better handling of defect card

ssa-server/sam/src/main/java/reqesidta/sam/cert/rest/CertEndpoint.java

@@ -81,6 +81,13 @@ public class CertEndpoint {
 			// create certificate request with user data from session,
 			// a generated user public key and sign it  with the sam specific private key 
 			UserEIDIdentity user = session.getUserEIDIdentity();
+			//check for valid user eid
+			if (user.getGivenNames() == null) {
+				throw new Exception("user lastnames is null!");
+			}
+			if (user.getLastNames() == null) {
+				throw new Exception("user lastnames is null!");
+			}
 			msg = csrFac.createCSR(userKeyPair.getPublic(),
 					samPrivKey,
 					samCert,

ssa-server/sam/src/main/java/reqesidta/sam/cert/utils/CSRFactory.java

@@ -90,26 +90,13 @@ public class CSRFactory {
 		x500NameBld.addRDN(BCStyle.CN, new DERPrintableString(caIssuerName));
 		X500Name issuerDN = x500NameBld.build();
 		x500NameBld = new X500NameBuilder(BCStyle.INSTANCE);
-		//TODO: if card comes with data like foreign names, seems like parsing and setting
-		//users data in session fails, this should be fixed. As a quickhack we hardcode testdata here.
-		if (givenname==null) {
-			givenname="Max";
-		}
-		if (surname==null) {
-			surname="Mustermann";
-		}
 		x500NameBld.addRDN(BCStyle.CN, new DERPrintableString(givenname + " " + surname));
 		x500NameBld.addRDN(BCStyle.GIVENNAME, new DERPrintableString(givenname));
 		x500NameBld.addRDN(BCStyle.SURNAME, new DERPrintableString(surname));
-		if (birthname==null) {
-			birthname="Mustermann";
-		}
-		x500NameBld.addRDN(BCStyle.NAME_AT_BIRTH, new DERPrintableString(birthname));
-		if (dateOfBirth!=null) {
-			x500NameBld.addRDN(BCStyle.DATE_OF_BIRTH, new Time(dateOfBirth));
-		} else {
-			x500NameBld.addRDN(BCStyle.DATE_OF_BIRTH, new Time(new Date(100, 01, 01, 00, 00, 00)));
+		if (birthname!=null) {
+			x500NameBld.addRDN(BCStyle.NAME_AT_BIRTH, new DERPrintableString(birthname));
 		}
+		x500NameBld.addRDN(BCStyle.DATE_OF_BIRTH, new Time(dateOfBirth));
 		X500Name subjectDN = x500NameBld.build();
 	    GeneralName recipient = new GeneralName(issuerDN);
 		GeneralName sender = new GeneralName(subjectDN);

ssa-server/sam/src/main/java/reqesidta/sam/eac/apdu/util/APDUAnalyzer.java

@@ -6,24 +6,12 @@
 package reqesidta.sam.eac.apdu.util;
 
 import de.governikus.eumw.poseidas.cardbase.asn1.ASN1;
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.Files;
 import java.text.ParseException;
-import java.util.Enumeration;
-import java.util.UUID;
-import java.util.zip.DataFormatException;
-import java.util.zip.Inflater;
+import java.util.Base64;
 import javax.smartcardio.ResponseAPDU;
-import org.bouncycastle.asn1.ASN1OctetString;
 import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.ASN1String;
 import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
 import org.bouncycastle.asn1.DERUTF8String;
 import org.bouncycastle.asn1.DLApplicationSpecific;
 import org.jboss.logging.Logger;
@@ -59,42 +47,46 @@ public class APDUAnalyzer {
 			if (resp.getSW() == SW_SUCCESS || resp.getSW() == SW_EOF) {
 
 				ASN1 asn1 = new ASN1(resp.getBytes());
+				LOG.debug("raw response bytes as base 64 string:"+Base64.getEncoder().encodeToString(resp.getBytes()));
 
 				ASN1Primitive instance = ASN1TaggedObject.fromByteArray(asn1.getEncoded());
 
 				if (instance instanceof DLApplicationSpecific) {
 					int tag = ((DLApplicationSpecific) instance).getApplicationTag();
 					byte[] contents = ((DLApplicationSpecific) instance).getContents();
-
 					ASN1Primitive obj = DERUTF8String.fromByteArray(contents);
-
 					if (obj instanceof ASN1String) {
 						String respStr = ((ASN1String) obj).getString();
 						LOG.info("Found String in responseAPDU: " + respStr + " with TAG: " + tag);
 						switch(tag) {
 							case TAG_GIVEN_NAMES:
+								LOG.info("setting GivenNames");
 								session.getUserEIDIdentity().setGivenNames(respStr);
 								break;
 							case TAG_FAMILY_NAMES:
+								LOG.info("setting LastNames");
 								session.getUserEIDIdentity().setLastNames(respStr);
 								break;
 							case TAG_BIRTH_NAME:
+								LOG.info("setting BirthNames");
 								session.getUserEIDIdentity().setBirthName(respStr);
 								break;
 							case TAG_DATE_OF_BIRTH:
 								try {
+									LOG.info("setting DateOfBirth");
 									session.getUserEIDIdentity().setDateOfBirth(respStr);
 								} catch (ParseException ex) {
 									throw new RuntimeException(ex);
 								}
 								break;
 						}
-						LOG.debug("Current Identity: " + session.getUserEIDIdentity());
+						LOG.info("Current Identity: " + session.getUserEIDIdentity());
 					}
 				}
 			}
 		} catch(Exception ex) {
-			LOG.debug("Can't parse respCMD", ex);
+			LOG.info("Can't parse respCMD", ex);
+
 			return;
 		}
 	}

ssa-server/sam/src/main/java/reqesidta/sam/eac/rest/EACEndpoint.java

@@ -180,17 +180,23 @@ public class EACEndpoint {
 		LOG.info("decryptAPDU: " + sessionId);
 		Session session = getSessionOrThrowNotFound(sessionId);
 
+		LOG.info("create response ...");
 		ResponseAPDU respAPDU = new ResponseAPDU(apdu.apdu);
 
 		AESSecureMessaging sm = new AESSecureMessaging(session.getAESKeyMaterial().get());
 		ResponseAPDU decipherCommand;
 		try {
+			LOG.info("decipher response ...");
 			decipherCommand = sm.decipherResponse(respAPDU, apdu.cmdIndex, apdu.totalCmds);
 
+			LOG.info("analyze ...");
 			new APDUAnalyzer(session).analyzeResponseAPDU(decipherCommand);
 
+			LOG.info("return  ...");
 			return new APDU(decipherCommand.getBytes());
-		} catch (SecureMessagingException ex) {
+		//} catch (SecureMessagingException ex) {
+		} catch (Exception ex) {
+			LOG.info("Exception!");
 			throw new WebApplicationException(ex, Response.Status.INTERNAL_SERVER_ERROR);
 		}
 	}