.. java:import:: com.idopte.scmiddleware Log .. java:import:: com.idopte.scmapiembed SCMEmbedEnvironment .. java:import:: com.idopte.scmiddleware SCWSSystem .. java:import:: org.json JSONArray .. java:import:: org.json JSONException .. java:import:: org.json JSONObject .. java:import:: java.io IOException .. java:import:: java.nio.charset StandardCharsets .. java:import:: java.util Objects .. java:import:: androidx.annotation NonNull .. java:import:: androidx.annotation Nullable Pin === .. java:package:: com.idopte.scmapi :noindex: .. java:type:: public class Pin Class represents a PIN that protects smart card contents. Methods ------- change ^^^^^^ .. java:method:: public void change(String oldValue, String newValue) throws SCMException :outertype: Pin Changes the PIN. The operation can only be made against the user PIN. :param oldValue: The current PIN value. May be ``null`` if a protected authentication path exists \ :java:ref:`Token.hasProtectedAuthPath()`\ . :param newValue: The new PIN value. May be ``null`` if a protected authentication path exists. getConstraints ^^^^^^^^^^^^^^ .. java:method:: public PinConstraint[] getConstraints() throws SCMException :outertype: Pin Gets the format constraints of the PIN as an array of \ :java:ref:`PinConstraint`\ object. :return: the \ :java:ref:`PinConstraint`\ array. getCredentialProperties ^^^^^^^^^^^^^^^^^^^^^^^ .. java:method:: public JSONObject getCredentialProperties() :outertype: Pin Returns a ``JSONObject`` which contains the PIN properties, to be used in \ :java:ref:`requestCredential(JSONObject,CredentialState)`\ function. This object can be created without this function; in that case it has to be created manually and must have the following fields: .. * ``pinLabel`` as a ``String``, representing the PIN label. * ``methods`` as a ``JSONObject`` representing the supported mechanisms by the slot. The following field must be defined: .. * ``facialBio`` as a ``boolean``. Equals ``true`` if the PIN supports facial biometry process :return: a ``JSONObject`` which contains the PIN properties of a specific slot. getLabel ^^^^^^^^ .. java:method:: public String getLabel() :outertype: Pin Gets the PIN label. Can be undefined if the card has a single PIN without explicit label defined. :return: the PIN label. getMaxTries ^^^^^^^^^^^ .. java:method:: public int getMaxTries() :outertype: Pin Returns the maximum number of tries for the PIN verification. Can be undefined if the information is unavailable. :return: the maximum number of tries for the PIN verification. getRemainingTries ^^^^^^^^^^^^^^^^^ .. java:method:: public int getRemainingTries() :outertype: Pin Returns the number of remaining tries for the PIN verification. Can be undefined if the information is unavailable. :return: the number of remaining tries for the PIN verification. getToken ^^^^^^^^ .. java:method:: public Token getToken() :outertype: Pin Returns \ :java:ref:`Token`\ object this PIN belongs to. :return: the \ :java:ref:`Token`\ object. initCredentialState ^^^^^^^^^^^^^^^^^^^ .. java:method:: public CredentialState initCredentialState() :outertype: Pin Returns a \ :java:ref:`CredentialState`\ object which can be used during a \ :java:ref:`requestCredential(JSONObject,CredentialState)`\ / \ :java:ref:`login(CredentialValue,CredentialState)`\ process in order to update the information (remaining tries, a potential error...) in the PIN dialog. :return: a \ :java:ref:`CredentialState`\ object. initPin ^^^^^^^ .. java:method:: public void initPin(String newValue) throws SCMException :outertype: Pin Re-initializes the PIN value (eventually unblocking it, if required). The operation can only be made against the user PIN, and requires the security officer PIN to be verified \ :java:ref:`Pin.loginSO(String)`\ )}. :param newValue: The new PIN value. May be ``null`` if a protected authentication path exists. isBlocked ^^^^^^^^^ .. java:method:: public boolean isBlocked() :outertype: Pin Returns \ ``true``\ if the PIN is blocked. :return: \ ``true``\ if the PIN is blocked; \ ``false``\ otherwise. isInitialized ^^^^^^^^^^^^^ .. java:method:: public boolean isInitialized() :outertype: Pin Returns \ ``true``\ if the PIN has been initialized. :return: \ ``true``\ if the PIN has been initialized; \ ``false``\ otherwise. isToBeChanged ^^^^^^^^^^^^^ .. java:method:: public boolean isToBeChanged() :outertype: Pin Returns \ ``true``\ if the PIN need to be changed before use. :return: \ ``true``\ if the PIN need to be changed before use; \ ``false``\ otherwise. isTryCountLow ^^^^^^^^^^^^^ .. java:method:: public boolean isTryCountLow() :outertype: Pin Returns \ ``true``\ if the PIN try counter is lower than the maximum (an unsuccessful verification attempt has been made). :return: \ ``true``\ if the PIN try counter is lower than the maximum; \ ``false``\ otherwise. isValidated ^^^^^^^^^^^ .. java:method:: public boolean isValidated() :outertype: Pin Returns \ ``true``\ if the PIN has been successfully verified (access to the private objects is granted). :return: \ ``true``\ if the PIN has been successfully verified; \ ``false``\ otherwise. lastTry ^^^^^^^ .. java:method:: public boolean lastTry() :outertype: Pin Returns \ ``true``\ if the PIN try counter shows only one attempt remaining. :return: \ ``true``\ if the PIN try counter shows only one attempt remaining; \ ``false``\ otherwise. login ^^^^^ .. java:method:: public void login(String value) throws SCMException :outertype: Pin Verifies the PIN. :param value: the PIN value. May be ``null`` if a protected authentication path exists(\ :java:ref:`Token.hasProtectedAuthPath()`\ ). login ^^^^^ .. java:method:: public void login(CredentialValue value, CredentialState state) throws SCMException :outertype: Pin Verifies the PIN after getting \ :java:ref:`CredentialValue`\ object by using \ :java:ref:`requestCredential(JSONObject,CredentialState)`\ function. :param value: The credential value. :param state: The credential state. This object will be updated by this function call. A further call to \ :java:ref:`requestCredential(JSONObject,CredentialState)`\ with this ``state`` object will display a PIN dialog with updated information. loginSO ^^^^^^^ .. java:method:: public void loginSO(String value) throws SCMException :outertype: Pin Verifies the Security Officer (administrator or unblocking) PIN :param value: the PIN value. May be ``null`` if a protected authentication path exists(\ :java:ref:`Token.hasProtectedAuthPath()`\ ). logout ^^^^^^ .. java:method:: public void logout() throws SCMException :outertype: Pin Resets the verified status of the PIN (cancels a call to \ :java:ref:`Pin.login(String)`\ ). requestCredential ^^^^^^^^^^^^^^^^^ .. java:method:: public static CredentialValue requestCredential(JSONObject properties, CredentialState state) throws SCMException :outertype: Pin Displays a standalone PIN dialog that allows the user to set the PIN or use biometry process, in order to get the necessary credential for a \ :java:ref:`login(CredentialValue,CredentialState)`\ process. As this function waits for a credential through an user interface, this can \ **NOT**\ be called from UI thread. \ **Examples**\ .. parsed-literal:: void loginLoop(JSONObject properties, CredentialState state) throws SCMException { boolean retry = false; do { try { // request credential ... CredentialValue credential = Pin.requestCredential(properties, state); // ... and try to login. Assuming a `pin` object is correctly defined and initialized pin.login(credential, state); Log.d("login_example", "login is successful"); return; } catch (SCMException exception) { // on no fatal errors, retry requesting credential/login process long errorCode = exception.getErrorCode(); retry = (errorCode == SCMException.CKR_PIN_INCORRECT || errorCode == SCMException.CKR_PIN_INVALID || errorCode == SCMException.CKR_PIN_LEN_RANGE); Log.d("login_example", "failed to login", exception); if (!retry) { Log.d("login_example", "exiting from loginLoop"); throw exception; } } } while(retry); } \ **Use case 1: A token has been read**\ .. parsed-literal:: // assuming `pin` object is defined JSONObject credentialProperties = pin.getCredentialProperties(); CredentialState credentialState = pin.initCredentialState(); loginLoop(credentialProperties, credentialState); \ **Use case 2: No token has been read**\ .. parsed-literal:: JSONObject credentialProperties = new JSONObject("{pinLabel: \"My PIN label\", methods: {facialBio: false}}"); CredentialState credentialState = new CredentialState(); loginLoop(credentialProperties, credentialState); :param properties: the credential properties. If a token has been previously read, value of \ :java:ref:`getCredentialProperties()`\ can be used. Otherwise, this parameter can be build respecting the format detailed in \ :java:ref:`getCredentialProperties()`\ . :param state: an object which is used to display the current credential state (remaining tries, a potential error...) in the PIN dialog. At the beginning of a ``requestCredential`` / ``login`` sequence, ``state`` can be created through \ :java:ref:`initCredentialState()`\ or \ :java:ref:`CredentialState.CredentialState()`\ if no token was read before. :return: The \ :java:ref:`CredentialValue`\ to use in \ :java:ref:`login(CredentialValue,CredentialState)`\ operation.