tool: Rework command classes

This allows waiting for cards and splits things like SCP more nicely.

Disadvantage is that we now have an inheritance chain going on that is
hard to compose with.

Author: promovicz

tool/src/main/java/org/openjavacard/tool/command/base/BasicCardCommand.java

@@ -0,0 +1,40 @@
+package org.openjavacard.tool.command.base;
+
+import com.beust.jcommander.Parameter;
+
+import javax.smartcardio.Card;
+import javax.smartcardio.CardChannel;
+
+public abstract class BasicCardCommand extends BasicTerminalCommand {
+
+    @Parameter(
+            names = "--wait-for-card", order = 100,
+            description = "Wait for card presence before start"
+    )
+    protected boolean aWaitForCard;
+
+    protected Card mCard;
+    protected CardChannel mBasicChannel;
+
+    @Override
+    protected void prepare() throws Exception {
+        // super will prepare the terminal
+        super.prepare();
+        // wait for card presence if requested
+        if(aWaitForCard) {
+            while(!mTerminal.isCardPresent()) {
+                LOG.debug("Waiting for card...");
+                mTerminal.waitForCardPresent(5000);
+            }
+        }
+        // final check for card presence
+        if(!mTerminal.isCardPresent()) {
+            throw new Error("No card present in terminal");
+        }
+        // connect to the card
+        LOG.debug("Connecting to card");
+        mCard = mTerminal.connect("*");
+        mBasicChannel = mCard.getBasicChannel();
+    }
+
+}

tool/src/main/java/org/openjavacard/tool/command/base/BasicCommand.java

@@ -0,0 +1,56 @@
+package org.openjavacard.tool.command.base;
+
+import com.beust.jcommander.Parameter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public abstract class BasicCommand implements Runnable {
+
+    @Parameter(
+            names = {"--help", "-h"}, order = 50,
+            description = "Show help"
+    )
+    protected boolean aHelp;
+
+    protected final Logger LOG;
+
+    public BasicCommand() {
+        LOG = LoggerFactory.getLogger(getClass());
+    }
+
+    @Override
+    public void run() {
+        LOG.trace("run()");
+        try {
+            prepare();
+            beforeExecute();
+            execute();
+            afterExecute();
+        } catch (HelpException e) {
+            throw new Error("Help not implemented");
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+
+    protected void prepare() throws Exception {
+        LOG.trace("prepare()");
+        // abort and show help if requested
+        if(aHelp) {
+            throw new HelpException(this);
+        }
+    }
+
+    protected void beforeExecute() throws Exception {
+        LOG.trace("beforeExecute()");
+    }
+
+    protected void execute() throws Exception {
+        LOG.trace("execute()");
+    }
+
+    protected void afterExecute() throws Exception {
+        LOG.trace("afterExecute()");
+    }
+
+}

