From 3da4655d011dfc2f04f9e4ac28b38aee42d01bc0 Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 5 Jan 2010 10:06:47 +0000 Subject: Features [#437] Handle pinpad [64:03] response apdu correctly [#445] pin entry feedback for VERIFY_PIN_START/FINISH [#471] Provide SecureViewer Link before Pinpad PinEntry timeout starts Bugs [#479] PIN Managment Applet allows unmatching new pin and pin confirmation [#480] PIN Management displays blocked PINs as ACTIVE [#486] Not possible to select 3 times in series the same item from signedReferencesList for display in secureViewer [#506] change pin dialog (gui) issues [#508] e-card G3 PIN activation (with TransportPIN) not supported [#509] closing secure viewer window (WINDOW_CLOSING) leaves "signature data is displayed in viewer" dialog in applet git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@565 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- smccSTAL/src/main/java/META-INF/MANIFEST.MF | 3 - .../gv/egiz/bku/pin/gui/AbstractPINProvider.java | 60 ++++ .../java/at/gv/egiz/bku/pin/gui/SignPINGUI.java | 136 +++++++++ .../at/gv/egiz/bku/pin/gui/SignPINProvider.java | 105 +++++++ .../java/at/gv/egiz/bku/pin/gui/VerifyPINGUI.java | 76 +++++ .../at/gv/egiz/bku/pin/gui/VerifyPINProvider.java | 72 +++++ .../gv/egiz/bku/smccstal/AbstractPINProvider.java | 67 ----- .../bku/smccstal/InfoBoxReadRequestHandler.java | 9 +- .../gv/egiz/bku/smccstal/PINProviderFactory.java | 327 --------------------- .../gv/egiz/bku/smccstal/SignRequestHandler.java | 4 +- .../java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java | 13 +- 11 files changed, 457 insertions(+), 415 deletions(-) delete mode 100644 smccSTAL/src/main/java/META-INF/MANIFEST.MF create mode 100644 smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/AbstractPINProvider.java create mode 100644 smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINGUI.java create mode 100644 smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINProvider.java create mode 100644 smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINGUI.java create mode 100644 smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINProvider.java delete mode 100644 smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractPINProvider.java delete mode 100644 smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/PINProviderFactory.java (limited to 'smccSTAL/src') diff --git a/smccSTAL/src/main/java/META-INF/MANIFEST.MF b/smccSTAL/src/main/java/META-INF/MANIFEST.MF deleted file mode 100644 index 5e949512..00000000 --- a/smccSTAL/src/main/java/META-INF/MANIFEST.MF +++ /dev/null @@ -1,3 +0,0 @@ -Manifest-Version: 1.0 -Class-Path: - diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/AbstractPINProvider.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/AbstractPINProvider.java new file mode 100644 index 00000000..00738188 --- /dev/null +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/AbstractPINProvider.java @@ -0,0 +1,60 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.pin.gui; + +import at.gv.egiz.smcc.pin.gui.PINProvider; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * common super class providing action listener for all PIN GUIs + * @author Clemens Orthacker + */ +public abstract class AbstractPINProvider implements ActionListener { + + protected static final Log log = LogFactory.getLog(AbstractPINProvider.class); + + protected String action; + protected boolean actionPerformed; + + protected synchronized void waitForAction() throws InterruptedException { + try { + while (!actionPerformed) { + this.wait(); + } + } catch (InterruptedException e) { + log.error("[" + Thread.currentThread().getName() + "] interrupt in waitForAction"); + throw e; + } + actionPerformed = false; + } + + private synchronized void actionPerformed() { + actionPerformed = true; + notify();//All(); + } + + @Override + public void actionPerformed(ActionEvent e) { + log.debug("[" + Thread.currentThread().getName() + "] action performed - " + e.getActionCommand()); + action = e.getActionCommand(); + actionPerformed(); + } +} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINGUI.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINGUI.java new file mode 100644 index 00000000..81db0e90 --- /dev/null +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINGUI.java @@ -0,0 +1,136 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.pin.gui; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.smccstal.SecureViewer; +import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.PINSpec; +import at.gv.egiz.smcc.pin.gui.PINGUI; +import at.gv.egiz.stal.signedinfo.SignedInfoType; +import java.security.DigestException; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * The number of retries is not fixed and there is no way (?) to obtain this value. + * A PINProvider should therefore maintain an internal retry counter or flag + * to decide whether or not to warn the user (num retries passed in providePIN). + * + * Therefore PINProvider objects should not be reused. + * + * (ACOS: reload counter: between 0 and 15, where 15 meens deactivated) + * + * @author Clemens Orthacker + */ +public class SignPINGUI extends SignPINProvider implements PINGUI { + + protected static final Log log = LogFactory.getLog(SignPINGUI.class); + + private boolean retry = false; + + public SignPINGUI(BKUGUIFacade gui, SecureViewer viewer, SignedInfoType signedInfo) { + super(gui, viewer, signedInfo); + } + + @Override + public void enterPINDirect(PINSpec spec, int retries) + throws CancelledException, InterruptedException { + if (retry) { + gui.showEnterPINDirect(spec, retries); + } else { + showSignatureData(spec); + gui.showEnterPINDirect(spec, -1); + retry = true; + } + } + + @Override + public void enterPIN(PINSpec spec, int retries) + throws CancelledException, InterruptedException { + if (retry) { + gui.showEnterPIN(spec, retries); + } else { + showSignatureData(spec); + gui.showEnterPIN(spec, -1); + retry = true; + } + } + + private void showSignatureData(PINSpec spec) + throws CancelledException, InterruptedException { + + gui.showSignatureDataDialog(spec, + this, "enterPIN", + this, "cancel", + this, "secureViewer"); + + do { + log.trace("[" + Thread.currentThread().getName() + "] wait for action"); + waitForAction(); + log.trace("[" + Thread.currentThread().getName() + "] received action " + action); + + if ("secureViewer".equals(action)) { + try { + viewer.displayDataToBeSigned(signedInfo, this, "signatureData"); + } catch (DigestException ex) { + log.error("Bad digest value: " + ex.getMessage()); + gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, + new Object[]{ex.getMessage()}, + this, "error"); + } catch (Exception ex) { + log.error("Could not display hashdata inputs: " + + ex.getMessage()); + gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, + new Object[]{ex.getMessage()}, + this, "error"); + } + } else if ("signatureData".equals(action)) { + gui.showSignatureDataDialog(spec, + this, "enterPIN", + this, "cancel", + this, "secureViewer"); + } else if ("enterPIN".equals(action)) { + return; + } else if ("cancel".equals(action) || + "error".equals(action)) { + gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, + BKUGUIFacade.MESSAGE_WAIT); + throw new CancelledException(spec.getLocalizedName() + + " entry cancelled"); + } else { + log.error("unknown action command " + action); + } + } while (true); + } + + @Override + public void validKeyPressed() { + gui.validKeyPressed(); + } + + @Override + public void correctionButtonPressed() { + gui.correctionButtonPressed(); + } + + @Override + public void allKeysCleared() { + gui.allKeysCleared(); + } + +} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINProvider.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINProvider.java new file mode 100644 index 00000000..fc1d39af --- /dev/null +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/SignPINProvider.java @@ -0,0 +1,105 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.pin.gui; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.smccstal.SecureViewer; +import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.PINSpec; +import at.gv.egiz.smcc.pin.gui.PINProvider; +import at.gv.egiz.stal.signedinfo.SignedInfoType; +import java.security.DigestException; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * The number of retries is not fixed and there is no way (?) to obtain this value. + * A PINProvider should therefore maintain an internal retry counter or flag + * to decide whether or not to warn the user (num retries passed in providePIN). + * + * Therefore PINProvider objects should not be reused. + * + * (ACOS: reload counter: between 0 and 15, where 15 meens deactivated) + * + * @author Clemens Orthacker + */ +public class SignPINProvider extends AbstractPINProvider implements PINProvider { + + protected static final Log log = LogFactory.getLog(SignPINProvider.class); + + protected BKUGUIFacade gui; + protected SecureViewer viewer; + protected SignedInfoType signedInfo; + private boolean retry = false; + + public SignPINProvider(BKUGUIFacade gui, SecureViewer viewer, SignedInfoType signedInfo) { + this.gui = gui; + this.viewer = viewer; + this.signedInfo = signedInfo; + } + + @Override + public char[] providePIN(PINSpec spec, int retries) + throws CancelledException, InterruptedException { + + gui.showSignaturePINDialog(spec, (retry) ? retries : -1, + this, "sign", + this, "cancel", + this, "secureViewer"); + + do { + log.trace("[" + Thread.currentThread().getName() + "] wait for action"); + waitForAction(); + log.trace("[" + Thread.currentThread().getName() + "] received action " + action); + + if ("secureViewer".equals(action)) { + try { + viewer.displayDataToBeSigned(signedInfo, this, "pinEntry"); + } catch (DigestException ex) { + log.error("Bad digest value: " + ex.getMessage()); + gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, + new Object[]{ex.getMessage()}, + this, "error"); + } catch (Exception ex) { + log.error("Could not display hashdata inputs: " + + ex.getMessage()); + gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, + new Object[]{ex.getMessage()}, + this, "error"); + } + } else if ("sign".equals(action)) { + gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, + BKUGUIFacade.MESSAGE_WAIT); + retry = true; + return gui.getPin(); + } else if ("pinEntry".equals(action)) { + gui.showSignaturePINDialog(spec, (retry) ? retries : -1, + this, "sign", + this, "cancel", + this, "secureViewer"); + } else if ("cancel".equals(action) || + "error".equals(action)) { + gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, + BKUGUIFacade.MESSAGE_WAIT); + throw new CancelledException(spec.getLocalizedName() + + " entry cancelled"); + } else { + log.error("unknown action command " + action); + } + } while (true); + } +} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINGUI.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINGUI.java new file mode 100644 index 00000000..dc21492e --- /dev/null +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINGUI.java @@ -0,0 +1,76 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.pin.gui; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.PINSpec; +import at.gv.egiz.smcc.pin.gui.PINGUI; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * The number of retries is not fixed and there is no way (?) to obtain this value. + * A PINProvider should therefore maintain an internal retry counter or flag + * to decide whether or not to warn the user (num retries passed in providePIN). + * + * Therefore PINProvider objects should not be reused. + * + * (ACOS: reload counter: between 0 and 15, where 15 meens deactivated) + * + * @author Clemens Orthacker + */ +public class VerifyPINGUI extends VerifyPINProvider implements PINGUI { + + protected static final Log log = LogFactory.getLog(VerifyPINGUI.class); + + private boolean retry = false; + + public VerifyPINGUI(BKUGUIFacade gui) { + super(gui); + } + + @Override + public void enterPINDirect(PINSpec spec, int retries) + throws CancelledException, InterruptedException { + gui.showEnterPINDirect(spec, (retry) ? retries : -1); + retry = true; + } + + @Override + public void enterPIN(PINSpec spec, int retries) { + gui.showEnterPIN(spec, (retry) ? retries : -1); + retry = true; + } + + + @Override + public void validKeyPressed() { + gui.validKeyPressed(); + } + + @Override + public void correctionButtonPressed() { + gui.correctionButtonPressed(); + } + + @Override + public void allKeysCleared() { + gui.allKeysCleared(); + } + +} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINProvider.java b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINProvider.java new file mode 100644 index 00000000..fda1e402 --- /dev/null +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/pin/gui/VerifyPINProvider.java @@ -0,0 +1,72 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.pin.gui; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.smcc.CancelledException; +import at.gv.egiz.smcc.PINSpec; +import at.gv.egiz.smcc.pin.gui.PINProvider; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * The number of retries is not fixed and there is no way (?) to obtain this value. + * A PINProvider should therefore maintain an internal retry counter or flag + * to decide whether or not to warn the user (num retries passed in providePIN). + * + * Therefore PINProvider objects should not be reused. + * + * (ACOS: reload counter: between 0 and 15, where 15 meens deactivated) + * + * @author Clemens Orthacker + */ +public class VerifyPINProvider extends AbstractPINProvider implements PINProvider { + + protected static final Log log = LogFactory.getLog(VerifyPINProvider.class); + + protected BKUGUIFacade gui; + private boolean retry = false; + + public VerifyPINProvider(BKUGUIFacade gui) { + this.gui = gui; + } + + @Override + public char[] providePIN(PINSpec spec, int retries) + throws CancelledException, InterruptedException { + + gui.showVerifyPINDialog(spec, (retry) ? retries : -1, + this, "verify", + this, "cancel"); + + log.trace("[" + Thread.currentThread().getName() + "] wait for action"); + waitForAction(); + log.trace("[" + Thread.currentThread().getName() + "] received action " + action); + + if ("cancel".equals(action)) { + gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, + BKUGUIFacade.MESSAGE_WAIT); + throw new CancelledException(spec.getLocalizedName() + + " entry cancelled"); + } + + gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, + BKUGUIFacade.MESSAGE_WAIT); + retry = true; + return gui.getPin(); + } +} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractPINProvider.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractPINProvider.java deleted file mode 100644 index bc52c955..00000000 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/AbstractPINProvider.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package at.gv.egiz.bku.smccstal; - -import at.gv.egiz.smcc.PINProvider; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * - * @author Clemens Orthacker - */ -public abstract class AbstractPINProvider implements PINProvider, ActionListener { - - protected static final Log log = LogFactory.getLog(AbstractPINProvider.class); - - protected boolean retry = false; - - protected String action; - - protected boolean actionPerformed; - -// protected void waitForAction() throws InterruptedException { -// super.wait(); -// } - - protected synchronized void waitForAction() throws InterruptedException { - try { - while (!actionPerformed) { - this.wait(); - } - } catch (InterruptedException e) { - log.error("[" + Thread.currentThread().getName() + "] interrupt in waitForAction"); - throw e; - } - actionPerformed = false; - } - - private synchronized void actionPerformed() { - actionPerformed = true; - notify();//All(); - } - - @Override - public void actionPerformed(ActionEvent e) { - log.debug("[" + Thread.currentThread().getName() + "] action performed - " + e.getActionCommand()); - action = e.getActionCommand(); - actionPerformed(); - } -} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java index 32e990c5..b34ab862 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java @@ -17,14 +17,13 @@ package at.gv.egiz.bku.smccstal; import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.pin.gui.VerifyPINGUI; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import at.gv.egiz.smcc.CancelledException; import at.gv.egiz.smcc.LockedException; import at.gv.egiz.smcc.NotActivatedException; -import at.gv.egiz.smcc.PINProvider; -import at.gv.egiz.smcc.PINSpec; import at.gv.egiz.smcc.SignatureCard; import at.gv.egiz.smcc.SignatureCardException; import at.gv.egiz.stal.ErrorResponse; @@ -49,8 +48,7 @@ public class InfoBoxReadRequestHandler extends AbstractRequestHandler { newSTALMessage("Message.RequestCaption", "Message.IdentityLink"); log.debug("Handling identitylink infobox"); byte[] resp = card.getInfobox(infoBox.getInfoboxIdentifier(), - new PINProviderFactory(card.getReader(), gui) - .getCardPINProvider(), + new VerifyPINGUI(gui), infoBox.getDomainIdentifier()); if (resp == null) { log.info("Infobox doesn't contain any data. Assume card is not activated."); @@ -97,8 +95,7 @@ public class InfoBoxReadRequestHandler extends AbstractRequestHandler { log.warn("Unknown infobox identifier: " + infoBox.getInfoboxIdentifier() + " trying generic request"); byte[] resp = card.getInfobox(infoBox.getInfoboxIdentifier(), - new PINProviderFactory(card.getReader(), gui) - .getCardPINProvider(), + new VerifyPINGUI(gui), infoBox.getDomainIdentifier()); if (resp == null) { return new ErrorResponse(6001); diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/PINProviderFactory.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/PINProviderFactory.java deleted file mode 100644 index e5afe0ae..00000000 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/PINProviderFactory.java +++ /dev/null @@ -1,327 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package at.gv.egiz.bku.smccstal; - -import at.gv.egiz.bku.gui.BKUGUIFacade; -import at.gv.egiz.smcc.CancelledException; -import at.gv.egiz.smcc.ccid.CCID; -import at.gv.egiz.smcc.PINProvider; -import at.gv.egiz.smcc.PINSpec; -import at.gv.egiz.stal.signedinfo.SignedInfoType; -import java.security.DigestException; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * don't reuse the instance if the card reader might have changed! - * @author Clemens Orthacker - */ -public class PINProviderFactory { - - protected static final Log log = LogFactory.getLog(PINProviderFactory.class); - - protected CCID reader; - protected BKUGUIFacade gui; - - /** - * don't reuse the instance if the card reader might have changed! - * @param reader - * @param gui - */ - public PINProviderFactory(CCID reader, BKUGUIFacade gui) { - log.trace("PINProviderFactory for " + reader.getName()); - this.reader = reader; - this.gui = gui; - } - - - -// public static PINProviderFactory getInstance(SignatureCard forCard, -// BKUGUIFacade gui) { -// if (forCard.getReader().hasFeature(CCID.FEATURE_VERIFY_PIN_DIRECT) || -// forCard.getReader().hasFeature(CCID.FEATURE_VERIFY_PIN_DIRECT)) { -// return new PinpadPINProviderFactory(gui); -// } else { -// return new SoftwarePINProviderFactory(gui); -// } -// } - - /** - * don't reuse the instance if the card reader might have changed! - * @param reader - * @param gui - * @return - */ -// public static PINProviderFactory getInstance(CCID reader, BKUGUIFacade gui) { -// log.trace("PINProviderFactory for " + reader.getName()); -// return new PINProviderFactory(reader, gui); -// } - - public PINProvider getSignaturePINProvider(SecureViewer viewer, - SignedInfoType signedInfo) { - if (reader.hasFeature(CCID.FEATURE_VERIFY_PIN_START) || - reader.hasFeature(CCID.FEATURE_VERIFY_PIN_DIRECT)) { - log.debug("pinpad signature-pin provider"); - return new PinpadSignaturePinProvider(viewer, signedInfo); - } else { - log.debug("software signature-pin provider"); - return new SoftwareSignaturePinProvider(viewer, signedInfo); - } - } - - public PINProvider getCardPINProvider() { - if (reader.hasFeature(CCID.FEATURE_VERIFY_PIN_START) || - reader.hasFeature(CCID.FEATURE_VERIFY_PIN_DIRECT)) { - log.debug("pinpad card-pin provider"); - return new PinpadCardPinProvider(); - } else { - log.debug("software card-pin provider"); - return new SoftwareCardPinProvider(); - } - } - - class SoftwareSignaturePinProvider extends AbstractPINProvider { - - protected SecureViewer viewer; - protected SignedInfoType signedInfo; - - private SoftwareSignaturePinProvider(SecureViewer viewer, - SignedInfoType signedInfo) { - this.viewer = viewer; - this.signedInfo = signedInfo; - } - - @Override - public char[] providePIN(PINSpec spec, int retries) - throws CancelledException, InterruptedException { - - gui.showSignaturePINDialog(spec, (retry) ? retries : -1, - this, "sign", - this, "cancel", - this, "secureViewer"); - - do { - log.debug("[" + Thread.currentThread().getName() + "] wait for action"); - waitForAction(); - log.debug("[" + Thread.currentThread().getName() + "] received action"); - - if ("secureViewer".equals(action)) { - try { - viewer.displayDataToBeSigned(signedInfo, this, "pinEntry"); - } catch (DigestException ex) { - log.error("Bad digest value: " + ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, - new Object[]{ex.getMessage()}, - this, "error"); - } catch (Exception ex) { - log.error("Could not display hashdata inputs: " + - ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, - new Object[]{ex.getMessage()}, - this, "error"); - } - } else if ("sign".equals(action)) { - gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, - BKUGUIFacade.MESSAGE_WAIT); - retry = true; - return gui.getPin(); - } else if ("pinEntry".equals(action)) { - gui.showSignaturePINDialog(spec, (retry) ? retries : -1, - this, "sign", - this, "cancel", - this, "secureViewer"); - } else if ("cancel".equals(action) || - "error".equals(action)) { - gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, - BKUGUIFacade.MESSAGE_WAIT); - throw new CancelledException(spec.getLocalizedName() + - " entry cancelled"); - } else { - log.error("unknown action command " + action); - } - } while (true); - } - } - - class SoftwareCardPinProvider extends AbstractPINProvider { - - private SoftwareCardPinProvider() { - } - - @Override - public char[] providePIN(PINSpec spec, int retries) - throws CancelledException, InterruptedException { - - gui.showCardPINDialog(spec, (retry) ? retries : -1, - this, "ok", - this, "cancel"); - - log.debug("[" + Thread.currentThread().getName() + "] wait for action"); - waitForAction(); - - gui.showMessageDialog(BKUGUIFacade.TITLE_WAIT, - BKUGUIFacade.MESSAGE_WAIT); - - if ("cancel".equals(action)) { - throw new CancelledException(spec.getLocalizedName() + - " entry cancelled"); - } - retry = true; - return gui.getPin(); - } - } - - class PinpadSignaturePinProvider extends AbstractPINProvider { - -// protected BKUGUIFacade gui; - protected SecureViewer viewer; - protected ViewerThread viewerThread; - protected SignedInfoType signedInfo; - - - private PinpadSignaturePinProvider(SecureViewer viewer, - SignedInfoType signedInfo) { - this.viewer = viewer; - this.signedInfo = signedInfo; - } - - protected class ViewerThread extends Thread { - - PINSpec pinSpec; - int retries; - - public ViewerThread(PINSpec pinSpec, int retries) { - this.pinSpec = pinSpec; - this.retries = retries; - } - - @Override - public void run() { - - try { - - gui.showPinpadSignaturePINDialog(pinSpec, retries, - PinpadSignaturePinProvider.this, "secureViewer"); - - while (true) { - log.debug("[" + Thread.currentThread().getName() + "] wait for action"); - waitForAction(); - log.debug("[" + Thread.currentThread().getName() + "] received action"); - - if ("secureViewer".equals(action)) { - viewer.displayDataToBeSigned(signedInfo, - PinpadSignaturePinProvider.this, "pinEntry"); - } else if ("pinEntry".equals(action)) { - gui.showPinpadSignaturePINDialog(pinSpec, retries, - PinpadSignaturePinProvider.this, "secureViewer"); - } else { - log.error("unsupported action command: " + action); - } - } - - } catch (DigestException ex) { - log.error("Bad digest value: " + ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_INVALID_HASH, - new Object[]{ex.getMessage()}); - } catch (InterruptedException ex) { - log.info("pinpad secure viewer thread interrupted"); - } catch (Exception ex) { - log.error("Could not display hashdata inputs: " + - ex.getMessage()); - gui.showErrorDialog(BKUGUIFacade.ERR_DISPLAY_HASHDATA, - new Object[]{ex.getMessage()}); - } - } - } - - @Override - public char[] providePIN(PINSpec spec, int retries) - throws CancelledException, InterruptedException { - - if (viewerThread != null) { - updateViewerThread(retries); - } else { - viewerThread = new ViewerThread(spec, -1); - viewerThread.start(); - } -// if (viewerThread != null) { -// log.trace("interrupt old secure viewer thread"); -// viewerThread.interrupt(); -// } -// viewerThread = new ViewerThread(spec, (retry) ? retries : -1); -// log.trace("start new secure viewer thread"); -// viewerThread.start(); - - retry = true; - return null; - } - - private synchronized void updateViewerThread(int retries) { - log.trace("update viewer thread"); - viewerThread.retries = retries; - action = "pinEntry"; - actionPerformed = true; - notify(); - } - - -// @Override -// protected void finalize() throws Throwable { -// if (viewerThread != null) { -// viewerThread.interrupt(); -// } -// log.info("finalizing Pinpad SignaturePinProvider"); -// super.finalize(); -// } - } - - class PinpadCardPinProvider extends AbstractPINProvider { - - private PinpadCardPinProvider() { - } - - @Override - public char[] providePIN(PINSpec spec, int retries) - throws CancelledException, InterruptedException { - - showPinpadPINDialog(retries, spec); - retry = true; - return null; - - } - - private void showPinpadPINDialog(int retries, PINSpec pinSpec) { - String title, message; - Object[] params; - if (retry) { - title = BKUGUIFacade.TITLE_RETRY; - message = BKUGUIFacade.MESSAGE_RETRIES; - params = new Object[]{String.valueOf(retries)}; - } else { - title = BKUGUIFacade.TITLE_CARDPIN; - message = BKUGUIFacade.MESSAGE_ENTERPIN_PINPAD; - String pinSize = String.valueOf(pinSpec.getMinLength()); - if (pinSpec.getMinLength() != pinSpec.getMaxLength()) { - pinSize += "-" + pinSpec.getMaxLength(); - } - params = new Object[]{pinSpec.getLocalizedName(), pinSize}; - } - gui.showMessageDialog(title, message, params); - } - } -} diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java index 58d7b305..5b436d16 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/SignRequestHandler.java @@ -17,6 +17,7 @@ package at.gv.egiz.bku.smccstal; import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.pin.gui.SignPINGUI; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; @@ -78,8 +79,7 @@ public class SignRequestHandler extends AbstractRequestHandler { KeyboxName kb = SignatureCard.KeyboxName.getKeyboxName(signReq.getKeyIdentifier()); byte[] resp = card.createSignature(new ByteArrayInputStream(signReq.getSignedInfo()), kb, - new PINProviderFactory(card.getReader(), gui) - .getSignaturePINProvider(secureViewer, si.getValue()), signatureMethod); + new SignPINGUI(gui, secureViewer, si.getValue()), signatureMethod); if (resp == null) { return new ErrorResponse(6001); } diff --git a/smccSTAL/src/test/java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java b/smccSTAL/src/test/java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java index 16d3efa9..bf57b0a6 100644 --- a/smccSTAL/src/test/java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java +++ b/smccSTAL/src/test/java/at/gv/egiz/smcc/AbstractSMCCSTALTest.java @@ -16,7 +16,7 @@ import org.junit.Test; import at.gv.egiz.bku.gui.BKUGUIFacade; import at.gv.egiz.bku.smccstal.AbstractSMCCSTAL; import at.gv.egiz.bku.smccstal.SMCCSTALRequestHandler; -import at.gv.egiz.smcc.ccid.CCID; +import at.gv.egiz.smcc.pin.gui.PINGUI; import at.gv.egiz.stal.ErrorResponse; import at.gv.egiz.stal.InfoboxReadRequest; import at.gv.egiz.stal.InfoboxReadResponse; @@ -39,7 +39,7 @@ public class AbstractSMCCSTALTest extends AbstractSMCCSTAL implements @Override public byte[] createSignature(InputStream input, KeyboxName keyboxName, - PINProvider provider, String alg) throws SignatureCardException { + PINGUI provider, String alg) throws SignatureCardException { // TODO Auto-generated method stub return null; } @@ -58,7 +58,7 @@ public class AbstractSMCCSTALTest extends AbstractSMCCSTAL implements } @Override - public byte[] getInfobox(String infobox, PINProvider provider, + public byte[] getInfobox(String infobox, PINGUI provider, String domainId) throws SignatureCardException { // TODO Auto-generated method stub return null; @@ -87,13 +87,6 @@ public class AbstractSMCCSTALTest extends AbstractSMCCSTAL implements // TODO Auto-generated method stub } - - @Override - public CCID getReader() { - // TODO Auto-generated method stub - return null; - } - }; return false; } -- cgit v1.2.3