public class Passport
extends java.lang.Object
Constructor and Description |
---|
Passport(LDS lds,
java.security.PrivateKey docSigningPrivateKey,
MRTDTrustStore trustManager)
Creates a document from an LDS data structure and additional information.
|
Passport(PassportService service,
MRTDTrustStore trustManager,
BACKeySpec bacKey)
Creates a document by reading it from a service.
|
Passport(PassportService service,
MRTDTrustStore trustManager,
java.util.List<BACKeySpec> bacStore)
Creates a document by reading it from a service.
|
Modifier and Type | Method and Description |
---|---|
java.security.PrivateKey |
getAAPrivateKey()
Gets the private key for AA, or
null if not present. |
CardVerifiableCertificate |
getCVCertificate()
Gets the CVCA certificate.
|
java.security.PrivateKey |
getDocSigningPrivateKey()
Gets the document signing private key, or
null if not present. |
java.security.PrivateKey |
getEACPrivateKey()
Gets the private key for EAC, or
null if not present. |
FeatureStatus |
getFeatures()
Gets the supported features (such as: BAC, AA, EAC) as
discovered during initialization of this document.
|
LDS |
getLDS() |
MRTDTrustStore |
getTrustManager()
Gets the CSCA, CVCA trust store.
|
VerificationStatus |
getVerificationStatus()
Gets the verification status thus far.
|
void |
putFile(short fid,
byte[] bytes)
Inserts a file into this document, and updates EF_COM and EF_SOd accordingly.
|
void |
setAAPrivateKey(java.security.PrivateKey aaPrivateKey)
Sets the private key for AA.
|
void |
setAAPublicKey(java.security.PublicKey aaPublicKey)
Sets the public key for AA.
|
void |
setCVCertificate(CardVerifiableCertificate cert)
Sets the CVCA certificate.
|
void |
setDocSigningCertificate(java.security.cert.X509Certificate docSigningCertificate)
Sets the document signing certificate.
|
void |
setDocSigningPrivateKey(java.security.PrivateKey docSigningPrivateKey)
Sets the document signing private key.
|
void |
setEACPrivateKey(java.security.PrivateKey eacPrivateKey)
Sets the private key for EAC.
|
void |
setEACPublicKey(java.security.PublicKey eacPublicKey)
Sets the public key for EAC.
|
void |
updateCOMSODFile(java.security.cert.X509Certificate newCertificate)
Updates EF_COM and EF_SOd using a new document signing certificate.
|
void |
verifyAA()
Check active authentication.
|
void |
verifyCS()
Checks the certificate chain.
|
void |
verifyDS()
Checks the security object's signature.
|
void |
verifyHT()
Checks hashes in the SOd correspond to hashes we compute.
|
VerificationStatus |
verifySecurity()
Verifies the document using the security related mechanisms.
|
public Passport(LDS lds, java.security.PrivateKey docSigningPrivateKey, MRTDTrustStore trustManager) throws java.security.GeneralSecurityException
lds
- the logical data structuredocSigningPrivateKey
- the document signing private keytrustManager
- the trust manager (CSCA, CVCA)java.security.GeneralSecurityException
- if errorpublic Passport(PassportService service, MRTDTrustStore trustManager, BACKeySpec bacKey) throws net.sf.scuba.smartcards.CardServiceException, java.security.GeneralSecurityException
service
- the service to read fromtrustManager
- the trust manager (CSCA, CVCA)bacKey
- the BAC key to usenet.sf.scuba.smartcards.CardServiceException
- on errorjava.security.GeneralSecurityException
- if certain security primitives are not supportedpublic Passport(PassportService service, MRTDTrustStore trustManager, java.util.List<BACKeySpec> bacStore) throws net.sf.scuba.smartcards.CardServiceException, java.security.GeneralSecurityException
service
- the service to read fromtrustManager
- the trust manager (CSCA, CVCA)bacStore
- the BAC entriesnet.sf.scuba.smartcards.CardServiceException
- on errorjava.security.GeneralSecurityException
- if certain security primitives are not supportedpublic void putFile(short fid, byte[] bytes)
fid
- the FID of the new filebytes
- the contents of the new filepublic void updateCOMSODFile(java.security.cert.X509Certificate newCertificate)
newCertificate
- a certificatepublic LDS getLDS()
public void setDocSigningPrivateKey(java.security.PrivateKey docSigningPrivateKey)
docSigningPrivateKey
- a private keypublic CardVerifiableCertificate getCVCertificate()
null
public void setCVCertificate(CardVerifiableCertificate cert)
cert
- the CV certificatepublic java.security.PrivateKey getDocSigningPrivateKey()
null
if not present.null
public void setDocSigningCertificate(java.security.cert.X509Certificate docSigningCertificate)
docSigningCertificate
- a certificatepublic MRTDTrustStore getTrustManager()
public java.security.PrivateKey getEACPrivateKey()
null
if not present.null
public void setEACPrivateKey(java.security.PrivateKey eacPrivateKey)
eacPrivateKey
- a private keypublic void setEACPublicKey(java.security.PublicKey eacPublicKey)
eacPublicKey
- a public keypublic java.security.PrivateKey getAAPrivateKey()
null
if not present.null
public void setAAPrivateKey(java.security.PrivateKey aaPrivateKey)
aaPrivateKey
- a private keypublic void setAAPublicKey(java.security.PublicKey aaPublicKey)
aaPublicKey
- a public keypublic FeatureStatus getFeatures()
public VerificationStatus getVerificationStatus()
public VerificationStatus verifySecurity()
public void verifyAA()
public void verifyDS()
public void verifyCS()
public void verifyHT()