OpenCard Framework 1.2 Programmer's Guide - OpenSCDP
OpenCard Framework 1.2 Programmer's Guide - OpenSCDP
OpenCard Framework 1.2 Programmer's Guide - OpenSCDP
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
FileAccessCardService is <strong>OpenCard</strong>’s abstraction for dealing with smart card based<br />
files. It offers a high-level interface modelled after JAVA’s java.io package, making<br />
it virtually unnecessary for you to understand the nitty-gritty details of those<br />
standards.<br />
SignatureCardService<br />
Electronic signatures of data rely on cryptographic mechanisms that make use of<br />
cryptographic key information to perform their operation. A common scheme for<br />
signing data is the use of public key algorithms like RSA, which involves a key pair<br />
consisting of a private and a public key. Probably the most important application of<br />
smart cards is and will be their ability to serve both as a container for key (in<br />
particular, private key) information and as a processor for performing the<br />
cryptographic signing operation. In other words, the signature generation can be<br />
performed without the sensitive key information ever leaving the tamper-proof<br />
smart card.<br />
SignatureCardService is a simple abstraction for the import, verification, and<br />
export of key information as well as for the generation and verification of digital<br />
signatures generated using a public key algorithm like RSA.<br />
AppletAccessCardService and AppletManagerCardService<br />
Smart cards can offer multi-function capabilities, i.e. a single card can support<br />
several applications. Accordingly, smart card applications will have to face<br />
situations where cards of the same or different type will host diverse sets of<br />
applets. There might even be smart card applets intended for the installation of<br />
new or removal of existing card-resident applets. It might also be necessary to<br />
suspend certain card-resident applets for a period of time. At the least, a smart<br />
card aware card-external application should be capable of finding out what<br />
card-resident applets a particular card hosts and presenting the card-holder a<br />
choice from which to select.<br />
In order to address these requirements, card issuers who decide what applications<br />
are deployed or planned to be deployed with their cards put additional<br />
meta-information in the card that card-external applications can access to find out<br />
about - and, if necessary, change - the situation in any particular card.<br />
These functions are handled by two card services: AppletAccessCardService and<br />
AppletManagerCardService. AppletAccessCardService is capable of listing<br />
applications, while AppletManagerCardService defines a high-level API through<br />
which applications can install and remove, card-resident applets in an issuer<br />
independent manner.<br />
Chapter 3. OCF architectural concepts 15