191-195.html

Smart Card Developer s Kit, a smart card manual for development, English

<!-- Edit EirGrabber 3.01 -->
<HTML>
<HEAD>


<TITLE>Smart Card Developer's Kit:Card-Side Application Programming Interfaces</TITLE>





<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="185-191.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="195-197.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<P>This program is available on Schlumberger&#146;s Cyberflex Web site (<A HREF="http://www.cyberflex.austin.et.slb.com/">http://www.cyberflex.austin.et.slb.com</A>).</P>
<P>The Java program in Listing 8.1 shows how the Cyberflex 1.0 card can emulate a modest ISO card. It implements the following 13 ISO commands:</P>
<PRE>
Select File
Verify Key
Create File
Delete File
Directory
Update Binary
Read Binary
Update Record
Read Record
Verify CHV
Change CHV
Unblock CHV
Verify Key
</PRE>
<P>and the following three Cyberflex-specific commands:
</P>
<PRE>
Execute Application
Get File Information
Set File Access Control
</PRE>
<P>The program is just a <TT>FOREVER</TT> loop that gets an ISO APDU command packet from the terminal, executes it, and returns the status to the terminal.</P>
<H4 ALIGN="LEFT"><A NAME="Heading21"></A><FONT COLOR="#000077">Schlumberger&#146;s Cyberflex 2.0 Core API</FONT></H4>
<P>In October 1997, coincident with the announcement of Java Card version 2.0, Schlumberger introduced an update of the Cyberflex smart card called Cyberflex 2.0 Core. The idea was to provide a smart card with a Java virtual machine on top of which the Java Card 2.0 API could be built, but one that could also support nonfinancial vertical industry APIs.
</P>
<P>Here is a complete list of the 46 functions on the Cyberflex 2.0 Core API:</P>
<PRE>
GetMessage
SendMessage
SetSpeed
SendStatus
SelectFile
SelectRoot
SelectCD
SelectParent
CreateFile
DeleteFile
ResetFile
ReadByte
GetFileInfo
ReadBinary
WriteBinary
SelectRecord
PreviousRecord
NextRecord
ReadRecord
WriteRecord
LastUpdatedRecord
InitFileStatus
BackupFileStatus
RestoreFileStatus
VerifyCHV
ModifyCHV
VerifyKey
GrantSupervisorMode
RevokeSupervisorMode
GetFileStatus
SetFileStatus
SetFileACL
GetFileACL
CheckAccess
GetFileSize
GetRecordLength
GetRecordNb
GetFileType
GetApplicationId
GetIdentity
SetDefaultATR
SendATR
CompareBuffer
AvailableMemory
Execute
ResetCard
</PRE>
<P>The following sections describe some of these 46 functions.
</P>
<P><FONT SIZE="+1"><B>Communication</B></FONT></P>
<PRE>
GetMessage(byte <I>buffer</I>[], byte <I>expected_length</I>, byte <I>ack_code</I>)
</PRE>
<P>This function retrieves a message from the terminal of the expected length and puts it into the buffer. The <TT><I>ack_code</I></TT> parameter is used only for T=0 transmissions. (In T=0 communication, the terminal sends the first 5 bytes of the message and waits for <TT><I>ack_code</I></TT> to know what to do with the remaining bytes of the message. The typical case is when <TT><I>ack_code</I></TT> is equal to <TT>0</TT>, in which case all subsequent bytes are transferred and put into the buffer.) By using zero as <TT><I>ack_code</I></TT>, your application works the same with any ISO communication protocol.</P>
<PRE>
SendMessage(byte <I>buffer</I>[], byte <I>data_length</I>)
</PRE>
<P>This function sends <TT><I>data_length</I></TT> bytes from buffer to the terminal.</P>
<P><FONT SIZE="+1"><B>File Management</B></FONT></P>
<PRE>
SelectFile(short <I>fileId</I>)
</PRE>
<P>This function selects a file on the smart card and prepares it for access (that is, opens it). This file becomes the <I>current directory</I> or <I>current file</I>.</P>
<PRE>
CreateFile(byte <I>file_hdr[]</I>)
</PRE>
<P>This function creates a new file in the current directory with the properties given in <TT><I>file_hdr</I></TT>.</P>
<PRE>
DeleteFile(short <I>fileId</I>)
</PRE>
<P>This function deletes the named file.
</P>
<PRE>
GetFileInfo(byte <I>file_hdr</I>[])
</PRE>
<P>This function retrieves information describing the current file.
</P>
<PRE>
ReadBinaryFile(short <I>offset</I>, byte <I>data_length</I>, byte <I>buffer</I>[])
</PRE>
<P>This function reads <TT><I>data_length</I></TT> bytes, starting at byte <TT><I>offset</I></TT> from the current file and returns them in <TT><I>buffer</I></TT>.</P>
<PRE>
WriteBinaryFile(short <I>offset</I>, byte <I>data_length</I>, byte <I>buffer</I>[])
</PRE>
<P>This function writes <TT><I>data_length</I></TT> bytes from <TT><I>buffer</I></TT> into the current file starting at byte <TT><I>offset</I></TT>.</P>
<PRE>
SelectRecord(byte <I>offset</I>, byte <I>mode</I>)
</PRE>
<P>This function selects a record number <TT><I>offset</I></TT> in a record file. <TT><I>mode</I></TT> determines whether the offset to the selected record is taken from the beginning or the end of the file or forward or backward from the current location.</P>
<PRE>
PreviousRecord()
</PRE>
<P>This function selects the previous record in the current record file.
</P>
<PRE>
NextRecord()
</PRE>
<P>This function selects the next record in the current record file.
</P>
<PRE>
ReadRecord(byte <I>buffer</I>[], byte <I>record_number</I>, byte <I>offset</I>, byte <I>length</I>)
</PRE>
<P>This function returns <TT><I>length</I></TT> bytes, starting at <TT><I>offset</I></TT> in record number <TT><I>record_number</I></TT> of the current record file in buffer.</P>
<PRE>
WriteRecord(byte <I>buffer</I>[], byte <I>record_number</I>, byte <I>offset</I>, byte <I>length</I>)
</PRE>
<P>This function writes <TT><I>length</I></TT> bytes from <TT><I>buffer</I></TT> into record <TT><I>record_number</I></TT> of the current record file, starting at byte <TT><I>offset</I></TT>.</P>
<P><FONT SIZE="+1"><B>Security</B></FONT></P>
<P>Associated with every file on the Cyberflex card there may be a file of one or more cardholder verification numbers (CHVs) and a file of one or more cryptographic keys. Cardholder numbers are also called personal identification numbers (PINs). PIN files and key files are found either in the same directory in which the file they are protecting is found or in a parent directory of the current directory. The CHV numbers and keys in these files are numbered 0, 1, 2, and so on.
</P>
<P>Typically, PIN numbers are four ASCII digits long and let the program perform cardholder operations on the file while keys are 8 bytes long and let the program perform card-owner operations on the file. This is just a convention, however, and you can make PIN numbers and keys be whatever you like and mean whatever you like when you design the security for your card&#146;s file system.</P>
<PRE>
VerifyCHV(byte <I>CHV_number</I>, byte <I>CHV</I>[], byte <I>unblock_flag</I>)
</PRE>
<P>This function compares the 8 bytes stored in CHV with CHV number <TT><I>CHV_number</I></TT> in the CHV number file associated with the current file and returns success or failure. If <TT><I>unblock_flag</I></TT> is nonzero, the comparison is made to the unblocking CHV number rather than the CHV number indicated by <TT><I>CHV_number</I></TT>.</P>
<PRE>
ModifyCHV(byte <I>CHV_number</I>, byte <I>old_CHV</I> [], byte <I>new_CHV</I> [], byte
<I>unblock_flag</I>)
</PRE>
<P>This function changes CHV number <TT><I>CHV_number</I></TT> from <TT><I>old_CHV</I></TT> to <TT><I>new_CHV</I></TT>. If <TT><I>unblock_flag</I></TT> is nonzero, the change is to the unblocking CHV.</P>
<PRE>
VerifyKey(byte <I>key_number</I>, byte <I>key</I>[], byte <I>key_length</I>)
</PRE>
<P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="185-191.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="195-197.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>





</BODY>
</HTML>