From 32d17447a258188b2d534bcb0bf65a659ba7b7d0 Mon Sep 17 00:00:00 2001 From: mcentner Date: Fri, 29 Aug 2008 12:11:34 +0000 Subject: Initial import. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/smccstal/SignRequestHandler.java | 151 +++++++++++++++++++++ 1 file changed, 151 insertions(+) create mode 100644 smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java new file mode 100644 index 00000000..6ae4fa01 --- /dev/null +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -0,0 +1,151 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.smccstal; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.PINProvider; +import at.gv.egiz.smcc.PINSpec; +import at.gv.egiz.smcc.SignatureCard; +import at.gv.egiz.smcc.SignatureCardException; +import at.gv.egiz.smcc.SignatureCard.KeyboxName; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.SignResponse; +import at.gv.egiz.stal.signedinfo.ObjectFactory; +import at.gv.egiz.stal.signedinfo.SignedInfoType; +import at.gv.egiz.stal.util.JCEAlgorithmNames; + +public class SignRequestHandler extends AbstractRequestHandler implements + PINProvider { + private static Log log = LogFactory.getLog(SignRequestHandler.class); + + private static JAXBContext jaxbContext; + + static { + try { + jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage() + .getName()); + } catch (JAXBException e) { + log.fatal("Cannot init jaxbContext", e); + } + } + + private int retryCounter = 0; + + public SignRequestHandler() { + } + + @SuppressWarnings("unchecked") + @Override + public STALResponse handleRequest(STALRequest request) { + if (request instanceof SignRequest) { + SignRequest signReq = (SignRequest) request; + newSTALMessage("Message.RequestCaption", "Message.SignRequest"); + try { + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + InputStream is = new ByteArrayInputStream(signReq.getSignedInfo()); + JAXBElement signedInfo = (JAXBElement) unmarshaller + .unmarshal(is); + String signatureMethod = signedInfo.getValue().getSignatureMethod() + .getAlgorithm(); + log.debug("Found signature method: " + signatureMethod); + String jceName = JCEAlgorithmNames.getJCEHashName(signatureMethod); + if (jceName == null) { + log.error("Hash algorithm not supported:"); + return new ErrorResponse(1000); + } + MessageDigest md = MessageDigest.getInstance(jceName); + md.update(signReq.getSignedInfo()); + KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq + .getKeyIdentifier()); + byte[] resp = card.createSignature(md.digest(), kb, this); + if (resp == null) { + return new ErrorResponse(6001); + } + SignResponse stalResp = new SignResponse(); + stalResp.setSignatureValue(resp); + return stalResp; + } catch (CancelledException cx) { + log.debug("User cancelled request"); + return new ErrorResponse(6001); + } catch (SignatureCardException e) { + log.error("Error while creating signature: " + e); + return new ErrorResponse(4000); + } catch (JAXBException e) { + log.error("Cannot unmarshall signed info", e); + return new ErrorResponse(1000); + } catch (NoSuchAlgorithmException e) { + log.error(e); + return new ErrorResponse(1000); + } + } else { + log.fatal("Got unexpected STAL request: " + request); + return new ErrorResponse(1000); + } + } + + @Override + public boolean requireCard() { + return true; + } + + @Override + public String providePIN(PINSpec spec, int retries) { + if (retryCounter++ > 0) { + log.info("PIN wrong retrying ..."); + gui.showSignaturePINRetryDialog(spec, retries, this, "sign", this, + "cancel", this, "hashData"); + } else { + gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, + "hashData"); + } + do { + waitForAction(); + if (actionCommand.equals("cancel")) { + return null; + } else if (actionCommand.equals("hashData")) { + // FIXME provide hashdata input + gui.showHashDataInputDialog(null, this, "ok"); + } else if (actionCommand.equals("sign")) { + return new String(gui.getPin()); + } else if (actionCommand.equals("ok")) { + gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, + "hashData"); + } + } while (true); + } + + @Override + public SMCCSTALRequestHandler newInstance() { + return new SignRequestHandler(); + } +} -- cgit v1.2.3 From 35b64892bad13c846f19260311c7625d88cef7a1 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 5 Sep 2008 13:39:53 +0000 Subject: HashDataInput git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@23 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/smccstal/SignRequestHandler.java | 337 ++++++++++++--------- 1 file changed, 187 insertions(+), 150 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 6ae4fa01..2fe77c5d 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -1,151 +1,188 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.smccstal; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Unmarshaller; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.smcc.CancelledException; -import at.gv.egiz.smcc.PINProvider; -import at.gv.egiz.smcc.PINSpec; -import at.gv.egiz.smcc.SignatureCard; -import at.gv.egiz.smcc.SignatureCardException; -import at.gv.egiz.smcc.SignatureCard.KeyboxName; -import at.gv.egiz.stal.ErrorResponse; -import at.gv.egiz.stal.STALRequest; -import at.gv.egiz.stal.STALResponse; -import at.gv.egiz.stal.SignRequest; -import at.gv.egiz.stal.SignResponse; -import at.gv.egiz.stal.signedinfo.ObjectFactory; -import at.gv.egiz.stal.signedinfo.SignedInfoType; -import at.gv.egiz.stal.util.JCEAlgorithmNames; - -public class SignRequestHandler extends AbstractRequestHandler implements - PINProvider { - private static Log log = LogFactory.getLog(SignRequestHandler.class); - - private static JAXBContext jaxbContext; - - static { - try { - jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage() - .getName()); - } catch (JAXBException e) { - log.fatal("Cannot init jaxbContext", e); - } - } - - private int retryCounter = 0; - - public SignRequestHandler() { - } - - @SuppressWarnings("unchecked") - @Override - public STALResponse handleRequest(STALRequest request) { - if (request instanceof SignRequest) { - SignRequest signReq = (SignRequest) request; - newSTALMessage("Message.RequestCaption", "Message.SignRequest"); - try { - Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); - InputStream is = new ByteArrayInputStream(signReq.getSignedInfo()); - JAXBElement signedInfo = (JAXBElement) unmarshaller - .unmarshal(is); - String signatureMethod = signedInfo.getValue().getSignatureMethod() - .getAlgorithm(); - log.debug("Found signature method: " + signatureMethod); - String jceName = JCEAlgorithmNames.getJCEHashName(signatureMethod); - if (jceName == null) { - log.error("Hash algorithm not supported:"); - return new ErrorResponse(1000); - } - MessageDigest md = MessageDigest.getInstance(jceName); - md.update(signReq.getSignedInfo()); - KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq - .getKeyIdentifier()); - byte[] resp = card.createSignature(md.digest(), kb, this); - if (resp == null) { - return new ErrorResponse(6001); - } - SignResponse stalResp = new SignResponse(); - stalResp.setSignatureValue(resp); - return stalResp; - } catch (CancelledException cx) { - log.debug("User cancelled request"); - return new ErrorResponse(6001); - } catch (SignatureCardException e) { - log.error("Error while creating signature: " + e); - return new ErrorResponse(4000); - } catch (JAXBException e) { - log.error("Cannot unmarshall signed info", e); - return new ErrorResponse(1000); - } catch (NoSuchAlgorithmException e) { - log.error(e); - return new ErrorResponse(1000); - } - } else { - log.fatal("Got unexpected STAL request: " + request); - return new ErrorResponse(1000); - } - } - - @Override - public boolean requireCard() { - return true; - } - - @Override - public String providePIN(PINSpec spec, int retries) { - if (retryCounter++ > 0) { - log.info("PIN wrong retrying ..."); - gui.showSignaturePINRetryDialog(spec, retries, this, "sign", this, - "cancel", this, "hashData"); - } else { - gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, - "hashData"); - } - do { - waitForAction(); - if (actionCommand.equals("cancel")) { - return null; - } else if (actionCommand.equals("hashData")) { - // FIXME provide hashdata input - gui.showHashDataInputDialog(null, this, "ok"); - } else if (actionCommand.equals("sign")) { - return new String(gui.getPin()); - } else if (actionCommand.equals("ok")) { - gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, - "hashData"); - } - } while (true); - } - - @Override - public SMCCSTALRequestHandler newInstance() { - return new SignRequestHandler(); - } -} + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.smccstal; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +import java.util.logging.Level; +import java.util.logging.Logger; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.PINProvider; +import at.gv.egiz.smcc.PINSpec; +import at.gv.egiz.smcc.SignatureCard; +import at.gv.egiz.smcc.SignatureCardException; +import at.gv.egiz.smcc.SignatureCard.KeyboxName; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.SignResponse; +import at.gv.egiz.stal.signedinfo.ObjectFactory; +import at.gv.egiz.stal.signedinfo.ReferenceType; +import at.gv.egiz.stal.signedinfo.SignedInfoType; +import at.gv.egiz.stal.util.JCEAlgorithmNames; +import java.util.ArrayList; +import java.util.List; + +/** + * This class is NOT thread-safe. + * handleRequest() sets the SignedInfo which is used in providePIN. + */ +public class SignRequestHandler extends AbstractRequestHandler implements + PINProvider { + + private static Log log = LogFactory.getLog(SignRequestHandler.class); + private static JAXBContext jaxbContext; + + + static { + try { + jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage().getName()); + } catch (JAXBException e) { + log.fatal("Cannot init jaxbContext", e); + } + } + /** the SignedInfo of the current SignRequest */ + protected SignedInfoType signedInfo; + protected List hashDataInputs; + + private int retryCounter = 0; + + @SuppressWarnings("unchecked") + @Override + public STALResponse handleRequest(STALRequest request) { + if (request instanceof SignRequest) { + SignRequest signReq = (SignRequest) request; + newSTALMessage("Message.RequestCaption", "Message.SignRequest"); + try { + Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + InputStream is = new ByteArrayInputStream(signReq.getSignedInfo()); + JAXBElement si = (JAXBElement) unmarshaller.unmarshal(is); + signedInfo = si.getValue(); + String signatureMethod = signedInfo.getSignatureMethod().getAlgorithm(); + log.debug("Found signature method: " + signatureMethod); + String jceName = JCEAlgorithmNames.getJCEHashName(signatureMethod); + if (jceName == null) { + log.error("Hash algorithm not supported:"); + return new ErrorResponse(1000); + } + MessageDigest md = MessageDigest.getInstance(jceName); + md.update(signReq.getSignedInfo()); + KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq.getKeyIdentifier()); + byte[] resp = card.createSignature(md.digest(), kb, this); + if (resp == null) { + return new ErrorResponse(6001); + } + SignResponse stalResp = new SignResponse(); + stalResp.setSignatureValue(resp); + return stalResp; + } catch (CancelledException cx) { + log.debug("User cancelled request"); + return new ErrorResponse(6001); + } catch (SignatureCardException e) { + log.error("Error while creating signature: " + e); + return new ErrorResponse(4000); + } catch (JAXBException e) { + log.error("Cannot unmarshall signed info", e); + return new ErrorResponse(1000); + } catch (NoSuchAlgorithmException e) { + log.error(e); + return new ErrorResponse(1000); + } finally { + signedInfo = null; + } + } else { + log.fatal("Got unexpected STAL request: " + request); + return new ErrorResponse(1000); + } + } + + @Override + public boolean requireCard() { + return true; + } + + @Override + public String providePIN(PINSpec spec, int retries) { + if (retryCounter++ > 0) { + log.info("PIN wrong retrying ..."); + gui.showSignaturePINRetryDialog(spec, retries, this, "sign", this, + "cancel", this, "hashData"); + } else { + gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, + "hashData"); + } + do { + waitForAction(); + if (actionCommand.equals("cancel")) { + return null; + } else if (actionCommand.equals("hashData")) { + if (signedInfo != null) { + try { + gui.showWaitDialog(null); + if (hashDataInputs == null) { + hashDataInputs = getHashDataInputs(signedInfo.getReference()); + } + gui.showHashDataInputDialog(hashDataInputs, this, "ok"); + waitForAction(); + gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, + "hashData"); + } catch (Exception ex) { + //FIXME localize messages + log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); + gui.showErrorDialog("Failed to obtain HashDataInputs: " + ex.getMessage(), this, "ok"); + } + } else { + //FIXME get all hashdatainputs + gui.showErrorDialog("Failed to obtain HashDataInputs: No dsig:SignedInfo provided.", this, "ok"); + } + } else if (actionCommand.equals("sign")) { + return new String(gui.getPin()); + } else if (actionCommand.equals("ok")) { + gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, + "hashData"); + } + } while (true); + } + + @Override + public SMCCSTALRequestHandler newInstance() { + return new SignRequestHandler(); + } + + /** + * override by subclass + * @return + */ + protected List getHashDataInputs(List signedReferences) throws Exception { + //TODO + log.warn("Return empty HashDataInput"); + return new ArrayList(); + } +} -- cgit v1.2.3 From d3698ed2a4f129e5af970f072bc79bb8226d7765 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 5 Sep 2008 15:41:19 +0000 Subject: Text HashDataInput git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@24 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 2fe77c5d..1f84300a 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -146,7 +146,7 @@ public class SignRequestHandler extends AbstractRequestHandler implements if (signedInfo != null) { try { gui.showWaitDialog(null); - if (hashDataInputs == null) { + if (hashDataInputs == null || hashDataInputs.size() == 0) { hashDataInputs = getHashDataInputs(signedInfo.getReference()); } gui.showHashDataInputDialog(hashDataInputs, this, "ok"); -- cgit v1.2.3 From 3794536434fdbb06067eddcfd248898ce85f85a1 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 12 Sep 2008 13:06:34 +0000 Subject: gui 0.2 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@34 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 1f84300a..d37d0551 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -47,6 +47,8 @@ import at.gv.egiz.stal.signedinfo.ObjectFactory; import at.gv.egiz.stal.signedinfo.ReferenceType; import at.gv.egiz.stal.signedinfo.SignedInfoType; import at.gv.egiz.stal.util.JCEAlgorithmNames; +import java.io.ByteArrayOutputStream; +import java.io.IOException; import java.util.ArrayList; import java.util.List; @@ -150,9 +152,6 @@ public class SignRequestHandler extends AbstractRequestHandler implements hashDataInputs = getHashDataInputs(signedInfo.getReference()); } gui.showHashDataInputDialog(hashDataInputs, this, "ok"); - waitForAction(); - gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, - "hashData"); } catch (Exception ex) { //FIXME localize messages log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); @@ -178,6 +177,7 @@ public class SignRequestHandler extends AbstractRequestHandler implements /** * override by subclass + * @post-condition returned list != null * @return */ protected List getHashDataInputs(List signedReferences) throws Exception { -- cgit v1.2.3 From cf82096145bbdd548e388c1bc25f0e703b9b4624 Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 17 Sep 2008 17:17:10 +0000 Subject: hashdatainput digest verification git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@44 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/smccstal/SignRequestHandler.java | 273 ++++++++++++++++----- 1 file changed, 212 insertions(+), 61 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index d37d0551..59eed55f 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -21,8 +21,6 @@ import java.io.InputStream; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; -import java.util.logging.Level; -import java.util.logging.Logger; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; import javax.xml.bind.JAXBException; @@ -43,21 +41,26 @@ import at.gv.egiz.stal.STALRequest; import at.gv.egiz.stal.STALResponse; import at.gv.egiz.stal.SignRequest; import at.gv.egiz.stal.SignResponse; +import at.gv.egiz.stal.impl.ByteArrayHashDataInput; import at.gv.egiz.stal.signedinfo.ObjectFactory; import at.gv.egiz.stal.signedinfo.ReferenceType; import at.gv.egiz.stal.signedinfo.SignedInfoType; import at.gv.egiz.stal.util.JCEAlgorithmNames; import java.io.ByteArrayOutputStream; import java.io.IOException; +import java.security.DigestException; +import java.security.DigestInputStream; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; +import java.util.Set; /** * This class is NOT thread-safe. * handleRequest() sets the SignedInfo which is used in providePIN. */ -public class SignRequestHandler extends AbstractRequestHandler implements - PINProvider { +public abstract class SignRequestHandler extends AbstractRequestHandler implements + CashedHashDataInputResolver { private static Log log = LogFactory.getLog(SignRequestHandler.class); private static JAXBContext jaxbContext; @@ -71,10 +74,10 @@ public class SignRequestHandler extends AbstractRequestHandler implements } } /** the SignedInfo of the current SignRequest */ - protected SignedInfoType signedInfo; - protected List hashDataInputs; +// protected SignedInfoType signedInfo; +// protected List hashDataInputs; - private int retryCounter = 0; +// private int retryCounter = 0; @SuppressWarnings("unchecked") @Override @@ -86,8 +89,7 @@ public class SignRequestHandler extends AbstractRequestHandler implements Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); InputStream is = new ByteArrayInputStream(signReq.getSignedInfo()); JAXBElement si = (JAXBElement) unmarshaller.unmarshal(is); - signedInfo = si.getValue(); - String signatureMethod = signedInfo.getSignatureMethod().getAlgorithm(); + String signatureMethod = si.getValue().getSignatureMethod().getAlgorithm(); log.debug("Found signature method: " + signatureMethod); String jceName = JCEAlgorithmNames.getJCEHashName(signatureMethod); if (jceName == null) { @@ -97,7 +99,7 @@ public class SignRequestHandler extends AbstractRequestHandler implements MessageDigest md = MessageDigest.getInstance(jceName); md.update(signReq.getSignedInfo()); KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq.getKeyIdentifier()); - byte[] resp = card.createSignature(md.digest(), kb, this); + byte[] resp = card.createSignature(md.digest(), kb, new STALPinProvider(si.getValue())); if (resp == null) { return new ErrorResponse(6001); } @@ -116,9 +118,7 @@ public class SignRequestHandler extends AbstractRequestHandler implements } catch (NoSuchAlgorithmException e) { log.error(e); return new ErrorResponse(1000); - } finally { - signedInfo = null; - } + } } else { log.fatal("Got unexpected STAL request: " + request); return new ErrorResponse(1000); @@ -130,59 +130,210 @@ public class SignRequestHandler extends AbstractRequestHandler implements return true; } - @Override - public String providePIN(PINSpec spec, int retries) { - if (retryCounter++ > 0) { - log.info("PIN wrong retrying ..."); - gui.showSignaturePINRetryDialog(spec, retries, this, "sign", this, - "cancel", this, "hashData"); - } else { - gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, - "hashData"); - } - do { - waitForAction(); - if (actionCommand.equals("cancel")) { - return null; - } else if (actionCommand.equals("hashData")) { - if (signedInfo != null) { - try { - gui.showWaitDialog(null); - if (hashDataInputs == null || hashDataInputs.size() == 0) { - hashDataInputs = getHashDataInputs(signedInfo.getReference()); - } - gui.showHashDataInputDialog(hashDataInputs, this, "ok"); - } catch (Exception ex) { - //FIXME localize messages - log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); - gui.showErrorDialog("Failed to obtain HashDataInputs: " + ex.getMessage(), this, "ok"); - } - } else { - //FIXME get all hashdatainputs - gui.showErrorDialog("Failed to obtain HashDataInputs: No dsig:SignedInfo provided.", this, "ok"); - } - } else if (actionCommand.equals("sign")) { - return new String(gui.getPin()); - } else if (actionCommand.equals("ok")) { - gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, - "hashData"); - } - } while (true); - } +// @Override +// public String providePIN(PINSpec spec, int retries) { +// if (retryCounter++ > 0) { +// log.info("PIN wrong retrying ..."); +// gui.showSignaturePINRetryDialog(spec, retries, this, "sign", this, +// "cancel", this, "hashData"); +// } else { +// gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, +// "hashData"); +// } +// do { +// waitForAction(); +// if (actionCommand.equals("cancel")) { +// return null; +// } else if (actionCommand.equals("hashData")) { +// if (signedInfo != null) { +// try { +// gui.showWaitDialog(null); +// if (hashDataInputs == null || hashDataInputs.size() == 0) { +// HashMap signedReferences = new HashMap(); +// for (ReferenceType reference : signedInfo.getReference()) { +// //don't get Manifest, QualifyingProperties, ... +// if (reference.getType() == null) { +// signedReferences.put(reference.getId(), reference); +// } +// } +// hashDataInputs = getHashDataInputs(signedReferences.keySet()); +// for (HashDataInput hashDataInput : hashDataInputs) { +// ReferenceType reference = signedReferences.get(hashDataInput.getReferenceId()); +// String algorithm = reference.getDigestMethod().getAlgorithm(); +// MessageDigest md = MessageDigest.getInstance(algorithm); +// DigestInputStream dis = new DigestInputStream(hashDataInput.getHashDataInput(), md); +// while(dis.read() != -1) ; +// byte[] digestValue = md.digest(); +// boolean valid = reference.getDigestValue().equals(digestValue); +// } +// } +// gui.showHashDataInputDialog(hashDataInputs, this, "ok"); +// } catch (Exception ex) { +// //FIXME localize messages +// log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); +// gui.showErrorDialog("Failed to obtain HashDataInputs: " + ex.getMessage(), this, "ok"); +// } +// } else { +// //FIXME get all hashdatainputs +// gui.showErrorDialog("Failed to obtain HashDataInputs: No dsig:SignedInfo provided.", this, "ok"); +// } +// } else if (actionCommand.equals("sign")) { +// return new String(gui.getPin()); +// } else if (actionCommand.equals("ok")) { +// gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, +// "hashData"); +// } +// } while (true); +// } - @Override - public SMCCSTALRequestHandler newInstance() { - return new SignRequestHandler(); - } +// @Override +// public SMCCSTALRequestHandler newInstance() { +// return new SignRequestHandler(); +// } /** - * override by subclass + * implementations may verify the hashvalue * @post-condition returned list != null * @return */ - protected List getHashDataInputs(List signedReferences) throws Exception { - //TODO - log.warn("Return empty HashDataInput"); - return new ArrayList(); + @Override + public abstract List getCashedHashDataInputs(List signedReferences) throws Exception; +// { +// //TODO +// log.warn("Return empty HashDataInput"); +// return new ArrayList(); +// } + + + +// protected void validateHashDataInputs(List signedReferences, List hashDataInputs) { +// if (hashDataInputs != null) { +// +// Map hashDataIdMap = new HashMap(); +// for (HashDataInput hdi : hashDataInputs) { +// if (log.isTraceEnabled()) { +// log.trace("Provided HashDataInput for reference " + hdi.getReferenceId()); +// } +// hashDataIdMap.put(hdi.getReferenceId(), hdi); +// } +// +// List reqRefs = request.getReference(); +// for (GetHashDataInputType.Reference reqRef : reqRefs) { +// String reqRefId = reqRef.getID(); +// HashDataInput reqHdi = hashDataIdMap.get(reqRefId); +// if (reqHdi == null) { +// String msg = "Failed to resolve HashDataInput for reference " + reqRefId; +// log.error(msg); +// GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); +// faultInfo.setErrorCode(1); +// faultInfo.setErrorMessage(msg); +// throw new GetHashDataInputFault(msg, faultInfo); +// } +// +// InputStream hashDataIS = reqHdi.getHashDataInput(); +// if (hashDataIS == null) { +// //HashDataInput not cached? +// String msg = "Failed to obtain HashDataInput for reference " + reqRefId + ", reference not cached"; +// log.error(msg); +// GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); +// faultInfo.setErrorCode(1); +// faultInfo.setErrorMessage(msg); +// throw new GetHashDataInputFault(msg, faultInfo); +// } +// ByteArrayOutputStream baos = null; +// try { +// if (log.isDebugEnabled()) { +// log.debug("Resolved HashDataInput " + reqRefId + " (" + reqHdi.getMimeType() + ";charset=" + reqHdi.getEncoding() + ")"); +// } +// baos = new ByteArrayOutputStream(hashDataIS.available()); +// int c; +// while ((c = hashDataIS.read()) != -1) { +// baos.write(c); +// } +// GetHashDataInputResponseType.Reference ref = new GetHashDataInputResponseType.Reference(); +// ref.setID(reqRefId); +// ref.setMimeType(reqHdi.getMimeType()); +// ref.setEncoding(reqHdi.getEncoding()); +// ref.setValue(baos.toByteArray()); +// response.getReference().add(ref); +// } catch (IOException ex) { +// String msg = "Failed to get HashDataInput for reference " + reqRefId; +// log.error(msg, ex); +// GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); +// faultInfo.setErrorCode(1); +// faultInfo.setErrorMessage(msg); +// throw new GetHashDataInputFault(msg, faultInfo, ex); +// } finally { +// try { +// baos.close(); +// } catch (IOException ex) { +// } +// } +// } +// return response; +// } +// for (ReferenceType reference : signedReferences) { +// String algorithm = reference.getDigestMethod().getAlgorithm(); +// +// } +// } + + + /** + * cashes the HashDataInputs provided by SignRequestHandler.this.getHashDataInputs() + * (don't know whether outer class is LocalSignRequestHandler or WSSignRequestHandler, providing DataObjectHDI or ByteArrayHDI, resp) + */ + class STALPinProvider implements PINProvider { + + protected SignedInfoType signedInfo; + protected List hashDataInputs; + private int retryCounter = 0; + + public STALPinProvider(SignedInfoType signedInfo) { + this.signedInfo = signedInfo; + } + + @Override + public String providePIN(PINSpec spec, int retries) { + if (retryCounter++ > 0) { + log.info("PIN wrong retrying ..."); + gui.showSignaturePINRetryDialog(spec, retries, SignRequestHandler.this, "sign", SignRequestHandler.this, + "cancel", SignRequestHandler.this, "hashData"); + } else { + gui.showSignaturePINDialog(spec, SignRequestHandler.this, "sign", SignRequestHandler.this, "cancel", SignRequestHandler.this, + "hashData"); } + do { + waitForAction(); + if (actionCommand.equals("cancel")) { + return null; + } else if (actionCommand.equals("hashData")) { + if (signedInfo != null) { + try { + gui.showWaitDialog(null); + if (hashDataInputs == null || hashDataInputs.size() == 0) { + hashDataInputs = getCashedHashDataInputs(signedInfo.getReference()); + } + gui.showHashDataInputDialog(hashDataInputs, SignRequestHandler.this, "ok"); + } catch (DigestException ex) { + log.error("Bad digest value: " + ex.getMessage()); + gui.showErrorDialog(ex.getMessage()); + } catch (Exception ex) { + //FIXME localize messages + log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); + gui.showErrorDialog("Failed to obtain HashDataInputs: " + ex.getMessage(), SignRequestHandler.this, "ok"); + } + } else { + //FIXME get all hashdatainputs + gui.showErrorDialog("Failed to obtain HashDataInputs: No dsig:SignedInfo provided.", SignRequestHandler.this, "ok"); + } + } else if (actionCommand.equals("sign")) { + return new String(gui.getPin()); + } else if (actionCommand.equals("ok")) { + gui.showSignaturePINDialog(spec, SignRequestHandler.this, "sign", SignRequestHandler.this, "cancel", SignRequestHandler.this, + "hashData"); + } + } while (true); + } + } } -- cgit v1.2.3 From 1c4df47223a6d655b9fb7f46f807171ceda07ba7 Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 23 Sep 2008 12:09:10 +0000 Subject: bitte warten... git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@56 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 1 + 1 file changed, 1 insertion(+) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 59eed55f..8f380eec 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -305,6 +305,7 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen } do { waitForAction(); + gui.showWaitDialog(null); if (actionCommand.equals("cancel")) { return null; } else if (actionCommand.equals("hashData")) { -- cgit v1.2.3 From 03f5ae9e9068168b294c042d68a58637e71a54ee Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 23 Sep 2008 14:09:02 +0000 Subject: bitte warten... git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@59 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 8f380eec..0b297283 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -311,7 +311,7 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen } else if (actionCommand.equals("hashData")) { if (signedInfo != null) { try { - gui.showWaitDialog(null); +// gui.showWaitDialog(null); if (hashDataInputs == null || hashDataInputs.size() == 0) { hashDataInputs = getCashedHashDataInputs(signedInfo.getReference()); } -- cgit v1.2.3 From 8ccd9ab69dc74762567930f4c576a359502f1071 Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 30 Sep 2008 16:37:59 +0000 Subject: showErrorDialog l10n git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@77 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 0b297283..7d994392 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -16,6 +16,7 @@ */ package at.gv.egiz.bku.smccstal; +import at.gv.egiz.bku.gui.BKUGUIFacade; import java.io.ByteArrayInputStream; import java.io.InputStream; import java.security.MessageDigest; @@ -318,15 +319,15 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen gui.showHashDataInputDialog(hashDataInputs, SignRequestHandler.this, "ok"); } catch (DigestException ex) { log.error("Bad digest value: " + ex.getMessage()); - gui.showErrorDialog(ex.getMessage()); + gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, new Object[] {ex.getMessage()}); } catch (Exception ex) { //FIXME localize messages log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); - gui.showErrorDialog("Failed to obtain HashDataInputs: " + ex.getMessage(), SignRequestHandler.this, "ok"); + gui.showErrorDialog(BKUGUIFacade.ERR_NO_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "ok"); } } else { //FIXME get all hashdatainputs - gui.showErrorDialog("Failed to obtain HashDataInputs: No dsig:SignedInfo provided.", SignRequestHandler.this, "ok"); + gui.showErrorDialog(BKUGUIFacade.ERR_NO_HASHDATA, new Object[] {"No dsig:SignedInfo provided"}, SignRequestHandler.this, "ok"); } } else if (actionCommand.equals("sign")) { return new String(gui.getPin()); -- cgit v1.2.3 From 255269ab17404fa1249c257e88815cbbee6e0d0f Mon Sep 17 00:00:00 2001 From: clemenso Date: Mon, 13 Oct 2008 12:53:57 +0000 Subject: ExternalDisplaySignRequestHandler git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@105 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/smccstal/SignRequestHandler.java | 186 ++++++--------------- 1 file changed, 52 insertions(+), 134 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 7d994392..dcd12b02 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -17,6 +17,7 @@ package at.gv.egiz.bku.smccstal; import at.gv.egiz.bku.gui.BKUGUIFacade; +import java.awt.event.ActionEvent; import java.io.ByteArrayInputStream; import java.io.InputStream; import java.security.MessageDigest; @@ -42,31 +43,18 @@ import at.gv.egiz.stal.STALRequest; import at.gv.egiz.stal.STALResponse; import at.gv.egiz.stal.SignRequest; import at.gv.egiz.stal.SignResponse; -import at.gv.egiz.stal.impl.ByteArrayHashDataInput; import at.gv.egiz.stal.signedinfo.ObjectFactory; -import at.gv.egiz.stal.signedinfo.ReferenceType; import at.gv.egiz.stal.signedinfo.SignedInfoType; import at.gv.egiz.stal.util.JCEAlgorithmNames; -import java.io.ByteArrayOutputStream; -import java.io.IOException; +import java.awt.event.ActionListener; import java.security.DigestException; -import java.security.DigestInputStream; -import java.util.ArrayList; -import java.util.HashMap; import java.util.List; -import java.util.Set; -/** - * This class is NOT thread-safe. - * handleRequest() sets the SignedInfo which is used in providePIN. - */ -public abstract class SignRequestHandler extends AbstractRequestHandler implements - CashedHashDataInputResolver { +public abstract class SignRequestHandler extends AbstractRequestHandler implements HashDataInputDisplay { private static Log log = LogFactory.getLog(SignRequestHandler.class); private static JAXBContext jaxbContext; - static { try { jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage().getName()); @@ -74,11 +62,6 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen log.fatal("Cannot init jaxbContext", e); } } - /** the SignedInfo of the current SignRequest */ -// protected SignedInfoType signedInfo; -// protected List hashDataInputs; - -// private int retryCounter = 0; @SuppressWarnings("unchecked") @Override @@ -192,99 +175,10 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen // return new SignRequestHandler(); // } - /** - * implementations may verify the hashvalue - * @post-condition returned list != null - * @return - */ - @Override - public abstract List getCashedHashDataInputs(List signedReferences) throws Exception; -// { -// //TODO -// log.warn("Return empty HashDataInput"); -// return new ArrayList(); -// } - + -// protected void validateHashDataInputs(List signedReferences, List hashDataInputs) { -// if (hashDataInputs != null) { -// -// Map hashDataIdMap = new HashMap(); -// for (HashDataInput hdi : hashDataInputs) { -// if (log.isTraceEnabled()) { -// log.trace("Provided HashDataInput for reference " + hdi.getReferenceId()); -// } -// hashDataIdMap.put(hdi.getReferenceId(), hdi); -// } -// -// List reqRefs = request.getReference(); -// for (GetHashDataInputType.Reference reqRef : reqRefs) { -// String reqRefId = reqRef.getID(); -// HashDataInput reqHdi = hashDataIdMap.get(reqRefId); -// if (reqHdi == null) { -// String msg = "Failed to resolve HashDataInput for reference " + reqRefId; -// log.error(msg); -// GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); -// faultInfo.setErrorCode(1); -// faultInfo.setErrorMessage(msg); -// throw new GetHashDataInputFault(msg, faultInfo); -// } -// -// InputStream hashDataIS = reqHdi.getHashDataInput(); -// if (hashDataIS == null) { -// //HashDataInput not cached? -// String msg = "Failed to obtain HashDataInput for reference " + reqRefId + ", reference not cached"; -// log.error(msg); -// GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); -// faultInfo.setErrorCode(1); -// faultInfo.setErrorMessage(msg); -// throw new GetHashDataInputFault(msg, faultInfo); -// } -// ByteArrayOutputStream baos = null; -// try { -// if (log.isDebugEnabled()) { -// log.debug("Resolved HashDataInput " + reqRefId + " (" + reqHdi.getMimeType() + ";charset=" + reqHdi.getEncoding() + ")"); -// } -// baos = new ByteArrayOutputStream(hashDataIS.available()); -// int c; -// while ((c = hashDataIS.read()) != -1) { -// baos.write(c); -// } -// GetHashDataInputResponseType.Reference ref = new GetHashDataInputResponseType.Reference(); -// ref.setID(reqRefId); -// ref.setMimeType(reqHdi.getMimeType()); -// ref.setEncoding(reqHdi.getEncoding()); -// ref.setValue(baos.toByteArray()); -// response.getReference().add(ref); -// } catch (IOException ex) { -// String msg = "Failed to get HashDataInput for reference " + reqRefId; -// log.error(msg, ex); -// GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); -// faultInfo.setErrorCode(1); -// faultInfo.setErrorMessage(msg); -// throw new GetHashDataInputFault(msg, faultInfo, ex); -// } finally { -// try { -// baos.close(); -// } catch (IOException ex) { -// } -// } -// } -// return response; -// } -// for (ReferenceType reference : signedReferences) { -// String algorithm = reference.getDigestMethod().getAlgorithm(); -// -// } -// } - - - /** - * cashes the HashDataInputs provided by SignRequestHandler.this.getHashDataInputs() - * (don't know whether outer class is LocalSignRequestHandler or WSSignRequestHandler, providing DataObjectHDI or ByteArrayHDI, resp) - */ - class STALPinProvider implements PINProvider { + class STALPinProvider implements PINProvider, ActionListener { protected SignedInfoType signedInfo; protected List hashDataInputs; @@ -293,49 +187,73 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen public STALPinProvider(SignedInfoType signedInfo) { this.signedInfo = signedInfo; } + + private void showSignaturePINDialog(PINSpec spec, int retries) { + if (retryCounter > 0) { + gui.showSignaturePINRetryDialog(spec, retries, SignRequestHandler.this, "sign", SignRequestHandler.this, + "cancel", SignRequestHandler.this, "hashData"); + } else { + gui.showSignaturePINDialog(spec, SignRequestHandler.this, "sign", SignRequestHandler.this, "cancel", SignRequestHandler.this, + "hashData"); + } + } @Override public String providePIN(PINSpec spec, int retries) { - if (retryCounter++ > 0) { - log.info("PIN wrong retrying ..."); - gui.showSignaturePINRetryDialog(spec, retries, SignRequestHandler.this, "sign", SignRequestHandler.this, - "cancel", SignRequestHandler.this, "hashData"); - } else { - gui.showSignaturePINDialog(spec, SignRequestHandler.this, "sign", SignRequestHandler.this, "cancel", SignRequestHandler.this, - "hashData"); - } + + showSignaturePINDialog(spec, retries); + do { waitForAction(); gui.showWaitDialog(null); if (actionCommand.equals("cancel")) { return null; } else if (actionCommand.equals("hashData")) { - if (signedInfo != null) { + + showSignaturePINDialog(spec, retries); + try { -// gui.showWaitDialog(null); - if (hashDataInputs == null || hashDataInputs.size() == 0) { - hashDataInputs = getCashedHashDataInputs(signedInfo.getReference()); - } - gui.showHashDataInputDialog(hashDataInputs, SignRequestHandler.this, "ok"); + displayHashDataInputs(signedInfo.getReference()); } catch (DigestException ex) { log.error("Bad digest value: " + ex.getMessage()); gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, new Object[] {ex.getMessage()}); } catch (Exception ex) { - //FIXME localize messages - log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_NO_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "ok"); + log.error("Could not display hashdata inputs: " + ex.getMessage()); + gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "ok"); } - } else { - //FIXME get all hashdatainputs - gui.showErrorDialog(BKUGUIFacade.ERR_NO_HASHDATA, new Object[] {"No dsig:SignedInfo provided"}, SignRequestHandler.this, "ok"); - } + + // OLD HASHDATA DISPLAY (in applet), + // register SignRequestHandler.this as hashdataListener to use +// if (signedInfo != null) { +// try { +// if (hashDataInputs == null || hashDataInputs.size() == 0) { +// hashDataInputs = getCashedHashDataInputs(signedInfo.getReference()); +// } +// gui.showHashDataInputDialog(hashDataInputs, SignRequestHandler.this, "ok"); +// } catch (DigestException ex) { +// log.error("Bad digest value: " + ex.getMessage()); +// gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, new Object[] {ex.getMessage()}); +// } catch (Exception ex) { +// //FIXME localize messages +// log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); +// gui.showErrorDialog(BKUGUIFacade.ERR_NO_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "ok"); +// } +// } else { +// //FIXME get all hashdatainputs +// gui.showErrorDialog(BKUGUIFacade.ERR_NO_HASHDATA, new Object[] {"No dsig:SignedInfo provided"}, SignRequestHandler.this, "ok"); +// } } else if (actionCommand.equals("sign")) { + retryCounter++; return new String(gui.getPin()); } else if (actionCommand.equals("ok")) { - gui.showSignaturePINDialog(spec, SignRequestHandler.this, "sign", SignRequestHandler.this, "cancel", SignRequestHandler.this, - "hashData"); + showSignaturePINDialog(spec, retries); } } while (true); } + + @Override + public void actionPerformed(ActionEvent e) { + throw new UnsupportedOperationException("Not supported yet."); + } } } -- cgit v1.2.3 From c2ae3db1bc6dcb8ba3eb3461c05e293917c004ca Mon Sep 17 00:00:00 2001 From: mcentner Date: Thu, 30 Oct 2008 10:33:29 +0000 Subject: Updated SMCC to use exclusive access and to throw exceptions upon locked or not activated cards. Improved locale support in the security layer request and response processing. Fixed issue in STAL which prevented the use of RSA-SHA1 signatures. Added additional parameters to the applet test pages. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@128 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index dcd12b02..466ec2a9 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -32,6 +32,8 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.LockedException; +import at.gv.egiz.smcc.NotActivatedException; import at.gv.egiz.smcc.PINProvider; import at.gv.egiz.smcc.PINSpec; import at.gv.egiz.smcc.SignatureCard; @@ -78,7 +80,7 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen String jceName = JCEAlgorithmNames.getJCEHashName(signatureMethod); if (jceName == null) { log.error("Hash algorithm not supported:"); - return new ErrorResponse(1000); + return new ErrorResponse(4006); } MessageDigest md = MessageDigest.getInstance(jceName); md.update(signReq.getSignedInfo()); @@ -90,6 +92,12 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen SignResponse stalResp = new SignResponse(); stalResp.setSignatureValue(resp); return stalResp; + } catch (NotActivatedException e) { + log.info("Citizen card not activated.", e); + return new ErrorResponse(6001); + } catch (LockedException e) { + log.info("Citizen card locked.", e); + return new ErrorResponse(6001); } catch (CancelledException cx) { log.debug("User cancelled request"); return new ErrorResponse(6001); -- cgit v1.2.3 From 4032e46810c24dc3f013de296a2133f4651696b9 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 31 Oct 2008 15:30:34 +0000 Subject: local HelpListener card locked/not activated git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@137 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 466ec2a9..dbc70bff 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -94,9 +94,15 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen return stalResp; } catch (NotActivatedException e) { log.info("Citizen card not activated.", e); + gui.showErrorDialog(BKUGUIFacade.ERR_CARD_NOTACTIVATED, null, this, null); + waitForAction(); + gui.showWaitDialog(null); return new ErrorResponse(6001); } catch (LockedException e) { log.info("Citizen card locked.", e); + gui.showErrorDialog(BKUGUIFacade.ERR_CARD_LOCKED, null, this, null); + waitForAction(); + gui.showWaitDialog(null); return new ErrorResponse(6001); } catch (CancelledException cx) { log.debug("User cancelled request"); -- cgit v1.2.3 From e4a47aa9393d74647f4f0c66b54dc4519fed492f Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 11 Nov 2008 12:16:00 +0000 Subject: Interrupt in waitForAction (applet closed) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@162 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index dbc70bff..6c30a68a 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -67,7 +67,7 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen @SuppressWarnings("unchecked") @Override - public STALResponse handleRequest(STALRequest request) { + public STALResponse handleRequest(STALRequest request) throws InterruptedException { if (request instanceof SignRequest) { SignRequest signReq = (SignRequest) request; newSTALMessage("Message.RequestCaption", "Message.SignRequest"); @@ -213,7 +213,7 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen } @Override - public String providePIN(PINSpec spec, int retries) { + public String providePIN(PINSpec spec, int retries) throws InterruptedException { showSignaturePINDialog(spec, retries); -- cgit v1.2.3 From 9662ac90b6aa84bc54543d3c8670ba6c8e42bbac Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 13 Nov 2008 18:24:57 +0000 Subject: FRAME HashDataDisplay FRAME Help git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@165 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 6c30a68a..77ee45b6 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -192,7 +192,7 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen - class STALPinProvider implements PINProvider, ActionListener { + class STALPinProvider implements PINProvider { protected SignedInfoType signedInfo; protected List hashDataInputs; @@ -230,10 +230,10 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen displayHashDataInputs(signedInfo.getReference()); } catch (DigestException ex) { log.error("Bad digest value: " + ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, new Object[] {ex.getMessage()}); + gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, new Object[] {ex.getMessage()}, SignRequestHandler.this, "error"); } catch (Exception ex) { log.error("Could not display hashdata inputs: " + ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "ok"); + gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "error"); } // OLD HASHDATA DISPLAY (in applet), @@ -261,13 +261,15 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen return new String(gui.getPin()); } else if (actionCommand.equals("ok")) { showSignaturePINDialog(spec, retries); + } else if (actionCommand.equals("error")) { + return null; } } while (true); } - @Override - public void actionPerformed(ActionEvent e) { - throw new UnsupportedOperationException("Not supported yet."); - } +// @Override +// public void actionPerformed(ActionEvent e) { +// throw new UnsupportedOperationException("Not supported yet."); +// } } } -- cgit v1.2.3 From 28e81afd92a6568ff78736b72c5257a86c0b9b91 Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 18 Nov 2008 08:03:35 +0000 Subject: GUI refactoring 1 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@177 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/smccstal/SignRequestHandler.java | 81 ---------------------- 1 file changed, 81 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 77ee45b6..26905f50 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -130,67 +130,6 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen // @Override // public String providePIN(PINSpec spec, int retries) { -// if (retryCounter++ > 0) { -// log.info("PIN wrong retrying ..."); -// gui.showSignaturePINRetryDialog(spec, retries, this, "sign", this, -// "cancel", this, "hashData"); -// } else { -// gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, -// "hashData"); -// } -// do { -// waitForAction(); -// if (actionCommand.equals("cancel")) { -// return null; -// } else if (actionCommand.equals("hashData")) { -// if (signedInfo != null) { -// try { -// gui.showWaitDialog(null); -// if (hashDataInputs == null || hashDataInputs.size() == 0) { -// HashMap signedReferences = new HashMap(); -// for (ReferenceType reference : signedInfo.getReference()) { -// //don't get Manifest, QualifyingProperties, ... -// if (reference.getType() == null) { -// signedReferences.put(reference.getId(), reference); -// } -// } -// hashDataInputs = getHashDataInputs(signedReferences.keySet()); -// for (HashDataInput hashDataInput : hashDataInputs) { -// ReferenceType reference = signedReferences.get(hashDataInput.getReferenceId()); -// String algorithm = reference.getDigestMethod().getAlgorithm(); -// MessageDigest md = MessageDigest.getInstance(algorithm); -// DigestInputStream dis = new DigestInputStream(hashDataInput.getHashDataInput(), md); -// while(dis.read() != -1) ; -// byte[] digestValue = md.digest(); -// boolean valid = reference.getDigestValue().equals(digestValue); -// } -// } -// gui.showHashDataInputDialog(hashDataInputs, this, "ok"); -// } catch (Exception ex) { -// //FIXME localize messages -// log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); -// gui.showErrorDialog("Failed to obtain HashDataInputs: " + ex.getMessage(), this, "ok"); -// } -// } else { -// //FIXME get all hashdatainputs -// gui.showErrorDialog("Failed to obtain HashDataInputs: No dsig:SignedInfo provided.", this, "ok"); -// } -// } else if (actionCommand.equals("sign")) { -// return new String(gui.getPin()); -// } else if (actionCommand.equals("ok")) { -// gui.showSignaturePINDialog(spec, this, "sign", this, "cancel", this, -// "hashData"); -// } -// } while (true); -// } - -// @Override -// public SMCCSTALRequestHandler newInstance() { -// return new SignRequestHandler(); -// } - - - class STALPinProvider implements PINProvider { @@ -236,26 +175,6 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "error"); } - // OLD HASHDATA DISPLAY (in applet), - // register SignRequestHandler.this as hashdataListener to use -// if (signedInfo != null) { -// try { -// if (hashDataInputs == null || hashDataInputs.size() == 0) { -// hashDataInputs = getCashedHashDataInputs(signedInfo.getReference()); -// } -// gui.showHashDataInputDialog(hashDataInputs, SignRequestHandler.this, "ok"); -// } catch (DigestException ex) { -// log.error("Bad digest value: " + ex.getMessage()); -// gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, new Object[] {ex.getMessage()}); -// } catch (Exception ex) { -// //FIXME localize messages -// log.error("Failed to obtain HashDataInputs: " + ex.getMessage()); -// gui.showErrorDialog(BKUGUIFacade.ERR_NO_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "ok"); -// } -// } else { -// //FIXME get all hashdatainputs -// gui.showErrorDialog(BKUGUIFacade.ERR_NO_HASHDATA, new Object[] {"No dsig:SignedInfo provided"}, SignRequestHandler.this, "ok"); -// } } else if (actionCommand.equals("sign")) { retryCounter++; return new String(gui.getPin()); -- cgit v1.2.3 From bc81c317e254fa617fc24c8129b743ac74aad470 Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 19 Nov 2008 11:49:55 +0000 Subject: GUI feature complete git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@180 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 26905f50..d041a8cb 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -48,7 +48,6 @@ import at.gv.egiz.stal.SignResponse; import at.gv.egiz.stal.signedinfo.ObjectFactory; import at.gv.egiz.stal.signedinfo.SignedInfoType; import at.gv.egiz.stal.util.JCEAlgorithmNames; -import java.awt.event.ActionListener; import java.security.DigestException; import java.util.List; @@ -128,9 +127,6 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen return true; } -// @Override -// public String providePIN(PINSpec spec, int retries) { - class STALPinProvider implements PINProvider { protected SignedInfoType signedInfo; @@ -178,7 +174,7 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen } else if (actionCommand.equals("sign")) { retryCounter++; return new String(gui.getPin()); - } else if (actionCommand.equals("ok")) { + } else if (actionCommand.equals("hashDataDone")) { showSignaturePINDialog(spec, retries); } else if (actionCommand.equals("error")) { return null; -- cgit v1.2.3 From 2a1df5e58e44f8d77f34eb80df74e8c0d27caceb Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 18 Mar 2009 22:27:28 +0000 Subject: 1.1-rc5 (pinProviderFactories, gui refactoring, signatureCard, secureViewer) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@322 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/smccstal/SignRequestHandler.java | 149 ++++++++++++--------- 1 file changed, 82 insertions(+), 67 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index d041a8cb..ac510f38 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -17,7 +17,6 @@ package at.gv.egiz.bku.smccstal; import at.gv.egiz.bku.gui.BKUGUIFacade; -import java.awt.event.ActionEvent; import java.io.ByteArrayInputStream; import java.io.InputStream; import java.security.MessageDigest; @@ -35,12 +34,11 @@ import at.gv.egiz.smcc.CancelledException; import at.gv.egiz.smcc.LockedException; import at.gv.egiz.smcc.NotActivatedException; import at.gv.egiz.smcc.PINProvider; -import at.gv.egiz.smcc.PINSpec; import at.gv.egiz.smcc.SignatureCard; import at.gv.egiz.smcc.SignatureCardException; import at.gv.egiz.smcc.SignatureCard.KeyboxName; +import at.gv.egiz.smcc.TimeoutException; import at.gv.egiz.stal.ErrorResponse; -import at.gv.egiz.stal.HashDataInput; import at.gv.egiz.stal.STALRequest; import at.gv.egiz.stal.STALResponse; import at.gv.egiz.stal.SignRequest; @@ -48,13 +46,12 @@ import at.gv.egiz.stal.SignResponse; import at.gv.egiz.stal.signedinfo.ObjectFactory; import at.gv.egiz.stal.signedinfo.SignedInfoType; import at.gv.egiz.stal.util.JCEAlgorithmNames; -import java.security.DigestException; -import java.util.List; -public abstract class SignRequestHandler extends AbstractRequestHandler implements HashDataInputDisplay { +public abstract class SignRequestHandler extends AbstractRequestHandler implements SecureViewer { private static Log log = LogFactory.getLog(SignRequestHandler.class); private static JAXBContext jaxbContext; + private PINProviderFactory pinProviderFactory; static { try { @@ -84,7 +81,14 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen MessageDigest md = MessageDigest.getInstance(jceName); md.update(signReq.getSignedInfo()); KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq.getKeyIdentifier()); - byte[] resp = card.createSignature(md.digest(), kb, new STALPinProvider(si.getValue())); + + if (pinProviderFactory == null) { + pinProviderFactory = PINProviderFactory.getInstance(card, gui); + } + PINProvider pinProvider = pinProviderFactory. + getSignaturePINProvider(this, si.getValue()); + + byte[] resp = card.createSignature(md.digest(), kb, pinProvider); if (resp == null) { return new ErrorResponse(6001); } @@ -95,17 +99,28 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen log.info("Citizen card not activated.", e); gui.showErrorDialog(BKUGUIFacade.ERR_CARD_NOTACTIVATED, null, this, null); waitForAction(); - gui.showWaitDialog(null); + gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, + BKUGUIFacade.MESSAGE_WAIT); return new ErrorResponse(6001); } catch (LockedException e) { log.info("Citizen card locked.", e); gui.showErrorDialog(BKUGUIFacade.ERR_CARD_LOCKED, null, this, null); waitForAction(); - gui.showWaitDialog(null); + gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, + BKUGUIFacade.MESSAGE_WAIT); return new ErrorResponse(6001); } catch (CancelledException cx) { log.debug("User cancelled request"); return new ErrorResponse(6001); + } catch (TimeoutException ex) { + log.error("Timeout during pin entry"); + gui.showMessageDialog(BKUGUIFacade.TITLE_ENTRY_TIMEOUT, + BKUGUIFacade.ERR_PIN_TIMEOUT, null, + BKUGUIFacade.BUTTON_CANCEL, this, null); + waitForAction(); + gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, + BKUGUIFacade.MESSAGE_WAIT); + return new ErrorResponse(6001); } catch (SignatureCardException e) { log.error("Error while creating signature: " + e); return new ErrorResponse(4000); @@ -127,64 +142,64 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen return true; } - class STALPinProvider implements PINProvider { - - protected SignedInfoType signedInfo; - protected List hashDataInputs; - private int retryCounter = 0; - - public STALPinProvider(SignedInfoType signedInfo) { - this.signedInfo = signedInfo; - } - - private void showSignaturePINDialog(PINSpec spec, int retries) { - if (retryCounter > 0) { - gui.showSignaturePINRetryDialog(spec, retries, SignRequestHandler.this, "sign", SignRequestHandler.this, - "cancel", SignRequestHandler.this, "hashData"); - } else { - gui.showSignaturePINDialog(spec, SignRequestHandler.this, "sign", SignRequestHandler.this, "cancel", SignRequestHandler.this, - "hashData"); - } - } - - @Override - public String providePIN(PINSpec spec, int retries) throws InterruptedException { - - showSignaturePINDialog(spec, retries); - - do { - waitForAction(); - gui.showWaitDialog(null); - if (actionCommand.equals("cancel")) { - return null; - } else if (actionCommand.equals("hashData")) { - - showSignaturePINDialog(spec, retries); - - try { - displayHashDataInputs(signedInfo.getReference()); - } catch (DigestException ex) { - log.error("Bad digest value: " + ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, new Object[] {ex.getMessage()}, SignRequestHandler.this, "error"); - } catch (Exception ex) { - log.error("Could not display hashdata inputs: " + ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, new Object[] {ex.getMessage()}, SignRequestHandler.this, "error"); - } - - } else if (actionCommand.equals("sign")) { - retryCounter++; - return new String(gui.getPin()); - } else if (actionCommand.equals("hashDataDone")) { - showSignaturePINDialog(spec, retries); - } else if (actionCommand.equals("error")) { - return null; - } - } while (true); - } - +// class SoftwarePinProvider implements PINProvider { +// +// protected SignedInfoType signedInfo; +// protected List hashDataInputs; +// private boolean retry = false; +// +// public SoftwarePinProvider(SignedInfoType signedInfo) { +// this.signedInfo = signedInfo; +// } +// +// private void showSignaturePINDialog(PINSpec spec, int retries) { +// if (retry) { +// gui.showSignaturePINRetryDialog(spec, retries, SignRequestHandler.this, "sign", SignRequestHandler.this, +// "cancel", SignRequestHandler.this, "hashData"); +// } else { +// gui.showSignaturePINDialog(spec, SignRequestHandler.this, "sign", SignRequestHandler.this, "cancel", SignRequestHandler.this, +// "hashData"); +// } +// } +// // @Override -// public void actionPerformed(ActionEvent e) { -// throw new UnsupportedOperationException("Not supported yet."); +// public char[] providePIN(PINSpec spec, int retries) +// throws CancelledException, InterruptedException { +// showSignaturePINDialog(spec, retries); +// +// do { +// waitForAction(); +// gui.showWaitDialog(null); +// if (actionCommand.equals("hashData")) { +// +// showSignaturePINDialog(spec, retries); +// +// try { +// displayHashDataInputs(signedInfo.getReference()); +// +// } catch (DigestException ex) { +// log.error("Bad digest value: " + ex.getMessage()); +// gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, +// new Object[] {ex.getMessage()}, +// SignRequestHandler.this, "error"); +// } catch (Exception ex) { +// log.error("Could not display hashdata inputs: " + +// ex.getMessage()); +// gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, +// new Object[] {ex.getMessage()}, +// SignRequestHandler.this, "error"); +// } +// } else if (actionCommand.equals("sign")) { +// retry = true; +// return gui.getPin(); +// } else if (actionCommand.equals("hashDataDone")) { +// showSignaturePINDialog(spec, retries); +// } else if (actionCommand.equals("cancel") || +// actionCommand.equals("error")) { +// throw new CancelledException(spec.getLocalizedName() + +// " entry cancelled"); +// } +// } while (true); // } - } +// } } -- cgit v1.2.3 From 616e06910051528674165319a1d6d161dff5859c Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 27 Mar 2009 17:33:11 +0000 Subject: 1.1-RC6 (pinpad, pinmgmt, secureviewer) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@323 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index ac510f38..7a4f6572 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -33,7 +33,6 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.smcc.CancelledException; import at.gv.egiz.smcc.LockedException; import at.gv.egiz.smcc.NotActivatedException; -import at.gv.egiz.smcc.PINProvider; import at.gv.egiz.smcc.SignatureCard; import at.gv.egiz.smcc.SignatureCardException; import at.gv.egiz.smcc.SignatureCard.KeyboxName; @@ -47,11 +46,12 @@ import at.gv.egiz.stal.signedinfo.ObjectFactory; import at.gv.egiz.stal.signedinfo.SignedInfoType; import at.gv.egiz.stal.util.JCEAlgorithmNames; -public abstract class SignRequestHandler extends AbstractRequestHandler implements SecureViewer { +public class SignRequestHandler extends AbstractRequestHandler { private static Log log = LogFactory.getLog(SignRequestHandler.class); private static JAXBContext jaxbContext; private PINProviderFactory pinProviderFactory; + private SecureViewer secureViewer; static { try { @@ -61,6 +61,10 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen } } + public SignRequestHandler(SecureViewer secureViewer) { + this.secureViewer = secureViewer; + } + @SuppressWarnings("unchecked") @Override public STALResponse handleRequest(STALRequest request) throws InterruptedException { @@ -85,10 +89,8 @@ public abstract class SignRequestHandler extends AbstractRequestHandler implemen if (pinProviderFactory == null) { pinProviderFactory = PINProviderFactory.getInstance(card, gui); } - PINProvider pinProvider = pinProviderFactory. - getSignaturePINProvider(this, si.getValue()); - - byte[] resp = card.createSignature(md.digest(), kb, pinProvider); + byte[] resp = card.createSignature(md.digest(), kb, + pinProviderFactory.getSignaturePINProvider(secureViewer, si.getValue())); if (resp == null) { return new ErrorResponse(6001); } -- cgit v1.2.3 From 