org.globalplatform
Interface SecureChannelx

All Superinterfaces:
SecureChannel, javacard.framework.Shareable

public interface SecureChannelx
extends SecureChannel

This interface is an extension of the SecureChannel interface that defines one supplementary method to update the Current Security Level during a Secure Channel Session.

An Application that wishes to use the SecureChannelx interface shall obtain a reference to a SecureChannel instance and try to cast it to the SecureChannelx interface. Whether the objects returned by the GPSystem.getSecureChannel() method also implement the SecureChannelx interface is implementation dependent, however, this may be expressed as a requirement in specific GlobalPlatform configuration documents.

Since:

Field Summary
 
Fields inherited from interface org.globalplatform.SecureChannel
ANY_AUTHENTICATED, AUTHENTICATED, C_DECRYPTION, C_MAC, NO_SECURITY_LEVEL, R_ENCRYPTION, R_MAC
 
Method Summary
 void setSecurityLevel(byte bSecurityLevel)
          Updates the Current Security Level.
 
Methods inherited from interface org.globalplatform.SecureChannel
decryptData, encryptData, getSecurityLevel, processSecurity, resetSecurity, unwrap, wrap
 

Method Detail

setSecurityLevel

void setSecurityLevel(byte bSecurityLevel)
Updates the Current Security Level. If this method is not supported by the implementation or the underlying protocol does not define any sensitive data encryption mechanism, it shall do nothing and simply throw an exception (see below).

The Current Security Level cannot be set below the compulsory Session Security Level, but only equal or above. It may be increased or decreased during a Secure Channel Session as long as it is at least equal to the compulsory Session Security Level.

If the Current Security Level is SecureChannel.NO_SECURITY_LEVEL or the cryptographic keys required by the new Current Security Level are not available, then this method shall throw an exception (see below).

The new Current Security Level shall apply for all subsequent invocations of SecureChannel.wrap(byte[], short, short) and SecureChannel.unwrap(byte[], short, short) methods, except when there is no current Secure Channel Session.

Parameters:
bSecurityLevel - The new Current Security Level, which shall a combination of one or more the following constants:
Throws:
javacard.framework.ISOException - with one of the following reason codes (other reason codes specific to the underlying security protocol may be returned):
  • '6982' if this method is not supported by the implementation.
  • '6985' if there is no Secure Channel Session currently open or if the new Current Security Level does not comply with (i.e. goes below) the compulsory Session Security Level.


Copyright © 2003-2014 GlobalPlatform, Inc. All rights reserved. The technology provided or described in this specification is subject to updates, revisions, and extensions by GlobalPlatform. Recipients of this document are invited to submit, with their comments, notification of any relevant patent rights or other intellectual property rights of which they may be aware which might be necessarily infringed by the implementation of the specification or other work product set forth in this document, and to provide supporting documentation.
THIS SPECIFICATION OR OTHER WORK PRODUCT IS BEING OFFERED WITHOUT ANY WARRANTY WHATSOEVER, AND IN PARTICULAR, ANY WARRANTY OF NON-INFRINGEMENT IS EXPRESSLY DISCLAIMED. ANY IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT SHALL BE MADE ENTIRELY AT THE IMPLEMENTER'S OWN RISK, AND NEITHER THE COMPANY, NOR ANY OF ITS MEMBERS OR SUBMITTERS, SHALL HAVE ANY LIABILITY WHATSOEVER TO ANY IMPLEMENTER OR THIRD PARTY FOR ANY DAMAGES OF ANY NATURE WHATSOEVER DIRECTLY OR INDIRECTLY ARISING FROM THE IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT.