com.ibm.opencard.signature
Class MFC40SignatureImpl
java.lang.Object
|
+--com.ibm.opencard.signature.MFC40SignatureImpl
- Direct Known Subclasses:
- MFC421SignatureImpl
- public class MFC40SignatureImpl
- extends java.lang.Object
- implements MFCSignatureImpl
Helper class for implementation of a signature card service for MFC 4.0
and compatible.
Send APDUs to the card. The methods that send APDUs are synchronized
simply to reuse the APDU buffers.
- Version:
- $Id: MFC40SignatureImpl.java,v 1.1 1999/12/02 16:06:08 damke Exp $
- See Also:
SignatureCardService,
MFCSignatureService
|
Method Summary |
void |
assertSignDataAlgorithm(java.lang.String alg)
Assert that a specific signature service implementation supports a signature algorithm.
|
void |
assertSignHashAlgorithm(java.lang.String alg)
Assert that a specific signature service implementation supports a signature algorithm.
|
void |
assertSignPadAlgorithm(java.lang.String alg)
Assert that a specific signature service implementation supports a padding algorithm. |
void |
calculateHash(MFCCardChannel channel,
MFCKeyInfo ki,
byte[] bytes)
send calculate hash commmand.
|
protected MFCCommandAPDU |
getGenSigAPDU(MFCKeyInfo ki,
byte[] data)
return command APDU for generate signature command |
protected MFCCommandAPDU |
getHashAPDU(MFCKeyInfo ki,
byte[] data,
int offset,
int length,
boolean finish)
get APDU for prepare or finish hash stage of calculate hash command
Note: the block length must be less then the maximum effective data length of the card |
protected CommandAPDU |
getKeyInfoAPDU(int keyNr,
boolean isPrivate)
APDUs used by the service implementation are reused |
protected MFCCommandAPDU |
getVerifyAPDU(MFCKeyInfo ki,
byte[] signature,
byte[] data)
return command APDU for verify signature command |
MFCKeyInfo |
readKeyInfo(MFCCardChannel channel,
int keyNr,
MFCKeyInfoRParser parser,
boolean privateKey)
execute command 'read key info' and return an object describing the key |
byte[] |
sign(MFCCardChannel channel,
MFCKeyInfo ki,
byte[] bytes)
send generate signature command |
boolean |
verify(MFCCardChannel channel,
MFCKeyInfo ki,
byte[] signature,
byte[] data)
send verify signature command |
| Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
mfcCodes
protected MFCSigCodes mfcCodes
- The CLAss and INStruction bytes for commands.
MFC40SignatureImpl
public MFC40SignatureImpl(MFCSigCodes codes)
- Instantiates a new signature card service implementation.
- Parameters:
codes - the command codes for the MFC card to support
assertSignDataAlgorithm
public void assertSignDataAlgorithm(java.lang.String alg)
throws CardServiceInabilityException
- Assert that a specific signature service implementation supports a signature algorithm.
The MFC 4.0 card only supports "SHA-1/RSA".
- Specified by:
- assertSignDataAlgorithm in interface MFCSignatureImpl
- Parameters:
alg - The standard algorithm name.- Throws:
- CardServiceInabilityException - Thrown if the algorithm is not supported.
assertSignHashAlgorithm
public void assertSignHashAlgorithm(java.lang.String alg)
throws CardServiceInabilityException
- Assert that a specific signature service implementation supports a signature algorithm.
The MFC 4.0 card only supports "RSA".
- Specified by:
- assertSignHashAlgorithm in interface MFCSignatureImpl
- Parameters:
alg - The standard algorithm name.- Throws:
- CardServiceInabilityException - Thrown if the algorithm is not supported.
assertSignPadAlgorithm
public void assertSignPadAlgorithm(java.lang.String alg)
throws CardServiceInabilityException
- Assert that a specific signature service implementation supports a padding algorithm.
- Specified by:
- assertSignPadAlgorithm in interface MFCSignatureImpl
- Parameters:
alg - The padding algorithm name.
The MFC 4.0 supports
ISO9796
PKCS#1
ZEROPADDING- Throws:
- CardServiceInabilityException - Thrown if the algorithm is not supported.
calculateHash
public void calculateHash(MFCCardChannel channel,
MFCKeyInfo ki,
byte[] bytes)
throws CardServiceException,
CardTerminalException
- send calculate hash commmand.
The hash is not returned from the card but used in the next step to generate a signature on the hash.
- Specified by:
- calculateHash in interface MFCSignatureImpl
- Parameters:
channel - com.ibm.opencard.service.MFCCardChannelki - com.ibm.opencard.signature.MFCKeyInfobytes - the data for which the hash is to be calculated- Throws:
- CardServiceException - any subclass of CardServiceException
- CardTerminalException - any subclass of CardTerminalException
getGenSigAPDU
protected MFCCommandAPDU getGenSigAPDU(MFCKeyInfo ki,
byte[] data)
throws CardServiceInvalidParameterException
- return command APDU for generate signature command
- Parameters:
ki - key info of the key to be useddata - byte[]- Returns:
- com.ibm.opencard.service.MFCCommandAPDU
- Throws:
- CardServiceInvalidParameterException - maximum input block length exceeded
getHashAPDU
protected MFCCommandAPDU getHashAPDU(MFCKeyInfo ki,
byte[] data,
int offset,
int length,
boolean finish)
- get APDU for prepare or finish hash stage of calculate hash command
Note: the block length must be less then the maximum effective data length of the card
- Parameters:
ki - key info of the key to be useddata - the data to be hashedoffset - offset into data for the current blocklength - length of current blockfinish - if set to false, return a prepare hash command APDU,
if set to true, return a finish hash command APDU.- Returns:
- com.ibm.opencard.service.MFCCommandAPDU
getKeyInfoAPDU
protected CommandAPDU getKeyInfoAPDU(int keyNr,
boolean isPrivate)
- APDUs used by the service implementation are reused
- Returns:
- opencard.core.terminal.CommandAPDU
getVerifyAPDU
protected MFCCommandAPDU getVerifyAPDU(MFCKeyInfo ki,
byte[] signature,
byte[] data)
throws CardServiceInvalidParameterException
- return command APDU for verify signature command
- Parameters:
ki - key info of the key to be useddata - byte[]- Returns:
- com.ibm.opencard.service.MFCCommandAPDU
- Throws:
- CardServiceInvalidParameterException - maximum input block length exceeded
readKeyInfo
public MFCKeyInfo readKeyInfo(MFCCardChannel channel,
int keyNr,
MFCKeyInfoRParser parser,
boolean privateKey)
throws CardServiceException,
CardTerminalException
- execute command 'read key info' and return an object describing the key
- Specified by:
- readKeyInfo in interface MFCSignatureImpl
- Parameters:
channel - MFCCardChannelkeyNr - the key numberparser - the key info response parserprivateKey - info is requested for private key?- Returns:
- MFCKeyInfo
- Throws:
- CardServiceException - any subclass of CardServiceException
- CardTerminalException - any subclass of CardTerminalException
sign
public byte[] sign(MFCCardChannel channel,
MFCKeyInfo ki,
byte[] bytes)
throws CardServiceException,
CardTerminalException
- send generate signature command
- Specified by:
- sign in interface MFCSignatureImpl
- Parameters:
channel - com.ibm.opencard.service.MFCCardChannelki - the key must not be a hash-only keybytes - byte[] the hash/message digest to be signed.
If this parameter is null, the previous method must have been calculateHash()- Returns:
- The signature.
- Throws:
- CardServiceException - any subclass of CardServiceException
- CardTerminalException - any subclass of CardTerminalException
verify
public boolean verify(MFCCardChannel channel,
MFCKeyInfo ki,
byte[] signature,
byte[] data)
throws CardServiceException,
CardTerminalException
- send verify signature command
- Specified by:
- verify in interface MFCSignatureImpl
- Parameters:
channel - com.ibm.opencard.service.MFCCardChannelki - the key used for the algorithmsignature - the signature to be verifiedbytes - byte[] the hash/message digest to be signed.
If this parameter is null, the previous method must have been calculateHash()- Returns:
- true if the verification succeeded
- Throws:
- CardServiceException - any subclass of CardServiceException
- CardTerminalException - any subclass of CardTerminalException
|
