Client Changes to Support Security

The driver client application itself only changes minimally to account for the authentication and integrity needs of SecurePurseApplet. It must also interact with the user for identification. Hence, a subclass of ApduIO_Card_Accessor must be developed to provide these additional interactions and the transport filtering required.

The following code is the new SecurePurseClient application:

import examples.purse.*;
import javacard.framework.UserException;

public class PurseClient extends java.lang.Object {
    public static void main(java.lang.String[] argv) {
        // arg[0] contains the debit amount
        short debitAmount = (short) Integer.parseInt(argv[0]);
        CustomCardAccessor cca = null;
        try {
            // open and powerup the card - using CustomCardAccessor
            cca = new CustomCardAccessor();
            // create an RMI connector instance for the Java Card platform
            JCRMIConnect jcRMI = new JCRMIConnect(cca);
            byte[] appAID = new byte[] {0x01,0x02,0x03,0x04,0x05,0x06,0x07, 0x08};
            // select the Java Card applet
            jcRMI.selectApplet( RMI_DEMO_AID, JCRMIConnect.REF_WITH_CLASS_NAME );
            or
            jcRMI.selectApplet( RMI_DEMO_AID, JCRMIConnect.REF_WITH_INTERFACE_NAMES );


            // give your PIN
            if (! cca.authenticateUser( PRINCIPAL_CARDHOLDER_ID )){
                throw new RemoteException(msg.getString("msg04"));
            }
            // obtain the initial reference to the Purse interface
            Purse myPurse = (Purse) jcRMI.getInitialReference();
            // debit the requested amount
            try {
                short balance = myPurse.debit ( debitAmount );
            }catch ( UserException jce ) {
                short reasonCode = jce.getReason();
                // process UserException reason information
            }
            // display the balance to user
        }catch (Exception e) {
            e.printStackTrace();
        }finally {
            try {
                if(cca!=null){
                    cca.closeCard();
                }
            }catch (Exception e) {
                e.printStackTrace();
            }
        }
    }
}

Note that the CustomCardAccessor instance is now obtained instead of ApduIOCardAccessor:

         cca = new CustomCardAccessor(new ApduIOCardAccessor());

An extra step to authenticate with the SecurePurseApplet after selectApplet is added. This invokes a new method in CustomCardAccessor to interact with the card using the user's credentials:

            if (! cca.authenticateUser( PRINCIPAL_CARDHOLDER_ID )) {
                // handle error
            }

The rest of SecurePurseClient is the same as PurseClient.