Class EAC20
- java.lang.Object
-
- de.cardcontact.opencard.service.eac20.EAC20
-
public class EAC20 extends java.lang.Object
Class implementing an EAC2.0 service. At this time only the SmartCardHSMCardService is supported.- Author:
- lew
-
-
Constructor Summary
Constructors Constructor Description EAC20(SmartCardHSMCardService hsms, java.security.interfaces.ECPublicKey devAuthPK)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description byte[]
encodePublicKey()
Encode public key to EAC 2.0 formatSecureChannelCredential
getCredential()
static java.security.spec.ECParameterSpec
getECParameterSpecforBrainpoolP256r1()
SecureChannelCredential
performChipAuthentication()
Perform chip authentication and establish a secure channelprotected static byte[]
unsignedBigIntegerToByteArray(java.math.BigInteger bi, int size)
Convert unsigned big integer into byte array, stripping of a leading 00 byte This conversion is required, because the Java BigInteger is a signed value, whereas the byte arrays containing key components are unsigned by defaultboolean
verifyAuthenticationToken(byte[] authToken)
Calculate and verify the authentication token over the public key received from the other side
-
-
-
Constructor Detail
-
EAC20
public EAC20(SmartCardHSMCardService hsms, java.security.interfaces.ECPublicKey devAuthPK)
- Parameters:
hsms
- SmartCardHSMCardServicedevAuthPK
- device authentication public key
-
-
Method Detail
-
getECParameterSpecforBrainpoolP256r1
public static java.security.spec.ECParameterSpec getECParameterSpecforBrainpoolP256r1()
-
performChipAuthentication
public SecureChannelCredential performChipAuthentication() throws CardServiceException, CardTerminalException
Perform chip authentication and establish a secure channel- Returns:
- IsoSecureChannelCredential
- Throws:
CardTerminalException
CardServiceException
-
getCredential
public SecureChannelCredential getCredential()
-
verifyAuthenticationToken
public boolean verifyAuthenticationToken(byte[] authToken)
Calculate and verify the authentication token over the public key received from the other side- Parameters:
authToken
- the MAC over the authentication data- Returns:
- true if the MAC is valid
-
encodePublicKey
public byte[] encodePublicKey()
Encode public key to EAC 2.0 format- Returns:
- the encoded public key
- Throws:
TLVEncodingException
-
unsignedBigIntegerToByteArray
protected static byte[] unsignedBigIntegerToByteArray(java.math.BigInteger bi, int size)
Convert unsigned big integer into byte array, stripping of a leading 00 byte This conversion is required, because the Java BigInteger is a signed value, whereas the byte arrays containing key components are unsigned by default- Parameters:
bi
- BigInteger value to be convertedsize
- Number of bits- Returns:
- Byte array containing unsigned integer value
-
-