public interface PIN
PIN
becomes blocked.
An owner implementation of this interface must provide a way to
initialize/update the PIN value. The owner implementation of the interface
must protect against attacks based on program flow prediction. In addition,
even if a transaction is in progress, update of internal state such as the
try counter, the validated flag, and the blocking state, shall not
participate in the transaction during PIN presentation.
This interface does not make any assumptions about how the blocking state is
internally represented: the blocking state is concomitant to
the try counter value being equal to zero.
A typical card global PIN usage will combine an instance of
the OwnerPIN
class or of an OwnerPINx
-implementing class
and a Proxy PIN interface which extends both
the PIN
and the Shareable
interfaces and
re-declares the methods of the PIN interface. The OwnerPIN
or OwnerPINx
instance would be manipulated only by the owner who has update privilege. All
others would access the global PIN functionality via the proxy PIN interface.
OwnerPIN
,
OwnerPINx
,
OwnerPINxWithPredecrement
,
OwnerPINBuilder
,
Shareable
Modifier and Type | Method and Description |
---|---|
boolean |
check(byte[] pin,
short offset,
byte length)
Compares
pin against the PIN value. |
byte |
getTriesRemaining()
Returns the number of times remaining that an incorrect PIN can be
presented before the
PIN is blocked. |
boolean |
isValidated()
Returns the validated flag;
true if a valid PIN value has been presented since
the last card reset and the validated flag was not reset since then by a call to reset
or by any owner PIN administrative method operations (see OwnerPIN and OwnerPINx ). |
void |
reset()
If the validated flag is set, this method resets the validated flag.
|
byte getTriesRemaining()
PIN
is blocked.
In addition to returning a byte
result, platform-implementations of this method set the
result in an internal state which can be rechecked using assertion methods
of the SensitiveResult
class,
if supported by the platform.boolean check(byte[] pin, short offset, byte length) throws ArrayIndexOutOfBoundsException, NullPointerException
pin
against the PIN value. If the
PIN
is not already blocked then:
PIN
.Note:
NullPointerException
or ArrayIndexOutOfBoundsException
is
thrown, the validated flag must be set to false, the try counter must be decremented
and, the PIN
blocked if the counter reaches zero.
offset
or length
parameter
is negative an ArrayIndexOutOfBoundsException
exception is thrown.
offset+length
is greater than pin.length
, the length
of the pin
array, an ArrayIndexOutOfBoundsException
exception is thrown.
pin
parameter is null
a NullPointerException
exception is thrown.
boolean
result, platform-implementations of this method set the
result in an internal state which can be rechecked using assertion methods
of the SensitiveResult
class,
if supported by the platform.pin
- the byte array containing the PIN value being checkedoffset
- the starting offset in the pin
arraylength
- the length of pin
true
if the PIN value matches; false
otherwiseArrayIndexOutOfBoundsException
- if the check operation would cause access of data outside
array bounds.NullPointerException
- if pin
is null
boolean isValidated()
true
if a valid PIN value has been presented since
the last card reset and the validated flag was not reset since then by a call to reset
or by any owner PIN administrative method operations (see OwnerPIN
and OwnerPINx
).
In addition to returning a boolean
result, platform-implementations of this method set the
result in an internal state which can be rechecked using assertion methods
of the SensitiveResult
class,
if supported by the platform.true
if validated; false
otherwisevoid reset()
Copyright © 1998, 2015, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms