1 /*! 2 * \brief Authentication context. 3 * 4 * \copyright Copyright (c) 2014-2021 Governikus GmbH & Co. KG, Germany 5 */ 6 7 #pragma once 8 9 #include "asn1/CVCertificate.h" 10 #include "asn1/CVCertificateChainBuilder.h" 11 #include "ActivationContext.h" 12 #include "context/AccessRightManager.h" 13 #include "context/WorkflowContext.h" 14 #include "NetworkManager.h" 15 #include "paos/invoke/DidAuthenticateResponseEac1.h" 16 #include "paos/invoke/DidAuthenticateResponseEac2.h" 17 #include "paos/invoke/DidListResponse.h" 18 #include "paos/invoke/DisconnectResponse.h" 19 #include "paos/invoke/InitializeFrameworkResponse.h" 20 #include "paos/invoke/StartPaos.h" 21 #include "paos/invoke/TransmitResponse.h" 22 #include "paos/retrieve/DidAuthenticateEac1.h" 23 #include "paos/retrieve/DidAuthenticateEac2.h" 24 #include "paos/retrieve/DidAuthenticateEacAdditional.h" 25 #include "paos/retrieve/DidList.h" 26 #include "paos/retrieve/Disconnect.h" 27 #include "paos/retrieve/InitializeFramework.h" 28 #include "paos/retrieve/StartPaosResponse.h" 29 #include "paos/retrieve/Transmit.h" 30 #include "TcToken.h" 31 #include "UrlUtil.h" 32 33 #include <QDebug> 34 #include <QPointer> 35 #include <QSharedPointer> 36 #include <QSslCertificate> 37 #include <QUrl> 38 39 class test_StateRedirectBrowser; 40 class test_StatePreVerification; 41 class test_StateCertificateDescriptionCheck; 42 43 namespace governikus 44 { 45 class TestAuthContext; 46 47 class AuthContext 48 : public WorkflowContext 49 { 50 Q_OBJECT 51 52 private: 53 friend class ::test_StateRedirectBrowser; 54 friend class ::test_StatePreVerification; 55 friend class ::test_StateProcessCertificatesFromEac2; 56 friend class ::test_StateCertificateDescriptionCheck; 57 friend class TestAuthContext; 58 59 int mProgressValue; 60 QString mProgressMessage; 61 bool mTcTokenNotFound; 62 bool mErrorReportedToServer; 63 bool mSkipRedirect; 64 65 QSharedPointer<ActivationContext> mActivationContext; 66 QUrl mTcTokenUrl; 67 QSharedPointer<const TcToken> mTcToken; 68 QUrl mRefreshUrl; 69 QString mReceivedMessageId; 70 QSharedPointer<StartPaos> mStartPaos; 71 QSharedPointer<InitializeFramework> mInitializeFramework; 72 QSharedPointer<InitializeFrameworkResponse> mInitializeFrameworkResponse; 73 QSharedPointer<DIDList> mDIDList; 74 QSharedPointer<DIDListResponse> mDIDListResponse; 75 QSharedPointer<DIDAuthenticateEAC1> mDIDAuthenticateEAC1; 76 QSharedPointer<DIDAuthenticateResponseEAC1> mDIDAuthenticateResponseEAC1; 77 QSharedPointer<DIDAuthenticateEAC2> mDIDAuthenticateEAC2; 78 QSharedPointer<DIDAuthenticateResponseEAC2> mDIDAuthenticateResponseEACAdditionalInputType; 79 QSharedPointer<DIDAuthenticateEACAdditional> mDIDAuthenticateEACAdditionalInputType; 80 QSharedPointer<DIDAuthenticateResponseEAC2> mDIDAuthenticateResponseEAC2; 81 QVector<QSharedPointer<Transmit>> mTransmits; 82 QVector<QSharedPointer<TransmitResponse>> mTransmitResponses; 83 QSharedPointer<Disconnect> mDisconnect; 84 QSharedPointer<DisconnectResponse> mDisconnectResponse; 85 QSharedPointer<StartPaosResponse> mStartPaosResponse; 86 QSharedPointer<AccessRightManager> mAccessRightManager; 87 QMultiMap<QUrl, QSslCertificate> mCertificates; 88 QSharedPointer<const CVCertificate> mDvCvc; 89 CVCertificateChainBuilder mCvcChainBuilderProd, mCvcChainBuilderTest; 90 QByteArray mSslSession; 91 92 Q_SIGNALS: 93 void fireProgressChanged(); 94 void fireDidAuthenticateEac1Changed(); 95 void fireAccessRightManagerCreated(QSharedPointer<AccessRightManager> pAccessRightManager); 96 97 public: 98 explicit AuthContext(const QSharedPointer<ActivationContext>& pActivationContext); 99 isErrorReportedToServer()100 [[nodiscard]] bool isErrorReportedToServer() const 101 { 102 return mErrorReportedToServer; 103 } 104 105 setErrorReportedToServer(bool pErrorReportedToServer)106 void setErrorReportedToServer(bool pErrorReportedToServer) 107 { 108 mErrorReportedToServer = pErrorReportedToServer; 109 } 110 111 getProgressValue()112 [[nodiscard]] int getProgressValue() const 113 { 114 return mProgressValue; 115 } 116 117 getProgressMessage()118 [[nodiscard]] const QString getProgressMessage() const 119 { 120 return mProgressMessage; 121 } 122 123 124 void setProgress(int pValue, const QString& pMessage); 125 126 isTcTokenNotFound()127 [[nodiscard]] bool isTcTokenNotFound() const 128 { 129 return mTcTokenNotFound; 130 } 131 132 setTcTokenNotFound(bool pTcTokenNotFound)133 void setTcTokenNotFound(bool pTcTokenNotFound) 134 { 135 mTcTokenNotFound = pTcTokenNotFound; 136 } 137 138 isSkipRedirect()139 [[nodiscard]] bool isSkipRedirect() const 140 { 141 return mSkipRedirect; 142 } 143 144 setSkipRedirect(bool pSkipRedirect)145 void setSkipRedirect(bool pSkipRedirect) 146 { 147 mSkipRedirect = pSkipRedirect; 148 } 149 150 getCertificateList()151 [[nodiscard]] QList<QSslCertificate> getCertificateList() const 152 { 153 return mCertificates.values(); 154 } 155 156 containsCertificateFor(const QUrl & pUrl)157 [[nodiscard]] bool containsCertificateFor(const QUrl& pUrl) const 158 { 159 return mCertificates.contains(UrlUtil::getUrlOrigin(pUrl)); 160 } 161 162 addCertificateData(const QUrl & pUrl,const QSslCertificate & pCert)163 void addCertificateData(const QUrl& pUrl, const QSslCertificate& pCert) 164 { 165 QUrl originUrl = UrlUtil::getUrlOrigin(pUrl); 166 qDebug() << "Adding certificate CN=" << pCert.subjectInfo(QSslCertificate::CommonName) << "SN=" << pCert.serialNumber() << "for URL origin" << originUrl; 167 mCertificates.insert(originUrl, pCert); 168 } 169 170 getActivationContext()171 [[nodiscard]] ActivationContext* getActivationContext() const 172 { 173 return mActivationContext.data(); 174 } 175 176 getTcTokenUrl()177 [[nodiscard]] const QUrl& getTcTokenUrl() const 178 { 179 return mTcTokenUrl; 180 } 181 182 setTcTokenUrl(const QUrl & pTcTokenUrl)183 void setTcTokenUrl(const QUrl& pTcTokenUrl) 184 { 185 mTcTokenUrl = pTcTokenUrl; 186 } 187 188 getTcToken()189 [[nodiscard]] const QSharedPointer<const TcToken>& getTcToken() const 190 { 191 return mTcToken; 192 } 193 194 setTcToken(const QSharedPointer<const TcToken> & pTcToken)195 void setTcToken(const QSharedPointer<const TcToken>& pTcToken) 196 { 197 mTcToken = pTcToken; 198 } 199 200 getReceivedMessageId()201 [[nodiscard]] const QString& getReceivedMessageId() const 202 { 203 return mReceivedMessageId; 204 } 205 206 setReceivedMessageId(const QString & pReceivedMessageId)207 void setReceivedMessageId(const QString& pReceivedMessageId) 208 { 209 mReceivedMessageId = pReceivedMessageId; 210 } 211 212 getRefreshUrl()213 [[nodiscard]] const QUrl& getRefreshUrl() const 214 { 215 return mRefreshUrl; 216 } 217 218 setRefreshUrl(const QUrl & pRefreshUrl)219 void setRefreshUrl(const QUrl& pRefreshUrl) 220 { 221 mRefreshUrl = pRefreshUrl; 222 } 223 224 getDidAuthenticateEac1()225 [[nodiscard]] const QSharedPointer<DIDAuthenticateEAC1>& getDidAuthenticateEac1() const 226 { 227 return mDIDAuthenticateEAC1; 228 } 229 230 setDidAuthenticateEac1(const QSharedPointer<DIDAuthenticateEAC1> & pDIDAuthenticateEAC1)231 void setDidAuthenticateEac1(const QSharedPointer<DIDAuthenticateEAC1>& pDIDAuthenticateEAC1) 232 { 233 mDIDAuthenticateEAC1 = pDIDAuthenticateEAC1; 234 Q_EMIT fireDidAuthenticateEac1Changed(); 235 } 236 237 getDidAuthenticateEac2()238 [[nodiscard]] const QSharedPointer<DIDAuthenticateEAC2>& getDidAuthenticateEac2() const 239 { 240 return mDIDAuthenticateEAC2; 241 } 242 243 setDidAuthenticateEac2(const QSharedPointer<DIDAuthenticateEAC2> & pDidAuthenticateEac2)244 void