|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface Credential
A tag interface for cryptographic credentials.
Most smartcards are able to protect the access to the data stored on
them by means of cryptography. In order to overcome such protection,
the terminal side of an application will have to provide some kind of
secret data to the card services it is using. That secret data is
referred to as credentials. Credentials are collected in instances
of class CredentialStore.
Credentials can take different formats, depending on the smartcard used
as well as on the card service that provides access to the smartcard.
For example, a credential may be a key to the DES or 3DES algorithm, or a
private key to the RSA algorithm.
It does not even have to be a simple key. For example, a credential may
provide the implementation of the algorithm, like DES or 3DES, along with
the key.
A card service requiring such a credential will define an interface,
extending this one, which provides the cryptographic operations. These
operations are then executed by invoking the application's credential.
Encapsulating the algorithm within the credential has several advantages.
First of all, the terminal application does not have to provide the secret
data to the service directly. Second, the credential can be implemented as
a pure software solution, optionally using a cryptographic framework like
the Java Cryptography Extension (JCE), but it may also use a hardware
implementation of the cryptographic algorithm. The card services will
not have to be adapted to the platform in order to make use of such
frameworks or special hardware. Last but not least, card services that
include cryptographic code are subject to US export restrictions.
Since there are few cryptographic algorithms ferquently used by smartcards, namely DES and 3DES, credential interfaces for these algorithms may be defined by OCF in the future.
CardService
,
CredentialBag
,
CredentialStore
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |