All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

public interface IPedTrSys

  获取途径：NeptuneLiteUser.getInstance().getDal(getApplicationContext()).getPedTrSys()
 
   Acquisition approach:NeptuneLiteUser.getInstance().getDal(getApplicationContext()).getPedTrSys()

Since:: V2.00.01

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`void`	`erase()` 清除所有Trsys的对称秘钥 Clear all symmetrical keys of Trsys.
`void`	`genRsaKey(byte Mode, byte PrvKeyIdx, byte PubKeyIdx, short ModLenBit, byte PubExpType)` 生成RSA密钥对并注入PED Generate RSA key pairs then inject into PED
`byte[]`	`readRsaCert()` 从PED中读取X509证书。 Read the X509 certificate from PED.
`RSAKeyInfo`	`readRsaPubKey()` 读取Trsys公钥 Read trsys public key
`void`	`writeKeyEncryptedRsa(byte[] DataIn, int DstKeyType, int DstKeyIdx, int KcvMode, byte[] KcvData, byte[] KcvValue, byte[] pIKSN)` 注入RSA公钥加密的密钥。与`writeRsaProtectKey(RSAKeyInfo)`配合使用。 Inject the key which is encrypted by RSA public key.
`void`	`writeRsaCert(byte[] certData)` 注入X509 PED证书存储证书之前，对公钥进行验证以确保公共密钥和先前存储的私钥为RSA密钥对。 Injection of X509 PED certificate Prior to storing the certificate, validation of the Public Key is performed in order to be sure that the Public Key and previously stored Secret Key is RSA key pair.
`void`	`writeRsaProtectKey(RSAKeyInfo pstRsakeyIn)` 注入RSA私钥，秘钥保存在PED中并且不能被任何其他PED的API读取。一旦密钥被注入，它不能被覆盖。RSA私钥不能被PedErase函数擦除。 Inject the RSA private key, the key is protected in PED and cannot be read by any other PED APIs.

- Method Detail
  - erase
```
void erase()
    throws PedDevException
```
    清除所有Trsys的对称秘钥
    
    Clear all symmetrical keys of Trsys.
    
    Throws:
    
    PedDevException
    
    Since:
    
    V2.00.01
  - readRsaPubKey
```
RSAKeyInfo readRsaPubKey()
                  throws PedDevException
```
    读取Trsys公钥
    
    Read trsys public key
    
    Returns:
    
    索引2上的RSA公钥
    
    the RSA public key with index 2
    
    Throws:
    
    PedDevException
    
    Since:
    
    V2.00.01
  - genRsaKey
```
void genRsaKey(byte Mode,
               byte PrvKeyIdx,
               byte PubKeyIdx,
               short ModLenBit,
               byte PubExpType)
        throws PedDevException
```
    生成RSA密钥对并注入PED
    
    Generate RSA key pairs then inject into PED
    
    Parameters:
    
    Mode -
    Mode = 0,等同于PedGenRSAKey，Mode = 1,等同于PedTrsysGenRsaKey
    
    Mode = 0,equal to PedGenRSAKey , Mode = 1,equal to PedTrsysGenRsaKey
    
    PrvKeyIdx -
    当Mode = 0，私钥索引1-10，当Mode = 1,私钥索引只支持1
    
    When Mode = 0,Private key index 1-10 , When Mode = 1,Private key index only support 1
    
    PubKeyIdx -
    当Mode = 0，公钥索引1-10，当Mode = 1,公钥索引只支持2
    
    When Mode = 0,Public key index 1-10 , When Mode = 1,Public key index only support 2
    
    ModLenBit -
    模长，支持512,1024,2048。
    
    Modulus len,support 512,1024,2048.
    
    PubExpType -
    公共指数类型：0:3 1:65537
    
    Public exponent type: 0:3 1:65537
    
    Throws:
    
    PedDevException
    
    Since:
    
    V2.00.01
  - writeRsaCert
```
void writeRsaCert(byte[] certData)
           throws PedDevException
```
    注入X509 PED证书存储证书之前，对公钥进行验证以确保公共密钥和先前存储的私钥为RSA密钥对。
    
    Injection of X509 PED certificate Prior to storing the certificate, validation of the Public Key is performed in order to be sure that the Public Key and previously stored Secret Key is RSA key pair.
    
    Parameters:
    
    certData -
    X509证书的数据缓冲区。对certdata最大大小为2048字节。
    
    The X509 certificate data buffer. The maximum size of CertData is 2048 bytes.
    
    Throws:
    
    PedDevException
    
    Since:
    
    V2.00.01
  - readRsaCert
```
byte[] readRsaCert()
            throws PedDevException
```
    从PED中读取X509证书。
    
    Read the X509 certificate from PED.
    
    Returns:
    
    存储的X509缓冲区数据
    
    The Buffer of storage X509 certificate data
    
    Throws:
    
    PedDevException
    
    Since:
    
    V2.00.01
  - writeRsaProtectKey
```
void writeRsaProtectKey(RSAKeyInfo pstRsakeyIn)
                 throws PedDevException
```
    注入RSA私钥，秘钥保存在PED中并且不能被任何其他PED的API读取。一旦密钥被注入，它不能被覆盖。RSA私钥不能被PedErase函数擦除。
    
    Inject the RSA private key, the key is protected in PED and cannot be read by any other PED APIs. Once the key was injected, it can't be overwritten.The RSA private key cannot be erased with PedErase function.
    
    Parameters:
    
    pstRsakeyIn -
    私钥 X509证书数据缓冲区。证书数据的最大大小为2048字节。
    
    private key The X509 certificate data buffer. The maximum size of CertDatais 2048 bytes.
    
    Throws:
    
    PedDevException
    
    Since:
    
    V2.00.01
  - writeKeyEncryptedRsa
```
void writeKeyEncryptedRsa(byte[] DataIn,
                          int DstKeyType,
                          int DstKeyIdx,
                          int KcvMode,
                          byte[] KcvData,
                          byte[] KcvValue,
                          byte[] pIKSN)
                   throws PedDevException
```
    注入RSA公钥加密的密钥。与writeRsaProtectKey(RSAKeyInfo)配合使用。
    
    Inject the key which is encrypted by RSA public key. Use with writeRsaProtectKey(RSAKeyInfo).
    Parameters:
    
    DataIn -
    DataIn使用RSA公钥进行加密。DataIn格式：Padding(RSA公钥模长-密钥长度) + 密钥(DES密钥或者TIK)。 Padding格式：0x00, 0x02, R1, R2... Rn, 0x00。其中R1 R2...Rn是从第3个字节开始至倒数第2个字节结束，非0的伪随机数。
    
    DataIn uses RSA public key for encryption. DataIn format: Padding (RSA public key modulus length-key length) + key (DES key or TIK). Padding format: 0x00, 0x02, R1, R2... Rn, 0x00. where R1 R2...Rn are non-zero pseudo-random numbers starting from the 3rd byte to the end of the penultimate 2nd byte.
    
    DstKeyType -
    目标密钥类型，它可以是一个TLK,TMK,TIK,TPK,TAK,TDK。
    
    The destination key type, it can be one of TLK, TMK, TIK, TPK, TAK, TDK.
    
    DstKeyIdx -
    目标密钥索引
    
    The destination key index.
    KcvMode -
    
    0x00:没验证
    
    0x01:与8字节0x00进行DES/TDES加密运算，用密文的前三字节作为KCV
    
    0x02:首先进行奇偶校验，然后用“\x12\x34\x56\x78\x90\x12\x34\x56”进行 DES/TDES 加密，用密文的前三字节作为KCV
    
    0x03:转化为字符串作为KcvData,用源密钥去对[DstKeyValue + KcvData]计算MAC，把结果作为KCV
    
    0x00: No authentication
    
    0x01: Performs DES/TDES encryption on 8-byte 0x00, and use first 3 bytes in cipher-text as KCV.
    
    0x02: Firstly, performs parity check, then does DES/TDES encryption on"\x12\x34\x56\x78\x90\x12\x34\x56", and uses first 3 bytes in cipher-text as KCV.
    
    0x03: Transfers in a string of KcvData, use source key to perform specified MAC on [DstKeyValue + KcvData], and then get the result as KCV.
    KcvData -
    当KcvMode为0x00/0x01/0x02时，它被忽视可能为NULL。当KcvMode为0x03时，KcvData的第一个字节为KCV的长度并参与计算，剩下的即为KCV数据。 KCV数据之后的第一个字节作为MAC计算模式。KcvData的最大长度为124字节。
    
    When KcvMode is 0x00/0x01/0x02, then it is ignored and might be NULL. When KcvMode is 0x03, the first byte of KcvData is the length of KCV data which participate in the calculation, the rest is KCV data. The first byte after the KCV data represents the MAC operation mode. The maximum size of KcvData is 124 bytes
    
    KcvValue -
    当KcvMode为0x00时，它被忽视可能为NULL。当KcvMode为0x01/0x02/0x03时，KcvValues 长度为8字节，表明KCV 数据。
    
    When KcvMode = 0x00, it is ignored and might be NULL. When KcvMode =0x01/0x02/0x03, KcvValue size should be 8 bytes and points to the KCV value.
    
    pIKSN -
    指明IKSN或者为空如果DstKeyType不是TIK.
    
    Pointer to IKSNor NULL if DstKeyType is not TIK
    
    Throws:
    
    PedDevException
    
    Since:
    
    V2.00.01

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Interface IPedTrSys

Method Summary

Method Detail

erase

readRsaPubKey

genRsaKey

writeRsaCert

readRsaCert

writeRsaProtectKey

writeKeyEncryptedRsa