public interface SecurityService extends Service
Service
interface and defines methods to
query the current security status. Note that this interface is generic and
does not include methods to initialize and change the security status of the
service; initialization is assumed to be performed through APDU
commands that the service is able to process.
A security service implementation class should extend
BasicService
and implement this interface.
Modifier and Type | Field and Description |
---|---|
static short |
PRINCIPAL_APP_PROVIDER
The principal identifier for the application provider.
|
static short |
PRINCIPAL_CARD_ISSUER
The principal identifier for the card issuer.
|
static short |
PRINCIPAL_CARDHOLDER
The principal identifier for the cardholder.
|
static byte |
PROPERTY_INPUT_CONFIDENTIALITY
This security property provides input confidentiality through encryption
of the incoming command.
|
static byte |
PROPERTY_INPUT_INTEGRITY
This security property provides input integrity through MAC signature
checking of the incoming command.
|
static byte |
PROPERTY_OUTPUT_CONFIDENTIALITY
This security property provides output confidentiality through encryption
of the outgoing response.
|
static byte |
PROPERTY_OUTPUT_INTEGRITY
This security property provides output integrity through MAC signature
generation for the outgoing response.
|
Modifier and Type | Method and Description |
---|---|
boolean |
isAuthenticated(short principal)
Checks whether or not the specified principal is currently authenticated.
|
boolean |
isChannelSecure(byte properties)
Checks whether a secure channel is established between the card and the
host for the ongoing session that guarantees the indicated properties.
|
boolean |
isCommandSecure(byte properties)
Checks whether a secure channel is in use between the card and the host
for the ongoing command that guarantees the indicated properties.
|
processCommand, processDataIn, processDataOut
static final byte PROPERTY_INPUT_CONFIDENTIALITY
static final byte PROPERTY_INPUT_INTEGRITY
static final byte PROPERTY_OUTPUT_CONFIDENTIALITY
static final byte PROPERTY_OUTPUT_INTEGRITY
static final short PRINCIPAL_CARDHOLDER
static final short PRINCIPAL_CARD_ISSUER
static final short PRINCIPAL_APP_PROVIDER
boolean isAuthenticated(short principal) throws ServiceException
principal
- an identifier of the principal that needs to be authenticatedServiceException
- with the following reason code:
ServiceException.ILLEGAL_PARAM
if the
specified principal is unknown.
boolean isChannelSecure(byte properties) throws ServiceException
properties
- the required propertiesServiceException
- with the following reason code:
ServiceException.ILLEGAL_PARAM
if the
specified property is unknown.
boolean isCommandSecure(byte properties) throws ServiceException
properties
- the required propertiestrue
,
false
otherwiseServiceException
- with the following reason code:
ServiceException.ILLEGAL_PARAM
if the
specified property is unknown.
Copyright © 1998, 2015, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms