android.device
Class SEManager

java.lang.Object
  extended by android.device.SEManager

public class SEManager
extends java.lang.Object

The SEManager class is used to initialize and control the security processor hardware

To control the security processor hardware with this class, use the following steps:

  1. You can obtain an instance of this class by calling. SEManager manager = new SEManager();
  2. initialize the security processor with open().
  3. delete the key on the specified index before download new key with deleteKey(int , int , byte[] , byte[] ).
  4. download Keys in security processor RAM with downloadKey(int , int , int , byte[] , int ,byte[] , byte[] ).
  5. using the downloaded key to encrypt the Data encryptData(int , int , int , byte[] ,int , int , byte[] , int ,byte[] , byte[] ).
  6. Call close() to close the security processor.

For more information about the smart card reader, read the samples folder below PinPad.


Nested Class Summary
static interface SEManager.PedInputListener
           
 
Field Summary
static int ECRC16_DATA
          data crc16 error
static int EENCRYPTKEYS_NOTDOWLOAD
          keys encrypt keys not download
static int EHEAD_CMD
          command head (CB) error
static int EKEYS_DOWNLOAD
          keys download
static int EKEYS_EXISTS
          keys exists or cant't be overwrite
static int EKEYS_NOTDOWNLOAD
          keys not download
static int EKEYS_OUTOFSPACE
          keys out of space
static int EKEYS_RDORINIT
          keys not ready or init
static int EKEYSNO_NOTFOUND
          keys number not found
static int EKEYSNO_OVERRANGE
          keys number out of range
static int ELENGTH_CMD
          command length error
static int EMSG_FORMAT
          message format error
static int EMSG_MAC
          message mac error
static int ENOTSUP_ALGORITHM
          unsupported algorithm
static int ENOTSUP_CMD
          unsupported command
static int ENOTSUP_FORMAT
          unsupported format
static int ENOTSUP_KEYSLENGTH
          unsupported keys length
static int ENOTSUP_MODE
          unsupported mode
static int ENOTSUP_PINBLOCK_FORMAT
          unsupported pinblock format
static int ENOTSUP_SEPUSE
          keys unsupported specified use
static int EPINBLOCK_CHAR
          pinblock char error
static int ERESERVED_0X1D
          Reserved
static int ESEPARATOR_CMD
          command separator error
static int ESEPARATORLEN_CMD
          command separator length error
static int EUSER_PINBLOCK_LENGTH
          user pinblock length error
static int EUSER_PINBLOCK_VALUE
          user pinblock value error
static int EUSERNAME_LENGTH
          username length error
static int EUSERNAME_VALUE
          username value error
static int S_OK
          command execute Success
 
Constructor Summary
SEManager()
           
 
Method Summary
 int clearKey(byte[] ResponseData, byte[] ResLen)
          clearKey:Clear All Keys.
 int close()
          close security processor
 int decryptData(int KeyUsage, int KeyNo, int Algorithm, byte[] StartValue, int StartValueLen, int PaddingChar, byte[] DecryptData, int DecryptDataLen, byte[] ResponseData, byte[] ResLen)
          decryptData: Decryption Data
 int deleteKey(int KeyUsage, int KeyNo, byte[] ResponseData, byte[] ResLen)
          deleteKey:Delete Keys.
 int downloadKey(int KeyUsage, int KeyNo, int ParentKeyNo, byte[] KeyData, int KeyDataLen, byte[] ResponseData, byte[] ResLen)
          loadKey:Download Keys in security processor RAM.
 int enableSuspend(int enable, byte[] ResponseData, byte[] ResLen)
          Enable the security processor timeout before automatic suspension.
 int encryptData(int KeyUsage, int KeyNo, int Algorithm, byte[] StartValue, int StartValueLen, int PaddingChar, byte[] EncryptData, int EncryptDataLen, byte[] ResponseData, byte[] ResLen)
          encryptData: Encryption Data.
 int generateRandomData(byte[] ResponseData, byte[] ResLen)
          Generate a 8 bytes random number.
 int getFirmwareVersion(byte[] ResponseData, byte[] ResLen)
          get security processor firmware version.
 int getPinBlock(int KeyUsage, int PINKeyNo, byte[] CustomerData, int CustomerDataLen, java.lang.String message, long timeOut, SEManager.PedInputListener listener)
          Get the pin block.
 int getPinBlockEx(android.os.Bundle bundle, SEManager.PedInputListener listener)
          Get the pin block.
 int getPinBlockEx(int KeyUsage, int PINKeyNo, byte[] CustomerData, int CustomerDataLen, java.lang.String message, long timeOut, java.lang.String supportPinLen, SEManager.PedInputListener listener)
          Get the pin block.
 int getStatus(byte[] ResponseData, byte[] ResLen)
          get security processor hardware status
 int open()
          open security processor
 int setSuspendTimeout(int timeout, byte[] ResponseData, byte[] ResLen)
          This function allows to set the security processor timeout before automatic suspension.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

S_OK

public static final int S_OK
command execute Success

See Also:
Constant Field Values

ENOTSUP_CMD

public static final int ENOTSUP_CMD
unsupported command

See Also:
Constant Field Values

ELENGTH_CMD

public static final int ELENGTH_CMD
command length error

See Also:
Constant Field Values

ESEPARATOR_CMD

public static final int ESEPARATOR_CMD
command separator error

See Also:
Constant Field Values

ESEPARATORLEN_CMD

public static final int ESEPARATORLEN_CMD
command separator length error

See Also:
Constant Field Values

EHEAD_CMD

public static final int EHEAD_CMD
command head (CB) error

See Also:
Constant Field Values

ECRC16_DATA

public static final int ECRC16_DATA
data crc16 error

See Also:
Constant Field Values

EMSG_MAC

public static final int EMSG_MAC
message mac error

See Also:
Constant Field Values

EMSG_FORMAT

public static final int EMSG_FORMAT
message format error

See Also:
Constant Field Values

ENOTSUP_ALGORITHM

public static final int ENOTSUP_ALGORITHM
unsupported algorithm

See Also:
Constant Field Values

ENOTSUP_FORMAT

public static final int ENOTSUP_FORMAT
unsupported format

See Also:
Constant Field Values

ENOTSUP_MODE

public static final int ENOTSUP_MODE
unsupported mode

See Also:
Constant Field Values

EKEYS_RDORINIT

public static final int EKEYS_RDORINIT
keys not ready or init

See Also:
Constant Field Values

EKEYSNO_NOTFOUND

public static final int EKEYSNO_NOTFOUND
keys number not found

See Also:
Constant Field Values

EKEYSNO_OVERRANGE

public static final int EKEYSNO_OVERRANGE
keys number out of range

See Also:
Constant Field Values

EKEYS_DOWNLOAD

public static final int EKEYS_DOWNLOAD
keys download

See Also:
Constant Field Values

EKEYS_NOTDOWNLOAD

public static final int EKEYS_NOTDOWNLOAD
keys not download

See Also:
Constant Field Values

EKEYS_OUTOFSPACE

public static final int EKEYS_OUTOFSPACE
keys out of space

See Also:
Constant Field Values

EKEYS_EXISTS

public static final int EKEYS_EXISTS
keys exists or cant't be overwrite

See Also:
Constant Field Values

EENCRYPTKEYS_NOTDOWLOAD

public static final int EENCRYPTKEYS_NOTDOWLOAD
keys encrypt keys not download

See Also:
Constant Field Values

ENOTSUP_SEPUSE

public static final int ENOTSUP_SEPUSE
keys unsupported specified use

See Also:
Constant Field Values

ENOTSUP_KEYSLENGTH

public static final int ENOTSUP_KEYSLENGTH
unsupported keys length

See Also:
Constant Field Values

ERESERVED_0X1D

public static final int ERESERVED_0X1D
Reserved

See Also:
Constant Field Values

ENOTSUP_PINBLOCK_FORMAT

public static final int ENOTSUP_PINBLOCK_FORMAT
unsupported pinblock format

See Also:
Constant Field Values

EUSERNAME_LENGTH

public static final int EUSERNAME_LENGTH
username length error

See Also:
Constant Field Values

EUSERNAME_VALUE

public static final int EUSERNAME_VALUE
username value error

See Also:
Constant Field Values

EUSER_PINBLOCK_LENGTH

public static final int EUSER_PINBLOCK_LENGTH
user pinblock length error

See Also:
Constant Field Values

EUSER_PINBLOCK_VALUE

public static final int EUSER_PINBLOCK_VALUE
user pinblock value error

See Also:
Constant Field Values

EPINBLOCK_CHAR

public static final int EPINBLOCK_CHAR
pinblock char error

See Also:
Constant Field Values
Constructor Detail

SEManager

public SEManager()
Method Detail

open

public int open()
open security processor

Returns:
0: success; negative number: faild

close

public int close()
close security processor

Returns:
0: success; negative number: faild

getFirmwareVersion

public int getFirmwareVersion(byte[] ResponseData,
                              byte[] ResLen)
get security processor firmware version.

Parameters:
ResponseData - output data, processor response data
ResLen - output data, processor response data length
Returns:
return errorCode

getStatus

public int getStatus(byte[] ResponseData,
                     byte[] ResLen)
get security processor hardware status

Parameters:
ResponseData - output data, 5Bytes device status: Byte[0] – maxium storage num of keys we support(The sum of all keys) Byte[1] – used for mag strip info encryption(TDK) Byte[2] – used for counting PIN keys Byte[3] – num of MAC keys Byte[4] – num of Master keys #: all num of keys is not greater than the sum of all keys(Byte[0]).
ResLen - output data, length of ResponseData, 5Bytes.
Returns:
return errorCode

clearKey

public int clearKey(byte[] ResponseData,
                    byte[] ResLen)
clearKey:Clear All Keys.

Parameters:
ResponseData - output data, processor response data, this function return data is NULL.
ResLen - output data, processor response data length, this function return data length is 0.
Returns:
return errorCode

downloadKey

public int downloadKey(int KeyUsage,
                       int KeyNo,
                       int ParentKeyNo,
                       byte[] KeyData,
                       int KeyDataLen,
                       byte[] ResponseData,
                       byte[] ResLen)
loadKey:Download Keys in security processor RAM. Keys length is 8 bytes (DES), 16 bytes or 24Bytes(3DES)
Notice: Parent keys or encryption keys unsupported 8 bytes length, that must be 16 bytes.

Parameters:
KeyUsage - input data, Key Usage: 0x01 - used for Mag strip info encryption(TDK) 0x02 - used for PIN encryption 0x03 - used for MAC calculation 0x04 - Parent(Master) key 0x05 - Reserved 0x06 - Reserved 0x07 – used for message transportation encryption
KeyNo - input data, Key number, 0 - 20.
ParentKeyNo - input data, Parent Key Number. when DownloadKey is used to load parent key, this parameter can be ignore. Parent(Master) Key have no parent key.
KeyData - input data, key data, this parameter have 8 bytes, 16 bytes or 24 bytes(3DES)
KeyDataLen - input data, Key Data length
ResponseData - output data, security processor response data, output KCV (with clear key encryption 8 0x00 return value, get first 4 bytes)
ResLen - output data, security processor response data length
Returns:
return errorCode

deleteKey

public int deleteKey(int KeyUsage,
                     int KeyNo,
                     byte[] ResponseData,
                     byte[] ResLen)
deleteKey:Delete Keys.

Parameters:
KeyUsage - input data, Key Usage 0x01 - used for Mag strip info encryption(TDK) 0x02 - used for PIN encryption 0x03 - used for MAC calculation 0x04 - Parent(Master) key 0x05 - Reserved 0x06 - Reserved 0x07 – used for message transportation encryption
KeyNo - input data, Key index, 0 - 20.
ResponseData - output data, security processor response data, this function return data is NULL.
ResLen - output data, security processor response data length, this function return data length is 0.
Returns:
return errorCode

encryptData

public int encryptData(int KeyUsage,
                       int KeyNo,
                       int Algorithm,
                       byte[] StartValue,
                       int StartValueLen,
                       int PaddingChar,
                       byte[] EncryptData,
                       int EncryptDataLen,
                       byte[] ResponseData,
                       byte[] ResLen)
encryptData: Encryption Data.

Parameters:
KeyUsage - input data, Key Usage 0x01 - used for Mag strip info encryption(TDK) 0x02 - used for PIN encryption 0x03 - used for MAC calculation 0x04 - Parent(Master) key 0x05 - Reserved 0x06 - Reserved 0x07 – used for message transportation encryption
KeyNo - input data, Key index, 0 - 20.
Algorithm - input data, Algorithm define: 0x01(ECB) 0x02(CBC).
StartValue - input data, initialization vector, this value is NULL(Algorithm = 0x01) or 8 bytes (Algorithm = 0x02).
StartValueLen - input data, initialization vector length.
PaddingChar - input data, padding character, value is 0x0 ~ 0xF.
EncryptData - input data, encryption data, length is 0 - 128 bytes.
EncryptDataLen - input data, encryption data length
ResponseData - output data, encrypted data return form security processor.
ResLen - output data, security processor response data length
Returns:
return errorCode

decryptData

public int decryptData(int KeyUsage,
                       int KeyNo,
                       int Algorithm,
                       byte[] StartValue,
                       int StartValueLen,
                       int PaddingChar,
                       byte[] DecryptData,
                       int DecryptDataLen,
                       byte[] ResponseData,
                       byte[] ResLen)
decryptData: Decryption Data

Parameters:
KeyUsage - input data, Key Usage 0x01 - used for Mag strip info encryption(TDK) 0x02 - used for PIN encryption 0x03 - used for MAC calculation 0x04 - Parent(Master) key 0x05 - Reserved 0x06 - Reserved 0x07 – used for message transportation encryption
KeyNo - input data, Key index: 0 - 20.
Algorithm - input data, Algorithm define: 0x01(ECB) 0x02(CBC).
StartValue - input data, initialization vector, this value is NULL(Algorithm = 0x01) or 8 bytes (Algorithm = 0x02).
StartValueLen - input data, initialization vector length.
PaddingChar - input data, padding character, value is 0x0 ~ 0xF.
DecryptData - input data, dencryption data, 0~128Bytes.
DecryptDataLen - input data, dencryption data length.
ResponseData - output data, dencrypted data returned from security processor
ResLen - output data, security processor response data length
Returns:
return errorCode

getPinBlock

public int getPinBlock(int KeyUsage,
                       int PINKeyNo,
                       byte[] CustomerData,
                       int CustomerDataLen,
                       java.lang.String message,
                       long timeOut,
                       SEManager.PedInputListener listener)
Get the pin block.

Parameters:
KeyUsage - input data, Key Usage 0x01 - used for Mag strip info encryption(TDK) 0x02 - used for PIN encryption 0x03 - used for MAC calculation 0x04 - Parent(Master) key 0x05 - Reserved 0x06 - Reserved 0x07 – used for message transportation encryption
PINKeyNo - input data, Key index: 0 - 20.
CustomerData - input data, ASCII format Customer account, 0 - 24Bytes.
CustomerDataLen - input data, the length of CustomerData
message -
timeOut - set the input key timeout
listener - The PedInputListener that will be called when a input key event is fired.
Returns:
0 if successful, negative number if fail

getPinBlockEx

public int getPinBlockEx(int KeyUsage,
                         int PINKeyNo,
                         byte[] CustomerData,
                         int CustomerDataLen,
                         java.lang.String message,
                         long timeOut,
                         java.lang.String supportPinLen,
                         SEManager.PedInputListener listener)
Get the pin block.

Parameters:
KeyUsage - input data, Key Usage 0x01 - used for Mag strip info encryption(TDK) 0x02 - used for PIN encryption 0x03 - used for MAC calculation 0x04 - Parent(Master) key 0x05 - Reserved 0x06 - Reserved 0x07 – used for message transportation encryption
PINKeyNo - input data, Key index: 0 - 20.
CustomerData - input data, ASCII format Customer account, 0 - 24Bytes.
CustomerDataLen - input data, the length of CustomerData
message -
timeOut - set the input key timeout
supportPinLen - set the input key support length, default format: "0,4,6,8,10,12"
listener - The PedInputListener that will be called when a input key event is fired.
Returns:
0 if successful, negative number if fail

getPinBlockEx

public int getPinBlockEx(android.os.Bundle bundle,
                         SEManager.PedInputListener listener)
Get the pin block.

Parameters:
bundle - is a Bundle obejct
eg. Bundle param = new Bundle();
param.putInt("KeyUsage", 1);
param.putInt("PINKeyNo", 2);
param.putInt("pinAlgMode", 1);
param.putString("cardNo", "6225887855370299");
param.putBoolean("sound", false);
param.putLong("timeOutMS", 60000);
param.putString("supportPinLen", "0,4,6,8,10,12");
param.putString("title", "Security Keyboard");
param.putString("message", "please input password \n 6225****0299");

KeyUsage input data, Key Usage 0x01 - used for Mag strip info encryption(TDK) 0x02 - used for PIN encryption 0x03 - used for MAC calculation 0x04 - Parent(Master) key 0x05 - Reserved 0x06 - Reserved 0x07 – used for message transportation encryption
PINKeyNo input data, Key index: 0 - 20.
pinAlgMode pinblock Algorithm Mode: 0x01(DES ECB) 0x02(DES CBC) 0x03(SM4 ECB) 0x04(SM4 CBC)(Note: need update FW version to 20170610) CustomerData input data, ASCII format Customer account, 0 - 24Bytes.
CustomerDataLen input data, the length of CustomerData
message
sound set the input key sound feedback
timeOutMS set the input key timeout
supportPinLen set the input key support length, default format: "0,4,6,8,10,12"
title set the Keyboard UI title
message set the message displayed in the middle of the UI
listener - The PedInputListener that will be called when a input key event is fired.
Returns:
0 if successful, negative number if fail

generateRandomData

public int generateRandomData(byte[] ResponseData,
                              byte[] ResLen)
Generate a 8 bytes random number.

Parameters:
ResponseData - output data, to store the generated 8 bytes random number
ResLen - bytes indicating the length of response data
Returns:
0 if successful, negative number if fail

enableSuspend

public int enableSuspend(int enable,
                         byte[] ResponseData,
                         byte[] ResLen)
Enable the security processor timeout before automatic suspension.

Parameters:
enable - indicates to enable or to disable the security processor suspend.
ResponseData - output data, security processor response data
ResLen - output data, security processor response data length

setSuspendTimeout

public int setSuspendTimeout(int timeout,
                             byte[] ResponseData,
                             byte[] ResLen)
This function allows to set the security processor timeout before automatic suspension.

Parameters:
timeout - The value of the timeout (in seconds) or 0 for infinite.
ResponseData - output data, security processor response data
ResLen - output data, security processor response data length