com.ibm.opencard.access
Interface MFCEncryptor
- All Known Implementing Classes:
- MFCSecureMessenger
- public abstract interface MFCEncryptor
The encryptor encrypts and decrypts APDUs exchanged with a MFC smartcard.
It is one of the helpers of MFCCardAccessor. Encryption and
decryption requires keys, which have to be provided by the application
as instances of MFCCredential.
Encryption and decryption requires exchanging APDUs with the smartcard.
Since the commands for this purpose may be card-specific, this is only
an interface that has to be implemented by a card-specific class.
The protocol for encryption and decryption is very much like the one for
protection of commands and responses. This interface is therefore similiar
to MFCProtector. The description of that interface is exhaustive,
while the description here focuses on the differences between the protocols.
- Version:
- $Id: MFCEncryptor.java,v 1.1 1999/12/02 16:06:01 damke Exp $
- See Also:
MFCCardAccessor,
MFCCredential,
MFCProtector
setCredentials
public void setCredentials(MFCCredentialSet credentials)
- Passes the accessor's credential set.
This method is invoked by MFCCardAccessor once, before any
other method in this interface is invoked. See the corresponding method
in MFCProtector for details.
- Parameters:
credentials - the set of available credentials- See Also:
MFCCardAccessor,
MFCProtector.setCredentials(com.ibm.opencard.access.MFCCredentialSet)
enterEncryption
public CommandAPDU enterEncryption(MFCCardChannel channel,
MFCCommandAPDU command,
int number)
throws CardServiceUnexpectedResponseException,
CardTerminalException
- Prepares the execution of an encrypted command.
An invocation of this method enters an encryption phase. Encryption
phases are similiar to protection phases. See MFCProtector
for details.
- Parameters:
channel - how to contact the smartcardcommand - the APDU to encrypt (potentially)number - identifier of the encryption key- Returns:
- the command APDU to send to the card, encrypted if required
- Throws:
- CardServiceUnexpectedResponseException - A command sent to the smartcard failed.
- CardTerminalException - The terminal failed sending a command to the smartcard.
- See Also:
leaveEncryption(opencard.core.terminal.ResponseAPDU),
abortEncryption(),
MFCProtector,
MFCProtector.enterProtection(com.ibm.opencard.service.MFCCardChannel, com.ibm.opencard.service.MFCCommandAPDU, int)
leaveEncryption
public ResponseAPDU leaveEncryption(ResponseAPDU response)
throws CardServiceUnexpectedResponseException,
CardServiceInvalidCredentialException
- Finishes the execution of an encrypted command.
An invocation of this method leaves an encryption phase.
The smartcard's response is decrypted, if necessary.
- Parameters:
response - the APDU received from the smartcard- Returns:
- the smartcard's unencrypted response
- Throws:
- CardServiceUnexpectedResponseException - The response to decrypt has a bad message format.
- CardServiceInvalidCredentialException - The response to decrypt is not authentic.
- See Also:
enterEncryption(com.ibm.opencard.service.MFCCardChannel, com.ibm.opencard.service.MFCCommandAPDU, int),
MFCProtector.leaveProtection(opencard.core.terminal.ResponseAPDU)
abortEncryption
public void abortEncryption()
- Cancels the execution of an encrypted command.
This method is invoked if an error occured while the command was
executed. It is similiar to leaveEncryption, except that
there is no response to decrypt. The internal state of the encryptor
will be reset to prepare for the next phase.
- See Also:
enterEncryption(com.ibm.opencard.service.MFCCardChannel, com.ibm.opencard.service.MFCCommandAPDU, int),
leaveEncryption(opencard.core.terminal.ResponseAPDU),
MFCProtector.abortProtection()
|
