public class PassportService extends PassportApduService implements java.io.Serializable
open() ==><br /> sendSelectApplet() ==><br /> doBAC(...) ==><br /> doAA() ==><br /> getInputStream(...)<sup>*</sup> ==><br /> close()
Modifier and Type | Field and Description |
---|---|
static short |
EF_CARD_ACCESS
CardAccess.
|
static short |
EF_COM
The data group presence list.
|
static short |
EF_CVCA
File with the EAC CVCA references.
|
static short |
EF_DG1
Data group 1 contains the MRZ.
|
static short |
EF_DG10
Data group 10 contains substance features.
|
static short |
EF_DG11
Data group 11 contains additional personal details.
|
static short |
EF_DG12
Data group 12 contains additional document details.
|
static short |
EF_DG13
Data group 13 contains optional details.
|
static short |
EF_DG14
Data group 14 is RFU.
|
static short |
EF_DG15
Data group 15 contains the public key used for Active Authentication.
|
static short |
EF_DG16
Data group 16 contains person(s) to notify.
|
static short |
EF_DG2
Data group 2 contains face image data.
|
static short |
EF_DG3
Data group 3 contains finger print data.
|
static short |
EF_DG4
Data group 4 contains iris data.
|
static short |
EF_DG5
Data group 5 contains displayed portrait.
|
static short |
EF_DG6
Data group 6 is RFU.
|
static short |
EF_DG7
Data group 7 contains displayed signature.
|
static short |
EF_DG8
Data group 8 contains data features.
|
static short |
EF_DG9
Data group 9 contains structure features.
|
static short |
EF_SOD
The security document.
|
static int |
maxBlockSize
Deprecated.
hack
|
protected java.util.Random |
random |
static java.text.SimpleDateFormat |
SDF |
static byte |
SF_COM
Short file identifiers for the DGs
|
static byte |
SF_CVCA
Short file identifiers for the DGs
|
static byte |
SF_DG1
Short file identifiers for the DGs
|
static byte |
SF_DG10
Short file identifiers for the DGs
|
static byte |
SF_DG11
Short file identifiers for the DGs
|
static byte |
SF_DG12
Short file identifiers for the DGs
|
static byte |
SF_DG13
Short file identifiers for the DGs
|
static byte |
SF_DG14
Short file identifiers for the DGs
|
static byte |
SF_DG15
Short file identifiers for the DGs
|
static byte |
SF_DG16
Short file identifiers for the DGs
|
static byte |
SF_DG2
Short file identifiers for the DGs
|
static byte |
SF_DG3
Short file identifiers for the DGs
|
static byte |
SF_DG4
Short file identifiers for the DGs
|
static byte |
SF_DG5
Short file identifiers for the DGs
|
static byte |
SF_DG6
Short file identifiers for the DGs
|
static byte |
SF_DG7
Short file identifiers for the DGs
|
static byte |
SF_DG8
Short file identifiers for the DGs
|
static byte |
SF_DG9
Short file identifiers for the DGs
|
static byte |
SF_SOD
Short file identifiers for the DGs
|
protected SecureMessagingWrapper |
wrapper
Deprecated.
visibility will be set to private
|
APPLET_AID, CAN_PACE_KEY_REFERENCE, MRZ_PACE_KEY_REFERENCE, PIN_PACE_KEY_REFERENCE, PUK_PACE_REFERENCE
Constructor and Description |
---|
PassportService(net.sf.scuba.smartcards.CardService service)
Creates a new passport service for accessing the passport.
|
Modifier and Type | Method and Description |
---|---|
void |
close()
Closes this service.
|
byte[] |
doAA(java.security.PublicKey publicKey,
java.lang.String digestAlgorithm,
java.lang.String signatureAlgorithm,
byte[] challenge)
Performs the Active Authentication protocol.
|
void |
doBAC(BACKeySpec bacKey)
Performs the Basic Access Control protocol.
|
void |
doBAC(javax.crypto.SecretKey kEnc,
javax.crypto.SecretKey kMac)
Performs the Basic Access Control protocol.
|
ChipAuthenticationResult |
doCA(java.math.BigInteger keyId,
java.security.PublicKey publicKey)
Perform CA (Chip Authentication) part of EAC (version 1).
|
void |
doPACE(BACKeySpec keySpec,
java.lang.String oid,
java.security.spec.AlgorithmParameterSpec params)
Performs the PACE 2.0 / SAC protocol.
|
TerminalAuthenticationResult |
doTA(CVCPrincipal caReference,
java.util.List<CardVerifiableCertificate> terminalCertificates,
java.security.PrivateKey terminalKey,
java.lang.String taAlg,
ChipAuthenticationResult chipAuthenticationResult,
java.lang.String documentNumber)
Perform TA (Terminal Authentication) part of EAC (version 1).
|
net.sf.scuba.smartcards.CardFileInputStream |
getInputStream(short fid)
Gets the file as an input stream indicated by a file identifier.
|
net.sf.scuba.smartcards.APDUWrapper |
getWrapper()
Gets the wrapper.
|
boolean |
isOpen()
Whether this service is open.
|
void |
open()
Opens a session to the card.
|
byte[] |
sendReadBinary(int offset,
int le,
boolean longRead)
Sends a
READ BINARY command to the passport, use wrapper when secure channel set up. |
void |
sendSelectApplet(boolean hasPACESucceeded)
Selects the MRTD card side applet.
|
void |
sendSelectFile(short fid) |
void |
setWrapper(SecureMessagingWrapper wrapper)
Deprecated.
hack
|
addAPDUListener, addPlainTextAPDUListener, getATR, notifyExchangedPlainTextAPDU, removeAPDUListener, removePlainTextAPDUListener, sendGeneralAuthenticate, sendGetChallenge, sendGetChallenge, sendInternalAuthenticate, sendMSEKAT, sendMSESetATExtAuth, sendMSESetATMutualAuth, sendMSESetDST, sendMutualAuth, sendMutualAuthenticate, sendPSOChainMode, sendPSOExtendedLengthMode, sendReadBinary, sendReadBinary, sendSelectApplet, sendSelectFile, setService, transmit
public static final short EF_DG1
public static final short EF_DG2
public static final short EF_DG3
public static final short EF_DG4
public static final short EF_DG5
public static final short EF_DG6
public static final short EF_DG7
public static final short EF_DG8
public static final short EF_DG9
public static final short EF_DG10
public static final short EF_DG11
public static final short EF_DG12
public static final short EF_DG13
public static final short EF_DG14
public static final short EF_DG15
public static final short EF_DG16
public static final short EF_CARD_ACCESS
public static final short EF_SOD
public static final short EF_COM
public static final short EF_CVCA
public static final byte SF_DG1
public static final byte SF_DG2
public static final byte SF_DG3
public static final byte SF_DG4
public static final byte SF_DG5
public static final byte SF_DG6
public static final byte SF_DG7
public static final byte SF_DG8
public static final byte SF_DG9
public static final byte SF_DG10
public static final byte SF_DG11
public static final byte SF_DG12
public static final byte SF_DG13
public static final byte SF_DG14
public static final byte SF_DG15
public static final byte SF_DG16
public static final byte SF_COM
public static final byte SF_SOD
public static final byte SF_CVCA
public static final java.text.SimpleDateFormat SDF
public static int maxBlockSize
protected SecureMessagingWrapper wrapper
protected java.util.Random random
public PassportService(net.sf.scuba.smartcards.CardService service) throws net.sf.scuba.smartcards.CardServiceException
service
- another service which will deal with sending the apdus to the cardnet.sf.scuba.smartcards.CardServiceException
- on errorpublic void open() throws net.sf.scuba.smartcards.CardServiceException
open
in class PassportApduService
net.sf.scuba.smartcards.CardServiceException
- on errorpublic void sendSelectApplet(boolean hasPACESucceeded) throws net.sf.scuba.smartcards.CardServiceException
hasPACESucceeded
- indicates whether PACE has been executed successfully (in which case a secure messaging channel has been established)net.sf.scuba.smartcards.CardServiceException
- on errorpublic boolean isOpen()
isOpen
in class PassportApduService
public void doBAC(BACKeySpec bacKey) throws net.sf.scuba.smartcards.CardServiceException
bacKey
- the key based on the document number,
the card holder's birth date,
and the document's expiry datenet.sf.scuba.smartcards.CardServiceException
- if authentication failedpublic void doBAC(javax.crypto.SecretKey kEnc, javax.crypto.SecretKey kMac) throws net.sf.scuba.smartcards.CardServiceException, java.security.GeneralSecurityException
kEnc
- 3DES key required for BACkMac
- 3DES key required for BACnet.sf.scuba.smartcards.CardServiceException
- if authentication failedjava.security.GeneralSecurityException
- on security primitives related problemspublic void sendSelectFile(short fid) throws net.sf.scuba.smartcards.CardServiceException
sendSelectFile
in class PassportApduService
net.sf.scuba.smartcards.CardServiceException
public byte[] sendReadBinary(int offset, int le, boolean longRead) throws net.sf.scuba.smartcards.CardServiceException
READ BINARY
command to the passport, use wrapper when secure channel set up.offset
- offset into the filele
- the expected length of the file to readlongRead
- whether to use extended length APDUsle
with (the specified part of) the contents of the currently selected filenet.sf.scuba.smartcards.CardServiceException
- on tranceive errorpublic void doPACE(BACKeySpec keySpec, java.lang.String oid, java.security.spec.AlgorithmParameterSpec params) throws PACEException
keySpec
- the MRZoid
- as specified in the PACEInfo, indicates GM or IM, DH or ECDH, cipher, digest, lengthparams
- explicit static domain parameters the domain params for DH or ECDHPACEException
- on errorpublic ChipAuthenticationResult doCA(java.math.BigInteger keyId, java.security.PublicKey publicKey) throws net.sf.scuba.smartcards.CardServiceException
keyId
- passport's public key id (stored in DG14), -1 if nonepublicKey
- passport's public key (stored in DG14)net.sf.scuba.smartcards.CardServiceException
- if CA failed or some error occurredpublic TerminalAuthenticationResult doTA(CVCPrincipal caReference, java.util.List<CardVerifiableCertificate> terminalCertificates, java.security.PrivateKey terminalKey, java.lang.String taAlg, ChipAuthenticationResult chipAuthenticationResult, java.lang.String documentNumber) throws net.sf.scuba.smartcards.CardServiceException
caReference
- reference issuerterminalCertificates
- terminal certificate chainterminalKey
- terminal private keytaAlg
- algorithmchipAuthenticationResult
- the chip authentication resultdocumentNumber
- the document numbernet.sf.scuba.smartcards.CardServiceException
- on errorpublic byte[] doAA(java.security.PublicKey publicKey, java.lang.String digestAlgorithm, java.lang.String signatureAlgorithm, byte[] challenge) throws net.sf.scuba.smartcards.CardServiceException
publicKey
- the public key to use (usually read from the card)digestAlgorithm
- the digest algorithm to use, or nullsignatureAlgorithm
- signature algorithmchallenge
- challengenet.sf.scuba.smartcards.CardServiceException
- on errorpublic void close()
close
in class PassportApduService
public net.sf.scuba.smartcards.APDUWrapper getWrapper()
null
until BAC has been
performed.public void setWrapper(SecureMessagingWrapper wrapper)
wrapper
- wrapperpublic net.sf.scuba.smartcards.CardFileInputStream getInputStream(short fid) throws net.sf.scuba.smartcards.CardServiceException
fid
- ICAO file identifiernet.sf.scuba.smartcards.CardServiceException
- if the file cannot be read