Package org.eclipse.keypop.calypso.card.transaction

Interface AsymmetricCryptoSecuritySetting

public interface AsymmetricCryptoSecuritySetting
Security setting for a Calypso card transaction secured by "asymmetric" key cryptographic algorithms (PKI).
Since:
2.1.0

  • Method Details

    • addPcaCertificate

      AsymmetricCryptoSecuritySetting addPcaCertificate(PcaCertificate pcaCertificate)
      Registers a self-signed PCA certificate.

      This method performs various checks to ensure the integrity and validity of the provided PCA certificate. These checks include verifying the certificate's signature to ensure it is self-signed, checking the validity period to ensure the certificate is not expired or prematurely valid, and confirming the authenticity of the issuer and subject details. Additionally, it checks for compliance with relevant constraints or extensions that may be necessary for PCA certificates.

      Parameters:
      pcaCertificate - The PCA certificate to add. Must be a valid, self-signed certificate.
      Returns:
      The current instance.
      Throws:
      IllegalArgumentException - If the argument is null or invalid.
      IllegalStateException - If the contained public key has already been registered.
      InvalidCertificateException - If the check of the provided certificate failed.
      Since:
      2.1.0

    • addCaCertificate

      AsymmetricCryptoSecuritySetting addCaCertificate(CaCertificate caCertificate)
      Registers a CA certificate.

      Preloading a CA certificate avoids having to read it from the card.

      This method performs various checks to ensure the integrity and validity of the provided CA certificate. These checks include verifying the certificate's signature using the issuer's public key, checking the validity period to ensure the certificate is not expired or prematurely valid, and confirming the authenticity of the issuer and subject details. Additionally, it checks for compliance with relevant constraints or extensions that may be necessary for CA certificates.

      Please note that the issuer's certificate must be loaded first.

      Parameters:
      caCertificate - The CA certificate to add. Must be a valid, signed certificate.
      Returns:
      The current instance.
      Throws:
      IllegalArgumentException - If the argument is null or invalid.
      IllegalStateException - If the contained public key already been registered.
      InvalidCertificateException - If the check of the provided certificate failed.
      Since:
      2.1.0
      See Also:

    • addCaCertificateParser

      AsymmetricCryptoSecuritySetting addCaCertificateParser(CaCertificateParser caCertificateParser)
      Registers a CA certificate parser.

      The parser provides the means to build a CaCertificate from the raw data read from the card.

      This parser will only be used if the CA certificate is not already available.

      Parameters:
      caCertificateParser - The CA certificate parser to add.
      Returns:
      The current instance.
      Throws:
      IllegalArgumentException - If the argument is null or invalid.
      IllegalStateException - If a parser associated with the same certificate type is already registered.
      Since:
      2.1.0

    • addCardCertificateParser

      AsymmetricCryptoSecuritySetting addCardCertificateParser(CardCertificateParser cardCertificateParser)
      Registers a card certificate parser.

      The parser provides the means to build a card certificate from the raw data read from the card.

      Parameters:
      cardCertificateParser - The card certificate parser to add.
      Returns:
      The current instance.
      Throws:
      IllegalArgumentException - If the argument is null or invalid.
      IllegalStateException - If a parser associated with the same certificate type is already registered.
      Since:
      2.1.0