aboutsummaryrefslogtreecommitdiffstats
path: root/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/javacard/JavacardDevice.java
diff options
context:
space:
mode:
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/javacard/JavacardDevice.java')
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/javacard/JavacardDevice.java42
1 files changed, 40 insertions, 2 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/javacard/JavacardDevice.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/javacard/JavacardDevice.java
index 240fffaf8..04c2c0006 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/javacard/JavacardDevice.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/javacard/JavacardDevice.java
@@ -30,7 +30,7 @@ public interface JavacardDevice {
* @param pinType For PW1, this is 0x81. For PW3 (Admin PIN), mode is 0x83.
* @param newPin The new PW1 or PW3.
*/
- void nfcModifyPIN(PinType pinType, byte[] newPin) throws IOException;
+ void modifyPin(int pinType, byte[] newPin) throws IOException;
/**
* Calls to calculate the signature and returns the MPI value
@@ -61,5 +61,43 @@ public interface JavacardDevice {
* @param hash the hash for signing
* @return a big integer representing the MPI for the given hash
*/
- byte[] nfcCalculateSignature(byte[] hash, int hashAlgo) throws IOException;
+ byte[] calculateSignature(byte[] hash, int hashAlgo) throws IOException;
+
+ boolean isFidesmoToken();
+
+ /**
+ * Return the fingerprint from application specific data stored on tag, or
+ * null if it doesn't exist.
+ *
+ * @param idx Index of the key to return the fingerprint from.
+ * @return The fingerprint of the requested key, or null if not found.
+ */
+ byte[] getMasterKeyFingerprint(int idx) throws IOException;
+
+ /**
+ * Resets security token, which deletes all keys and data objects.
+ * This works by entering a wrong PIN and then Admin PIN 4 times respectively.
+ * Afterwards, the token is reactivated.
+ */
+ void resetAndWipeToken() throws IOException;
+
+ /**
+ * Puts a key on the token in the given slot.
+ *
+ * @param slot The slot on the token where the key should be stored:
+ * 0xB6: Signature Key
+ * 0xB8: Decipherment Key
+ * 0xA4: Authentication Key
+ */
+ void putKey(int slot, CanonicalizedSecretKey secretKey, Passphrase passphrase) throws IOException;
+
+ /**
+ * Stores a data object on the token. Automatically validates the proper PIN for the operation.
+ * Supported for all data objects < 255 bytes in length. Only the cardholder certificate
+ * (0x7F21) can exceed this length.
+ *
+ * @param dataObject The data object to be stored.
+ * @param data The data to store in the object
+ */
+ void putData(int dataObject, byte[] data) throws IOException;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-08 19:16:05 +0000