ProviderSecurityDomain

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

visa.openplatform
Interface ProviderSecurityDomain

public interface ProviderSecurityDomain

This defines the interface of a privileged system class that represents an Application Provider on a card. The class implementing this interface must be declared a Shareable Interface Object (see the JCRE document in Java Card™ 2.1). This class offers cryptographic services, key management services, runtime messaging support, and secure loading services to applets from the same Application Provider. Prior to using this interface, an application is required to obtain a handle to it’s associated Security Domain by invoking the OPSystem.getSecurityDomain() method.

Method Summary
`void`	`closeSecureChannel(byte channel)` This method is used to close the Secure Channel that was previously opened with the openSecureChannel() method specifically to erase any secure information relating to the Secure Channel.
`boolean`	`decryptVerifyKey(byte channel, javacard.framework.APDU apdu, short offset)` This method is used to decrypt and verify a key received by the application within a Secure Channel.
`byte`	`openSecureChannel(javacard.framework.APDU apdu)` This method opens a Secure Channel for an application and returns the newly opened channel number.
`void`	`unwrap(byte channel, javacard.framework.APDU apdu)` This method is used to process the APDU content after receiving it from an offcard entity and within a Secure Channel.
`void`	`verifyExternalAuthenticate(byte channel, javacard.framework.APDU apdu)` This method is used to authenticate the off-card entity by verifying the contents of the APDU command.

Method Detail

closeSecureChannel

public void closeSecureChannel(byte channel)

This method is used to close the Secure Channel that was previously opened with the openSecureChannel() method specifically to erase any secure information relating to the Secure Channel.

Parameters:: channel - Secure channel number

decryptVerifyKey

public boolean decryptVerifyKey(byte channel,
                                javacard.framework.APDU apdu,
                                short offset)

This method is used to decrypt and verify a key received by the application within a Secure Channel.

Parameters:: channel - Secure channel number; apdu - APDU handle; offset - Offset within the APDU buffer where the key set data field can be retrieved.
Returns:: true if a key has been verified, false otherwise.

openSecureChannel

public byte openSecureChannel(javacard.framework.APDU apdu)

This method opens a Secure Channel for an application and returns the newly opened channel number. The supplied APDU must contain the command used to retrieve data from the card that will be used by the off-card entity to authenticate the card.

This method prepares the response to this command within the APDU. The Security Domain that the applet belongs to is responsible for the channel number allocation.

Parameters:: apdu - APDU handle
Returns:: Secure channel number

unwrap

public void unwrap(byte channel,
                   javacard.framework.APDU apdu)

This method is used to process the APDU content after receiving it from an offcard entity and within a Secure Channel. The processing is according to the requirements for integrity and confidentiality that are established when a Secure Channel is opened. The resultant APDU contains the command as if it where received outside of a Secure Channel.

Parameters:: channel - Secure channel number; apdu - APDU handle

verifyExternalAuthenticate

public void verifyExternalAuthenticate(byte channel,
                                       javacard.framework.APDU apdu)

This method is used to authenticate the off-card entity by verifying the contents of the APDU command.

Parameters:: channel - Secure channel number; apdu - APDU handel