News

Applying a Sharing Interface Object

In order for the server to return values of any types of sharing interfaces using a single interface, both methods have JCSystem.getAppletShareableInterfaceObject and an Applet.getShareableInterfaceObject- the type Shared is used to return the value – the base type for all objects of the sharing interface. Client the applet must cast the returned SIO object to the appropriate type and store a reference to it in a variable of this type. For example, if in the “electronic wallet” applet it is necessary to bring SIO to the type...

read more

JCRE Privileges

On the Java Card platform, the JCRE runtime performs the functions of a dispatcher. The JCRE context is “system”, so it has special privileges. JCRE can call methods of any objects and has access to non-static fields of any objects on the card. Such system privileges allow JCRE to control system resources and manage objects. For example, when JCRE accepts the APDU command, it calls one of the methods of the currently active applet: select, deselect or process.Before calling the applet method, the JCRE context switches to the...

read more

Java Card Object System

Switching contexts in the process of sharing objects JCRE, applet client and applet server are executed in different contexts. To ensure the possibility of sharing objects, it is necessary to organize context switching. To request access to SIO, the client applet calls the JCSystem.getAppletShareableInterfaceObject method. In this case , the internal mechanism of the method switches the context from client to JCRE . JCRE then calls the getShareableInterfaceObject server applet method. As a result of this call, the context switches again. The...

read more

Interface mechanism for sharing objects

Let’s repeat the basic properties of the mechanisms for sharing JCRE objects with applets:· JCRE has system privileges, so it can access any objects.· The applet gets access to system services through JCRE entry point objects.· JCRE exchange data of primitive types through special global arrays.Java Card technology also provides for the sharing of objects by applets using an interface sharing mechanism. Sharing Interface The sharing interface directly or indirectly extends the javacard interface.framework.Shareable. public interface...

read more

Applet Firewall and Object Sharing

The Java Card platform is an environment for many applications to work. Several applets from different manufacturers can be stored in one card. After the card is made, additional applets can be loaded into it. Applets often contain extremely critical information, such as bank account data, identification data, secret cryptographic keys, etc. The exchange of such secret data between applets must be strictly limited. On the Java Card platform, a security system, or firewall of applets, is implemented to isolate applets. The firewall restricts...

read more

Protocol-dependent methods of processing APDU commands

Programming of applets for the Java Card platform at the application level involves processing APDU commands using the capabilities of the APDU class. The APDU class provides a simple, unified interface for applets that does not depend on the lower-level transport protocol used (T=0 or T=1). However, some outdated smart card systems were designed in such a way that in order to exchange data, the applets must know the features of the transport protocol being used. To ensure compatibility with the same systems and be able to exchange data with...

read more

Processing the APDU command and generating response data

The first four bytes of the APDU header [CLA, INS, P1, P2] define the instruction that the applet must execute. If the command is of type 3 or 4, then during the execution of the instruction, the applet must process the data read into the APDU buffer. If the command is of type 2 or 4, the applet must generate response data to send to the host application. To reduce the amount of memory used, applet developers often store intermediate results or response data in the APDU buffer. Sending APDU response data After executing the instructions...

read more

APDU Data Packets

This chapter describes the methods of working with application protocol data blocks (application protocol data block, APDU) in applets. APDS are data packets. They provide an application layer communication protocol for data exchange between client applications that run on the card and host system applications. Readers who are unfamiliar with the storage protocol and the smart card communication system are advised to read Chapter 2 first, and only then proceed to study this chapter. the mechanism of communication of applets with the Java host...

read more

Java Card Applet

Applications that run on Java smart cards are called applets. This chapter describes the applet development environment. The chapter consists of seven sections. The first section discusses the general principles of how applets work in the JCRE environment. The remaining sections are devoted to the methods of applet development.The properties of applets are described in detail throughout the book. For example, Chapters 8 and 9 discuss the processing of APDU commands and the sharing of objects by different applets. The Java Card applet is an...

read more

Java Card Exceptions and Exception Handling

An exception is an event that interrupts the normal flow of instructions during the execution of a program. Exceptions are an important component of the Java language. They provide a simple and elegant method of error handling in programs. The Java Card platform supports all Java programming language constructs related to exceptions. In Java Card applets, you can use the keywords throw, try, catch and finally. They work exactly the same as on the Java platform.Exceptions are raised by the JCRE classes and the Java Card Virtual Machine in the...

read more