org.globalplatform
Interface GlobalService

All Superinterfaces:
javacard.framework.Shareable

public interface GlobalService
extends javacard.framework.Shareable

This interface allows requesting a Global Services Application for a Shareable Interface Object (SIO) providing the actual service.

To retrieve an instance of this interface, an Application shall invoke the GPSystem.getService(javacard.framework.AID, short) method.

Since:
export file version 1.1

Field Summary
static byte KEY_ACCESS_ANY
          Key Access indicating key may be used by the Security Domain and any associated Application (0x00).
static byte KEY_ACCESS_APPLICATION
          Key Access indicating key may be used by any associated Application but not by the Security Domain (0x02).
static byte KEY_ACCESS_SECURITY_DOMAIN
          Key Access indicating key may be used by the Security Domain but not by any associated Application (0x01).
static byte KEY_TYPE_3DES
          Key type indicating Triple DES reserved for specific implementations (0x81).
static byte KEY_TYPE_3DES_CBC
          Key type indicating Triple DES in CBC mode (0x82).
static byte KEY_TYPE_AES
          Key type indicating AES (0x88).
static byte KEY_TYPE_DES
          Key type indicating DES with ECB/CBC implicitly known (0x80).
static byte KEY_TYPE_DES_CBC
          Key type indicating DES in CBC mode (0x84).
static byte KEY_TYPE_DES_ECB
          Key type indicating DES in ECB mode (0x83).
static byte KEY_TYPE_EXTENDED
          Key type indicating extended key format (0xFF).
static byte KEY_TYPE_HMAC_SHA1
          Key type indicating HMAC SHA1, length of HMAC implicitly known (0x90).
static byte KEY_TYPE_HMAC_SHA1_160
          Key type indicating HMAC SHA1, length of HMAC is 160 bits (0x91).
static byte KEY_TYPE_RSA_PRIVATE_CRT_DP1
          Key type indicating RSA Private Key Chinese Remainder dp1 component (0xA7).
static byte KEY_TYPE_RSA_PRIVATE_CRT_DQ1
          Key type indicating RSA Private Key Chinese Remainder dq1 component (0xA8).
static byte KEY_TYPE_RSA_PRIVATE_CRT_P
          Key type indicating RSA Private Key Chinese Remainder p component (0xA4).
static byte KEY_TYPE_RSA_PRIVATE_CRT_PQ
          Key type indicating RSA Private Key Chinese Remainder pq component (0xA6).
static byte KEY_TYPE_RSA_PRIVATE_CRT_Q
          Key type indicating RSA Private Key Chinese Remainder q component (0xA5).
static byte KEY_TYPE_RSA_PRIVATE_EXPONENT
          Key type indicating RSA Private exponent (0xA3).
static byte KEY_TYPE_RSA_PRIVATE_MODULUS
          Key type indicating RSA Private Key modulus (0xA2).
static byte KEY_TYPE_RSA_PUBLIC_EXPONENT
          Key type indicating RSA Public Key exponent (0xA0).
static byte KEY_TYPE_RSA_PUBLIC_MODULUS
          Key type indicating RSA Public Key modulus (0xA1).
static byte KEY_USAGE_COMPUTATION_DECIPHERMENT
          Key usage indicating computation and decipherment (0x40).
static byte KEY_USAGE_CONFIDENTIALITY
          Key usage indicating sensitive data confidentiality (0x08).
static byte KEY_USAGE_CRYPTOGRAPHIC_AUTHORIZATION
          Key usage indicating cryptographic authorization (0x01).
static byte KEY_USAGE_CRYPTOGRAPHIC_CHECKSUM
          Key usage indicating cryptographic checksum e.g.
static byte KEY_USAGE_DIGITAL_SIGNATURE
          Key usage indicating Digital Signature (0x02).
static byte KEY_USAGE_SM_COMMAND
          Key usage indicating Secure Messaging in command data field (0x10).
static byte KEY_USAGE_SM_RESPONSE
          Key usage indicating Secure Messaging in response data field (0x20).
static byte KEY_USAGE_VERIFICATION_ENCIPHERMENT
          Key usage indicating verification and encipherment (0x80).
 
Method Summary
 javacard.framework.Shareable getServiceInterface(GPRegistryEntry clientRegistryEntry, short sServiceName, byte[] baBuffer, short sOffset, short sLength)
          Gets a Shareable Interface Object (SIO) actually providing the requested service.
 

Field Detail

KEY_ACCESS_ANY

static final byte KEY_ACCESS_ANY
Key Access indicating key may be used by the Security Domain and any associated Application (0x00).

See Also:
Constant Field Values

KEY_ACCESS_SECURITY_DOMAIN

static final byte KEY_ACCESS_SECURITY_DOMAIN
Key Access indicating key may be used by the Security Domain but not by any associated Application (0x01).

See Also:
Constant Field Values

KEY_ACCESS_APPLICATION

static final byte KEY_ACCESS_APPLICATION
Key Access indicating key may be used by any associated Application but not by the Security Domain (0x02).

See Also:
Constant Field Values

KEY_TYPE_AES

static final byte KEY_TYPE_AES
Key type indicating AES (0x88).

See Also:
Constant Field Values

KEY_TYPE_3DES

static final byte KEY_TYPE_3DES
Key type indicating Triple DES reserved for specific implementations (0x81).

See Also:
Constant Field Values

KEY_TYPE_3DES_CBC

static final byte KEY_TYPE_3DES_CBC
Key type indicating Triple DES in CBC mode (0x82).

See Also:
Constant Field Values

KEY_TYPE_DES

static final byte KEY_TYPE_DES
Key type indicating DES with ECB/CBC implicitly known (0x80).

See Also:
Constant Field Values

KEY_TYPE_DES_CBC

static final byte KEY_TYPE_DES_CBC
Key type indicating DES in CBC mode (0x84).

See Also:
Constant Field Values

KEY_TYPE_DES_ECB

static final byte KEY_TYPE_DES_ECB
Key type indicating DES in ECB mode (0x83).

See Also:
Constant Field Values

KEY_TYPE_EXTENDED

static final byte KEY_TYPE_EXTENDED
Key type indicating extended key format (0xFF).

See Also:
Constant Field Values

KEY_TYPE_HMAC_SHA1

static final byte KEY_TYPE_HMAC_SHA1
Key type indicating HMAC SHA1, length of HMAC implicitly known (0x90).

See Also:
Constant Field Values

KEY_TYPE_HMAC_SHA1_160

static final byte KEY_TYPE_HMAC_SHA1_160
Key type indicating HMAC SHA1, length of HMAC is 160 bits (0x91).

See Also:
Constant Field Values

KEY_TYPE_RSA_PRIVATE_CRT_P

static final byte KEY_TYPE_RSA_PRIVATE_CRT_P
Key type indicating RSA Private Key Chinese Remainder p component (0xA4).

See Also:
Constant Field Values

KEY_TYPE_RSA_PRIVATE_CRT_Q

static final byte KEY_TYPE_RSA_PRIVATE_CRT_Q
Key type indicating RSA Private Key Chinese Remainder q component (0xA5).

See Also:
Constant Field Values

KEY_TYPE_RSA_PRIVATE_CRT_PQ

static final byte KEY_TYPE_RSA_PRIVATE_CRT_PQ
Key type indicating RSA Private Key Chinese Remainder pq component (0xA6).

See Also:
Constant Field Values

KEY_TYPE_RSA_PRIVATE_CRT_DP1

static final byte KEY_TYPE_RSA_PRIVATE_CRT_DP1
Key type indicating RSA Private Key Chinese Remainder dp1 component (0xA7).

See Also:
Constant Field Values

KEY_TYPE_RSA_PRIVATE_CRT_DQ1

static final byte KEY_TYPE_RSA_PRIVATE_CRT_DQ1
Key type indicating RSA Private Key Chinese Remainder dq1 component (0xA8).

See Also:
Constant Field Values

KEY_TYPE_RSA_PRIVATE_EXPONENT

static final byte KEY_TYPE_RSA_PRIVATE_EXPONENT
Key type indicating RSA Private exponent (0xA3).

See Also:
Constant Field Values

KEY_TYPE_RSA_PRIVATE_MODULUS

static final byte KEY_TYPE_RSA_PRIVATE_MODULUS
Key type indicating RSA Private Key modulus (0xA2).

See Also:
Constant Field Values

KEY_TYPE_RSA_PUBLIC_EXPONENT

static final byte KEY_TYPE_RSA_PUBLIC_EXPONENT
Key type indicating RSA Public Key exponent (0xA0).

See Also:
Constant Field Values

KEY_TYPE_RSA_PUBLIC_MODULUS

static final byte KEY_TYPE_RSA_PUBLIC_MODULUS
Key type indicating RSA Public Key modulus (0xA1).

See Also:
Constant Field Values

KEY_USAGE_COMPUTATION_DECIPHERMENT

static final byte KEY_USAGE_COMPUTATION_DECIPHERMENT
Key usage indicating computation and decipherment (0x40).

See Also:
Constant Field Values

KEY_USAGE_CONFIDENTIALITY

static final byte KEY_USAGE_CONFIDENTIALITY
Key usage indicating sensitive data confidentiality (0x08).

See Also:
Constant Field Values

KEY_USAGE_CRYPTOGRAPHIC_AUTHORIZATION

static final byte KEY_USAGE_CRYPTOGRAPHIC_AUTHORIZATION
Key usage indicating cryptographic authorization (0x01).

See Also:
Constant Field Values

KEY_USAGE_CRYPTOGRAPHIC_CHECKSUM

static final byte KEY_USAGE_CRYPTOGRAPHIC_CHECKSUM
Key usage indicating cryptographic checksum e.g. MAC (0x04).

See Also:
Constant Field Values

KEY_USAGE_DIGITAL_SIGNATURE

static final byte KEY_USAGE_DIGITAL_SIGNATURE
Key usage indicating Digital Signature (0x02).

See Also:
Constant Field Values

KEY_USAGE_SM_COMMAND

static final byte KEY_USAGE_SM_COMMAND
Key usage indicating Secure Messaging in command data field (0x10).

See Also:
Constant Field Values

KEY_USAGE_SM_RESPONSE

static final byte KEY_USAGE_SM_RESPONSE
Key usage indicating Secure Messaging in response data field (0x20).

See Also:
Constant Field Values

KEY_USAGE_VERIFICATION_ENCIPHERMENT

static final byte KEY_USAGE_VERIFICATION_ENCIPHERMENT
Key usage indicating verification and encipherment (0x80).

See Also:
Constant Field Values
Method Detail

getServiceInterface

javacard.framework.Shareable getServiceInterface(GPRegistryEntry clientRegistryEntry,
                                                 short sServiceName,
                                                 byte[] baBuffer,
                                                 short sOffset,
                                                 short sLength)
                                                 throws javacard.framework.ISOException
Gets a Shareable Interface Object (SIO) actually providing the requested service.

The Application invoking this method shall set the clientRegistryEntry to its own GPRegistryEntry instance.

The Global Services Application shall verify the validity of the request according to its own security policies for the specified sServiceName, based on the identity and characteristics of the Application invoking this method as registered by the specified clientRegistryEntry, and possibly based on the data contained in the baBuffer byte array.

If the request is valid, the Global Service Application returns a SIO implementing the actual service: this SIO may either be this GlobalService instance or another object. If the request is deemed to be invalid, the Global Services Application shall reject the request by either throwing an exception or returning null.

It is assumed that the Application invoking this method is aware of the interface (extension of the Shareable interface) to which the retrieved SIO shall be casted in order to acces the service.

Notes:

Parameters:
clientRegistryEntry - the GPRegistryEntry instance of the requesting Application.

sServiceName - a service name identifying the requested service.

A service name is encoded on 2 bytes, the 1st byte identifying a family of services and the 2nd byte identifying a service within that family.

The GPSystem class defines a set of constants FAMILY_XXX (of the byte type) that may be used to build a service name (of the short type) suitable to invoke this method as shown in the following examples:

baBuffer - byte array containing additional parameters of the request, potentially authentication data. Must be global byte array.
sOffset - offset of the additional parameters.
sLength - length of the additional parameters.
Returns:
the SIO providing the actual service, or null if the service is not available or the request was rejected. Alternatively, this method may reject the request by throwing an ISOException.
Throws:
javacard.framework.ISOException - if the request was rejected. Although not mandatory, it is recommended to use one of the following reason codes:
  • '6A88' if the specified service was not found or is not available.
  • '6982' if some security conditions are not satisfied.
  • '6985' if some other conditions are not satisfied.
Alternatively, this method may reject the request by returning null.
java.lang.SecurityException - if the Global Services Application requires reading data from baBuffer and baBuffer is not a global byte array.
java.lang.NullPointerException - if the Global Services Application requires reading data from baBuffer and baBuffer is null.
java.lang.ArrayIndexOutOfBoundsException - if the Global Services Application requires reading data from baBuffer and reading data would cause access of data outside array bounds.
See Also:
GPSystem.getService(javacard.framework.AID, short), GPSystem.FAMILY_CVM, GPSystem.FAMILY_SECURE_CHANNEL, GPSystem.FAMILY_USSM, GPSystem.FAMILY_AUTHORITY, GPSystem.FAMILY_HTTP_ADMINISTRATION, GPSystem.FAMILY_HTTP_REPORT


Copyright © 2003-2014 GlobalPlatform, Inc. All rights reserved. The technology provided or described in this specification is subject to updates, revisions, and extensions by GlobalPlatform. Recipients of this document are invited to submit, with their comments, notification of any relevant patent rights or other intellectual property rights of which they may be aware which might be necessarily infringed by the implementation of the specification or other work product set forth in this document, and to provide supporting documentation.
THIS SPECIFICATION OR OTHER WORK PRODUCT IS BEING OFFERED WITHOUT ANY WARRANTY WHATSOEVER, AND IN PARTICULAR, ANY WARRANTY OF NON-INFRINGEMENT IS EXPRESSLY DISCLAIMED. ANY IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT SHALL BE MADE ENTIRELY AT THE IMPLEMENTER'S OWN RISK, AND NEITHER THE COMPANY, NOR ANY OF ITS MEMBERS OR SUBMITTERS, SHALL HAVE ANY LIABILITY WHATSOEVER TO ANY IMPLEMENTER OR THIRD PARTY FOR ANY DAMAGES OF ANY NATURE WHATSOEVER DIRECTLY OR INDIRECTLY ARISING FROM THE IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT.