|
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface Authority
This interface allows performing operations such as recovering a cryptographic key or signing data. The required algorithms and credentials are known implicitly.
It is intended that Security Domains would be able to access an Authority
instance through a Global Service by a Controlling Authority
Security Domain (CASD) with a service name of (
.GPSystem.FAMILY_AUTHORITY
<<8|0x00)
Field Summary | |
---|---|
static byte |
MODE_KEY_RECOVERY
Used with init(byte) method to indicate key recovery mode. |
static byte |
MODE_SIGN
Used with init(byte) method to indicate signing mode. |
Method Summary | |
---|---|
void |
init(byte theMode)
Initializes the Authority interface with the appropriate mode ( MODE_SIGN or MODE_KEY_RECOVERY ). |
short |
recoverKey(byte[] inBuff,
short inOffset,
short inLength,
byte[] outBuff,
short outOffset)
Recovers a cryptographic key from a set of data structures provided in the input buffer (inBuff). |
short |
sign(byte[] inBuff,
short inOffset,
short inLength,
byte[] sigBuff,
short sigOffset)
Generates the signature of all/last input data. |
void |
update(byte[] inBuff,
short inOffset,
short inLength)
Accumulates input data. for the current operation ( MODE_SIGN or MODE_KEY_RECOVERY ). |
Field Detail |
---|
static final byte MODE_SIGN
init(byte)
method to indicate signing mode.
static final byte MODE_KEY_RECOVERY
init(byte)
method to indicate key recovery mode.
Method Detail |
---|
void init(byte theMode) throws javacard.security.CryptoException
MODE_SIGN
or MODE_KEY_RECOVERY
).
theMode
- one of MODE_SIGN
or MODE_KEY_RECOVERY
.
javacard.security.CryptoException
- with the following reason code:ILLEGUAL_VALUE
if theMode option is an undefined
value.short sign(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset) throws javacard.security.CryptoException
inBuff
- the input buffer of data to be signedinOffset
- the offset in input buffer at which the signature startsinLength
- the byte length to signsigBuff
- the output buffer to store signature datasigOffset
- the offset into sigBuff at which to begin signature generation
javacard.security.CryptoException
- with the following reason codes:INVALID_INIT
if this Authority interface is not initialized or
initialized in MODE_KEY_RECOVERY
mode.
ILLEGAL_USE
if this Authority algorithm does not pad the message and
the message is not block aligned.java.lang.SecurityException
- if the inBuff or sigBuff are not global arrays.void update(byte[] inBuff, short inOffset, short inLength) throws javacard.security.CryptoException
MODE_SIGN
or MODE_KEY_RECOVERY
).
When this method is used, temporary storage of intermediate results is required.
This method should only be used if all the input data required for the current operation
is not available in one byte array.
The sign
or recoverKey
methods are recommended whenever possible.
The inBuff shall be global array.
inBuff
- buffer containing input datainOffset
- offset of input datainLength
- length of input data
javacard.security.CryptoException
- with the following reason codes:INVALID_INIT
if this Authority interface is not initialized.java.lang.SecurityException
- if the inBuff is not global array.short recoverKey(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) throws javacard.security.CryptoException
inBuff
- containing input data.inOffset
- offset of input data.inLength
- length of input data.outBuff
- the buffer where recovered key data structure shall be writtenoutOffset
- offset where recovered key data structure shall be written
Length
of the recovered key data structure written
in outBuff at outOffset,or 0 if the recovery mechanism failed
(e.g. recovered key was considered invalid).
javacard.security.CryptoException
- - with the following reason codes:INVALID_INIT
if this Authority interface is not initialized or
initialized in MODE_SIGN
mode.java.lang.SecurityException
- if the inBuff or outBuff are not global arrays.
|
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |