Package org.jmrtd.protocol
Class BACProtocol
- java.lang.Object
-
- org.jmrtd.protocol.BACProtocol
-
public class BACProtocol extends Object
The Basic Access Control protocol.- Since:
- 0.5.6
- Version:
- $Revision: 1800 $
- Author:
- The JMRTD team ([email protected])
-
-
Constructor Summary
Constructors Constructor Description BACProtocol(APDULevelBACCapable service, int maxTranceiveLength, boolean shouldCheckMAC)
Constructs a BAC protocol instance.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static byte[]
computeKeySeedForBAC(BACKeySpec bacKey)
Computes the key seed based on the given (MRZ based) BAC key.static long
computeSendSequenceCounter(byte[] rndICC, byte[] rndIFD)
Computes the initial send sequence counter to use, given the randoms generated by PICC and PCD.BACResult
doBAC(SecretKey kEnc, SecretKey kMac)
Performs the Basic Access Control protocol.BACResult
doBAC(AccessKeySpec bacKey)
Performs the Basic Access Control protocol.
-
-
-
Constructor Detail
-
BACProtocol
public BACProtocol(APDULevelBACCapable service, int maxTranceiveLength, boolean shouldCheckMAC)
Constructs a BAC protocol instance.- Parameters:
service
- the service to send APDUsmaxTranceiveLength
- the maximal tranceive length (on responses toREAD BINARY
) to use in the resulting secure messaging channelshouldCheckMAC
- whether the resulting secure messaging channel should apply strict MAC checking on response APDUs
-
-
Method Detail
-
doBAC
public BACResult doBAC(AccessKeySpec bacKey) throws net.sf.scuba.smartcards.CardServiceException
Performs the Basic Access Control protocol.- Parameters:
bacKey
- the key based on the document number, the card holder's birth date, and the document's expiry date- Returns:
- the BAC result
- Throws:
net.sf.scuba.smartcards.CardServiceException
- if authentication failed
-
doBAC
public BACResult doBAC(SecretKey kEnc, SecretKey kMac) throws net.sf.scuba.smartcards.CardServiceException, GeneralSecurityException
Performs the Basic Access Control protocol. It does BAC using kEnc and kMac keys, usually calculated from the document number, the card holder's date of birth, and the card's date of expiry.- Parameters:
kEnc
- the static 3DES key required for BACkMac
- the static 3DES key required for BAC- Returns:
- the new secure messaging wrapper
- Throws:
net.sf.scuba.smartcards.CardServiceException
- if authentication failedGeneralSecurityException
- on security primitives related problems
-
computeKeySeedForBAC
public static byte[] computeKeySeedForBAC(BACKeySpec bacKey) throws GeneralSecurityException
Computes the key seed based on the given (MRZ based) BAC key.- Parameters:
bacKey
- the BAC key- Returns:
- the key seed
- Throws:
GeneralSecurityException
- on error applying the low level cryptographic primitives
-
computeSendSequenceCounter
public static long computeSendSequenceCounter(byte[] rndICC, byte[] rndIFD)
Computes the initial send sequence counter to use, given the randoms generated by PICC and PCD.- Parameters:
rndICC
- the PICC's randomrndIFD
- the PCD's random- Returns:
- the initial send sequence counter to use
-
-