Package de.cardcontact.opencard.eac

Interface TerminalAuthenticationSigner

All Known Implementing Classes:

SoftTASigner

public interface TerminalAuthenticationSigner

Interface to a Terminal Authentication Signer This interface is modeled as per BSI TR-03129. In difference to TR-03129 the raw signature input is provided rather than the hash value.

Author:

asc

Method Summary

Modifier and Type	Method	Description
byte[][]	getCertificateChain(java.lang.String keyCAR)	Return a list of Card Verifiable Certificates, starting with the certificate that can verified by the public key referenced in parameter keyCAR and ending with the certificate that is issued to the terminal authentication signer in use.
byte[]	getTASignature(byte[] dataTBS, java.lang.String keyCHR)	Calculate a signature over the data to be signed using the terminal authentication key identified by keyCHR.

Method Detail

getCertificateChain

byte[][] getCertificateChain(java.lang.String keyCAR)

Return a list of Card Verifiable Certificates, starting with the certificate that can verified by the public key referenced in parameter keyCAR and ending with the certificate that is issued to the terminal authentication signer in use.

Parameters:

keyCAR - the Certificate Holder Reference (CAR) of the public key in the card that can be directly used to verify a certificate. This is typically a root or link certificate or a DVCA certificate that was already verified by the card.

Returns:

the list of CVCs.

getTASignature

byte[] getTASignature(byte[] dataTBS,
                      java.lang.String keyCHR)

Calculate a signature over the data to be signed using the terminal authentication key identified by keyCHR. The signature must be return in a format suitable for presentation to the card, i.e. in R|S format for ECDSA. The hash algorithm is determined by the terminal authentication signer.

Parameters:

dataTBS - the input for the hash and the signature operation

keyCHR - the terminal authentication key

Returns:

the signature