arti/Estonian-ID-card-mobile-authenticator-POC
1
0
Fork 0
mirror of https://github.com/TanelOrumaa/Estonian-ID-card-mobile-authenticator-POC.git synced 2024-12-22 20:40:16 +02:00
Code Packages Releases Wiki Activity

More specific errors and notifications

Browse Source
This commit is contained in:
stargateprovider 2021-12-04 21:22:54 +02:00
parent 70991ae682
commit 4fcdccfb5e
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java
View File

@ -156,7 +156,7 @@ public class Comms {
private byte[] getResponse(byte[] APDU, String log) throws IOException { private byte[] getResponse(byte[] APDU, String log) throws IOException {
byte[] response = idCard.transceive(APDU); byte[] response = idCard.transceive(APDU);
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) { if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
throw new RuntimeException(String.format("%s failed.", log)); throw new AuthAppException(String.format("%s failed.", log), 500);
} }
Log.i(log, Hex.toHexString(response)); Log.i(log, Hex.toHexString(response));
return response; return response;
@ -221,7 +221,7 @@ public class Comms {
selectFile(FID, info); selectFile(FID, info);
byte[] response = getResponse(new byte[0], readFile, "Read binary"); byte[] response = getResponse(new byte[0], readFile, "Read binary");
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) { if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
throw new RuntimeException(String.format("Could not read %s", info)); throw new AuthAppException(String.format("Could not read %s", info), 500);
} }
return encryptDecryptData(Arrays.copyOfRange(response, 3, 19), Cipher.DECRYPT_MODE); return encryptDecryptData(Arrays.copyOfRange(response, 3, 19), Cipher.DECRYPT_MODE);
} }
@ -290,7 +290,7 @@ public class Comms {
private void selectFile(byte[] FID, String info) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, IOException { private void selectFile(byte[] FID, String info) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, IOException {
byte[] response = getResponse(FID, selectFile, String.format("Select %s", info)); byte[] response = getResponse(FID, selectFile, String.format("Select %s", info));
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) { if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
throw new RuntimeException(String.format("Could not select %s", info)); throw new AuthAppException(String.format("Could not select %s", info), 500);
} }
} }
@ -348,9 +348,9 @@ public class Comms {
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) { if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
if (response[response.length - 2] == 0x69 && response[response.length - 1] == (byte) 0x83) { if (response[response.length - 2] == 0x69 && response[response.length - 1] == (byte) 0x83) {
throw new RuntimeException("Invalid PIN. Authentication method blocked."); throw new AuthAppException("Invalid PIN. Authentication method blocked.", 446);
} else { } else {
throw new RuntimeException(String.format("Invalid PIN. Attempts left: %d.", response[response.length - 1] + 64)); throw new AuthAppException(String.format("Invalid PIN. Attempts left: %d.", response[response.length - 1] + 64), 401);
} }
} }
} }
@ -379,7 +379,7 @@ public class Comms {
readCert[3] = (byte) (certificate.length % 256); readCert[3] = (byte) (certificate.length % 256);
byte[] response = getResponse(new byte[0], readCert, "Read the certificate"); byte[] response = getResponse(new byte[0], readCert, "Read the certificate");
if (response[response.length - 2] == 0x6b && response[response.length - 1] == 0x00) { if (response[response.length - 2] == 0x6b && response[response.length - 1] == 0x00) {
throw new RuntimeException("Wrong read parameters."); throw new AuthAppException("Wrong read parameters.", 400);
} }
// Set the range containing a portion of the certificate and decrypt it // Set the range containing a portion of the certificate and decrypt it
@ -414,7 +414,7 @@ public class Comms {
byte[] response = getResponse(Env, MSESetEnv, "Set environment"); byte[] response = getResponse(Env, MSESetEnv, "Set environment");
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) { if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
throw new RuntimeException("Setting the environment failed."); throw new AuthAppException("Setting the environment failed.", 500);
} }
InternalAuthenticate[4] = (byte) (0x1d + 16 * (token.length / 16)); InternalAuthenticate[4] = (byte) (0x1d + 16 * (token.length / 16));
@ -422,7 +422,7 @@ public class Comms {
response = getResponse(token, InternalAuthenticate, "Internal Authenticate"); response = getResponse(token, InternalAuthenticate, "Internal Authenticate");
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) { if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
throw new RuntimeException("Signing the token failed."); throw new AuthAppException("Signing the token failed.", 500);
} }
byte[] signature = encryptDecryptData(Arrays.copyOfRange(response, 3, 115), Cipher.DECRYPT_MODE); byte[] signature = encryptDecryptData(Arrays.copyOfRange(response, 3, 115), Cipher.DECRYPT_MODE);