Keyple C++  0.9.0
Keyple, an Open Source SDK for Ticketing
Public Member Functions | List of all members
keyple::calypso::transaction::SamCommandProcessor Class Referencefinal

#include <SamCommandProcessor.h>

Public Member Functions

 SamCommandProcessor (const std::shared_ptr< SeResource< CalypsoPo >> poResource, const std::shared_ptr< PoSecuritySettings > poSecuritySettings)
 
const std::vector< uint8_t > getSessionTerminalChallenge ()
 
void initializeDigester (const AccessLevel &accessLevel, const bool sessionEncryption, const bool verificationMode, const uint8_t poKif, const uint8_t poKVC, const std::vector< uint8_t > &digestData)
 
void pushPoExchangeDataList (const std::vector< std::shared_ptr< ApduRequest >> &requests, const std::vector< std::shared_ptr< ApduResponse >> &responses, const int startIndex)
 
const std::vector< uint8_t > getTerminalSignature ()
 
void authenticatePoSignature (const std::vector< uint8_t > &poSignatureLo)
 
const std::vector< uint8_t > getCipheredPinData (const std::vector< uint8_t > &poChallenge, const std::vector< uint8_t > &currentPin, const std::vector< uint8_t > &newPin)
 
const std::vector< uint8_t > getSvReloadComplementaryData (std::shared_ptr< SvReloadCmdBuild > svReloadCmdBuild, const std::vector< uint8_t > &svGetHeader, const std::vector< uint8_t > &svGetData)
 
const std::vector< uint8_t > getSvDebitComplementaryData (std::shared_ptr< SvDebitCmdBuild > svDebitCmdBuild, const std::vector< uint8_t > &svGetHeader, const std::vector< uint8_t > &svGetData)
 
const std::vector< uint8_t > getSvUndebitComplementaryData (std::shared_ptr< SvUndebitCmdBuild > svUndebitCmdBuild, const std::vector< uint8_t > &svGetHeader, const std::vector< uint8_t > &svGetData)
 
void checkSvStatus (const std::vector< uint8_t > &svOperationResponseData)
 

Detailed Description

The SamCommandProcessor class is dedicated to the management of commands sent to the SAM.

In particular, it manages the cryptographic computations related to the secure session (digest computation).

It also will integrate the SAM commands used for Stored Value and PIN/key management. In session, these commands need to be carefully synchronized with the digest calculation.

Constructor & Destructor Documentation

◆ SamCommandProcessor()

keyple::calypso::transaction::SamCommandProcessor::SamCommandProcessor ( const std::shared_ptr< SeResource< CalypsoPo >>  poResource,
const std::shared_ptr< PoSecuritySettings poSecuritySettings 
)

Constructor

Parameters
poResourcethe PO resource containing the PO reader and the Calypso PO information
poSecuritySettingsthe security settings from the application layer

Member Function Documentation

◆ authenticatePoSignature()

void keyple::calypso::transaction::SamCommandProcessor::authenticatePoSignature ( const std::vector< uint8_t > &  poSignatureLo)

Authenticates the signature part from the PO

Executes the Digest Authenticate command with the PO part of the signature.

Parameters
poSignatureLothe PO part of the signature
Exceptions
CalypsoSamIOExceptionif the communication with the SAM has failed.
CalypsoDesynchronizedExchangesExceptionif the APDU SAM exchanges are out of sync
CalypsoSamCommandExceptionif the SAM has responded with an error status

◆ checkSvStatus()

void keyple::calypso::transaction::SamCommandProcessor::checkSvStatus ( const std::vector< uint8_t > &  svOperationResponseData)

Checks the status of the last SV operation

The PO signature is compared by the SAM with the one it has computed on its side.

Parameters
svOperationResponseDatathe data of the SV operation performed
Exceptions
CalypsoSamIOExceptionif the communication with the SAM has failed.
CalypsoSamCommandExceptionif the SAM has responded with an error status

◆ getCipheredPinData()

const std::vector< uint8_t > keyple::calypso::transaction::SamCommandProcessor::getCipheredPinData ( const std::vector< uint8_t > &  poChallenge,
const std::vector< uint8_t > &  currentPin,
const std::vector< uint8_t > &  newPin 
)

Compute the PIN ciphered data for the encrypted PIN verification or PIN update commands

Parameters
poChallengethe challenge from the PO
currentPinthe current PIN value
newPinthe new PIN value (set to null if the operation is a PIN presentation)
Returns
the PIN ciphered data
Exceptions
CalypsoSamIOExceptionif the communication with the SAM has failed.
CalypsoDesynchronizedExchangesExceptionif the APDU SAM exchanges are out of sync
CalypsoSamCommandExceptionif the SAM has responded with an error status

◆ getSessionTerminalChallenge()

const std::vector< uint8_t > keyple::calypso::transaction::SamCommandProcessor::getSessionTerminalChallenge ( )

Gets the terminal challenge

Performs key diversification if necessary by sending the SAM Select Diversifier command prior to the Get Challenge command. The diversification flag is set to avoid further unnecessary diversification operations.

