From c967e893f05ee3a91ace757346ef534436efc287 Mon Sep 17 00:00:00 2001 From: Petr Dvorak Date: Tue, 8 Aug 2017 20:44:25 +0200 Subject: [PATCH] Add check for possesion factor on signature validation failure count update --- .../behavior/SignatureServiceBehavior.java | 27 +++++++++++++------ 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/SignatureServiceBehavior.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/SignatureServiceBehavior.java index 4ac3afcfe..230e6b33e 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/SignatureServiceBehavior.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/SignatureServiceBehavior.java @@ -27,6 +27,7 @@ import io.getlime.security.powerauth.app.server.repository.model.entity.ApplicationVersionEntity; import io.getlime.security.powerauth.app.server.service.util.ModelUtil; import io.getlime.security.powerauth.crypto.lib.config.PowerAuthConfiguration; +import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes; import io.getlime.security.powerauth.crypto.server.keyfactory.PowerAuthServerKeyFactory; import io.getlime.security.powerauth.crypto.server.signature.PowerAuthServerSignature; import io.getlime.security.powerauth.provider.CryptoProviderUtil; @@ -115,10 +116,12 @@ public VerifySignatureResponse verifySignature(String activationId, String signa activation.setCounter(activation.getCounter() + 1); // Update failed attempts and block the activation, if necessary - activation.setFailedAttempts(activation.getFailedAttempts() + 1); - Long remainingAttempts = (activation.getMaxFailedAttempts() - activation.getFailedAttempts()); - if (remainingAttempts <= 0) { - activation.setActivationStatus(ActivationStatus.BLOCKED); + if (notPossessionFactorSignature(signatureType)) { + activation.setFailedAttempts(activation.getFailedAttempts() + 1); + Long remainingAttempts = (activation.getMaxFailedAttempts() - activation.getFailedAttempts()); + if (remainingAttempts <= 0) { + activation.setActivationStatus(ActivationStatus.BLOCKED); + } } // Update the last used date @@ -177,7 +180,9 @@ public VerifySignatureResponse verifySignature(String activationId, String signa activation.setCounter(lowestValidCounter + 1); // Reset failed attempt count - activation.setFailedAttempts(0L); + if (notPossessionFactorSignature(signatureType)) { + activation.setFailedAttempts(0L); + } // Update the last used date activation.setTimestampLastUsed(currentTimestamp); @@ -202,9 +207,11 @@ public VerifySignatureResponse verifySignature(String activationId, String signa // Increment the activation record counter activation.setCounter(activation.getCounter() + 1); - // Update failed attempts and block the activation, if - // necessary - activation.setFailedAttempts(activation.getFailedAttempts() + 1); + // Update failed attempts and block the activation, if necessary + if (notPossessionFactorSignature(signatureType)) { + activation.setFailedAttempts(activation.getFailedAttempts() + 1); + } + Long remainingAttempts = (activation.getMaxFailedAttempts() - activation.getFailedAttempts()); if (remainingAttempts <= 0) { activation.setActivationStatus(ActivationStatus.BLOCKED); @@ -271,4 +278,8 @@ public VerifySignatureResponse verifySignature(String activationId, String signa } } + private boolean notPossessionFactorSignature(String signatureType) { + return signatureType != null && !signatureType.equals(PowerAuthSignatureTypes.POSSESSION.toString()); + } + }