Skip navigation links

• Overview
• Package
• Class
• Tree
• Deprecated
• Index
• Help

• Prev Class
• Next Class

• Frames
• No Frames

• All Classes

• Summary:
• Nested |
• Field |
• Constr |
• Method

• Detail:
• Field |
• Constr |
• Method

com.pax.dal

Interface IPedAuthManager

public interface IPedAuthManager

Method Summary

Modifier and Type	Method and Description
void	authClose(byte[] sessionID) 关闭sessionID对应的设备间安全传输的功能。 Disable a secure transfer between devices according to sessionID.
void	authCloseAll() 关闭所有传输通道。 Close all transfers between devices.
void	authDeriveWorkKey(byte[] sessionID, byte keyType) 根据ECDHE的共享密钥发散出工作密钥，类型由keyType指定。 Diverging a working key based on ECDHE's shared key, the type is specified by keyType.
AuthData	authEcdhPublicKey(byte[] sessionID) 根据设备自身的公私钥，导出一个ECDHE的随机公钥。 According to the public and private keys of the device itself, a random public key of ECDHE is derived.
void	authEcdhShareKey(byte[] sessionID, byte[] peerPubKey, byte[] peerCertData) 根据peer设备自身的本地公钥和ECDHE公钥，产生一个ECDHE的共享密钥,并存储在SP内部。 According to the local public key and the ECDHE public key of the peer device, an ECDHE shared key is generated and stored in the SP.
void	authOpen(byte[] sessionID) 打开一个设备间安全传输的功能，用sessionID作为标记。 Enable a secure transfer between devices, marked with sessionID.
byte[]	getAesDataCalcSession(byte[] sessionID, byte[] initVector, byte[] dataIn, byte mode) 与PedAesDataCalc一样，但密钥是sessionID指定的AES_TDK。 Same as PedAesDataCalc, but key is AES_TDK specified by sessionID.
byte[]	getPinBlockSession(byte[] sessionID, java.lang.String expPinLen, byte[] dataIn, byte mode, int timeoutMs) 与PedGetPinBlock一样，但密钥是sessionID指定的PED_TPK。 Same as PedGetPinBlock, but key is PED_TPK specified by sessionID.
void	setOfflinePinModeSession(byte mode, byte[] sessionID, byte[] pinBlock) 与PedSetOfflinePinMode一样，但密钥是sessionID指定的PED_TPK。 Same as PedSetOfflinePinMode, but key is PED_TPK specified by sessionID.

Method Detail

authOpen

void authOpen(byte[] sessionID)
       throws PedDevException

打开一个设备间安全传输的功能，用sessionID作为标记。

Enable a secure transfer between devices, marked with sessionID.

Parameters:

sessionID -

16 bytes session number

16 bytes session number

Throws:

PedDevException

Since:

V3.29.00

authClose

void authClose(byte[] sessionID)
        throws PedDevException

关闭sessionID对应的设备间安全传输的功能。

Disable a secure transfer between devices according to sessionID.

Parameters:

sessionID -

16 bytes session number

16 bytes session number

Throws:

PedDevException

Since:

V3.29.00

authCloseAll

void authCloseAll()
           throws PedDevException

关闭所有传输通道。

Close all transfers between devices.

Throws:

PedDevException

Since:

V3.29.00

authEcdhPublicKey

AuthData authEcdhPublicKey(byte[] sessionID)
                    throws PedDevException

根据设备自身的公私钥，导出一个ECDHE的随机公钥。

According to the public and private keys of the device itself, a random public key of ECDHE is derived.

Parameters:

sessionID -

16 bytes session number

16 bytes session number

Returns:

AuthData

Throws:

PedDevException

Since:

V3.29.00

authEcdhShareKey

void authEcdhShareKey(byte[] sessionID,
                      byte[] peerPubKey,
                      byte[] peerCertData)
               throws PedDevException

根据peer设备自身的本地公钥和ECDHE公钥，产生一个ECDHE的共享密钥,并存储在SP内部。

According to the local public key and the ECDHE public key of the peer device, an ECDHE shared key is generated and stored in the SP.

Parameters:

sessionID -

16 bytes session number

16 bytes session number

peerPubKey -

对端ECDHE公钥

Peer ECDHE public key

peerCertData -

对端证书

Peer certificate

Throws:

PedDevException

Since:

V3.29.00

authDeriveWorkKey

void authDeriveWorkKey(byte[] sessionID,
                       byte keyType)
                throws PedDevException

根据ECDHE的共享密钥发散出工作密钥，类型由keyType指定。

Diverging a working key based on ECDHE's shared key, the type is specified by keyType.

Parameters:

sessionID -

16 bytes session number

16 bytes session number

keyType -

• EPedKeyType.TAESK
• EPedKeyType.TPK

Throws:

PedDevException

Since:

V3.29.00

getPinBlockSession

byte[] getPinBlockSession(byte[] sessionID,
                          java.lang.String expPinLen,
                          byte[] dataIn,
                          byte mode,
                          int timeoutMs)
                   throws PedDevException

与PedGetPinBlock一样，但密钥是sessionID指定的PED_TPK。

Same as PedGetPinBlock, but key is PED_TPK specified by sessionID.

Parameters:

sessionID -

16 bytes session number

16 bytes session number

expPinLen -

当IPed为EPedType.INTERNAL:可输入的合法密码长度字符串，应用程序把允许的密码长度全部枚举出来，并且用","号隔开每个长度，密码长度的有效取值为：0，4~12。若允许输入 4、6 位密码并且允许无密码直接按确认，则该字符串应该设置为"0，4，6"。 若枚举 0 长度则示意可以不输任何数字而直接按确认键返回。若枚举字符串中存在长度的无效值，比如"2，6，7，10"，无效值将被忽略。

当IPed为EPedType.EXTERNAL_TYPEA:PIN长度在expPinLen中的最小值和最大值区间。如果mode = EPinBlockMode.ISO9564_0时,当最小长度不为0时,允许按"确认"退出 。

When IPed is EPedType.INTERNAL:The legal password length string that can be input. The application enumerates all the allowed password lengths and separates each length with "," signs. The valid values for password lengths are: 0,4 to 12. If 4 or 6-digit passwords are allowed to be entered and direct confirmation without a password is permitted, the string should be set to "0,4,6". If the enumeration length is 0, it indicates that no numbers can be entered and the confirmation key can be directly pressed to return. If there are invalid values of length in the enumeration string, such as "2,6,7,10", the invalid values will be ignored.

When IPed is EPedType.EXTERNAL_TYPEA:The PIN length is between the minimum and maximum values in expPinLen. If mode = EPinBlockMode.ISO9564_0, press "ok" to exit when the minimum length is not 0.

dataIn -

当mode= 0x01时,输入参数为参与PinBlock的格式化,8字节数据(根据ISO9564的规范,该数据可以是随机数、交易流水号或时间戳等)。

When mode=0x01, Input parameters for participation in PinBlock formatting, 8 bytes data.(refer to ISO9564 standard, this data can be Random number, the transaction serial number or time stamp, etc.)

mode -

0x01， ISO9564 格式 1

0x01, ISO9564 format 1

timeoutMs -

输入 PIN 的超时时间,单位：毫秒 最大值为 300000ms

Timeout time for entering PIN, unit: milliseconds, the maximum value is 300000ms

Returns:

8字节的PINBlock

8-byte PINBlock

Throws:

PedDevException

Since:

V3.29.00

setOfflinePinModeSession

void setOfflinePinModeSession(byte mode,
                              byte[] sessionID,
                              byte[] pinBlock)
                       throws PedDevException

与PedSetOfflinePinMode一样，但密钥是sessionID指定的PED_TPK。

Same as PedSetOfflinePinMode, but key is PED_TPK specified by sessionID.

Parameters:

mode -

• 0x00:内部PINPAD，默认模式。
• 0x01:外部PINPAD。

• 0x00:Built-in PINPAD, default mode.
• 0x01:External PINPAD.

sessionID -

16 bytes session number

16 bytes session number

pinBlock -

8-byte Cipher PINBLOCK with ISO9564 Format 1

8-byte Cipher PINBLOCK with ISO9564 Format 1

Throws:

PedDevException

Since:

V3.29.00

getAesDataCalcSession

byte[] getAesDataCalcSession(byte[] sessionID,
                             byte[] initVector,
                             byte[] dataIn,
                             byte mode)
                      throws PedDevException

与PedAesDataCalc一样，但密钥是sessionID指定的AES_TDK。

Same as PedAesDataCalc, but key is AES_TDK specified by sessionID.

Parameters:

sessionID -

16 bytes session number

16 bytes session number

initVector -

ECB模式: 初始向量为空
CBC模式: 初始向量, 16字节

ECB mode: initial vector is empty
CBC mode: initial vector, 16 bytes

dataIn -

用于加密或解密的数据 最大长度 <= 1024, 且为16的倍数。

data for encryption or decryption, maximum length <= 1024, and is a multiple of 16

mode -

• 0x00: ECB解密
• 0x01: ECB加密
• 0x02: CBC解密
• 0x03: CBC加密

• 0x00: ECB decryption
• 0x01: ECB encryption
• 0x02: CBC decryption
• 0x03: CBC encryption

Returns:

加密或解密后的数据

encrypted or decrypted data

Throws:

PedDevException

Since:

V3.29.00

Skip navigation links

• Overview
• Package
• Class
• Tree
• Deprecated
• Index
• Help

• Prev Class
• Next Class

• Frames
• No Frames

• All Classes

• Summary:
• Nested |
• Field |
• Constr |
• Method

• Detail:
• Field |
• Constr |
• Method