CN103473093B - A kind of method managing on card application - Google Patents

A kind of method managing on card application Download PDF

Info

Publication number
CN103473093B
CN103473093B CN201310399702.7A CN201310399702A CN103473093B CN 103473093 B CN103473093 B CN 103473093B CN 201310399702 A CN201310399702 A CN 201310399702A CN 103473093 B CN103473093 B CN 103473093B
Authority
CN
China
Prior art keywords
data block
order
data
application
judge
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310399702.7A
Other languages
Chinese (zh)
Other versions
CN103473093A (en
Inventor
陆舟
于华章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Feitian Technologies Co Ltd
Original Assignee
Feitian Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Feitian Technologies Co Ltd filed Critical Feitian Technologies Co Ltd
Priority to CN201310399702.7A priority Critical patent/CN103473093B/en
Publication of CN103473093A publication Critical patent/CN103473093A/en
Priority to PCT/CN2014/076030 priority patent/WO2014173298A1/en
Priority to US14/786,213 priority patent/US10324781B2/en
Application granted granted Critical
Publication of CN103473093B publication Critical patent/CN103473093B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of method managing and applying on card, belong to field of intelligent cards.Described method includes that card content managing module checks card mode after receiving the data that running environment is sent, the data received are checked when card mode is not the first preset state or the second preset state, the data that running environment is sent are continued to when the data fit preset format received, obtain complete order, perform the corresponding command and realize the association of application on card.The beneficial effects of the present invention is and provide a kind of method managing on card application, it is possible to achieve the loading of application on card, install, update, individualized and delete.

Description

A kind of method managing on card application
Technical field
The invention belongs to field of intelligent cards, manage the method for application on card particularly to a kind of.
Background technology
Along with the development of society, smart card due to its be easy to carry with, memory capacity is big, information note Record the advantage such as reliable and secure to receive and pay close attention to the most widely, and in order to adapt to application of IC cards The continuous extension in field, needs application more to smart card extension.
Inventor finds during realizing the present invention: for the application of extension on smart card increasingly Many problems, are badly in need of a kind of method managing and applying on card.
Summary of the invention
The invention aims to overcome the defect of prior art, propose to apply on one management card Method.
The inventive method is achieved through the following technical solutions:
A kind of method managing on card application, its basic implementation process is as follows:
Execution following steps after card content managing module receives the data that running environment is sent:
Step A: check card mode, if the first preset state or the second preset state then generate and return Return card mode not status of support code to running environment, end, otherwise execution step B;
Step B: check whether the data received meet preset format, if meeting the first preset format, Performing step C, if meeting the second preset format, performing step D, if meeting the 3rd preset format Then performing step E, if meeting the 4th preset format, performing step F, if meeting the 5th to preset lattice Formula then performs step G, if meeting the 6th preset format, performs step H, presets if meeting the 7th Form then performs step I, if not meeting preset format, generate and return data error states code to Running environment, terminates;
Step C: continue to the data that running environment sends and obtain the first complete order, resolve described First order, obtains load document mark and associates security domain mark with load document, create and load File structure, and load document parsing obtained identifies and load document associated domain mark is filled In the load document structure created, if operating successfully, generate and return operation success status Code and return result to running environment, terminate, if operating unsuccessful, former according to operation failure Because generating and return corresponding state code to running environment, end;
Step D: continue to the data that running environment sends and obtain the second complete order, resolve described Second order, obtains load document data block, according to described load document data block securing component Data also store, and are filled in load document structure storage address, if operated successfully Then generate and return operation success status code and return result to running environment, terminating, if behaviour Make unsuccessful, generate and return corresponding state code to running environment, knot according to operation failure reason Bundle;
Step E: continue to the data that running environment sends and obtain the 3rd complete order, resolves described 3rd order, obtain performing load document mark, executable module mark, application identities and Application permission, the performed load document identifier lookup load document structure obtained according to parsing, Storing in the memory space that address is corresponding in the load document structure found is searched and is resolved The executable module obtained identifies corresponding executable module, creates the performed mould found The application of block, with resolving the application that the application identities mark obtained creates, and gives answering of establishment In order to resolve the authority specified by the application permission obtained, and the association peace of the application of establishment is set Universe is the performed load document corresponding with resolving the performed load document mark obtained Association security domain, if operating successfully, generating and returning operation success status code and returning result To running environment, terminate, if operating unsuccessful, generating according to operation failure reason and returning Corresponding state code, to running environment, terminates;
Step F: continue to the data that running environment sends and obtain the 4th complete order, resolves described 4th order, be applied mark and application permission, search in card and resolve obtain should With the corresponding application of mark, the state updating the application found is optional state, and The authority updating the application found is to resolve the authority specified by application permission obtained, if Operate and the most then generate and return operation success status code and return result to running environment, terminate If operating unsuccessful, generate and return corresponding state code to running according to operation failure reason Environment, terminates;
Step G: continue to the data that running environment sends and obtain the 5th complete order, resolves described 5th order, obtains security domain mark and application identities, searches and resolves obtain in card Application that application identities is corresponding and the application corresponding with resolving the security domain mark obtained, will The association security domain of the application found is updated to corresponding with resolving the security domain mark obtained Application, if operating successfully, generating and returning Return operation success status code and return result to running environment, terminating, if operating unsuccessful, Generate and return corresponding state code to running environment, end according to operation failure reason;
Step H: continue to the data that running environment sends and obtain the 6th complete order, resolves described 6th order, be applied mark, searches relative with resolving the application identities obtained in card The application answered, arranging the application found is individualized application, if operating successfully, generates also Returning operation success status code and return result to running environment, terminating, if operating unsuccessful Then generate and return corresponding state code to running environment, end according to operation failure reason;
Step I: continue to the data that running environment sends and obtain the 7th complete order, resolves described 7th order, obtains data field mark, searches and resolve the data field mark obtained in card Corresponding application and can perform load document, deletes the application found and can perform to add published article Part, if operating successfully, generating and returning operation success status code and returning result to run ring Border, terminates, if operating unsuccessful, generating according to operation failure reason and returning corresponding state Code gives running environment, terminates.
Wherein, described according to described first order prepare load application specifically include:
Step C1: judge that first data block of described first order is the most legal, if legal, check Whether there is the executable file corresponding with described first data block in card, be to operate bar Part is unsatisfactory for, operation failure, otherwise performs step C2;If not conforming to rule error in data, operation Failure;
Step C2: judge whether second data block of described first order meets preset requirement, if full Foot the first preset requirement then arranges the association peace of the load document corresponding with described first data block Universe is described card content managing module, performs step C4;If meeting the second preset requirement, Perform step C3;If being unsatisfactory for preset requirement, error in data, operation failure;
Step C3: whether have the application corresponding with described second data block, if not having in checking card Having, operating condition is unsatisfactory for, operation failure;If having, check and described second data block phase Whether corresponding application has security domain authority, if having security domain authority, arranges and described the The association security domain of the load document that one data block is corresponding is relative with described second data block The application answered, performs step C4;If not having security domain authority, operating condition is unsatisfactory for, behaviour Make unsuccessfully;
Step C4: judge that the 3rd data block of described first order is the most legal, be that then storage is described Corresponding data in 3rd data block, performs step C5;Otherwise error in data, operation failure ;
Step C5: process the fourth data block of described first order, perform step C6;
Step C6: judge that the 5th data block of described first order is the most legal, be to create loading File structure, and according to described first data block and described second data block to load document Structure is filled with, and initializes the overall block number in card, operates successfully;Otherwise data are wrong By mistake, operation failure.
Described according to described second order load application specifically include:
Step D1: judge whether the 4th byte of described second order is compiled equal to the overall block in card Number, it is then to perform step D2, otherwise error in data, operation failure;
Step D2: check in described second order of institute whether comprise data verification mode block information, if bag Containing then verifying the described fast information of data verification pattern, if being verified, perform step D3, if testing Card is not by then error in data, operation failure;If not comprising, perform step D3;
Step D3: according to described second order in load document data block securing component data and carry out Storage, is filled into storage address in load document structure, updates the overall block number in card Add 1 for its currency, it is judged that whether described load document data block is last of load document Load document data block, is then to perform step D4, otherwise operates successfully;
Step D4: judge whether the load document data block cryptographic Hash in card has value is if there being value, right The entirety being made up of whole load document data blocks of storage in card carries out Hash calculation, and sentences Disconnected result of calculation, whether equal to described load document data block cryptographic Hash, if being equal to, performs step D5, if being not equal to, error in data, operation failure;If void value, perform step D5;
Step D5: store and submit to and can perform load document structure, operates successfully.
Described application according to described 3rd Installing of Command specifically includes:
Step E1: judge that first data block of described 3rd order is the most legal, if legal, check Whether there is the load document structure corresponding with described first data block in card, be to perform Step E2, otherwise operating condition is unsatisfactory for, operation failure;If not conforming to rule error in data, behaviour Make unsuccessfully;
Step E2: judge that second data block of described 3rd order is the most legal, if legal, check Whether storing in the memory space that address is corresponding in described load document structure has and described second The executable module that individual data block is corresponding, is then to perform step E3, and otherwise operating condition is discontented with Foot, operation failure;If not conforming to rule error in data, operation failure;
Step E3: judge that the 3rd data block of described 3rd order is the most legal, if legal, check Whether have in card and described 3rd application that data block is corresponding, be then to perform step E4, Otherwise operating condition is unsatisfactory for, operation failure;If not conforming to rule error in data, operation failure;
Step E4: judge that the fourth data block of described 3rd order is the most legal, if legal, judge Whether there is with described 3rd application that data block is corresponding acquiescence and select authority, be to perform Step E5, otherwise performs step E6;If not conforming to rule error in data, operation failure;
Step E5: judge whether the 3rd byte of described 3rd order is equal to preset value, if presetting It is worth then error in data, operation failure;If not preset value then judges described card Content Management mould Whether block has acquiescence selects authority, is then to perform step E7, and otherwise operating condition is unsatisfactory for, Operation failure;
Step E6: judge whether the 3rd data block of described 3rd order meets pre-conditioned, if full Foot first is pre-conditioned or second pre-conditioned, processes the 5th data block of described 3rd order , perform step E7, if being unsatisfactory for pre-conditioned, operating condition is unsatisfactory for, operation failure;
Step E7: judge that the 6th data block of described 3rd order is the most legal, be then according to described 3rd Ordered Registration application, performs step E8, otherwise error in data, operation failure;
Step E8: judge that the 3rd byte of described 3rd order, whether equal to described preset value, is then The state with the 3rd application that data block is corresponding of described 3rd order that arranges is installation, behaviour Make successfully;Otherwise arrange and the shape of the described 3rd the 3rd application that data block is corresponding ordered State is optional, performs step E9;
Step E9: judge whether have with the 3rd application that data block is corresponding of described 3rd order Acquiescence selects authority, is then to arrange corresponding the answering of the 3rd data block with described 3rd order With for default application, operate successfully, otherwise operate successfully.
Described application state be set specifically include according to the 4th order:
Step F1: judge that first data block of described 4th order and second data block are the most all closed Method, is then to perform step F2, otherwise error in data, operation failure;
Step F2: judge that the 3rd data block of described 4th order is the most legal, if not conforming to rule number According to mistake, operation failure;If legal, whether have and described 3rd data block in checking card Corresponding application, if not, operating condition is unsatisfactory for, operation failure;If having, judge with Whether the state of described 3rd application that data block is corresponding is installation, then grasps if not installing It is unsatisfactory for as condition, operation failure;If peace Dress then performs step F3;
Step F3: judge that the fourth data block of described 4th order is the most legal, be to perform step F4, otherwise error in data, operation failure;
Step F4: judge that the 5th data block of described 4th order is the most legal, be to perform step F5, otherwise error in data, operation failure;
Step F5: judge that the 6th data block of described 4th order is the most legal, be then to arrange and institute The state stating the 3rd application that data block is corresponding is optional, performs step F6, otherwise counts According to faulty operation failure;
Step F6: judge, with described 3rd application that data block is corresponding, whether there is acquiescence right to choose Limit, if not, operates successfully;If having, judge whether described card content managing module has Acquiescence selects authority, is that then setting should for acquiescence with described 3rd application that data block is corresponding With, operate successfully, otherwise operating condition is unsatisfactory for, operation failure.
