Java Card Technology Ch03: Overview

Java Card TechnologyCh03: Overview

Instructors: Instructors:

Fu-Chiung Cheng Fu-Chiung Cheng

((鄭福炯鄭福炯 ))

Associate Professor Associate Professor

Computer Science & EngineeringComputer Science & Engineering

Tatung UniversityTatung University

Content

Architecture OverviewArchitecture Overview Java Card Language SubsetJava Card Language Subset Java Card Virtual MachineJava Card Virtual Machine Java Card Installer and off Card Java Card Installer and off Card

Installation ProgramInstallation Program Java Card Runtime EnvironmentJava Card Runtime Environment

Architecture Overview

Java card technology enables programs Java card technology enables programs written in Java to run on smart cards and written in Java to run on smart cards and other resource-constrained devices.other resource-constrained devices.

Smart cards represent one of the smallest Smart cards represent one of the smallest computing platforms in use.computing platforms in use.

How to fit Java system into a smart card? How to fit Java system into a smart card? (Smart cards have 1K of RAM,16K of EEPROM, 24K (Smart cards have 1K of RAM,16K of EEPROM, 24K of ROM)of ROM) Support only a subset of featuresSupport only a subset of features apply a split model to implement JVMapply a split model to implement JVM


JCVM (Java Card Virtual Machine) is split into JCVM (Java Card Virtual Machine) is split into :: Part that runs off-cardPart that runs off-card Part that runs on-cardPart that runs on-card

Off-card process:Off-card process: Processing tasks that are not constrained tProcessing tasks that are not constrained t

o execute at runtimeo execute at runtimeClass loading, bytecode verification, resClass loading, bytecode verification, res

olution and linking, and optimizationolution and linking, and optimization


On-card process: On-card process: defines a runtime environment that defines a runtime environment that

supports the smart card memory, supports the smart card memory, communication, security and communication, security and application execution modelapplication execution model

Java Card runtime environment Java Card runtime environment conforms to the smart card conforms to the smart card international standard ISO 7816international standard ISO 7816


Java Card Technology contains:Java Card Technology contains: Java Card Virtual Machine (JCVM) Specification: define Java Card Virtual Machine (JCVM) Specification: define

a subset of the Java Programming language and virtual a subset of the Java Programming language and virtual machine architecture suitable for smart card machine architecture suitable for smart card applications applications

Java Card Runtime environment (JCRE): describe Java Java Card Runtime environment (JCRE): describe Java Card runtime behavior, including memory management, Card runtime behavior, including memory management, applet management and other runtime features applet management and other runtime features

Java Card Application Programming Interface Java Card Application Programming Interface Specification (APIs): describe the set of core and Specification (APIs): describe the set of core and extension Java package and class for programming extension Java package and class for programming smart card applicationssmart card applications

Java Card Language Subset

Support only a carefully chosen, customized Support only a carefully chosen, customized subset of feature of java languagesubset of feature of java language Due to small memory footprint of Java card Due to small memory footprint of Java card Well suited for writing programs for smart Well suited for writing programs for smart

card applicationscard applications Preserving the object-oriented capabilitiesPreserving the object-oriented capabilities

Many advanced smart cards provide a Many advanced smart cards provide a garbage collection mechanism to enable garbage collection mechanism to enable object deletionobject deletion

Java Card Language Subset

Supported Java featureSupported Java feature Small primitive data types: Small primitive data types:

boolean, byte, shortboolean, byte, short One-dimensional arrayOne-dimensional array Java packages, classes, inJava packages, classes, in

terfaces, and exceptionsterfaces, and exceptions Java object-oriented featurJava object-oriented featur

e: inheritance, virtual methe: inheritance, virtual methods, overloading and dynaods, overloading and dynamic object creation, accesmic object creation, access scope, and binding ruless scope, and binding rules

The The intint keyword and 32-bit keyword and 32-bit integer data type support ainteger data type support are optionalre optional

Unsupported Java featureUnsupported Java feature Large primitive data type: Large primitive data type:

long, double, floatlong, double, float Characters and stringsCharacters and strings Multidimensional arraysMultidimensional arrays Dynamic class loadingDynamic class loading Security managerSecurity manager ThreadThread Object serializationObject serialization Object cloningObject cloning

Java Card Virtual Machine

Java card virtual machine(JCVM) is implemenJava card virtual machine(JCVM) is implemented as two separate pieces:ted as two separate pieces: The on card portion of JCVM includes the java bytThe on card portion of JCVM includes the java byt

ecode ecode interpreterinterpreter The The converterconverter is the off-card piece of JCVM whic is the off-card piece of JCVM whic

h runs on a PC or workstationh runs on a PC or workstation

The two pieces implement all the VM function The two pieces implement all the VM function and generate some output file like CAP (convand generate some output file like CAP (converted applet) file and export fileerted applet) file and export file

Java Card Virtual Machine

Classfiles

Converter interpreter

CAPfile

CAP File and Export File

The converter loads and preprocess the class files and The converter loads and preprocess the class files and outputs a CAP fileoutputs a CAP file

A CAP file contains an executable binary representatioA CAP file contains an executable binary representation of the class in Java packagen of the class in Java package

A CAP file is a JAR file that contains a set of componeA CAP file is a JAR file that contains a set of components.nts.

Each component describes an aspect of CAP file conteEach component describes an aspect of CAP file content, such as class information, executable bytecode, linknt, such as class information, executable bytecode, linking information, verification information and so forthing information, verification information and so forth

The CAP file format is optimized for small small footpriThe CAP file format is optimized for small small footprint by compact data structure and limited indirection.nt by compact data structure and limited indirection.

CAP File and Export File

Export file are not loaded onto smart card and Export file are not loaded onto smart card and thus are not directly used by interpreterthus are not directly used by interpreter

Export file can be thought of as the header filExport file can be thought of as the header files in C programming language es in C programming language It contains public API information for an entIt contains public API information for an ent

ire package of classesire package of classes It defines access scoop, class name, signaIt defines access scoop, class name, signa

ture of method and fieldsture of method and fields It contains linking information used for resoIt contains linking information used for reso

lving interpackage references on the card lving interpackage references on the card

Java Card Converter

The converter processed one class at a time, The converter processed one class at a time, the conversion unit of it is a packagethe conversion unit of it is a package

The converter takes two input : class files and The converter takes two input : class files and export filesexport files

Java Card Converter

During the conversion, the converter performs During the conversion, the converter performs tasks that a JVM in a desktop environment wtasks that a JVM in a desktop environment would perform at class-loading time:ould perform at class-loading time: Verifies that the load images of the java classes arVerifies that the load images of the java classes ar

e well formede well formed Checks for Java Card language subset violationsChecks for Java Card language subset violations Performs static variables initializationPerforms static variables initialization Optimizes bytecodeOptimizes bytecode Allocates storage and creates VM data structures tAllocates storage and creates VM data structures t

o represent classes o represent classes

Java Card interpreter

Java Card interpreter provides runtime suppoJava Card interpreter provides runtime support of Java language model and thus allows hart of Java language model and thus allows hardware independence of applet coderdware independence of applet code

Tasks:Tasks: Executes byecode instructions and ultimatExecutes byecode instructions and ultimat

ely execute appletsely execute applets Controls memory allocation and object creControls memory allocation and object cre

ationation Plays a crucial role in ensuring runtime secPlays a crucial role in ensuring runtime sec

urity urity

Java Card Installer and Off-Card Installation Program The interpreter does not itself load CAP file.The interpreter does not itself load CAP file. Java card installer is the mechanism to download and Java card installer is the mechanism to download and

install a CAP fileinstall a CAP file The Java Card installer resides within card.The Java Card installer resides within card. Java card installer cooperates with an off-card Java card installer cooperates with an off-card

installation program.installation program. The installation program transmits the executable The installation program transmits the executable

binary in a CAP file to installer via card acceptance binary in a CAP file to installer via card acceptance (CAD)(CAD)

Then the JC installer writes the binary into memory of Then the JC installer writes the binary into memory of card, links with other class and creates and initializes card, links with other class and creates and initializes any data structures that are used any data structures that are used

Java Card Installer and Off-Card Installation Program

Java Card Runtime Environment

Java card runtime environment (JCRE) consists Java card runtime environment (JCRE) consists of a Java Card system components that run of a Java Card system components that run inside a smart cardinside a smart card JCVM, JC APIs, industry-specific extension JCVM, JC APIs, industry-specific extension

and JCRE system classes.and JCRE system classes. JCRE is responsible for (JCRE == JC OS)JCRE is responsible for (JCRE == JC OS)

Card resource managementCard resource management Network communicationNetwork communication Applet executionApplet execution On-card system and applet securityOn-card system and applet security

On-Card System Architecture


JCVM JCVM executes bytecodes, executes bytecodes, controls memory allocation, controls memory allocation, manages objects, andmanages objects, and enforces the runtime securityenforces the runtime security

Native methods:Native methods: Provide support to the JCVM and system classeProvide support to the JCVM and system classe

ss Handle low-level communication protocols, meHandle low-level communication protocols, me

mory management, crytographic supportmory management, crytographic support


System classesSystem classes are analogues to an OS coreare analogues to an OS core manage transactionsmanage transactions manage communication between the host manage communication between the host

applications and Java Card appletapplications and Java Card applet control applet creation, selection and deselcontrol applet creation, selection and desel

etionetion


Java Card Application framework classesJava Card Application framework classes define the four core and extension API packagesdefine the four core and extension API packages This framework makes it relatively easy to create an This framework makes it relatively easy to create an

applet.applet. Applets access JCRE services through framework Applets access JCRE services through framework

classes.classes. Industry-specific extensionIndustry-specific extension

Add-on libraries to provide additional services or to Add-on libraries to provide additional services or to refine the security and system modelrefine the security and system model

Example: Open Platform extends the JCRE services Example: Open Platform extends the JCRE services to meet financial industries’ specific security needs.to meet financial industries’ specific security needs.


InstallerInstaller Enables the secure downloading of software Enables the secure downloading of software

and applets onto the card after the card is and applets onto the card after the card is made and issued to the card holdermade and issued to the card holder

Cooperates with the off-card installation Cooperates with the off-card installation programprogram

Is an optional JCRE componentIs an optional JCRE component Java Card appletJava Card applet

User applications on JC platformUser applications on JC platform Applets are downloadableApplets are downloadable

JCRE Lifetime

JCRE is initialized at card initialization timeJCRE is initialized at card initialization time JCRE initialization is performed only once during JCRE initialization is performed only once during

the card lifetimethe card lifetime JCRE initialization:JCRE initialization:

initialize the virtual machineinitialize the virtual machine Create objects for providing JCRE servicesCreate objects for providing JCRE services Manage appletsManage applets

Applets installationApplets installation JCRE creates applet instanceJCRE creates applet instance Applets create objects to store dataApplets create objects to store data

CAD Session

CAD Session:CAD Session: The period from the time the card is inserteThe period from the time the card is inserte

d into the card acceptance devices (CAD) d into the card acceptance devices (CAD) and is powered up until the time the card is and is powered up until the time the card is removed from the CADremoved from the CAD

During a CAD session, the JCRE operates likDuring a CAD session, the JCRE operates like a typical smart card (i.e. support APDU I/O e a typical smart card (i.e. support APDU I/O communication). See Fig 3.5 on page 38communication). See Fig 3.5 on page 38 APDUs are sent (Command APDUs and RAPDUs are sent (Command APDUs and R

esponse APDUs)esponse APDUs)

CAD Session

After a JCRE is reset, the JCRE enters into a After a JCRE is reset, the JCRE enters into a loop, waiting for APDU commands from the hostloop, waiting for APDU commands from the host

The host sends APDU commands to the Java The host sends APDU commands to the Java Card, using the serial communication interface Card, using the serial communication interface via the card input/output contact pointvia the card input/output contact point

When a command arrives, the JCRE either When a command arrives, the JCRE either selects an applet to run as instructed in the selects an applet to run as instructed in the command or forwards the command to the command or forwards the command to the currently selected appletcurrently selected applet

CAD Session

The selected applet then takes control The selected applet then takes control and processes the APDU commandand processes the APDU command

When finished, the applet sends a When finished, the applet sends a response to the host application and response to the host application and surrenders control to the JCREsurrenders control to the JCRE

This process repeats when the next This process repeats when the next command arrives.command arrives.

Java Card Runtime Features

Besides supporting the Java language Besides supporting the Java language runtime model, the JCRE supports three runtime model, the JCRE supports three additional runtime featuresadditional runtime features Persistent and transient objectsPersistent and transient objects Atomic operations and transactionAtomic operations and transaction Applet firewall and the sharing Applet firewall and the sharing

mechanismsmechanisms


Persistent and transient objectsPersistent and transient objects By default, Java Card objects are persistent and By default, Java Card objects are persistent and

are created in persistent memoryare created in persistent memory The space and data of such objects span CAD The space and data of such objects span CAD

sessionssessions For security and performance reasons, applet can For security and performance reasons, applet can

create objects in RAMcreate objects in RAM Such objects are called transient objectsSuch objects are called transient objects Transient objects contain temporary data that are Transient objects contain temporary data that are

not persistent across CAD sessionsnot persistent across CAD sessions


Atomic operations and transactionAtomic operations and transaction JCVM ensures that each write operation to a JCVM ensures that each write operation to a

single field in an object or in a class is atomicsingle field in an object or in a class is atomic The updated field either gets the new value or The updated field either gets the new value or

is restored to the previous valueis restored to the previous value JCRE provides transaction APIsJCRE provides transaction APIs An applet can include several write operations An applet can include several write operations

in a transactionin a transaction Either all updates in a transaction are Either all updates in a transaction are

complete or none of them proceedscomplete or none of them proceeds


Applet firewall and the sharing mechanismsApplet firewall and the sharing mechanisms The applet firewall isolates appletsThe applet firewall isolates applets Each applet runs within a designated spaceEach applet runs within a designated space The existence and operation of one applet hThe existence and operation of one applet h

as no effect on the other applets on the cardas no effect on the other applets on the card The applet firewall is enforced by the JCVM The applet firewall is enforced by the JCVM

as it executes bytecodesas it executes bytecodes JCVM permits shared data access through sJCVM permits shared data access through s

ecure sharing mechanishmsecure sharing mechanishms

Java Card APIs

Java Card APIs consist of customized classes for Java Card APIs consist of customized classes for programming smart card applications according tprogramming smart card applications according to the ISO 7816 modelso the ISO 7816 models

Java Card APIs containsJava Card APIs contains 3 Core packages3 Core packages

java.langjava.lang javacard.frameworkjavacard.framework javacard.securityjavacard.security

One extension packageOne extension package javacardx.cryptojavacardx.crypto

Java Card APIs

Classes are not supportedClasses are not supported GUI interfacesGUI interfaces Network I/ONetwork I/O Desktop file system I/ODesktop file system I/O

The reasons:The reasons: No displayNo display Different network protocolDifferent network protocol Different file system structureDifferent file system structure

Java.lang Package

Table 3.2Table 3.2Object Object Throwable Throwable Exception Exception

Runtime-Runtime-Exception Exception

Arithematic-ExArithematic-Exception ception

ArrayIndexOutOfBounArrayIndexOutOfBoundsException dsException

ArrayStore-ExArrayStore-Exception ception

ClassCast-ExcClassCast-Exception eption

IndexOutOfBounds-ExIndexOutOfBounds-Exception ception

NullPointer-ExNullPointer-Exception ception

Security-Security-Exception Exception

NegativeArraySize-ExcNegativeArraySize-Exception eption

Javacard.framework Package

javacard.framework provides framework classejavacard.framework provides framework classes and interfaces for the core functionality of Javs and interfaces for the core functionality of Java Card appleta Card applet

Import classes:Import classes: Applet class: provides a framework for applet executApplet class: provides a framework for applet execut

ionion APDU class: APDUs are carried by the transmission APDU class: APDUs are carried by the transmission

protocol (Transmission protocol are T=0 or T=1)protocol (Transmission protocol are T=0 or T=1) JCSystem class: control applet execution, resource JCSystem class: control applet execution, resource

management, transaction management and inter-apmanagement, transaction management and inter-applet object sharingplet object sharing

Javacard.framework Package

Import classes:Import classes: PIN class: PIN class:

Short for personal identification Short for personal identification numbernumber

provide the common form of provide the common form of password to authenticating card password to authenticating card holders holders

Javacard.security Package

Provides a framework for cryptographic functiProvides a framework for cryptographic functionsons

javacard.security javacard.security defines a key factory class keyBuilder and defines a key factory class keyBuilder and

various interfaces used in symmetric (DES) various interfaces used in symmetric (DES) and asymmetric (DSA and RSA) algorithmsand asymmetric (DSA and RSA) algorithms

Supports abstract base classes RandomDaSupports abstract base classes RandomData, Signature, and MessageDigestta, Signature, and MessageDigest

Javacardx.crypto Package

Is an extension packageIs an extension package Contains cryptographic classes and interfaceContains cryptographic classes and interface

ss Defines the abstract base class ClipherDefines the abstract base class Clipher

Support encryption and decryption functionSupport encryption and decryption functionss

Does not provide any implementationDoes not provide any implementation There is a coprocessor on smart cards to perfThere is a coprocessor on smart cards to perf

orm crytographic computation orm crytographic computation

Java Card Applet

Java Card Applets is not the same as the Java Card Applets is not the same as the J2SE AppletJ2SE Applet

JC applet is a Java program, that adhere to a JC applet is a Java program, that adhere to a set of conventions, and can run within the set of conventions, and can run within the Java Card runtime environmentJava Card runtime environment

They can be dynamically downloaded onto They can be dynamically downloaded onto the cardthe card

Multiple applets can coexist on a single Java Multiple applets can coexist on a single Java card, and an applet can have multiple card, and an applet can have multiple instancesinstances

Package and Applet Naming Convention Each applet instance is uniquely identified by Each applet instance is uniquely identified by

Application Identifier (AID)Application Identifier (AID) Each Java package is also assigned an AIDEach Java package is also assigned an AID ISO 7816 specifies AIDs to be used for uniquISO 7816 specifies AIDs to be used for uniqu

e identification of card application and certain e identification of card application and certain kinds of fileskinds of files

RID (5 bytes)RID (5 bytes) PIX (0-11 bytes)PIX (0-11 bytes)

Resource Identifier Proprietary Identifier Extension

Package and Applet Naming Convention (cont.) The AID for a package is constructed by concThe AID for a package is constructed by conc

atenatingatenating the company’s RIDthe company’s RID A PIX for that packageA PIX for that package

ISO controls the assignment of RIDs to compISO controls the assignment of RIDs to companies; each company has a unique RID.anies; each company has a unique RID.

Companies manage assignment of PIXsCompanies manage assignment of PIXs The RID in an AID identifies an applet provideThe RID in an AID identifies an applet provide

rr

Package and Applet Naming Convention (cont.) Package AID =Package AID =

Company’s RIDCompany’s RID Package PIXPackage PIX

Applet AID =Applet AID = Company’s RIDCompany’s RID (Applet provider’s RID) (Applet provider’s RID) Applet PIXApplet PIX

Package and Applet Naming Convention (cont.) The package AID and the default applet The package AID and the default applet

AID for each applet defined in the AID for each applet defined in the packagepackage Specified in the CAP fileSpecified in the CAP file Supplied to the converter when the Supplied to the converter when the

CAP file is generatedCAP file is generated

Applet Development Process

Step 1:

Step 2:

Step 3:

Step 4:

Javacompiler

Java Cardsimulator

Javafiles

classfiles

Java Cardconverter

exportfiles

exportfile(s)

CAPfile(s)

Java Cardemulator


Step 1: Step 1: A developer writes one or more Java Classes A developer writes one or more Java Classes

and and compiles the source code with a Java compilercompiles the source code with a Java compiler Produce one or more class filesProduce one or more class files

Step 2:Step 2: Applet is run, tested and debugged in a Applet is run, tested and debugged in a

simulation environmentsimulation environment The overall functional aspects of applet are The overall functional aspects of applet are

testedtested


Step 3: Step 3: Class files are converted to a CAP fileClass files are converted to a CAP file A CAD file and an export file are created for A CAD file and an export file are created for

each packageeach package Step 4:Step 4:

CAP files are loaded and tested in an CAP files are loaded and tested in an emulation environment emulation environment

Runtime behaviors of applet are testedRuntime behaviors of applet are testedApplet firewallApplet firewallTransient and persistent objectsTransient and persistent objects

Applet Installation

ROM AppletsROM Applets Pre-issuance or Post-issuance AppletsPre-issuance or Post-issuance Applets Post-issuance Applets InstallationPost-issuance Applets Installation Error Recovery during Applet Error Recovery during Applet

InstallationInstallation Installation ConstraintsInstallation Constraints

Applet Installation `

MaskingMasking The process of writing the permanent The process of writing the permanent

components into the non-mutable memory components into the non-mutable memory of a chipof a chip

When a Java Card is manufactured, the When a Java Card is manufactured, the smart card proprietary system and Java Card smart card proprietary system and Java Card runtime environment (native methods, JCVM, runtime environment (native methods, JCVM, Framework APIs and libraries) are burned Framework APIs and libraries) are burned into ROM.into ROM.

