Package org.eclipse.keypop.calypso.crypto.asymmetric.transaction.spi

Interface AsymmetricCryptoCardTransactionManagerSpi

public interface AsymmetricCryptoCardTransactionManagerSpi
Calypso card asymmetric key cryptography service.

It defines the API needed by a terminal to perform the cryptographic operations required by a Calypso card when using asymmetric keys.

An instance of this interface can be obtained via the method AsymmetricCryptoCardTransactionManagerFactorySpi.createCardTransactionManager().

Since:
0.2.0

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    initTerminalPkiSession(CardPublicKeySpi cardPublicKey)
    Initialize the cryptographic context for a new secure session in PKI mode with the provided card public key.
    boolean
    isCardPkiSessionValid(byte[] cardSessionSignature)
    Verifies the provided secure session signature (a 64-byte byte array) from the previously initialized and updated context.
    void
    updateTerminalPkiSession(byte[] cardApdu)
    Updates the session signature verification engine with data sent or received from the card as a byte array.

  • Method Details

    • initTerminalPkiSession

      void initTerminalPkiSession(CardPublicKeySpi cardPublicKey) throws AsymmetricCryptoException
      Initialize the cryptographic context for a new secure session in PKI mode with the provided card public key.
      Parameters:
      cardPublicKey - The card public key.
      Throws:
      AsymmetricCryptoException - If the provided public key value is not compliant with the current elliptic curve or if an error occurs during the initialization.
      Since:
      0.2.0

    • updateTerminalPkiSession

      void updateTerminalPkiSession(byte[] cardApdu) throws AsymmetricCryptoException
      Updates the session signature verification engine with data sent or received from the card as a byte array.

      In the case of ingoing data, the input length must be >= 5.

      In the case of outgoing data, the input length must be >= 2.

      Parameters:
      cardApdu - The APDU bytes exchanged with the card (ingoing or outgoing).
      Throws:
      AsymmetricCryptoException - If an error occurs while updating the session.
      Since:
      0.2.0

    • isCardPkiSessionValid

      boolean isCardPkiSessionValid(byte[] cardSessionSignature) throws AsymmetricCryptoException
      Verifies the provided secure session signature (a 64-byte byte array) from the previously initialized and updated context.
      Parameters:
      cardSessionSignature - The card signature.
      Returns:
      True if the signature is valid, false otherwise.
      Throws:
      AsymmetricCryptoException - If an error occurs while verifying the signature.
      Since:
      0.2.0