1. Development Kit User Guide
  2. Programming With the Development Kit
  3. Using Java Card RMI
  4. Developing RMI Applications for the Java Card Platform
  5. Add Security Support
  6. More Secure Applet

More Secure Applet

The supporting applet also must undergo some significant changes, in particular regarding the initialization of the remote object:

package examples.securepurse;

import javacard.framework.*;
import javacard.framework.service.*;
import java.rmi.*;
import com.sun.javacard.samples.SecureRMIDemo.MySecurityService;

public class SecurePurseApplet extends Applet {
    Dispatcher dispatcher;

    private SecurePurseApplet() {
        SecurityService sec;
        // First get a security service
        sec = new MySecurityService();
        // Allocates an RMI service for the Java Card platform and
        // sets the initial reference
        RemoteService rmi = new RMIService(new SecurePurseImpl(sec));
        // Allocates and initializes a dispatcher for the remote object
        dispatcher = new Dispatcher((short) 2);
        dispatcher.addService(rmi, Dispatcher.PROCESS_COMMAND);
        dispatcher.addService(sec, Dispatcher.PROCESS_INPUT_DATA);
    }

    public static void install(byte[] buffer, short offset, byte length) {
        // Allocates and registers the applet
        (new SecurePurseApplet()).register();
    }

    public void process(APDU apdu) {
        dispatcher.process(apdu);
    }
}

The security service that is used by the remote object must be initialized at some point. Here, this is done in the constructor for the SecurePurseApplet: 

sec = new MySecurityService();

The initialization then goes on with the initialization of the Java Card RMI service. The only new thing here is that the remote object being allocated and set as the initial reference is now a SecurePurseImpl: 

RemoteService rmi = new RMIService( new SecurePurseImpl(sec) );

Next, the dispatcher must be initialized. Here, it must dispatch simple Java Card RMI requests and security-related requests (such as EXTERNAL AUTHENTICATE). In fact, the security service handles these requests directly. First, allocate a dispatcher and inform it that it will delegate commands to two different services: 

dispatcher = new Dispatcher((short)2);

Then, register services with the dispatcher. The security service is registered as a service that performs preprocessing operations on incoming commands, and the Java Card RMI service is registered as a service that processes the command requested:

dispatcher.addService(rmi, Dispatcher.PROCESS_COMMAND);
dispatcher.addService(sec, Dispatcher.PROCESS_INPUT_DATA);

The rest of the class (install and process methods) remain unchanged.