mirror of
https://github.com/TanelOrumaa/Estonian-ID-card-mobile-authenticator-POC.git
synced 2025-01-08 21:00:15 +02:00
More specific errors and notifications
This commit is contained in:
parent
70991ae682
commit
4fcdccfb5e
@ -156,7 +156,7 @@ public class Comms {
|
|||||||
private byte[] getResponse(byte[] APDU, String log) throws IOException {
|
private byte[] getResponse(byte[] APDU, String log) throws IOException {
|
||||||
byte[] response = idCard.transceive(APDU);
|
byte[] response = idCard.transceive(APDU);
|
||||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||||
throw new RuntimeException(String.format("%s failed.", log));
|
throw new AuthAppException(String.format("%s failed.", log), 500);
|
||||||
}
|
}
|
||||||
Log.i(log, Hex.toHexString(response));
|
Log.i(log, Hex.toHexString(response));
|
||||||
return response;
|
return response;
|
||||||
@ -221,7 +221,7 @@ public class Comms {
|
|||||||
selectFile(FID, info);
|
selectFile(FID, info);
|
||||||
byte[] response = getResponse(new byte[0], readFile, "Read binary");
|
byte[] response = getResponse(new byte[0], readFile, "Read binary");
|
||||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||||
throw new RuntimeException(String.format("Could not read %s", info));
|
throw new AuthAppException(String.format("Could not read %s", info), 500);
|
||||||
}
|
}
|
||||||
return encryptDecryptData(Arrays.copyOfRange(response, 3, 19), Cipher.DECRYPT_MODE);
|
return encryptDecryptData(Arrays.copyOfRange(response, 3, 19), Cipher.DECRYPT_MODE);
|
||||||
}
|
}
|
||||||
@ -290,7 +290,7 @@ public class Comms {
|
|||||||
private void selectFile(byte[] FID, String info) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, IOException {
|
private void selectFile(byte[] FID, String info) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, IOException {
|
||||||
byte[] response = getResponse(FID, selectFile, String.format("Select %s", info));
|
byte[] response = getResponse(FID, selectFile, String.format("Select %s", info));
|
||||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||||
throw new RuntimeException(String.format("Could not select %s", info));
|
throw new AuthAppException(String.format("Could not select %s", info), 500);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -348,9 +348,9 @@ public class Comms {
|
|||||||
|
|
||||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||||
if (response[response.length - 2] == 0x69 && response[response.length - 1] == (byte) 0x83) {
|
if (response[response.length - 2] == 0x69 && response[response.length - 1] == (byte) 0x83) {
|
||||||
throw new RuntimeException("Invalid PIN. Authentication method blocked.");
|
throw new AuthAppException("Invalid PIN. Authentication method blocked.", 446);
|
||||||
} else {
|
} else {
|
||||||
throw new RuntimeException(String.format("Invalid PIN. Attempts left: %d.", response[response.length - 1] + 64));
|
throw new AuthAppException(String.format("Invalid PIN. Attempts left: %d.", response[response.length - 1] + 64), 401);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -379,7 +379,7 @@ public class Comms {
|
|||||||
readCert[3] = (byte) (certificate.length % 256);
|
readCert[3] = (byte) (certificate.length % 256);
|
||||||
byte[] response = getResponse(new byte[0], readCert, "Read the certificate");
|
byte[] response = getResponse(new byte[0], readCert, "Read the certificate");
|
||||||
if (response[response.length - 2] == 0x6b && response[response.length - 1] == 0x00) {
|
if (response[response.length - 2] == 0x6b && response[response.length - 1] == 0x00) {
|
||||||
throw new RuntimeException("Wrong read parameters.");
|
throw new AuthAppException("Wrong read parameters.", 400);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set the range containing a portion of the certificate and decrypt it
|
// Set the range containing a portion of the certificate and decrypt it
|
||||||
@ -414,7 +414,7 @@ public class Comms {
|
|||||||
|
|
||||||
byte[] response = getResponse(Env, MSESetEnv, "Set environment");
|
byte[] response = getResponse(Env, MSESetEnv, "Set environment");
|
||||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||||
throw new RuntimeException("Setting the environment failed.");
|
throw new AuthAppException("Setting the environment failed.", 500);
|
||||||
}
|
}
|
||||||
|
|
||||||
InternalAuthenticate[4] = (byte) (0x1d + 16 * (token.length / 16));
|
InternalAuthenticate[4] = (byte) (0x1d + 16 * (token.length / 16));
|
||||||
@ -422,7 +422,7 @@ public class Comms {
|
|||||||
response = getResponse(token, InternalAuthenticate, "Internal Authenticate");
|
response = getResponse(token, InternalAuthenticate, "Internal Authenticate");
|
||||||
|
|
||||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||||
throw new RuntimeException("Signing the token failed.");
|
throw new AuthAppException("Signing the token failed.", 500);
|
||||||
}
|
}
|
||||||
|
|
||||||
byte[] signature = encryptDecryptData(Arrays.copyOfRange(response, 3, 115), Cipher.DECRYPT_MODE);
|
byte[] signature = encryptDecryptData(Arrays.copyOfRange(response, 3, 115), Cipher.DECRYPT_MODE);
|
||||||
|
Loading…
Reference in New Issue
Block a user