com.ibm.opencard.service
Class MFCCardChannel
java.lang.Object
|
+--opencard.core.service.CardChannel
|
+--com.ibm.opencard.service.MFCCardChannel
- public class MFCCardChannel
- extends CardChannel
A CardChannel to MFC smartcards.
Unlike the intended base class opencard.core.service.CardChannel,
this channel potentially modifies the APDUs before sending them to
the smartcard. Modifications include encoding of the channel ID
(for MFC cards that support logical channels) and cryptography,
for example MAC generation and decoding. The latter is done in
cooperation with an instance of CardAccessor.
- Version:
- $Id: MFCCardChannel.java,v 1.1 1999/12/02 16:06:07 damke Exp $
- See Also:
CardAccessor
| Methods inherited from class opencard.core.service.CardChannel |
close,
closeFinal,
finalize,
getCardTerminal,
getState,
isOpen,
open,
sendCommandAPDU,
sendVerifiedAPDU,
sendVerifiedAPDU,
setState,
toString |
| Methods inherited from class java.lang.Object |
clone,
equals,
getClass,
hashCode,
notify,
notifyAll,
wait,
wait,
wait |
channel_ID
protected int channel_ID
- The logical channel ID.
The channel is responsible to encode it's ID in passing CommandAPDUs.
In order to do this, it needs to know that ID. Since a channel object
is associated to a single logical channel over it's lifetime, this
attribute is final. As logical channels are numbered, int is
an appropriate type for the ID.
channel_state
protected MFCChannelState channel_state
- The card's state, as seen through this channel.
This attribute allows cooperation of different card services.
For example, if a signature service has to change the current
directory, it does not have to use a file system service, but
it can change the directory itself and store the new one here.
MFCCardChannel
public MFCCardChannel(SlotChannel slotchan,
int id,
MFCChannelState state)
throws InvalidCardChannelException
- Instantiate a MFC card channel.
- Parameters:
slotchan - the underlying slot channelid - the channel identifier, 0 to 3 for ISO cards.
This parameter has to be 0, since there are
no multi channel MFC cards.state - an object representing the smartcard state,
as it is seen through this channel. Since there
is only one logical channel, this is a global state.- Throws:
- InvalidCardChannelException - if the channel ID is not 0
setAccessor
public final void setAccessor(CardAccessor accessor)
- Set the accessor for the next commands.
The accessor is responsible for interpreting the access conditions
passed along with commands. Every card service will use it's own
accessor. After allocating a channel, the accessor is set by invoking
this method. The accessor gets connected to this channel. Therefore,
an accessor can only be used with one channel at any time.
The accessor will be reset to null when a channel is
released. That way, no card service will be able to use this
service's accessor unapproved.
- Parameters:
accessor - the accessor to use from now on,
or null to reset
getChannelState
public final MFCChannelState getChannelState()
- Get the card's state, as seen through this channel.
- Returns:
- the state object associated with this channel
executeCommand
public final ResponseAPDU executeCommand(MFCCommandAPDU command,
AccessConditions access)
throws CardServiceInabilityException,
CardServiceUnexpectedResponseException,
CardTerminalException
- Exchange APDUs with the smartcard (top level).
This is the top level method typically used by card services.
The command APDU gets modified to reflect the channel ID and
any secure messaging restrictions imposed by the access conditions,
for example by calculating a MAC or encrypting the APDU.
The response APDU also gets modified as required by the access
conditions, for example by decrypting the APDU or checking it's MAC.
The access conditions are imposed by the smartcard for access to
a particular object stored there. The Java representation of any
smartcard object must provide methods to query the access information.
The card service will decide in which command class a particular
command falls, and pass the appropriate access conditions.
Passing null as access conditions will bypass the accessor.
This is equivalent to a mid level exchange of APDUs. Likewise if no
accessor has been set.
Unlike the mid and low level methods to exchange APDUs, this one
requires the APDU to be of class MFCCommandAPDU. This class
of APDUs provides additional information that is required to determine
whether secure messaging is needed for the command only, the response
only, or for both.
- Parameters:
command - the APDU to send to the smartcardaccess - the access conditions imposed by the smartcard- Returns:
- the APDU received from the card, after some postprocessing
- Throws:
- CardServiceInabilityException - if the access conditions require secure messaging, but
the accessor does not support it due to US export restrictions
- CardServiceUnexpectedResponseException - if the access conditions require card communication,
and the card's answer is inappropriate
- CardTerminalException - if the terminal encountered an error
- See Also:
executeCommand(opencard.core.terminal.CommandAPDU),
CardChannel.sendCommandAPDU(opencard.core.terminal.CommandAPDU)
executeCommand
public final ResponseAPDU executeCommand(MFCCommandAPDU command,
int group)
throws CardServiceInabilityException,
CardServiceUnexpectedResponseException,
CardTerminalException
- Exchange APDUs with the smartcard (top level).
This is the top level method typically used by card services.
The command APDU gets modified to reflect the channel ID and
any secure messaging restrictions imposed by the access conditions,
for example by calculating a MAC or encrypting the APDU.
The response APDU also gets modified as required by the access
conditions, for example by decrypting the APDU or checking it's MAC.
The access conditions are imposed by the smartcard for access to
a particular object stored there. The Java representation of any
smartcard object must provide methods to query the access information.
The card service will decide in which command class a particular
command falls, and pass that command class. The access conditions
will be queried from the channel state. If no access conditions can
be found, or if the command group passed is negative, the command
will be sent to the card directly.
Unlike the mid and low level methods to exchange APDUs, this one
requires the APDU to be of class MFCCommandAPDU. This class
of APDUs provides additional information that is required to determine
whether secure messaging is needed for the command only, the response
only, or for both.
- Parameters:
command - the APDU to send to the smartcardgroup - the access group of the command to be executed- Returns:
- the APDU received from the card, after some postprocessing
- Throws:
- CardServiceInabilityException - if the access conditions require secure messaging, but
the accessor does not support it due to US export restrictions
- CardServiceUnexpectedResponseException - if the access conditions require card communication,
and the card's answer is inappropriate
- CardTerminalException - if the terminal encountered an error
- See Also:
executeCommand(opencard.core.terminal.CommandAPDU),
CardChannel.sendCommandAPDU(opencard.core.terminal.CommandAPDU)
executeCommand
public final ResponseAPDU executeCommand(CommandAPDU command)
throws CardTerminalException
- Exchange APDUs with the smartcard (mid level).
This is the mid level method typically used by the associated
instance of CardAccessor. It can also be used by card
services to send commands without access restrictions.
The command APDU gets modified only to reflect the channel ID.
The response APDU is returned as it was received from the smartcard.
- Parameters:
command - the APDU to send to the smartcard- Returns:
- the APDU received from the smartcard
- Throws:
- CardTerminalException - the terminal encountered a problem
- See Also:
executeCommand(com.ibm.opencard.service.MFCCommandAPDU, com.ibm.opencard.service.AccessConditions),
CardChannel.sendCommandAPDU(opencard.core.terminal.CommandAPDU)
|
