Commit bed826fa authored by Tobias Wich's avatar Tobias Wich
Browse files

Merge branch 'result-minor-activate'

parents 4561cae9 6fac7641
......@@ -36,5 +36,6 @@ public class AuxDataKeys {
public static final String REDIRECT_LOCATION = PREFIX + "redirect_location" ;
public static final String RESPONSE_HEADERS = PREFIX + "response_headers";
public static final String MINOR_PROCESS_RESULT = PREFIX + "minor_result";
}
......@@ -111,7 +111,11 @@ public class PAOSTask implements Callable<StartPAOSResponse> {
sp.getSupportedDIDProtocols().addAll(supportedDIDs);
return p.sendStartPAOS(sp);
} finally {
TCTokenHandler.disconnectHandle(dispatcher, connectionHandle);
try {
TCTokenHandler.disconnectHandle(dispatcher, connectionHandle);
} catch (Exception ex) {
LOG.warn("Error disconnecting finished handle.", ex);
}
}
}
......
......@@ -375,22 +375,35 @@ public class TCTokenHandler {
break;
}
LOG.debug("Processing InnerException.", innerException);
if (innerException instanceof WSException) {
WSException ex = (WSException) innerException;
errorMsg = createResponseFromWsEx(ex, response);
} else if (innerException instanceof PAOSConnectionException) {
response.setResult(WSHelper.makeResultError(ResultMinor.TRUSTED_CHANNEL_ESTABLISCHMENT_FAILED,
response.setResult(WSHelper.makeResultError(ResultMinor.TRUSTED_CHANNEL_ESTABLISHMENT_FAILED,
w.getLocalizedMessage()));
response.setAdditionalResultMinor(ECardConstants.Minor.Disp.COMM_ERROR);
} else if (innerException instanceof InterruptedException) {
response.setResultCode(BindingResultCode.INTERRUPTED);
response.setResult(WSHelper.makeResultError(ResultMinor.CANCELLATION_BY_USER, errorMsg));
response.setAdditionalResultMinor(ECardConstants.Minor.App.SESS_TERMINATED);
} else if (innerException instanceof DocumentValidatorException) {
errorMsg = LANG_TR.translationForKey(SCHEMA_VALIDATION_FAILED);
// it is ridiculous, that this should be a client error, but the test spec demands this
response.setResult(WSHelper.makeResultError(ResultMinor.CLIENT_ERROR, w.getMessage()));
response.setAdditionalResultMinor(ECardConstants.Minor.SAL.Support.SCHEMA_VAILD_FAILED);
} else {
errorMsg = createMessageFromUnknownError(w);
response.setResult(WSHelper.makeResultError(ResultMinor.CLIENT_ERROR, w.getMessage()));
response.setAdditionalResultMinor(ECardConstants.Minor.App.UNKNOWN_ERROR);
}
String paosAdditionalMinor = w.getAdditionalResultMinor();
if (paosAdditionalMinor != null) {
LOG.debug("Replacing minor from inner exception with minor from PAOSException.");
LOG.debug("InnerException minor: {}", response.getAuxResultData().get(AuxDataKeys.MINOR_PROCESS_RESULT));
LOG.debug("PAOSException minor: {}", paosAdditionalMinor);
response.setAdditionalResultMinor(paosAdditionalMinor);
}
showErrorMessage(errorMsg);
......@@ -548,7 +561,10 @@ public class TCTokenHandler {
private String createResponseFromWsEx(WSException ex, TCTokenResponse response) {
String errorMsg;
switch (ex.getResultMinor()) {
String minor = ex.getResultMinor();
switch (minor) {
case ECardConstants.Minor.Disp.TIMEOUT:
case ECardConstants.Minor.SAL.CANCELLATION_BY_USER:
case ECardConstants.Minor.IFD.CANCELLATION_BY_USER:
errorMsg = LANG_TOKEN.translationForKey("cancel");
......@@ -594,6 +610,9 @@ public class TCTokenHandler {
errorMsg = LANG_TR.translationForKey(ERROR_WHILE_AUTHENTICATION);
response.setResult(WSHelper.makeResultError(ResultMinor.SERVER_ERROR, errorMsg));
}
response.setAdditionalResultMinor(minor);
return errorMsg;
}
......
