public class PassportService extends PassportApduService implements Serializable
open() ==><br /> sendSelectApplet() ==><br /> doBAC(...) ==><br /> doAA() ==><br /> getInputStream(...)<sup>*</sup> ==><br /> close()
Modifier and Type | Field and Description |
---|---|
static int |
DEFAULT_MAX_BLOCKSIZE
The default maximal blocksize used for unencrypted APDUs.
|
static short |
EF_CARD_ACCESS
Card Access.
|
static short |
EF_CARD_SECURITY
Card Security.
|
static short |
EF_COM
The data group presence list.
|
static short |
EF_CVCA
Contains EAC CVA references.
|
static short |
EF_DG1
Data group 1 contains the MRZ.
|
static short |
EF_DG10
Data group 10 contains substance features.
|
static short |
EF_DG11
Data group 11 contains additional personal details.
|
static short |
EF_DG12
Data group 12 contains additional document details.
|
static short |
EF_DG13
Data group 13 contains optional details.
|
static short |
EF_DG14
Data group 14 contains security infos.
|
static short |
EF_DG15
Data group 15 contains the public key used for Active Authentication.
|
static short |
EF_DG16
Data group 16 contains person(s) to notify.
|
static short |
EF_DG2
Data group 2 contains face image data.
|
static short |
EF_DG3
Data group 3 contains finger print data.
|
static short |
EF_DG4
Data group 4 contains iris data.
|
static short |
EF_DG5
Data group 5 contains displayed portrait.
|
static short |
EF_DG6
Data group 6 is RFU.
|
static short |
EF_DG7
Data group 7 contains displayed signature.
|
static short |
EF_DG8
Data group 8 contains data features.
|
static short |
EF_DG9
Data group 9 contains structure features.
|
static short |
EF_SOD
The security document.
|
int |
maxBlockSize
Deprecated.
hack
|
static SimpleDateFormat |
SDF
YYMMDD format.
|
static byte |
SF_COM
Short file identifiers for the DGs
|
static byte |
SF_CVCA
Short file identifiers for the DGs
|
static byte |
SF_DG1
Short file identifiers for the DGs
|
static byte |
SF_DG10
Short file identifiers for the DGs
|
static byte |
SF_DG11
Short file identifiers for the DGs
|
static byte |
SF_DG12
Short file identifiers for the DGs
|
static byte |
SF_DG13
Short file identifiers for the DGs
|
static byte |
SF_DG14
Short file identifiers for the DGs
|
static byte |
SF_DG15
Short file identifiers for the DGs
|
static byte |
SF_DG16
Short file identifiers for the DGs
|
static byte |
SF_DG2
Short file identifiers for the DGs
|
static byte |
SF_DG3
Short file identifiers for the DGs
|
static byte |
SF_DG4
Short file identifiers for the DGs
|
static byte |
SF_DG5
Short file identifiers for the DGs
|
static byte |
SF_DG6
Short file identifiers for the DGs
|
static byte |
SF_DG7
Short file identifiers for the DGs
|
static byte |
SF_DG8
Short file identifiers for the DGs
|
static byte |
SF_DG9
Short file identifiers for the DGs
|
static byte |
SF_SOD
Short file identifiers for the DGs
|
protected SecureMessagingWrapper |
wrapper
Deprecated.
visibility will be set to private
|
APPLET_AID, CAN_PACE_KEY_REFERENCE, MRZ_PACE_KEY_REFERENCE, PIN_PACE_KEY_REFERENCE, PUK_PACE_KEY_REFERENCE
Constructor and Description |
---|
PassportService(net.sf.scuba.smartcards.CardService service)
Creates a new passport service for accessing the passport.
|
PassportService(net.sf.scuba.smartcards.CardService service,
int maxBlockSize)
Creates a new passport service for accessing the passport.
|
Modifier and Type | Method and Description |
---|---|
void |
close()
Closes this service.
|
AAResult |
doAA(PublicKey publicKey,
String digestAlgorithm,
String signatureAlgorithm,
byte[] challenge)
Performs the Active Authentication protocol.
|
void |
doBAC(BACKeySpec bacKey)
Performs the Basic Access Control protocol.
|
BACResult |
doBAC(SecretKey kEnc,
SecretKey kMac)
Performs the Basic Access Control protocol.
|
CAResult |
doCA(BigInteger keyId,
PublicKey publicKey)
Perform CA (Chip Authentication) part of EAC (version 1).
|
PACEResult |
doPACE(KeySpec keySpec,
String oid,
AlgorithmParameterSpec params)
Performs the PACE 2.0 / SAC protocol.
|
TAResult |
doTA(CVCPrincipal caReference,
List<CardVerifiableCertificate> terminalCertificates,
PrivateKey terminalKey,
String taAlg,
CAResult chipAuthenticationResult,
String documentNumber)
Performs Terminal Authentication (TA) part of EAC (version 1).
|
net.sf.scuba.smartcards.CardFileInputStream |
getInputStream(short fid)
Gets the file as an input stream indicated by a file identifier.
|
net.sf.scuba.smartcards.APDUWrapper |
getWrapper()
Gets the wrapper.
|
boolean |
isOpen()
Whether this service is open.
|
void |
open()
Opens a session to the card.
|
byte[] |
sendReadBinary(int offset,
int le,
boolean longRead)
Sends a
READ BINARY command to the passport, use wrapper when secure channel set up. |
void |
sendSelectApplet(boolean hasPACESucceeded)
Selects the MRTD card side applet.
|
void |
sendSelectFile(short fid)
Selects a file.
|
void |
setWrapper(SecureMessagingWrapper wrapper)
Deprecated.
hack
|
addAPDUListener, addPlainTextAPDUListener, getATR, notifyExchangedPlainTextAPDU, removeAPDUListener, removePlainTextAPDUListener, sendGeneralAuthenticate, sendGetChallenge, sendGetChallenge, sendInternalAuthenticate, sendMSEKAT, sendMSESetATExtAuth, sendMSESetATMutualAuth, sendMSESetDST, sendMutualAuth, sendMutualAuthenticate, sendPSOChainMode, sendPSOExtendedLengthMode, sendReadBinary, sendReadBinary, sendSelectApplet, sendSelectFile, setService, transmit
public static final short EF_DG1
public static final short EF_DG2
public static final short EF_DG3
public static final short EF_DG4
public static final short EF_DG5
public static final short EF_DG6
public static final short EF_DG7
public static final short EF_DG8
public static final short EF_DG9
public static final short EF_DG10
public static final short EF_DG11
public static final short EF_DG12
public static final short EF_DG13
public static final short EF_DG14
public static final short EF_DG15
public static final short EF_DG16
public static final short EF_CARD_ACCESS
public static final short EF_CARD_SECURITY
public static final short EF_SOD
public static final short EF_COM
public static final short EF_CVCA
public static final byte SF_DG1
public static final byte SF_DG2
public static final byte SF_DG3
public static final byte SF_DG4
public static final byte SF_DG5
public static final byte SF_DG6
public static final byte SF_DG7
public static final byte SF_DG8
public static final byte SF_DG9
public static final byte SF_DG10
public static final byte SF_DG11
public static final byte SF_DG12
public static final byte SF_DG13
public static final byte SF_DG14
public static final byte SF_DG15
public static final byte SF_DG16
public static final byte SF_COM
public static final byte SF_SOD
public static final byte SF_CVCA
public static final SimpleDateFormat SDF
public static final int DEFAULT_MAX_BLOCKSIZE
public int maxBlockSize
protected SecureMessagingWrapper wrapper
public PassportService(net.sf.scuba.smartcards.CardService service) throws net.sf.scuba.smartcards.CardServiceException
service
- another service which will deal with sending the apdus to the cardnet.sf.scuba.smartcards.CardServiceException
- when the available JCE providers cannot provide the necessary
cryptographic primitives:
public PassportService(net.sf.scuba.smartcards.CardService service, int maxBlockSize) throws net.sf.scuba.smartcards.CardServiceException
service
- another service which will deal with sending the APDUs to the cardmaxBlockSize
- maximum size for plain text APDUsnet.sf.scuba.smartcards.CardServiceException
- when the available JCE providers cannot provide the necessary
cryptographic primitives:
public void open() throws net.sf.scuba.smartcards.CardServiceException
open
in class PassportApduService
net.sf.scuba.smartcards.CardServiceException
- on errorpublic void sendSelectApplet(boolean hasPACESucceeded) throws net.sf.scuba.smartcards.CardServiceException
hasPACESucceeded
- indicates whether PACE has been executed successfully (in which case a secure messaging channel has been established)net.sf.scuba.smartcards.CardServiceException
- on errorpublic boolean isOpen()
isOpen
in class PassportApduService
public void sendSelectFile(short fid) throws net.sf.scuba.smartcards.CardServiceException
sendSelectFile
in class PassportApduService
fid
- a file identifiernet.sf.scuba.smartcards.CardServiceException
- on errorpublic byte[] sendReadBinary(int offset, int le, boolean longRead) throws net.sf.scuba.smartcards.CardServiceException
READ BINARY
command to the passport, use wrapper when secure channel set up.offset
- offset into the filele
- the expected length of the file to readlongRead
- whether to use extended length APDUsle
with (the specified part of) the contents of the currently selected filenet.sf.scuba.smartcards.CardServiceException
- on tranceive errorpublic void doBAC(BACKeySpec bacKey) throws net.sf.scuba.smartcards.CardServiceException
bacKey
- the key based on the document number,
the card holder's birth date,
and the document's expiry datenet.sf.scuba.smartcards.CardServiceException
- if authentication failedpublic BACResult doBAC(SecretKey kEnc, SecretKey kMac) throws net.sf.scuba.smartcards.CardServiceException, GeneralSecurityException
kEnc
- static 3DES key required for BACkMac
- static 3DES key required for BACnet.sf.scuba.smartcards.CardServiceException
- if authentication failedGeneralSecurityException
- on security primitives related problemspublic PACEResult doPACE(KeySpec keySpec, String oid, AlgorithmParameterSpec params) throws PACEException
keySpec
- the MRZoid
- as specified in the PACEInfo, indicates GM or IM or CAM, DH or ECDH, cipher, digest, lengthparams
- explicit static domain parameters the domain params for DH or ECDHPACEException
- on errorpublic CAResult doCA(BigInteger keyId, PublicKey publicKey) throws net.sf.scuba.smartcards.CardServiceException
keyId
- passport's public key id (stored in DG14), -1 if nonepublicKey
- passport's public key (stored in DG14)net.sf.scuba.smartcards.CardServiceException
- if CA failed or some error occurredpublic TAResult doTA(CVCPrincipal caReference, List<CardVerifiableCertificate> terminalCertificates, PrivateKey terminalKey, String taAlg, CAResult chipAuthenticationResult, String documentNumber) throws net.sf.scuba.smartcards.CardServiceException
caReference
- reference issuerterminalCertificates
- terminal certificate chainterminalKey
- terminal private keytaAlg
- algorithmchipAuthenticationResult
- the chip authentication resultdocumentNumber
- the document numbernet.sf.scuba.smartcards.CardServiceException
- on errorpublic AAResult doAA(PublicKey publicKey, String digestAlgorithm, String signatureAlgorithm, byte[] challenge) throws net.sf.scuba.smartcards.CardServiceException
publicKey
- the public key to use (usually read from the card)digestAlgorithm
- the digest algorithm to use, or nullsignatureAlgorithm
- signature algorithmchallenge
- challengenet.sf.scuba.smartcards.CardServiceException
- on errorpublic void close()
close
in class PassportApduService
public net.sf.scuba.smartcards.APDUWrapper getWrapper()
null
until BAC has been
performed.public void setWrapper(SecureMessagingWrapper wrapper)
wrapper
- wrapperpublic net.sf.scuba.smartcards.CardFileInputStream getInputStream(short fid) throws net.sf.scuba.smartcards.CardServiceException
fid
- ICAO file identifiernet.sf.scuba.smartcards.CardServiceException
- if the file cannot be readCopyright © 2016. All rights reserved.