Example 1 with PSOVerifyCertificate
use of org.openecard.sal.protocol.eac.apdu.PSOVerifyCertificate in project open-ecard by ecsec.
the class TerminalAuthentication method verifyCertificates.
/**
* Verify certificates.
* Sends an MSE:Set DST APDU and PSO:Verify Certificate APDU per certificate. (Protocol step 1)
* See BSI-TR-03110, version 2.10, part 3, B.11.4.
* See BSI-TR-03110, version 2.10, part 3, B.11.5.
*
* @param certificateChain Certificate chain
* @throws ProtocolException
*/
public void verifyCertificates(CardVerifiableCertificateChain certificateChain) throws ProtocolException {
try {
for (CardVerifiableCertificate cvc : certificateChain.getCertificates()) {
// MSE:SetDST APDU
CardCommandAPDU mseSetDST = new MSESetDST(cvc.getCAR().toByteArray());
mseSetDST.transmit(dispatcher, slotHandle);
// PSO:Verify Certificate APDU
CardCommandAPDU psovc = new PSOVerifyCertificate(cvc.getCertificate().getValue());
psovc.transmit(dispatcher, slotHandle);
}
} catch (APDUException e) {
throw new ProtocolException(e.getResult());
}
}
Also used :
CardCommandAPDU(org.openecard.common.apdu.common.CardCommandAPDU)
ProtocolException(org.openecard.common.sal.protocol.exception.ProtocolException)
APDUException(org.openecard.common.apdu.exception.APDUException)
CardVerifiableCertificate(org.openecard.crypto.common.asn1.cvc.CardVerifiableCertificate)
PSOVerifyCertificate(org.openecard.sal.protocol.eac.apdu.PSOVerifyCertificate)
MSESetDST(org.openecard.sal.protocol.eac.apdu.MSESetDST)
Aggregations
CardCommandAPDU (org.openecard.common.apdu.common.CardCommandAPDU)1
APDUException (org.openecard.common.apdu.exception.APDUException)1
ProtocolException (org.openecard.common.sal.protocol.exception.ProtocolException)1
CardVerifiableCertificate (org.openecard.crypto.common.asn1.cvc.CardVerifiableCertificate)1
MSESetDST (org.openecard.sal.protocol.eac.apdu.MSESetDST)1
PSOVerifyCertificate (org.openecard.sal.protocol.eac.apdu.PSOVerifyCertificate)1