/****************************************************************************
* Copyright (C) 2012-2014 ecsec GmbH.
* Copyright (C) 2012-2019 ecsec GmbH.
* All rights reserved.
* Contact: ecsec GmbH (info@ecsec.de)
*
......@@ -42,10 +42,12 @@ import org.openecard.common.util.UrlBuilder;
*
* @author Moritz Horsch
* @author Hans-Martin Haase
* @author Tobias Wich
*/
public class TCTokenResponse extends BindingResult {
private static final I18n lang = I18n.getTranslation("tr03112");
private static final I18n LANG = I18n.getTranslation("tr03112");
private Result result;
private TCToken token;
private Future<?> bindingTask;
......@@ -71,6 +73,10 @@ public class TCTokenResponse extends BindingResult {
this.result = result;
}
public void setAdditionalResultMinor(String minor) {
this.addAuxResultData(AuxDataKeys.MINOR_PROCESS_RESULT, minor);
}
/**
* Sets the TCToken as received in the request.
*
......@@ -151,7 +157,7 @@ public class TCTokenResponse extends BindingResult {
} catch (URISyntaxException ex) {
// this is a code failure as the URLs are verified upfront
// TODO: translate when exception changes
throw new IllegalArgumentException(lang.getOriginalMessage(INVALID_URL), ex);
throw new IllegalArgumentException(LANG.getOriginalMessage(INVALID_URL), ex);
}
}
......
......@@ -396,7 +396,7 @@ public class TCTokenVerifier {
}
URI refreshUrlAsUrl = createUrlWithErrorParams(refreshUrl,
ResultMinor.TRUSTED_CHANNEL_ESTABLISCHMENT_FAILED, ex.getMessage());
ResultMinor.TRUSTED_CHANNEL_ESTABLISHMENT_FAILED, ex.getMessage());
throw new InvalidTCTokenElement(refreshUrlAsUrl.toString(), ex);
} catch (IOException | HttpResourceException | InvalidUrlException | InvalidProxyException | ValidationError | URISyntaxException ex1) {
String errorUrl = token.getComErrorAddressWithParams(ResultMinor.COMMUNICATION_ERROR);
......
......@@ -33,7 +33,7 @@ public class ResultMinor {
/**
* Indicates that the eID-Client failed to set up a trusted channel to the eID-Server.
*/
public static final String TRUSTED_CHANNEL_ESTABLISCHMENT_FAILED = "trustedChannelEstablishmentFailed";
public static final String TRUSTED_CHANNEL_ESTABLISHMENT_FAILED = "trustedChannelEstablishmentFailed";
/**
* Indicates that the user aborted the authentication.
......
......@@ -30,9 +30,9 @@ import org.openecard.addon.sal.FunctionType;
import org.openecard.addon.sal.ProtocolStep;
import org.openecard.binding.tctoken.TR03112Keys;
import org.openecard.common.DynamicContext;
import org.openecard.common.ECardException;
import org.openecard.common.WSHelper;
import org.openecard.common.interfaces.Dispatcher;
import org.openecard.common.sal.protocol.exception.ProtocolException;
import org.openecard.common.tlv.TLVException;
import org.openecard.sal.protocol.eac.anytype.EAC2OutputType;
import org.openecard.sal.protocol.eac.anytype.EACAdditionalInputType;
......@@ -92,7 +92,11 @@ public class ChipAuthenticationStep implements ProtocolStep<DIDAuthenticate, DID
eac2Output = auth.performAuth(eac2Output, internalData);
response.setAuthenticationProtocolData(eac2Output.getAuthDataType());
} catch (ParserConfigurationException | ProtocolException | TLVException e) {
} catch (ECardException e) {
LOG.error(e.getMessage(), e);
response.setResult(e.getResult());
dynCtx.put(EACProtocol.AUTHENTICATION_DONE, false);
} catch (ParserConfigurationException | TLVException e) {
LOG.error(e.getMessage(), e);
response.setResult(WSHelper.makeResultUnknownError(e.getMessage()));
dynCtx.put(EACProtocol.AUTHENTICATION_DONE, false);
......
