KeyboxName keyboxName, - PINGUI provider, String alg) throws SignatureCardException, InterruptedException, IOException { - - ByteArrayOutputStream dst = new ByteArrayOutputStream(); - // key ID - dst.write(new byte[]{(byte) 0x84, (byte) 0x01, (byte) 0x88}); - // algorithm ID - dst.write(new byte[]{(byte) 0x80, (byte) 0x01}); - - MessageDigest md; - try { - if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName) - && (alg == null || "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1".equals(alg))) { - dst.write((byte) 0x14); // SHA-1/ECC - md = MessageDigest.getInstance("SHA-1"); - } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName) - && (alg == null || "http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg))) { - dst.write((byte) 0x12); // SHA-1 with padding according to PKCS#1 block type 01 - md = MessageDigest.getInstance("SHA-1"); - } else if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName) - && appVersion >= 2 - && "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256".equals(alg)) { - dst.write((byte) 0x44); // SHA-256/ECC - md = MessageDigest.getInstance("SHA256"); - } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName) - && appVersion >= 2 - && "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256".equals(alg)) { - dst.write((byte) 0x41); // SHA-256 with padding according to PKCS#1 - md = MessageDigest.getInstance("SHA256"); - } else { - throw new SignatureCardException("Card does not support signature algorithm " + alg + "."); - } - } catch (NoSuchAlgorithmException e) { - log.error("Failed to get MessageDigest.", e); - throw new SignatureCardException(e); - } - - byte[] digest = new byte[md.getDigestLength()]; - for (int l; (l = input.read(digest)) != -1;) { - md.update(digest, 0, l); - } - digest = md.digest(); - - try { - - CardChannel channel = getCardChannel(); - - if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)) { - - PINSpec spec = SIG_PIN_SPEC; - - // SELECT application - execSELECT_AID(channel, AID_SIG); - // MANAGE SECURITY ENVIRONMENT : SET DST - execMSE(channel, 0x41, 0xb6, dst.toByteArray()); - // VERIFY - verifyPINLoop(channel, spec, provider); - // PERFORM SECURITY OPERATION : HASH - execPSO_HASH(channel, digest); - // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATRE - return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel); - - } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) { - - PINSpec spec = DEC_PIN_SPEC; - - // SELECT application - execSELECT_AID(channel, AID_DEC); - // MANAGE SECURITY ENVIRONMENT : SET AT - execMSE(channel, 0x41, 0xa4, AT_DEC); - - while (true) { - try { - // INTERNAL AUTHENTICATE - return execINTERNAL_AUTHENTICATE(channel, digest); - } catch (SecurityStatusNotSatisfiedException e) { - verifyPINLoop(channel, spec, provider); - } - } - - } else { - throw new IllegalArgumentException("KeyboxName '" + keyboxName - + "' not supported."); - } - - } catch (CardException e) { - log.warn(e); - throw new SignatureCardException("Failed to access card.", e); - } - - } - - public int getAppVersion() { - return appVersion; - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.AbstractSignatureCard#verifyPIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.PINProvider) - */ - @Override - public void verifyPIN(PINSpec pinSpec, PINGUI pinProvider) - throws LockedException, NotActivatedException, CancelledException, - TimeoutException, SignatureCardException, InterruptedException { - - CardChannel channel = getCardChannel(); - - try { - // SELECT application - execSELECT_AID(channel, pinSpec.getContextAID()); - // VERIFY - verifyPINLoop(channel, pinSpec, pinProvider); - } catch (CardException e) { - log.info("Failed to verify PIN.", e); - throw new SignatureCardException("Failed to verify PIN.", e); - } - - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.AbstractSignatureCard#changePIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.ChangePINProvider) - */ - @Override - public void changePIN(PINSpec pinSpec, ModifyPINGUI pinProvider) - throws LockedException, NotActivatedException, CancelledException, - TimeoutException, SignatureCardException, InterruptedException { - - CardChannel channel = getCardChannel(); - - try { - // SELECT application - execSELECT_AID(channel, pinSpec.getContextAID()); - // CHANGE REFERENCE DATA - changePINLoop(channel, pinSpec, pinProvider); - } catch (CardException e) { - log.info("Failed to change PIN.", e); - throw new SignatureCardException("Failed to change PIN.", e); - } - - } - - @Override - public void activatePIN(PINSpec pinSpec, ModifyPINGUI pinGUI) - throws CancelledException, SignatureCardException, CancelledException, - TimeoutException, InterruptedException { - log.error("ACTIVATE PIN not supported by ACOS"); - throw new SignatureCardException("PIN activation not supported by this card."); - } - - @Override - public void unblockPIN(PINSpec pinSpec, ModifyPINGUI pinGUI) - throws CancelledException, SignatureCardException, InterruptedException { - throw new SignatureCardException("Unblock PIN not supported."); - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.PINMgmtSignatureCard#getPINSpecs() - */ - @Override - public List<PINSpec> getPINSpecs() { - if (getAppVersion() < 2) { - return Arrays.asList(new PINSpec[] {DEC_PIN_SPEC, SIG_PIN_SPEC, INF_PIN_SPEC}); - } else { - return Arrays.asList(new PINSpec[] {DEC_PIN_SPEC, SIG_PIN_SPEC}); - } - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.PINMgmtSignatureCard#getPINStatus(at.gv.egiz.smcc.PINSpec) - */ - @Override - public PIN_STATE getPINState(PINSpec pinSpec) throws SignatureCardException { - return PIN_STATE.UNKNOWN; - } - - @Override - public String toString() { - return "a-sign premium (version " + getAppVersion() + ")"; - } - - //////////////////////////////////////////////////////////////////////// - // PROTECTED METHODS (assume exclusive card access) - //////////////////////////////////////////////////////////////////////// - - protected void verifyPINLoop(CardChannel channel, PINSpec spec, PINGUI provider) - throws InterruptedException, CardException, SignatureCardException { - - int retries = -1; - do { - retries = verifyPIN(channel, spec, provider, retries); - } while (retries > 0); - } - - protected void changePINLoop(CardChannel channel, PINSpec spec, ModifyPINGUI provider) - throws InterruptedException, CardException, SignatureCardException { - - int retries = -1; - do { - retries = changePIN(channel, spec, provider, retries); - } while (retries > 0); - } - - protected int verifyPIN(CardChannel channel, PINSpec pinSpec, - PINGUI provider, int retries) throws InterruptedException, CardException, SignatureCardException { - - VerifyAPDUSpec apduSpec = new VerifyAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x20, (byte) 0x00, pinSpec.getKID(), (byte) 0x08, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 }, - 0, VerifyAPDUSpec.PIN_FORMAT_ASCII, 8); - - ResponseAPDU resp = reader.verify(channel, apduSpec, provider, pinSpec, retries); - - if (resp.getSW() == 0x9000) { - return -1; - } - if (resp.getSW() >> 4 == 0x63c) { - return 0x0f & resp.getSW(); - } - - switch (resp.getSW()) { - case 0x6983: - // authentication method blocked - throw new LockedException(); - - default: - String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW()); - log.info(msg); - throw new SignatureCardException(msg); - } - - } - - protected int changePIN(CardChannel channel, PINSpec pinSpec, - ModifyPINGUI pinProvider, int retries) throws CancelledException, InterruptedException, CardException, SignatureCardException { - - ChangeReferenceDataAPDUSpec apduSpec = new ChangeReferenceDataAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x24, (byte) 0x00, pinSpec.getKID(), (byte) 0x10, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - 0, VerifyAPDUSpec.PIN_FORMAT_ASCII, 8); - - - - ResponseAPDU resp = reader.modify(channel, apduSpec, pinProvider, pinSpec, retries); - - if (resp.getSW() == 0x9000) { - return -1; - } - if (resp.getSW() >> 4 == 0x63c) { - return 0x0f & resp.getSW(); - } - - switch (resp.getSW()) { - case 0x6983: - // authentication method blocked - throw new LockedException(); - - default: - String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW()); - log.info(msg); - throw new SignatureCardException(msg); - } - - } - - protected byte[] execSELECT_AID(CardChannel channel, byte[] aid) - throws SignatureCardException, CardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0xA4, 0x04, 0x00, aid, 256)); - - if (resp.getSW() == 0x6A82) { - String msg = "File or application not found AID=" - + SMCCHelper.toString(aid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.info(msg); - throw new FileNotFoundException(msg); - } else if (resp.getSW() != 0x9000) { - String msg = "Failed to select application AID=" - + SMCCHelper.toString(aid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.info(msg); - throw new SignatureCardException(msg); - } else { - return resp.getBytes(); - } - - } - - protected byte[] execSELECT_FID(CardChannel channel, byte[] fid) - throws SignatureCardException, CardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0xA4, 0x00, 0x00, fid, 256)); - - if (resp.getSW() == 0x6A82) { - String msg = "File or application not found FID=" - + SMCCHelper.toString(fid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.info(msg); - throw new FileNotFoundException(msg); - } else if (resp.getSW() != 0x9000) { - String msg = "Failed to select application FID=" - + SMCCHelper.toString(fid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.error(msg); - throw new SignatureCardException(msg); - } else { - return resp.getBytes(); - } - - - } - - protected void execMSE(CardChannel channel, int p1, - int p2, byte[] data) throws SignatureCardException, CardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0x22, p1, p2, data)); - - if (resp.getSW() != 0x9000) { - String msg = "MSE failed: SW=" - + Integer.toHexString(resp.getSW()); - log.error(msg); - throw new SignatureCardException(msg); - } - - } - - protected byte[] execPSO_DECIPHER(CardChannel channel, byte [] cipher) throws CardException, SignatureCardException { - - byte[] data = new byte[cipher.length + 1]; - data[0] = 0x00; - System.arraycopy(cipher, 0, data, 1, cipher.length); - ResponseAPDU resp = channel.transmit(new CommandAPDU(0x00, 0x2A, 0x80, 0x86, data, 256)); - if (resp.getSW() == 0x6982) { - throw new SecurityStatusNotSatisfiedException(); - } else if (resp.getSW() != 0x9000) { - throw new SignatureCardException( - "PSO - DECIPHER failed: SW=" - + Integer.toHexString(resp.getSW())); - } - - return resp.getData(); - - } - - protected void execPSO_HASH(CardChannel channel, byte[] hash) throws CardException, SignatureCardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0x2A, 0x90, 0x81, hash)); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("PSO - HASH failed: SW=" - + Integer.toHexString(resp.getSW())); - } - - } - - protected byte[] execPSO_COMPUTE_DIGITAL_SIGNATURE(CardChannel channel) throws CardException, - SignatureCardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, 256)); - if (resp.getSW() == 0x6982) { - throw new SecurityStatusNotSatisfiedException(); - } - if (resp.getSW() != 0x9000) { - throw new SignatureCardException( - "PSO - COMPUTE DIGITAL SIGNATRE failed: SW=" - + Integer.toHexString(resp.getSW())); - } else { - return resp.getData(); - } - - } - - protected byte[] execINTERNAL_AUTHENTICATE(CardChannel channel, byte[] hash) throws CardException, - SignatureCardException { - - byte[] digestInfo = new byte[] { (byte) 0x30, (byte) 0x21, (byte) 0x30, - (byte) 0x09, (byte) 0x06, (byte) 0x05, (byte) 0x2B, (byte) 0x0E, - (byte) 0x03, (byte) 0x02, (byte) 0x1A, (byte) 0x05, (byte) 0x00, - (byte) 0x04 }; - - byte[] data = new byte[digestInfo.length + hash.length + 1]; - - System.arraycopy(digestInfo, 0, data, 0, digestInfo.length); - data[digestInfo.length] = (byte) hash.length; - System.arraycopy(hash, 0, data, digestInfo.length + 1, hash.length); - - ResponseAPDU resp = channel.transmit(new CommandAPDU(0x00, 0x88, 0x10, 0x00, data, 256)); - if (resp.getSW() == 0x6982) { - throw new SecurityStatusNotSatisfiedException(); - } else if (resp.getSW() == 0x6983) { - throw new LockedException(); - } else if (resp.getSW() != 0x9000) { - throw new SignatureCardException("INTERNAL AUTHENTICATE failed: SW=" - + Integer.toHexString(resp.getSW())); - } else { - return resp.getData(); - } - } -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java deleted file mode 100644 index fcb94fc6..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/AbstractSignatureCard.java +++ /dev/null @@ -1,121 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import at.gv.egiz.smcc.reader.CardReader; -import at.gv.egiz.smcc.reader.ReaderFactory; -import java.util.ArrayList; -import java.util.List; -import java.util.Locale; -import java.util.ResourceBundle; - -import javax.smartcardio.Card; -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -public abstract class AbstractSignatureCard implements SignatureCard { - - private static Log log = LogFactory.getLog(AbstractSignatureCard.class); - - protected List<PINSpec> pinSpecs = new ArrayList<PINSpec>(); - - private ResourceBundle i18n; - private String resourceBundleName; - - private Locale locale = Locale.getDefault(); - - private Card card_; - - protected CardReader reader; - - protected AbstractSignatureCard(String resourceBundleName) { - this.resourceBundleName = resourceBundleName; - } - - protected String toString(byte[] b) { - StringBuffer sb = new StringBuffer(); - if (b != null && b.length > 0) { - sb.append(Integer.toHexString((b[0] & 240) >> 4)); - sb.append(Integer.toHexString(b[0] & 15)); - } - for (int i = 1; i < b.length; i++) { - sb.append(':'); - sb.append(Integer.toHexString((b[i] & 240) >> 4)); - sb.append(Integer.toHexString(b[i] & 15)); - } - return sb.toString(); - } - - @Override - public void init(Card card, CardTerminal cardTerminal) { - this.card_ = card; - this.reader = ReaderFactory.getReader(card, cardTerminal); - } - - @Override - public Card getCard() { - return card_; - } - - protected CardChannel getCardChannel() { - return new LogCardChannel(card_.getBasicChannel()); - } - - @Override - public void setLocale(Locale locale) { - if (locale == null) { - throw new NullPointerException("Locale must not be set to null"); - } - this.locale = locale; - } - - protected ResourceBundle getResourceBundle() { - if (i18n == null) { - i18n = ResourceBundle.getBundle(resourceBundleName, locale); - } - return i18n; - } - - @Override - public void disconnect(boolean reset) { - log.debug("Disconnect called"); - if (card_ != null) { - try { - card_.disconnect(reset); - } catch (Exception e) { - log.info("Error while resetting card", e); - } - } - } - - @Override - public void reset() throws SignatureCardException { - try { - log.debug("Disconnect and reset smart card."); - card_.disconnect(true); - log.debug("Reconnect smart card."); - card_ = reader.connect(); - } catch (CardException e) { - throw new SignatureCardException("Failed to reset card.", e); - } - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/BELPICCard.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/BELPICCard.java deleted file mode 100644 index 41358bb5..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/BELPICCard.java +++ /dev/null @@ -1,284 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - - -package at.gv.egiz.smcc; - -import at.gv.egiz.smcc.pin.gui.PINGUI; -import java.io.IOException; -import java.io.InputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.smcc.util.ISO7816Utils; -import at.gv.egiz.smcc.util.SMCCHelper; - -public class BELPICCard extends AbstractSignatureCard implements SignatureCard { - - /** - * Logging facility. - */ - private static Log log = LogFactory.getLog(BELPICCard.class); - - public static final byte[] MF = new byte[] { (byte) 0x3F, (byte) 0x00 }; - - public static final byte[] DF_BELPIC = new byte[] { (byte) 0xDF, - (byte) 0x00 }; - - public static final byte[] DF_ID = new byte[] { (byte) 0xDF, (byte) 0x01 }; - - public static final byte[] SIGN_CERT = new byte[] { (byte) 0x50, - (byte) 0x39 }; - -// public static final byte MSE_SET_ALGO_REF = (byte) 0x02; - -// public static final byte MSE_SET_PRIV_KEY_REF = (byte) 0x83; - - public static final int SIGNATURE_LENGTH = (int) 0x80; - - public static final byte KID = (byte) 0x01; - - public static final int READ_BUFFER_LENGTH = 256; - - public static final int PINSPEC_SS = 0; - - private static final PINSpec SS_PIN_SPEC = - new PINSpec(4, 12, "[0-9]", - "at/gv/egiz/smcc/BELPICCard", "sig.pin", KID, DF_BELPIC); - - /** - * Creates a new instance. - */ - public BELPICCard() { - super("at/gv/egiz/smcc/BelpicCard"); - pinSpecs.add(SS_PIN_SPEC); - } - - @Override - @Exclusive - public byte[] getCertificate(KeyboxName keyboxName) - throws SignatureCardException { - - if (keyboxName != KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - throw new IllegalArgumentException("Keybox " + keyboxName - + " not supported"); - } - - try { - CardChannel channel = getCardChannel(); - // SELECT MF - execSELECT_FID(channel, MF); - // SELECT application - execSELECT_FID(channel, DF_BELPIC); - // SELECT file - execSELECT_FID(channel, SIGN_CERT); - // READ BINARY - byte[] certificate = ISO7816Utils.readTransparentFileTLV(channel, -1, (byte) 0x30); - if (certificate == null) { - throw new NotActivatedException(); - } - return certificate; - } catch (FileNotFoundException e) { - throw new NotActivatedException(); - } catch (CardException e) { - log.info("Failed to get certificate.", e); - throw new SignatureCardException(e); - } - - } - - @Override - @Exclusive - public byte[] getInfobox(String infobox, PINGUI provider, String domainId) - throws SignatureCardException, InterruptedException { - - throw new IllegalArgumentException("Infobox '" + infobox - + "' not supported."); - } - - @Override - @Exclusive - public byte[] createSignature(InputStream input, KeyboxName keyboxName, - PINGUI provider, String alg) throws SignatureCardException, InterruptedException, IOException { - - if (KeyboxName.SECURE_SIGNATURE_KEYPAIR != keyboxName) { - throw new SignatureCardException("Card does not support key " + keyboxName + "."); - } - if (!"http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg)) { - throw new SignatureCardException("Card does not support algorithm " + alg + "."); - } - - byte[] dst = new byte[] { (byte) 0x04, // number of following - // bytes - (byte) 0x80, // tag for algorithm reference - (byte) 0x02, // algorithm reference - (byte) 0x84, // tag for private key reference - (byte) 0x83 // private key reference - }; - - MessageDigest md; - try { - md = MessageDigest.getInstance("SHA-1"); - } catch (NoSuchAlgorithmException e) { - log.error("Failed to get MessageDigest.", e); - throw new SignatureCardException(e); - } - // calculate message digest - byte[] digest = new byte[md.getDigestLength()]; - for (int l; (l = input.read(digest)) != -1;) { - md.update(digest, 0, l); - } - digest = md.digest(); - - try { - - CardChannel channel = getCardChannel(); - - // SELECT MF - execSELECT_FID(channel, MF); - // VERIFY - execMSE(channel, 0x41, 0xb6, dst); - // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE - verifyPINLoop(channel, SS_PIN_SPEC, provider); - // MANAGE SECURITY ENVIRONMENT : SET DST - return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, digest); - - } catch (CardException e) { - log.warn(e); - throw new SignatureCardException("Failed to access card.", e); - } - - } - - public String toString() { - return "Belpic Card"; - } - - protected void verifyPINLoop(CardChannel channel, PINSpec spec, - PINGUI provider) throws LockedException, NotActivatedException, - SignatureCardException, InterruptedException, CardException { - - int retries = -1; //verifyPIN(channel, spec, null, -1); - do { - retries = verifyPIN(channel, spec, provider, retries); - } while (retries > 0); - } - - protected int verifyPIN(CardChannel channel, PINSpec pinSpec, - PINGUI provider, int retries) throws SignatureCardException, - LockedException, NotActivatedException, InterruptedException, - CardException { - - VerifyAPDUSpec apduSpec = new VerifyAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x20, (byte) 0x00, pinSpec.getKID(), (byte) 0x08, - (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff }, - 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4); - - ResponseAPDU resp = reader.verify(channel, apduSpec, provider, pinSpec, retries); - - if (resp.getSW() == 0x9000) { - return -1; - } - if (resp.getSW() >> 4 == 0x63c) { - return 0x0f & resp.getSW(); - } - - switch (resp.getSW()) { - case 0x6983: - // authentication method blocked - throw new LockedException(); - case 0x6984: - // reference data not usable - throw new NotActivatedException(); - case 0x6985: - // conditions of use not satisfied - throw new NotActivatedException(); - - default: - String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW()); - log.info(msg); - throw new SignatureCardException(msg); - } - - } - - protected byte[] execSELECT_FID(CardChannel channel, byte[] fid) - throws SignatureCardException, CardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0xA4, 0x02, 0x0C, fid, 256)); - - if (resp.getSW() == 0x6A82) { - String msg = "File or application not found FID=" - + SMCCHelper.toString(fid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.info(msg); - throw new FileNotFoundException(msg); - } else if (resp.getSW() != 0x9000) { - String msg = "Failed to select application FID=" - + SMCCHelper.toString(fid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.error(msg); - throw new SignatureCardException(msg); - } else { - return resp.getBytes(); - } - - } - - protected void execMSE(CardChannel channel, int p1, int p2, byte[] data) - throws CardException, SignatureCardException { - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0x22, p1, p2, data, 256)); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("MSE:SET failed: SW=" - + Integer.toHexString(resp.getSW())); - } - } - - protected byte[] execPSO_COMPUTE_DIGITAL_SIGNATURE(CardChannel channel, byte[] hash) - throws CardException, SignatureCardException { - ResponseAPDU resp; - resp = channel.transmit( - new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, hash, 256)); - if (resp.getSW() == 0x6982) { - throw new SecurityStatusNotSatisfiedException(); - } else if (resp.getSW() == 0x6983) { - throw new LockedException(); - } else if (resp.getSW() != 0x9000) { - throw new SignatureCardException( - "PSO: COMPUTE DIGITAL SIGNATRE failed: SW=" - + Integer.toHexString(resp.getSW())); - } else { - return resp.getData(); - } - } - - - - -}
\ No newline at end of file diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/CancelledException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/CancelledException.java deleted file mode 100644 index 347d74c9..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/CancelledException.java +++ /dev/null @@ -1,39 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc;
-
-public class CancelledException extends SignatureCardException {
-
- private static final long serialVersionUID = 1L;
-
- public CancelledException() {
- super();
- }
-
- public CancelledException(String message, Throwable cause) {
- super(message, cause);
- }
-
- public CancelledException(String message) {
- super(message);
- }
-
- public CancelledException(Throwable cause) {
- super(cause);
- }
-
-}
diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/CardNotSupportedException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/CardNotSupportedException.java deleted file mode 100644 index 1cde093d..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/CardNotSupportedException.java +++ /dev/null @@ -1,62 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class CardNotSupportedException extends Exception { - - /** - * - */ - private static final long serialVersionUID = 1L; - - /** - * Creates a new instance of this <code>CardNotSupportedException</code>. - * - */ - public CardNotSupportedException() { - super(); - } - - /** - * Creates a new instance of this <code>CardNotSupportedException</code>. - * - * @param message - * @param cause - */ - public CardNotSupportedException(String message, Throwable cause) { - super(message, cause); - } - - /** - * Creates a new instance of this <code>CardNotSupportedException</code>. - * - * @param message - */ - public CardNotSupportedException(String message) { - super(message); - } - - /** - * Creates a new instance of this <code>CardNotSupportedException</code>. - * - * @param cause - */ - public CardNotSupportedException(Throwable cause) { - super(cause); - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ChangeReferenceDataAPDUSpec.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ChangeReferenceDataAPDUSpec.java deleted file mode 100644 index 0b10d88f..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ChangeReferenceDataAPDUSpec.java +++ /dev/null @@ -1,95 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class ChangeReferenceDataAPDUSpec extends VerifyAPDUSpec { - - /** - * The offset for the insertion of the old PIN. (Default: 0) - */ - protected int pinInsertionOffsetOld = 0; - - /** - * The offset for the insertion of the new PIN. (Default: - * {@link VerifyAPDUSpec#pinLength} + 1}) - */ - protected int pinInsertionOffsetNew = pinLength; - - public ChangeReferenceDataAPDUSpec(byte[] apdu, int pinPosition, int pinFormat, int pinLength) { - super(apdu, pinPosition, pinFormat, pinLength); - } - - /** - * @param apdu - * @param pinPosition - * @param pinFormat - * @param pinLength - * @param pinLengthSize - * @param pinLengthPos - */ - public ChangeReferenceDataAPDUSpec(byte[] apdu, int pinPosition, - int pinFormat, int pinLength, int pinLengthSize, int pinLengthPos) { - super(apdu, pinPosition, pinFormat, pinLength, pinLengthSize, pinLengthPos); - } - - /** - * @param apdu - * @param pinPosition - * @param pinFormat - * @param pinLength - * @param pinLengthSize - * @param pinLengthPos - * @param pinInsertionOffsetNew - */ - public ChangeReferenceDataAPDUSpec(byte[] apdu, int pinPosition, - int pinFormat, int pinLength, int pinLengthSize, int pinLengthPos, - int pinInsertionOffsetNew) { - super(apdu, pinPosition, pinFormat, pinLength, pinLengthSize, pinLengthPos); - this.pinInsertionOffsetNew = pinInsertionOffsetNew; - } - - /** - * @return the pinInsertionOffsetOld - */ - public int getPinInsertionOffsetOld() { - return pinInsertionOffsetOld; - } - - /** - * @param pinInsertionOffsetOld the pinInsertionOffsetOld to set - */ - public void setPinInsertionOffsetOld(int pinInsertionOffsetOld) { - this.pinInsertionOffsetOld = pinInsertionOffsetOld; - } - - /** - * @return the pinInsertionOffsetNew - */ - public int getPinInsertionOffsetNew() { - return pinInsertionOffsetNew; - } - - /** - * @param pinInsertionOffsetNew the pinInsertionOffsetNew to set - */ - public void setPinInsertionOffsetNew(int pinInsertionOffsetNew) { - this.pinInsertionOffsetNew = pinInsertionOffsetNew; - } - - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ExclSignatureCardProxy.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ExclSignatureCardProxy.java deleted file mode 100644 index bfbd0063..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ExclSignatureCardProxy.java +++ /dev/null @@ -1,110 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.lang.reflect.InvocationHandler; -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.lang.reflect.Proxy; -import java.util.ArrayList; - -import javax.smartcardio.Card; -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -public class ExclSignatureCardProxy implements InvocationHandler { - - private static Log log = LogFactory.getLog(ExclSignatureCardProxy.class); - - private static final Method init; - - static { - try { - init = SignatureCard.class.getMethod("init", new Class<?>[] { Card.class, - CardTerminal.class }); - } catch (SecurityException e) { - throw new RuntimeException(e); - } catch (NoSuchMethodException e) { - throw new RuntimeException(e); - } - } - - private SignatureCard signatureCard; - - public ExclSignatureCardProxy(SignatureCard signatureCard) { - this.signatureCard = signatureCard; - } - - public static SignatureCard newInstance(SignatureCard signatureCard) { - ArrayList<Class<?>> proxyInterfaces = new ArrayList<Class<?>>(); - proxyInterfaces.add(SignatureCard.class); - if (PINMgmtSignatureCard.class.isAssignableFrom(signatureCard.getClass())) { - proxyInterfaces.add(PINMgmtSignatureCard.class); - } - ClassLoader loader = signatureCard.getClass().getClassLoader(); - return (SignatureCard) Proxy.newProxyInstance(loader, proxyInterfaces - .toArray(new Class[proxyInterfaces.size()]), - new ExclSignatureCardProxy(signatureCard)); - } - - public static PINMgmtSignatureCard newInstance(PINMgmtSignatureCard signatureCard) { - return null; - } - - @Override - public Object invoke(Object proxy, Method method, Object[] args) - throws Throwable { - - Card card = null; - - Method target = signatureCard.getClass().getMethod(method.getName(), - method.getParameterTypes()); - - if (target.isAnnotationPresent(Exclusive.class)) { - card = (Card) ((method.equals(init)) - ? args[0] - : signatureCard.getCard()); - } - - if (card != null) { - try { - log.trace("Invoking method " + method.getName() + "() with exclusive access."); - card.beginExclusive(); - } catch (CardException e) { - log.info("Failed to get exclusive access to signature card " - + signatureCard.toString() + "."); - throw new SignatureCardException(e); - } - } - - try { - return method.invoke(signatureCard, args); - } catch (InvocationTargetException e) { - throw e.getTargetException(); - } finally { - if (card != null) { - card.endExclusive(); - } - } - - - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/Exclusive.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/Exclusive.java deleted file mode 100644 index b796b045..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/Exclusive.java +++ /dev/null @@ -1,28 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -@Retention(RetentionPolicy.RUNTIME) -@Target(ElementType.METHOD) -public @interface Exclusive { - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/FileNotFoundException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/FileNotFoundException.java deleted file mode 100644 index f96611c2..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/FileNotFoundException.java +++ /dev/null @@ -1,38 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class FileNotFoundException extends SignatureCardException { - - private static final long serialVersionUID = 1L; - - public FileNotFoundException() { - } - - public FileNotFoundException(String message, Throwable cause) { - super(message, cause); - } - - public FileNotFoundException(String message) { - super(message); - } - - public FileNotFoundException(Throwable cause) { - super(cause); - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ITCard.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ITCard.java deleted file mode 100644 index 64389190..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ITCard.java +++ /dev/null @@ -1,298 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -package at.gv.egiz.smcc; - -import at.gv.egiz.smcc.pin.gui.PINGUI; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.smcc.util.ISO7816Utils; -import at.gv.egiz.smcc.util.SMCCHelper; - -public class ITCard extends AbstractSignatureCard { - - /** - * Logging facility. - */ - private static Log log = LogFactory.getLog(STARCOSCard.class); - - public static final byte[] MF = new byte[] { (byte) 0x3F, (byte) 0x00 }; - - public static final byte[] DF1 = new byte[] { (byte) 0x11, (byte) 0x00 }; - - public static final byte[] EF_C_Carta = new byte[] { (byte) 0x11, (byte) 0x01 }; - - private static final PINSpec SS_PIN_SPEC = - new PINSpec(5, 8, "[0-9]", - "at/gv/egiz/smcc/ITCard", "sig.pin", (byte) 0x10, - new byte[] { (byte) 0x11, (byte) 0x00 }); - - /** - * Creates a new instance. - */ - public ITCard() { - super("at/gv/egiz/smcc/ITCard"); - pinSpecs.add(SS_PIN_SPEC); - } - - @Override - @Exclusive - public byte[] getCertificate(KeyboxName keyboxName) - throws SignatureCardException, InterruptedException { - - if (keyboxName != KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - throw new IllegalArgumentException("Keybox " + keyboxName - + " not supported"); - } - - try { - CardChannel channel = getCardChannel(); - // SELECT MF - execSELECT_FID(channel, MF); - // SELECT application - execSELECT_FID(channel, DF1); - // SELECT EF_C_Carta - byte[] fcx = execSELECT_FID(channel, EF_C_Carta); - int maxsize = ISO7816Utils.getLengthFromFCx(fcx); - // READ BINARY - byte[] certificate = ISO7816Utils.readTransparentFileTLV(channel, maxsize, (byte) 0x30); - if (certificate == null) { - throw new NotActivatedException(); - } - return certificate; - } catch (FileNotFoundException e) { - throw new NotActivatedException(); - } catch (CardException e) { - log.info("Failed to get certificate.", e); - throw new SignatureCardException(e); - } - - } - - @Override - @Exclusive - public byte[] getInfobox(String infobox, PINGUI provider, String domainId) - throws SignatureCardException, InterruptedException { - - throw new IllegalArgumentException("Infobox '" + infobox - + "' not supported."); - } - - @Override - @Exclusive - public byte[] createSignature(InputStream input, KeyboxName keyboxName, - PINGUI provider, String alg) throws SignatureCardException, - InterruptedException, IOException { - - if (KeyboxName.SECURE_SIGNATURE_KEYPAIR != keyboxName) { - throw new SignatureCardException("Card does not support key " + keyboxName + "."); - } - if (!"http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg)) { - throw new SignatureCardException("Card does not support algorithm " + alg + "."); - } - - byte[] dst = new byte[] { - (byte) 0x83, // tag for algorithm reference - (byte) 0x01, // algorithm reference - (byte) 0x01 // private key reference - }; - - MessageDigest md; - try { - md = MessageDigest.getInstance("SHA-1"); - } catch (NoSuchAlgorithmException e) { - log.error("Failed to get MessageDigest.", e); - throw new SignatureCardException(e); - } - // calculate message digest - byte[] digest = new byte[md.getDigestLength()]; - for (int l; (l = input.read(digest)) != -1;) { - md.update(digest, 0, l); - } - digest = md.digest(); - - try { - - CardChannel channel = getCardChannel(); - - // SELECT MF - execSELECT_FID(channel, MF); - // VERIFY - verifyPINLoop(channel, SS_PIN_SPEC, provider); - // MANAGE SECURITY ENVIRONMENT : RESTORE SE - execMSE(channel, 0xF3, 0x03, null); - // MANAGE SECURITY ENVIRONMENT : SET DST - execMSE(channel, 0xF1, 0xB8, dst); - // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE - return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, digest); - - } catch (CardException e) { - log.warn(e); - throw new SignatureCardException("Failed to access card.", e); - } - - } - - protected void verifyPINLoop(CardChannel channel, PINSpec spec, - PINGUI provider) throws LockedException, NotActivatedException, - SignatureCardException, InterruptedException, CardException { - - int retries = -1; - do { - retries = verifyPIN(channel, spec, provider, retries); - } while (retries >= -1); - } - - protected int verifyPIN(CardChannel channel, PINSpec pinSpec, - PINGUI provider, int retries) throws SignatureCardException, - LockedException, NotActivatedException, InterruptedException, - CardException { - - VerifyAPDUSpec apduSpec = new VerifyAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x20, (byte) 0x00, pinSpec.getKID(), (byte) 0x08, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff }, - 0, VerifyAPDUSpec.PIN_FORMAT_ASCII, 8); - - ResponseAPDU resp = reader.verify(channel, apduSpec, provider, pinSpec, retries); - - if (resp.getSW() == 0x9000) { - return -2; - } - if (resp.getSW() >> 4 == 0x63c) { - return 0x0f & resp.getSW(); - } - - switch (resp.getSW()) { - case 0x6300: - // incorrect PIN, number of retries not provided - return -1; - case 0x6983: - // authentication method blocked - throw new LockedException(); - case 0x6984: - // reference data not usable - throw new NotActivatedException(); - case 0x6985: - // conditions of use not satisfied - throw new NotActivatedException(); - - default: - String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW()); - log.info(msg); - throw new SignatureCardException(msg); - } - - } - - protected byte[] execSELECT_FID(CardChannel channel, byte[] fid) - throws SignatureCardException, CardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0xA4, 0x00, 0x00, fid, 256)); - - if (resp.getSW() == 0x6A82) { - String msg = "File or application not found FID=" - + SMCCHelper.toString(fid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.info(msg); - throw new FileNotFoundException(msg); - } else if (resp.getSW() != 0x9000) { - String msg = "Failed to select application FID=" - + SMCCHelper.toString(fid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.error(msg); - throw new SignatureCardException(msg); - } else { - return resp.getBytes(); - } - - } - - protected void execMSE(CardChannel channel, int p1, int p2, byte[] data) - throws CardException, SignatureCardException { - - ResponseAPDU resp; - if (data == null) { - resp = channel.transmit(new CommandAPDU(0x00, 0x22, p1, p2)); - } else { - resp = channel.transmit(new CommandAPDU(0x00, 0x22, p1, p2, data)); - } - - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("MSE:SET failed: SW=" - + Integer.toHexString(resp.getSW())); - } - } - - protected byte[] execPSO_COMPUTE_DIGITAL_SIGNATURE(CardChannel channel, - byte[] hash) throws CardException, SignatureCardException { - - byte[] oid = new byte[] { (byte) 0x30, (byte) 0x21, (byte) 0x30, - (byte) 0x09, (byte) 0x06, (byte) 0x05, (byte) 0x2b, - (byte) 0x0e, (byte) 0x03, (byte) 0x02, (byte) 0x1a, - (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x14 }; - - ByteArrayOutputStream data = new ByteArrayOutputStream(); - - try { - // header - data.write(new byte[] { (byte) 0x00, (byte) 0x00, (byte) 0x01 }); - // padding - for (int i = 0, len = 125 - hash.length - oid.length; i < len; i++) { - data.write((byte) 0xFF); - } - data.write((byte) 0x00); - // oid - data.write(oid); - // hash - data.write(hash); - } catch (IOException e) { - throw new SignatureCardException(e); - } - - ResponseAPDU resp = channel - .transmit(new CommandAPDU(0x00, 0x2A, 0x80, 0x86, data.toByteArray(), 0x81)); - - - if (resp.getSW() == 0x6982) { - throw new SecurityStatusNotSatisfiedException(); - } else if (resp.getSW() == 0x6983) { - throw new LockedException(); - } else if (resp.getSW() != 0x9000) { - throw new SignatureCardException( - "PSO: COMPUTE DIGITAL SIGNATRE failed: SW=" - + Integer.toHexString(resp.getSW())); - } else { - return resp.getData(); - } -} - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/LockedException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/LockedException.java deleted file mode 100644 index e00322a0..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/LockedException.java +++ /dev/null @@ -1,38 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class LockedException extends SignatureCardException { - - private static final long serialVersionUID = 1L; - - public LockedException() { - } - - public LockedException(String message, Throwable cause) { - super(message, cause); - } - - public LockedException(String message) { - super(message); - } - - public LockedException(Throwable cause) { - super(cause); - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/LogCardChannel.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/LogCardChannel.java deleted file mode 100644 index 3fc80fa1..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/LogCardChannel.java +++ /dev/null @@ -1,129 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.nio.ByteBuffer; - -import javax.smartcardio.Card; -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -public class LogCardChannel extends CardChannel { - - protected static Log log = LogFactory.getLog(LogCardChannel.class); - - private CardChannel channel; - - public LogCardChannel(CardChannel channel) { - if (channel == null) { - throw new NullPointerException(); - } - this.channel = channel; - } - - @Override - public void close() throws CardException { - channel.close(); - } - - @Override - public Card getCard() { - return channel.getCard(); - } - - @Override - public int getChannelNumber() { - return channel.getChannelNumber(); - } - - @Override - public ResponseAPDU transmit(CommandAPDU command) throws CardException { - if (log.isTraceEnabled()) { - switch (command.getINS()) { - case 0x20: // VERIFY - case 0x21: // VERIFY - case 0x24: { // CHANGE REFERENCE DATA - // Don't log possibly sensitive command data - StringBuilder sb = new StringBuilder(); - sb.append(command); - sb.append('\n'); - byte[] c = new byte[4]; - c[0] = (byte) command.getCLA(); - c[1] = (byte) command.getINS(); - c[2] = (byte) command.getP1(); - c[3] = (byte) command.getP2(); - sb.append(toString(c)); - if (command.getNc() > 0) { - sb.append(':'); - sb.append(toString(new byte[] {(byte) command.getNc()})); - for (int i = 0; i < command.getNc(); i++) { - sb.append(":XX"); - } - } - if (command.getNe() > 0) { - sb.append(':'); - sb.append(toString(new byte[] {(byte) command.getNe()})); - } - log.trace(sb.toString()); - }; break; - - default: - log.trace(command + "\n" + toString(command.getBytes())); - } - long t0 = System.currentTimeMillis(); - ResponseAPDU response = channel.transmit(command); - long t1 = System.currentTimeMillis(); - log.trace(response + " [" + (t1 - t0) + "ms]\n" + toString(response.getBytes())); - return response; - } else { - return channel.transmit(command); - } - } - - @Override - public int transmit(ByteBuffer command, ByteBuffer response) throws CardException { - if (log.isTraceEnabled()) { - long t0 = System.currentTimeMillis(); - int l = channel.transmit(command, response); - long t1 = System.currentTimeMillis(); - log.trace("[" + (t1 - t0) + "ms]"); - return l; - } else { - return channel.transmit(command, response); - } - } - - private String toString(byte[] b) { - StringBuffer sb = new StringBuffer(); - if (b != null && b.length > 0) { - sb.append(Integer.toHexString((b[0] & 240) >> 4)); - sb.append(Integer.toHexString(b[0] & 15)); - } - for (int i = 1; i < b.length; i++) { - sb.append(':'); - sb.append(Integer.toHexString((b[i] & 240) >> 4)); - sb.append(Integer.toHexString(b[i] & 15)); - } - return sb.toString(); - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/NewReferenceDataAPDUSpec.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/NewReferenceDataAPDUSpec.java deleted file mode 100644 index 2eadaf26..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/NewReferenceDataAPDUSpec.java +++ /dev/null @@ -1,60 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class NewReferenceDataAPDUSpec extends VerifyAPDUSpec { - - /** - * The offset for the insertion of the new PIN. (Default: - * {@link VerifyAPDUSpec#pinLength} + 1}) - */ - protected int pinInsertionOffsetNew = 0; - - public NewReferenceDataAPDUSpec(byte[] apdu, int pinPosition, int pinFormat, int pinLength) { - super(apdu, pinPosition, pinFormat, pinLength); - } - - /** - * @param apdu - * @param pinPosition - * @param pinFormat - * @param pinLength - * @param pinLengthSize - * @param pinLengthPos - */ - public NewReferenceDataAPDUSpec(byte[] apdu, int pinPosition, - int pinFormat, int pinLength, int pinLengthSize, int pinLengthPos) { - super(apdu, pinPosition, pinFormat, pinLength, pinLengthSize, pinLengthPos); - } - - /** - * @return the pinInsertionOffsetNew - */ - public int getPinInsertionOffsetNew() { - return pinInsertionOffsetNew; - } - - /** - * @param pinInsertionOffsetNew the pinInsertionOffsetNew to set - */ - public void setPinInsertionOffsetNew(int pinInsertionOffsetNew) { - this.pinInsertionOffsetNew = pinInsertionOffsetNew; - } - - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/NotActivatedException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/NotActivatedException.java deleted file mode 100644 index 9181fc5f..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/NotActivatedException.java +++ /dev/null @@ -1,44 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -/** - * This exception is thrown upon a call to a function that - * has not been activated (e.g. not yet activated citizen card). - */ -public class NotActivatedException extends SignatureCardException { - - private static final long serialVersionUID = 1L; - - public NotActivatedException() { - super(); - } - - public NotActivatedException(String message, Throwable cause) { - super(message, cause); - } - - public NotActivatedException(String message) { - super(message); - } - - public NotActivatedException(Throwable cause) { - super(cause); - } - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINConfirmationException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINConfirmationException.java deleted file mode 100644 index 24dfa53c..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINConfirmationException.java +++ /dev/null @@ -1,26 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -/** - * TODO check whether card readers distinguish specific reason (pin too short?) - * and add getters/setters - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public class PINConfirmationException extends SignatureCardException { -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINFormatException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINFormatException.java deleted file mode 100644 index 721c63e2..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINFormatException.java +++ /dev/null @@ -1,26 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -/** - * TODO check whether card readers distinguish specific reason (pin too short?) - * and add getters/setters - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public class PINFormatException extends SignatureCardException { -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINMgmtSignatureCard.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINMgmtSignatureCard.java deleted file mode 100644 index 5091c10f..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINMgmtSignatureCard.java +++ /dev/null @@ -1,44 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import at.gv.egiz.smcc.pin.gui.ModifyPINGUI; - -import at.gv.egiz.smcc.pin.gui.PINGUI; -import java.util.List; - -public interface PINMgmtSignatureCard extends SignatureCard { - - public enum PIN_STATE {UNKNOWN, ACTIV, NOT_ACTIV, BLOCKED}; - - public List<PINSpec> getPINSpecs(); - - public PIN_STATE getPINState(PINSpec pinSpec) throws SignatureCardException; - - public void verifyPIN(PINSpec pinSpec, PINGUI pinGUI) - throws LockedException, NotActivatedException, CancelledException, SignatureCardException, InterruptedException; - - public void changePIN(PINSpec pinSpec, ModifyPINGUI changePINGUI) - throws LockedException, NotActivatedException, CancelledException, PINFormatException, SignatureCardException, InterruptedException; - - public void activatePIN(PINSpec pinSpec, ModifyPINGUI activatePINGUI) - throws CancelledException, SignatureCardException, InterruptedException; - - public void unblockPIN(PINSpec pinSpec, ModifyPINGUI pukGUI) - throws CancelledException, SignatureCardException, InterruptedException; - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINOperationAbortedException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINOperationAbortedException.java deleted file mode 100644 index 51e4904e..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINOperationAbortedException.java +++ /dev/null @@ -1,45 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -/** - * TODO check whether card readers distinguish specific reason (pin too short?) - * and add getters/setters - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public class PINOperationAbortedException extends SignatureCardException { - - private static final long serialVersionUID = 1L; - - public PINOperationAbortedException() { - super(); - } - - public PINOperationAbortedException(String message, Throwable cause) { - super(message, cause); - } - - public PINOperationAbortedException(String message) { - super(message); - } - - public PINOperationAbortedException(Throwable cause) { - super(cause); - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINSpec.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINSpec.java deleted file mode 100644 index f68edbed..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/PINSpec.java +++ /dev/null @@ -1,239 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.util.Locale; -import java.util.MissingResourceException; -import java.util.ResourceBundle; - -/** - * - * @author mcentner - */ -public class PINSpec { - - /** - * The minimum PIN length. - */ - protected int minLength = 0; - - /** - * The maximum PIN length or -1 if not specified. - */ - protected int maxLength = -1; - - /** - * The recommended PIN length or -1 if not specified. - */ - protected int recLength = -1; - - /** - * The regular expression pattern of a single PIN digit or character. - */ - protected String rexepPattern; - - /** - * The name of the corresponding resource bundle. - */ - protected String resourceBundleName; - - /** - * The key of the PIN name in the resource bundle. - */ - protected String nameKey; - - /** - * The name of the PIN. - */ - protected String name; - - /** - * The key id to be used in VERIFY or CHANGE REFERENCE DATA APDUs. - */ - protected byte kid; - - /** - * The context AID of the key id. - */ - protected byte[] context_aid; - - /** - * Creates a new instance of this PINSpec with the given lengths, regular - * expression pattern, the ResourceBundle name and key to lookup the PIN name - * and the KID and AID. - * - * @param minLenght the minimum length of the PIN - * @param maxLength the maximum length of the PIN, or -1 if there is no maximum length - * @param rexepPattern the regular expression pattern of a single PIN digit or character - * @param resourceBundleName the name of a ResourceBundle for this PIN - * @param resourceKey the key to look up the (localized) name of this PIN - * @param kid the key id of the PIN - * @param contextAID the AID the KID is valid in - */ - public PINSpec(int minLenght, int maxLength, String rexepPattern, - String resourceBundleName, String resourceKey, byte kid, byte[] contextAID) { - - this.minLength = minLenght; - this.maxLength = maxLength; - this.rexepPattern = rexepPattern; - this.resourceBundleName = resourceBundleName; - this.nameKey = resourceKey + ".name"; - this.kid = kid; - this.context_aid = contextAID; - } - - /** - * Creates a new instance of this PINSpec with the given lengths, regular - * expression pattern, the name of the PIN and the KID and AID. - * - * @param minLenght the minimum length of the PIN - * @param maxLength the maximum length of the PIN, or -1 if there is no maximum length - * @param rexepPattern the regular expression pattern of a single PIN digit or character - * @param name the name of the PIN - * @param kid the key id of the PIN - * @param contextAID the AID the KID is valid in - */ - public PINSpec(int minLenght, int maxLength, String rexepPattern, - String name, byte kid, byte[] contextAID) { - - this.minLength = minLenght; - this.maxLength = maxLength; - this.rexepPattern = rexepPattern; - this.name = name; - this.kid = kid; - this.context_aid = contextAID; - } - - /** - * This method sets the recommended PIN length. - * - * @param recLength the recommended PIN length - */ - public void setRecLength(int recLength) { - this.recLength = recLength; - } - - /** - * @return the localized (using the default locale) name of the PIN, or the - * name set by - * {@link #PINSpec(int, int, String, String, byte, byte[])}. - */ - public String getLocalizedName() { - if (name != null) { - return name; - } else if (resourceBundleName != null){ - try { - return ResourceBundle.getBundle(resourceBundleName).getString(nameKey); - } catch (MissingResourceException e) { - } - } - return nameKey; - } - - /** - * @param locale the locale for which the name should be returned - * @return the localized name of the PIN, or the name set by - * {@link #PINSpec(int, int, String, String, byte, byte[])} - */ - public String getLocalizedName(Locale locale) { - if (name != null) { - return name; - } else if (resourceBundleName != null) { - try { - return ResourceBundle.getBundle(resourceBundleName, locale).getString(nameKey); - } catch (MissingResourceException e) { - } - } - return nameKey; - } - - /** - * @return the recommended PIN length if specified and - * <code>recommended</code> is <code>true</code>, or - * <code>minLength</code>-<code>maxLength</code> - */ - public String getLocalizedLength() { - - if (recLength > 0) { - return "" + recLength; - } else if (maxLength == minLength) { - return "" + minLength; - } else if (maxLength > minLength) { - return minLength + "-" + maxLength; - } else { - return minLength + "+"; - } - - } - - /** - * @return the minimum length of the PIN - */ - public int getMinLength() { - return minLength; - } - - /** - * @return the maximum length of the PIN, or -1 if not specified. - */ - public int getMaxLength() { - return maxLength; - } - - /** - * @return the minimum length of the PIN - */ - public int getRecMinLength() { - return (recLength >= minLength) ? recLength : minLength; - } - - /** - * @return the maximum length of the PIN - */ - public int getRecMaxLength() { - return (recLength >= minLength) ? recLength : maxLength; - } - - /** - * @return the recommended length of the PIN, or -1 if not specified - */ - public int getRecLength() { - return recLength; - } - - /** - * @return the regular expression pattern of one single digit or character - */ - public String getRexepPattern() { - return rexepPattern; - } - - /** - * @return the key id of the PIN - */ - public byte getKID() { - return kid; - } - - /** - * @return the AID the KID is valid in, or <code>null</code> if KID is global - */ - public byte[] getContextAID() { - return context_aid; - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ResetRetryCounterAPDUSpec.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ResetRetryCounterAPDUSpec.java deleted file mode 100644 index 7e71eb7e..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/ResetRetryCounterAPDUSpec.java +++ /dev/null @@ -1,38 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class ResetRetryCounterAPDUSpec extends ChangeReferenceDataAPDUSpec { - - /** - * @param apdu - * @param pukPosition - * @param pukFormat - * @param pukLength - * @param pukLengthSize - * @param pukLengthPos - * @param pinInsertionOffsetNew - */ - public ResetRetryCounterAPDUSpec(byte[] apdu, int pukPosition, - int pukFormat, int pukLength, int pukLengthSize, int pukLengthPos, - int pinInsertionOffsetNew) { - super(apdu, pukPosition, pukFormat, pukLength, pukLengthSize, pukLengthPos); - this.pinInsertionOffsetNew = pinInsertionOffsetNew; - } - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java deleted file mode 100644 index b876847f..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java +++ /dev/null @@ -1,888 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -package at.gv.egiz.smcc; - -import at.gv.egiz.smcc.pin.gui.ModifyPINGUI; -import at.gv.egiz.smcc.pin.gui.PINGUI; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Arrays; -import java.util.List; - -import javax.smartcardio.Card; -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.smcc.util.ISO7816Utils; -import at.gv.egiz.smcc.util.SMCCHelper; - -public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatureCard { - - /** - * Logging facility. - */ - private static Log log = LogFactory.getLog(STARCOSCard.class); - - public static final byte[] MF = new byte[] { (byte) 0x3F, (byte) 0x00 }; - - public static final byte[] EF_VERSION = new byte[] { (byte) 0x00, (byte) 0x32 }; - - /** - * Application ID <em>SV-Personendaten</em>. - */ - public static final byte[] AID_SV_PERSONENDATEN = new byte[] { - (byte) 0xD0, (byte) 0x40, (byte) 0x00, (byte) 0x00, - (byte) 0x17, (byte) 0x01, (byte) 0x01, (byte) 0x01 - }; - - /** - * File ID <em>Grunddaten</em> ({@link #AID_SV_PERSONENDATEN}). - */ - public static final byte[] FID_GRUNDDATEN = new byte[] { - (byte) 0xEF, (byte) 0x01 - }; - - /** - * File ID <em>EHIC</em> ({@link #AID_SV_PERSONENDATEN}). - */ - public static final byte[] FID_EHIC = new byte[] { - (byte) 0xEF, (byte) 0x02 - }; - - /** - * File ID <em>Status</em> ({@link #AID_SV_PERSONENDATEN}). - */ - public static final byte[] FID_SV_PERSONENBINDUNG = new byte[] { - (byte) 0xEF, (byte) 0x03 - }; - - /** - * File ID <em>Status</em> ({@link #AID_SV_PERSONENDATEN}). - */ - public static final byte[] FID_STATUS = new byte[] { - (byte) 0xEF, (byte) 0x04 - }; - - public static final byte[] AID_INFOBOX = new byte[] { (byte) 0xd0, - (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, - (byte) 0x18, (byte) 0x01 }; - - public static final byte[] EF_INFOBOX = new byte[] { (byte) 0xef, (byte) 0x01 }; - - public static final byte[] AID_SVSIG_CERT = new byte[] { (byte) 0xd0, - (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, - (byte) 0x10, (byte) 0x01 }; - - public static final byte[] EF_SVSIG_CERT_CA = new byte[] { (byte) 0x2f, - (byte) 0x01 }; - - public static final byte[] EF_SVSIG_CERT = new byte[] { (byte) 0x2f, - (byte) 0x02 }; - - // Sichere Signatur (SS) - - public static final byte[] AID_DF_SS = new byte[] { (byte) 0xd0, (byte) 0x40, - (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x12, - (byte) 0x01 }; - - public static final byte[] EF_C_X509_CH_DS = new byte[] { (byte) 0xc0, - (byte) 0x00 }; - - public static final byte[] EF_C_X509_CA_CS_DS = new byte[] { (byte) 0xc6, - (byte) 0x08 }; - - public static final byte KID_PIN_SS = (byte) 0x81; - - // Gewöhnliche Signatur (GS) - - public static final byte[] AID_DF_GS = new byte[] { (byte) 0xd0, (byte) 0x40, - (byte) 0x00, (byte) 0x00, (byte) 0x17, (byte) 0x00, (byte) 0x13, - (byte) 0x01 }; - - public static final byte[] EF_C_X509_CH_AUT = new byte[] { (byte) 0x2f, - (byte) 0x01 }; - - public static final byte[] EF_C_X509_CA_CS = new byte[] { (byte) 0x2f, - (byte) 0x02 }; - - public static final byte KID_PIN_CARD = (byte) 0x01; - - private static final PINSpec CARD_PIN_SPEC = - new PINSpec(4, 12, "[0-9]", - "at/gv/egiz/smcc/STARCOSCard", "card.pin", KID_PIN_CARD, null); - - private static final PINSpec SS_PIN_SPEC = - new PINSpec(6, 12, "[0-9]", - "at/gv/egiz/smcc/STARCOSCard", "sig.pin", KID_PIN_SS, AID_DF_SS); - - static { - if (SignatureCardFactory.ENFORCE_RECOMMENDED_PIN_LENGTH) { - CARD_PIN_SPEC.setRecLength(4); - SS_PIN_SPEC.setRecLength(6); - } - } - - protected double version = 1.1; - - /** - * Creates a new instance. - */ - public STARCOSCard() { - super("at/gv/egiz/smcc/STARCOSCard"); - pinSpecs.add(CARD_PIN_SPEC); - pinSpecs.add(SS_PIN_SPEC); - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.AbstractSignatureCard#init(javax.smartcardio.Card, javax.smartcardio.CardTerminal) - */ - @Override - public void init(Card card, CardTerminal cardTerminal) { - super.init(card, cardTerminal); - - // determine application version - CardChannel channel = getCardChannel(); - try { - // SELECT MF - execSELECT_MF(channel); - // SELECT EF_VERSION - execSELECT_FID(channel, EF_VERSION); - // READ BINARY - byte[] ver = ISO7816Utils.readRecord(channel, 1); - if (ver[0] == (byte) 0xa5 && ver[2] == (byte) 0x53) { - version = (0x0F & ver[4]) + (0xF0 & ver[5])/160.0 + (0x0F & ver[5])/100.0; - String generation = (version < 1.2) ? "<= G2" : "G3"; - log.info("e-card version=" + version + " (" + generation + ")"); - } - } catch (CardException e) { - log.warn(e); - } catch (SignatureCardException e) { - log.warn(e); - } - - } - - @Override - @Exclusive - public byte[] getCertificate(KeyboxName keyboxName) - throws SignatureCardException, InterruptedException { - - byte[] aid; - byte[] fid; - if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - aid = AID_DF_SS; - fid = EF_C_X509_CH_DS; - } else if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { - aid = AID_DF_GS; - fid = EF_C_X509_CH_AUT; - } else { - throw new IllegalArgumentException("Keybox " + keyboxName - + " not supported."); - } - - try { - CardChannel channel = getCardChannel(); - // SELECT application - execSELECT_AID(channel, aid); - // SELECT file - execSELECT_FID(channel, fid); - // READ BINARY - byte[] certificate = ISO7816Utils.readTransparentFileTLV(channel, -1, (byte) 0x30); - if (certificate == null) { - throw new NotActivatedException(); - } - return certificate; - } catch (FileNotFoundException e) { - throw new NotActivatedException(); - } catch (CardException e) { - log.info("Failed to get certificate.", e); - throw new SignatureCardException(e); - } - - } - - @Override - @Exclusive - public byte[] getInfobox(String infobox, PINGUI pinGUI, String domainId) - throws SignatureCardException, InterruptedException { - - try { - if ("IdentityLink".equals(infobox)) { - - PINSpec spec = CARD_PIN_SPEC; - - CardChannel channel = getCardChannel(); - // SELECT application - execSELECT_AID(channel, AID_INFOBOX); - // SELECT file - execSELECT_FID(channel, EF_INFOBOX); - - while (true) { - try { - return ISO7816Utils.readTransparentFileTLV(channel, -1, (byte) 0x30); - } catch (SecurityStatusNotSatisfiedException e) { - verifyPINLoop(channel, spec, pinGUI); - } - } - - } else if ("Status".equals(infobox)) { - - CardChannel channel = getCardChannel(); - // SELECT application - execSELECT_AID(channel, AID_SV_PERSONENDATEN); - // SELECT file - execSELECT_FID(channel, FID_STATUS); - // READ RECORDS - ByteArrayOutputStream bytes = new ByteArrayOutputStream(); - try { - for (int record = 1; record <= 5; record++) { - byte[] rb = ISO7816Utils.readRecord(channel, record); - bytes.write(rb); - } - } catch (IOException e) { - throw new SignatureCardException("Failed to read infobox '" + infobox - + "'.", e); - } - return bytes.toByteArray(); - - } else { - - byte[] fid; - - if ("EHIC".equals(infobox)) { - fid = FID_EHIC; - } else if ("Grunddaten".equals(infobox)) { - fid = FID_GRUNDDATEN; - } else if ("SV-Personenbindung".equals(infobox)) { - fid = FID_SV_PERSONENBINDUNG; - } else { - throw new IllegalArgumentException("Infobox '" + infobox - + "' not supported."); - } - - CardChannel channel = getCardChannel(); - // SELECT application - execSELECT_AID(channel, AID_SV_PERSONENDATEN); - // SELECT file - execSELECT_FID(channel, fid); - // READ BINARY - return ISO7816Utils.readTransparentFileTLV(channel, -1, (byte) 0x30); - - } - - } catch (CardException e) { - log.warn(e); - throw new SignatureCardException("Failed to access card.", e); - } - } - - @Override - @Exclusive - public byte[] createSignature(InputStream input, KeyboxName keyboxName, - PINGUI provider, String alg) throws SignatureCardException, InterruptedException, IOException { - - ByteArrayOutputStream dst = new ByteArrayOutputStream(); - byte[] ht = null; - - MessageDigest md = null; - try { - if (alg == null || "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1".equals(alg)) { - // local key ID '02' version '00' - dst.write(new byte[] {(byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x02, (byte) 0x00}); - if (version < 1.2) { - // algorithm ID ECDSA with SHA-1 - dst.write(new byte[] {(byte) 0x89, (byte) 0x03, (byte) 0x13, (byte) 0x35, (byte) 0x10}); - } else { - // portable algorithm reference - dst.write(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x04}); - // hash template - ht = new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x10}; - } - md = MessageDigest.getInstance("SHA-1"); - } else if (version >= 1.2 && "http://www.w3.org/2000/09/xmldsig#rsa-sha1".equals(alg)) { - // local key ID '03' version '00' - dst.write(new byte[] {(byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x03, (byte) 0x00}); - // portable algorithm reference - dst.write(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x02}); - // hash template - ht = new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x10}; - md = MessageDigest.getInstance("SHA-1"); - } else if (version >= 1.2 && "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256".equals(alg)) { - // local key ID '02' version '00' - dst.write(new byte[] {(byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x02, (byte) 0x00}); - // portable algorithm reference - dst.write(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x04}); - // hash template - ht = new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x40}; - md = MessageDigest.getInstance("SHA256"); - } else if (version >= 1.2 && "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256".equals(alg)) { - // local key ID '03' version '00' - dst.write(new byte[] {(byte) 0x84, (byte) 0x03, (byte) 0x80, (byte) 0x03, (byte) 0x00}); - // portable algorithm reference - dst.write(new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x02}); - // hash template - ht = new byte[] {(byte) 0x80, (byte) 0x01, (byte) 0x40}; - md = MessageDigest.getInstance("SHA256"); - } else { - throw new SignatureCardException("e-card version " + version + " does not support signature algorithm " + alg + "."); - } - } catch (NoSuchAlgorithmException e) { - log.error("Failed to get MessageDigest.", e); - throw new SignatureCardException(e); - } - - // calculate message digest - byte[] digest = new byte[md.getDigestLength()]; - for (int l; (l = input.read(digest)) != -1;) { - md.update(digest, 0, l); - } - digest = md.digest(); - - try { - - CardChannel channel = getCardChannel(); - - if (KeyboxName.SECURE_SIGNATURE_KEYPAIR.equals(keyboxName)) { - - PINSpec spec = SS_PIN_SPEC; - - // SELECT MF - execSELECT_MF(channel); - // SELECT application - execSELECT_AID(channel, AID_DF_SS); - // VERIFY - verifyPINLoop(channel, spec, provider); - // MANAGE SECURITY ENVIRONMENT : SET DST - execMSE(channel, 0x41, 0xb6, dst.toByteArray()); - if (version < 1.2) { - // PERFORM SECURITY OPERATION : HASH - execPSO_HASH(channel, digest); - // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE - return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, null); - } else { - if (ht != null) { - // PERFORM SECURITY OPERATION : SET HT - execMSE(channel, 0x41, 0xaa, ht); - } - // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE - return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, digest); - } - - - } else if (KeyboxName.CERITIFIED_KEYPAIR.equals(keyboxName)) { - - PINSpec spec = CARD_PIN_SPEC; - - // SELECT application - execSELECT_AID(channel, AID_DF_GS); - // MANAGE SECURITY ENVIRONMENT : SET DST - execMSE(channel, 0x41, 0xb6, dst.toByteArray()); - if (version >= 1.2 && ht != null) { - // PERFORM SECURITY OPERATION : SET HT - execMSE(channel, 0x41, 0xaa, ht); - } - // PERFORM SECURITY OPERATION : HASH - execPSO_HASH(channel, digest); - while (true) { - try { - // PERFORM SECURITY OPERATION : COMPUTE DIGITAL SIGNATURE - return execPSO_COMPUTE_DIGITAL_SIGNATURE(channel, null); - } catch (SecurityStatusNotSatisfiedException e) { - verifyPINLoop(channel, spec, provider); - } - } - - } else { - throw new IllegalArgumentException("KeyboxName '" + keyboxName - + "' not supported."); - } - - } catch (CardException e) { - log.warn(e); - throw new SignatureCardException("Failed to access card.", e); - } - - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.AbstractSignatureCard#verifyPIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.PINProvider) - */ - @Override - @Exclusive - public void verifyPIN(PINSpec pinSpec, PINGUI pinProvider) - throws LockedException, NotActivatedException, CancelledException, - TimeoutException, SignatureCardException, InterruptedException { - - CardChannel channel = getCardChannel(); - - try { - if (pinSpec.getContextAID() != null) { - // SELECT application - execSELECT_AID(channel, pinSpec.getContextAID()); - } - verifyPINLoop(channel, pinSpec, pinProvider); - } catch (CardException e) { - log.info("Failed to verify PIN.", e); - throw new SignatureCardException("Failed to verify PIN.", e); - } - - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.AbstractSignatureCard#changePIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.ChangePINProvider) - */ - @Override - @Exclusive - public void changePIN(PINSpec pinSpec, ModifyPINGUI pinGUI) - throws LockedException, NotActivatedException, CancelledException, - TimeoutException, SignatureCardException, InterruptedException { - - CardChannel channel = getCardChannel(); - - try { - if (pinSpec.getContextAID() != null) { - // SELECT application - execSELECT_AID(channel, pinSpec.getContextAID()); - } - changePINLoop(channel, pinSpec, pinGUI); - } catch (CardException e) { - log.info("Failed to change PIN.", e); - throw new SignatureCardException("Failed to change PIN.", e); - } - - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.AbstractSignatureCard#activatePIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.PINProvider) - */ - @Override - @Exclusive - public void activatePIN(PINSpec pinSpec, ModifyPINGUI activatePINGUI) - throws CancelledException, SignatureCardException, CancelledException, - TimeoutException, InterruptedException { - - CardChannel channel = getCardChannel(); - - try { - if (pinSpec.getContextAID() != null) { - // SELECT application - execSELECT_AID(channel, pinSpec.getContextAID()); - } - activatePIN(channel, pinSpec, activatePINGUI); - } catch (CardException e) { - log.info("Failed to activate PIN.", e); - throw new SignatureCardException("Failed to activate PIN.", e); - } - - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.PINMgmtSignatureCard#unblockPIN(at.gv.egiz.smcc.PINSpec, at.gv.egiz.smcc.PINProvider) - */ - @Override - public void unblockPIN(PINSpec pinSpec, ModifyPINGUI pukProvider) - throws CancelledException, SignatureCardException, InterruptedException { - CardChannel channel = getCardChannel(); - - try { - unblockPINLoop(channel, pinSpec, pukProvider); - } catch (CardException e) { - log.info("Failed to activate PIN.", e); - throw new SignatureCardException("Failed to activate PIN.", e); - } - } - - @Override - public void reset() throws SignatureCardException { - try { - super.reset(); - log.debug("select MF (e-card workaround)"); - CardChannel channel = getCardChannel(); - ResponseAPDU resp = channel.transmit(new CommandAPDU(0x00, 0xA4, 0x00, 0x0C)); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("Failed to select MF after RESET: SW=" + Integer.toHexString(resp.getSW()) + "."); - } - } catch (CardException ex) { - log.error("Failed to select MF after RESET: " + ex.getMessage(), ex); - throw new SignatureCardException("Failed to select MF after RESET"); - } - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.PINMgmtSignatureCard#getPINSpecs() - */ - @Override - public List<PINSpec> getPINSpecs() { - return Arrays.asList(new PINSpec[] {CARD_PIN_SPEC, SS_PIN_SPEC}); - } - - /* (non-Javadoc) - * @see at.gv.egiz.smcc.PINMgmtSignatureCard#getPINStatus(at.gv.egiz.smcc.PINSpec) - */ - @Override - public PIN_STATE getPINState(PINSpec pinSpec) throws SignatureCardException { - - CardChannel channel = getCardChannel(); - - try { - if (pinSpec.getContextAID() != null) { - // SELECT AID - execSELECT_AID(channel, pinSpec.getContextAID()); - } - verifyPIN(channel, pinSpec, null, 0); - return PIN_STATE.ACTIV; - } catch (InterruptedException e) { - return PIN_STATE.UNKNOWN; - } catch (LockedException e) { - return PIN_STATE.BLOCKED; - } catch (NotActivatedException e) { - return PIN_STATE.NOT_ACTIV; - } catch (CardException e) { - log.error("Failed to get PIN status.", e); - throw new SignatureCardException("Failed to get PIN status.", e); - } - - } - - public String toString() { - return "e-card"; - } - - //////////////////////////////////////////////////////////////////////// - // PROTECTED METHODS (assume exclusive card access) - //////////////////////////////////////////////////////////////////////// - - protected void verifyPINLoop(CardChannel channel, PINSpec spec, PINGUI provider) - throws LockedException, NotActivatedException, SignatureCardException, - InterruptedException, CardException { - - int retries = verifyPIN(channel, spec, null, -1); - do { - retries = verifyPIN(channel, spec, provider, retries); - } while (retries > 0); - } - - protected void changePINLoop(CardChannel channel, PINSpec spec, ModifyPINGUI provider) - throws LockedException, NotActivatedException, SignatureCardException, - InterruptedException, CardException { - - int retries = verifyPIN(channel, spec, null, -1); - do { - retries = changePIN(channel, spec, provider, retries); - } while (retries > 0); - } - - protected void unblockPINLoop(CardChannel channel, PINSpec spec, ModifyPINGUI provider) - throws LockedException, NotActivatedException, SignatureCardException, - InterruptedException, CardException { - - //TODO get PUK retry counter from EF FID 0036 in MF - int retries = -1; - do { - retries = unblockPIN(channel, spec, provider, retries); - } while (retries > 0); - } - - protected int verifyPIN(CardChannel channel, PINSpec pinSpec, - PINGUI provider, int retries) throws SignatureCardException, - LockedException, NotActivatedException, InterruptedException, - CardException { - - VerifyAPDUSpec apduSpec = new VerifyAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x20, (byte) 0x00, pinSpec.getKID(), (byte) 0x08, - (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff }, - 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4); - - ResponseAPDU resp; - if (provider != null) { - resp = reader.verify(channel, apduSpec, provider, pinSpec, retries); - } else { - resp = channel.transmit(new CommandAPDU(0x00, 0x20, 0x00, pinSpec.getKID())); - } - - - if (resp.getSW() == 0x9000) { - return -1; - } else if (resp.getSW() == 0x6983 || resp.getSW() == 0x63c0) { - // authentication method blocked (0x63c0 returned by 'short' VERIFY) - throw new LockedException(); - } else if (resp.getSW() == 0x6984 || resp.getSW() == 0x6985) { - // reference data not usable; conditions of use not satisfied - throw new NotActivatedException(); - } else if (resp.getSW() >> 4 == 0x63c) { - return 0x0f & resp.getSW(); - } else if (version >= 1.2 && resp.getSW() == 0x6400) { - String msg = "VERIFY failed, card not activated. SW=0x6400"; - log.error(msg); - throw new SignatureCardException(msg); - } else { - String msg = "VERIFY failed. SW=" + Integer.toHexString(resp.getSW()); - log.error(msg); - throw new SignatureCardException(msg); - } - } - - protected int changePIN(CardChannel channel, PINSpec pinSpec, - ModifyPINGUI pinProvider, int retries) throws CancelledException, - InterruptedException, CardException, SignatureCardException { - - ChangeReferenceDataAPDUSpec apduSpec = new ChangeReferenceDataAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x24, (byte) 0x00, pinSpec.getKID(), (byte) 0x10, - (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff }, - 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4, 8); - - ResponseAPDU resp = reader.modify(channel, apduSpec, pinProvider, pinSpec, retries); - - if (resp.getSW() == 0x9000) { - return -1; - } else if (resp.getSW() == 0x6983) { - // authentication method blocked - throw new LockedException(); - } else if (resp.getSW() == 0x6984) { - throw new NotActivatedException(); - } else if (resp.getSW() >> 4 == 0x63c) { - return 0x0f & resp.getSW(); - } else { - String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW()); - log.error(msg); - throw new SignatureCardException(msg); - } - } - - protected int activatePIN(CardChannel channel, PINSpec pinSpec, - ModifyPINGUI provider) throws SignatureCardException, - InterruptedException, CardException { - - ResponseAPDU resp; - if (version < 1.2) { - NewReferenceDataAPDUSpec apduSpec = new NewReferenceDataAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x24, (byte) 0x01, pinSpec.getKID(), (byte) 0x08, - (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff }, - 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4); - - resp = reader.modify(channel, apduSpec, provider, pinSpec); - } else { - NewReferenceDataAPDUSpec apduSpec = new NewReferenceDataAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x24, (byte) 0x00, pinSpec.getKID(), (byte) 0x10, - (byte) 0x26, (byte) 0x12, (byte) 0x34, (byte) 0x56, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff }, - 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4); - apduSpec.setPinInsertionOffsetNew(8); - resp = reader.modify(channel, apduSpec, provider, pinSpec); - } - - if (resp.getSW() == 0x9000) { - return -1; - } else { - String msg = "CHANGE REFERENCE DATA failed. SW=" + Integer.toHexString(resp.getSW()); - log.error(msg); - throw new SignatureCardException(msg); - } - } - - protected int unblockPIN(CardChannel channel, PINSpec pinSpec, - ModifyPINGUI provider, int retries) throws SignatureCardException, - InterruptedException, CardException { - - if (version < 1.2) { - // would return 0x6982 (Security status not satisfied) - throw new SignatureCardException("RESET RETRY COUNTER is not supported by this card."); - } - - ResetRetryCounterAPDUSpec apduSpec = new ResetRetryCounterAPDUSpec( - new byte[] { - (byte) 0x00, (byte) 0x2c, (byte) 0x00, pinSpec.getKID(), (byte) 0x10, - (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0x20, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff }, - 1, VerifyAPDUSpec.PIN_FORMAT_BCD, 7, 4, 4, 8); - - ResponseAPDU resp = reader.modify(channel, apduSpec, provider, pinSpec, retries); - - if (resp.getSW() == 0x9000) { - return -1; - } else if (resp.getSW() == 0x6983) { - // PUK blocked - throw new LockedException(); - } else if (resp.getSW() == 0x6984) { - throw new NotActivatedException(); - } else if (resp.getSW() >> 4 == 0x63c) { - return 0x0f & resp.getSW(); - } else { - String msg = "RESET RETRY COUNTER failed. SW=" + Integer.toHexString(resp.getSW()); - log.error(msg); - throw new SignatureCardException(msg); - } - } - - protected void execSELECT_MF(CardChannel channel) throws CardException, SignatureCardException { - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0xA4, 0x00, 0x0C)); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("Failed to select MF: SW=" - + Integer.toHexString(resp.getSW()) + "."); - } - } - - protected byte[] execSELECT_AID(CardChannel channel, byte[] aid) - throws SignatureCardException, CardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0xA4, 0x04, 0x00, aid, 256)); - - if (resp.getSW() == 0x6A82) { - String msg = "File or application not found AID=" - + SMCCHelper.toString(aid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.info(msg); - throw new FileNotFoundException(msg); - } else if (resp.getSW() != 0x9000) { - String msg = "Failed to select application AID=" - + SMCCHelper.toString(aid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.info(msg); - throw new SignatureCardException(msg); - } else { - return resp.getBytes(); - } - - } - - protected byte[] execSELECT_FID(CardChannel channel, byte[] fid) - throws SignatureCardException, CardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0xA4, 0x02, 0x04, fid, 256)); - - if (resp.getSW() == 0x6A82) { - String msg = "File or application not found FID=" - + SMCCHelper.toString(fid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.info(msg); - throw new FileNotFoundException(msg); - } else if (resp.getSW() != 0x9000) { - String msg = "Failed to select application FID=" - + SMCCHelper.toString(fid) + " SW=" - + Integer.toHexString(resp.getSW()) + "."; - log.error(msg); - throw new SignatureCardException(msg); - } else { - return resp.getBytes(); - } - - } - - protected void execMSE(CardChannel channel, int p1, int p2, byte[] data) - throws CardException, SignatureCardException { - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0x22, p1, p2, data)); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("MSE:SET failed: SW=" - + Integer.toHexString(resp.getSW())); - } - } - - protected void execPSO_HASH(CardChannel channel, byte[] hash) throws CardException, SignatureCardException { - byte[] data = new byte[hash.length + 2]; - data[0] = (byte) 0x90; // tag - data[1] = (byte) (hash.length); // length - System.arraycopy(hash, 0, data, 2, hash.length); - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0x2A, 0x90, 0xA0, data)); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("PSO:HASH failed: SW=" - + Integer.toHexString(resp.getSW())); - } - } - - protected void execPSO_HASH(CardChannel channel, InputStream input) - throws SignatureCardException, CardException { - ResponseAPDU resp; - int blockSize = 64; - byte[] b = new byte[blockSize]; - try { - ByteArrayOutputStream data = new ByteArrayOutputStream(); - // initialize - data.write((byte) 0x90); - data.write((byte) 0x00); - resp = channel.transmit( - new CommandAPDU(0x10, 0x2A, 0x90, 0xA0, data.toByteArray())); - data.reset(); - for (int l; (l = input.read(b)) != -1;) { - data.write((byte) 0x80); - data.write(l); - data.write(b, 0, l); - resp = channel.transmit( - new CommandAPDU((l == blockSize) ? 0x10 : 0x00, 0x2A, 0x90, 0xA0, data.toByteArray())); - if (resp.getSW() != 0x9000) { - throw new SignatureCardException("PSO:HASH failed: SW=" - + Integer.toHexString(resp.getSW())); - } - data.reset(); - } - } catch (IOException e) { - throw new SignatureCardException(e); - } - - } - - protected byte[] execPSO_COMPUTE_DIGITAL_SIGNATURE(CardChannel channel, byte[] hash) - throws CardException, SignatureCardException { - ResponseAPDU resp; - if (hash != null) { - resp = channel.transmit( - new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, hash, 256)); - } else { - resp = channel.transmit( - new CommandAPDU(0x00, 0x2A, 0x9E, 0x9A, 256)); - } - if (resp.getSW() == 0x6982) { - throw new SecurityStatusNotSatisfiedException(); - } else if (resp.getSW() == 0x6983) { - throw new LockedException(); - } else if (resp.getSW() != 0x9000) { - throw new SignatureCardException( - "PSO: COMPUTE DIGITAL SIGNATRE failed: SW=" - + Integer.toHexString(resp.getSW())); - } else { - return resp.getData(); - } - } -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java deleted file mode 100644 index 73c7faa8..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SWCard.java +++ /dev/null @@ -1,396 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -import java.io.ByteArrayOutputStream; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.nio.charset.Charset; -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.Signature; -import java.security.SignatureException; -import java.security.UnrecoverableKeyException; -import java.security.cert.Certificate; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.util.Enumeration; -import java.util.Locale; - -import javax.smartcardio.Card; -import javax.smartcardio.CardTerminal; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.smcc.pin.gui.PINGUI; - -/** - * - * @author mcentner - */ -public class SWCard implements SignatureCard { - - private static final String BKU_USER_DIR = ".mocca"; - - private static final String SWCARD_DIR = "smcc"; - - private static final String KEYSTORE_CERTIFIED_KEYPAIR = "certified.p12"; - - private static final String KEYSTORE_PASSWORD_CERTIFIED_KEYPAIR = "certified.pwd"; - - private static final String CERTIFICATE_CERTIFIED_KEYPAIR = "certified.cer"; - - private static final String KEYSTORE_SECURE_KEYPAIR = "secure.p12"; - - private static final String KEYSTORE_PASSWORD_SECURE_KEYPAIR = "secure.pwd"; - - private static final String CERTIFICATE_SECURE_KEYPAIR = "secure.cer"; - - private static String swCardDir; - - private static Log log = LogFactory.getLog(SWCard.class); - - private KeyStore certifiedKeyStore; - - private char[] certifiedKeyStorePassword; - - private KeyStore secureKeyStore; - - private char[] secureKeyStorePassword; - - private Certificate certifiedCertificate; - - private Certificate secureCertificate; - - static { - String userHome = System.getProperty("user.home"); - String fs = System.getProperty("file.separator"); - swCardDir = userHome + fs + BKU_USER_DIR + fs + SWCARD_DIR; - } - - /** - * @return the swCardDir - */ - public static String getSwCardDir() { - return swCardDir; - } - - /** - * @param swCardDir the swCardDir to set - */ - public static void setSwCardDir(String swCardDir) { - SWCard.swCardDir = swCardDir; - } - - public void init(Card card, CardTerminal cardTerminal) { - } - - @Override - public Card getCard() { - return null; - } - - private String getFileName(String fileName) { - String fs = System.getProperty("file.separator"); - return swCardDir + fs + fileName; - } - - private Certificate loadCertificate(String certificateFileName) throws SignatureCardException { - - final String certificateType = "x509"; - CertificateFactory factory; - try { - factory = CertificateFactory.getInstance(certificateType); - } catch (CertificateException e) { - String msg = "Failed to get CertificateFactory instance for type '" + certificateType + "'."; - log.error(msg, e); - throw new SignatureCardException(msg, e); - } - - // try to load Certificate file - String fileName = getFileName(certificateFileName); - log.info("Trying to load Certificate from file '" + fileName + "'."); - - FileInputStream certificateFile; - try { - certificateFile = new FileInputStream(fileName); - } catch (FileNotFoundException e) { - String msg = "Certificate file '" + fileName + "' not found."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } - - Certificate certificate; - try { - certificate = factory.generateCertificate(certificateFile); - } catch (CertificateException e) { - String msg = "Failed to load Certificate from file '" + fileName + "'."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } - - return certificate; - - } - - private KeyStore loadKeyStore(String keyStoreFileName, char[] password) throws SignatureCardException { - - final String keyStoreType = "pkcs12"; - KeyStore keyStore; - try { - keyStore = KeyStore.getInstance(keyStoreType); - } catch (KeyStoreException e) { - String msg = "Failed to get KeyStore instance for KeyStore type '" + keyStoreType + "'."; - log.error(msg, e); - throw new SignatureCardException(msg, e); - } - - // try to load KeyStore file - String fileName = getFileName(keyStoreFileName); - log.info("Trying to load KeyStore from file '" + fileName + "'."); - - FileInputStream keyStoreFile; - try { - keyStoreFile = new FileInputStream(fileName); - } catch (FileNotFoundException e) { - String msg = "KeyStore file '"+ fileName + "' not found."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } - - try { - keyStore.load(keyStoreFile, password); - } catch (Exception e) { - String msg = "Failed to load KeyStore from file '" + fileName + "'."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } - - return keyStore; - - } - - private char[] loadKeyStorePassword(String passwordFileName) throws SignatureCardException { - - String fileName = getFileName(passwordFileName); - FileInputStream keyStorePasswordFile; - try { - keyStorePasswordFile = new FileInputStream(fileName); - } catch (FileNotFoundException e) { - return null; - } - - try { - InputStreamReader reader = new InputStreamReader(keyStorePasswordFile, Charset.forName("UTF-8")); - StringBuilder sb = new StringBuilder(); - char b[] = new char[16]; - for (int l; (l = reader.read(b)) != -1;) { - sb.append(b, 0, l); - } - return sb.toString().toCharArray(); - } catch (IOException e) { - throw new SignatureCardException("Failed to read file '" + passwordFileName + "'."); - } - - } - - private KeyStore getKeyStore(KeyboxName keyboxName, char[] password) throws SignatureCardException { - - if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { - if (certifiedKeyStore == null) { - certifiedKeyStore = loadKeyStore(KEYSTORE_CERTIFIED_KEYPAIR, password); - } - return certifiedKeyStore; - } else if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - if (secureKeyStore == null) { - secureKeyStore = loadKeyStore(KEYSTORE_SECURE_KEYPAIR, password); - } - return secureKeyStore; - } else { - throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported."); - } - - } - - private char[] getPassword(KeyboxName keyboxName) throws SignatureCardException { - - if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { - if (certifiedKeyStorePassword == null) { - certifiedKeyStorePassword = loadKeyStorePassword(KEYSTORE_PASSWORD_CERTIFIED_KEYPAIR); - } - return certifiedKeyStorePassword; - } else if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - if (secureKeyStorePassword == null) { - secureKeyStorePassword = loadKeyStorePassword(KEYSTORE_PASSWORD_SECURE_KEYPAIR); - } - return secureKeyStorePassword; - } else { - throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported."); - } - - } - - public byte[] getCertificate(KeyboxName keyboxName) - throws SignatureCardException { - - try { - if (keyboxName == KeyboxName.CERITIFIED_KEYPAIR) { - if (certifiedCertificate == null) { - certifiedCertificate = loadCertificate(CERTIFICATE_CERTIFIED_KEYPAIR); - } - return certifiedCertificate.getEncoded(); - } else if (keyboxName == KeyboxName.SECURE_SIGNATURE_KEYPAIR) { - if (secureCertificate == null) { - secureCertificate = loadCertificate(CERTIFICATE_SECURE_KEYPAIR); - } - return secureCertificate.getEncoded(); - } else { - throw new SignatureCardException("Keybox of type '" + keyboxName + "' not supported."); - } - } catch (CertificateEncodingException e) { - throw new SignatureCardException("Failed to get encoded Certificate.", e); - } - - - } - - public byte[] getInfobox(String infobox, PINGUI provider, String domainId) throws SignatureCardException { - - String fileName = getFileName(infobox + ".ibx"); - FileInputStream file; - try { - file = new FileInputStream(fileName); - } catch (FileNotFoundException e) { - String msg = "Infobox '" + infobox + "' not found."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } - ByteArrayOutputStream bytes = new ByteArrayOutputStream(); - try { - byte[] b = new byte[512]; - for(int l; (l = file.read(b)) != -1;) { - bytes.write(b, 0, l); - } - file.close(); - } catch (IOException e) { - String msg = "Failed to read infobox '" + infobox + "'."; - log.error(msg, e); - throw new SignatureCardException(msg, e); - } - - return bytes.toByteArray(); - - } - - @Override - public byte[] createSignature(InputStream input, KeyboxName keyboxName, PINGUI provider, String alg) throws SignatureCardException, InterruptedException, IOException { - - // KeyStore password - char[] password = getPassword(keyboxName); - - if (password == null) { - - PINSpec pinSpec = new PINSpec(0, -1, ".", "KeyStore-Password", (byte) 0x01, null); - - password = provider.providePIN(pinSpec, -1); - - if (password == null) { - return null; - } - - } - - KeyStore keyStore = getKeyStore(keyboxName, password); - - PrivateKey privateKey = null; - - try { - for (Enumeration<String> aliases = keyStore.aliases(); aliases - .hasMoreElements() && privateKey == null;) { - String alias = aliases.nextElement(); - log.debug("Found alias '" + alias + "' in keystore"); - if (keyStore.isKeyEntry(alias)) { - Key key = null; - while (key == null) { - try { - key = keyStore.getKey(alias, password); - } catch (UnrecoverableKeyException e) { - log.info("Failed to get Key from KeyStore. Wrong password?", e); - } - } - privateKey = (PrivateKey) key; - } - } - } catch (Exception e) { - String msg = "Failed to get certificate from KeyStore."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } - - if (privateKey == null) { - String msg = "No private key found in KeyStore."; - log.info(msg); - throw new SignatureCardException(msg); - } - - String algorithm = privateKey.getAlgorithm(); - algorithm = "SHA1with" + algorithm; - try { - Signature signature = Signature.getInstance(algorithm); - signature.initSign(privateKey); - int l; - for (byte[] b = new byte[20]; (l = input.read(b)) != -1;) { - signature.update(b, 0, l); - } - return signature.sign(); - } catch (NoSuchAlgorithmException e) { - String msg = "Algorithm + '" + algorithm + "' not supported for signing."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } catch (SignatureException e) { - String msg = "Signing faild."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } catch (InvalidKeyException e) { - String msg = "Key not valid for algorithm + '" + algorithm + "'."; - log.info(msg, e); - throw new SignatureCardException(msg, e); - } - - } - - @Override - public void setLocale(Locale locale) { - } - - @Override - public void disconnect(boolean reset) { - } - - @Override - public void reset() throws SignatureCardException { - } -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java deleted file mode 100644 index bf0af76c..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SecurityStatusNotSatisfiedException.java +++ /dev/null @@ -1,38 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class SecurityStatusNotSatisfiedException extends SignatureCardException { - - private static final long serialVersionUID = 1L; - - public SecurityStatusNotSatisfiedException() { - } - - public SecurityStatusNotSatisfiedException(String message, Throwable cause) { - super(message, cause); - } - - public SecurityStatusNotSatisfiedException(String message) { - super(message); - } - - public SecurityStatusNotSatisfiedException(Throwable cause) { - super(cause); - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java deleted file mode 100644 index fa589b84..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCard.java +++ /dev/null @@ -1,125 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -package at.gv.egiz.smcc; - -import at.gv.egiz.smcc.pin.gui.PINGUI; -import java.io.IOException; -import java.io.InputStream; -import java.util.Locale; - -import javax.smartcardio.Card; -import javax.smartcardio.CardTerminal; - -public interface SignatureCard { - - public static class KeyboxName { - - public static KeyboxName SECURE_SIGNATURE_KEYPAIR = new KeyboxName( - "SecureSignatureKeypair"); - public static KeyboxName CERITIFIED_KEYPAIR = new KeyboxName( - "CertifiedKeypair"); - - private String keyboxName_; - - private KeyboxName(String keyboxName_) { - this.keyboxName_ = keyboxName_; - } - - public static KeyboxName getKeyboxName(String keyBox) { - if (SECURE_SIGNATURE_KEYPAIR.equals(keyBox)) { - return SECURE_SIGNATURE_KEYPAIR; - } else if (CERITIFIED_KEYPAIR.equals(keyBox)) { - return CERITIFIED_KEYPAIR; - } else { - return new KeyboxName(keyBox); - } - } - - @Override - public boolean equals(Object obj) { - if (obj instanceof String) { - return obj.equals(keyboxName_); - } - if (obj instanceof KeyboxName) { - return ((KeyboxName) obj).keyboxName_.equals(keyboxName_); - } else { - return super.equals(obj); - } - } - - public String getKeyboxName() { - return keyboxName_; - } - - @Override - public String toString() { - return keyboxName_; - } - - } - - public void init(Card card, CardTerminal cardTerminal); - - public Card getCard(); - - public byte[] getCertificate(KeyboxName keyboxName) - throws SignatureCardException, InterruptedException; - - public void disconnect(boolean reset); - - /** - * Performs a reset of the card. - * - * @throws SignatureCardException if reset fails. - */ - public void reset() throws SignatureCardException; - - /** - * - * @param infobox - * @param provider - * @param domainId may be null. - * @return - * @throws SignatureCardException - * @throws InterruptedException if applet is destroyed while in pin dialog - */ - public byte[] getInfobox(String infobox, PINGUI pinGUI, String domainId) - throws SignatureCardException, InterruptedException; - - /** - * - * @param input - * @param keyboxName - * @param provider - * @param alg TODO - * @return - * @throws at.gv.egiz.smcc.SignatureCardException - * @throws java.lang.InterruptedException if applet is destroyed while in pin dialog - * @throws IOException - */ - public byte[] createSignature(InputStream input, KeyboxName keyboxName, - PINGUI pinGUI, String alg) throws SignatureCardException, InterruptedException, IOException; - - /** - * Sets the local for evtl. required callbacks (e.g. PINSpec) - * @param locale must not be null; - */ - public void setLocale(Locale locale); - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardException.java deleted file mode 100644 index 48b4646a..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardException.java +++ /dev/null @@ -1,65 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -package at.gv.egiz.smcc; - -public class SignatureCardException extends Exception { - - /** - * - */ - private static final long serialVersionUID = 1L; - - /** - * Creates a new instance of this <code>SignatureCardException</code>. - * - */ - public SignatureCardException() { - super(); - } - - /** - * Creates a new instance of this <code>SignatureCardException</code>. - * - * @param message - * @param cause - */ - public SignatureCardException(String message, Throwable cause) { - super(message, cause); - } - - /** - * Creates a new instance of this <code>SignatureCardException</code>. - * - * @param message - */ - public SignatureCardException(String message) { - super(message); - } - - /** - * Creates a new instance of this <code>SignatureCardException</code>. - * - * @param cause - */ - public SignatureCardException(Throwable cause) { - super(cause); - } - - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java deleted file mode 100644 index 9165a7d8..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/SignatureCardFactory.java +++ /dev/null @@ -1,401 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -package at.gv.egiz.smcc; - -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import javax.smartcardio.ATR; -import javax.smartcardio.Card; -import javax.smartcardio.CardTerminal; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * A factory for creating {@link SignatureCard}s from {@link Card}s. - */ -public class SignatureCardFactory { - - public static boolean ENFORCE_RECOMMENDED_PIN_LENGTH = false; - - /** - * This class represents a supported smart card. - */ - private class SupportedCard { - - /** - * The ATR pattern. - */ - private byte[] atrPattern; - - /** - * The ATR mask. - */ - private byte[] atrMask; - - /** - * The implementation class. - */ - private String impl; - - /** - * Creates a new SupportedCard instance with the given ATR pattern and mask - * und the corresponding implementation class. - * - * @param atrPattern - * the ATR pattern - * @param atrMask - * the ATR mask - * @param implementationClass - * the name of the implementation class - * - * @throws NullPointerException - * if <code>atrPattern</code> or <code>atrMask</code> is - * <code>null</code>. - * @throws IllegalArgumentException - * if the lengths of <code>atrPattern</code> and - * <code>atrMask</code> of not equal. - */ - public SupportedCard(byte[] atrPattern, byte[] atrMask, String implementationClass) { - if (atrPattern.length != atrMask.length) { - throw new IllegalArgumentException("Length of 'atr' and 'mask' must be equal."); - } - this.atrPattern = atrPattern; - this.atrMask = atrMask; - this.impl = implementationClass; - } - - /** - * Returns true if the given ATR matches the ATR pattern and mask this - * SupportedCard object. - * - * @param atr - * the ATR - * - * @return <code>true</code> if the given ATR matches the ATR pattern and - * mask of this SupportedCard object, or <code>false</code> - * otherwise. - */ - public boolean matches(ATR atr) { - - byte[] bytes = atr.getBytes(); - if (bytes == null) { - return false; - } - if (bytes.length < atrMask.length) { - // we cannot test for equal length here, as we get ATRs with - // additional bytes on systems using PCSClite (e.g. linux and OS X) sometimes - return false; - } - - int l = Math.min(atrMask.length, bytes.length); - for (int i = 0; i < l; i++) { - if ((bytes[i] & atrMask[i]) != atrPattern[i]) { - return false; - } - } - return true; - - } - - /** - * @return the corresponding implementation class. - */ - public String getImplementationClassName() { - return impl; - } - - } - - /** - * Logging facility. - */ - private static Log log = LogFactory.getLog(SignatureCardFactory.class); - - /** - * The instance to be returned by {@link #getInstance()}. - */ - private static SignatureCardFactory instance; - - /** - * The list of supported smart cards. - */ - private List<SupportedCard> supportedCards; - - /** - * @return an instance of this SignatureCardFactory. - */ - public static synchronized SignatureCardFactory getInstance() { - if (instance == null) { - instance = new SignatureCardFactory(); - } - return instance; - } - - /** - * Private constructor. - */ - private SignatureCardFactory() { - - supportedCards = new ArrayList<SupportedCard>(); - - // e-card - supportedCards.add(new SupportedCard( - // ATR (3b:bd:18:00:81:31:fe:45:80:51:02:00:00:00:00:00:00:00:00:00:00:00) - new byte[] { - (byte) 0x3b, (byte) 0xbd, (byte) 0x18, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45, - (byte) 0x80, (byte) 0x51, (byte) 0x02, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:00:00:00:00:00:00:00:00:00:00:00) - new byte[] { - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - "at.gv.egiz.smcc.STARCOSCard")); - - // e-card G3 - supportedCards.add(new SupportedCard( - // ATR (3b:dd:96:ff:81:b1:fe:45:1f:03:80:31:b0:52:02:03:64:04:1b:b4:22:81:05:18) - new byte[] { - (byte) 0x3b, (byte) 0xdd, (byte) 0x96, (byte) 0xff, (byte) 0x81, (byte) 0xb1, (byte) 0xfe, (byte) 0x45, - (byte) 0x1f, (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - // mask ( - new byte[] { - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - "at.gv.egiz.smcc.STARCOSCard")); - - // a-sign premium (EPA) - supportedCards.add(new SupportedCard( - // ATR (3b:bf:11:00:81:31:fe:45:45:50:41:00:00:00:00:00:00:00:00:00:00:00:00:00) - new byte[] { - (byte) 0x3b, (byte) 0xbf, (byte) 0x11, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45, - (byte) 0x45, (byte) 0x50, (byte) 0x41, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:00:00:00:00:00:00:00:00:00:00:00:00:00) - new byte[] { - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - "at.gv.egiz.smcc.ACOSCard")); - - // a-sign premium (MCA) - supportedCards.add(new SupportedCard( - // ATR (3b:bf:11:00:81:31:fe:45:45:50:41:00:00:00:00:00:00:00:00:00:00:00:00:00) - new byte[] { - (byte) 0x3b, (byte) 0xbf, (byte) 0x11, (byte) 0x00, (byte) 0x81, (byte) 0x31, (byte) 0xfe, (byte) 0x45, - (byte) 0x4D, (byte) 0x43, (byte) 0x41, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:00:00:00:00:00:00:00:00:00:00:00:00:00) - new byte[] { - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 - }, - "at.gv.egiz.smcc.ACOSCard")); - - // BELPIC - supportedCards.add(new SupportedCard( - // ATR (3b:98:13:40:0A:A5:03:01:01:01:AD:13:11) - new byte[] { (byte) 0x3b, (byte) 0x98, (byte) 0x13, - (byte) 0x40, (byte) 0x0a, (byte) 0xa5, (byte) 0x03, - (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0xad, - (byte) 0x13, (byte) 0x11 }, - // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff) - new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff }, - "at.gv.egiz.smcc.BELPICCard")); - supportedCards.add(new SupportedCard( - // ATR [3b:98:_94_:40:_ff_:a5:03:01:01:01:ad:13:_10_] - new byte[] { (byte) 0x3b, (byte) 0x98, (byte) 0x94, - (byte) 0x40, (byte) 0xff, (byte) 0xa5, (byte) 0x03, - (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0xad, - (byte) 0x13, (byte) 0x10 }, - // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff) - new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff }, - "at.gv.egiz.smcc.BELPICCard")); - supportedCards.add(new SupportedCard( - // ATR [3b:98:_94_:40:0a:a5:03:01:01:01:ad:13:_10_] - new byte[] { (byte) 0x3b, (byte) 0x98, (byte) 0x94, - (byte) 0x40, (byte) 0x0a, (byte) 0xa5, (byte) 0x03, - (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0xad, - (byte) 0x13, (byte) 0x10 }, - // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff) - new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff }, - "at.gv.egiz.smcc.BELPICCard")); - supportedCards.add(new SupportedCard( - // ATR [3b:98:_95_:40:0a:a5:_07_:01:01:01:ad:13:_20_] - new byte[] { (byte) 0x3b, (byte) 0x98, (byte) 0x95, - (byte) 0x40, (byte) 0x0a, (byte) 0xa5, (byte) 0x07, - (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0xad, - (byte) 0x13, (byte) 0x20 }, - // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff) - new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff }, - "at.gv.egiz.smcc.BELPICCard")); - - // ITCards - supportedCards.add(new SupportedCard( - // ATR = - // [3b:ff:18:00:ff:81:31:fe:55:00:6b:02:09:02:00:01:11:01:43:4e:53:11:31:80:8e] - new byte[] { (byte) 0x3b, (byte) 0xff, (byte) 0x18, - (byte) 0x00, (byte) 0xff, (byte) 0x81, (byte) 0x31, - (byte) 0xfe, (byte) 0x55, (byte) 0x00, (byte) 0x6b, - (byte) 0x02, (byte) 0x09 /* - * , (byte) 0x02, (byte) 0x00, - * (byte) 0x01, (byte) 0x11, - * (byte) 0x01, (byte) 0x43, - * (byte) 0x4e, (byte) 0x53, - * (byte) 0x11, (byte) 0x31, - * (byte) 0x80, (byte) 0x8e - */ - }, - // mask (ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff) - new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff /* - * , (byte) 0xff, (byte) 0xff, - * (byte) 0xff, (byte) 0xff, - * (byte) 0xff, (byte) 0xff, - * (byte) 0xff, (byte) 0xff, - * (byte) 0xff, (byte) 0xff, - * (byte) 0xff, (byte) 0xff - */ - }, "at.gv.egiz.smcc.ITCard")); - supportedCards.add(new SupportedCard( - // ATR - // (3B:FF:18:00:FF:C1:0A:31:FE:55:00:6B:05:08:C8:05:01:01:01:43:4E:53:10:31:80:1C) - new byte[] { (byte) 0x3b, (byte) 0xff, (byte) 0x18, - (byte) 0x00, (byte) 0xFF, (byte) 0xC1, (byte) 0x0a, - (byte) 0x31, (byte) 0xfe, (byte) 0x55, (byte) 0x00, - (byte) 0x6B, (byte) 0x05, (byte) 0x08, (byte) 0xC8, - (byte) 0x05, (byte) 0x01, (byte) 0x01, (byte) 0x01, - (byte) 0x43, (byte) 0x4E, (byte) 0x53, (byte) 0x10, - (byte) 0x31, (byte) 0x80, (byte) 0x1C }, - // mask - // (ff:ff:ff:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:00:00:00:00) - new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff, - (byte) 0xff, (byte) 0xff, (byte) 0xff }, - "at.gv.egiz.smcc.ITCard")); - - - - } - - /** - * Creates a SignatureCard instance with the given smart card. - * - * @param card - * the smart card, or <code>null</code> if a software card should be - * created - * @param cardTerminal TODO - * - * @return a SignatureCard instance - * - * @throws CardNotSupportedException - * if no implementation of the given <code>card</code> could be - * found - */ - public SignatureCard createSignatureCard(Card card, CardTerminal cardTerminal) - throws CardNotSupportedException { - - if(card == null) { - SignatureCard sCard = new SWCard(); - sCard.init(card, cardTerminal); - return sCard; - } - - ATR atr = card.getATR(); - Iterator<SupportedCard> cards = supportedCards.iterator(); - while (cards.hasNext()) { - SupportedCard supportedCard = cards.next(); - if(supportedCard.matches(atr)) { - - ClassLoader cl = SignatureCardFactory.class.getClassLoader(); - SignatureCard sc; - try { - Class<?> scClass = cl.loadClass(supportedCard.getImplementationClassName()); - sc = (SignatureCard) scClass.newInstance(); - - sc = ExclSignatureCardProxy.newInstance(sc); - - sc.init(card, cardTerminal); - - return sc; - - } catch (ClassNotFoundException e) { - log.warn("Cannot find signature card implementation class.", e); - throw new CardNotSupportedException("Cannot find signature card implementation class.", e); - } catch (InstantiationException e) { - log.warn("Failed to instantiate signature card implementation.", e); - throw new CardNotSupportedException("Failed to instantiate signature card implementation.", e); - } catch (IllegalAccessException e) { - log.warn("Failed to instantiate signature card implementation.", e); - throw new CardNotSupportedException("Failed to instantiate signature card implementation.", e); - } - - } - } - - throw new CardNotSupportedException("Card not supported: ATR=" + toString(atr.getBytes())); - - } - - public static String toString(byte[] b) { - StringBuffer sb = new StringBuffer(); - if (b != null && b.length > 0) { - sb.append(Integer.toHexString((b[0] & 240) >> 4)); - sb.append(Integer.toHexString(b[0] & 15)); - } - for(int i = 1; i < b.length; i++) { - sb.append(':'); - sb.append(Integer.toHexString((b[i] & 240) >> 4)); - sb.append(Integer.toHexString(b[i] & 15)); - } - return sb.toString(); - } - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/TimeoutException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/TimeoutException.java deleted file mode 100644 index d14a4c15..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/TimeoutException.java +++ /dev/null @@ -1,39 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class TimeoutException extends SignatureCardException { - - private static final long serialVersionUID = 1L; - - public TimeoutException() { - super(); - } - - public TimeoutException(String message, Throwable cause) { - super(message, cause); - } - - public TimeoutException(String message) { - super(message); - } - - public TimeoutException(Throwable cause) { - super(cause); - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java deleted file mode 100644 index fa066ff9..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/VerificationFailedException.java +++ /dev/null @@ -1,65 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class VerificationFailedException extends SignatureCardException { - - private static final long serialVersionUID = 1L; - - public static final int UNKNOWN = -1; - - private int retries = UNKNOWN; - - public VerificationFailedException() { - } - - public VerificationFailedException(String message, Throwable cause) { - super(message, cause); - } - - public VerificationFailedException(String message) { - super(message); - } - - public VerificationFailedException(Throwable cause) { - super(cause); - } - - public VerificationFailedException(int retries) { - this.retries = retries; - } - - public VerificationFailedException(int retries, String message, Throwable cause) { - super(message, cause); - this.retries = retries; - } - - public VerificationFailedException(int retries, String message) { - super(message); - this.retries = retries; - } - - public VerificationFailedException(int retries, Throwable cause) { - super(cause); - this.retries = retries; - } - - public int getRetries() { - return retries; - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/VerifyAPDUSpec.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/VerifyAPDUSpec.java deleted file mode 100644 index 23c1f0fd..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/VerifyAPDUSpec.java +++ /dev/null @@ -1,200 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc; - -public class VerifyAPDUSpec { - - public static final int PIN_JUSTIFICATION_LEFT = 0; - - public static final int PIN_JUSTIFICATION_RIGHT = 1; - - public static final int PIN_FORMAT_BINARY = 0; - - public static final int PIN_FORMAT_BCD = 1; - - public static final int PIN_FORMAT_ASCII = 2; - - /** - * The APDU template. - */ - protected byte[] apdu; - - /** - * The PIN position in bytes. - */ - protected int pinPosition; - - /** - * The PIN justification (either {@link #PIN_JUSTIFICATION_LEFT} or - * {@link #PIN_JUSTIFICATION_RIGHT}). - */ - protected int pinJustification = PIN_JUSTIFICATION_LEFT; - - /** - * The PIN encoding format (one of {@value #PIN_FORMAT_BCD}, - * {@link #PIN_FORMAT_ASCII}). - */ - protected int pinFormat; - - /** - * The size of the PIN length in bits or 0 for no PIN length. (Default: 0) - */ - protected int pinLengthSize = 0; - - /** - * The PIN length in the template in bytes. - */ - protected int pinLength; - - /** - * The PIN length position in the template in bits or 0 for no PIN length. - * (Default: 0) - */ - protected int pinLengthPos = 0; - - /** - * @param apdu - * @param pinPosition - * @param pinFormat - * @param pinLength TODO - */ - public VerifyAPDUSpec(byte[] apdu, int pinPosition, int pinFormat, int pinLength) { - super(); - this.apdu = apdu; - this.pinPosition = pinPosition; - this.pinFormat = pinFormat; - this.pinLength = pinLength; - } - - /** - * @param apdu - * @param pinPosition - * @param pinFormat - * @param pinLength - * @param pinLengthSize - * @param pinLengthPos - */ - public VerifyAPDUSpec(byte[] apdu, int pinPosition, int pinFormat, - int pinLength, int pinLengthSize, int pinLengthPos) { - super(); - this.apdu = apdu; - this.pinPosition = pinPosition; - this.pinFormat = pinFormat; - this.pinLength = pinLength; - this.pinLengthSize = pinLengthSize; - this.pinLengthPos = pinLengthPos; - } - - /** - * @return the apdu - */ - public byte[] getApdu() { - return apdu; - } - - /** - * @param apdu the apdu to set - */ - public void setApdu(byte[] apdu) { - this.apdu = apdu; - } - - /** - * @return the pinPosition - */ - public int getPinPosition() { - return pinPosition; - } - - /** - * @param pinPosition the pinPosition to set - */ - public void setPinPosition(int pinPosition) { - this.pinPosition = pinPosition; - } - - /** - * @return the pinJustification - */ - public int getPinJustification() { - return pinJustification; - } - - /** - * @param pinJustification the pinJustification to set - */ - public void setPinJustification(int pinJustification) { - this.pinJustification = pinJustification; - } - - /** - * @return the pinFormat - */ - public int getPinFormat() { - return pinFormat; - } - - /** - * @param pinFormat the pinFormat to set - */ - public void setPinFormat(int pinFormat) { - this.pinFormat = pinFormat; - } - - /** - * @return the pinLengthSize - */ - public int getPinLengthSize() { - return pinLengthSize; - } - - /** - * @param pinLengthSize the pinLengthSize to set - */ - public void setPinLengthSize(int pinLengthSize) { - this.pinLengthSize = pinLengthSize; - } - - /** - * @return the pinLength - */ - public int getPinLength() { - return pinLength; - } - - /** - * @param pinLength the pinLength to set - */ - public void setPinLength(int pinLength) { - this.pinLength = pinLength; - } - - /** - * @return the pinLengthPos - */ - public int getPinLengthPos() { - return pinLengthPos; - } - - /** - * @param pinLengthPos the pinLengthPos to set - */ - public void setPinLengthPos(int pinLengthPos) { - this.pinLengthPos = pinLengthPos; - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/conf/SMCCConfiguration.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/conf/SMCCConfiguration.java deleted file mode 100644 index 136ca283..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/conf/SMCCConfiguration.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package at.gv.egiz.smcc.conf; - -/** - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public class SMCCConfiguration { - - private static final long serialVersionUID = 1L; - - boolean disablePinpad; - - /** - * @return the disablePinpad - */ - public boolean isDisablePinpad() { - return disablePinpad; - } - - /** - * @param disablePinpad the disablePinpad to set - */ - public void setDisablePinpad(boolean disablePinpad) { - this.disablePinpad = disablePinpad; - } - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINGUI.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINGUI.java deleted file mode 100644 index 00dc2d0e..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINGUI.java +++ /dev/null @@ -1,36 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc.pin.gui; - -import at.gv.egiz.smcc.CancelledException; -import at.gv.egiz.smcc.PINSpec; - - -public interface ModifyPINGUI extends ModifyPINProvider { - - void modifyPINDirect(PINSpec spec, int retries) throws CancelledException, InterruptedException; - void finishDirect(); - - void enterCurrentPIN(PINSpec spec, int retries); - void enterNewPIN(PINSpec spec); - void confirmNewPIN(PINSpec spec); - void validKeyPressed(); - void correctionButtonPressed(); - void allKeysCleared(); - /** called prior to MODIFY_PIN_FINISH control command transmission (clear display or display wait message) */ - void finish(); -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINProvider.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINProvider.java deleted file mode 100644 index 36f0097d..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/ModifyPINProvider.java +++ /dev/null @@ -1,48 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc.pin.gui; - -import at.gv.egiz.smcc.CancelledException; -import at.gv.egiz.smcc.PINSpec; - - -/** - * user interface for "software pin-entry" of - * <ul> - * <li> current pin and new pin (change pin) - * <li> new pin (pin activation, no current pin) - * <li> puk and new pin (probably verify only?) - * </ul> - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public interface ModifyPINProvider { - - /** - * - * @param spec - * @param retries - * @return null if no old value for this pin - * @throws at.gv.egiz.smcc.CancelledException if cancelled by user - * @throws java.lang.InterruptedException - */ - public char[] provideCurrentPIN(PINSpec spec, int retries) - throws CancelledException, InterruptedException; - - public char[] provideNewPIN(PINSpec spec) - throws CancelledException, InterruptedException; - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINGUI.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINGUI.java deleted file mode 100644 index 5199977b..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINGUI.java +++ /dev/null @@ -1,42 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc.pin.gui; - -import at.gv.egiz.smcc.CancelledException; -import at.gv.egiz.smcc.PINSpec; - - -/** - * Display messages for pinpad pin-entry. - * Provides an interface for two types of pinpad pin-entry: pinpad-direct and pinpad-start/finish - * @author clemens.orthacker@iaik.tugraz.at - */ -public interface PINGUI extends PINProvider { - - void enterPINDirect(PINSpec spec, int retries) - throws CancelledException, InterruptedException; - - /** - * @throws CancelledException, InterruptedException if signature-data dialog is interrupted or cancelled - */ - void enterPIN(PINSpec spec, int retries) - throws CancelledException, InterruptedException; - void validKeyPressed(); - void correctionButtonPressed(); - void allKeysCleared(); - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINProvider.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINProvider.java deleted file mode 100644 index 7443ee30..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/pin/gui/PINProvider.java +++ /dev/null @@ -1,51 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc.pin.gui; - -import at.gv.egiz.smcc.CancelledException; -import at.gv.egiz.smcc.PINSpec; - - -/** - * The number of retries is not fixed and there is no way (?) to obtain this value. - * A PINProvider should therefore maintain an internal retry counter or flag - * to decide whether or not to warn the user (num retries passed in providePIN). - * - * Therefore PINProvider objects should not be reused. - * - * (ACOS: reload counter: between 0 and 15, where 15 meens deactivated) - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public interface PINProvider { - - /** - * TODO change interface to void providePIN(char[] pin, pinspec, retries) - * to allow caller to clear pin afterwards. - * - * @param spec - * @param retries num of remaining retries or -1 if unknown - * (a positive value does <em>not</em> necessarily signify that there was - * already an unsuccessful PIN verification) - * @return pin != null - * @throws at.gv.egiz.smcc.CancelledException - * @throws java.lang.InterruptedException - */ - char[] providePIN(PINSpec pinSpec, int retries) - throws CancelledException, InterruptedException; - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/CardReader.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/CardReader.java deleted file mode 100644 index a1246dd6..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/CardReader.java +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.smcc.reader; - -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.ResponseAPDU; - -import at.gv.egiz.smcc.CancelledException; -import at.gv.egiz.smcc.ChangeReferenceDataAPDUSpec; -import at.gv.egiz.smcc.NewReferenceDataAPDUSpec; -import at.gv.egiz.smcc.PINSpec; -import at.gv.egiz.smcc.ResetRetryCounterAPDUSpec; -import at.gv.egiz.smcc.SignatureCardException; -import at.gv.egiz.smcc.VerifyAPDUSpec; -import at.gv.egiz.smcc.pin.gui.ModifyPINGUI; -import at.gv.egiz.smcc.pin.gui.PINGUI; -import javax.smartcardio.Card; - -/** - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public interface CardReader { - - - String[] FEATURES = new String[]{"NO_FEATURE", - "FEATURE_VERIFY_PIN_START", - "FEATURE_VERIFY_PIN_FINISH", - "FEATURE_MODIFY_PIN_START", - "FEATURE_MODIFY_PIN_FINISH", - "FEATURE_GET_KEY_PRESSED", - "FEATURE_VERIFY_PIN_DIRECT", - "FEATURE_MODIFY_PIN_DIRECT", - "FEATURE_MCT_READER_DIRECT", - "FEATURE_MCT_UNIVERSAL", - "FEATURE_IFD_PIN_PROPERTIES", - "FEATURE_ABORT", - "FEATURE_SET_SPE_MESSAGE", - "FEATURE_VERIFY_PIN_DIRECT_APP_ID", - "FEATURE_MODIFY_PIN_DIRECT_APP_ID", - "FEATURE_WRITE_DISPLAY", - "FEATURE_GET_KEY", - "FEATURE_IFD_DISPLAY_PROPERTIES"}; - - Byte FEATURE_VERIFY_PIN_START = new Byte((byte) 0x01); - Byte FEATURE_VERIFY_PIN_FINISH = new Byte((byte) 0x02); - Byte FEATURE_MODIFY_PIN_START = new Byte((byte) 0x03); - Byte FEATURE_MODIFY_PIN_FINISH = new Byte((byte) 0x04); - Byte FEATURE_GET_KEY_PRESSED = new Byte((byte) 0x05); - Byte FEATURE_VERIFY_PIN_DIRECT = new Byte((byte) 0x06); - Byte FEATURE_MODIFY_PIN_DIRECT = new Byte((byte) 0x07); - Byte FEATURE_MCT_READER_DIRECT = new Byte((byte) 0x08); - Byte FEATURE_MCT_UNIVERSAL = new Byte((byte) 0x09); - Byte FEATURE_IFD_PIN_PROPERTIES = new Byte((byte) 0x0a); - //TODO continue list - - - Card connect() throws CardException; - - boolean hasFeature(Byte feature); - - ResponseAPDU verify(CardChannel channel, VerifyAPDUSpec apduSpec, - PINGUI pinGUI, PINSpec pinSpec, int retries) - throws CancelledException, InterruptedException, CardException, SignatureCardException; - - ResponseAPDU modify(CardChannel channel, ChangeReferenceDataAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec, int retries) - throws CancelledException, InterruptedException, CardException, SignatureCardException; - - ResponseAPDU modify(CardChannel channel, NewReferenceDataAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec) - throws CancelledException, InterruptedException, CardException, SignatureCardException; - - ResponseAPDU modify(CardChannel channel, ResetRetryCounterAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec, int retries) - throws CancelledException, InterruptedException, CardException, SignatureCardException; -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/DefaultCardReader.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/DefaultCardReader.java deleted file mode 100644 index 03a794fe..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/DefaultCardReader.java +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.smcc.reader; - - -import javax.smartcardio.Card; -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.ResponseAPDU; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.smcc.ChangeReferenceDataAPDUSpec; -import at.gv.egiz.smcc.NewReferenceDataAPDUSpec; -import at.gv.egiz.smcc.PINSpec; -import at.gv.egiz.smcc.ResetRetryCounterAPDUSpec; -import at.gv.egiz.smcc.SignatureCardException; -import at.gv.egiz.smcc.VerifyAPDUSpec; -import at.gv.egiz.smcc.pin.gui.ModifyPINGUI; -import at.gv.egiz.smcc.pin.gui.PINGUI; -import at.gv.egiz.smcc.util.ISO7816Utils; - -/** - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public class DefaultCardReader implements CardReader { - - protected final static Log log = LogFactory.getLog(DefaultCardReader.class); - - protected CardTerminal ct; - protected String name; - - public DefaultCardReader(CardTerminal ct) { - if (ct == null) { - throw new NullPointerException("no card or card terminal provided"); - } - this.ct = ct; - this.name = ct.getName(); - } - - @Override - public ResponseAPDU verify(CardChannel channel, VerifyAPDUSpec apduSpec, - PINGUI pinGUI, PINSpec pinSpec, int retries) - throws SignatureCardException, CardException, InterruptedException { - - log.debug("VERIFY"); - return channel.transmit(ISO7816Utils.createVerifyAPDU(apduSpec, pinGUI.providePIN(pinSpec, retries))); - } - - @Override - public ResponseAPDU modify(CardChannel channel, ChangeReferenceDataAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec, int retries) - throws SignatureCardException, CardException, InterruptedException { - log.debug("MODIFY (CHANGE_REFERENCE_DATA)"); - char[] oldPIN = pinGUI.provideCurrentPIN(pinSpec, retries); - char[] newPIN = pinGUI.provideNewPIN(pinSpec); - return channel.transmit(ISO7816Utils.createChangeReferenceDataAPDU(apduSpec, oldPIN, newPIN)); - } - - @Override - public ResponseAPDU modify(CardChannel channel, NewReferenceDataAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec) - throws SignatureCardException, CardException, InterruptedException { - log.debug("MODIFY (NEW_REFERENCE_DATA)"); - char[] newPIN = pinGUI.provideNewPIN(pinSpec); - return channel.transmit(ISO7816Utils.createNewReferenceDataAPDU(apduSpec, newPIN)); - } - - @Override - public ResponseAPDU modify(CardChannel channel, ResetRetryCounterAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec, int retries) - throws InterruptedException, CardException, SignatureCardException { - log.debug("MODIFY (RESET_RETRY_COUNTER)"); - //TODO - return modify(channel, (ChangeReferenceDataAPDUSpec) apduSpec, pinGUI, pinSpec, retries); - } - - @Override - public Card connect() throws CardException { - log.debug("connect icc"); - return ct.connect("*"); - } - - @Override - public boolean hasFeature(Byte feature) { - return false; - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/PinpadCardReader.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/PinpadCardReader.java deleted file mode 100644 index c2537af8..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/PinpadCardReader.java +++ /dev/null @@ -1,703 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.smcc.reader; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.util.Map; - -import javax.smartcardio.Card; -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.ResponseAPDU; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.smcc.CancelledException; -import at.gv.egiz.smcc.ChangeReferenceDataAPDUSpec; -import at.gv.egiz.smcc.NewReferenceDataAPDUSpec; -import at.gv.egiz.smcc.PINConfirmationException; -import at.gv.egiz.smcc.PINFormatException; -import at.gv.egiz.smcc.PINOperationAbortedException; -import at.gv.egiz.smcc.PINSpec; -import at.gv.egiz.smcc.ResetRetryCounterAPDUSpec; -import at.gv.egiz.smcc.SignatureCardException; -import at.gv.egiz.smcc.TimeoutException; -import at.gv.egiz.smcc.VerifyAPDUSpec; -import at.gv.egiz.smcc.pin.gui.ModifyPINGUI; -import at.gv.egiz.smcc.pin.gui.PINGUI; -import at.gv.egiz.smcc.util.SMCCHelper; - -/** - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public class PinpadCardReader extends DefaultCardReader { - - public static final int PIN_ENTRY_POLLING_INTERVAL = 10; - - protected final static Log log = LogFactory.getLog(PinpadCardReader.class); - - protected byte bEntryValidationCondition = 0x02; // validation key pressed - protected byte bTimeOut = 0x3c; // 60sec (= max on ReinerSCT) - protected byte bTimeOut2 = 0x00; // default (attention with SCM) - protected byte wPINMaxExtraDigitH = 0x00; // min pin length zero digits - protected byte wPINMaxExtraDigitL = 0x0c; // max pin length 12 digits - - /** - * supported features and respective control codes - */ - protected Map<Byte, Integer> features; - protected boolean VERIFY, MODIFY, VERIFY_DIRECT, MODIFY_DIRECT; - - public PinpadCardReader(CardTerminal ct, Map<Byte, Integer> features) { - super(ct); - if (features == null) { - throw new NullPointerException("Pinpad card reader does not support any features"); - } - this.features = features; - - if (features.containsKey(FEATURE_VERIFY_PIN_START) && - features.containsKey(FEATURE_GET_KEY_PRESSED) && - features.containsKey(FEATURE_VERIFY_PIN_FINISH)) { - VERIFY = true; - } - if (features.containsKey(FEATURE_MODIFY_PIN_START) && - features.containsKey(FEATURE_GET_KEY_PRESSED) && - features.containsKey(FEATURE_MODIFY_PIN_FINISH)) { - MODIFY = true; - } - if (features.containsKey(FEATURE_VERIFY_PIN_DIRECT)) { - VERIFY_DIRECT = true; - } - if (features.containsKey(FEATURE_MODIFY_PIN_DIRECT)) { - MODIFY_DIRECT = true; - } - - if (name != null) { - name = name.toLowerCase(); - //ReinerSCT: http://support.reiner-sct.de/downloads/LINUX - // http://www.linux-club.de/viewtopic.php?f=61&t=101287&start=0 - //old: REINER SCT CyberJack 00 00 - //new (CCID): 0C4B/0300 Reiner-SCT cyberJack pinpad(a) 00 00 - //Snow Leopard: Reiner-SCT cyberJack pinpad(a) 00 00 - //display: REINER SCT CyberJack 00 00 - if(name.startsWith("gemplus gempc pinpad") || name.startsWith("gemalto gempc pinpad")) { - log.debug("setting custom wPINMaxExtraDigitH (0x04) for " + name); - wPINMaxExtraDigitH = 0x04; - log.debug("setting custom wPINMaxExtraDigitL (0x08) for " + name); - wPINMaxExtraDigitL = 0x08; - } else if (name.startsWith("omnikey cardman 3621")) { - log.debug("setting custom wPINMaxExtraDigitH (0x01) for " + name); - wPINMaxExtraDigitH = 0x01; - } else if (name.startsWith("scm spr 532") || name.startsWith("scm microsystems inc. sprx32 usb smart card reader")) { - log.debug("setting custom bTimeOut (0x3c) for " + name); - bTimeOut = 0x3c; - log.debug("setting custom bTimeOut2 (0x0f) for " + name); - bTimeOut2 = 0x0f; - } else if (name.startsWith("cherry smartboard xx44")) { - log.debug("setting custom wPINMaxExtraDigitH (0x01) for " + name); - wPINMaxExtraDigitH = 0x01; - } - } - - } - - @Override - public boolean hasFeature(Byte feature) { - return features.containsKey(feature); - } - - private void VERIFY_PIN_START(Card icc, byte[] PIN_VERIFY) throws CardException { - int ioctl = features.get(FEATURE_VERIFY_PIN_START); - if (log.isTraceEnabled()) { - log.trace("VERIFY_PIN_START (" + Integer.toHexString(ioctl) + - ") " + SMCCHelper.toString(PIN_VERIFY)); - } - byte[] resp = icc.transmitControlCommand(ioctl, PIN_VERIFY); - if (resp != null && resp.length > 0) { - if (resp[0] == (byte) 0x57) { - log.error("Invalid parameter in PIN_VERIFY structure"); - throw new CardException("ERROR_INVALID_PARAMETER"); - } else { - log.error("unexpected response to VERIFY_PIN_START: " + - SMCCHelper.toString(resp)); - throw new CardException("unexpected response to VERIFY_PIN_START: " + - SMCCHelper.toString(resp)); - } - } - } - - private byte GET_KEY_PRESSED(Card icc) throws CardException { - int ioctl = features.get(FEATURE_GET_KEY_PRESSED); - byte[] resp = icc.transmitControlCommand(ioctl, new byte[0]); - if (resp != null && resp.length == 1) { -// if (log.isTraceEnabled()) { -// log.trace("response " + SMCCHelper.toString(resp)); -// } - return resp[0]; - } - log.error("unexpected response to GET_KEY_PRESSED: " + - SMCCHelper.toString(resp)); - throw new CardException("unexpected response to GET_KEY_PRESSED: " + - SMCCHelper.toString(resp)); - } - - private byte[] VERIFY_PIN_FINISH(Card icc) throws CardException { - int ioctl = features.get(FEATURE_VERIFY_PIN_FINISH); - if (log.isTraceEnabled()) { - log.trace("VERIFY_PIN_FINISH (" + Integer.toHexString(ioctl) + ")"); - } - byte[] resp = icc.transmitControlCommand(ioctl, new byte[0]); - if (resp != null && resp.length == 2) { - if (log.isTraceEnabled()) { - log.trace("response " + SMCCHelper.toString(resp)); - } - return resp; - } - log.error("unexpected response to VERIFY_PIN_FINISH: " + - SMCCHelper.toString(resp)); - throw new CardException("unexpected response to VERIFY_PIN_FINISH: " + - SMCCHelper.toString(resp)); - } - - private void MODIFY_PIN_START(Card icc, byte[] PIN_MODIFY) throws CardException { - int ioctl = features.get(FEATURE_MODIFY_PIN_START); - if (log.isTraceEnabled()) { - log.trace("MODFIY_PIN_START (" + Integer.toHexString(ioctl) + - ") " + SMCCHelper.toString(PIN_MODIFY)); - } - byte[] resp = icc.transmitControlCommand(ioctl, PIN_MODIFY); - if (resp != null && resp.length > 0) { - if (resp[0] == (byte) 0x57) { - log.error("Invalid parameter in PIN_MODIFY structure"); - throw new CardException("ERROR_INVALID_PARAMETER"); - } else { - log.error("unexpected response to MODIFY_PIN_START: " + - SMCCHelper.toString(resp)); - throw new CardException("unexpected response to MODIFY_PIN_START: " + - SMCCHelper.toString(resp)); - } - } - } - - private byte[] MODIFY_PIN_FINISH(Card icc) throws CardException { - int ioctl = features.get(FEATURE_MODIFY_PIN_FINISH); - if (log.isTraceEnabled()) { - log.trace("MODIFY_PIN_FINISH (" + Integer.toHexString(ioctl) + ")"); - } - byte[] resp = icc.transmitControlCommand(ioctl, new byte[0]); - if (resp != null && resp.length == 2) { - if (log.isTraceEnabled()) { - log.trace("response " + SMCCHelper.toString(resp)); - } - return resp; - } - log.error("unexpected response to MODIFY_PIN_FINISH: " + - SMCCHelper.toString(resp)); - throw new CardException("unexpected response to MODIFY_PIN_FINISH: " + - SMCCHelper.toString(resp)); - } - - private byte[] VERIFY_PIN_DIRECT(Card icc, byte[] PIN_VERIFY) throws CardException { - int ioctl = features.get(FEATURE_VERIFY_PIN_DIRECT); - if (log.isTraceEnabled()) { - log.trace("VERIFY_PIN_DIRECT (" + Integer.toHexString(ioctl) + - ") " + SMCCHelper.toString(PIN_VERIFY)); - } - byte[] resp = icc.transmitControlCommand(ioctl, PIN_VERIFY); - if (log.isTraceEnabled()) { - log.trace("response " + SMCCHelper.toString(resp)); - } - return resp; - } - - private byte[] verifyPin(Card icc, byte[] PIN_VERIFY, PINGUI pinGUI) - throws SignatureCardException, CardException, InterruptedException { - -// pinGUI.enterPIN(pinSpec, retries); - - log.debug("VERIFY_PIN_START [" + FEATURES[FEATURE_VERIFY_PIN_START] + "]"); - VERIFY_PIN_START(icc, PIN_VERIFY); - - byte resp; - do { - resp = GET_KEY_PRESSED(icc); - if (resp == (byte) 0x00) { - synchronized(this) { - try { - wait(PIN_ENTRY_POLLING_INTERVAL); - } catch (InterruptedException ex) { - log.error("interrupted in VERIFY_PIN"); - } - } - } else if (resp == (byte) 0x0d) { - log.debug("GET_KEY_PRESSED: 0x0d (user confirmed)"); - break; - } else if (resp == (byte) 0x2b) { - log.trace("GET_KEY_PRESSED: 0x2b (user entered valid key 0-9)"); - pinGUI.validKeyPressed(); - } else if (resp == (byte) 0x1b) { - log.debug("GET_KEY_PRESSED: 0x1b (user cancelled VERIFY_PIN via cancel button)"); - break; // returns 0x6401 - } else if (resp == (byte) 0x08) { - log.debug("GET_KEY_PRESSED: 0x08 (user pressed correction/backspace button)"); - pinGUI.correctionButtonPressed(); - } else if (resp == (byte) 0x0e) { - log.debug("GET_KEY_PRESSED: 0x0e (timeout occured)"); - break; // return 0x6400 - } else if (resp == (byte) 0x40) { - log.debug("GET_KEY_PRESSED: 0x40 (PIN_Operation_Aborted)"); - throw new PINOperationAbortedException("PIN_Operation_Aborted (0x40)"); - } else if (resp == (byte) 0x0a) { - log.debug("GET_KEY_PRESSED: 0x0a (all keys cleared"); - pinGUI.allKeysCleared(); - } else { - log.error("unexpected response to GET_KEY_PRESSED: " + - Integer.toHexString(resp)); - throw new CardException("unexpected response to GET_KEY_PRESSED: " + - Integer.toHexString(resp)); - } - } while (true); - - return VERIFY_PIN_FINISH(icc); - } - - /** - * does not display the first pin dialog (enterCurrentPIN or enterNewPIN, depends on bConfirmPIN), - * since this is easier to do in calling modify() - */ - private byte[] modifyPin(Card icc, byte[] PIN_MODIFY, ModifyPINGUI pinGUI, PINSpec pINSpec) - throws PINOperationAbortedException, CardException { - - byte pinConfirmations = (byte) 0x00; //b0: new pin not entered (0) / entered (1) - //b1: current pin not entered (0) / entered (1) - byte bConfirmPIN = PIN_MODIFY[9]; - -// if ((bConfirmPIN & (byte) 0x02) == 0) { -// log.debug("no current PIN entry requested"); -// pinGUI.enterNewPIN(pINSpec); -// } else { -// log.debug("current PIN entry requested"); -// pinGUI.enterCurrentPIN(pINSpec, retries); -// } - - log.debug("MODIFY_PIN_START [" + FEATURES[FEATURE_MODIFY_PIN_START] + "]"); - MODIFY_PIN_START(icc, PIN_MODIFY); - - byte resp; - while (true) { - resp = GET_KEY_PRESSED(icc); - if (resp == (byte) 0x00) { - synchronized(this) { - try { - wait(PIN_ENTRY_POLLING_INTERVAL); - } catch (InterruptedException ex) { - log.error("interrupted in MODIFY_PIN"); - } - } - } else if (resp == (byte) 0x0d) { - if (log.isTraceEnabled()) { - log.trace("requested pin confirmations: 0b" + Integer.toBinaryString(bConfirmPIN & 0xff)); - log.trace("performed pin confirmations: 0b" + Integer.toBinaryString(pinConfirmations & 0xff)); - } - log.debug("GET_KEY_PRESSED: 0x0d (user confirmed)"); - if (pinConfirmations == bConfirmPIN) { - break; - } else if ((bConfirmPIN & (byte) 0x02) == 0 || - (pinConfirmations & (byte) 0x02) == (byte) 0x02) { - // no current pin entry or current pin entry already performed - if ((pinConfirmations & (byte) 0x01) == 0) { - // new pin - pinConfirmations |= (byte) 0x01; - pinGUI.confirmNewPIN(pINSpec); - } // else: new pin confirmed - } else { - // current pin entry - pinConfirmations |= (byte) 0x02; - pinGUI.enterNewPIN(pINSpec); - } - } else if (resp == (byte) 0x2b) { - log.trace("GET_KEY_PRESSED: 0x2b (user entered valid key 0-9)"); - pinGUI.validKeyPressed(); - } else if (resp == (byte) 0x1b) { - log.debug("GET_KEY_PRESSED: 0x1b (user cancelled VERIFY_PIN via cancel button)"); - break; // returns 0x6401 - } else if (resp == (byte) 0x08) { - log.debug("GET_KEY_PRESSED: 0x08 (user pressed correction/backspace button)"); - pinGUI.correctionButtonPressed(); - } else if (resp == (byte) 0x0e) { - log.debug("GET_KEY_PRESSED: 0x0e (timeout occured)"); - break; // return 0x6400 - } else if (resp == (byte) 0x40) { - log.debug("GET_KEY_PRESSED: 0x40 (PIN_Operation_Aborted)"); - throw new PINOperationAbortedException("PIN_Operation_Aborted (0x40)"); - } else if (resp == (byte) 0x0a) { - log.debug("GET_KEY_PRESSED: 0x0a (all keys cleared"); - pinGUI.allKeysCleared(); - } else { - log.error("unexpected response to GET_KEY_PRESSED: " + - Integer.toHexString(resp)); - throw new CardException("unexpected response to GET_KEY_PRESSED: " + - Integer.toHexString(resp)); - } - - } - - pinGUI.finish(); - return MODIFY_PIN_FINISH(icc); - } - - private byte[] MODIFY_PIN_DIRECT(Card icc, byte[] PIN_MODIFY) throws CardException { - int ioctl = features.get(FEATURE_MODIFY_PIN_DIRECT); - if (log.isTraceEnabled()) { - log.trace("MODIFY_PIN_DIRECT (" + Integer.toHexString(ioctl) + - ") " + SMCCHelper.toString(PIN_MODIFY)); - } - byte[] resp = icc.transmitControlCommand(ioctl, PIN_MODIFY); - if (log.isTraceEnabled()) { - log.trace("response " + SMCCHelper.toString(resp)); - } - return resp; - } - - protected byte[] createPINModifyStructure(NewReferenceDataAPDUSpec apduSpec, PINSpec pinSpec) { - - ByteArrayOutputStream s = new ByteArrayOutputStream(); - // bTimeOut - s.write(bTimeOut); - // bTimeOut2 - s.write(bTimeOut2); - // bmFormatString - s.write(1 << 7 // system unit = byte - | (0xF & apduSpec.getPinPosition()) << 3 - | (0x1 & apduSpec.getPinJustification() << 2) - | (0x3 & apduSpec.getPinFormat())); - // bmPINBlockString - s.write((0xF & apduSpec.getPinLengthSize()) << 4 - | (0xF & apduSpec.getPinLength())); - // bmPINLengthFormat - s.write(// system unit = bit - (0xF & apduSpec.getPinLengthPos())); - // bInsertionOffsetOld - s.write(0x00); - // bInsertionOffsetNew - s.write(apduSpec.getPinInsertionOffsetNew()); - // wPINMaxExtraDigit - s.write(Math.min(pinSpec.getMaxLength(), wPINMaxExtraDigitL)); - s.write(Math.max(pinSpec.getMinLength(), wPINMaxExtraDigitH)); - // bConfirmPIN - s.write(0x01); - // bEntryValidationCondition - s.write(bEntryValidationCondition); - // bNumberMessage - s.write(0x02); - // wLangId English (United States), see http://www.usb.org/developers/docs/USB_LANGIDs.pdf - s.write(0x09); - s.write(0x04); - // bMsgIndex1 - s.write(0x01); - // bMsgIndex2 - s.write(0x02); - // bMsgIndex3 - s.write(0x00); - - // bTeoPrologue - s.write(0x00); - s.write(0x00); - s.write(0x00); - // ulDataLength - s.write(apduSpec.getApdu().length); - s.write(0x00); - s.write(0x00); - s.write(0x00); - // abData - try { - s.write(apduSpec.getApdu()); - } catch (IOException e) { - // As we are dealing with ByteArrayOutputStreams no exception is to be - // expected. - throw new RuntimeException(e); - } - - return s.toByteArray(); - - } - - protected byte[] createPINModifyStructure(ChangeReferenceDataAPDUSpec apduSpec, PINSpec pinSpec) { - //TODO bInsertionOffsetOld (0x00), bConfirmPIN (0x01), bNumberMessage (0x02), bMsgIndex1/2/3 - - ByteArrayOutputStream s = new ByteArrayOutputStream(); - // bTimeOut - s.write(bTimeOut); - // bTimeOut2 - s.write(bTimeOut2); - // bmFormatString - s.write(1 << 7 // system unit = byte - | (0xF & apduSpec.getPinPosition()) << 3 - | (0x1 & apduSpec.getPinJustification() << 2) - | (0x3 & apduSpec.getPinFormat())); - // bmPINBlockString - s.write((0xF & apduSpec.getPinLengthSize()) << 4 - | (0xF & apduSpec.getPinLength())); - // bmPINLengthFormat - s.write(// system unit = bit - (0xF & apduSpec.getPinLengthPos())); - // bInsertionOffsetOld (0x00 for no old pin?) - s.write(apduSpec.getPinInsertionOffsetOld()); - // bInsertionOffsetNew - s.write(apduSpec.getPinInsertionOffsetNew()); - // wPINMaxExtraDigit - s.write(Math.min(pinSpec.getMaxLength(), wPINMaxExtraDigitL)); - s.write(Math.max(pinSpec.getMinLength(), wPINMaxExtraDigitH)); - // bConfirmPIN - s.write(0x03); - // bEntryValidationCondition - s.write(bEntryValidationCondition); - // bNumberMessage - s.write(0x03); - // wLangId English (United States), see http://www.usb.org/developers/docs/USB_LANGIDs.pdf - s.write(0x09); - s.write(0x04); - // bMsgIndex1 - s.write(0x00); - // bMsgIndex2 - s.write(0x01); - // bMsgIndex3 - s.write(0x02); - - // bTeoPrologue - s.write(0x00); - s.write(0x00); - s.write(0x00); - // ulDataLength - s.write(apduSpec.getApdu().length); - s.write(0x00); - s.write(0x00); - s.write(0x00); - // abData - try { - s.write(apduSpec.getApdu()); - } catch (IOException e) { - // As we are dealing with ByteArrayOutputStreams no exception is to be - // expected. - throw new RuntimeException(e); - } - - return s.toByteArray(); - - } - - protected byte[] createPINVerifyStructure(VerifyAPDUSpec apduSpec, PINSpec pinSpec) { - - ByteArrayOutputStream s = new ByteArrayOutputStream(); - // bTimeOut - s.write(bTimeOut); - // bTimeOut2 - s.write(bTimeOut2); - // bmFormatString - s.write(1 << 7 // system unit = byte - | (0xF & apduSpec.getPinPosition()) << 3 - | (0x1 & apduSpec.getPinJustification() << 2) - | (0x3 & apduSpec.getPinFormat())); - // bmPINBlockString - s.write((0xF & apduSpec.getPinLengthSize()) << 4 - | (0xF & apduSpec.getPinLength())); - // bmPINLengthFormat - s.write(// system unit = bit - (0xF & apduSpec.getPinLengthPos())); - // wPINMaxExtraDigit - s.write(Math.min(pinSpec.getMaxLength(), wPINMaxExtraDigitL)); // max PIN length - s.write(Math.max(pinSpec.getMinLength(), wPINMaxExtraDigitH)); // min PIN length - // bEntryValidationCondition - s.write(bEntryValidationCondition); - // bNumberMessage - s.write(0x01); - // wLangId - s.write(0x09); - s.write(0x04); - // bMsgIndex - s.write(0x00); - // bTeoPrologue - s.write(0x00); - s.write(0x00); - s.write(0x00); - // ulDataLength - s.write(apduSpec.getApdu().length); - s.write(0x00); - s.write(0x00); - s.write(0x00); - // abData - try { - s.write(apduSpec.getApdu()); - } catch (IOException e) { - // As we are dealing with ByteArrayOutputStreams no exception is to be - // expected. - throw new RuntimeException(e); - } - - return s.toByteArray(); - - } - - @Override - public ResponseAPDU verify(CardChannel channel, VerifyAPDUSpec apduSpec, - PINGUI pinGUI, PINSpec pinSpec, int retries) - throws SignatureCardException, CardException, InterruptedException { - - ResponseAPDU resp = null; - - byte[] s = createPINVerifyStructure(apduSpec, pinSpec); - Card icc = channel.getCard(); - - if (VERIFY) { - pinGUI.enterPIN(pinSpec, retries); - resp = new ResponseAPDU(verifyPin(icc, s, pinGUI)); - } else if (VERIFY_DIRECT) { - pinGUI.enterPINDirect(pinSpec, retries); - log.debug("VERIFY_PIN_DIRECT [" + FEATURES[FEATURE_VERIFY_PIN_DIRECT] + "]"); - resp = new ResponseAPDU(VERIFY_PIN_DIRECT(icc, s)); - } else { - log.warn("falling back to default pin-entry"); - return super.verify(channel, apduSpec, pinGUI, pinSpec, retries); - } - - switch (resp.getSW()) { - case 0x6400: - log.debug("SPE operation timed out."); - throw new TimeoutException(); - case 0x6401: - log.debug("SPE operation was cancelled by the 'Cancel' button."); - throw new CancelledException(); - case 0x6403: - log.debug("User entered too short or too long PIN " - + "regarding MIN/MAX PIN length."); - throw new PINFormatException(); - case 0x6480: - log.debug("SPE operation was aborted by the 'Cancel' operation " - + "at the host system."); - case 0x6b80: - log.info("Invalid parameter in passed structure."); - default: - return resp; - } - } - - @Override - public ResponseAPDU modify(CardChannel channel, ChangeReferenceDataAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec, int retries) - throws SignatureCardException, CardException, InterruptedException { - - ResponseAPDU resp = null; - - byte[] s = createPINModifyStructure(apduSpec, pinSpec); - Card icc = channel.getCard(); - - if (MODIFY) { - pinGUI.enterCurrentPIN(pinSpec, retries); - resp = new ResponseAPDU(modifyPin(icc, s, pinGUI, pinSpec)); - } else if (MODIFY_DIRECT) { - pinGUI.modifyPINDirect(pinSpec, retries); - log.debug("MODIFY_PIN_DIRECT [" + FEATURES[FEATURE_MODIFY_PIN_DIRECT] + "]"); - resp = new ResponseAPDU(MODIFY_PIN_DIRECT(icc, s)); - } else { - log.warn("falling back to default pin-entry"); - return super.modify(channel, apduSpec, pinGUI, pinSpec, retries); - } - - switch (resp.getSW()) { - case 0x6400: - log.debug("SPE operation timed out."); - throw new TimeoutException(); - case 0x6401: - log.debug("SPE operation was cancelled by the 'Cancel' button."); - throw new CancelledException(); - case 0x6402: - log.debug("Modify PIN operation failed because two 'new PIN' " + - "entries do not match"); - throw new PINConfirmationException(); - case 0x6403: - log.debug("User entered too short or too long PIN " - + "regarding MIN/MAX PIN length."); - throw new PINFormatException(); - case 0x6480: - log.debug("SPE operation was aborted by the 'Cancel' operation " - + "at the host system."); - case 0x6b80: - log.info("Invalid parameter in passed structure."); - default: - return resp; - } - } - - @Override - public ResponseAPDU modify(CardChannel channel, NewReferenceDataAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec) - throws SignatureCardException, CardException, InterruptedException { - - ResponseAPDU resp = null; - - byte[] s = createPINModifyStructure(apduSpec, pinSpec); - Card icc = channel.getCard(); - - if (MODIFY) { - pinGUI.enterNewPIN(pinSpec); - resp = new ResponseAPDU(modifyPin(icc, s, pinGUI, pinSpec)); - } else if (MODIFY_DIRECT) { - pinGUI.modifyPINDirect(pinSpec, -1); - log.debug("MODIFY_PIN_DIRECT [" + FEATURES[FEATURE_MODIFY_PIN_DIRECT] + "]"); - resp = new ResponseAPDU(MODIFY_PIN_DIRECT(icc, s)); - } else { - log.warn("falling back to default pin-entry"); - return super.modify(channel, apduSpec, pinGUI, pinSpec); - } - - switch (resp.getSW()) { - case 0x6400: - log.debug("SPE operation timed out."); - throw new TimeoutException(); - case 0x6401: - log.debug("SPE operation was cancelled by the 'Cancel' button."); - throw new CancelledException(); - case 0x6402: - log.debug("Modify PIN operation failed because two 'new PIN' " + - "entries do not match"); - throw new PINConfirmationException(); - case 0x6403: - log.debug("User entered too short or too long PIN " - + "regarding MIN/MAX PIN length."); - throw new PINFormatException(); - case 0x6480: - log.debug("SPE operation was aborted by the 'Cancel' operation " - + "at the host system."); - case 0x6b80: - log.info("Invalid parameter in passed structure."); - default: - return resp; - } - } - - @Override - public ResponseAPDU modify(CardChannel channel, ResetRetryCounterAPDUSpec apduSpec, - ModifyPINGUI pinGUI, PINSpec pinSpec, int retries) - throws InterruptedException, CardException, SignatureCardException { - //TODO - return modify(channel, (ChangeReferenceDataAPDUSpec) apduSpec, pinGUI, pinSpec, retries); - } -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/ReaderFactory.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/ReaderFactory.java deleted file mode 100644 index bf1730e9..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/reader/ReaderFactory.java +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package at.gv.egiz.smcc.reader; - -import at.gv.egiz.smcc.conf.SMCCConfiguration; -import at.gv.egiz.smcc.util.SMCCHelper; -import java.util.Collections; -import java.util.HashMap; -import java.util.Map; -import javax.smartcardio.Card; -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * - * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> - */ -public class ReaderFactory { - - protected final static Log log = LogFactory.getLog(ReaderFactory.class); - - protected static SMCCConfiguration configuration; - - public void setConfiguration(SMCCConfiguration configuration) { - if (configuration != null) { - log.debug("reader configuration: disablePinpad=" + configuration.isDisablePinpad()); - } - //spring injects configuration into singleton ReaderFactory instance, - //but we access the ReaderFactory statically (getReader) - //(we rather should query the application context to obtain a reader factory) - ReaderFactory.configuration = configuration; - } - - public static CardReader getReader(Card icc, CardTerminal ct) { - - String name = ct.getName(); - log.info("creating reader " + name); - - Map<Byte, Integer> features; - if (configuration != null && configuration.isDisablePinpad()) { - features = Collections.emptyMap(); - } else { - features = queryFeatures(icc); - } - - CardReader reader; - if (features.isEmpty()) { - reader = new DefaultCardReader(ct); - } else { - reader = new PinpadCardReader(ct, features); - } - - return reader; - } - - private static int CTL_CODE(int code) { - String os_name = System.getProperty("os.name").toLowerCase(); - if (os_name.indexOf("windows") > -1) { - // cf. WinIOCTL.h - return (0x31 << 16 | (code) << 2); - } - // cf. reader.h - return 0x42000000 + (code); - } - - static int IOCTL_GET_FEATURE_REQUEST = CTL_CODE(3400); - - private static Map<Byte, Integer> queryFeatures(Card icc) { - Map<Byte, Integer> features = new HashMap<Byte, Integer>(); - - if (icc == null) { - log.warn("invalid card handle, cannot query ifd features"); - } else { - try { - if (log.isTraceEnabled()) { - log.trace("GET_FEATURE_REQUEST " + Integer.toHexString(IOCTL_GET_FEATURE_REQUEST)); - } - byte[] resp = icc.transmitControlCommand(IOCTL_GET_FEATURE_REQUEST, - new byte[0]); - - if (log.isTraceEnabled()) { - log.trace("Response TLV " + SMCCHelper.toString(resp)); - } - // tag - // length in bytes (always 4) - // control code value for supported feature (in big endian) - for (int i = 0; i < resp.length; i += 6) { - Byte feature = new Byte(resp[i]); - Integer ioctl = new Integer((0xff & resp[i + 2]) << 24) | - ((0xff & resp[i + 3]) << 16) | - ((0xff & resp[i + 4]) << 8) | - (0xff & resp[i + 5]); - if (log.isInfoEnabled()) { - log.info("IFD supports " + CardReader.FEATURES[feature.intValue()] + - ": " + Integer.toHexString(ioctl.intValue())); - } - features.put(feature, ioctl); - } - } catch (CardException ex) { - log.debug("Failed to query IFD features: " + ex.getMessage()); - log.trace(ex); - log.info("IFD does not support secure pin entry"); - } - } - return features; - } - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/ISO7816Utils.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/ISO7816Utils.java deleted file mode 100644 index fcd0b876..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/ISO7816Utils.java +++ /dev/null @@ -1,368 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc.util; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.nio.CharBuffer; -import java.nio.charset.Charset; - -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import at.gv.egiz.smcc.ChangeReferenceDataAPDUSpec; -import at.gv.egiz.smcc.NewReferenceDataAPDUSpec; -import at.gv.egiz.smcc.SecurityStatusNotSatisfiedException; -import at.gv.egiz.smcc.SignatureCardException; -import at.gv.egiz.smcc.VerifyAPDUSpec; - -public class ISO7816Utils { - - public static TransparentFileInputStream openTransparentFileInputStream( - final CardChannel channel, int maxSize) { - - TransparentFileInputStream file = new TransparentFileInputStream(maxSize) { - - @Override - protected byte[] readBinary(int offset, int len) throws IOException { - - ResponseAPDU resp; - try { - resp = channel.transmit(new CommandAPDU(0x00, 0xB0, - 0x7F & (offset >> 8), offset & 0xFF, len)); - } catch (CardException e) { - throw new IOException(e); - } - - Throwable cause; - if (resp.getSW() == 0x9000) { - return resp.getData(); - } else if (resp.getSW() == 0x6982) { - cause = new SecurityStatusNotSatisfiedException(); - } else { - cause = new SignatureCardException("Failed to read bytes (offset=" + offset + ",len=" - + len + ") SW=" + Integer.toHexString(resp.getSW()) + "."); - } - throw new IOException(cause); - - } - - }; - - return file; - - } - - public static byte[] readTransparentFile(CardChannel channel, int maxSize) - throws CardException, SignatureCardException { - - TransparentFileInputStream is = openTransparentFileInputStream(channel, maxSize); - - try { - - ByteArrayOutputStream os = new ByteArrayOutputStream(); - - int len; - for (byte[] b = new byte[256]; (len = is.read(b)) != -1;) { - os.write(b, 0, len); - } - - return os.toByteArray(); - - } catch (IOException e) { - Throwable cause = e.getCause(); - if (cause instanceof CardException) { - throw (CardException) cause; - } - if (cause instanceof SignatureCardException) { - throw (SignatureCardException) cause; - } - throw new SignatureCardException(e); - } - - } - - public static byte[] readTransparentFileTLV(CardChannel channel, int maxSize, - byte expectedType) throws CardException, SignatureCardException { - - TransparentFileInputStream is = openTransparentFileInputStream(channel, - maxSize); - - return readTransparentFileTLV(is, maxSize, expectedType); - - } - - public static byte[] readTransparentFileTLV(TransparentFileInputStream is, int maxSize, - byte expectedType) throws CardException, SignatureCardException { - - - try { - - is.mark(256); - - // check expected type - int b = is.read(); - if (b == 0x00) { - return null; - } - if (b == -1 || expectedType != (0xFF & b)) { - throw new SignatureCardException("Unexpected TLV type. Expected " - + Integer.toHexString(expectedType) + " but was " - + Integer.toHexString(b) + "."); - } - - // get actual length - int actualSize = 2; - b = is.read(); - if (b == -1) { - return null; - } else if ((0x80 & b) > 0) { - int octets = (0x0F & b); - actualSize += octets; - for (int i = 1; i <= octets; i++) { - b = is.read(); - if (b == -1) { - return null; - } - actualSize += (0xFF & b) << ((octets - i) * 8); - } - } else { - actualSize += 0xFF & b; - } - - // set limit to actual size and read into buffer - is.reset(); - is.setLimit(actualSize); - byte[] buf = new byte[actualSize]; - if (is.read(buf) == actualSize) { - return buf; - } else { - return null; - } - - } catch (IOException e) { - Throwable cause = e.getCause(); - if (cause instanceof CardException) { - throw (CardException) cause; - } - if (cause instanceof SignatureCardException) { - throw (SignatureCardException) cause; - } - throw new SignatureCardException(e); - } - - } - - public static int getLengthFromFCx(byte[] fcx) { - - int len = -1; - - if (fcx.length != 0 && (fcx[0] == (byte) 0x62 || fcx[0] == (byte) 0x6F)) { - int pos = 2; - while (pos < (fcx[1] - 2)) { - switch (fcx[pos]) { - - case (byte) 0x80: - case (byte) 0x81: { - len = 0xFF & fcx[pos + 2]; - for (int i = 1; i < fcx[pos + 1]; i++) { - len<<=8; - len+=0xFF & fcx[pos + i + 2]; - } - } - - default: - pos += 0xFF & fcx[pos + 1] + 2; - } - } - } - - return len; - - } - - public static byte[] readRecord(CardChannel channel, int record) throws CardException, SignatureCardException { - - ResponseAPDU resp = channel.transmit( - new CommandAPDU(0x00, 0xB2, record, 0x04, 256)); - if (resp.getSW() == 0x9000) { - return resp.getData(); - } else { - throw new SignatureCardException("Failed to read records. SW=" - + Integer.toHexString(resp.getSW())); - } - - } - - public static void formatPIN(int pinFormat, int pinJustification, byte[] fpin, byte[] mask, char[] pin) { - - boolean left = (pinJustification == VerifyAPDUSpec.PIN_JUSTIFICATION_LEFT); - - int j = (left) ? 0 : fpin.length - 1; - int step = (left) ? 1 : - 1; - switch (pinFormat) { - case VerifyAPDUSpec.PIN_FORMAT_BINARY: - if (fpin.length < pin.length) { - throw new IllegalArgumentException(); - } - for (int i = 0; i < pin.length; i++) { - fpin[j] = (byte) Character.digit(pin[i], 10); - mask[j] = (byte) 0xFF; - j += step; - } - break; - - case VerifyAPDUSpec.PIN_FORMAT_BCD: - if (fpin.length * 2 < pin.length) { - throw new IllegalArgumentException(); - } - for (int i = 0; i < pin.length; i++) { - int digit = Character.digit(pin[i], 10); - boolean h = (i % 2 == 0) ^ left; - fpin[j] |= h ? digit : digit << 4 ; - mask[j] |= h ? (byte) 0x0F : (byte) 0xF0; - j += (i % 2) * step; - } - break; - - case VerifyAPDUSpec.PIN_FORMAT_ASCII: - if (fpin.length < pin.length) { - throw new IllegalArgumentException(); - } - byte[] asciiPin = Charset.forName("ASCII").encode(CharBuffer.wrap(pin)).array(); - for (int i = 0; i < pin.length; i++) { - fpin[j] = asciiPin[i]; - mask[j] = (byte) 0xFF; - j += step; - } - break; - } - - } - - public static void insertPIN(byte[] apdu, int pos, byte[] fpin, byte[] mask) { - for (int i = 0; i < fpin.length; i++) { - apdu[pos + i] &= ~mask[i]; - apdu[pos + i] |= fpin[i]; - } - } - - public static void insertPINLength(byte[] apdu, int length, int lengthSize, int pos, int offset) { - - // use short (2 byte) to be able to shift the pin length - // by the number of bits given by the pin length position - short size = (short) (0x00FF & length); - short sMask = (short) ((1 << lengthSize) - 1); - // shift to the proper position - int shift = 16 - lengthSize - (pos % 8); - offset += (pos / 8) + 5; - size <<= shift; - sMask <<= shift; - // insert upper byte - apdu[offset] &= (0xFF & (~sMask >> 8)); - apdu[offset] |= (0xFF & (size >> 8)); - // insert lower byte - apdu[offset + 1] &= (0xFF & ~sMask); - apdu[offset + 1] |= (0xFF & size); - - } - - public static CommandAPDU createVerifyAPDU(VerifyAPDUSpec apduSpec, char[] pin) { - - // format pin - byte[] fpin = new byte[apduSpec.getPinLength()]; - byte[] mask = new byte[apduSpec.getPinLength()]; - formatPIN(apduSpec.getPinFormat(), apduSpec.getPinJustification(), fpin, mask, pin); - - byte[] apdu = apduSpec.getApdu(); - - // insert formated pin - insertPIN(apdu, apduSpec.getPinPosition() + 5, fpin, mask); - - // insert pin length - if (apduSpec.getPinLengthSize() != 0) { - insertPINLength(apdu, pin.length, apduSpec.getPinLengthSize(), apduSpec.getPinLengthPos(), 0); - } - - return new CommandAPDU(apdu); - - } - - public static CommandAPDU createChangeReferenceDataAPDU( - ChangeReferenceDataAPDUSpec apduSpec, char[] oldPin, char[] newPin) { - - // format old pin - byte[] fpin = new byte[apduSpec.getPinLength()]; - byte[] mask = new byte[apduSpec.getPinLength()]; - formatPIN(apduSpec.getPinFormat(), apduSpec.getPinJustification(), fpin, mask, oldPin); - - byte[] apdu = apduSpec.getApdu(); - - // insert formated old pin - insertPIN(apdu, apduSpec.getPinPosition() + apduSpec.getPinInsertionOffsetOld() + 5, fpin, mask); - - // insert pin length - if (apduSpec.getPinLengthSize() != 0) { - insertPINLength(apdu, oldPin.length, apduSpec.getPinLengthSize(), - apduSpec.getPinLengthPos(), apduSpec.getPinInsertionOffsetOld()); - } - - // format new pin - fpin = new byte[apduSpec.getPinLength()]; - mask = new byte[apduSpec.getPinLength()]; - formatPIN(apduSpec.getPinFormat(), apduSpec.getPinJustification(), fpin, mask, newPin); - - // insert formated new pin - insertPIN(apdu, apduSpec.getPinPosition() + apduSpec.getPinInsertionOffsetNew() + 5, fpin, mask); - - // insert pin length - if (apduSpec.getPinLengthSize() != 0) { - insertPINLength(apdu, newPin.length, apduSpec.getPinLengthSize(), - apduSpec.getPinLengthPos(), apduSpec.getPinInsertionOffsetNew()); - } - - return new CommandAPDU(apdu); - - } - - public static CommandAPDU createNewReferenceDataAPDU( - NewReferenceDataAPDUSpec apduSpec, char[] newPin) { - - // format old pin - byte[] fpin = new byte[apduSpec.getPinLength()]; - byte[] mask = new byte[apduSpec.getPinLength()]; - formatPIN(apduSpec.getPinFormat(), apduSpec.getPinJustification(), fpin, mask, newPin); - - byte[] apdu = apduSpec.getApdu(); - - // insert formated new pin - insertPIN(apdu, apduSpec.getPinPosition() + apduSpec.getPinInsertionOffsetNew() + 5, fpin, mask); - - // insert pin length - if (apduSpec.getPinLengthSize() != 0) { - insertPINLength(apdu, newPin.length, apduSpec.getPinLengthSize(), - apduSpec.getPinLengthPos(), apduSpec.getPinInsertionOffsetNew()); - } - - return new CommandAPDU(apdu); - - } - - -} diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java deleted file mode 100644 index f7d3bab7..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/SMCCHelper.java +++ /dev/null @@ -1,150 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc.util;
-
-import java.util.Locale;
-import java.util.Map;
-
-import javax.smartcardio.ATR;
-import javax.smartcardio.Card;
-import javax.smartcardio.CardTerminal;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import at.gv.egiz.smcc.CardNotSupportedException;
-import at.gv.egiz.smcc.SignatureCard;
-import at.gv.egiz.smcc.SignatureCardFactory;
-
-public class SMCCHelper {
-
- public final static int NO_CARD = 0;
- public final static int PC_SC_NOT_SUPPORTED = 1;
- public final static int TERMINAL_NOT_PRESENT = 2;
- public final static int CARD_NOT_SUPPORTED = 3;
- public final static int CARD_FOUND = 4;
-
- private final static Log log = LogFactory.getLog(SMCCHelper.class);
-
- protected SmartCardIO smartCardIO = new SmartCardIO();
- protected int resultCode = NO_CARD;
- protected SignatureCard signatureCard = null;
- protected static boolean useSWCard = false;
-
- public SMCCHelper() {
- update();
- }
-
- public synchronized void update() {
- update(-1);
- }
-
- public synchronized void update(int sleep) {
- SignatureCardFactory factory = SignatureCardFactory.getInstance();
- if (useSWCard) {
- try {
- signatureCard = factory.createSignatureCard(null, null);
- resultCode = CARD_FOUND;
- } catch (CardNotSupportedException e) {
- resultCode = CARD_NOT_SUPPORTED;
- signatureCard = null;
- }
- return;
- }
- signatureCard = null;
- resultCode = NO_CARD;
- // find pcsc support
- if (smartCardIO.isPCSCSupported()) {
- // find supported card
- if (smartCardIO.isTerminalPresent()) {
- Map<CardTerminal, Card> newCards = null;
- if (sleep > 0) {
- smartCardIO.waitForInserted(sleep);
-
- }
- newCards = smartCardIO.getCards();
- for (CardTerminal cardTerminal : newCards.keySet()) {
- try {
- Card c = newCards.get(cardTerminal);
- if (c == null) {
- throw new CardNotSupportedException();
- }
- signatureCard = factory.createSignatureCard(c, cardTerminal);
- ATR atr = newCards.get(cardTerminal).getATR();
- log.trace("Found supported card (" + signatureCard.toString() + ") "
- + "in terminal '" + cardTerminal.getName() + "', ATR = "
- + toString(atr.getBytes()) + ".");
- resultCode = CARD_FOUND;
- break;
-
- } catch (CardNotSupportedException e) {
- Card c = newCards.get(cardTerminal);
- if (c != null) {
- ATR atr = c.getATR();
- log.info("Found unsupported card" + " in terminal '"
- + cardTerminal.getName() + "', ATR = "
- + toString(atr.getBytes()) + ".");
- } else {
- log.info("Found unsupported card in terminal '"
- + cardTerminal.getName() + "' without ATR");
- }
- resultCode = CARD_NOT_SUPPORTED;
- }
- }
- } else {
- resultCode = TERMINAL_NOT_PRESENT;
- }
- } else {
- resultCode = PC_SC_NOT_SUPPORTED;
- }
- }
-
- public synchronized SignatureCard getSignatureCard(Locale locale) {
- if (signatureCard != null) {
- signatureCard.setLocale(locale);
- }
- return signatureCard;
- }
-
- public int getResultCode() {
- return resultCode;
- }
-
- public static String toString(byte[] b) {
- StringBuffer sb = new StringBuffer();
- sb.append('[');
- if (b != null && b.length > 0) {
- sb.append(Integer.toHexString((b[0] & 240) >> 4));
- sb.append(Integer.toHexString(b[0] & 15));
- for (int i = 1; i < b.length; i++) {
- sb.append((i % 32 == 0) ? '\n' : ':');
- sb.append(Integer.toHexString((b[i] & 240) >> 4));
- sb.append(Integer.toHexString(b[i] & 15));
- }
- }
- sb.append(']');
- return sb.toString();
- }
-
- public static boolean isUseSWCard() {
- return useSWCard;
- }
-
- public static void setUseSWCard(boolean useSWCard) {
- SMCCHelper.useSWCard = useSWCard;
- }
-}
diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java deleted file mode 100644 index b1866894..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/SmartCardIO.java +++ /dev/null @@ -1,204 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc.util;
-
-import java.security.NoSuchAlgorithmException; -import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.smartcardio.Card;
-import javax.smartcardio.CardException;
-import javax.smartcardio.CardTerminal;
-import javax.smartcardio.CardTerminals;
-import javax.smartcardio.TerminalFactory;
-import javax.smartcardio.CardTerminals.State;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-/**
- *
- * @author mcentner
- */
-public class SmartCardIO {
-
- private static final int STATE_INITIALIZED = 1;
-
- private static final int STATE_TERMINAL_FACTORY = 2;
-
- private static final int STATE_TERMINALS = 3;
-
- private static Log log = LogFactory.getLog(SmartCardIO.class);
-
- final Map<CardTerminal, Card> terminalCard_ = new HashMap<CardTerminal, Card>();
-
- int state_ = STATE_INITIALIZED;
-
- TerminalFactory terminalFactory_ = null;
-
- CardTerminals cardTerminals_;
-
- private void updateTerminalFactory() {
- TerminalFactory terminalFactory; - try { - terminalFactory = TerminalFactory.getInstance("PC/SC", null); - } catch (NoSuchAlgorithmException e) { - log.info("Failed to get TerminalFactory of type 'PC/SC'.", e); - terminalFactory = TerminalFactory.getDefault(); - }
- log.debug("TerminalFactory : " + terminalFactory);
- if ("PC/SC".equals(terminalFactory.getType())) {
- terminalFactory_ = terminalFactory;
- }
- if(state_ < STATE_TERMINAL_FACTORY) {
- state_ = STATE_TERMINAL_FACTORY;
- }
- }
-
- public boolean isPCSCSupported() {
- if(state_ < STATE_TERMINAL_FACTORY) {
- updateTerminalFactory();
- }
- return terminalFactory_ != null;
- }
-
- private void updateCardTerminals() {
- if(terminalFactory_ != null) {
- cardTerminals_ = terminalFactory_.terminals();
- }
- log.debug("CardTerminals : " + cardTerminals_);
- if (state_ < STATE_TERMINALS) {
- state_ = STATE_TERMINALS;
- }
- }
-
- public CardTerminals getCardTerminals() {
- if(state_ < STATE_TERMINAL_FACTORY) {
- updateTerminalFactory();
- }
- if(state_ < STATE_TERMINALS) {
- updateCardTerminals();
- }
- return cardTerminals_;
- }
-
- public boolean isTerminalPresent() {
- CardTerminals cardTerminals = getCardTerminals();
- if (cardTerminals != null) {
- List<CardTerminal> terminals = null;
- try {
- terminals = cardTerminals.list(State.ALL);
-
- // logging
- if(log.isInfoEnabled()) {
- if (terminals == null || terminals.isEmpty()) {
- log.info("No card terminal found.");
- } else {
- StringBuffer msg = new StringBuffer();
- msg.append("Found " + terminals.size() + " card terminal(s):");
- for (CardTerminal terminal : terminals) {
- msg.append("\n " + terminal.getName());
- }
- log.info(msg.toString());
- }
- }
-
- return terminals != null && !terminals.isEmpty();
- } catch (CardException e) {
- log.info("Failed to list card terminals.", e);
- return false;
- }
- } else {
- return false;
- }
- }
-
- private Map<CardTerminal, Card> updateCards() {
-
- // clear card references if removed
- try {
- log.trace("terminals.list(State.CARD_REMOVAL)");
- for (CardTerminal terminal : cardTerminals_.list(CardTerminals.State.CARD_REMOVAL)) {
- Card card = terminalCard_.remove(terminal);
- log.trace("card removed : " + card);
- }
- } catch (CardException e) {
- log.debug(e);
- }
-
- // check inserted cards
- Map<CardTerminal, Card> newCards = new HashMap<CardTerminal, Card>();
- try {
- log.trace("terminals.list(State.CARD_INSERTION)");
- for (CardTerminal terminal : cardTerminals_.list(CardTerminals.State.CARD_INSERTION)) {
-
- Card card = null;
- try { - log.trace("Trying to connect to card."); - // try to connect to card
- card = terminal.connect("*");
- } catch (CardException e) {
- log.trace("Failed to connect to card.", e);
- }
-
- // have we seen this card before?
- if (terminalCard_.put(terminal, card) == null) {
- terminalCard_.put(terminal, card);
- newCards.put(terminal, card);
- log.trace("terminal '" + terminal + "' card inserted : " + card);
- }
- }
- } catch (CardException e) {
- log.debug(e);
- }
- return newCards;
-
- }
-
- public Map<CardTerminal, Card> getCards() {
- if(state_ < STATE_TERMINAL_FACTORY) {
- updateTerminalFactory();
- }
- if(state_ < STATE_TERMINALS) {
- updateCardTerminals();
- }
- updateCards();
- Map<CardTerminal, Card> terminalCard = new HashMap<CardTerminal, Card>();
- terminalCard.putAll(terminalCard_);
- return Collections.unmodifiableMap(terminalCard);
- }
-
- public Map<CardTerminal, Card> waitForInserted(int timeout) {
- if(state_ < STATE_TERMINAL_FACTORY) {
- updateTerminalFactory();
- }
- if(state_ < STATE_TERMINALS) {
- updateCardTerminals();
- }
- try {
- // just waiting for a short period of time to allow for abort
- cardTerminals_.waitForChange(timeout);
- } catch (CardException e) {
- log.debug("CardTerminals.waitForChange(" + timeout + ") failed.", e);
- }
- Map<CardTerminal, Card> newCards = new HashMap<CardTerminal, Card>();
- newCards.putAll(updateCards());
- return Collections.unmodifiableMap(newCards);
- }
-}
\ No newline at end of file diff --git a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/TransparentFileInputStream.java b/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/TransparentFileInputStream.java deleted file mode 100644 index 781f9137..00000000 --- a/mocca-1.2.11/smcc/src/main/java/at/gv/egiz/smcc/util/TransparentFileInputStream.java +++ /dev/null @@ -1,194 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.smcc.util; - -import java.io.IOException; -import java.io.InputStream; - -public abstract class TransparentFileInputStream extends InputStream { - - private final int chunkSize = 256; - - private byte[] buf = new byte[chunkSize]; - private int start = 0; - private int end = 0; - - private int offset = 0; - - private int length = -1; - - private int limit = -1; - - private int mark = -1; - - private int readlimit = -1; - - public TransparentFileInputStream() { - } - - public TransparentFileInputStream(int length) { - this.length = length; - } - - public void setLimit(int limit) { - this.limit = limit; - } - - private int fill() throws IOException { - if (start == end && (limit < 0 || offset < limit)) { - int l; - if (limit > 0 && limit - offset < chunkSize) { - l = limit - offset; - } else if (length > 0) { - if (length - offset < chunkSize) { - l = length - offset; - } else { - l = chunkSize - 1; - } - } else { - l = chunkSize; - } - byte[] b = readBinary(offset, l); - offset += b.length; - if (mark < 0) { - start = 0; - end = b.length; - System.arraycopy(b, 0, buf, start, b.length); - } else { - if (end - mark + b.length > buf.length) { - // double buffer size - byte[] nbuf = new byte[buf.length * 2]; - System.arraycopy(buf, mark, nbuf, 0, end - mark); - buf = nbuf; - } else { - System.arraycopy(buf, mark, buf, 0, end - mark); - } - start = start - mark; - end = end - mark + b.length; - mark = 0; - System.arraycopy(b, 0, buf, start, b.length); - } - if (l > b.length) { - // end of file reached - setLimit(offset); - } - } - return end - start; - } - - protected abstract byte[] readBinary(int offset, int len) throws IOException; - - @Override - public int read() throws IOException { - int b = (fill() > 0) ? 0xFF & buf[start++] : -1; - if (readlimit > 0 && start > readlimit) { - mark = -1; - readlimit = -1; - } - return b; - } - - @Override - public int read(byte[] b, int off, int len) throws IOException { - if (b == null) { - throw new NullPointerException(); - } else if (off < 0 || len < 0 || len > b.length - off) { - throw new IndexOutOfBoundsException(); - } else if (len == 0) { - return 0; - } - - int count = 0; - int l; - while (count < len) { - if (fill() > 0) { - l = Math.min(end - start, len - count); - System.arraycopy(buf, start, b, off, l); - start += l; - off += l; - count += l; - if (readlimit > 0 && start > readlimit) { - mark = -1; - readlimit = -1; - } - } else { - return (count > 0) ? count : -1; - } - } - - return count; - - } - - @Override - public synchronized void mark(int readlimit) { - this.readlimit = readlimit; - mark = start; - } - - @Override - public boolean markSupported() { - return true; - } - - @Override - public synchronized void reset() throws IOException { - if (mark < 0) { - throw new IOException(); - } else { - start = mark; - } - } - - @Override - public long skip(long n) throws IOException { - - if (n <= 0) { - return 0; - } - - if (n <= end - start) { - start += n; - return n; - } else { - - mark = -1; - - long remaining = n - (end - start); - start = end; - - if (limit >= 0 && limit < offset + remaining) { - remaining -= limit - offset; - offset = limit; - return n - remaining; - } - - if (length >= 0 && length < offset + remaining) { - remaining -= length - offset; - offset = length; - return n - remaining; - } - - offset += remaining; - - return n; - - } - - } - -} |