No the keys are never used or verified when a STKApllet is access
a file. In this situation only the access condition to the file is
matched
against the bitmap with the access conditions for this applet. If the
applets ACs satisfy the files ACs, then access is granted (independent
e.g. if CHV2 has been verified or not). This is why the installation
process is so security relevant.
For the GSM applet itself this is not true (or may need to be
implemented in
the applet itself). Here if you want to access a file the GSM applet
must check
its internal state machine to see if the AC has been fullfiled during
this
session (e.g. CHV1 has been successfully verified).
Under normal circumstances the GSM applet is allwoys on the card after
delivery,
so you should not worry about how to give it the needed privileges.
In fact a loading for the GSM applet is not specified. Some card vendors
may
have a way to load the GSM Applet (if not implemented nativly anyhow)
but
I don't think you will ever get access to this type of informatin.
ADM keys are administration keys. They are only available to the network
provider.
They allow him to manage the cards. You normally have no access to them.
Regards
Martin
Srijoy Das wrote:
>
> Subject: Re: [Martin] Select GSM files ( Java SIM card)
>
> does this imply that The GSM framework first verifies the Keys associated
> with each APDU like update binary, update record for each corresponding
> file. Then where does it store this information ? Do I need to specify the
> access conditions for the GSM applet as well during installation?
>
> What is the significance of the ADM keys?
>
> regards,
> Srijoy
>
> The reasonable man adapts himself to the world; the unreasonable one
> persists in trying to adapt the world to himself. Therefore all progress
> depends on the unreasonable man.
>
> The reasonable man adapts himself to the world; the unreasonable one
> persists in trying to adapt the world to himself. Therefore all progress
> depends on the unreasonable man.
>
> ---
> > Visit the OpenCard web site at http://www.opencard.org/ for more
> > information on OpenCard---binaries, source code, documents.
> > This list is being archived at http://www.opencard.org/archive/opencard/
>
> ! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
> ! to
> ! [EMAIL PROTECTED]
> ! containing the word
> ! unsubscribe
> ! in the body.
--
**************<- Developer Support Center Munich ->**************
Sun Microsystems GmbH Martin Merck
Sonnenallee 1 DSC
85551 Kirchheim-Heimstetten Phone: +49-89-46008-2115
Germany Fax: +49-89-46008-2570
www.sun.de mailto: [EMAIL PROTECTED]
*****************************************************************
---
> Visit the OpenCard web site at http://www.opencard.org/ for more
> information on OpenCard---binaries, source code, documents.
> This list is being archived at http://www.opencard.org/archive/opencard/
! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
! [EMAIL PROTECTED]
! containing the word
! unsubscribe
! in the body.