setDidAuthenticateEac2(const QSharedPointer<DIDAuthenticateEAC2>& pDidAuthenticateEac2) 245 { 246 mDIDAuthenticateEAC2 = pDidAuthenticateEac2; 247 } 248 249 getDidAuthenticateResponseEac1()250 [[nodiscard]] const QSharedPointer<DIDAuthenticateResponseEAC1>& getDidAuthenticateResponseEac1() const 251 { 252 return mDIDAuthenticateResponseEAC1; 253 } 254 255 setDidAuthenticateResponseEac1(const QSharedPointer<DIDAuthenticateResponseEAC1> & pDidAuthenticateResponseEac1)256 void setDidAuthenticateResponseEac1(const QSharedPointer<DIDAuthenticateResponseEAC1>& pDidAuthenticateResponseEac1) 257 { 258 mDIDAuthenticateResponseEAC1 = pDidAuthenticateResponseEac1; 259 } 260 261 getDidAuthenticateResponseEacAdditionalInputType()262 [[nodiscard]] const QSharedPointer<DIDAuthenticateResponseEAC2>& getDidAuthenticateResponseEacAdditionalInputType() const 263 { 264 return mDIDAuthenticateResponseEACAdditionalInputType; 265 } 266 267 setDidAuthenticateResponseEacAdditionalInputType(const QSharedPointer<DIDAuthenticateResponseEAC2> & pDidAuthenticateResponseEacAdditionalInputType)268 void setDidAuthenticateResponseEacAdditionalInputType(const QSharedPointer<DIDAuthenticateResponseEAC2>& pDidAuthenticateResponseEacAdditionalInputType) 269 { 270 mDIDAuthenticateResponseEACAdditionalInputType = pDidAuthenticateResponseEacAdditionalInputType; 271 } 272 273 getDidAuthenticateEacAdditional()274 [[nodiscard]] const QSharedPointer<DIDAuthenticateEACAdditional>& getDidAuthenticateEacAdditional() const 275 { 276 return mDIDAuthenticateEACAdditionalInputType; 277 } 278 279 setDidAuthenticateEacAdditional(const QSharedPointer<DIDAuthenticateEACAdditional> & pDidAuthenticateEacAdditionalInputType)280 void setDidAuthenticateEacAdditional(const QSharedPointer<DIDAuthenticateEACAdditional>& pDidAuthenticateEacAdditionalInputType) 281 { 282 mDIDAuthenticateEACAdditionalInputType = pDidAuthenticateEacAdditionalInputType; 283 } 284 285 getDidAuthenticateResponseEac2()286 [[nodiscard]] const QSharedPointer<DIDAuthenticateResponseEAC2>& getDidAuthenticateResponseEac2() const 287 { 288 return mDIDAuthenticateResponseEAC2; 289 } 290 291 setDidAuthenticateResponseEac2(const QSharedPointer<DIDAuthenticateResponseEAC2> & pDidAuthenticateResponseEac2)292 void setDidAuthenticateResponseEac2(const QSharedPointer<DIDAuthenticateResponseEAC2>& pDidAuthenticateResponseEac2) 293 { 294 mDIDAuthenticateResponseEAC2 = pDidAuthenticateResponseEac2; 295 } 296 297 getDidList()298 [[nodiscard]] const QSharedPointer<DIDList>& getDidList() const 299 { 300 return mDIDList; 301 } 302 303 setDidList(const QSharedPointer<DIDList> & pDidList)304 void setDidList(const QSharedPointer<DIDList>& pDidList) 305 { 306 mDIDList = pDidList; 307 } 308 309 getDidListResponse()310 const QSharedPointer<DIDListResponse>& getDidListResponse() 311 { 312 return mDIDListResponse; 313 } 314 315 setDidListResponse(const QSharedPointer<DIDListResponse> & pDidListResponse)316 void setDidListResponse(const QSharedPointer<DIDListResponse>& pDidListResponse) 317 { 318 mDIDListResponse = pDidListResponse; 319 } 320 321 getInitializeFramework()322 [[nodiscard]] const QSharedPointer<InitializeFramework>& getInitializeFramework() const 323 { 324 return mInitializeFramework; 325 } 326 327 setInitializeFramework(const QSharedPointer<InitializeFramework> & pInitializeFramework)328 void setInitializeFramework(const QSharedPointer<InitializeFramework>& pInitializeFramework) 329 { 330 mInitializeFramework = pInitializeFramework; 331 } 332 333 getInitializeFrameworkResponse()334 [[nodiscard]] const QSharedPointer<InitializeFrameworkResponse>& getInitializeFrameworkResponse() const 335 { 336 return mInitializeFrameworkResponse; 337 } 338 339 setInitializeFrameworkResponse(const