Nexus/br.com.gertec.nexus.domain.emv.port.input/EMVPort/endContactlessCAPKLoad

endContactlessCAPKLoad

abstract fun endContactlessCAPKLoad(): NexusRet

Commits all staged contactless CAPKs to the EMV contactless kernels.

This method finalizes the contactless CAPK loading sequence by validating, processing, and activating all Certificate Authority Public Keys that were previously loaded via setContactlessCAPKs calls. It saves the CAPK data to persistent storage and configures all contactless EMV kernels with the cryptographic keys required for offline data authentication.

Prerequisites:

EMV kernel environment must be initialized via initializeKernelEnvironment
At least one contactless CAPK must be loaded via setContactlessCAPKs
This method is the final step in the contactless CAPK loading sequence

Operations performed:

Buffer persistence - Saves current contactless CAPK data buffer to XML storage
Kernel configuration - Loads validated CAPKs into all contactless EMV kernels

Post-conditions:

All staged contactless CAPKs are committed and active in the contactless kernels
Contactless EMV kernels are ready for offline data authentication
CAPK configurations are persisted to storage for future transactions
Contactless transaction processing can proceed with cryptographic verification

Validation checks:

Ensures no duplicate RID+Index combinations exist
Verifies all required CAPK fields are present and valid
Confirms hash values match the provided modulus and exponent
Checks CAPK expiry dates are still valid
Validates cryptographic parameter consistency

Thread safety: This method should be called from the same thread that performed the setContactlessCAPKs calls to ensure data consistency and prevent CAPK corruption.

Exceptions: This function MUST NOT throw any exception. Any error must be indicated through NexusRet Any unexpected error must be mapped as NexusRet.INTERR

Implementation notes:

Validate that at least one contactless CAPK was loaded before finalizing
Log detailed information about the number of CAPKs committed and their RID+Index pairs
Ensure atomic operation where possible (all CAPKs committed or none)

Return

NexusRet indicating the finalization result:

NexusRet.OK: All contactless CAPKs committed successfully to the kernels
NexusRet.INTERR: Internal error during finalization or kernel configuration
Other values: Specific validation errors, cryptographic errors, or kernel failures

Usage sequence: This method must be called after all desired setContactlessCAPKs calls:

// Load multiple contactless CAPKs for different payment schemes
emvPort.setContactlessCAPKs(visaContactlessCAPK1)
emvPort.setContactlessCAPKs(visaContactlessCAPK2)
emvPort.setContactlessCAPKs(mastercardContactlessCAPK1)
emvPort.setContactlessCAPKs(amexContactlessCAPK1)

// Finalize and commit all contactless CAPKs
val result = emvPort.endContactlessCAPKLoad()

if (result == NexusRet.OK) {
    // All contactless CAPKs committed successfully
    println("Contactless EMV kernels configured with all CAPK data")
    // Kernels are now ready for contactless offline data authentication
} else {
    // Handle finalization failure
    println("Failed to finalize contactless CAPK data: $result")
    // May need to reset and reload CAPK configurations
}

Timber log suggestion: Log total count of contactless CAPKs committed, their RID+Index pairs, and any validation errors.