001/*
002 * ===========================================================================================
003 * = COPYRIGHT
004 *          PAX Computer Technology (Shenzhen) Co., Ltd. PROPRIETARY INFORMATION
005 *   This software is supplied under the terms of a license agreement or nondisclosure
006 *   agreement with PAX Computer Technology (Shenzhen) Co., Ltd. and may not be copied or
007 *   disclosed except in accordance with the terms in that agreement.
008 *     Copyright (C) YYYY PAX Computer Technology (Shenzhen) Co., Ltd. All rights reserved.
009 * Description: // Detail description about the function of this module,
010 *             // interfaces with the other modules, and dependencies.
011 * Revision History:
012 * Date                         Author                        Action
013 * 2017/04/01                   PAX                     Create/Add/Modify/Delete
014 * ===========================================================================================
015 */
016
017package com.pax.dal;
018
019import com.pax.dal.entity.WriteKEKOutput;
020import com.pax.dal.exceptions.PedDevException;
021
022public interface IPedCustomization {
023
024    /**
025     * <div>Using Asymmetric key(RSA key) to load symetric keys. the cipher key block is encrypted by asymmetric key.</div>
026     *
027     * @param keyInfo   <div>format(0x00) + ucSrcKeyType(PED_RSA) + ucSrcKeyIdx + DstKeyType(PED_TIK/PED_TMK/PED_TPK/PED_TDK/PED_TAK) + DstKeyIdx + KcvMode(0x00) + KcvLen + KCV(KcvLen bytes) + KsnLen(0/10) + Ksn(KsnLen bytes). </div>
028     *
029     * @param keyBlock <div> Key block </div>
030     * @throws PedDevException
031     * @since V4.02.00
032     */
033    public void writeKeyByAsymForDM(byte[] keyInfo, byte[] keyBlock) throws PedDevException;
034
035    /**
036     * <div class="zh"> write key by custom device encryption RSA key。</div> <div class="en"> write key by custom device encryption RSA key.</div>
037     *
038     * @param keyInfo   <div class="zh">格式: 2 bytes, format + destination key index. format must be 0. </div>
039     *               <div class="en">2 bytes, format + destination key index. format must be 0. </div>
040     *
041     * @param keyBlock <div>Key block:SIBS format, KBH + PU(KEK) + TR31kek(Destination key)</div>
042     * @throws PedDevException
043     * @since V4.02.00
044     */
045    public void writeKeyByAsymForSIBS(byte[] keyInfo, byte[] keyBlock) throws PedDevException;
046
047    /**
048     * <div>  use custom device signature key to get signature</div>
049     *
050     * @param dataIn <div>data for signature </div>
051     * @param format <div>format must be 0</div>
052     * @throws PedDevException
053     * @since V4.02.00
054     */
055    public byte[] signForSIBS(byte[] dataIn, int format) throws PedDevException;
056
057    /**
058     * <div>Decrypt KEK1 and KEK2 under RSA private key and store them in the key slot.</div>
059     *
060     * @param keyInfo   <div>
061     *                  <li>Format [1 byte]  Can only be 0x00 or 0x01</li>
062     *                  <li>Source Key Type [1 byte] Can only be 0x0B (PED_RSA)</li>
063     *                  <li>Source Key Index [1 byte] RSA private key index. [1~10]</li>
064     *                  <li>KEK1 Index [1 byte] KEK1 index. [1~100]</li>
065     *                  <li>KEK2 Index [1 byte] KEK1 index. [1~100]</li>
066     * </div>
067     *                  <div>Note: KeyInfo length.<br>
068     *                  It should be >=5, when format is 0x00.<br>
069     *                  It should be >=3, when format is 0x01.</div>
070     * @param keyBlock <div> Cipher key block. 256 bytes</div>
071     *
072     * @return {@link WriteKEKOutput}
073     * @throws PedDevException
074     * @since V4.03.00
075     */
076    WriteKEKOutput writeKeybyAsymforWL(byte[] keyInfo, byte[] keyBlock) throws PedDevException;
077
078
079    /**
080     * <div>Decrypt session keys under MK and store them in the key slot.</div>
081     *
082     * @param keyInfo   <div>
083     *                  <li>Format [1 byte]  Can only be 0x00</li>
084     *                  <li>Source Key Type [1 byte] Can only be 0x02 (PED_TMK)</li>
085     *                  <li>Source Key Index [1 byte] KEK2 index. [1~100]</li>
086     *                  <li>Session Key Type [1 byte] TPK - 0x03 (PED_TPK)\TSEK - 0x05 (PED_TDK)\TAK - 0x04 (PED_TAK)\TMEK - 0x05 (PED_TDK)</li>
087     *                  <li>Session Key Index [1 byte] Session key index. [1~100]</li>
088     *                  <li>Variant [8 bytes] TPK - 0800000000000000\TSEK - 1000000000000000\TAK - 1800000000000000\TMEK - 2000000000000000</li>
089     *                  <li>KCV Mode [1 byte] Key check value mode: Mode 0x00 – No KCV\Mode 0x01 – Encryption\Mode 0x03 – CMAC</li>
090     *                  <li>KCV [n bytes] KCV Mode 0x00 – None\KCV Mode 0x01 – 3 bytes KCV\KCV Mode 0x03 – 5 bytes KCV</li>
091     * </div>
092     * @param keyBlock <div> Cipher key block. 16 bytes</div>
093     * @throws PedDevException
094     * @since V4.03.00
095     */
096    void writeKeybySymforWL(byte[] keyInfo, byte[] keyBlock) throws PedDevException;
097
098    /**
099     * <div>Decrypt session keys under MK and store them in the key slot.</div>
100     *
101     * @param keyInfo   <div class="zh">Format + SrcKeyType + SrcKeyIdx + DstKeyType + DstKeyIdx
102     *                      Format = 0, KNET OWF发散方法; Format = 1, KNET OWF发散PIN key的方法. </div>
103     *               <div class="en">Format + SrcKeyType + SrcKeyIdx + DstKeyType + DstKeyIdx
104     *                      Format = 0, KNET OWF divergence method; Format = 1, the method by which KNET OWF diverges the PIN key. </div>
105     *
106     * @param deriveData <div> Derive data using in derive method </div>
107     *
108     * @throws PedDevException
109     * @since V4.15.00
110     */
111    void writeKeybySymforKnet(byte[] keyInfo, byte[] deriveData) throws PedDevException;
112
113}