QSharedPointer<InitializeFrameworkResponse> & pInitializeFrameworkResponse)340 void setInitializeFrameworkResponse(const QSharedPointer<InitializeFrameworkResponse>& pInitializeFrameworkResponse) 341 { 342 mInitializeFrameworkResponse = pInitializeFrameworkResponse; 343 } 344 345 getDisconnect()346 [[nodiscard]] const QSharedPointer<Disconnect>& getDisconnect() const 347 { 348 return mDisconnect; 349 } 350 351 setDisconnect(const QSharedPointer<Disconnect> & pDisconnect)352 void setDisconnect(const QSharedPointer<Disconnect>& pDisconnect) 353 { 354 mDisconnect = pDisconnect; 355 } 356 357 getDisconnectResponse()358 const QSharedPointer<DisconnectResponse>& getDisconnectResponse() 359 { 360 return mDisconnectResponse; 361 } 362 363 setDisconnectResponse(const QSharedPointer<DisconnectResponse> & pDisconnectResponse)364 void setDisconnectResponse(const QSharedPointer<DisconnectResponse>& pDisconnectResponse) 365 { 366 mDisconnectResponse = pDisconnectResponse; 367 } 368 369 getStartPaosResponse()370 [[nodiscard]] const QSharedPointer<StartPaosResponse>& getStartPaosResponse() const 371 { 372 return mStartPaosResponse; 373 } 374 375 setStartPaosResponse(const QSharedPointer<StartPaosResponse> & pStartPaosResponse)376 void setStartPaosResponse(const QSharedPointer<StartPaosResponse>& pStartPaosResponse) 377 { 378 mStartPaosResponse = pStartPaosResponse; 379 } 380 381 getTransmitResponses()382 const QVector<QSharedPointer<TransmitResponse>>& getTransmitResponses() 383 { 384 return mTransmitResponses; 385 } 386 387 addTransmitResponse(const QSharedPointer<TransmitResponse> & pTransmitResponse)388 void addTransmitResponse(const QSharedPointer<TransmitResponse>& pTransmitResponse) 389 { 390 Q_ASSERT(!pTransmitResponse.isNull()); 391 mTransmitResponses += pTransmitResponse; 392 } 393 394 getTransmits()395 const QVector<QSharedPointer<Transmit>>& getTransmits() 396 { 397 return mTransmits; 398 } 399 400 addTransmit(const QSharedPointer<Transmit> & pTransmit)401 void addTransmit(const QSharedPointer<Transmit>& pTransmit) 402 { 403 Q_ASSERT(!pTransmit.isNull()); 404 mTransmits += pTransmit; 405 } 406 407 getAccessRightManager()408 [[nodiscard]] QSharedPointer<AccessRightManager> getAccessRightManager() const 409 { 410 return mAccessRightManager; 411 } 412 413 414 QByteArray encodeEffectiveChat(); 415 416 getStartPaos()417 [[nodiscard]] const QSharedPointer<StartPaos>& getStartPaos() const 418 { 419 return mStartPaos; 420 } 421 422 setStartPaos(const QSharedPointer<StartPaos> & pStartPaos)423 void setStartPaos(const QSharedPointer<StartPaos>& pStartPaos) 424 { 425 mStartPaos = pStartPaos; 426 } 427 428 429 [[nodiscard]] CVCertificateChain getChainStartingWith(const QSharedPointer<const CVCertificate>& pChainRoot) const; 430 431 432 [[nodiscard]] bool hasChainForCertificationAuthority(const EstablishPaceChannelOutput& pPaceOutput) const; 433 434 435 [[nodiscard]] CVCertificateChain getChainForCertificationAuthority(const EstablishPaceChannelOutput& pPaceOutput) const; 436 437 438 void initCvcChainBuilder(const QVector<QSharedPointer<const CVCertificate>>& pAdditionalCertificates = QVector<QSharedPointer<const CVCertificate>>()); 439 440 getDvCvc()441 [[nodiscard]] const QSharedPointer<const CVCertificate>& getDvCvc() const 442 { 443 return mDvCvc; 444 } 445 446 setDvCvc(const QSharedPointer<const CVCertificate> & dvCvc)447 void setDvCvc(const QSharedPointer<const CVCertificate>& dvCvc) 448 { 449 mDvCvc = dvCvc; 450 } 451 452 453 void initAccessRightManager(const QSharedPointer<const CVCertificate>& pTerminalCvc); 454 [[nodiscard]] bool isCanAllowedMode() const override; 455 456 [[nodiscard]] const QByteArray& getSslSession() const; 457 void setSslSession(const QByteArray& pSession); 458 }; 459 460 } // namespace governikus 461