......@@ -46,6 +46,7 @@ import org.openecard.binding.tctoken.TR03112Keys;
import org.bouncycastle.tls.TlsServerCertificate;
import org.openecard.common.DynamicContext;
import org.openecard.common.ECardConstants;
import org.openecard.common.ECardException;
import org.openecard.common.I18n;
import org.openecard.common.ThreadTerminateException;
import org.openecard.common.WSHelper;
......@@ -299,6 +300,7 @@ public class PACEStep implements ProtocolStep<DIDAuthenticate, DIDAuthenticateRe
switch (minor) {
case ECardConstants.Minor.IFD.CANCELLATION_BY_USER:
case ECardConstants.Minor.SAL.CANCELLATION_BY_USER:
case ECardConstants.Minor.Disp.TIMEOUT:
needsTermination = true;
}
}
......@@ -391,7 +393,7 @@ public class PACEStep implements ProtocolStep<DIDAuthenticate, DIDAuthenticateRe
String msg = ex.getMessage();
response.setResult(WSHelper.makeResultError(ECardConstants.Minor.SAL.EAC.DOC_VALID_FAILED, msg));
dynCtx.put(EACProtocol.AUTHENTICATION_DONE, false);
} catch (WSHelper.WSException e) {
} catch (ECardException e) {
LOG.error(e.getMessage(), e);
response.setResult(e.getResult());
dynCtx.put(EACProtocol.AUTHENTICATION_DONE, false);
......
......@@ -30,6 +30,7 @@ import org.openecard.addon.sal.ProtocolStep;
import org.openecard.binding.tctoken.TR03112Keys;
import org.openecard.common.DynamicContext;
import org.openecard.common.ECardConstants;
import org.openecard.common.ECardException;
import org.openecard.common.WSHelper;
import org.openecard.common.interfaces.Dispatcher;
import org.openecard.crypto.common.asn1.cvc.CardVerifiableCertificate;
......@@ -136,6 +137,10 @@ public class TerminalAuthenticationStep implements ProtocolStep<DIDAuthenticate,
}
response.setAuthenticationProtocolData(eac2Output.getAuthDataType());
} catch (ECardException e) {
LOG.error(e.getMessage(), e);
response.setResult(e.getResult());
dynCtx.put(EACProtocol.AUTHENTICATION_DONE, false);
} catch (Exception e) {
LOG.error(e.getMessage(), e);
response.setResult(WSHelper.makeResultUnknownError(e.getMessage()));
......
......@@ -72,7 +72,7 @@ public class ProcessingStepAction extends StepAction {
} catch (TimeoutException ex) {
LOG.info("Timeout while waiting for the authentication to finish.", ex);
ctx.put(EACProtocol.PACE_EXCEPTION, WSHelper.createException(WSHelper.makeResultError(
ECardConstants.Minor.SAL.CANCELLATION_BY_USER, "User canceled the EAC dialog.")));
ECardConstants.Minor.Disp.TIMEOUT, "Timeout during EAC process.")));
return new StepActionResult(StepActionResultStatus.CANCEL);
}
}
......
......@@ -329,6 +329,7 @@ public class PAOS {
DefaultConnectionReuseStrategy reuse = new DefaultConnectionReuseStrategy();
boolean connectionDropped = false;
ResponseBaseType lastResponse = null;
String firstOecMinorError = null;
try {
// loop and send makes a computer happy
......@@ -344,6 +345,16 @@ public class PAOS {
// save the last message we sent to the eID-Server.
if (msg instanceof ResponseBaseType) {
lastResponse = (ResponseBaseType) msg;
// save first minor code if there is one returned from our stack
if (firstOecMinorError == null) {
Result r = lastResponse.getResult();
if (r != null) {
String minor = r.getResultMinor();
if (minor != null) {
firstOecMinorError = minor;
}
}
}
}
// prepare request
String resource = tlsHandler.getResource();
......@@ -451,7 +462,11 @@ public class PAOS {
} catch (TransformerException ex) {
throw new DispatcherException(ex);
} catch (WSException ex) {
throw new PAOSException(ex);
PAOSException newEx = new PAOSException(ex);
if (firstOecMinorError != null) {
newEx.setAdditionalResultMinor(firstOecMinorError);
}
throw newEx;
} finally {
try {
if (conn != null) {
......
......@@ -38,6 +38,8 @@ public class PAOSException extends I18nException {
private static final long serialVersionUID = 1L;
private static final I18n lang = I18n.getTranslation("tr03112");
private String additionalResultMinor;
/**
* Creates an instance and initializes the exception with a cause.
*
......@@ -78,4 +80,12 @@ public class PAOSException extends I18nException {
super(lang, key, cause, params);
}
public void setAdditionalResultMinor(String additionalResultMinor) {
this.additionalResultMinor = additionalResultMinor;
}
public String getAdditionalResultMinor() {
return additionalResultMinor;
}
}
......@@ -138,6 +138,9 @@ public class ActivationController {
default:
activationResult = new ActivationResult(INTERNAL_ERROR, result.getResultMessage());
}
activationResult.setProcessMinor(result.getAuxResultData().get(AuxDataKeys.MINOR_PROCESS_RESULT));
return activationResult;
}
......
......@@ -32,6 +32,7 @@ public class ActivationResult {
private final String redirectUrl;
private final ActivationResultCode resultCode;
private final String errorMessage;
private String processMinor;
public ActivationResult(ActivationResultCode resultCode) {
this(null, resultCode, null);
......@@ -51,6 +52,10 @@ public class ActivationResult {
this.errorMessage = errorMessage;
}
public void setProcessMinor(String processMinor) {
this.processMinor = processMinor;
}
public String getRedirectUrl() {
return redirectUrl;
}
......@@ -63,4 +68,14 @@ public class ActivationResult {
return errorMessage;
}
/**
* If present, represents the minor error code of the error leading to the termination of the process.
*
* @see ECardConstants.Minor;
* @return The minor result code or {@code null} if not present.
*/
public String getProcessResultMinor() {
return processMinor;
}
}
......@@ -139,14 +139,41 @@ public class ECardConstants {
private static final String APP_TV_PREFIX = APP_PREFIX + "/TrustedViewer#"; // TrustedViewer
private static final String APP_TSL_PREFIX = APP_PREFIX + "/TSL#"; // TrustedViewer
/**
* There was some unknown error.
* An unexpected error has occurred during processing which cannot be represented by the standard codes or
* specific service error codes. The error and detail texts can describe the error more closely.
*/
public static final String UNKNOWN_ERROR = APP_PREFIX + "/common#unknownError";
/**
* Use of the function by the client application is not permitted.
*/
public static final String NO_PERM = APP_PREFIX + "/common#noPermission";
/**
* Internal error.
*/
public static final String INT_ERROR = APP_PREFIX + "/common#internalError";
public static final String PARM_ERROR = APP_PREFIX + "/common#parameterError";
/**
* API function unknown.
*/
public static final String UNKNOWN_API = APP_PREFIX + "/common#unknownAPIFunction";
/**
* Framework or layer not initialised.
*/
public static final String NOT_INITIALIZED = APP_PREFIX + "/common#notInitialized";
/**
* Warning indicating termination of an active session.
*/
public static final String CON_DISCONNECT = APP_PREFIX + "/common#warningConnectionDisconnected";
/**
* Warning indicating termination of an active session.
*/
public static final String SESS_TERMINATED = APP_PREFIX + "/common#SessionTerminatedWarning";
/**
* Parameter error.
* There was some problem with a provided or omitted parameter.
*/
public static final String INCORRECT_PARM = APP_PREFIX + "/common#incorrectParameter";
public static final String COMMUNICATION_ERROR = APP_PREFIX + "/common#communicationError";
......@@ -157,10 +184,25 @@ public class ECardConstants {
*/
public static class CIF {
/**
* CardInfo file cannot be added.
*/
public static final String ADD_NOT_POSSIBLE = APP_CIF_PREFIX + "addNotPossible";
/**
* CardInfo file does not exist.
*/
public static final String NOT_EXISTING = APP_CIF_PREFIX + "notExisting";
/**
* CardInfo file cannot be deleted.
*/
public static final String DEL_NOT_POSSIBLE = APP_CIF_PREFIX + "deleteNotPossible";
/**
* The CardInfo file already exists.
*/
public static final String ALREADY_EXISTING = APP_CIF_PREFIX + "alreadyExisting";
/**
* The CardInfo file is incorrect.
*/
public static final String INCORRECT_FILE = APP_CIF_PREFIX + "incorrectFile";
};
......@@ -171,11 +213,29 @@ public class ECardConstants {
*/
public static class FW {
/**
* Update service is not accessible.
*/
public static final String SERVICE_NA = APP_FW_PREFIX + "serviceNotAvailable";
/**
* Unknown module.
*/
public static final String UNKNOWN_MODULE = APP_FW_PREFIX + "unknownModule";
/**
* Invalid version number for module.
*/
public static final String INVALID_VERSION = APP_FW_PREFIX + "invalidVersionNumber";
/**
* Operating system not supported.
*/
public static final String OS_NOT_SUPPORTED = APP_FW_PREFIX + "operationSystemNotSupported";
/**
* No available space.
*/
public static final String NO_SPACE = APP_FW_PREFIX + "noSpaceAvailable";
/**
* Access denied.
*/
public static final String SEC_NOT_SATISFIED = APP_FW_PREFIX + "securityConditionsNotSatisfied";
};
......@@ -187,9 +247,21 @@ public class ECardConstants {
*/
public static class IFD {
/**
* The card terminal configuration cannot be written.
*/
public static final String WRITE_CONF_IMPOSS = APP_IFD_PREFIX + "writeConfigurationNotPossible";
/**
* The card terminal cannot be added.
*/
public static final String COULD_NOT_ADD = APP_IFD_PREFIX + "couldNotAdd";
/**
* The card terminal cannot be deleted.
*/
public static final String DEL_IMPOSS = APP_IFD_PREFIX + "deleteNotPossible";
/**
* The card terminal already exists.
*/
public static final String ADD_IMPOSS = APP_IFD_PREFIX + "addNotPossible";
};
......@@ -200,9 +272,21 @@ public class ECardConstants {
*/
public static class Viewer {
/**
* The trusted viewer cannot be deleted.
*/
public static final String DEL_IMPOSS = APP_TV_PREFIX + "deleteNotPossible";
/**
* Invalid TrustedViewerId.
*/
public static final String INVALID_ID = APP_TV_PREFIX + "invalidID";
/**
* Invalid configuration information for the trusted viewer.
*/
public static final String INVALID_CONF = APP_TV_PREFIX + "invalidConfiguration";
/**
* The trusted viewer already exists with the entered ID.
*/
public static final String EXISTING = APP_TV_PREFIX + "alreadyExisting";
};
......@@ -214,6 +298,11 @@ public class ECardConstants {
*/
public static class TSL {
/**
* TSLSequenceNumber has been ignored.
* As only a {@code TSLSequenceNumber} but no {@code SchemeName} has been specified, the
* {@code TSLSequenceNumber}-element has been ignored.
