Class PACEAPDUSender

  • All Implemented Interfaces:
    APDULevelPACECapable

    public class PACEAPDUSender
    extends Object
    implements APDULevelPACECapable
    A low-level APDU sender to support the PACE protocol.
    Since:
    0.7.0
    Version:
    $Revision: 1799 $
    Author:
    The JMRTD team
    • Field Detail

      • NO_PACE_KEY_REFERENCE

        public static final byte NO_PACE_KEY_REFERENCE
        Shared secret type for non-PACE key.
        See Also:
        Constant Field Values
      • MRZ_PACE_KEY_REFERENCE

        public static final byte MRZ_PACE_KEY_REFERENCE
        Shared secret type for PACE according to BSI TR-03110 v2.03 B.11.1.
        See Also:
        Constant Field Values
      • CAN_PACE_KEY_REFERENCE

        public static final byte CAN_PACE_KEY_REFERENCE
        Shared secret type for PACE according to BSI TR-03110 v2.03 B.11.1.
        See Also:
        Constant Field Values
      • PIN_PACE_KEY_REFERENCE

        public static final byte PIN_PACE_KEY_REFERENCE
        Shared secret type for PACE according to BSI TR-03110 v2.03 B.11.1.
        See Also:
        Constant Field Values
      • PUK_PACE_KEY_REFERENCE

        public static final byte PUK_PACE_KEY_REFERENCE
        Shared secret type for PACE according to BSI TR-03110 v2.03 B.11.1.
        See Also:
        Constant Field Values
    • Constructor Detail

      • PACEAPDUSender

        public PACEAPDUSender​(net.sf.scuba.smartcards.CardService service)
        Creates an APDU sender to support the PACE protocol.
        Parameters:
        service - the card service to tranceive APDUs
    • Method Detail

      • sendMSESetATMutualAuth

        public void sendMSESetATMutualAuth​(net.sf.scuba.smartcards.APDUWrapper wrapper,
                                           String oid,
                                           int refPublicKeyOrSecretKey,
                                           byte[] refPrivateKeyOrForComputingSessionKey)
                                    throws net.sf.scuba.smartcards.CardServiceException
        The MSE AT APDU for PACE, see ICAO TR-SAC-1.01, Section 3.2.1, BSI TR 03110 v2.03 B11.1. Note that (for now) caller is responsible for prefixing the byte[] params with specified tags.
        Specified by:
        sendMSESetATMutualAuth in interface APDULevelPACECapable
        Parameters:
        wrapper - secure messaging wrapper
        oid - OID of the protocol to select (this method will prefix 0x80)
        refPublicKeyOrSecretKey - value specifying whether to use MRZ (0x01) or CAN (0x02) (this method will prefix 0x83)
        refPrivateKeyOrForComputingSessionKey - indicates a private key or reference for computing a session key (this method will prefix 0x84)
        Throws:
        net.sf.scuba.smartcards.CardServiceException - on error
      • sendGeneralAuthenticate

        public byte[] sendGeneralAuthenticate​(net.sf.scuba.smartcards.APDUWrapper wrapper,
                                              byte[] data,
                                              boolean isLast)
                                       throws net.sf.scuba.smartcards.CardServiceException
        Sends a General Authenticate command.
        Specified by:
        sendGeneralAuthenticate in interface APDULevelPACECapable
        Parameters:
        wrapper - secure messaging wrapper
        data - data to be sent, without the 0x7C prefix (this method will add it)
        isLast - indicates whether this is the last command in the chain
        Returns:
        dynamic authentication data without the 0x7C prefix (this method will remove it)
        Throws:
        net.sf.scuba.smartcards.CardServiceException - on error