org.globalplatform
Interface GPRegistryEntry

public interface GPRegistryEntry

This defines the interface corresponding to the GPRegistryEntry of a single Application. The Global Service Application uses this interface to check the validity of the request presented by an on-card entity. Prior to using this interface, an Application is required to obtain a handle to the GPRegistryEntry of an Application by invoking the GPSystem.getRegistryEntry() method.

Field Summary

static byte	PRIVILEGE_AUTHORIZED_MANAGEMENT Privilege indicating Authorized Management (0x09).
static byte	PRIVILEGE_CARD_LOCK Privilege indicating Card Lock (0x03).
static byte	PRIVILEGE_CARD_RESET Privilege indicating Card Reset (0x05).
static byte	PRIVILEGE_CARD_TERMINATE Privilege indicating Card Terminate (0x04).
static byte	PRIVILEGE_CVM_MANAGEMENT Privilege indicating CVM Management (0x06).
static byte	PRIVILEGE_DAP_VERIFICATION Privilege indicating DAP verification (0x01).
static byte	PRIVILEGE_DELEGATED_MANAGEMENT Privilege indicating Delegated Management (0x02).
static byte	PRIVILEGE_FINAL_APPLICATION Privilege indicating Final Application (0x0E).
static byte	PRIVILEGE_GLOBAL_DELETE Privilege indicating Global Delete (0x0B).
static byte	PRIVILEGE_GLOBAL_LOCK Privilege indicating Global Lock (0x0C).
static byte	PRIVILEGE_GLOBAL_REGISTRY Privilege indicating Global Registry (0x0D).
static byte	PRIVILEGE_GLOBAL_SERVICE Privilege indicating Global Service (0x0F).
static byte	PRIVILEGE_MANDATED_DAP Privilege indicating Mandated DAP verification privilege (0x07).
static byte	PRIVILEGE_RECEIPT_GENERATION Privilege indicating Receipt Generation (0x10).
static byte	PRIVILEGE_SECURITY_DOMAIN Privilege indicating application is a Security Domain (0x00).
static byte	PRIVILEGE_TOKEN_VERIFICATION Privilege indicating Token Verification (0x0A).
static byte	PRIVILEGE_TRUSTED_PATH Privilege indicating Trusted Path (0x08).

Method Summary

void	deregisterService(short sServiceName) This method allows a Global Services Application (e.g. a CVM Application) to deregister a service name.
AID	getAID() This method returns the Application's AID registered in the current GlobalPlatform Registry's entry.
short	getPrivileges(byte[] baBuffer, short sOffset) This method returns all the Privileges bytes registered in the current GlobalPlatform registry entry.
byte	getState() This method returns the Life Cycle State registered in the current GlobalPlatform Registry entry.
boolean	isAssociated(AID SDAID) This method allows to verify if the entity whose AID is provided in the input parameters is registered as the associated Security Domain of this GPRegistryEntry.
boolean	isPrivileged(byte bPrivilege) This method allows an Application (e.g. a CVM Application) to verify if a given Privilege is registered in this GPRegistryEntry (e.g. check the CVM Management privilege of another Application invoking the CVM.update() method).
void	registerService(short sServiceName) This method allows a Global Services Application (e.g. a CVM Application) to register a unique service identifier within the GlobalPlatform Registry.
boolean	setState(byte bState) This method allows the Life Cycle state of this GPRegistryEntry to be transitioned to the requested target state.

Field Detail

PRIVILEGE_AUTHORIZED_MANAGEMENT

public static final byte PRIVILEGE_AUTHORIZED_MANAGEMENT

Privilege indicating Authorized Management (0x09).

See Also:

Constant Field Values

PRIVILEGE_CARD_LOCK

public static final byte PRIVILEGE_CARD_LOCK

Privilege indicating Card Lock (0x03).

See Also:

Constant Field Values

PRIVILEGE_CARD_RESET

public static final byte PRIVILEGE_CARD_RESET

Privilege indicating Card Reset (0x05).

See Also:

Constant Field Values

PRIVILEGE_CARD_TERMINATE

public static final byte PRIVILEGE_CARD_TERMINATE

Privilege indicating Card Terminate (0x04).

See Also:

Constant Field Values

PRIVILEGE_CVM_MANAGEMENT

public static final byte PRIVILEGE_CVM_MANAGEMENT

Privilege indicating CVM Management (0x06).

See Also:

Constant Field Values

PRIVILEGE_DAP_VERIFICATION

public static final byte PRIVILEGE_DAP_VERIFICATION

Privilege indicating DAP verification (0x01).

See Also:

Constant Field Values

PRIVILEGE_DELEGATED_MANAGEMENT

public static final byte PRIVILEGE_DELEGATED_MANAGEMENT

Privilege indicating Delegated Management (0x02).

See Also:

Constant Field Values

PRIVILEGE_FINAL_APPLICATION

public static final byte PRIVILEGE_FINAL_APPLICATION

Privilege indicating Final Application (0x0E).

See Also:

Constant Field Values

PRIVILEGE_GLOBAL_DELETE

public static final byte PRIVILEGE_GLOBAL_DELETE

Privilege indicating Global Delete (0x0B).

See Also:

Constant Field Values

PRIVILEGE_GLOBAL_LOCK

public static final byte PRIVILEGE_GLOBAL_LOCK

Privilege indicating Global Lock (0x0C).

See Also:

Constant Field Values

PRIVILEGE_GLOBAL_REGISTRY

public static final byte PRIVILEGE_GLOBAL_REGISTRY

Privilege indicating Global Registry (0x0D).

See Also:

Constant Field Values

PRIVILEGE_GLOBAL_SERVICE

public static final byte PRIVILEGE_GLOBAL_SERVICE

Privilege indicating Global Service (0x0F).

See Also:

Constant Field Values

PRIVILEGE_MANDATED_DAP

public static final byte PRIVILEGE_MANDATED_DAP

Privilege indicating Mandated DAP verification privilege (0x07).

See Also:

Constant Field Values

PRIVILEGE_RECEIPT_GENERATION

public static final byte PRIVILEGE_RECEIPT_GENERATION

Privilege indicating Receipt Generation (0x10).

See Also:

Constant Field Values

PRIVILEGE_SECURITY_DOMAIN

public static final byte PRIVILEGE_SECURITY_DOMAIN

Privilege indicating application is a Security Domain (0x00).

See Also:

Constant Field Values

PRIVILEGE_TOKEN_VERIFICATION

public static final byte PRIVILEGE_TOKEN_VERIFICATION

Privilege indicating Token Verification (0x0A).

See Also:

Constant Field Values

PRIVILEGE_TRUSTED_PATH

public static final byte PRIVILEGE_TRUSTED_PATH

Privilege indicating Trusted Path (0x08).

See Also:

Constant Field Values

Method Detail

deregisterService

public void deregisterService(short sServiceName)
                       throws ISOException

This method allows a Global Services Application (e.g. a CVM Application) to deregister a service name.

Notes: The OPEN checks that the requesting on-card entity has the Global Service Privilege and is associated with this registry entry; The OPEN checks that the service name is registered as unique for the requesting on-card entity.

Throws:

ISOException - with the following reason code: ISO7816.SW_CONDITIONS_NOT_SATISFIED

getAID

public AID getAID()

This method returns the Application's AID registered in the current GlobalPlatform Registry's entry.

Notes: The OPEN checks that the requesting on-card entity has the Global Service Privilege and is associated with this registry entry; The OPEN checks that the service name is registered as unique for the requesting on-card entity.

Returns:

the AID object.

getPrivileges

public short getPrivileges(byte[] baBuffer,
                           short sOffset)
                    throws java.lang.ArrayIndexOutOfBoundsException

This method returns all the Privileges bytes registered in the current GlobalPlatform registry entry.

Returns:

sOffset + Length of the Privileges.

Throws:

java.lang.ArrayIndexOutOfBoundsException - may be thrown if storing the Privileges bytes would cause access outside array bounds or the sOffset is negative.

getState

public byte getState()

This method returns the Life Cycle State registered in the current GlobalPlatform Registry entry.

Returns:

The Life Cycle State.

isAssociated

public boolean isAssociated(AID SDAID)

This method allows to verify if the entity whose AID is provided in the input parameters is registered as the associated Security Domain of this GPRegistryEntry.

Notes: The OPEN determines if the SDAID is registered in the current GlobalPlatform Registry's entry as the associated Security Domain.

Returns:

True if the GP Registry references the Security Domain as being associated with this GPRegistryEntry, or False otherwise

isPrivileged

public boolean isPrivileged(byte bPrivilege)

This method allows an Application (e.g. a CVM Application) to verify if a given Privilege is registered in this GPRegistryEntry (e.g. check the CVM Management privilege of another Application invoking the CVM.update() method).

Returns:

True if at least the referenced Privilege is registered in the GP Registry entry, or False if the referenced Privilege is not registered in the GP Registry entry.

registerService

public void registerService(short sServiceName)
                     throws ISOException

This method allows a Global Services Application (e.g. a CVM Application) to register a unique service identifier within the GlobalPlatform Registry.

Notes: The OPEN checks that the requesting on-card entity has the Global Service Privilege and is associated with the current GlobalPlatform Registry entry; The OPEN checks that the requested service identifier matches with (one of) the Service Parameter(s) recorded in the current GlobalPlatform Registry entry; The OPEN checks that the service identifier is not already registered as unique by any other entry in the GlobalPlatform Registry.

Throws:

ISOException - with the following reason code: ISO7816.SW_CONDITIONS_NOT_SATISFIED

setState

public boolean setState(byte bState)

This method allows the Life Cycle state of this GPRegistryEntry to be transitioned to the requested target state.

Notes: A transition request to the Life Cycle State INSTALLED shall be rejected; A transition request to Life Cycle state other than APPLICATION_LOCKED and APPLICATION_UNLOCKED shall be accepted only if the invoking Application corresponds to this GPRegistryEntry; An Application shall be able to lock and shall not be able to unlock itself; Only an Application with GlobalLock privilege or the directly or indirectly associated Security Domain of this GPRegistryEntry shall be able to lock or unlock this GPRegistry Entry; This method shall fail if this GPRegsitryEntry corresponds to the Issuer Security Domain.

Returns:

True if the transition is successful, or False otherwise.