diff --git a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/AuthFragment.kt b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/AuthFragment.kt
index 4d3d678..469bdd0 100644
--- a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/AuthFragment.kt
+++ b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/AuthFragment.kt
@@ -4,7 +4,6 @@ import android.app.Activity
import android.content.Context
import android.content.Intent
import android.nfc.NfcAdapter
-import android.nfc.TagLostException
import android.nfc.tech.IsoDep
import android.os.Bundle
import android.os.CountDownTimer
@@ -18,11 +17,16 @@ import androidx.fragment.app.activityViewModels
import androidx.navigation.fragment.findNavController
import androidx.navigation.fragment.navArgs
import com.tarkvaraprojekt.mobileauthapp.NFC.Comms
+import com.tarkvaraprojekt.mobileauthapp.auth.AuthAppException
import com.tarkvaraprojekt.mobileauthapp.auth.Authenticator
+import com.tarkvaraprojekt.mobileauthapp.auth.InvalidCANException
+import com.tarkvaraprojekt.mobileauthapp.auth.InvalidPINException
import com.tarkvaraprojekt.mobileauthapp.databinding.FragmentAuthBinding
import com.tarkvaraprojekt.mobileauthapp.model.ParametersViewModel
import com.tarkvaraprojekt.mobileauthapp.model.SmartCardViewModel
+import java.io.IOException
import java.lang.Exception
+import java.security.GeneralSecurityException
import kotlin.system.exitProcess
/**
@@ -107,6 +111,9 @@ class AuthFragment : Fragment() {
requireActivity().runOnUiThread {
binding.timeCounter.text = getString(R.string.card_detected)
}
+ var msgCode = 0
+ var msgArg : Int? = null
+
val card = IsoDep.get(tag)
card.timeout = 32768
card.use {
@@ -119,31 +126,49 @@ class AuthFragment : Fragment() {
)
paramsModel.setToken(jws)
requireActivity().runOnUiThread {
+ binding.timeCounter.text = getString(R.string.data_read)
goToNextFragment()
}
- } catch (e: Exception) {
- when(e) {
- is TagLostException -> requireActivity().runOnUiThread { binding!!.timeCounter.text = getString(R.string.id_card_removed_early) }
- else -> {
- when ("invalid pin") {
- in e.message.toString().lowercase() -> requireActivity().runOnUiThread {
- val messagePieces = e.message.toString().split(" ")
- binding.timeCounter.text = getString(R.string.wrong_pin, messagePieces[messagePieces.size - 1])
- viewModel.deletePin(requireContext())
- }
- else -> requireActivity().runOnUiThread {
- binding.timeCounter.text = getString(R.string.wrong_can_text)
- viewModel.deleteCan(requireContext())
- }
- }
- }
+ } catch (e: android.nfc.TagLostException) {
+ msgCode = R.string.tag_lost
+ } catch (e: InvalidCANException) {
+ msgCode = R.string.wrong_can_text
+ // If the CAN is wrong we will also delete the saved CAN so that the user won't use it again.
+ viewModel.deleteCan(requireContext())
+ } catch (e: InvalidPINException) {
+ msgCode = R.string.wrong_pin
+ msgArg = e.remainingAttempts
+ viewModel.deletePin(requireContext())
+ } catch (e: AuthAppException) {
+ msgCode = when (e.code) {
+ 400 -> R.string.err_parameter
+ 401 -> R.string.err_authentication
+ 446 -> R.string.err_card_locked
+ 448 -> R.string.err_bad_data
+ 500 -> R.string.err_internal
+ else -> R.string.err_unknown
}
- // Give user some time to read the error message
- Thread.sleep(2000)
- cancelAuth()
+ } catch (e: GeneralSecurityException) {
+ msgCode = R.string.err_internal
+ } catch (e: IOException) {
+ msgCode = R.string.err_reading_card
+ } catch (e: Exception) {
+ msgCode = R.string.err_unknown
} finally {
adapter.disableReaderMode(activity)
}
+
+ if (msgCode != 0) {
+ requireActivity().runOnUiThread {
+ var msg = getString(msgCode)
+ if (msgArg != null)
+ msg = String.format(msg, msgArg)
+ binding.timeCounter.text = msg
+ }
+ // Gives user some time to read the error message
+ Thread.sleep(2000)
+ cancelAuth()
+ }
}
}, NfcAdapter.FLAG_READER_NFC_A, null)
}
diff --git a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java
index 8af8db3..5cb178f 100644
--- a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java
+++ b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/NFC/Comms.java
@@ -3,6 +3,9 @@ package com.tarkvaraprojekt.mobileauthapp.NFC;
import android.nfc.tech.IsoDep;
import android.util.Log;
+import com.tarkvaraprojekt.mobileauthapp.auth.AuthAppException;
+import com.tarkvaraprojekt.mobileauthapp.auth.InvalidPINException;
+
import org.bouncycastle.crypto.BlockCipher;
import org.bouncycastle.crypto.engines.AESEngine;
import org.bouncycastle.crypto.macs.CMac;
@@ -204,7 +207,7 @@ public class Comms {
// verify chip's MAC and return session keys
MAC = getMAC(createAPDU(dataForMACIncomplete, publicKey.getEncoded(false), 65), keyMAC);
if (!Hex.toHexString(response, 4, 8).equals(Hex.toHexString(MAC))) {
- throw new RuntimeException("Could not verify chip's MAC."); // *Should* never happen.
+ throw new AuthAppException("Could not verify chip's MAC.", 448); // *Should* never happen.
}
return new byte[][]{keyEnc, keyMAC};
@@ -315,7 +318,7 @@ public class Comms {
// select and read the personal data elementary files
for (byte index : lastBytes) {
- if (index > 15 || index < 1) throw new RuntimeException("Invalid personal data FID.");
+ if (index > 15 || index < 1) throw new AuthAppException("Invalid personal data FID.", 500);
FID[1] = index;
// store the decrypted datum
@@ -350,7 +353,7 @@ public class Comms {
if (response[response.length - 2] == 0x69 && response[response.length - 1] == (byte) 0x83) {
throw new AuthAppException("Invalid PIN. Authentication method blocked.", 446);
} else {
- throw new AuthAppException(String.format("Invalid PIN. Attempts left: %d.", response[response.length - 1] + 64), 401);
+ throw new InvalidPINException(response[response.length - 1] + 64);
}
}
}
diff --git a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/auth/InvalidPINException.kt b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/auth/InvalidPINException.kt
new file mode 100644
index 0000000..94b8d26
--- /dev/null
+++ b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/auth/InvalidPINException.kt
@@ -0,0 +1,10 @@
+package com.tarkvaraprojekt.mobileauthapp.auth
+
+/**
+ * An AuthAppException for when the user entered PIN is not correct
+ * @see AuthAppException
+ */
+class InvalidPINException(val remainingAttempts: Int) : AuthAppException(
+ "Invalid PIN" + (if (remainingAttempts>0) "" else ". Authentication method blocked."),
+ if (remainingAttempts>0) 401 else 446
+)
\ No newline at end of file
diff --git a/MobileAuthApp/app/src/main/res/values-en/strings.xml b/MobileAuthApp/app/src/main/res/values-en/strings.xml
index d0770eb..7bdaaa3 100644
--- a/MobileAuthApp/app/src/main/res/values-en/strings.xml
+++ b/MobileAuthApp/app/src/main/res/values-en/strings.xml
@@ -19,7 +19,7 @@
NFC is not turned on or is not supported by the phone
The provided CAN does not match the ID card
ID card was removed too early
- Wrong PIN 1. Tries on the card left %s
+ Wrong PIN 1. %s tries left on the card
PIN 1 saved
@@ -75,8 +75,8 @@
CAN: %s
Delete CAN
PIN1: %s
- Add PIN1
- Delete PIN1
+ Add PIN 1
+ Delete PIN 1
not saved
SHOW
HIDE
@@ -84,4 +84,13 @@
Settings are currently unavailable
CAN deleted
PIN 1 deleted
+
+ Unknown error
+ Connection between device and ID-card lost
+ Failed to read data from the ID-card
+ Internal error
+ Read bad data from the ID-card, try using the card again
+ Required parameter is missing or invalid
+ Failed to authenticate
+ Card locked
\ No newline at end of file
diff --git a/MobileAuthApp/app/src/main/res/values-et/strings.xml b/MobileAuthApp/app/src/main/res/values-et/strings.xml
index 7b782cd..7067779 100644
--- a/MobileAuthApp/app/src/main/res/values-et/strings.xml
+++ b/MobileAuthApp/app/src/main/res/values-et/strings.xml
@@ -18,7 +18,7 @@
NFC ei ole sisse lülitatud või puudub telefonil NFC võimekus
Sisestatud CAN ei ole vastavuses ID kaardiga
ID kaart eemaldati liiga vara
- Vale PIN 1. ID kaardil PIN 1 sisetamise kordi alles: %s
+ Vale PIN 1. ID kaardil PIN 1 sisetamise katseid järel: %s
PIN 1 on salvestatud
@@ -83,4 +83,13 @@
Seaded pole hetkel saadaval
CAN kustatud
PIN 1 kustatud
+
+ Tundmatu viga
+ Ühendus seadme ja kaardi vahel katkes
+ Ei saanud ID-kaardilt andmeid lugeda
+ Rakendusesisene viga
+ ID-kaardilt loeti vigased andmed, proovi uuesti kaarti kasutada
+ Vigane või puuduv parameeter
+ Autentimine ebaõnnestus
+ Kaart lukus
\ No newline at end of file
diff --git a/MobileAuthApp/app/src/main/res/values/strings.xml b/MobileAuthApp/app/src/main/res/values/strings.xml
index af966a3..df0da43 100644
--- a/MobileAuthApp/app/src/main/res/values/strings.xml
+++ b/MobileAuthApp/app/src/main/res/values/strings.xml
@@ -17,7 +17,7 @@
NFC is not turned on or is not supported by the phone
The provided CAN does not match the ID card
ID card was removed too early
- Wrong PIN 1. Tries on the card left %s
+ Wrong PIN 1. %s tries left on the card
PIN 1 saved
@@ -82,4 +82,13 @@
Settings are currently unavailable
CAN deleted
PIN 1 deleted
+
+ Unknown error
+ Connection between device and ID-card lost
+ Failed to read data from the ID-card
+ Internal error
+ Read bad data from the ID-card, try using the card again
+ Required parameter is missing or invalid
+ Failed to authenticate
+ Card locked
\ No newline at end of file