From bced6c1c741cb2e5423d06c673571950f57aacab Mon Sep 17 00:00:00 2001 From: Andrei Cristea Date: Tue, 23 Jan 2024 14:46:34 +0100 Subject: [PATCH] update 2.1.0-SNAPSHOT --- 2.1.0-SNAPSHOT/api_class_diagram.puml | 32 ++-------- 2.1.0-SNAPSHOT/api_class_diagram.svg | 2 +- ...e_diagram_asymmetric_security_setting.puml | 59 +++++++++++++++++++ ...ce_diagram_asymmetric_security_setting.svg | 1 + 4 files changed, 65 insertions(+), 29 deletions(-) create mode 100644 2.1.0-SNAPSHOT/api_sequence_diagram_asymmetric_security_setting.puml create mode 100644 2.1.0-SNAPSHOT/api_sequence_diagram_asymmetric_security_setting.svg diff --git a/2.1.0-SNAPSHOT/api_class_diagram.puml b/2.1.0-SNAPSHOT/api_class_diagram.puml index 38342fd..201fd88 100644 --- a/2.1.0-SNAPSHOT/api_class_diagram.puml +++ b/2.1.0-SNAPSHOT/api_class_diagram.puml @@ -79,7 +79,6 @@ package "calypso.card" as calypsoCard { +PkiPersonalizationTransactionManager createPkiPersonalizationTransactionManager (CardReader cardReader, CalypsoCard card) +SearchCommandData createSearchCommandData () - +CardCertParams createCardCertParams () } +enum WriteAccessLevel <> { PERSONALIZATION @@ -302,19 +301,6 @@ package "transaction" as transaction { +PkiPersonalizationTransactionManager prepareLoadCardCert (byte[] cardCert) +PkiPersonalizationTransactionManager prepareLoadCaCert (byte[] caCert) } - +interface "CardCertParams" as CardCertParams <> { - +CardCertParams useExternalSigner (CardCertProviderSpi cardCertProviderSpi) - +CardCertParams useInternalSigner (CardCertificateFactory cardCertificateFactory, byte[] issuerKeyPriv, byte[] issuerKeyReference) - - +CardCertParams useExistingCardKeyPair () - +CardCertParams generateCardKeyPair () - +CardCertParams useSpecificKeyPair (byte[] cardPriv, byte[] cardPub) - - +CardCertParams setCardAidSize (int aidSize) - +CardCertParams setCardIndex (int cardIndex) ??? - +CardCertParams setStartDate (int year, int month, int day) - +CardCertParams setEndDate (int year, int month, int day) - } +interface "SecureSymmetricCryptoTransactionManager" as SecureSymmetricCryptoTransactionManager> extends SecureTransactionManager { +T prepareOpenSecureSession (WriteAccessLevel writeAccessLevel) @@ -416,11 +402,6 @@ package "transaction" as transaction { } +interface "CardTransactionCryptoExtension" as CardTransactionCryptoExtension <> { } - +interface "CardCertProviderSpi" as CardCertProviderSpi <> { - +byte[] getIssuerKeyReference () - +byte[] createCardCert (byte[] allData) ??? - +byte[] createCardCert (byte[] data, byte[] recoverableData) ??? - } } } @@ -433,11 +414,6 @@ TransactionManager .up.> GetDataTag #C_USE : use > TransactionManager .left.> ChannelControl #C_USE : use > TransactionManager .right.> SearchCommandData #C_USE : use > -PkiPersonalizationTransactionManager ..> CardCertParams #C_USE : use > - -CardCertParams ..> CardCertProviderSpi #C_USE : use > -CardCertParams ..> CardCertificateFactory #C_USE : use > - SecureTransactionManager .....> CardTransactionCryptoExtension #C_LINK : provide > SecureSymmetricCryptoTransactionManager .up.> WriteAccessLevel #C_USE : use > @@ -473,12 +449,12 @@ FileHeader .up.> FileType #C_LINK : provide > ' == LAYOUT == 'SymmetricCryptoSecuritySetting -[hidden]- AsymmetricCryptoSecuritySetting -AsymmetricCryptoSecuritySetting -[hidden]---- RuntimeException +AsymmetricCryptoSecuritySetting -[hidden]left- RuntimeException AsymmetricCryptoCardTransactionManagerFactory -[hidden]- PcaCertificate -PcaCertificate -[hidden]- CaCertificate -CaCertificate -[hidden]- CaCertificateFactory -CaCertificateFactory -[hidden]- CardCertificateFactory +PcaCertificate -[hidden]right- CaCertificate +CaCertificate -[hidden]right- CaCertificateFactory +CaCertificateFactory -[hidden]right- CardCertificateFactory ' == STYLE == diff --git a/2.1.0-SNAPSHOT/api_class_diagram.svg b/2.1.0-SNAPSHOT/api_class_diagram.svg index 06a4e7a..c7a88e8 100644 --- a/2.1.0-SNAPSHOT/api_class_diagram.svg +++ b/2.1.0-SNAPSHOT/api_class_diagram.svg @@ -1 +1 @@ - Terminal Calypso Card API 2.1.+ (2024-01-16)Colors legend:Work in progress...External public API references:Calypsonet Terminal Reader APIcalypso.cardcardtransactionspifinalCalypsoCardApiPropertiesfinalString VERSIONCalypsoCardApiFactoryCalypsoCardSelectionExtension createCalypsoCardSelectionExtension () SymmetricCryptoSecuritySetting createSymmetricCryptoSecuritySetting (SymmetricCryptoCardTransactionManagerFactory cryptoCardTransactionManagerFactory)AsymmetricCryptoSecuritySetting createAsymmetricCryptoSecuritySetting (AsymmetricCryptoCardTransactionManagerFactory cryptoCardTransactionManagerFactory) FreeTransactionManager createFreeTransactionManager (CardReadercardReader, CalypsoCard card)SecureRegularModeTransactionManager createSecureRegularModeTransactionManager (CardReadercardReader, CalypsoCard card, SymmetricCryptoSecuritySetting securitySetting)SecureExtendedModeTransactionManager createSecureExtendedModeTransactionManager (CardReadercardReader, CalypsoCard card, SymmetricCryptoSecuritySetting securitySetting)SecurePkiModeTransactionManager createSecurePkiModeTransactionManager (CardReadercardReader, CalypsoCard card, AsymmetricCryptoSecuritySetting securitySetting)PkiPersonalizationTransactionManager createPkiPersonalizationTransactionManager (CardReadercardReader, CalypsoCard card) SearchCommandData createSearchCommandData ()CardCertParams createCardCertParams ()WriteAccessLevelPERSONALIZATIONLOADDEBITSelectFileControlFIRST_EFNEXT_EFCURRENT_DFGetDataTagFCP_FOR_CURRENT_FILEFCI_FOR_CURRENT_DFEF_LISTTRACEABILITY_INFORMATIONCARD_PUB ???CARD_CERT ???CA_CERT ???<<CardSelectionExtension>>CalypsoCardSelectionExtensionCalypsoCardSelectionExtension acceptInvalidatedCard () CalypsoCardSelectionExtension prepareSelectFile (short lid)CalypsoCardSelectionExtension prepareSelectFile (SelectFileControl selectControl) CalypsoCardSelectionExtension prepareGetData (GetDataTag tag) CalypsoCardSelectionExtension prepareReadRecord (byte sfi, int recordNumber)CalypsoCardSelectionExtension prepareReadBinary (byte sfi, int offset, int nbBytesToRead)CalypsoCardSelectionExtension prepareReadCounter (byte sfi, int nbCountersToRead) CalypsoCardSelectionExtension preparePreOpenSecureSession (WriteAccessLevel writeAccessLevel)CalypsoCardSelectionExtension preparePreOpenSecureSessionInPkiMode ()<<IsoSmartCard>>CalypsoCardProductType getProductType ()boolean isHce () boolean isDfInvalidated () byte[] getDfName ()byte[] getApplicationSerialNumber () byte[] getStartupInfoRawData ()byte getPlatform ()byte getApplicationType ()byte getApplicationSubtype ()byte getSoftwareIssuer ()byte getSoftwareVersion ()byte getSoftwareRevision ()byte getSessionModification () byte[] getTraceabilityInformation () byte[] getCardPublicKey () ???byte[] getCardCert () ???byte[] getCaCert () ??? DirectoryHeader getDirectoryHeader ()ElementaryFile getFileBySfi (byte sfi)ElementaryFile getFileByLid (short lid)Set<ElementaryFile> getFiles () boolean isDfRatified ()int getTransactionCounter () boolean isPkiModeSupported ()boolean isExtendedModeSupported ()boolean isRatificationOnDeselectSupported () boolean isPinFeatureAvailable ()boolean isPinBlocked ()int getPinAttemptRemaining () boolean isSvFeatureAvailable ()int getSvBalance ()int getSvLastTNum ()SvLoadLogRecord getSvLoadLogRecord ()SvDebitLogRecord getSvDebitLogLastRecord ()List<SvDebitLogRecord> getSvDebitLogAllRecords ()DirectoryHeadershort getLid ()Byte getDfStatus () byte[] getAccessConditions ()byte[] getKeyIndexes () byte getKif (WriteAccessLevel writeAccessLevel)byte getKvc (WriteAccessLevel writeAccessLevel)ElementaryFilebyte getSfi ()FileHeader getHeader ()FileData getData ()FileHeadershort getLid ()byte getDfStatus ()ElementaryFile.Type getEfType () int getRecordsNumber ()int getRecordSize () byte[] getAccessConditions ()byte[] getKeyIndexes () Short getSharedReference ()TypeLINEARBINARYCYCLICCOUNTERSSIMULATED_COUNTERSFileDatabyte[] getContent ()byte[] getContent (int numRecord)byte[] getContent (int numRecord, int dataOffset, int dataLength)SortedMap<Integer, byte[]> getAllRecordsContent () Integer getContentAsCounterValue (int numCounter)SortedMap<Integer, Integer> getAllCountersValue ()ProductTypePRIME_REVISION_1PRIME_REVISION_2PRIME_REVISION_3LIGHTBASICUNKNOWNSvLoadLogRecordbyte[] getRawData () byte[] getLoadDate ()byte[] getLoadTime () int getAmount ()int getBalance ()byte[] getFreeData () byte getKvc ()byte[] getSamId ()int getSamTNum ()int getSvTNum ()SvDebitLogRecordbyte[] getRawData () byte[] getDebitDate ()byte[] getDebitTime () int getAmount ()int getBalance () byte getKvc ()byte[] getSamId ()int getSamTNum ()int getSvTNum ()TransactionManagerT extends TransactionManager<T>T prepareSelectFile (short lid)T prepareSelectFile (SelectFileControl selectFileControl) T prepareGetData (GetDataTag tag) T prepareReadRecord (byte sfi, int recordNumber)T prepareReadRecords (byte sfi, int fromRecordNumber, int toRecordNumber, int recordSize)T prepareReadRecordsPartially (byte sfi, int fromRecordNumber, int toRecordNumber, int offset, int nbBytesToRead)T prepareReadBinary (byte sfi, int offset, int nbBytesToRead)T prepareReadCounter (byte sfi, int nbCountersToRead) T prepareSearchRecords (SearchCommandData data) T prepareCheckPinStatus () T prepareAppendRecord (byte sfi, byte[] recordData)T prepareUpdateRecord (byte sfi, int recordNumber, byte[] recordData)T prepareWriteRecord (byte sfi, int recordNumber, byte[] recordData) T prepareUpdateBinary (byte sfi, int offset, byte[] data)T prepareWriteBinary (byte sfi, int offset, byte[] data) T prepareIncreaseCounter (byte sfi, int counterNumber, int incValue)T prepareIncreaseCounters (byte sfi, Map<Integer, Integer> counterNumberToIncValueMap)T prepareDecreaseCounter (byte sfi, int counterNumber, int decValue)T prepareDecreaseCounters (byte sfi, Map<Integer, Integer> counterNumberToDecValueMap)T prepareSetCounter (byte sfi, int counterNumber, int newValue) T prepareSvReadAllLogs () T prepareVerifyPin (byte[] pin)T prepareChangePin (byte[] newPin) T processCommands (ChannelControl channelControl) List<byte[]> getTransactionAuditData ()ChannelControlKEEP_OPENCLOSE_AFTERFreeTransactionManagerSecureTransactionManagerT extends SecureTransactionManager<T><E extends CardTransactionCryptoExtension> E getCryptoExtension (Class<E> cryptoExtensionClass) T prepareCloseSecureSession ()T prepareCancelSecureSession ()PkiPersonalizationTransactionManagerPkiPersonalizationTransactionManager prepareGenerateAsymmetricKeyPair ()PkiPersonalizationTransactionManager prepareLoadCardCert (CardCertParams params)PkiPersonalizationTransactionManager prepareLoadCaCert (byte[] caCert)CardCertParamsCardCertParams useExternalSigner (CardCertProviderSpi cardCertProviderSpi)CardCertParams useInternalSigner (AsymmetricCryptoCardTransactionManagerFactory cryptoCardTransactionManagerFactory, byte[] issuerKeyPriv, byte[] issuerKeyReference) CardCertParams useExistingCardKeyPair ()CardCertParams generateCardKeyPair ()CardCertParams useSpecificKeyPair (byte[] cardPriv, byte[] cardPub) CardCertParams setCardAidSize (int aidSize)CardCertParams setCardIndex (int cardIndex) ???CardCertParams setStartDate (int year, int month, int day)CardCertParams setEndDate (int year, int month, int day)SecureSymmetricCryptoTransactionManagerT extends SecureSymmetricCryptoTransactionManager<T>T prepareOpenSecureSession (WriteAccessLevel writeAccessLevel) T prepareSvGet (SvOperation svOperation, SvAction svAction)T prepareSvReload (int amount, byte[] date, byte[] time, byte[] free)T prepareSvReload (int amount)T prepareSvDebit (int amount, byte[] date, byte[] time)T prepareSvDebit (int amount) T prepareInvalidate ()T prepareRehabilitate () T prepareChangeKey (int keyIndex, byte newKif, byte newKvc, byte issuerKif, byte issuerKvc)SecureRegularModeTransactionManagerSecureExtendedModeTransactionManagerSecureExtendedModeTransactionManager prepareEarlyMutualAuthentication ()SecureExtendedModeTransactionManager prepareActivateEncryption ()SecureExtendedModeTransactionManager prepareDeactivateEncryption ()SecurePkiModeTransactionManagerSecurePkiModeTransactionManager prepareOpenSecureSession ()SvOperationRELOADDEBITSvActionDOUNDOAsymmetricCryptoSecuritySettingAsymmetricCryptoSecuritySetting addPrimaryCertificationAuthorityCertificate (String certificateAlias, byte[] pcaPubRef)AsymmetricCryptoSecuritySetting addPrimaryCertificationAuthorityCertificate (X509Certificate certificate, byte[] pcaPubRef)AsymmetricCryptoSecuritySetting addPrimaryCertificationAuthorityPublicKey (byte[] pcaPub, byte[] pcaPubRef) AsymmetricCryptoSecuritySetting enableCacheForCertificationAuthority ()SymmetricCryptoSecuritySettingSymmetricCryptoSecuritySetting enableMultipleSession ()SymmetricCryptoSecuritySetting enableRatificationMechanism ()SymmetricCryptoSecuritySetting enablePinPlainTransmission ()SymmetricCryptoSecuritySetting enableSvLoadAndDebitLog ()SymmetricCryptoSecuritySetting authorizeSvNegativeBalance ()SymmetricCryptoSecuritySetting disableReadOnSessionOpening () SymmetricCryptoSecuritySetting assignKif (WriteAccessLevel writeAccessLevel, byte kvc, byte kif)SymmetricCryptoSecuritySetting assignDefaultKif (WriteAccessLevel writeAccessLevel, byte kif)SymmetricCryptoSecuritySetting assignDefaultKvc (WriteAccessLevel writeAccessLevel, byte kvc) SymmetricCryptoSecuritySetting addAuthorizedSessionKey (byte kif, byte kvc)SymmetricCryptoSecuritySetting addAuthorizedSvKey (byte kif, byte kvc) SymmetricCryptoSecuritySetting setPinVerificationCipheringKey (byte kif, byte kvc)SymmetricCryptoSecuritySetting setPinModificationCipheringKey (byte kif, byte kvc) void initCryptoContextForNextTransaction ()SearchCommandDataSearchCommandData setSfi (byte sfi)SearchCommandData startAtRecord (int recordNumber)SearchCommandData setOffset (int offset)SearchCommandData enableRepeatedOffset ()SearchCommandData setSearchData (byte[] data)SearchCommandData setMask (byte[] mask)SearchCommandData fetchFirstMatchingResult () List<Integer> getMatchingRecordNumbers ()«RuntimeException»SessionBufferOverflowException: Session buffer would overflow for atomic session.UnauthorizedKeyExceptionInvalidPinExceptionInconsistentDataException: Number of R-APDUs != number of C-APDUsordata read in session != data read outside session.InvalidCardSignatureExceptionCardSignatureNotVerifiableException: CloseSecureSession is successful but crypto resource is no more available to check the card MAC.SelectFileExceptionUnexpectedCommandStatusExceptionReaderIOException: Card reader and/or Crypto reader communication is broken.CardIOExceptionCryptoExceptionCryptoIOExceptionAsymmetricCryptoCardTransactionManagerFactorySymmetricCryptoCardTransactionManagerFactoryCardTransactionCryptoExtensionCardCertProviderSpibyte[] getIssuerKeyReference ()byte[] createCardCert (byte[] allData) ???byte[] createCardCert (byte[] data, byte[] recoverableData) ???useuseuseuseuseuseuseprovideuseuseuseuseuseuseuseprovideprovideprovideprovideprovideuseprovideprovideprovide \ No newline at end of file + Terminal Calypso Card API 2.1.+ (2024-01-16)Colors legend:Work in progress...External public API references:Calypsonet Terminal Reader APIcalypso.cardcardtransactionspifinalCalypsoCardApiPropertiesfinalString VERSIONCalypsoCardApiFactoryCalypsoCardSelectionExtension createCalypsoCardSelectionExtension () SymmetricCryptoSecuritySetting createSymmetricCryptoSecuritySetting (SymmetricCryptoCardTransactionManagerFactory cryptoCardTransactionManagerFactory)AsymmetricCryptoSecuritySetting createAsymmetricCryptoSecuritySetting (AsymmetricCryptoCardTransactionManagerFactory cryptoCardTransactionManagerFactory) FreeTransactionManager createFreeTransactionManager (CardReadercardReader, CalypsoCard card)SecureRegularModeTransactionManager createSecureRegularModeTransactionManager (CardReadercardReader, CalypsoCard card, SymmetricCryptoSecuritySetting securitySetting)SecureExtendedModeTransactionManager createSecureExtendedModeTransactionManager (CardReadercardReader, CalypsoCard card, SymmetricCryptoSecuritySetting securitySetting)SecurePkiModeTransactionManager createSecurePkiModeTransactionManager (CardReadercardReader, CalypsoCard card, AsymmetricCryptoSecuritySetting securitySetting)PkiPersonalizationTransactionManager createPkiPersonalizationTransactionManager (CardReadercardReader, CalypsoCard card) SearchCommandData createSearchCommandData ()WriteAccessLevelPERSONALIZATIONLOADDEBITSelectFileControlFIRST_EFNEXT_EFCURRENT_DFGetDataTagFCP_FOR_CURRENT_FILEFCI_FOR_CURRENT_DFEF_LISTTRACEABILITY_INFORMATIONCARD_PUBLIC_KEYCARD_CERTIFICATECA_CERTIFICATE<<CardSelectionExtension>>CalypsoCardSelectionExtensionCalypsoCardSelectionExtension acceptInvalidatedCard () CalypsoCardSelectionExtension prepareSelectFile (short lid)CalypsoCardSelectionExtension prepareSelectFile (SelectFileControl selectControl) CalypsoCardSelectionExtension prepareGetData (GetDataTag tag) CalypsoCardSelectionExtension prepareReadRecord (byte sfi, int recordNumber)CalypsoCardSelectionExtension prepareReadBinary (byte sfi, int offset, int nbBytesToRead)CalypsoCardSelectionExtension prepareReadCounter (byte sfi, int nbCountersToRead) CalypsoCardSelectionExtension preparePreOpenSecureSession (WriteAccessLevel writeAccessLevel)CalypsoCardSelectionExtension preparePreOpenSecureSessionInPkiMode ()<<IsoSmartCard>>CalypsoCardProductType getProductType ()boolean isHce () boolean isDfInvalidated () byte[] getDfName ()byte[] getApplicationSerialNumber () byte[] getStartupInfoRawData ()byte getPlatform ()byte getApplicationType ()byte getApplicationSubtype ()byte getSoftwareIssuer ()byte getSoftwareVersion ()byte getSoftwareRevision ()byte getSessionModification () byte[] getTraceabilityInformation () byte[] getCardPublicKey ()byte[] getCardCertificate ()byte[] getCaCertificate () DirectoryHeader getDirectoryHeader ()ElementaryFile getFileBySfi (byte sfi)ElementaryFile getFileByLid (short lid)Set<ElementaryFile> getFiles () boolean isDfRatified ()int getTransactionCounter () boolean isPkiModeSupported ()boolean isExtendedModeSupported ()boolean isRatificationOnDeselectSupported () boolean isPinFeatureAvailable ()boolean isPinBlocked ()int getPinAttemptRemaining () boolean isSvFeatureAvailable ()int getSvBalance ()int getSvLastTNum ()SvLoadLogRecord getSvLoadLogRecord ()SvDebitLogRecord getSvDebitLogLastRecord ()List<SvDebitLogRecord> getSvDebitLogAllRecords ()DirectoryHeadershort getLid ()Byte getDfStatus () byte[] getAccessConditions ()byte[] getKeyIndexes () byte getKif (WriteAccessLevel writeAccessLevel)byte getKvc (WriteAccessLevel writeAccessLevel)ElementaryFilebyte getSfi ()FileHeader getHeader ()FileData getData ()FileHeadershort getLid ()byte getDfStatus ()ElementaryFile.Type getEfType () int getRecordsNumber ()int getRecordSize () byte[] getAccessConditions ()byte[] getKeyIndexes () Short getSharedReference ()TypeLINEARBINARYCYCLICCOUNTERSSIMULATED_COUNTERSFileDatabyte[] getContent ()byte[] getContent (int numRecord)byte[] getContent (int numRecord, int dataOffset, int dataLength)SortedMap<Integer, byte[]> getAllRecordsContent () Integer getContentAsCounterValue (int numCounter)SortedMap<Integer, Integer> getAllCountersValue ()ProductTypePRIME_REVISION_1PRIME_REVISION_2PRIME_REVISION_3LIGHTBASICUNKNOWNSvLoadLogRecordbyte[] getRawData () byte[] getLoadDate ()byte[] getLoadTime () int getAmount ()int getBalance ()byte[] getFreeData () byte getKvc ()byte[] getSamId ()int getSamTNum ()int getSvTNum ()SvDebitLogRecordbyte[] getRawData () byte[] getDebitDate ()byte[] getDebitTime () int getAmount ()int getBalance () byte getKvc ()byte[] getSamId ()int getSamTNum ()int getSvTNum ()TransactionManagerT extends TransactionManager<T>T prepareSelectFile (short lid)T prepareSelectFile (SelectFileControl selectFileControl) T prepareGetData (GetDataTag tag) T prepareReadRecord (byte sfi, int recordNumber)T prepareReadRecords (byte sfi, int fromRecordNumber, int toRecordNumber, int recordSize)T prepareReadRecordsPartially (byte sfi, int fromRecordNumber, int toRecordNumber, int offset, int nbBytesToRead)T prepareReadBinary (byte sfi, int offset, int nbBytesToRead)T prepareReadCounter (byte sfi, int nbCountersToRead) T prepareSearchRecords (SearchCommandData data) T prepareCheckPinStatus () T prepareAppendRecord (byte sfi, byte[] recordData)T prepareUpdateRecord (byte sfi, int recordNumber, byte[] recordData)T prepareWriteRecord (byte sfi, int recordNumber, byte[] recordData) T prepareUpdateBinary (byte sfi, int offset, byte[] data)T prepareWriteBinary (byte sfi, int offset, byte[] data) T prepareIncreaseCounter (byte sfi, int counterNumber, int incValue)T prepareIncreaseCounters (byte sfi, Map<Integer, Integer> counterNumberToIncValueMap)T prepareDecreaseCounter (byte sfi, int counterNumber, int decValue)T prepareDecreaseCounters (byte sfi, Map<Integer, Integer> counterNumberToDecValueMap)T prepareSetCounter (byte sfi, int counterNumber, int newValue) T prepareSvReadAllLogs () T prepareVerifyPin (byte[] pin)T prepareChangePin (byte[] newPin) T processCommands (ChannelControl channelControl) List<byte[]> getTransactionAuditData ()ChannelControlKEEP_OPENCLOSE_AFTERFreeTransactionManagerSecureTransactionManagerT extends SecureTransactionManager<T><E extends CardTransactionCryptoExtension> E getCryptoExtension (Class<E> cryptoExtensionClass) T prepareCloseSecureSession ()T prepareCancelSecureSession ()PkiPersonalizationTransactionManagerPkiPersonalizationTransactionManager prepareGenerateAsymmetricKeyPair ()PkiPersonalizationTransactionManager prepareLoadCardCert (byte[] cardCert)PkiPersonalizationTransactionManager prepareLoadCaCert (byte[] caCert)SecureSymmetricCryptoTransactionManagerT extends SecureSymmetricCryptoTransactionManager<T>T prepareOpenSecureSession (WriteAccessLevel writeAccessLevel) T prepareSvGet (SvOperation svOperation, SvAction svAction)T prepareSvReload (int amount, byte[] date, byte[] time, byte[] free)T prepareSvReload (int amount)T prepareSvDebit (int amount, byte[] date, byte[] time)T prepareSvDebit (int amount) T prepareInvalidate ()T prepareRehabilitate () T prepareChangeKey (int keyIndex, byte newKif, byte newKvc, byte issuerKif, byte issuerKvc)SecureRegularModeTransactionManagerSecureExtendedModeTransactionManagerSecureExtendedModeTransactionManager prepareEarlyMutualAuthentication ()SecureExtendedModeTransactionManager prepareActivateEncryption ()SecureExtendedModeTransactionManager prepareDeactivateEncryption ()SecurePkiModeTransactionManagerSecurePkiModeTransactionManager prepareOpenSecureSession ()SvOperationRELOADDEBITSvActionDOUNDOAsymmetricCryptoSecuritySettingAsymmetricCryptoSecuritySetting addPcaCertificate (PcaCertificate pcaCertificate)AsymmetricCryptoSecuritySetting addCaCertificate (CaCertificate caCertificate) AsymmetricCryptoSecuritySetting addCaCertificateFactory (CaCertificateFactory caCertificateFactory)AsymmetricCryptoSecuritySetting addCardCertificateFactory (CardCertificateFactory cardCertificateFactory)SymmetricCryptoSecuritySettingSymmetricCryptoSecuritySetting enableMultipleSession ()SymmetricCryptoSecuritySetting enableRatificationMechanism ()SymmetricCryptoSecuritySetting enablePinPlainTransmission ()SymmetricCryptoSecuritySetting enableSvLoadAndDebitLog ()SymmetricCryptoSecuritySetting authorizeSvNegativeBalance ()SymmetricCryptoSecuritySetting disableReadOnSessionOpening () SymmetricCryptoSecuritySetting assignKif (WriteAccessLevel writeAccessLevel, byte kvc, byte kif)SymmetricCryptoSecuritySetting assignDefaultKif (WriteAccessLevel writeAccessLevel, byte kif)SymmetricCryptoSecuritySetting assignDefaultKvc (WriteAccessLevel writeAccessLevel, byte kvc) SymmetricCryptoSecuritySetting addAuthorizedSessionKey (byte kif, byte kvc)SymmetricCryptoSecuritySetting addAuthorizedSvKey (byte kif, byte kvc) SymmetricCryptoSecuritySetting setPinVerificationCipheringKey (byte kif, byte kvc)SymmetricCryptoSecuritySetting setPinModificationCipheringKey (byte kif, byte kvc) void initCryptoContextForNextTransaction ()SearchCommandDataSearchCommandData setSfi (byte sfi)SearchCommandData startAtRecord (int recordNumber)SearchCommandData setOffset (int offset)SearchCommandData enableRepeatedOffset ()SearchCommandData setSearchData (byte[] data)SearchCommandData setMask (byte[] mask)SearchCommandData fetchFirstMatchingResult () List<Integer> getMatchingRecordNumbers ()«RuntimeException»SessionBufferOverflowException: Session buffer would overflow for atomic session.UnauthorizedKeyExceptionInvalidPinExceptionInconsistentDataException: Number of R-APDUs != number of C-APDUsordata read in session != data read outside session.InvalidCardSignatureExceptionCardSignatureNotVerifiableException: CloseSecureSession is successful but crypto resource is no more available to check the card MAC.SelectFileExceptionUnexpectedCommandStatusExceptionReaderIOException: Card reader and/or Crypto reader communication is broken.CardIOExceptionCryptoExceptionCryptoIOExceptionAsymmetricCryptoCardTransactionManagerFactoryCaCertificateFactoryCardCertificateFactoryPcaCertificateCaCertificateSymmetricCryptoCardTransactionManagerFactoryCardTransactionCryptoExtensionuseuseuseuseprovideuseuseuseuseuseuseuseuseuseuseuseprovideprovideprovideprovideprovideuseprovideprovideprovide \ No newline at end of file diff --git a/2.1.0-SNAPSHOT/api_sequence_diagram_asymmetric_security_setting.puml b/2.1.0-SNAPSHOT/api_sequence_diagram_asymmetric_security_setting.puml new file mode 100644 index 0000000..7f20f94 --- /dev/null +++ b/2.1.0-SNAPSHOT/api_sequence_diagram_asymmetric_security_setting.puml @@ -0,0 +1,59 @@ +@startuml +title + + + AsymmetricSecuritySetting (2024-01-23) +end title + +participant "App" as app +participant "AsymmetricSecuritySetting" as setting +participant "PcaCertificate" as pca +participant "CaCertificate" as ca + +== addPcaCertificate == + +activate app + +app -> setting : addPcaCertificate (pcaCertificate) +activate setting + +setting -> pca : extractPublicKey () +activate pca +setting <-- pca : publicKeySpi +deactivate pca + +setting -> setting : savePublicKey (publicKeySpi) +note right + map.put(publicKeySpi.getReference(), publicKeySpi.getValue()) +end note + +app <-- setting +deactivate setting + +== addCaCertificate == + +app -> setting : addCaCertificate (caCertificate) +activate setting + +setting -> ca : getIssuerPublicKeyReference () +activate ca +setting <-- ca : issuerPublicKeyReference +deactivate ca + +setting -> setting : issuerPublicKey := findPublicKey (issuerPublicKeyReference) + +setting -> ca : extractPublicKey (issuerPublicKey.getPublicKey ()) +activate ca +setting <-- ca : publicKeySpi +deactivate ca + +setting -> setting : savePublicKey (publicKeySpi) +note right + map.put(publicKeySpi.getReference(), publicKeySpi.getValue()) +end note + +app <-- setting +deactivate setting + + +@enduml \ No newline at end of file diff --git a/2.1.0-SNAPSHOT/api_sequence_diagram_asymmetric_security_setting.svg b/2.1.0-SNAPSHOT/api_sequence_diagram_asymmetric_security_setting.svg new file mode 100644 index 0000000..5c1b66b --- /dev/null +++ b/2.1.0-SNAPSHOT/api_sequence_diagram_asymmetric_security_setting.svg @@ -0,0 +1 @@ + AsymmetricSecuritySetting (2024-01-23)AppAppAsymmetricSecuritySettingAsymmetricSecuritySettingPcaCertificatePcaCertificateCaCertificateCaCertificateaddPcaCertificateaddPcaCertificate (pcaCertificate)extractPublicKey ()publicKeySpisavePublicKey (publicKeySpi)map.put(publicKeySpi.getReference(), publicKeySpi.getValue())addCaCertificateaddCaCertificate (caCertificate)getIssuerPublicKeyReference ()issuerPublicKeyReferenceissuerPublicKey := findPublicKey (issuerPublicKeyReference)extractPublicKey (issuerPublicKey.getPublicKey ())publicKeySpisavePublicKey (publicKeySpi)map.put(publicKeySpi.getReference(), publicKeySpi.getValue()) \ No newline at end of file