From 8a7c17888fd80cf0de70008c31d4679d42dc6489 Mon Sep 17 00:00:00 2001
From: clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>
Date: Wed, 10 Nov 2010 14:26:19 +0000
Subject: get certificate info from EF.CD Issue #MOCCA-754 - LIEZertifikat
 (LIE-Post) Integration

git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@828 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
---
 .../at/gv/egiz/smcc/CIOCertificateDirectory.java   | 132 +++++++++++++++++++++
 1 file changed, 132 insertions(+)
 create mode 100644 smcc/src/main/java/at/gv/egiz/smcc/CIOCertificateDirectory.java

(limited to 'smcc/src/main/java/at/gv/egiz/smcc/CIOCertificateDirectory.java')

diff --git a/smcc/src/main/java/at/gv/egiz/smcc/CIOCertificateDirectory.java b/smcc/src/main/java/at/gv/egiz/smcc/CIOCertificateDirectory.java
new file mode 100644
index 00000000..fd7746e6
--- /dev/null
+++ b/smcc/src/main/java/at/gv/egiz/smcc/CIOCertificateDirectory.java
@@ -0,0 +1,132 @@
+/*
+* Copyright 2008 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package at.gv.egiz.smcc;
+
+import at.gv.egiz.smcc.util.ISO7816Utils;
+import at.gv.egiz.smcc.util.TLVSequence;
+import iaik.me.asn1.ASN1;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import javax.smartcardio.CardChannel;
+import javax.smartcardio.CardException;
+import javax.smartcardio.CommandAPDU;
+import javax.smartcardio.ResponseAPDU;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ *
+ * @author clemens
+ */
+public class CIOCertificateDirectory {
+
+    protected static final Logger log = LoggerFactory.getLogger(CIOCertificateDirectory.class);
+    protected byte[] fid;
+    protected List<CIOCertificate> cios;
+
+    public CIOCertificateDirectory(byte[] fid) {
+        this.fid = fid;
+        cios = new ArrayList<CIOCertificate>();
+    }
+
+    /**
+     * assume DF.CIA selected
+     * CIO.CD selected afterwards
+     *
+     * @param channel
+     * @throws CardException
+     * @throws SignatureCardException
+     * @throws IOException if ASN.1 structure cannot be parsed
+     */
+    public void selectAndRead(CardChannel channel) throws CardException, SignatureCardException, IOException {
+
+        CommandAPDU cmd = new CommandAPDU(0x00, 0xA4, 0x02, ISO7816Utils.P2_FCP, fid, 256);
+        ResponseAPDU resp = channel.transmit(cmd);
+
+        byte[] fcx = new TLVSequence(resp.getBytes()).getValue(ISO7816Utils.TAG_FCP);
+        byte[] fd = new TLVSequence(fcx).getValue(0x82);
+
+        if ((fd[0] & 0x04) > 0) {
+            for (int r = 1; r < fd[fd.length - 1]; r++) {
+                log.trace("read CIO record {}", r);
+                byte[] record = ISO7816Utils.readRecord(channel, r);
+                log.trace("{} bytes", record.length);
+                addCIOCertificate(record);
+            }
+        } else if ((fd[0] & 0x05) == 0x01) {
+            byte[] ef = ISO7816Utils.readTransparentFile(channel, -1);
+
+            int i = 0;
+            int j;
+
+            do {
+                int length = 0;
+                int ll = 0;
+                if ((ef[i + 1] & 0xf0) == 0x80) {
+                    ll = ef[i + 1] & 0x7f;
+                    for (int it = 0; it < ll; it++) {
+                        length = (length << 8) + (ef[i + it + 2] & 0xff);
+                    }
+                } else {
+                    length = (ef[i + 1] & 0xff);
+                }
+
+                log.trace("read transparent file entry: tag 0x{}, length 0x{}", Integer.toHexString(ef[i]),
+                        Integer.toHexString(length));
+
+                j = i + 2 + ll + length;
+                addCIOCertificate(Arrays.copyOfRange(ef, i, j));
+                i = j;
+            } while (i < ef.length && ef[i] > 0);
+        }
+    }
+
+    protected void addCIOCertificate(byte[] cio) throws IOException {
+        
+        ASN1 x509Certificate = new ASN1(cio);
+
+        CIOCertificate cioCert = new CIOCertificate();
+        cioCert.setLabel(x509Certificate.getElementAt(0).getElementAt(0).gvString());
+        cioCert.setAuthId(x509Certificate.getElementAt(0).getElementAt(2).gvByteArray());
+        cioCert.setiD(x509Certificate.getElementAt(1).getElementAt(0).gvByteArray());
+
+        //read CONTEXTSPECIFIC manually
+        byte[] ctxSpecific = x509Certificate.getElementAt(2).getEncoded();
+        if ((ctxSpecific[0] & 0xff) == 0xa1) {
+            int ll = ((ctxSpecific[1] & 0xf0) == 0x80)
+                    ? (ctxSpecific[1] & 0x0f) + 2 : 2;
+            ASN1 x509CertificateAttributes = new ASN1(Arrays.copyOfRange(ctxSpecific, ll, ctxSpecific.length));
+
+            cioCert.setEfidOrPath(x509CertificateAttributes.getElementAt(0).getElementAt(0).gvByteArray());
+
+        } else {
+            log.warn("expected CONTEXTSPECIFIC, got 0x{}",
+                    Integer.toHexString(ctxSpecific[0]));
+        }
+
+        log.debug("adding {}", cioCert);
+        cios.add(cioCert);
+
+    }
+
+    public List<CIOCertificate> getCIOs() {
+        return cios;
+    }
+}
-- 
cgit v1.2.3