Menu

To get the encrypted iris data

To scan the iris, and get the encrypted iris data, you must do the following:

Note: If the device does not support the Samsung India Identity APIs, calling the APIs would throw a "Runtime Exception".

  1. Get the instance of the iris manager: Call getInstance() API method.

  2. Capture: The capture(String pidOptions) API method starts the iris scan and data capture. This API method takes PidOptions XML as input and returns the (encrypted and signed PID), (encrypted and encoded session key) and (SHA-256 Hash of PID block, encrypted and then encoded) in PidData XML as mentioned in Aadhaar Registered Devices Technical Specification – Version 2.0.1. Form the PidOptions XML and call the capture (String pidOptions) API method. This API method is a blocking call and should be called in a separate thread other than the application main thread. If you call this API when a capture is on-going, then a SECIRIS_SENSOR_FAILURE is returned in errCode="" errInfo="" of PidData. This API method returns success only if the device is registered with UIDAI. Registering with UIDAI will happen once the device is connected to network.

    You can capture the iris image for a single eye, or dual eyes by passing the number “1” for single eye, and “2” for dual eyes in the iCount tag of input PidOptions XML.

    The PidOptions XML passed as input can have optionally filled demographics, OTP, and so on. The APIs returns the PidData XML which contains necessary information to form the auth/KYC request. The <Skey ci="">, <Hmac> and <Data type="X|P"> (encrypted PID) can be extracted from the PidData XML by parsing it.

    Using the encrypted PID, session key and HMAC is extracted and obtained. You can further construct the authentication or E-KYC XML request in your application for authenticating the user, or to get the e-KYC data from the Aadhaar server.

  3. Get the device information: The getDeviceInfo() API method returns the device details which are required for constructing the auth request according to Aadhaar Registered Devices Technical Specification – Version 2.0. The details are returned in the DeviceInfo XML and contains the following information.

    <DeviceInfo dpId="" rdsId="" rdsVer="" dc="" mi="" mc="" />

    Following are the DeviceInfo XML details and should be parsed by the application accordingly.

    dpId – Unique code assigned to registered device provider.

    rdsId – Unique ID of the certified registered device service.

    rdsVer – Registered devices service version.

    dc – Unique Registered device code.

    mi – Registered device model ID.

    mc – This attribute holds registered device public key certificate. This is signed with device provider key.

    The following code snippet shows how to use the APIs:

    boolean singleChecked = true;//false
    if(singleEye)
        numberofeye=1;
    String inputxml = String.format( "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>" 
    + "<PidOptions>"
    + "<Opts " + "iCount=\""+ numberofeye + "\" " + "format=\""+ "0" + "\" " + "pidVer=\""+ "2.0" + "\" " + "env=\""+ "S" + "\" "  + "timeout=\""+ "1200" + "\" />" 
    + "<Demo lang=\"eng\">" + "<Pi " + "name=\""+ dname + "\"/>"+  "</Demo>"
    + "</PidOptions>");
    
    String piddataxml = secIrisRDServiceManager.capture(inputxml);
                    
    InputStream is = new ByteArrayInputStream(piddataxml.getBytes());
    DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance();
    domFactory.setIgnoringComments(true);
    DocumentBuilder builder = domFactory.newDocumentBuilder();
    Document doc = builder.parse(is);
    errcode = doc.getElementsByTagName("Resp").item(0).getAttributes().getNamedItem("errCode").getTextContent();
    errinfo = doc.getElementsByTagName("Resp").item(0).getAttributes().getNamedItem("errInfo").getTextContent();
    icount = doc.getElementsByTagName("Resp").item(0).getAttributes().getNamedItem("iCount").getTextContent();
    pid = doc.getElementsByTagName("Data").item(0).getTextContent();
    skey = doc.getElementsByTagName("Skey").item(0).getTextContent();
    ci = doc.getElementsByTagName("Skey").item(0).getAttributes().getNamedItem("ci").getTextContent();
    hmac = doc.getElementsByTagName("Hmac").item(0).getTextContent();
    type = doc.getElementsByTagName("Data").item(0).getAttributes().getNamedItem("type").getTextContent();
    dpId = doc.getElementsByTagName("DeviceInfo").item(0).getAttributes().getNamedItem("dpId").getTextContent();
    rdsId = doc.getElementsByTagName("DeviceInfo").item(0).getAttributes().getNamedItem("rdsId").getTextContent();
    rdsVer = doc.getElementsByTagName("DeviceInfo").item(0).getAttributes().getNamedItem("rdsVer").getTextContent();
    dc = doc.getElementsByTagName("DeviceInfo").item(0).getAttributes().getNamedItem("dc").getTextContent();
    mi = doc.getElementsByTagName("DeviceInfo").item(0).getAttributes().getNamedItem("mi").getTextContent();
    mc = doc.getElementsByTagName("DeviceInfo").item(0).getAttributes().getNamedItem("mc").getTextContent();
                                  
    SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZZZZZZ", Locale.US);
    sdf.setTimeZone(TimeZone.getTimeZone("UTC+5.30"));
    String ts = sdf.format(new Date());
    String authXML = String.format(
            "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>" + 
              "<" + ns2 + "Auth " + "ac=\"" + uidPrefs.getProperty("auaCode")
                    + "\" " + "lk=\"" + uidPrefs.getProperty("auaLicenseKey") + "\" " + "rc=\"" + (isRc? "Y":"N") +"\""+"sa=\""
                    + uidPrefs.getProperty("sa") + "\" " + "tid=\"registered\" " 
                    + "txn=\"" + txn + "\" " + "uid=\"" + uid + "\" " + "ver=\"2.0\" " + xmlnsBfd + xmlns + ">"
                    + "<Uses " + "bio=\"y\" " + "bt=\"IIR\" " + "otp=\"n\" " + "pa=\"n\" " + "pfa=\"n\" "
                    + "pi=\"" + pi + "\" " + "pin=\"n\"/>"
                    + "<Meta "  + "dc=\"" + dc + "\" " 
                    + "mi=\"" + mi + "\" " 
                    + "mc=\"" + mc + "\" " 
                    + "rdsId=\"" + rdsId + "\" "
                    + "rdsVer=\"" + rdsVer + "\" "
                    + "dpId=\"" + dpId + "\" "
                    + "udc=\"" + uidPrefs.getProperty("udc") + "\"/>" 
                    + "<Skey " + "ci=\"" + ci + "\">" + skey + "</Skey>" 
                    + "<Data "+ "type=\"X\">" + pid + "</Data>" 
                    + "<Hmac>" + hmac + "</Hmac>" + "</" + ns2 + "Auth>");
    
    Print.d(TAG + " :: Auth XML is:" + authXML);
    return authXML;
    }