Package org.jmrtd.protocol

Class AESSecureMessagingWrapper

java.lang.Object

org.jmrtd.protocol.SecureMessagingWrapper

org.jmrtd.protocol.AESSecureMessagingWrapper

All Implemented Interfaces:

Serializable, net.sf.scuba.smartcards.APDUWrapper

public class AESSecureMessagingWrapper
extends SecureMessagingWrapper
implements Serializable

An AES secure messaging wrapper for APDUs. Based on TR-SAC.

Version:

$Revision: 1805 $

Author:

The JMRTD team ([email protected])

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor	Description
AESSecureMessagingWrapper(SecretKey ksEnc, SecretKey ksMac, int maxTranceiveLength, boolean shouldCheckMAC, long ssc)	Constructs a secure messaging wrapper based on the secure messaging session keys and the initial value of the send sequence counter.
AESSecureMessagingWrapper(SecretKey ksEnc, SecretKey ksMac, long ssc)	Constructs a secure messaging wrapper based on the secure messaging session keys and the initial value of the send sequence counter.
AESSecureMessagingWrapper(AESSecureMessagingWrapper wrapper)	Constructs a secure messaging wrapper based on the given existing secure messaging wrapper.

Method Summary

Modifier and Type	Method	Description
boolean	equals(Object obj)
byte[]	getEncodedSendSequenceCounter()	Returns the send sequence counter as bytes, making sure the 128 bit (16 byte) block-size is used.
protected IvParameterSpec	getIV()	Returns the IV by encrypting the send sequence counter.
int	getPadLength()	Returns the length (in bytes) to use for padding.
String	getType()	Returns the type of secure messaging wrapper (in this case "AES").
int	hashCode()
String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from class org.jmrtd.protocol.SecureMessagingWrapper

checkMac, getEncryptionKey, getInstance, getMACKey, getMaxTranceiveLength, getSendSequenceCounter, shouldCheckMAC, unwrap, wrap

Constructor Detail

AESSecureMessagingWrapper

public AESSecureMessagingWrapper(SecretKey ksEnc,
                                 SecretKey ksMac,
                                 long ssc)
                          throws GeneralSecurityException

Constructs a secure messaging wrapper based on the secure messaging session keys and the initial value of the send sequence counter. Used in BAC and EAC 1.

Parameters:

ksEnc - the session key for encryption

ksMac - the session key for macs

ssc - the initial value of the send sequence counter

Throws:

GeneralSecurityException - when the available JCE providers cannot provide the necessary cryptographic primitives

AESSecureMessagingWrapper

public AESSecureMessagingWrapper(AESSecureMessagingWrapper wrapper)
                          throws GeneralSecurityException

Constructs a secure messaging wrapper based on the given existing secure messaging wrapper. This is a convenience copy constructor.

Parameters:

wrapper - an existing wrapper

Throws:

GeneralSecurityException - when the available JCE providers cannot provide the necessary cryptographic primitives

AESSecureMessagingWrapper

public AESSecureMessagingWrapper(SecretKey ksEnc,
                                 SecretKey ksMac,
                                 int maxTranceiveLength,
                                 boolean shouldCheckMAC,
                                 long ssc)
                          throws GeneralSecurityException

Constructs a secure messaging wrapper based on the secure messaging session keys and the initial value of the send sequence counter. Used in BAC and EAC 1.

Parameters:

ksEnc - the session key for encryption

ksMac - the session key for macs

maxTranceiveLength - the maximum tranceive length, typical values are 256 or 65536

shouldCheckMAC - a boolean indicating whether this wrapper will check the MAC in wrapped response APDUs

ssc - the initial value of the send sequence counter

Throws:

GeneralSecurityException - when the available JCE providers cannot provide the necessary cryptographic primitives

Method Detail

getType

public String getType()

Returns the type of secure messaging wrapper (in this case "AES").

Specified by:

getType in interface net.sf.scuba.smartcards.APDUWrapper

Returns:

the type of secure messaging wrapper

getPadLength

public int getPadLength()

Returns the length (in bytes) to use for padding. For AES this is 16.

Specified by:

getPadLength in class SecureMessagingWrapper

Returns:

the length to use for padding

getEncodedSendSequenceCounter

public byte[] getEncodedSendSequenceCounter()

Returns the send sequence counter as bytes, making sure the 128 bit (16 byte) block-size is used.

Specified by:

getEncodedSendSequenceCounter in class SecureMessagingWrapper

Returns:

the send sequence counter as a 16 byte array

toString

public String toString()

Overrides:

toString in class SecureMessagingWrapper

hashCode

public int hashCode()

Overrides:

hashCode in class SecureMessagingWrapper

equals

public boolean equals(Object obj)

Overrides:

equals in class SecureMessagingWrapper

getIV

protected IvParameterSpec getIV()
                         throws GeneralSecurityException

Returns the IV by encrypting the send sequence counter. AES uses IV = E K_Enc , SSC), see ICAO SAC TR Section 4.6.3.

Specified by:

getIV in class SecureMessagingWrapper

Returns:

the initialization vector specification

Throws:

GeneralSecurityException - on error