Client Changes to Support Security
The driver client application itself only changes minimally to account for the authentication and integrity needs of SecurePurseApplet
. It must also interact with the user for identification. Hence, a subclass of ApduIO_Card_Accessor
must be developed to provide these additional interactions and the transport filtering required.
The following code is the new SecurePurseClient
application:
import examples.purse.*;
import javacard.framework.UserException;
public class PurseClient extends java.lang.Object {
public static void main(java.lang.String[] argv) {
// arg[0] contains the debit amount
short debitAmount = (short) Integer.parseInt(argv[0]);
CustomCardAccessor cca = null;
try {
// open and powerup the card - using CustomCardAccessor
cca = new CustomCardAccessor();
// create an RMI connector instance for the Java Card platform
JCRMIConnect jcRMI = new JCRMIConnect(cca);
byte[] appAID = new byte[] {0x01,0x02,0x03,0x04,0x05,0x06,0x07, 0x08};
// select the Java Card applet
jcRMI.selectApplet( RMI_DEMO_AID, JCRMIConnect.REF_WITH_CLASS_NAME );
or
jcRMI.selectApplet( RMI_DEMO_AID, JCRMIConnect.REF_WITH_INTERFACE_NAMES );
// give your PIN
if (! cca.authenticateUser( PRINCIPAL_CARDHOLDER_ID )){
throw new RemoteException(msg.getString("msg04"));
}
// obtain the initial reference to the Purse interface
Purse myPurse = (Purse) jcRMI.getInitialReference();
// debit the requested amount
try {
short balance = myPurse.debit ( debitAmount );
}catch ( UserException jce ) {
short reasonCode = jce.getReason();
// process UserException reason information
}
// display the balance to user
}catch (Exception e) {
e.printStackTrace();
}finally {
try {
if(cca!=null){
cca.closeCard();
}
}catch (Exception e) {
e.printStackTrace();
}
}
}
}
Note that the CustomCardAccessor
instance is now obtained instead of ApduIOCardAccessor
:
cca = new CustomCardAccessor(new ApduIOCardAccessor());
An extra step to authenticate with the SecurePurseApplet
after selectApplet
is added. This invokes a new method in CustomCardAccessor
to interact with the card using the user's credentials:
if (! cca.authenticateUser( PRINCIPAL_CARDHOLDER_ID )) {
// handle error
}
The rest of SecurePurseClient
is the same as PurseClient
.