Package org.eclipse.keypop.calypso.card.transaction

Interface SecureExtendedModeTransactionManager

All Superinterfaces:
SecureSymmetricCryptoTransactionManager<SecureExtendedModeTransactionManager>, SecureTransactionManager<SecureExtendedModeTransactionManager>, TransactionManager<SecureExtendedModeTransactionManager>
public interface SecureExtendedModeTransactionManager extends SecureSymmetricCryptoTransactionManager<SecureExtendedModeTransactionManager>
Manager of card transactions secured by symmetric key cryptographic algorithms, adding additional operations available only for "Calypso Prime Extended" products.

See SecureSymmetricCryptoTransactionManager parent interface for more information and details of available card operations.

An instance of this interface can be obtained via the method CalypsoCardApiFactory.createSecureExtendedModeTransactionManager(CardReader, CalypsoCard, SymmetricCryptoSecuritySetting).

Since:
2.0.0

  • Method Details

    • prepareEarlyMutualAuthentication

      SecureExtendedModeTransactionManager prepareEarlyMutualAuthentication()
      Requests to mutually authenticate the card and the terminal before the secure session is closed.

      This ensures the authenticity of the card before sending sensitive commands.

      The use of this feature will penalize the execution time of the secure session and should therefore be used only for the case mentioned above. As a reminder, closing the secure session also performs a mutual authentication of the card and the terminal.

      When it is needed, it is advised to use this command only once at the beginning of the secure session.

      Returns:
      The current instance.
      Throws:
      UnsupportedOperationException - The "Manage Secure Session" command is not available for this context (Card and/or CRYPTOGRAPHIC MODULE does not support the extended mode).
      Since:
      1.5.0
      See Also:

    • prepareActivateEncryption

      SecureExtendedModeTransactionManager prepareActivateEncryption()
      Requests the encryption of all following commands.

      This ensures data confidentiality and prevents man-in-the-middle attacks.

      The use of data encryption is resource intensive and increases transaction times. It is therefore recommended to limit encryption to commands that require it.

      Furthermore, if mutual authentication is also required, for performance reasons, it is advised to place the prepareEarlyMutualAuthentication and prepareActivateEncryption calls consecutively (in any order) for optimization purpose.

      This command only makes sense in the context of a secure session.

      Returns:
      The current instance.
      Throws:
      UnsupportedOperationException - The "Manage Secure Session" command is not available for this context (Card and/or cryptographic module does not support the extended mode).
      Since:
      1.5.0
      See Also:

    • prepareDeactivateEncryption

      SecureExtendedModeTransactionManager prepareDeactivateEncryption()
      Requests to stop encryption for the following commands.

      This restores the exchange operations with the card to its normal mode.

      This command only makes sense in the context of a secure session in which encryption of commands has been previously requested.

      Note: the SecureTransactionManager.prepareCloseSecureSession() ()} method automatically stops the encryption.

      Returns:
      The current instance.
      Throws:
      UnsupportedOperationException - The "Manage Secure Session" command is not available for this context (Card and/or cryptographic module does not support the extended mode).
      Since:
      1.5.0
      See Also: