com.yello.api.redsys

Class RedsysKeyConfig

java.lang.Object

com.yello.api.redsys.RedsysKeyConfig

All Implemented Interfaces:

RedsysKeyProcessingInterface, SessionHandler

public final class RedsysKeyConfig
extends java.lang.Object
implements RedsysKeyProcessingInterface, SessionHandler

The RedsysKeyConfig Singleton Class

The RedsysKeyConfig singleton class handles the configuration of all redsys related cryptographic keys on the security processor.

Within the RedsysKeyConfig singleton class:

• Key loading or key update (using method setCAKey(RedsysProcessorSlotEnum, RedsysKey, int, ProgressListener), setCIKey(RedsysProcessorSlotEnum, String, RedsysKey, int, ProgressListener), or setCPINKey(RedsysProcessorSlotEnum, String, RedsysKey, int, ProgressListener), etc) can only be performed by opening a secure session with the security processor on the Yello terminal
• Information retrieval (like key version) can be performed via either a non-secure or a secure session with the secure processor.

Services provided by the RedsysKeyConfig singleton class can pe performed:

• either locally on the Yello Android device (via the method openSession(String, String, String, int) (secure session) or openSession(int) (non-secure session for info retrieval only));
• or remotely from a PC or Server (via the secure session methods openSession(SocketChannel, String, String, String, int) or openSession(SocketChannel, Certificate, Certificate, Key, int), or via non-secure session method (for info retrieval only) openSession(SocketChannel, int)), provided that that there is a proxy agent running on the Yello terminal to relay the request. The proxy-agent can be implemented by the client.

Examples of use

Updating the CA Key for Redsys Processor Slot 1, with default timeout value and no progress listener

 //Assuming that String ca_cert, cert and pkey are populated with data respectively from a SSL
 //CA Certificate, a SSL client certificate and SSL client private key, all in PEM format.

 // Assuming that ca_key_data is a byte array containing the Redsys CA key to update

 ...
 String ca_cert, cert, pkey;
 byte[] ca_key_data;

 // Populate ca_cert, cert, pkey

 // Populate ca_key_data;

 ...

 RedsysSystemConfig cfg = RedsysSystemConfig.getInstance();
 try {
      cfg.openSession(ca_cert, cert, pkey, 0);
      cfg.setCAKey(RedsysProcessorSlotEnum.SLOT_1, new RedsysKey(ca_key_data), 0, null);
 } catch (Exception e) {
      Log.e("SetCAKey", "Failed to update CA Key" + e);
 } finally {
      cfg.closeSession();
 }
 

Updating the CTC Key for Redsys Processor Slot 1, with default timeout value and no progress listener

 //Assuming that String ca_cert, cert and pkey are populated with data respectively from a SSL
 //CA Certificate, a SSL client certificate and SSL client private key, all in PEM format.

 // Assuming that ctc_key_data is a byte array containing the Redsys CTC key to update
 // Assuming that ci_key_data is a byte array containing the Redsys CI key to encrypt the CTC key
 ...
 String ca_cert, cert, pkey;
 byte[] ctc_key_data;
 byte[] ci_key_data;

 // Populate ca_cert, cert, pkey

 // Populate ca_key_data;
 // Populate ci_key_data;
 ...

 RedsysSystemConfig cfg = RedsysSystemConfig.getInstance();
 try {
      cfg.openSession(ca_cert, cert, pkey, 0);
      cfg.setCTCKey(RedsysProcessorSlotEnum.SLOT_1, new RedsysKey(ctc_1, ci_1), 0, null);
 } catch (Exception e) {
      Log.e("SetCTCKey", "Failed to update CTC Key" + e);
 } finally {
      cfg.closeSession();
 }
 

Method Summary

Modifier and Type	Method and Description
void	closeSession() Closes the currently opened session (normal or secure) to the secure processor
void	deleteAllOperationalKeys(int timeout, ProgressListener listener) Deletes all Operational Keys
java.lang.String	getCCPKeysVersion(int timeoutMs) Gets CCP Keys version
java.lang.String	getCIKeyVersion(RedsysProcessorSlotEnum slotId, int timeoutMs) Get CI key version by slot
java.lang.String	getCPINZoneIndex(RedsysProcessorSlotEnum slotId, int timeoutMs) Gets CPIN Zone index of a given Processor Slot.
static RedsysKeyConfig	getInstance()
java.lang.String	getProcessorSlotKCV(RedsysProcessorSlotEnum slotId, RedsysProcessorKeyTypeEnum keyType, int timeoutMs) Gets the Key KCV value of a given Processor Slot.
boolean	isSessionOpened() Checks if a session to the secure processor is already opened
void	loadFactoryKeys(RedsysKey caf, RedsysKey ctc, int timeout, ProgressListener listener) Loads the factory keys
void	openSession(int timeoutMs) Opens a local session to the secure processor (from an Android application running on the Yello terminal)
void	openSession(java.nio.channels.SocketChannel channel, java.security.cert.Certificate caCert, java.security.cert.Certificate cert, java.security.Key pKey, int timeoutMs) Opens a remote (from a PC or server) secure session to the secure processor.
void	openSession(java.nio.channels.SocketChannel channel, int timeoutMs) Opens a remote (from PC or Server) session to the secure processor
void	openSession(java.nio.channels.SocketChannel channel, java.lang.String caCert, java.lang.String cert, java.lang.String pKey, int timeoutMs) Opens a remote (from a PC or server) secure session to the secure processor.
void	openSession(java.lang.String caCert, java.lang.String cert, java.lang.String pKey, int timeoutMs) Opens a local secure session to the secure processor (from an Android application running on the Yello terminal)
void	setCAKey(RedsysProcessorSlotEnum slotId, RedsysKey key, int timeout, ProgressListener listener) Sets the CA key of a given Processor Slot
void	setCCPKeys(java.lang.String version, RedsysKey[] list, int timeout, ProgressListener listener) Set CCP Keys
void	setCIKey(RedsysProcessorSlotEnum slotId, java.lang.String version, RedsysKey key, int timeout, ProgressListener listener) Sets the CI key of a given Processor Slot
void	setCPINKey(RedsysProcessorSlotEnum slotId, java.lang.String zoneIdx, RedsysKey key, int timeout, ProgressListener listener) Sets the CPIN key of a given Processor Slot
void	setCTCKey(RedsysProcessorSlotEnum slotId, RedsysKey key, int timeout, ProgressListener listener) Sets the CTC key of a given Processor Slot
void	updateCPINKey(RedsysProcessorSlotEnum slotId, java.lang.String zoneIdx, RedsysKey key, int timeout, ProgressListener listener) Updates the CPIN key of a given Processor Slot
void	updateCTCKey(RedsysProcessorSlotEnum slotId, RedsysKey key, int timeout, ProgressListener listener) Updates the CTC key of a given Processor Slot
void	useExistingSession(boolean secure) Uses an existing session opened by another SessionHandler

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getInstance

public static RedsysKeyConfig getInstance()

setCCPKeys

public void setCCPKeys(java.lang.String version,
                       RedsysKey[] list,
                       int timeout,
                       ProgressListener listener)
                throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Set CCP Keys

Specified by:

setCCPKeys in interface RedsysKeyProcessingInterface

Parameters:

version - key version

list - array of RedsysKey CCP keys to be set

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

getCCPKeysVersion

public java.lang.String getCCPKeysVersion(int timeoutMs)
                                   throws java.io.IOException

Description copied from interface: RedsysKeyProcessingInterface

Gets CCP Keys version

Specified by:

getCCPKeysVersion in interface RedsysKeyProcessingInterface

Parameters:

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Returns:

CCP keys version

Throws:

java.io.IOException - if the operation cannot be performed due to IO errors

setCIKey

public void setCIKey(RedsysProcessorSlotEnum slotId,
                     java.lang.String version,
                     RedsysKey key,
                     int timeout,
                     ProgressListener listener)
              throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Sets the CI key of a given Processor Slot

Specified by:

setCIKey in interface RedsysKeyProcessingInterface

Parameters:

slotId - processor slot ID

version - key version

key - RedsysKey to set

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

getCIKeyVersion

public java.lang.String getCIKeyVersion(RedsysProcessorSlotEnum slotId,
                                        int timeoutMs)
                                 throws java.io.IOException

Get CI key version by slot

Specified by:

getCIKeyVersion in interface RedsysKeyProcessingInterface

Parameters:

slotId - processor slot ID

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Returns:

CI key version

Throws:

java.io.IOException - general error

setCAKey

public void setCAKey(RedsysProcessorSlotEnum slotId,
                     RedsysKey key,
                     int timeout,
                     ProgressListener listener)
              throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Sets the CA key of a given Processor Slot

Specified by:

setCAKey in interface RedsysKeyProcessingInterface

Parameters:

slotId - processor slot ID

key - key to be set

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

setCTCKey

public void setCTCKey(RedsysProcessorSlotEnum slotId,
                      RedsysKey key,
                      int timeout,
                      ProgressListener listener)
               throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Sets the CTC key of a given Processor Slot

Specified by:

setCTCKey in interface RedsysKeyProcessingInterface

Parameters:

slotId - processor slot ID

key - RedsysKey to set

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

updateCTCKey

public void updateCTCKey(RedsysProcessorSlotEnum slotId,
                         RedsysKey key,
                         int timeout,
                         ProgressListener listener)
                  throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Updates the CTC key of a given Processor Slot

Specified by:

updateCTCKey in interface RedsysKeyProcessingInterface

Parameters:

slotId - RedsysProcessorSlotEnum processor slot ID

key - RedsysKey to set

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

setCPINKey

public void setCPINKey(RedsysProcessorSlotEnum slotId,
                       java.lang.String zoneIdx,
                       RedsysKey key,
                       int timeout,
                       ProgressListener listener)
                throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Sets the CPIN key of a given Processor Slot

Specified by:

setCPINKey in interface RedsysKeyProcessingInterface

Parameters:

slotId - RedsysProcessorSlotEnum processor slot ID

zoneIdx - zone index

key - RedsysKey to set

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

updateCPINKey

public void updateCPINKey(RedsysProcessorSlotEnum slotId,
                          java.lang.String zoneIdx,
                          RedsysKey key,
                          int timeout,
                          ProgressListener listener)
                   throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Updates the CPIN key of a given Processor Slot

Specified by:

updateCPINKey in interface RedsysKeyProcessingInterface

Parameters:

slotId - RedsysProcessorSlotEnum processor slot ID

zoneIdx - zone index

key - RedsysKey to update

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

getCPINZoneIndex

public java.lang.String getCPINZoneIndex(RedsysProcessorSlotEnum slotId,
                                         int timeoutMs)
                                  throws java.lang.Exception

Description copied from interface: RedsysKeyProcessingInterface

Gets CPIN Zone index of a given Processor Slot. Can be performed using either a secure or non-secure session

Specified by:

getCPINZoneIndex in interface RedsysKeyProcessingInterface

Parameters:

slotId - RedsysProcessorSlotEnum processor slot ID

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Returns:

CPIN Zone index

Throws:

RedsysKeyProcessingException - general error

java.lang.Exception

getProcessorSlotKCV

public java.lang.String getProcessorSlotKCV(RedsysProcessorSlotEnum slotId,
                                            RedsysProcessorKeyTypeEnum keyType,
                                            int timeoutMs)
                                     throws java.lang.Exception

Description copied from interface: RedsysKeyProcessingInterface

Gets the Key KCV value of a given Processor Slot. Can be performed using either a secure or non-secure session

Specified by:

getProcessorSlotKCV in interface RedsysKeyProcessingInterface

Parameters:

slotId - RedsysProcessorSlotEnum processor slot ID

keyType - RedsysProcessorKeyTypeEnum key type

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Returns:

key KCV value

Throws:

RedsysKeyProcessingException - general error

java.lang.Exception

deleteAllOperationalKeys

public void deleteAllOperationalKeys(int timeout,
                                     ProgressListener listener)
                              throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Deletes all Operational Keys

Specified by:

deleteAllOperationalKeys in interface RedsysKeyProcessingInterface

Parameters:

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

loadFactoryKeys

public void loadFactoryKeys(RedsysKey caf,
                            RedsysKey ctc,
                            int timeout,
                            ProgressListener listener)
                     throws RedsysKeyProcessingException

Description copied from interface: RedsysKeyProcessingInterface

Loads the factory keys

Specified by:

loadFactoryKeys in interface RedsysKeyProcessingInterface

Parameters:

caf - RedsysKey caf key

ctc - RedsysKey ctc key

timeout - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

listener - ProgressListener to keep track of the update. Optional, can be null.

Throws:

RedsysKeyProcessingException - general error

openSession

public void openSession(java.nio.channels.SocketChannel channel,
                        java.lang.String caCert,
                        java.lang.String cert,
                        java.lang.String pKey,
                        int timeoutMs)
                 throws java.lang.Exception

Description copied from interface: SessionHandler

Opens a remote (from a PC or server) secure session to the secure processor.

Specified by:

openSession in interface SessionHandler

Parameters:

channel - SocketChannel opened and connected to a proxy agent running on the Yello terminal

caCert - String containing SSL CA certificate data in PEM format

cert - String containing an SSL client certificate data in PEM format

pKey - String containing an SSL client private key data in PEM format

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Throws:

java.lang.IllegalAccessException - if a session (either secure or non-secure) is already opened

java.io.IOException - if the session cannot be opened due to IO errors or if the SocketChannel provided as parameter is not connected.

java.lang.Exception - for other types of exceptions

openSession

public void openSession(java.nio.channels.SocketChannel channel,
                        java.security.cert.Certificate caCert,
                        java.security.cert.Certificate cert,
                        java.security.Key pKey,
                        int timeoutMs)
                 throws java.lang.Exception

Description copied from interface: SessionHandler

Opens a remote (from a PC or server) secure session to the secure processor.

Specified by:

openSession in interface SessionHandler

Parameters:

channel - SocketChannel opened and connected to a proxy agent running on the Yello terminal

caCert - SSL CA certificate

cert - SSL client certificate

pKey - SSL client private key

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Throws:

java.lang.IllegalAccessException - if a session (either secure or non-secure) is already opened

java.io.IOException - if the session cannot be opened due to IO errors or if the SocketChannel provided as parameter is not connected.

java.lang.Exception - for other types of exceptions

openSession

public void openSession(java.lang.String caCert,
                        java.lang.String cert,
                        java.lang.String pKey,
                        int timeoutMs)
                 throws java.lang.Exception

Description copied from interface: SessionHandler

Opens a local secure session to the secure processor (from an Android application running on the Yello terminal)

Specified by:

openSession in interface SessionHandler

Parameters:

caCert - String containing SSL CA certificate data in PEM format

cert - String containing an SSL client certificate data in PEM format

pKey - String containing an SSL client private key data in PEM format

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Throws:

java.lang.IllegalAccessException - if a session (either secure or non-secure) is already opened.

java.io.IOException - if the session cannot be opened due to IO errors or if the SocketChannel provided as parameter is not connected.

java.lang.Exception - for other types of exceptions

openSession

public void openSession(java.nio.channels.SocketChannel channel,
                        int timeoutMs)
                 throws java.lang.Exception

Description copied from interface: SessionHandler

Opens a remote (from PC or Server) session to the secure processor

Specified by:

openSession in interface SessionHandler

Parameters:

channel - SocketChannel opened and connected to a proxy agent running on the Yello terminal

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Throws:

java.lang.IllegalAccessException - if a session (either secure or non-secure) is already opened.

java.io.IOException - if the session cannot be opened due to IO errors or if the SocketChannel provided as parameter is not connected.

java.lang.Exception - for other types of exceptions

openSession

public void openSession(int timeoutMs)
                 throws java.lang.Exception

Description copied from interface: SessionHandler

Opens a local session to the secure processor (from an Android application running on the Yello terminal)

Specified by:

openSession in interface SessionHandler

Parameters:

timeoutMs - Timeout in milliseconds. If timeoutMs is <= 0, internal default timeout will be used

Throws:

java.lang.IllegalAccessException - if a session (either secure or non-secure) is already opened.

java.io.IOException - if the session cannot be opened due to IO errors or if the SocketChannel provided as parameter is not connected.

java.lang.Exception - for other types of exceptions

isSessionOpened

public boolean isSessionOpened()

Description copied from interface: SessionHandler

Checks if a session to the secure processor is already opened

Specified by:

isSessionOpened in interface SessionHandler

Returns:

true if a session is opened.

closeSession

public void closeSession()

Description copied from interface: SessionHandler

Closes the currently opened session (normal or secure) to the secure processor

Specified by:

closeSession in interface SessionHandler

useExistingSession

public void useExistingSession(boolean secure)
                        throws java.lang.Exception

Description copied from interface: SessionHandler

Uses an existing session opened by another SessionHandler

Specified by:

useExistingSession in interface SessionHandler

Parameters:

secure - boolean indicating whether to reused a secure session or plain session

Throws:

java.lang.IllegalAccessException - if no session is opened.

java.lang.Exception - for other types of exceptions