*/
public static final String SEQNUM_IGNORED = APP_TSL_PREFIX + "TSLSequenceNumberIgnoredWarning";
};
......@@ -229,15 +318,40 @@ public class ECardConstants {
private static final String DP_PREFIX = MINOR_PREFIX + "dp";
/**
* Time exceeded (timeout).
* The operation was terminated as the set time was exceeded.
*/
public static final String TIMEOUT = DP_PREFIX + "#timeoutError";
public static final String UNKNOWN_CHANNEL_HANDLE = DP_PREFIX + "#unknownChannelHandle";
/**
* Communication error.
*/
public static final String COMM_ERROR = DP_PREFIX + "#communicationError";
/**
* Failure to open a trusted channel.
*/
public static final String CHANNEL_ESTABLISHMENT_FAILED = DP_PREFIX + "#trustedChannelEstablishmentFailed";
/**
* Unknown protocol.
*/
public static final String UNKOWN_PROTOCOL = DP_PREFIX + "#unknownProtocol";
/**
* Unknown cipher suite.
*/
public static final String UNKNOWN_CIPHER = DP_PREFIX + "#unknownCipherSuite";
/**
* Unknown web service binding.
*/
public static final String UNKNOWN_BINDING = DP_PREFIX + "#unknownWebserviceBinding";
/**
* Node not reachable.
*/
public static final String NODE_NOT_REACHABLE = DP_PREFIX + "#nodeNotReachable";
// this one is mentioned in EstablishContexResponse TR-03112-6
/**
* Invalid channel handle.
*/
public static final String INVALID_CHANNEL_HANDLE = DP_PREFIX + "#invalidChannelHandle";
};
......@@ -264,7 +378,13 @@ public class ECardConstants {
*/
public static class Algorithm {
/**
* Stated hash algorithm is not supported.
*/
public static final String HASH_NOT_SUPPORTED = ALG_PFX + "hashAlgorithmNotSupported";
/**
* The stated signature algorithm is not supported.
*/
public static final String SIG_NOT_SUPPORTED = ALG_PFX + "signatureAlgorithmNotSupported";
};
......@@ -276,11 +396,29 @@ public class ECardConstants {
*/
public static class CertificateRequest {
/**
* Unknown attribute in the certificate application.
*/
public static final String UNKNOWN_ATTR = CR_PFX + "unknownAttribute";
/**
* Generation of the certificate application failed.
*/
public static final String CREATION_FAILED = CR_PFX + "creationOfCertificateRequestFailed";
/**
* Submission of the certificate application failed.
*/
public static final String SUBMISSION_FAILED = CR_PFX + "submissionFailed";
/**
* Unknown transaction identifier.
*/
public static final String UNKOWN_TRANSACTION = CR_PFX + "unknownTransactionID";
/**
* Not possible to collect the certificate.
*/
public static final String DOWNLOAD_FAILED = CR_PFX + "certificateDownloadFailed";
/**
* No subject specified in request.
*/
public static final String SUBJECT_MISSING = CR_PFX + "subjectMissing";
};
......@@ -292,8 +430,17 @@ public class ECardConstants {
*/
public static class Encryption {
/**
* Specific nodes can only be encrypted in case of an XML document.
*/
public static final String NODES_ENC = ENC_PFX + "encryptionOfCertainNodesOnlyForXMLDocuments";
/**
* The encryption format is not supported.
*/
public static final String FORMAT_NOT_SUPPORTED = ENC_PFX + "encryptionFormatNotSupported";
/**
* The encryption certificate of an intended recipient is invalid.
*/
public static final String INVALID_CERT = ENC_PFX + "invalidCertificate";
};
......@@ -305,7 +452,13 @@ public class ECardConstants {
*/
public static class Key {
/**
* Key generation is not possible.
*/
public static final String KEYGEN_NOT_POSSIBLE = KEY_PFX + "keyGenerationNotPossible";