Chapter   1

Introduction

The Security and Trust Services APIs (SATSA) provide smart card access and cryptographic capabilities to applications running on small devices. The SATSA specification defines four distinct APIs:

SATSA-APDU allows applications to communicate with smart card applications using a low-level protocol.
SATSA-JCRMI provides an alternate method for communicating with smart card applications using a remote object protocol.
SATSA-PKI allows applications to use a smart card to digitally sign data and manage user certificates.
SATSA-CRYPTO is a general-purpose cryptographic API that supports message digests, digital signatures, and ciphers.

This book describes the use of SATSA in Mobile Information Device Profile (MIDP) applications, although its use in other J2ME platform environments is also possible. The SATSA Reference Implementation (RI) used in this book is based on a MIDP 2.0 implementation.

Understanding the SATSA RI

The four SATSA APIs are defined by JSR 177, the Security and Trust Services APIs specification. The specification is a document that defines the APIs. The SATSA RI is a piece of software that implements the specification. This book describes how to use the SATSA RI to develop applications.

The SATSA RI is available at http://java.sun.com/products/satsa/. It is based on MIDP 2.0 and includes complete implementations of the SATSA APIs.

Installing Development Tools

To develop and test MIDP applications that use SATSA, you will need the following tools:

Java 2 Standard Edition Software Development Kit (J2SE SDK) version 1.4.2. This includes the Java technology compiler, which is necessary for both MIDP and Java Card™ technology development. The J2SE SDK is freely available at http://java.sun.com/j2se/. You should install before other tools.
Security and Trust Services APIs Reference Implementation (SATSA RI) version 1.0. This includes an implementation of the SATSA specification and a device emulator for testing applications. Get the SATSA RI from http://java.sun.com/products/satsa/. It is packaged as a zip archive, which you can unpack wherever you’d like.
Java Card Development Kit version 2.2.1. This includes a Java Card technology simulator that you can use to test the interaction between a SATSA application and a Java Card applet. It also includes everything you need to create your own applets. The Java Card Development Kit is available from http://java.sun.com/products/javacard/.

At this writing (December 2004), no MIDP development tools support SATSA. The only way to build SATSA applications is using the SATSA RI. This is likely to change in the future. For example, if the J2ME Wireless Toolkit supports SATSA in the future, you can use it to handle most of the details of building and packaging applications. In the meantime, the following section describes the manual steps to follow with the SATSA RI.

Building Applications with the SATSA RI

Building SATSA applications is exactly like building other MIDP applications at the command line. The basic steps are described here:

Edit source files.
Compile source files using javac. You need to tell the compiler where to find the MIDP and SATSA APIs. They are located in {satsa}\classes, where {satsa} is the installation directory of the SATSA RI. Here is an example that compiles source files in the src directory and places the compiled class files in the classes directory. The example is split across multiple lines for clarity.

    javac -classpath \satsa1.0\classes 
          -target 1.1 
          -d classes 
          src\*.java 

Preverify the compiled class files, using {satsa}\bin\preverify. This example takes class files in the classes directory and places the preverified versions in a directory named preverified. The MIDP Reference Implementation documentation describes compiling classes into a directory named tmpclasses, then placing preverified classes in classes. This document uses the more descriptive directory names classes and preverified.

    \satsa1.0\bin\preverify -classpath \satsa1.0\classes 
                            -d preverified 
                            classes 

Package the application using the J2SE platform’s jar tool. The following example takes classes from the preverifed directory and places them in a Java Archive (JAR) file called bin\Mohair.jar, adding information to the manifest from the file bin\MANIFEST.MF.

    jar cvfm bin\Mohair.jar bin\MANIFEST.MF -C preverified . 

Test on the SATSA RI device emulator, using {satsa}\bin\midp.

To avoid tedious typing, use a tool to automate this process. Ant (http://ant.apache.org/) is an excellent choice. For more information on using Ant for MIDP development, try this article:

Managing Wireless Builds with Ant

http://developers.sun.com/techtopics/mobility/midp/articles/ant/

SATSA Developer's Guide SATSA Reference Implementation 1.0

Copyright © 2004 Sun Microsystems, Inc. All rights reserved.