org.globalplatform
Interface SecureChannelx

All Superinterfaces:

SecureChannel

public interface SecureChannelx

extends SecureChannel

This interface may be used by an applet wishing to delegate the handling of entity authentication and APDU security to its associated Security Domain. This interface is designed to offer interoperability to the applet in that it requires no knowledge of the mechanisms used to perform the authentication or of the scheme used for APDU security and shall allow an applet to interface correctly with a Security Domain immaterial of the mechanisms or schemes used. Prior to using this interface, an Application is required to obtain a handle to its associated Security Domain's SecureChannelx interface object by invoking the GPSystem.getSecureChannel() method and casting the returned object to type SecureChannelx. The SecureChannelx Interface shall be implemented by a Security Domain compliant to this version of the specification and the corresponding object reference shall be exposed through the GPSystem.getSecureChannel() method. See also Interface SecureChannel.

Field Summary

Fields inherited from interface org.globalplatform.SecureChannel

ANY_AUTHENTICATED, AUTHENTICATED, C_DECRYPTION, C_MAC, NO_SECURITY_LEVEL, R_ENCRYPTION, R_MAC

Method Summary

void	setSecurityLevel(byte bSecurityLevel) This method updates the Current Security Levelfor all subsequent invocations of wrap() and unwrap() methods, except when Secure Channel is not active or was aborted during the same Application session.

Methods inherited from interface org.globalplatform.SecureChannel

decryptData, encryptData, getSecurityLevel, processSecurity, resetSecurity, unwrap, wrap

Method Detail

setSecurityLevel

public void setSecurityLevel(byte bSecurityLevel)

This method updates the Current Security Levelfor all subsequent invocations of wrap() and unwrap() methods, except when Secure Channel is not active or was aborted during the same Application session. Current Security Level is coded as a bit-map. The current Security Level cannot be set below the compulsory Session Security Level, buty only equial or above. The Current Security Level may be increased or decreased during a Secure Channel Session as long as it is at least equal to the compulsory Session Security Level.

Notes:

This method fails if a Secure Channel Session is not open, if the corresponding session keys are not available or if the Current Security Level is equal to NO_SECURITY_LEVEL.

Throws:

ISOException - with the following reason codes (other security mechanism related status words may be returned):

• ISO7816.SW_CONDITION_NOT_SATISFIED