Search in sources :

Example 1 with PSOVerifyCertificate

use of org.openecard.sal.protocol.eac.apdu.PSOVerifyCertificate in project open-ecard by ecsec.

the class TerminalAuthentication method verifyCertificates.

/**
 * Verify certificates.
 * Sends an MSE:Set DST APDU and PSO:Verify Certificate APDU per certificate. (Protocol step 1)
 * See BSI-TR-03110, version 2.10, part 3, B.11.4.
 * See BSI-TR-03110, version 2.10, part 3, B.11.5.
 *
 * @param certificateChain Certificate chain
 * @throws ProtocolException
 */
public void verifyCertificates(CardVerifiableCertificateChain certificateChain) throws ProtocolException {
    try {
        for (CardVerifiableCertificate cvc : certificateChain.getCertificates()) {
            // MSE:SetDST APDU
            CardCommandAPDU mseSetDST = new MSESetDST(cvc.getCAR().toByteArray());
            mseSetDST.transmit(dispatcher, slotHandle);
            // PSO:Verify Certificate  APDU
            CardCommandAPDU psovc = new PSOVerifyCertificate(cvc.getCertificate().getValue());
            psovc.transmit(dispatcher, slotHandle);
        }
    } catch (APDUException e) {
        throw new ProtocolException(e.getResult());
    }
}
Also used : CardCommandAPDU(org.openecard.common.apdu.common.CardCommandAPDU) ProtocolException(org.openecard.common.sal.protocol.exception.ProtocolException) APDUException(org.openecard.common.apdu.exception.APDUException) CardVerifiableCertificate(org.openecard.crypto.common.asn1.cvc.CardVerifiableCertificate) PSOVerifyCertificate(org.openecard.sal.protocol.eac.apdu.PSOVerifyCertificate) MSESetDST(org.openecard.sal.protocol.eac.apdu.MSESetDST)

Aggregations

CardCommandAPDU (org.openecard.common.apdu.common.CardCommandAPDU)1 APDUException (org.openecard.common.apdu.exception.APDUException)1 ProtocolException (org.openecard.common.sal.protocol.exception.ProtocolException)1 CardVerifiableCertificate (org.openecard.crypto.common.asn1.cvc.CardVerifiableCertificate)1 MSESetDST (org.openecard.sal.protocol.eac.apdu.MSESetDST)1 PSOVerifyCertificate (org.openecard.sal.protocol.eac.apdu.PSOVerifyCertificate)1