ROM Applets

Applet classes can be masked in ROM Applet classes can be masked in ROM together with JCRE and other system together with JCRE and other system components during the process of card components during the process of card manufacturingmanufacturing

Applet instances are instantiated in EEPROM Applet instances are instantiated in EEPROM by the JCRE during the JCRE initialization. by the JCRE during the JCRE initialization. Such applets are called ROM appletsSuch applets are called ROM applets

ROM applet content are controlled by issuersROM applet content are controlled by issuers ROM applet are allowed to declare native ROM applet are allowed to declare native

methods (not checked by JCVM)methods (not checked by JCVM)

Pre-issuance or Post-issuance Applets Java Card applet classes and associated class Java Card applet classes and associated class

libraries can be downloaded and written into the libraries can be downloaded and written into the mutable memory (EEPROM) after the card is mutable memory (EEPROM) after the card is manufacturedmanufactured

Pre-issuance and post-issuance are downloaded Pre-issuance and post-issuance are downloaded before or after the card has been issuedbefore or after the card has been issued

Pre-issuance applets are treated the same way Pre-issuance applets are treated the same way as the ROM appletsas the ROM applets

Post-issuance applets are not allowed to declare Post-issuance applets are not allowed to declare native methods (security reason)native methods (security reason)

Post-issuance Applets Installation Applet installation refers to the process of Applet installation refers to the process of

loading applet classes in a CAP file,loading applet classes in a CAP file, combining them with the execution state of JCRcombining them with the execution state of JCR

E and E and creating an applet instance to bring the applet intcreating an applet instance to bring the applet int

o a selectable and execution stateo a selectable and execution state On the Java Card platform, the loading and installaOn the Java Card platform, the loading and installa

ble unit is a CAP file.ble unit is a CAP file. A CAP file consists of classes and a minimal applet A CAP file consists of classes and a minimal applet

is a Java package with a single class derived from tis a Java package with a single class derived from the javacard.framework.Applethe javacard.framework.Applet

Post-issuance Applets Installation To load an appletTo load an applet

The off-card installer takes the CAP file and The off-card installer takes the CAP file and transforms it into a sequence of APDU transforms it into a sequence of APDU commands which contain the CAP file contentcommands which contain the CAP file content

By exchanging the APDU commands with the By exchanging the APDU commands with the off-card installer, the on-card installer off-card installer, the on-card installer

writes the CAP file into card’s persistent writes the CAP file into card’s persistent memory and memory and

links the classes in the CAP file with other links the classes in the CAP file with other classes reside on the cardclasses reside on the card

Post-issuance Applets Installation The on-card installer also creates and initializes and The on-card installer also creates and initializes and

data that are used internally by the JCRE to support tdata that are used internally by the JCRE to support the applethe applet

The on-card installer create an applet instance and reThe on-card installer create an applet instance and registers the instance with the JCRE by using install megisters the instance with the JCRE by using install methodthod Public static void install(byte[] bArray, short offset, Public static void install(byte[] bArray, short offset,

byte length)byte length) bArray: installation parameters for applet initializatibArray: installation parameters for applet initializati

onon

Postissuance Applets Installation(cont.) The install method is an applet entry point The install method is an applet entry point

method, similar to the main method in Java method, similar to the main method in Java applicationsapplications

An applet must implement the install methodAn applet must implement the install method The install method calls applet’s constructor The install method calls applet’s constructor

to create and initialize an applet instanceto create and initialize an applet instance After the applet is initialized and registered After the applet is initialized and registered

with JCRE, it can be selected and runwith JCRE, it can be selected and run The install method can be called more than The install method can be called more than

once to create multiple applet instancesonce to create multiple applet instances

Error Recovery during Applet Installation The installation process is transactionalThe installation process is transactional The installer will discard the CAP file The installer will discard the CAP file

and any applets it had created during and any applets it had created during installation when installation when Programmatic failureProgrammatic failure Running out of memoryRunning out of memory Card tear Card tear Other errorsOther errors

Installation Constraints

Java Card Applet installation has two pointsJava Card Applet installation has two points Applets executing on the card may refer Applets executing on the card may refer

only to classes that already exist on the only to classes that already exist on the cardcard

The order of loading must guarantee that The order of loading must guarantee that each newly loaded package references each newly loaded package references only packages that are already on the cardonly packages that are already on the card

Documents

Java Card Technology Ch03: Overview