2dbf2347bc78fd835c857ad438514fb6251f6f7a Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 2 Apr 2009 19:13:48 +0000 Subject: 1.1-RC7 (pinpad revisited) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@325 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 7a4f6572..56fc8804 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -50,7 +50,7 @@ public class SignRequestHandler extends AbstractRequestHandler { private static Log log = LogFactory.getLog(SignRequestHandler.class); private static JAXBContext jaxbContext; - private PINProviderFactory pinProviderFactory; +// private PINProviderFactory pinProviderFactory; private SecureViewer secureViewer; static { @@ -86,11 +86,9 @@ public class SignRequestHandler extends AbstractRequestHandler { md.update(signReq.getSignedInfo()); KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq.getKeyIdentifier()); - if (pinProviderFactory == null) { - pinProviderFactory = PINProviderFactory.getInstance(card, gui); - } - byte[] resp = card.createSignature(md.digest(), kb, - pinProviderFactory.getSignaturePINProvider(secureViewer, si.getValue())); + byte[] resp = card.createSignature(md.digest(), kb, + new PINProviderFactory(card.getReader(), gui) + .getSignaturePINProvider(secureViewer, si.getValue())); if (resp == null) { return new ErrorResponse(6001); } -- cgit v1.2.3 From f5de24a8c3a20311fc0b0849a427e780d2fc2325 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 17 Apr 2009 07:25:16 +0000 Subject: local secureviewer git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@333 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/smccstal/SignRequestHandler.java | 66 +--------------------- 1 file changed, 3 insertions(+), 63 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 56fc8804..560f1373 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -50,9 +50,7 @@ public class SignRequestHandler extends AbstractRequestHandler { private static Log log = LogFactory.getLog(SignRequestHandler.class); private static JAXBContext jaxbContext; -// private PINProviderFactory pinProviderFactory; - private SecureViewer secureViewer; - + static { try { jaxbContext = JAXBContext.newInstance(ObjectFactory.class.getPackage().getName()); @@ -61,6 +59,8 @@ public class SignRequestHandler extends AbstractRequestHandler { } } + protected SecureViewer secureViewer; + public SignRequestHandler(SecureViewer secureViewer) { this.secureViewer = secureViewer; } @@ -142,64 +142,4 @@ public class SignRequestHandler extends AbstractRequestHandler { return true; } -// class SoftwarePinProvider implements PINProvider { -// -// protected SignedInfoType signedInfo; -// protected List hashDataInputs; -// private boolean retry = false; -// -// public SoftwarePinProvider(SignedInfoType signedInfo) { -// this.signedInfo = signedInfo; -// } -// -// private void showSignaturePINDialog(PINSpec spec, int retries) { -// if (retry) { -// gui.showSignaturePINRetryDialog(spec, retries, SignRequestHandler.this, "sign", SignRequestHandler.this, -// "cancel", SignRequestHandler.this, "hashData"); -// } else { -// gui.showSignaturePINDialog(spec, SignRequestHandler.this, "sign", SignRequestHandler.this, "cancel", SignRequestHandler.this, -// "hashData"); -// } -// } -// -// @Override -// public char[] providePIN(PINSpec spec, int retries) -// throws CancelledException, InterruptedException { -// showSignaturePINDialog(spec, retries); -// -// do { -// waitForAction(); -// gui.showWaitDialog(null); -// if (actionCommand.equals("hashData")) { -// -// showSignaturePINDialog(spec, retries); -// -// try { -// displayHashDataInputs(signedInfo.getReference()); -// -// } catch (DigestException ex) { -// log.error("Bad digest value: " + ex.getMessage()); -// gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, -// new Object[] {ex.getMessage()}, -// SignRequestHandler.this, "error"); -// } catch (Exception ex) { -// log.error("Could not display hashdata inputs: " + -// ex.getMessage()); -// gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, -// new Object[] {ex.getMessage()}, -// SignRequestHandler.this, "error"); -// } -// } else if (actionCommand.equals("sign")) { -// retry = true; -// return gui.getPin(); -// } else if (actionCommand.equals("hashDataDone")) { -// showSignaturePINDialog(spec, retries); -// } else if (actionCommand.equals("cancel") || -// actionCommand.equals("error")) { -// throw new CancelledException(spec.getLocalizedName() + -// " entry cancelled"); -// } -// } while (true); -// } -// } } -- cgit v1.2.3 From 68941b57df2caeead67a5bede2ef5a635d07db32 Mon Sep 17 00:00:00 2001 From: mcentner Date: Wed, 11 Nov 2009 15:51:08 +0000 Subject: Added support for SHA-256 and partial support for e-card G3, BELPIC and Italian cards. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@540 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/smccstal/SignRequestHandler.java | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 560f1373..58d7b305 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -18,9 +18,8 @@ package at.gv.egiz.bku.smccstal; import at.gv.egiz.bku.gui.BKUGUIFacade; import java.io.ByteArrayInputStream; +import java.io.IOException; import java.io.InputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; @@ -44,7 +43,6 @@ import at.gv.egiz.stal.SignRequest; import at.gv.egiz.stal.SignResponse; import at.gv.egiz.stal.signedinfo.ObjectFactory; import at.gv.egiz.stal.signedinfo.SignedInfoType; -import at.gv.egiz.stal.util.JCEAlgorithmNames; public class SignRequestHandler extends AbstractRequestHandler { @@ -77,18 +75,11 @@ public class SignRequestHandler extends AbstractRequestHandler { JAXBElement si = (JAXBElement) unmarshaller.unmarshal(is); String signatureMethod = si.getValue().getSignatureMethod().getAlgorithm(); log.debug("Found signature method: " + signatureMethod); - String jceName = JCEAlgorithmNames.getJCEHashName(signatureMethod); - if (jceName == null) { - log.error("Hash algorithm not supported:"); - return new ErrorResponse(4006); - } - MessageDigest md = MessageDigest.getInstance(jceName); - md.update(signReq.getSignedInfo()); KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq.getKeyIdentifier()); - byte[] resp = card.createSignature(md.digest(), kb, + byte[] resp = card.createSignature(new ByteArrayInputStream(signReq.getSignedInfo()), kb, new PINProviderFactory(card.getReader(), gui) - .getSignaturePINProvider(secureViewer, si.getValue())); + .getSignaturePINProvider(secureViewer, si.getValue()), signatureMethod); if (resp == null) { return new ErrorResponse(6001); } @@ -127,9 +118,9 @@ public class SignRequestHandler extends AbstractRequestHandler { } catch (JAXBException e) { log.error("Cannot unmarshall signed info", e); return new ErrorResponse(1000); - } catch (NoSuchAlgorithmException e) { - log.error(e); - return new ErrorResponse(1000); + } catch (IOException e) { + log.error("Error while creating signature: " + e); + return new ErrorResponse(4000); } } else { log.fatal("Got unexpected STAL request: " + request); -- cgit v1.2.3 From 3da4655d011dfc2f04f9e4ac28b38aee42d01bc0 Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 5 Jan 2010 10:06:47 +0000 Subject: Features [#437] Handle pinpad [64:03] response apdu correctly [#445] pin entry feedback for VERIFY_PIN_START/FINISH [#471] Provide SecureViewer Link before Pinpad PinEntry timeout starts Bugs [#479] PIN Managment Applet allows unmatching new pin and pin confirmation [#480] PIN Management displays blocked PINs as ACTIVE [#486] Not possible to select 3 times in series the same item from signedReferencesList for display in secureViewer [#506] change pin dialog (gui) issues [#508] e-card G3 PIN activation (with TransportPIN) not supported [#509] closing secure viewer window (WINDOW_CLOSING) leaves "signature data is displayed in viewer" dialog in applet git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@565 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java') diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 58d7b305..5b436d16 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -17,6 +17,7 @@ package at.gv.egiz.bku.smccstal; import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.pin.gui.SignPINGUI; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; @@ -78,8 +79,7 @@ public class SignRequestHandler extends AbstractRequestHandler { KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq.getKeyIdentifier()); byte[] resp = card.createSignature(new ByteArrayInputStream(signReq.getSignedInfo()), kb, - new PINProviderFactory(card.getReader(), gui) - .getSignaturePINProvider(secureViewer, si.getValue()), signatureMethod); + new SignPINGUI(gui, secureViewer, si.getValue()), signatureMethod); if (resp == null) { return new ErrorResponse(6001); } -- cgit v1.2.3