jcrespec04selection.html

JAVA CARD 开发包规格说明,版本为2.2.2

<P CLASS="TableText"><A NAME="pgfId-426705"></A>(Type 16) last or only command in chain, with SM
</P>
</TD>
</TR>
<TR>
<TD SCOPE="ROW" ROWSPAN="1" COLSPAN="1">
<P CLASS="TableText"><A NAME="pgfId-426707"></A>%b11y1 zzzz 
</P>
</TD>
<TD ROWSPAN="1" COLSPAN="1">
<P CLASS="TableText"><A NAME="pgfId-427934"></A>&nbsp;
</P>
</TD>
<TD ROWSPAN="1" COLSPAN="1">
<P CLASS="TableText"><A NAME="pgfId-426709"></A>(Type 16) not last command in chain, with SM
</P>
</TD>
</TR>
<TR>
<TD SCOPE="ROW" ROWSPAN="1" COLSPAN="1">
<P CLASS="TableText"><A NAME="pgfId-427906"></A>&nbsp;
</P>
</TD>
<TD ROWSPAN="1" COLSPAN="1">
<P CLASS="TableTextCode"><A NAME="pgfId-428696"></A>NOTATION
</P>
</TD>
<TD ROWSPAN="1" COLSPAN="1">
<P CLASS="TableText"><A NAME="pgfId-427908"></A>&nbsp;
</P>
</TD>
</TR>
<TR>
<TD SCOPE="ROW" ROWSPAN="1" COLSPAN="1">
<P CLASS="TableText"><A NAME="pgfId-427902"></A>&nbsp;
</P>
</TD>
<TD ROWSPAN="1" COLSPAN="1">
<P CLASS="TableText"><A NAME="pgfId-427938"></A>u
</P>
<P CLASS="TableText"><A NAME="pgfId-428705"></A>y
</P>
<P CLASS="TableText"><A NAME="pgfId-428706"></A>&nbsp;
</P>
<P CLASS="TableText"><A NAME="pgfId-428707"></A>&nbsp;
</P>
<P CLASS="TableText"><A NAME="pgfId-428724"></A>z
</P>
</TD>
<TD ROWSPAN="1" COLSPAN="1">
<P CLASS="TableText"><A NAME="pgfId-427904"></A>undefined
</P>
<P CLASS="TableText"><A NAME="pgfId-428712"></A>Secure Messaging indicator
</P>
<P CLASS="TableText"><A NAME="pgfId-428710"></A>	See <EM CLASS="Emphasis">ISO 7816-4:2005 Specification</EM> Section 6 for further information.
</P>
<P CLASS="TableText"><A NAME="pgfId-428728"></A>Logical channel indicator
</P>
<P CLASS="TableText"><A NAME="pgfId-428729"></A>Type 4 supports logical channels [0..3]
</P>
<P CLASS="TableText"><A NAME="pgfId-428723"></A>	Type 16 supports logical channels [4..19]
</P>
</TD>
</TR>
</TBODY>
</TABLE>
<BR>
<BR>
<HR NOSHADE SIZE=1>
<TABLE CLASS="TipNote" DIR="LTR" WIDTH="100%" SUMMARY="TipNote">
<COLGROUP SPAN="1" WIDTH="100%">
<TR ALIGN="left" VALIGN="top">
<TD ROWSPAN="1" COLSPAN="1" ABBR="TipNoteText">
<P CLASS="TipNote"><B CLASS="TipNote">Note - </B><A NAME="pgfId-426724"></A>CLA byte 0xFX cannot encode logical channel 19 because <KBD CLASS="Filename-Command">CLA = 0xFF</KBD> is a reserved value for Protocol Type Selection. In compliance with <EM CLASS="Emphasis">ISO 7816-4:2005 Specification</EM>, logical channel number 19 is not available when using this CLA byte. 
</P>
</TD>
</TR>
</TABLE>
<HR NOSHADE SIZE=1>
<BR>
<P CLASS="Paragraph"><A NAME="pgfId-419408"></A>The Java Card RE always forwards the command &quot;as is&quot; to the appropriate applet instance. In particular, the Java Card RE does not clear the logical channel encoding bits of the CLA byte.
</P>
<P CLASS="Paragraph"><A NAME="pgfId-426835"></A>To avoid the complexity of the transport information encoded in the CLA byte of the APDU command header, the application programmer is advised not to parse the CLA byte directly. The following methods in the <KBD CLASS="Filename-Command">javacard.framework.APDU</KBD> class may be used to extract application specific information:
</P>
<UL>
<LI CLASS="Bullet1"><A NAME="pgfId-426847"></A><KBD CLASS="Filename-Command">APDU.isISOInterindustryCLA</KBD>
</LI>
<P CLASS="Linebreak">
</P>
<LI CLASS="Bullet1"><A NAME="pgfId-426848"></A><KBD CLASS="Filename-Command">APDU.isSecureMessagingCLA</KBD>
</LI>
<P CLASS="Linebreak">
</P>
<LI CLASS="Bullet1"><A NAME="pgfId-426849"></A><KBD CLASS="Filename-Command">APDU.isCommandChainingCLA</KBD>
</LI>
<P CLASS="Linebreak">
</P>
<LI CLASS="Bullet1"><A NAME="pgfId-426850"></A><KBD CLASS="Filename-Command">APDU.getCLAChannel</KBD>
</LI>
<P CLASS="Linebreak">
</P>
</UL>
<BR>
<HR NOSHADE SIZE=1>
<TABLE CLASS="TipNote" DIR="LTR" WIDTH="100%" SUMMARY="TipNote">
<COLGROUP SPAN="1" WIDTH="100%">
<TR ALIGN="left" VALIGN="top">
<TD ROWSPAN="1" COLSPAN="1" ABBR="TipNoteText">
<P CLASS="TipNote"><B CLASS="TipNote">Note - </B><A NAME="pgfId-426406"></A>An asterisk indicates binary notation (%b) using bit numbering as in the ISO7816 specification. Most significant bit is b8. Least significant bit is b1.
</P>
</TD>
</TR>
</TABLE>
<HR NOSHADE SIZE=1>
<BR><H2 CLASS="Head1"><A NAME="pgfId-426408"></A>
<DIV>
<HR ALIGN=left SIZE=6 WIDTH=15% noshade>
</DIV>4.4	<A NAME="marker-426407"></A>Opening and Closing Logical Channels</H2>
<P CLASS="Paragraph"><A NAME="pgfId-426409"></A>According to Section 5.5.2 of the ISO 7816-4 Specification, the following two ways to open a logical channel in the smart card exist:
</P>
<P CLASS="List1"><A NAME="pgfId-416450"></A>1.	By selecting an applet instance on a new logical channel. This is accomplished by issuing an Applet SELECT FILE APDU command, and specifying the logical channel number in the CLA byte of the command. If this logical channel is currently closed, it shall be opened, and the specified applet instance shall be selected. See <A HREF="JCRESpec04selection.html#55974" CLASS="XRef">Section 4.5.2, Applet Selection with SELECT FILE</A>.
</P>
<P CLASS="List1-"><A NAME="pgfId-416470"></A>2. 	By issuing a MANAGE CHANNEL OPEN APDU command. MANAGE CHANNEL commands are provided to open a logical channel from another logical channel, or to close a logical channel from another logical channel. See <A HREF="JCRESpec04selection.html#90206" CLASS="XRef">Section 4.4.1, MANAGE CHANNEL Command Processing</A>.
</P><H3 CLASS="Head2"><A NAME="pgfId-411722"></A>4.4.1	<A NAME="90206"></A>MANAGE <A NAME="marker-419772"></A>CHANNEL Command Processing</H3>
<P CLASS="Paragraph"><A NAME="pgfId-416472"></A>The Java Card RE shall intercept all APDU messages coming into the card, perform card management functions (such as selecting or deselecting applet instances), and shall forward APDU messages to the appropriate applet instance. As part of its card management functions, the Java Card RE notifies applet instances about selection events (a function it performs by calling the applet instances' <KBD CLASS="Filename-Command">select</KBD> and <KBD CLASS="Filename-Command">deselect</KBD> methods).
