Class CVC

Object
   |
   +--CVC

class CVC

Class implementing a decoder for card verifiable certificates or requests according to Extended Access Control (EAC) as defined in BSI TR-03110 1.11 and 2.02.
Defined in cvc.js

Field Detail

asn

Object asn

bin

Object bin

body

Object body

ATRIGHTS

<static> Object ATRIGHTS

Table of rights description for id-AT

id_TA_ECDSA

<static> Object id_TA_ECDSA

TA constants

id_TA_ECDSA_SHA_1

<static> Object id_TA_ECDSA_SHA_1

id_TA_ECDSA_SHA_224

<static> Object id_TA_ECDSA_SHA_224

id_TA_ECDSA_SHA_256

<static> Object id_TA_ECDSA_SHA_256

id_TA_ECDSA_SHA_384

<static> Object id_TA_ECDSA_SHA_384

id_TA_ECDSA_SHA_512

<static> Object id_TA_ECDSA_SHA_512

id_TA_RSA_PSS_SHA_1

<static> Object id_TA_RSA_PSS_SHA_1

id_TA_RSA_PSS_SHA_256

<static> Object id_TA_RSA_PSS_SHA_256

id_TA_RSA_PSS_SHA_512

<static> Object id_TA_RSA_PSS_SHA_512

id_TA_RSA_v1_5_SHA_1

<static> Object id_TA_RSA_v1_5_SHA_1

id_TA_RSA_v1_5_SHA_256

<static> Object id_TA_RSA_v1_5_SHA_256

id_TA_RSA_v1_5_SHA_512

<static> Object id_TA_RSA_v1_5_SHA_512

idAT

<static> Object idAT

idIS

<static> Object idIS

idSC_HSM

<static> Object idSC_HSM

idST

<static> Object idST

ISRIGHTS

<static> Object ISRIGHTS

Table of rights description for id-IS

OBJECTNAMES

<static> Object OBJECTNAMES

Table of tag names

STRIGHTS

<static> Object STRIGHTS

Table of rights description for id-ST

TAG_AT

<static> Object TAG_AT

Authentication Template

TAG_BODY

<static> Object TAG_BODY

Certificate Body

TAG_CAR

<static> Object TAG_CAR

Certification Authority Reference

TAG_CED

<static> Object TAG_CED

Certificate Effective Date

TAG_CHAT

<static> Object TAG_CHAT

Certificate Holder Authorisation Template

TAG_CHR

<static> Object TAG_CHR

Certificate Holder Reference

TAG_CPI

<static> Object TAG_CPI

Certificate Profile Identifier

TAG_CVC

<static> Object TAG_CVC

CV Certificate

TAG_CXD

<static> Object TAG_CXD

Certificate Expiration Date

TAG_ECC_A

<static> Object TAG_ECC_A

First coefficient a

TAG_ECC_B

<static> Object TAG_ECC_B

Second coefficient b

TAG_ECC_G

<static> Object TAG_ECC_G

Base Point G

TAG_ECC_H

<static> Object TAG_ECC_H

Cofactor f

TAG_ECC_N

<static> Object TAG_ECC_N

Order of the base point

TAG_ECC_P

<static> Object TAG_ECC_P

Prime Modulus

TAG_ECC_Q

<static> Object TAG_ECC_Q

Public Point y

TAG_EXTN

<static> Object TAG_EXTN

Certificate Extension

TAG_PUK

<static> Object TAG_PUK

Public Key

TAG_SIG

<static> Object TAG_SIG

Signature

CVC

CVC()

Create a CVC object from a DER encoded ByteString.

Parameters:
param - the DER encoded certificate

containsDomainParameter

boolean containsDomainParameter()

Return true of the certificate contains domain parameter

Returns:
true, if certificate contains domain parameter

decorate

void decorate()

Decorate the ASN.1 object with the correct name

getASN1

ASN1 getASN1()

Returns the certificate as ASN1 structure

Returns:
the certificate as ASN1 structure

getBytes

ByteString getBytes()

Returns the encoded certificate

Returns:
the DER encoded certificate

getCAR

PublicKeyReference getCAR()

Returns the certification authority reference (CAR).

Returns:
the CAR or null

getCED

Date getCED()

Returns the certificate effective date (CED).

Returns:
the CED or null

getCHAT

ASN1 getCHAT()

Returns the extension identified by the object identifier.

Returns:
the extension including the OID or null if not defined

getCHR

PublicKeyReference getCHR()

Returns the certificate holder reference (CHR).

Returns:
the CHR

getCXD

Date getCXD()

Returns the certificate expiration date (CXD).

Returns:
the CXD or null

getECPublicKey

Key getECPublicKey(<Key> domParam)

Returns the EC public key contained in the certificate.

Parameters:
domParam - optional domain parameter if they are not contained in certificate

Returns:
the public key object

getExtension

ASN1 getExtension(extoid)

Returns the extension identified by the object identifier.

Returns:
the extension including the OID or null if not defined

getOuterCAR

PublicKeyReference getOuterCAR()

Returns the outer certification authority reference (CAR).

Returns:
the outer CAR or null

getPublicKey

Key getPublicKey(<Key> domParam)

Returns the public key contained in the certificate.

Parameters:
domParam - optional domain parameter if they are not contained in certificate

Returns:
the public key object

getPublicKeyOID

ByteString getPublicKeyOID()

Returns the public key object identifier

Returns:
the object identifier assigned to the public key

getRightsAsList

String[] getRightsAsList()

Return list of rights granted by the certificate

Returns:
the list of rights

getRSAPublicKey

Key getRSAPublicKey()

Returns the RSA public key contained in the certificate.

Returns:
the public key object

getType

String getType()

Return a string describing the certificate type

Returns:
a describing string

isAuthenticatedRequest

Boolean isAuthenticatedRequest()

Determine if this is an authenticated request

Returns:
true, if authenticated request

isCertificateRequest

Boolean isCertificateRequest()

Determine if this is a certificate request

Returns:
true, if certificate request

isCountersignedRequest

Boolean isCountersignedRequest()

Determine if this is a countersigned authenticated request

Returns:
true, if countersigned authenticated request

isExpired

Boolean isExpired()

Determine if this certificate is expired

Returns:
true, if certificate is expired

toString

String toString()

Return a textual description of the certificate

Returns:
a string containing information about the certificate

verifyATWith

Boolean verifyATWith(crypto, <Key> puk, <ByteString> oid)

Verify outer signature of an authenticated request with public key

Parameters:
puk - the public key
oid - the signature algorithm

Returns:
true if the signature is valid

verifyATWithCVC

Boolean verifyATWithCVC(crypto, <CVC> cvc)

Verify outer signature of an authenticated request with public key from card verifiable certificate

Parameters:
cvc - the card verifiable certificate used to obtain the public key

Returns:
true if the signature is valid

verifyWith

Boolean verifyWith(crypto, <Key> puk, <ByteString> oid)

Verify certificate signature with public key

Parameters:
puk - the public key
oid - the signature algorithm

Returns:
true if the signature is valid

verifyWithCVC

Boolean verifyWithCVC(crypto, <CVC> cvc)

Verify certificate signature with public key from card verifiable certificate

Parameters:
cvc - the card verifiable certificate used to obtain the public key

Returns:
true if the signature is valid

decodeECPublicKey

<static> void decodeECPublicKey(<ASN1> pdo, <Key> key)

Decode a public key from the TR-03110 format

Parameters:
pdo - the public key data object
key - the key object to fill

decorateTree

<static> void decorateTree(node)

Function to recursively walk the ASN.1 tree

getHashMech

<static> Number getHashMech(<ByteString> oid)

Return hash mechanism for object identifier

Parameters:
oid - the object identifer from the public key object

Returns:
the hash mechanism as Crypto. constant or -1 if not defined

getSignatureMech

<static> Number getSignatureMech(<ByteString> oid)

Return signature mechanism for object identifier

Parameters:
oid - the object identifer from the public key object

Returns:
the signature mechanism as Crypto. constant or -1 if not defined

isECDSA

<static> boolean isECDSA(oid)

Return true of the object identifier starts with id-TA-ECDSA

Returns:
true, if ECDSA based OID