Class GPSCP03
Defined in: GPSCP03.js.
| Constructor Attributes | Constructor Name and Description |
|---|---|
|
GPSCP03(crypto, kenc, kmac, kdek, )
Class implementing support for Global Platform SCP03 secure messaging protocol
|
| Method Attributes | Method Name and Description |
|---|---|
|
Calculate host cryptogram using the key derive method
|
|
|
deriveKey(key, ddc, size, context)
Derive a session key or cryptogram
|
|
|
Derive S-ENC, S-MAC and S-RMAC session keys
|
|
|
Determine random or pseudo-random card challenge
|
|
|
externalAuthenticate(card, level, hostCryptogram)
Issue EXTERNAL AUTHENTICATE command to card.
|
|
|
handleInitializeUpdate(hostCryptogram)
Handle processing of INITIALIZE UPDATE command
|
|
|
handlePutKey(cdata)
Handle processing of PUT KEY command
|
|
|
initializeUpdate(card, keyVersion, keyId)
Issue INITIALIZE UPDATE command to card and parse response
|
|
| <static> |
GPSCP03.parseKeyDataField(keyDataField)
Extract a key data field from C-Data in a PUT KEY APDU
|
|
prepareKeyBlock(dek, key)
Encrypt key and prepare key block for PUT KEY command
|
|
|
reset()
Reset the internal state
|
|
|
setKeyInfo(version, parami)
Set the key version and protocol parameter
|
|
|
setSequenceCounter(cnt)
Set the sequence number for pseudo-random card challenges
|
|
| <static> |
GPSCP03.stripPadding(the)
Strip the ISO padding from dechipered cryptogram
|
|
unwrap(apduToUnwrap, usageQualifier)
Called by the secure messaging wrapper to unwrap the response APDU
|
|
|
unwrapCommandAPDU(apdu)
Counterpart to wrap and meant to be used in a simulator
|
|
|
validateKeyBlock(keyblob)
Decrypt and validate key blob containing AES key wrapped with DEK
|
|
|
Verify card cryptogram
|
|
|
wrap(apduToWrap, usageQualifier)
Called by the secure messaging wrapper to wrap the command APDU
|
|
|
wrapResponseAPDU(apdu)
Counterpart to unwrap and meant to be used in a simulator
|
Class Detail
GPSCP03(crypto, kenc, kmac, kdek, )
Class implementing support for Global Platform SCP03 secure messaging protocol
- Parameters:
- {Crypto} crypto
- the crypto provider
- {Key} kenc
- the static secure channel encryption key
- {Key} kmac
- the static secure channel message authentication code key
- {Key} kdek
- the static data encryption key
- {ByteString) aid the AID to use for challenge calculation
Method Detail
{ByteString}
calculateHostCryptogram()
Calculate host cryptogram using the key derive method
- Returns:
- the 8 byte cryptogram
{ByteString}
deriveKey(key, ddc, size, context)
Derive a session key or cryptogram
- Parameters:
- {Key} key
- the master key
- {Number} ddc
- the data derivation constant
- {Number} size
- the size of byte of the resulting key or cryptogram
- {ByteString} context
- the context (usually hostChallenge || cardChallenge)
- Returns:
- the derived value
deriveSessionKeys()
Derive S-ENC, S-MAC and S-RMAC session keys
determineCardChallenge()
Determine random or pseudo-random card challenge
externalAuthenticate(card, level, hostCryptogram)
Issue EXTERNAL AUTHENTICATE command to card.
- Parameters:
- {Card} card
- the card to use
- {Number} level
- the security level (a combination of bits B5 (R-ENC), B4 (R-MAC), B2 (C-ENC) and B1 (C-MAC))
- {ByteString} hostCryptogram
- optional parameter, calculated internally if missing
handleInitializeUpdate(hostCryptogram)
Handle processing of INITIALIZE UPDATE command
- Parameters:
- {ByteString} hostCryptogram
- the cryptogram calculated at the host
handlePutKey(cdata)
Handle processing of PUT KEY command
- Parameters:
- {ByteString} cdata
- the C-Data field of the APDU
initializeUpdate(card, keyVersion, keyId)
Issue INITIALIZE UPDATE command to card and parse response
- Parameters:
- {Card} card
- the card to use
- {Number} keyVersion
- the version of the key to use (0 for default)
- {Number} keyId
- the key id to use (usually 0)
<static>
{ByteString}
GPSCP03.parseKeyDataField(keyDataField)
Extract a key data field from C-Data in a PUT KEY APDU
- Parameters:
- {ByteString} keyDataField
- the list of key data fields
- Returns:
- the extracted key data
{ByteString}
prepareKeyBlock(dek, key)
Encrypt key and prepare key block for PUT KEY command
- Parameters:
- {Key} dek
- the data encryption key
- {Key} key
- the key to wrap
- Returns:
- the key type, length, cryptogram and key check value
reset()
Reset the internal state
setKeyInfo(version, parami)
Set the key version and protocol parameter
- Parameters:
- {Number} version
- the key version indicated in INITIALIZE_UPDATE
- {Number} parami
- the i parameter for the SCP03 protocol (Default '00')
setSequenceCounter(cnt)
Set the sequence number for pseudo-random card challenges
- Parameters:
- {ByteString} cnt
- the last used counter value
<static>
{ByteString}
GPSCP03.stripPadding(the)
Strip the ISO padding from dechipered cryptogram
- Parameters:
- {ByteString} the
- plain text with padding
- Returns:
- the plain text without padding
unwrap(apduToUnwrap, usageQualifier)
Called by the secure messaging wrapper to unwrap the response APDU
- Parameters:
- apduToUnwrap
- usageQualifier
unwrapCommandAPDU(apdu)
Counterpart to wrap and meant to be used in a simulator
- Parameters:
- apdu
{Key}
validateKeyBlock(keyblob)
Decrypt and validate key blob containing AES key wrapped with DEK
- Parameters:
- {ByteString} keyblob
- the wrapped key
- Returns:
- the unwrapped key
{boolean}
verifyCardCryptogram()
Verify card cryptogram
- Returns:
- true if cryptogram is valid
wrap(apduToWrap, usageQualifier)
Called by the secure messaging wrapper to wrap the command APDU
- Parameters:
- apduToWrap
- usageQualifier
wrapResponseAPDU(apdu)
Counterpart to unwrap and meant to be used in a simulator
- Parameters:
- apdu