OpenCard  
 
OCF, the OpenCard Framework is a standard Java framework for working with Smart Cards.  
 

com.ibm.opencard.access
Class MFC41SecureMessenger

java.lang.Object
  |
  +--com.ibm.opencard.access.MFCSecurityHelper
        |
        +--com.ibm.opencard.access.MFCSecureMessenger
              |
              +--com.ibm.opencard.access.MFC41SecureMessenger
public class MFC41SecureMessenger
extends MFCSecureMessenger

A combined protector and encryptor using ISO secure messaging. ISO secure messaging is supported by MFC 4.1 and above smartcards.

Version:
$Id: MFC41SecureMessenger.java,v 1.1 1999/12/02 16:06:00 damke Exp $

Fields inherited from class com.ibm.opencard.access.MFCSecureMessenger
phase_cred, phase_expected, phase_random, process_response, zero_icv
 
Constructor Summary
MFC41SecureMessenger(MFCCodes codes)
           
 
Method Summary
 CommandAPDU enterEncryption(MFCCardChannel channel, MFCCommandAPDU command, int number)
          Enters an encryption phase.
 CommandAPDU enterProtection(MFCCardChannel channel, MFCCommandAPDU command, int number)
          Enters a protection phase.
 ResponseAPDU leaveEncryption(ResponseAPDU response)
          Leaves an encryption phase.
 ResponseAPDU leaveProtection(ResponseAPDU response)
          Leaves a protection phase.
 
Methods inherited from class com.ibm.opencard.access.MFCSecureMessenger
abortEncryption, abortProtection, finishPhase, prepareResponse
 
Methods inherited from class com.ibm.opencard.access.MFCSecurityHelper
getMFCCodes, lookupSecureCredential, lookupSignCredential, provideRandom, requestRandom, setCredentials
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

MFC41SecureMessenger

public MFC41SecureMessenger(MFCCodes codes)
Method Detail

enterProtection

public CommandAPDU enterProtection(MFCCardChannel channel,
                                   MFCCommandAPDU command,
                                   int number)
                            throws CardServiceUnexpectedResponseException,
                                   CardTerminalException
Enters a protection phase. For an exhaustive description of protection phases, see the interface MFCProtector for which this method is required.
Parameters:
channel - how to contact the smartcard
command - the APDU to compute a MAC for
number - identifier of the protection key
Returns:
the command APDU to send to the card, including a MAC if required
Throws:
CardServiceUnexpectedResponseException - A command sent to the smartcard failed.
CardTerminalException - The terminal failed sending a command to the smartcard.
Overrides:
enterProtection in class MFCSecureMessenger
See Also:
MFCProtector, leaveProtection(opencard.core.terminal.ResponseAPDU)

leaveProtection

public ResponseAPDU leaveProtection(ResponseAPDU response)
                             throws CardServiceUnexpectedResponseException,
                                    CardServiceInvalidCredentialException
Leaves a protection phase. For an exhaustive description of protection phases, see the interface MFCProtector for which this method is required. This method expects that the response's status is ok. It may not be invoked with an error or null response APDU.
Parameters:
response - the APDU received from the smartcard
Returns:
the smartcard's response, without the MAC
Throws:
CardServiceUnexpectedResponseException - The response to verify has a bad message format.
CardServiceInvalidCredentialException - The response to verify is not authentic.
Overrides:
leaveProtection in class MFCSecureMessenger
See Also:
MFCProtector, enterProtection(com.ibm.opencard.service.MFCCardChannel, com.ibm.opencard.service.MFCCommandAPDU, int)

enterEncryption

public CommandAPDU enterEncryption(MFCCardChannel channel,
                                   MFCCommandAPDU command,
                                   int number)
                            throws CardServiceUnexpectedResponseException,
                                   CardTerminalException
Enters an encryption phase. Encryption phases are similiar to protection phases. For an exhaustive description of protection phases, see the interface MFCProtector. The interface MFCEncryptor, for which this method is required, has a similiar structure.
Parameters:
channel - how to contact the smartcard
command - the APDU to encrypt (potentially)
number - identifier of the encryption key
Returns:
the command APDU to send to the card, including a MAC if required
Throws:
CardServiceUnexpectedResponseException - A command sent to the smartcard failed.
CardTerminalException - The terminal failed sending a command to the smartcard.
Overrides:
enterEncryption in class MFCSecureMessenger
See Also:
MFCProtector, MFCEncryptor, leaveEncryption(opencard.core.terminal.ResponseAPDU), MFCSecureMessenger.abortEncryption()

leaveEncryption

public ResponseAPDU leaveEncryption(ResponseAPDU response)
                             throws CardServiceUnexpectedResponseException,
                                    CardServiceInvalidCredentialException
Leaves an encryption phase. Encryption phases are similiar to protection phases, which are described exhaustively in the interface MFCProtector. The interface MFCEncryptor, for which this method is required, has the same structure.
This method expects that the response's status is ok. It may not be invoked with an error or null response APDU.
Parameters:
response - the APDU received from the smartcard
Returns:
the smartcard's unencrypted response
Throws:
CardServiceUnexpectedResponseException - The response to decrypt has a bad message format.
CardServiceInvalidCredentialException - The response to decrypt is not authentic.
Overrides:
leaveEncryption in class MFCSecureMessenger
See Also:
MFCProtector, MFCEncryptor, enterEncryption(com.ibm.opencard.service.MFCCardChannel, com.ibm.opencard.service.MFCCommandAPDU, int)