Skip to content

Session Encryption

Overview

According to ISO 18013-5 communication between devices should be encrypted. SDK provides the mechanism for encrypt and decrypting data sent and received between devices. This mechanism must be used with BLE, NFC and WiFi Aware device retrieval methods.

Using SessionManager to create Request

When DeviceEngagement is received a SessionManager must be created in order to create the encrypted request. The same SessionManager instance must be available when receiving data in order to decrypt.

Typically SessionManager is used in combination with the RequestBuilder to create the Request to be sent.

Example

java
    try{
        Handover handover = ...
        DeviceEngagement deviceEngagement = ...
        Map<String,Map<String,Map<String,Boolean>>> docRequests =
                IsoDocRequests.getContactInfoDocRequest(false);

        SessionManager sessionManager = new SessionManager(deviceEngagement, handover);
        Request request = new RequestBuilder()
                .setSessionManager(sessionManager)
                .setDocRequests(docRequests)
                .build();

        // send request using a Transfer<Request> instance

    } catch (NotInitializedException e) {
        // sdk is not initialized 
    } catch(Exception e){
        // handle any other exception
    }

Using SessionManager to decrypt response

Using SessionManager to decrypt the received bytes.

java
    try {
        SessionData sessionData = sessionManager.decryptResponse(receivedBytes);

        sessionData.runOnData(decryptedBytes -> {
            // consume decrypted bytes
        });

        sessionData.runOnError(status -> {
            // handle session error
        });

        sessionData.runOnTermination(() -> {
            // handle session termination if
            // received
        });
    } catch (SDKException e) {
        // handle exception while decrypting
    }