public interface GlobalService
extends javacard.framework.Shareable
To retrieve an instance of this interface, an Application shall invoke the
GPSystem.getService(javacard.framework.AID, short)
method.
Modifier and Type | Field and Description |
---|---|
static byte |
KEY_ACCESS_ANY
Key Access indicating key may be used by the Security Domain and any
associated Application (0x00).
|
static byte |
KEY_ACCESS_APPLICATION
Key Access indicating key may be used by any associated Application but not
by the Security Domain (0x02).
|
static byte |
KEY_ACCESS_SECURITY_DOMAIN
Key Access indicating key may be used by the Security Domain but not by any
associated Application (0x01).
|
static byte |
KEY_TYPE_3DES
Key type indicating Triple DES reserved for specific implementations (0x81).
|
static byte |
KEY_TYPE_3DES_CBC
Key type indicating Triple DES in CBC mode (0x82).
|
static byte |
KEY_TYPE_AES
Key type indicating AES (0x88).
|
static byte |
KEY_TYPE_DES
Key type indicating DES with ECB/CBC implicitly known (0x80).
|
static byte |
KEY_TYPE_DES_CBC
Key type indicating DES in CBC mode (0x84).
|
static byte |
KEY_TYPE_DES_ECB
Key type indicating DES in ECB mode (0x83).
|
static byte |
KEY_TYPE_EXTENDED
Key type indicating extended key format (0xFF).
|
static byte |
KEY_TYPE_HMAC_SHA1
Key type indicating HMAC SHA1, length of HMAC implicitly known (0x90).
|
static byte |
KEY_TYPE_HMAC_SHA1_160
Key type indicating HMAC SHA1, length of HMAC is 160 bits (0x91).
|
static byte |
KEY_TYPE_RSA_PRIVATE_CRT_DP1
Key type indicating RSA Private Key Chinese Remainder dp1 component (0xA7).
|
static byte |
KEY_TYPE_RSA_PRIVATE_CRT_DQ1
Key type indicating RSA Private Key Chinese Remainder dq1 component (0xA8).
|
static byte |
KEY_TYPE_RSA_PRIVATE_CRT_P
Key type indicating RSA Private Key Chinese Remainder p component (0xA4).
|
static byte |
KEY_TYPE_RSA_PRIVATE_CRT_PQ
Key type indicating RSA Private Key Chinese Remainder pq component (0xA6).
|
static byte |
KEY_TYPE_RSA_PRIVATE_CRT_Q
Key type indicating RSA Private Key Chinese Remainder q component (0xA5).
|
static byte |
KEY_TYPE_RSA_PRIVATE_EXPONENT
Key type indicating RSA Private exponent (0xA3).
|
static byte |
KEY_TYPE_RSA_PRIVATE_MODULUS
Key type indicating RSA Private Key modulus (0xA2).
|
static byte |
KEY_TYPE_RSA_PUBLIC_EXPONENT
Key type indicating RSA Public Key exponent (0xA0).
|
static byte |
KEY_TYPE_RSA_PUBLIC_MODULUS
Key type indicating RSA Public Key modulus (0xA1).
|
static byte |
KEY_USAGE_COMPUTATION_DECIPHERMENT
Key usage indicating computation and decipherment (0x40).
|
static byte |
KEY_USAGE_CONFIDENTIALITY
Key usage indicating sensitive data confidentiality (0x08).
|
static byte |
KEY_USAGE_CRYPTOGRAPHIC_AUTHORIZATION
Key usage indicating cryptographic authorization (0x01).
|
static byte |
KEY_USAGE_CRYPTOGRAPHIC_CHECKSUM
Key usage indicating cryptographic checksum e.g.
|
static byte |
KEY_USAGE_DIGITAL_SIGNATURE
Key usage indicating Digital Signature (0x02).
|
static byte |
KEY_USAGE_SM_COMMAND
Key usage indicating Secure Messaging in command data field (0x10).
|
static byte |
KEY_USAGE_SM_RESPONSE
Key usage indicating Secure Messaging in response data field (0x20).
|
static byte |
KEY_USAGE_VERIFICATION_ENCIPHERMENT
Key usage indicating verification and encipherment (0x80).
|
Modifier and Type | Method and Description |
---|---|
javacard.framework.Shareable |
getServiceInterface(GPRegistryEntry clientRegistryEntry,
short sServiceName,
byte[] baBuffer,
short sOffset,
short sLength)
Gets a Shareable Interface Object (SIO) actually providing the requested service.
|
static final byte KEY_ACCESS_ANY
static final byte KEY_ACCESS_SECURITY_DOMAIN
static final byte KEY_ACCESS_APPLICATION
static final byte KEY_TYPE_AES
static final byte KEY_TYPE_3DES
static final byte KEY_TYPE_3DES_CBC
static final byte KEY_TYPE_DES
static final byte KEY_TYPE_DES_CBC
static final byte KEY_TYPE_DES_ECB
static final byte KEY_TYPE_EXTENDED
static final byte KEY_TYPE_HMAC_SHA1
static final byte KEY_TYPE_HMAC_SHA1_160
static final byte KEY_TYPE_RSA_PRIVATE_CRT_P
static final byte KEY_TYPE_RSA_PRIVATE_CRT_Q
static final byte KEY_TYPE_RSA_PRIVATE_CRT_PQ
static final byte KEY_TYPE_RSA_PRIVATE_CRT_DP1
static final byte KEY_TYPE_RSA_PRIVATE_CRT_DQ1
static final byte KEY_TYPE_RSA_PRIVATE_EXPONENT
static final byte KEY_TYPE_RSA_PRIVATE_MODULUS
static final byte KEY_TYPE_RSA_PUBLIC_EXPONENT
static final byte KEY_TYPE_RSA_PUBLIC_MODULUS
static final byte KEY_USAGE_COMPUTATION_DECIPHERMENT
static final byte KEY_USAGE_CONFIDENTIALITY
static final byte KEY_USAGE_CRYPTOGRAPHIC_AUTHORIZATION
static final byte KEY_USAGE_CRYPTOGRAPHIC_CHECKSUM
static final byte KEY_USAGE_DIGITAL_SIGNATURE
static final byte KEY_USAGE_SM_COMMAND
static final byte KEY_USAGE_SM_RESPONSE
static final byte KEY_USAGE_VERIFICATION_ENCIPHERMENT
javacard.framework.Shareable getServiceInterface(GPRegistryEntry clientRegistryEntry, short sServiceName, byte[] baBuffer, short sOffset, short sLength) throws javacard.framework.ISOException
The Application invoking this method shall set the
clientRegistryEntry
to its own GPRegistryEntry
instance.
The Global Services Application shall verify the validity of the request
according to its own security policies for the specified
sServiceName
, based on the identity and characteristics of the
Application invoking this method as registered by the specified
clientRegistryEntry
, and possibly based on the data contained
in the baBuffer
byte array.
If the request is valid, the Global Service Application returns a SIO
implementing the actual service: this SIO may either be this GlobalService
instance or another object. If the request is deemed to be
invalid, the Global Services Application shall reject the request by either
throwing an exception or returning null
.
It is assumed that the Application invoking this method is aware of the
interface (extension of the Shareable
interface) to which the
retrieved SIO shall be casted in order to acces the service.
Notes:
clientRegistryEntry
parameter set to the GPRegistryEntry
instance of another Application. If the Global Services
Application itself has the Global Registry Privilege, it may explicitly
retrieve and check the GPRegistryEntry
instance of the Application
invoking this method, by performing the following call:
GPSystem.getRegistryEntry(JCSystem.getPreviousContextAID())
.
clientRegistryEntry
- the GPRegistryEntry
instance of the
requesting Application.sServiceName
- a service name identifying the requested service.A service name is encoded on 2 bytes, the 1st byte identifying a family of services and the 2nd byte identifying a service within that family.
The GPSystem
class defines a set of constants
FAMILY_XXX
(of the byte
type) that may be used to
build a service name (of the short
type) suitable to invoke
this method as shown in the following examples:
(short)((GPSystem.FAMILY_CVM
<<8)|0x11)
(short)((GPSystem.FAMILY_HTTP_ADMINISTRATION
<<8)|0x00)
baBuffer
- byte array containing additional parameters of the request,
potentially authentication data. Must be global byte array.sOffset
- offset of the additional parameters.sLength
- length of the additional parameters.null
if the
service is not available or the request was rejected. Alternatively, this
method may reject the request by throwing an ISOException
.javacard.framework.ISOException
- if the request was rejected. Although not
mandatory, it is recommended to use one of the following reason codes:null
.java.lang.SecurityException
- if the Global Services Application requires
reading data from baBuffer
and baBuffer
is not a
global byte array.java.lang.NullPointerException
- if the Global Services Application requires
reading data from baBuffer
and baBuffer
is
null
.java.lang.ArrayIndexOutOfBoundsException
- if the Global Services
Application requires reading data from baBuffer
and reading
data would cause access of data outside array bounds.GPSystem.getService(javacard.framework.AID, short)
,
GPSystem.FAMILY_CVM
,
GPSystem.FAMILY_SECURE_CHANNEL
,
GPSystem.FAMILY_USSM
,
GPSystem.FAMILY_AUTHORITY
,
GPSystem.FAMILY_HTTP_ADMINISTRATION
,
GPSystem.FAMILY_HTTP_REPORT
Copyright © 2003-2018 GlobalPlatform, Inc. All rights reserved. The technology provided or described in this specification is subject to updates, revisions, and extensions by GlobalPlatform. Recipients of this document are invited to submit, with their comments, notification of any relevant patent rights or other intellectual property rights of which they may be aware which might be necessarily infringed by the implementation of the specification or other work product set forth in this document, and to provide supporting documentation.
THIS SPECIFICATION OR OTHER WORK PRODUCT IS BEING OFFERED WITHOUT ANY WARRANTY WHATSOEVER, AND IN PARTICULAR, ANY WARRANTY OF NON-INFRINGEMENT IS EXPRESSLY DISCLAIMED. ANY IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT SHALL BE MADE ENTIRELY AT THE IMPLEMENTER'S OWN RISK, AND NEITHER THE COMPANY, NOR ANY OF ITS MEMBERS OR SUBMITTERS, SHALL HAVE ANY LIABILITY WHATSOEVER TO ANY IMPLEMENTER OR THIRD PARTY FOR ANY DAMAGES OF ANY NATURE WHATSOEVER DIRECTLY OR INDIRECTLY ARISING FROM THE IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT.