# AA2 diagrams 2021-07-05 ###### tags: `workflow diagram` ## AA2 rough overview This is a rough overview of the AusweisApp2 architecture. It is build to be flexible for user interfaces (graphical or programmatically) and for identity sources. There is currently no way to add a new identity source through the user interfaces, all identity sources are compiled and shipped with the AusweisApp2 (and AusweisApp2 SDK). ```plantuml skinparam componentStyle rectangle package "UIPlugIns" { [AIDL] <--> [JSON] [Websocket] <--> [JSON] [iOS-Framework] <--> [JSON] [QML] } package "Core" { [AppController] <--> [Workflows (Statemachines)] [Workflows (Statemachines)] <--> [ReaderManager] [AppController] <--> [Settings, Certificates etc] } package "ReaderManagerPlugIns" { [ReaderManager] <--> [NFC] [ReaderManager] <--> [SaC] [ReaderManager] <--> [PCSC] } [JSON] <--> [AppController] [QML] <--> [AppController] ``` ## AA2 autogenerated statemachines These graphs shall demonstrate the inner workings of the AusweisApp2 (and AusweisApp2 SDK, as they share the same core). They are autogenerated from the AusweisApp2 source code. They show how the PAOS protocol is implemented. **Controller** are the top statemachine controlling the requested process (here AuthController and ChangePinController). They use simple states and sub statemachines, called **CompositeState**s (here CompositeStateProcessCvcsAndSetRights, CompositeStateTrustedChannel, CompositeStatePace). They are referenced in the Controller and other CompositeStates without the *CompositeState* prefix. ### AuthController ```plantuml hide empty description [*] --> Processing state Final #DarkSeaGreen Processing --> ParseTcTokenUrl : Continue Processing --> CheckRefreshAddress : Abort ParseTcTokenUrl --> TrustedChannel : Continue ParseTcTokenUrl --> CheckRefreshAddress : Abort TrustedChannel --> CheckRefreshAddress : Continue TrustedChannel --> CheckRefreshAddress : Abort CheckRefreshAddress --> ActivateStoreFeedbackDialog : Continue CheckRefreshAddress --> RedirectBrowser : Abort ActivateStoreFeedbackDialog --> WriteHistory : Continue ActivateStoreFeedbackDialog --> WriteHistory : Abort WriteHistory --> SendWhitelistSurvey : Continue WriteHistory --> RedirectBrowser : Abort SendWhitelistSurvey --> RedirectBrowser : Continue SendWhitelistSurvey --> RedirectBrowser : Abort RedirectBrowser --> Final : Continue RedirectBrowser --> Final : Abort ``` ### CompositeStateProcessCvcsAndSetRights ```plantuml hide empty description [*] --> ExtractCvcsFromEac1InputType ExtractCvcsFromEac1InputType --> PreVerification : Continue state Abort #DarkSeaGreen ExtractCvcsFromEac1InputType --> Abort : Abort PreVerification --> CertificateDescriptionCheck : Continue state Abort #DarkSeaGreen PreVerification --> Abort : Abort CertificateDescriptionCheck --> CheckCertificates : Continue state Abort #DarkSeaGreen CertificateDescriptionCheck --> Abort : Abort CheckCertificates --> EditAccessRights : Continue state Abort #DarkSeaGreen CheckCertificates --> Abort : Abort state Continue #DarkSeaGreen EditAccessRights --> Continue : Continue state Abort #DarkSeaGreen EditAccessRights --> Abort : Abort ``` ### CompositeStateTrustedChannel ```plantuml hide empty description [*] --> GetTcToken GetTcToken --> StartPaos : Continue GetTcToken --> CleanUpReaderManager : Abort StartPaos --> SendStartPaos : Continue StartPaos --> CleanUpReaderManager : Abort SendStartPaos --> InitializeFramework : Continue SendStartPaos --> CleanUpReaderManager : Abort SendStartPaos --> DidList : ReceivedDidList SendStartPaos --> ProcessCvcsAndSetRights : ReceivedExtractCvcsFromEac1InputType SendStartPaos --> StartPaosResponse : ReceivedStartPaosResponse InitializeFramework --> SendInitializeFrameworkResponse : Continue InitializeFramework --> SendInitializeFrameworkResponse : Abort SendInitializeFrameworkResponse --> DidList : Continue SendInitializeFrameworkResponse --> CleanUpReaderManager : Abort SendInitializeFrameworkResponse --> ProcessCvcsAndSetRights : ReceivedExtractCvcsFromEac1InputType SendInitializeFrameworkResponse --> StartPaosResponse : ReceivedStartPaosResponse DidList --> SendDidListResponse : Continue DidList --> SendDidListResponse : Abort SendDidListResponse --> ProcessCvcsAndSetRights : Continue SendDidListResponse --> CleanUpReaderManager : Abort SendDidListResponse --> SendDisconnectResponse : ReceivedDisconnect SendDidListResponse --> StartPaosResponse : ReceivedStartPaosResponse ProcessCvcsAndSetRights --> StatePace : Continue ProcessCvcsAndSetRights --> SendDidAuthenticateResponseEac1 : Abort StatePace --> ClearPacePasswords : PaceChannelEstablished StatePace --> SendDidAuthenticateResponseEac1 : Abort ClearPacePasswords --> DidAuthenticateEac1 : Continue ClearPacePasswords --> DidAuthenticateEac1 : Abort DidAuthenticateEac1 --> SendDidAuthenticateResponseEac1 : Continue DidAuthenticateEac1 --> SendDidAuthenticateResponseEac1 : Abort SendDidAuthenticateResponseEac1 --> EacAdditionalInputType : Continue SendDidAuthenticateResponseEac1 --> UpdateRetryCounterFinal : Abort SendDidAuthenticateResponseEac1 --> SendDisconnectResponse : ReceivedDisconnect SendDidAuthenticateResponseEac1 --> StartPaosResponse : ReceivedStartPaosResponse EacAdditionalInputType --> ProcessCertificatesFromEac2 : Continue EacAdditionalInputType --> SendDidAuthenticatResponseEacAdditionalInput : Abort EacAdditionalInputType --> SendDidAuthenticatResponseEacAdditionalInput : SendDidAuthenticatResponse SendDidAuthenticatResponseEacAdditionalInput --> ProcessCertificatesFromEac2 : Continue SendDidAuthenticatResponseEacAdditionalInput --> UpdateRetryCounterFinal : Abort SendDidAuthenticatResponseEacAdditionalInput --> StartPaosResponse : ReceivedStartPaosResponse ProcessCertificatesFromEac2 --> DidAuthenticateEac2 : Continue ProcessCertificatesFromEac2 --> SendDidAuthenticateResponseEac2 : Abort DidAuthenticateEac2 --> SendDidAuthenticateResponseEac2 : Continue DidAuthenticateEac2 --> SendDidAuthenticateResponseEac2 : Abort SendDidAuthenticateResponseEac2 --> Transmit : Continue SendDidAuthenticateResponseEac2 --> UpdateRetryCounterFinal : Abort SendDidAuthenticateResponseEac2 --> SendDisconnectResponse : ReceivedDisconnect SendDidAuthenticateResponseEac2 --> StartPaosResponse : ReceivedStartPaosResponse Transmit --> SendTransmitResponse : Continue Transmit --> SendTransmitResponse : Abort SendTransmitResponse --> Transmit : Continue SendTransmitResponse --> UpdateRetryCounterFinal : Abort SendTransmitResponse --> SendDisconnectResponse : ReceivedDisconnect SendTransmitResponse --> StartPaosResponse : ReceivedStartPaosResponse SendDisconnectResponse --> StartPaosResponse : Continue SendDisconnectResponse --> UpdateRetryCounterFinal : Abort StartPaosResponse --> UpdateRetryCounterFinal : Continue StartPaosResponse --> UpdateRetryCounterFinal : Abort UpdateRetryCounterFinal --> CleanUpReaderManager : Continue UpdateRetryCounterFinal --> CleanUpReaderManager : Abort state Continue #DarkSeaGreen CleanUpReaderManager --> Continue : Continue state Abort #DarkSeaGreen CleanUpReaderManager --> Abort : Abort ``` ### CompositeStatePace ```plantuml hide empty description [*] --> MaintainCardConnection MaintainCardConnection --> VerifyRetryCounter : Continue MaintainCardConnection --> SelectReader : NoCardConnection MaintainCardConnection --> UpdateRetryCounter : ForceUpdateRetryCounter MaintainCardConnection --> ClearPacePasswordsOnError : Abort state Abort #DarkSeaGreen ClearPacePasswordsOnError --> Abort : Continue state Abort #DarkSeaGreen ClearPacePasswordsOnError --> Abort : Abort SelectReader --> SelectReader : Retry SelectReader --> ConnectCard : Continue SelectReader --> MaintainCardConnection : Abort ConnectCard --> SelectReader : Retry ConnectCard --> UpdateRetryCounter : Continue ConnectCard --> MaintainCardConnection : Abort UpdateRetryCounter --> VerifyRetryCounter : Continue UpdateRetryCounter --> MaintainCardConnection : Abort VerifyRetryCounter --> PreparePace : Continue VerifyRetryCounter --> MaintainCardConnection : Abort PreparePace --> EnterPacePassword : EnterPacePassword PreparePace --> EstablishPaceChannel : EstablishPaceChannel PreparePace --> MaintainCardConnection : Continue PreparePace --> MaintainCardConnection : Abort EnterPacePassword --> EstablishPaceChannel : Continue EnterPacePassword --> MaintainCardConnection : Abort EstablishPaceChannel --> MaintainCardConnection : Continue state PaceChannelEstablished #DarkSeaGreen EstablishPaceChannel --> PaceChannelEstablished : PaceChannelEstablished EstablishPaceChannel --> ClearPacePasswordsBeforeDestroy : PaceChannelInoperative EstablishPaceChannel --> UnfortunateCardPosition : AbortAndUnfortunateCardPosition EstablishPaceChannel --> MaintainCardConnection : Abort UnfortunateCardPosition --> MaintainCardConnection : Continue UnfortunateCardPosition --> MaintainCardConnection : Abort ClearPacePasswordsBeforeDestroy --> DestroyPace : Continue ClearPacePasswordsBeforeDestroy --> DestroyPace : Abort DestroyPace --> MaintainCardConnection : Continue state Abort #DarkSeaGreen DestroyPace --> Abort : Abort ``` ### ChangePinController ```plantuml hide empty description state Final #DarkSeaGreen [*] --> StatePace StatePace --> PrepareChangePin : PaceChannelEstablished StatePace --> ClearPacePasswords : Abort PrepareChangePin --> ChangePin : Continue PrepareChangePin --> EnterNewPacePin : EnterNewPacePin PrepareChangePin --> StatePace : Abort EnterNewPacePin --> ChangePin : Continue EnterNewPacePin --> StatePace : Abort ChangePin --> DestroyPace : Continue ChangePin --> ClearPacePasswords : InvalidPin ChangePin --> StatePace : Abort DestroyPace --> ClearPacePasswords : Continue DestroyPace --> ClearPacePasswords : Abort ClearPacePasswords --> UpdateRetryCounterFinal : Continue ClearPacePasswords --> UpdateRetryCounterFinal : Abort UpdateRetryCounterFinal --> CleanUpReaderManager : Continue UpdateRetryCounterFinal --> CleanUpReaderManager : Abort CleanUpReaderManager --> Final : Continue CleanUpReaderManager --> Final : Abort ``` ```