tool/src/main/java/org/openjavacard/tool/command/base/BasicGPCommand.java

@@ -0,0 +1,107 @@
+package org.openjavacard.tool.command.base;
+
+import com.beust.jcommander.Parameter;
+import org.openjavacard.gp.client.GPCard;
+import org.openjavacard.gp.client.GPContext;
+import org.openjavacard.gp.keys.GPKeySet;
+import org.openjavacard.gp.scp.SCPProtocolPolicy;
+import org.openjavacard.iso.AID;
+import org.openjavacard.util.HexUtil;
+
+import javax.smartcardio.CardException;
+import java.io.PrintStream;
+
+public abstract class BasicGPCommand extends BasicSCPCommand {
+
+    @Parameter(
+            names = "--isd", order = 200,
+            description = "AID of the issuer security domain"
+    )
+    protected AID isd;
+
+    @Parameter(
+            names = "--force-protected", order = 800,
+            description = "Force operation on protected object"
+    )
+    protected boolean forceProtected = false;
+
+    @Parameter(
+            names = "--log-keys", order = 900,
+            description = "Allow writing keys into the debug log"
+    )
+    protected boolean logKeys = false;
+
+    GPContext mContext;
+    GPCard mCard;
+
+    protected abstract void performOperation(GPContext context, GPCard card) throws CardException;
+
+    @Override
+    protected void beforeExecute() throws Exception {
+        super.beforeExecute();
+
+        PrintStream os = System.out;
+
+        mContext = new GPContext();
+        mCard = findSingleGPCard(isd, getKeySet());
+
+        AID isdConf = mCard.getISD();
+        os.println("Host GP configuration:");
+        os.println("  ISD " + ((isdConf==null)?"auto":isdConf));
+        int protocol = HexUtil.unsigned8(scpProtocol);
+        int parameters = HexUtil.unsigned8(scpParameters);
+        SCPProtocolPolicy protocolPolicy = new SCPProtocolPolicy(protocol, parameters);
+        os.println("  Key diversification " + scpDiversification);
+        mCard.setDiversification(scpDiversification);
+        os.println("  Protocol policy " + protocolPolicy);
+        mCard.setProtocolPolicy(protocolPolicy);
+        os.println("  Security policy " + scpSecurity);
+        mCard.setSecurityPolicy(scpSecurity);
+
+        mCard.connect();
+    }
+
+    @Override
+    protected void execute() throws Exception {
+        super.execute();
+        performOperation(mContext, mCard);
+    }
+
+    @Override
+    protected void afterExecute() throws Exception {
+        super.afterExecute();
+        PrintStream os = System.out;
+
+        os.println("DISCONNECTING");
+        mCard.disconnect();
+        os.println();
+    }
+
+    public GPCard findSingleGPCard(AID sd, GPKeySet keys) {
+        GPCard card;
+        try {
+            // check card presence
+            if (!mTerminal.isCardPresent()) {
+                throw new Error("No card present in terminal");
+            }
+            // create GP client
+            card = new GPCard(mContext, mTerminal);
+            // tell the client if we know the SD AID
+            if(sd != null) {
+                card.setISD(sd);
+            }
+            if(keys != null) {
+                card.setKeys(keys);
+            }
+            // detect GP applet
+            //boolean detected = card.detect();
+            //if (!detected) {
+            //    throw new Error("Could not find a GlobalPlatform applet on the card");
+            //}
+        } catch (CardException e) {
+            throw new Error("Error detecting card", e);
+        }
+        return card;
+    }
+
+}

tool/src/main/java/org/openjavacard/tool/command/base/BasicSCPCommand.java

@@ -0,0 +1,112 @@
+package org.openjavacard.tool.command.base;
+
+import com.beust.jcommander.Parameter;
+import com.beust.jcommander.validators.PositiveInteger;
+import org.openjavacard.gp.keys.GPKey;
+import org.openjavacard.gp.keys.GPKeyCipher;
+import org.openjavacard.gp.keys.GPKeyDiversification;
+import org.openjavacard.gp.keys.GPKeyId;
+import org.openjavacard.gp.keys.GPKeySet;
+import org.openjavacard.gp.keys.GPKeyUsage;
+import org.openjavacard.gp.keys.GPKeyVersion;
+import org.openjavacard.gp.scp.SCPSecurityPolicy;
+import org.openjavacard.util.HexUtil;
+
+public class BasicSCPCommand extends BasicCardCommand {
+
+    @Parameter(
+            names = "--scp-diversification", order = 300,
+            description = "Use specified key diversification"
+    )
+    protected GPKeyDiversification scpDiversification = GPKeyDiversification.NONE;
+
+    @Parameter(
+            names = "--scp-protocol", order = 300,
+            description = "Require specified SCP protocol"
+    )
+    protected String scpProtocol = "00";
+
+    @Parameter(
+            names = "--scp-parameters", order = 300,
+            description = "Require specified SCP parameters"
+    )
+    protected String scpParameters = "00";
+
+    @Parameter(
+            names = "--scp-security", order = 300,
+            description = "Require specified SCP security level"
+    )
+    protected SCPSecurityPolicy scpSecurity = SCPSecurityPolicy.CMAC;
+
+    @Parameter(
+            names = "--key-version",
+            description = "User-specified keys: key version (0 means any)",
+            validateWith = PositiveInteger.class
+    )
+    private int scpKeyVersion = 0;
+
+    @Parameter(
+            names = "--key-id",
+            description = "User-specified keys: first key ID (0 means any)",
+            validateWith = PositiveInteger.class
+    )
+    private int scpKeyId = 0;
+
+    @Parameter(
+            names = "--key-cipher",
+            description = "User-specified keys: key cipher"
+    )
+    private GPKeyCipher scpKeyCipher = GPKeyCipher.GENERIC;
+
+    @Parameter(
+            names = "--key-types",
+            description = "User-specified keys: key types (colon-separated)"
+    )
+    private String scpKeyTypes = "MASTER";
+
+    @Parameter(
+            names = "--key-secrets",
+            description = "User-specified keys: secrets (colon-separated)"
+    )
+    private String scpKeySecrets = null;
+
+
+    public GPKeySet getKeySet() {
+        GPKeySet keys = GPKeySet.GLOBALPLATFORM;
+
+        if(scpKeySecrets != null) {
+            keys = buildKeysFromParameters(scpKeyId, scpKeyVersion, scpKeyCipher, scpKeyTypes, scpKeySecrets);
+        }
+
+        return keys;
+    }
+
+    public static GPKeySet buildKeysFromParameters(int keyId, int keyVersion, GPKeyCipher cipher, String types, String secrets) {
+        // XXX this is not comprehensive because of the loop and protocol variations
+        GPKeyId.checkKeyId(keyId);
+        GPKeyVersion.checkKeyVersion(keyVersion);
+        // build a key set
+        GPKeySet keys = new GPKeySet("commandline", keyVersion);
+        // split arguments
+        String[] typeStrings = types.split(":");
+        String[] secretStrings = secrets.split(":");
+        // check lengths of provided arrays
+        if(typeStrings.length != secretStrings.length) {
+            throw new Error("Must provide an equal number of key types and secrets");
+        }
+        // assume number of keys from number of types
+        int numKeys = typeStrings.length;
+        for(int i = 0; i < numKeys; i++) {
+            GPKeyUsage usage = GPKeyUsage.valueOf(typeStrings[i]);
+            byte[] secret = HexUtil.hexToBytes(secretStrings[i]);
+            byte id = (byte)(keyId + i);
+            if(usage == GPKeyUsage.MASTER) {
+                id = 0;
+            }
+            GPKey key = new GPKey(id, usage, cipher, secret);
+            keys.putKey(key);
+        }
+        return keys;
+    }
+
+}