</P>
<P CLASS="Paragraph"><A NAME="pgfId-416479"></A>With the addition of logical channels in Java Card platform, the Java Card RE includes a <A NAME="marker-419773"></A>multichannel dispatching mechanism, as well as checks to ensure applet integrity during multi-channel operations. The Java Card RE must ensure that applets written to operate in a single logical channel environment operate consistently on a multiple logical channel smart card.
</P>
<P CLASS="Paragraph"><A NAME="pgfId-416528"></A>Java Card platform defines a class of APDU commands, called MANAGE CHANNEL commands. The functions the Java Card RE must perform by using MANAGE CHANNEL command processing are:
</P>
<P CLASS="Paragraph"><A NAME="pgfId-412716"></A>MANAGE CHANNEL OPEN: Open a new logical channel from an already-open logical channel. Two variations of this command are supported:
</P>
<UL>
<LI CLASS="Bullet1"><A NAME="pgfId-412717"></A>The Java Card RE selects the new logical channel specified in the command
</LI>
<P CLASS="Linebreak">
</P>
<LI CLASS="Bullet1-"><A NAME="pgfId-411920"></A>The Java Card RE automatically assigns a new logical channel. 
</LI>
<P CLASS="Linebreak">
</P>
</UL>
<P CLASS="Paragraph"><A NAME="pgfId-412074"></A>MANAGE CHANNEL CLOSE: Close a specified logical channel from another open logical channel. 
</P>
<P CLASS="Paragraph"><A NAME="pgfId-412733"></A>In addition, the SELECT FILE APDU command to select an applet instance is extended to specify a new or already opened logical channel on which the specified applet instance is to be selected.
</P>
<P CLASS="Paragraph"><A NAME="pgfId-414077"></A>The term origin logical channel refers to the logical channel on which the command is received based on the logical channel number encoding within the CLA byte, as described in <A HREF="JCRESpec04selection.html#13304" CLASS="XRef">Section 4.3, Forwarding APDU Commands To a Logical Channel</A>.
</P><H2 CLASS="Head1"><A NAME="pgfId-412161"></A>
<DIV>
<HR ALIGN=left SIZE=6 WIDTH=15% noshade>
</DIV>4.5	<A NAME="92536"></A>Applet <A NAME="marker-419774"></A>Selection</H2>
<P CLASS="Paragraph"><A NAME="pgfId-412984"></A>There are two ways to select an applet instance in the Java Card platform: with a MANAGE CHANNEL OPEN command (<A HREF="JCRESpec04selection.html#16012" CLASS="XRef">Section 4.5.1, Applet Selection with MANAGE CHANNEL OPEN</A>), or with a SELECT FILE command (<A HREF="JCRESpec04selection.html#55974" CLASS="XRef">Section 4.5.2, Applet Selection with SELECT FILE</A>).
</P>
<P CLASS="Paragraph"><A NAME="pgfId-426155"></A>The Java Card RE shall guarantee that an applet that is designed to run on any logical channel can be selected on any of the available logical channels on the card. The resources accessed by the applet instance must be the same, irrespective of the logical channel on which it is selected.
</P><H3 CLASS="Head2"><A NAME="pgfId-426161"></A>4.5.1	<A NAME="16012"></A>Applet Selection with <A NAME="marker-426158"></A><A NAME="marker-426159"></A>MANAGE <A NAME="marker-426160"></A>CHANNEL OPEN</H3>
<P CLASS="Paragraph"><A NAME="pgfId-412180"></A>Upon receiving a MANAGE CHANNEL OPEN command on an I/O interface, the Java Card RE shall run the following procedure:
</P>
<P CLASS="List1"><A NAME="pgfId-416538"></A>1.	The MANAGE CHANNEL OPEN command uses: CLA=<KBD CLASS="Filename-Command">%b000000cc*</KBD> (where <KBD CLASS="Filename-Command">cc</KBD> in the bits (b2,b1) denotes the origin logical channel: 0-3), or CLA=<KBD CLASS="Filename-Command">%0100dddd*</KBD> (where <KBD CLASS="Filename-Command">dddd</KBD> in the bits (b4-b1) denote the origin logical channel: 4-19), INS=<KBD CLASS="Filename-Command">0x70</KBD> and P1=<KBD CLASS="Filename-Command">0</KBD>. Two variants of this command are supported: 
</P>
<UL>
<LI CLASS="Bullet1"><A NAME="pgfId-413007"></A>P2=<KBD CLASS="Filename-Command">0</KBD> when the Java Card RE shall assign a new logical channel number.
</LI>
<P CLASS="Linebreak">
</P>
<LI CLASS="Bullet1-"><A NAME="pgfId-413011"></A>P2= the logical channel number specified.
</LI>
<P CLASS="Linebreak">
</P>
<UL>
<LI CLASS="Bullet2"><A NAME="pgfId-417353"></A>If the MANAGE CHANNEL OPEN command has non-zero secure messaging bits (b4,b3*) in the CLA byte when the origin logical channel is 0-3 or non-zero bit (b6*) when the origin logical channel is 4-19, the Java Card RE responds with status code <KBD CLASS="Filename-Command">0x6882</KBD> (<KBD CLASS="Filename-Command">SW_SECURE_MESSAGING_NOT_SUPPORTED</KBD>). 
</LI>
<P CLASS="Linebreak">
</P>
<LI CLASS="Bullet2"><A NAME="pgfId-417365"></A>If the MANAGE CHANNEL command is issued with P1 not equal to <KBD CLASS="Filename-Command">0</KBD> or <KBD CLASS="Filename-Command">0x80</KBD>, or if the unsigned value of P2 is greater than <KBD CLASS="Filename-Command">19</KBD>, the Java Card RE responds with status code <KBD CLASS="Filename-Command">0x6A81</KBD> (<KBD CLASS="Filename-Command">SW_FUNC_NOT_SUPPORTED</KBD>).
</LI>
<P CLASS="Linebreak">
</P>
</UL>
</UL>
<P CLASS="List1-"><A NAME="pgfId-417354"></A>2. 	If the origin logical channel on that I/O interface is not open, the Java Card RE responds with status code <KBD CLASS="Filename-Command">0x6881</KBD> (<KBD CLASS="Filename-Command">SW_LOGICAL_CHANNEL_NOT_SUPPORTED</KBD>).
</P>
<P CLASS="List1-"><A NAME="pgfId-416562"></A>3. 	If the Java Card RE supports only the basic logical channel on that I/O interface, the Java Card RE responds with status code <KBD CLASS="Filename-Command">0x6881</KBD> (<KBD CLASS="Filename-Command">SW_LOGICAL_CHANNEL_NOT_SUPPORTED</KBD>).
</P>
<P CLASS="List1-"><A NAME="pgfId-414734"></A>4. 	If the P2=<KBD CLASS="Filename-Command">0</KBD> variant is used:
</P>
<UL>
<LI CLASS="Bullet1"><A NAME="pgfId-414740"></A>If the expected length value (Le) is not equal to <KBD CLASS="Filename-Command">1</KBD>, the Java Card RE responds with status code <KBD CLASS="Filename-Command">0x6C01</KBD> (<KBD CLASS="Filename-Command">SW_CORRECT_LENGTH_00+0x01</KBD>).
</LI>
<P CLASS="Linebreak">
</P>
<LI CLASS="Bullet1"><A NAME="pgfId-416575"></A>If resources for the new logical channel are not available, the Java Card RE responds with status code <KBD CLASS="Filename-Command">0x6A81</KBD> (<KBD CLASS="Filename-Command">SW_FUNC_NOT_SUPPORTED</KBD>).
</LI>