If the key diversification is already done, the Select Diversifier command is omitted.

The length of the challenge varies from one PO revision to another. This information can be found in the SeResource class field.

Returns
the terminal challenge as an array of bytes
Exceptions
CalypsoSamIOExceptionif the communication with the SAM has failed.
CalypsoDesynchronizedExchangesExceptionif the APDU SAM exchanges are out of sync
CalypsoSamCommandExceptionif the SAM has responded with an error status

◆ getSvDebitComplementaryData()

const std::vector< uint8_t > keyple::calypso::transaction::SamCommandProcessor::getSvDebitComplementaryData ( std::shared_ptr< SvDebitCmdBuild svDebitCmdBuild,
const std::vector< uint8_t > &  svGetHeader,
const std::vector< uint8_t > &  svGetData 
)

Computes the cryptographic data required for the SvDebit command.

Use the data from the SvGet command and the partial data from the SvDebit command for this purpose.

The returned data will be used to finalize the PO SvDebit command.

Parameters
svDebitCmdBuildthe SV Debit command builder
svGetHeaderthe SV Get command header
svGetDatathe SV Get command response data
Returns
the complementary security data to finalize the SvDebit PO command (sam ID + SV prepare load output)
Exceptions
CalypsoSamIOExceptionif the communication with the SAM has failed.

◆ getSvReloadComplementaryData()

const std::vector< uint8_t > keyple::calypso::transaction::SamCommandProcessor::getSvReloadComplementaryData ( std::shared_ptr< SvReloadCmdBuild svReloadCmdBuild,
const std::vector< uint8_t > &  svGetHeader,
const std::vector< uint8_t > &  svGetData 
)

Computes the cryptographic data required for the SvReload command.

Use the data from the SvGet command and the partial data from the SvReload command for this purpose.

The returned data will be used to finalize the PO SvReload command.

Parameters
svReloadCmdBuildthe SvDebit builder providing the SvReload partial data
svGetHeaderthe SV Get command header
svGetDatathe SV Get command response data
Returns
the complementary security data to finalize the SvReload PO command (sam ID + SV prepare load output)
Exceptions
CalypsoSamIOExceptionif the communication with the SAM has failed.

◆ getSvUndebitComplementaryData()

const std::vector< uint8_t > keyple::calypso::transaction::SamCommandProcessor::getSvUndebitComplementaryData ( std::shared_ptr< SvUndebitCmdBuild svUndebitCmdBuild,
const std::vector< uint8_t > &  svGetHeader,
const std::vector< uint8_t > &  svGetData 
)

Computes the cryptographic data required for the SvUndebit command.

Use the data from the SvGet command and the partial data from the SvUndebit command for this purpose.

The returned data will be used to finalize the PO SvUndebit command.

Parameters
svUndebitCmdBuildthe SV Undebit command builder
svGetHeaderthe SV Get command header
svGetDatathe SV Get command response data
Returns
the complementary security data to finalize the SvUndebit PO command (sam ID + SV prepare load output)
Exceptions
CalypsoSamIOExceptionif the communication with the SAM has failed.

◆ getTerminalSignature()

const std::vector< uint8_t > keyple::calypso::transaction::SamCommandProcessor::getTerminalSignature ( )

Gets the terminal signature from the SAM

All remaining data in the digest cache is sent to the SAM and the Digest Close command is executed.

Returns
the terminal signature
Exceptions
CalypsoSamIOExceptionif the communication with the SAM has failed.
CalypsoDesynchronizedExchangesExceptionif the APDU SAM exchanges are out of sync
CalypsoSamCommandExceptionif the SAM has responded with an error status

◆ initializeDigester()

void keyple::calypso::transaction::SamCommandProcessor::initializeDigester ( const AccessLevel accessLevel,
const bool  sessionEncryption,
const bool  verificationMode,
const uint8_t  poKif,
const uint8_t  poKVC,
const std::vector< uint8_t > &  digestData 
)

Initializes the digest computation process

Resets the digest data cache, then fills a first packet with the provided data (from open secure session).

Keeps the session parameters, sets the KIF if not defined

Note: there is no communication with the SAM here.

Parameters
accessLevelthe Acces Level
sessionEncryptiontrue if the session is encrypted
verificationModetrue if the verification mode is active
poKifthe PO KIF
poKVCthe PO KVC
digestDataa first packet of data to digest.

◆ pushPoExchangeDataList()

void keyple::calypso::transaction::SamCommandProcessor::pushPoExchangeDataList ( const std::vector< std::shared_ptr< ApduRequest >> &  requests,
const std::vector< std::shared_ptr< ApduResponse >> &  responses,
const int  startIndex 
)

Appends a list full PO exchange (request and response) to the digest data cache.
The startIndex argument makes it possible not to include the beginning of the list when necessary.

Parameters
requestsPO request list
responsesPO response list
startIndexstarting point in the list

The documentation for this class was generated from the following files: