mirror of
https://github.com/TanelOrumaa/Estonian-ID-card-mobile-authenticator-POC.git
synced 2024-12-22 12:30:16 +02:00
More specific errors and notifications
This commit is contained in:
parent
1037d672d5
commit
dbc758fb14
@ -120,6 +120,9 @@ class AuthFragment : Fragment() {
|
||||
viewModel.deleteCan(requireContext())
|
||||
} catch (e: AuthAppException) {
|
||||
msgCode = when (e.code) {
|
||||
400 -> R.string.err_parameter
|
||||
401 -> R.string.err_authentication
|
||||
446 -> R.string.err_card_locked
|
||||
448 -> R.string.err_bad_data
|
||||
500 -> R.string.err_internal
|
||||
else -> R.string.err_unknown
|
||||
|
@ -71,6 +71,14 @@ class CanFragment : Fragment() {
|
||||
findNavController().navigate(action)
|
||||
}
|
||||
|
||||
/**
|
||||
* Saves the entered CAN and notifies the user about it
|
||||
*/
|
||||
private fun saveCan() {
|
||||
viewModel.storeCan(requireContext())
|
||||
Toast.makeText(requireContext(), getString(R.string.can_status_saved), Toast.LENGTH_SHORT).show()
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks whether the user has entered a 6 digit can to the input field.
|
||||
* If yes then the user is allowed to continue otherwise the user is
|
||||
@ -81,7 +89,7 @@ class CanFragment : Fragment() {
|
||||
if (enteredCan.length == 6) {
|
||||
viewModel.setUserCan(enteredCan)
|
||||
if (args.saving) {
|
||||
viewModel.storeCan(requireContext())
|
||||
saveCan()
|
||||
goToTheStart()
|
||||
} else {
|
||||
val storeCanQuestion = getDialog()
|
||||
@ -103,9 +111,7 @@ class CanFragment : Fragment() {
|
||||
builder.apply {
|
||||
// If response is positive then save the CAN on the device.
|
||||
setPositiveButton(R.string.save_text) { _, _ ->
|
||||
viewModel.storeCan(
|
||||
requireContext()
|
||||
)
|
||||
saveCan()
|
||||
goToTheNextFragment()
|
||||
}
|
||||
setNegativeButton(R.string.deny_text) { _, _ ->
|
||||
|
@ -159,7 +159,7 @@ public class Comms {
|
||||
private byte[] getResponse(byte[] APDU, String log) throws IOException {
|
||||
byte[] response = idCard.transceive(APDU);
|
||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||
throw new RuntimeException(String.format("%s failed.", log));
|
||||
throw new AuthAppException(String.format("%s failed.", log), 500);
|
||||
}
|
||||
Log.i(log, Hex.toHexString(response));
|
||||
return response;
|
||||
@ -227,7 +227,7 @@ public class Comms {
|
||||
selectFile(FID, info);
|
||||
byte[] response = getResponse(new byte[0], readFile, "Read binary");
|
||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||
throw new RuntimeException(String.format("Could not read %s", info));
|
||||
throw new AuthAppException(String.format("Could not read %s", info), 500);
|
||||
}
|
||||
return encryptDecryptData(Arrays.copyOfRange(response, 3, 19), Cipher.DECRYPT_MODE);
|
||||
}
|
||||
@ -296,7 +296,7 @@ public class Comms {
|
||||
private void selectFile(byte[] FID, String info) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, IOException {
|
||||
byte[] response = getResponse(FID, selectFile, String.format("Select %s", info));
|
||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||
throw new RuntimeException(String.format("Could not select %s", info));
|
||||
throw new AuthAppException(String.format("Could not select %s", info), 500);
|
||||
}
|
||||
}
|
||||
|
||||
@ -354,9 +354,9 @@ public class Comms {
|
||||
|
||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||
if (response[response.length - 2] == 0x69 && response[response.length - 1] == (byte) 0x83) {
|
||||
throw new RuntimeException("Invalid PIN. Authentication method blocked.");
|
||||
throw new AuthAppException("Invalid PIN. Authentication method blocked.", 446);
|
||||
} else {
|
||||
throw new RuntimeException(String.format("Invalid PIN. Attempts left: %d.", response[response.length - 1] + 64));
|
||||
throw new AuthAppException(String.format("Invalid PIN. Attempts left: %d.", response[response.length - 1] + 64), 401);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -385,7 +385,7 @@ public class Comms {
|
||||
readCert[3] = (byte) (certificate.length % 256);
|
||||
byte[] response = getResponse(new byte[0], readCert, "Read the certificate");
|
||||
if (response[response.length - 2] == 0x6b && response[response.length - 1] == 0x00) {
|
||||
throw new RuntimeException("Wrong read parameters.");
|
||||
throw new AuthAppException("Wrong read parameters.", 400);
|
||||
}
|
||||
|
||||
// Set the range containing a portion of the certificate and decrypt it
|
||||
@ -420,7 +420,7 @@ public class Comms {
|
||||
|
||||
byte[] response = getResponse(Env, MSESetEnv, "Set environment");
|
||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||
throw new RuntimeException("Setting the environment failed.");
|
||||
throw new AuthAppException("Setting the environment failed.", 500);
|
||||
}
|
||||
|
||||
InternalAuthenticate[4] = (byte) (0x1d + 16 * (token.length / 16));
|
||||
@ -428,7 +428,7 @@ public class Comms {
|
||||
response = getResponse(token, InternalAuthenticate, "Internal Authenticate");
|
||||
|
||||
if (response[response.length - 2] != (byte) 0x90 || response[response.length - 1] != 0x00) {
|
||||
throw new RuntimeException("Signing the token failed.");
|
||||
throw new AuthAppException("Signing the token failed.", 500);
|
||||
}
|
||||
|
||||
byte[] signature = encryptDecryptData(Arrays.copyOfRange(response, 3, 115), Cipher.DECRYPT_MODE);
|
||||
|
@ -80,4 +80,7 @@
|
||||
<string name="err_reading_card">Failed to read data from the ID-card</string>
|
||||
<string name="err_internal">Internal error</string>
|
||||
<string name="err_bad_data">Read bad data from the ID-card, try using the card again</string>
|
||||
<string name="err_parameter">Required parameter is missing or invalid</string>
|
||||
<string name="err_authentication">Failed to authenticate</string>
|
||||
<string name="err_card_locked">Card locked</string>
|
||||
</resources>
|
@ -78,4 +78,7 @@
|
||||
<string name="err_reading_card">Ei saanud ID-kaardilt andmeid lugeda</string>
|
||||
<string name="err_internal">Rakendusesisene viga</string>
|
||||
<string name="err_bad_data">ID-kaardilt loeti vigased andmed, proovi uuesti kaarti kasutada</string>
|
||||
<string name="err_parameter">Vigane või puuduv parameeter</string>
|
||||
<string name="err_authentication">Autentimine ebaõnnestus</string>
|
||||
<string name="err_card_locked">Kaart lukus</string>
|
||||
</resources>
|
@ -78,4 +78,7 @@
|
||||
<string name="err_reading_card">Failed to read data from the ID-card</string>
|
||||
<string name="err_internal">Internal error</string>
|
||||
<string name="err_bad_data">Read bad data from the ID-card, try using the card again</string>
|
||||
<string name="err_parameter">Required parameter is missing or invalid</string>
|
||||
<string name="err_authentication">Failed to authenticate</string>
|
||||
<string name="err_card_locked">Card locked</string>
|
||||
</resources>
|
Loading…
Reference in New Issue
Block a user