tool/src/main/java/org/openjavacard/tool/command/base/BasicTerminalCommand.java

@@ -0,0 +1,63 @@
+package org.openjavacard.tool.command.base;
+
+import com.beust.jcommander.Parameter;
+
+import javax.smartcardio.CardException;
+import javax.smartcardio.CardTerminal;
+import javax.smartcardio.CardTerminals;
+import javax.smartcardio.TerminalFactory;
+import java.util.ArrayList;
+import java.util.List;
+
+public abstract class BasicTerminalCommand extends BasicCommand {
+
+    @Parameter(
+            names = "--terminal", order = 100,
+            description = "Terminal to use for the operation (unique prefix)"
+    )
+    protected String aTerminal = null;
+
+    protected CardTerminal mTerminal = null;
+
+    @Override
+    protected void prepare() throws Exception {
+        super.prepare();
+        mTerminal = findTerminal(aTerminal);
+    }
+
+    private CardTerminal findTerminal(String prefix) {
+        LOG.trace("findTerminal()");
+        List<CardTerminal> terminals = findTerminals(prefix);
+        if (terminals.isEmpty()) {
+            throw new Error("No terminals found");
+        } else if (terminals.size() > 1) {
+            if (prefix == null) {
+                throw new Error("More than one terminal found");
+            } else {
+                throw new Error("More than one terminal found matching \"" + prefix + "\"");
+            }
+        }
+        return terminals.get(0);
+    }
+
+    private List<CardTerminal> findTerminals(String prefix) {
+        LOG.trace("findTerminals()");
+        ArrayList<CardTerminal> found = new ArrayList<>();
+        TerminalFactory tf = TerminalFactory.getDefault();
+        CardTerminals ts = tf.terminals();
+        try {
+            List<CardTerminal> terminals = ts.list();
+            for (CardTerminal terminal : terminals) {
+                String name = terminal.getName();
+                LOG.trace("terminal \"" + name + "\"");
+                if (prefix == null || name.startsWith(prefix)) {
+                    found.add(terminal);
+                }
+            }
+        } catch (CardException e) {
+            throw new Error("Error detecting terminals", e);
+        }
+        return found;
+    }
+
+}

tool/src/main/java/org/openjavacard/tool/command/base/HelpException.java

@@ -0,0 +1,10 @@
+package org.openjavacard.tool.command.base;
+
+public class HelpException extends Exception {
+
+    private BasicCommand mCommand;
+
+    public HelpException(BasicCommand command) {
+    }
+
+}