Described the association security domain of more new opplication is ordered to specifically include according to the described 5th:
Step G1: judge that first data block of described 5th order is the most legal, if not conforming to rule number According to mistake, operation failure;If legal, whether have and described first data block in checking card Corresponding application, if not, operating condition is unsatisfactory for, operation failure;If having, judge with Whether the corresponding application of described first data block is described card content managing module, if Then operating condition is unsatisfactory for, operation failure;If not then performing step G2;
Step G2: judge that second data block of described 5th order is the most legal, if not conforming to rule number According to mistake, operation failure;If legal, judge the application corresponding with described first data block State whether be installation, if not installing, operating condition is unsatisfactory for, operation failure;If Install and then perform step G3;
Step G3: judge that the 3rd data block of described 5th order is the most legal, if not conforming to rule number According to mistake, operation failure;If legal, whether have and described 3rd data block in checking card Corresponding application, if not, operating condition is unsatisfactory for, operation failure;If having, perform step Rapid G4;
Step G4: judge whether the application corresponding with described first data block has security domain authority If not, operating condition is unsatisfactory for, operation failure;If having, judge and described first number Whether the state according to the corresponding application of block is locking, if locking, operating condition is unsatisfactory for, Operation failure;If not locking Then whether the state of the application that judgement is corresponding with described first data block is individualized, if Individualized then perform step G5, if not individualized then operating condition is unsatisfactory for, operation failure;
Step G5: judge that the fourth data block of described 5th order and the 5th data block are the most all closed Method, is then to perform step G6, otherwise error in data, operation failure;
Step G6: judge that the 6th data block of described 5th order is the most legal, if not conforming to rule number According to mistake, operation failure;If legal, judge and described 3rd application that data block is corresponding Whether having security domain authority, if having, operating condition is unsatisfactory for, operation failure;If not having Have then to arrange and with the association security domain of described 3rd application that data block is corresponding be and described the The application that one data block is corresponding, operates successfully.
Described specifically include according to the described 6th individualized application of order:
Step H1: judge that first data block of described 6th order and second data block are the most all closed Method, is then to perform step H2, otherwise error in data, operation failure;
Step H2: judge that the 3rd data block of described 6th order is the most legal, if not conforming to rule number According to mistake, operation failure;If legal, whether have and described 3rd data block in checking card Corresponding application, if not, operating condition is unsatisfactory for, operation failure;If having, judge with Whether the association security domain of described 3rd application that data block is corresponding is described card content pipe Reason module, is then to perform step H3, and otherwise operating condition is unsatisfactory for, operation failure;
Step H3: judge fourth data block, the 5th data block and the 6th of described 6th order Data block is the most legal, is that then setting is individual with described 3rd application that data block is corresponding Peopleization application, otherwise operating condition is unsatisfactory for, operation failure.
Described delete application according to described 7th order and load document can be performed specifically include:
Step I1: judge that first data block of described 7th order is the most legal, be to perform step I2, otherwise error in data, operation failure;
Step I2: judge that second data block of described 7th order is the most legal, if not conforming to rule number According to mistake, operation failure;If legal, whether have and described second data block in checking card Corresponding application, is then to perform step I3, otherwise performs step I4;
Step I3: judge that the 4th byte of described 7th order, whether equal to preset value, is to perform Step I4, otherwise performs step I5;
Step I4: whether have and described second performed loading that data block is corresponding in checking card File, if not, operating condition is unsatisfactory for, operation failure;If having, judge described 7th life Whether the 4th byte of order, equal to preset value, if being equal to, deletes and described second data block Corresponding application and can perform load document, operating successfully, if being not equal to, deleting with described Second performed load document that data block is corresponding, operates successfully;
Step I5: check whether the application corresponding with described second data block is that other are applied or it He can perform the association security domain of load document, is that operating condition is unsatisfactory for, operation failure; Otherwise perform step I6;
Step I6: judge whether the application corresponding with described second data block is described card content Management module, is that operating condition is unsatisfactory for, and operation failure is otherwise deleted and described second The application that data block is corresponding, operates successfully.
Having the beneficial effects that of the inventive method: provide a kind of method managing and applying on card, can To realize the loading of application on card, to install, update, individualize and delete.
Accompanying drawing explanation
For the clearer explanation embodiment of the present invention or technical scheme of the prior art, below by right In embodiment or description of the prior art, the required accompanying drawing used is briefly described, it is clear that Ground, the accompanying drawing in describing below is only some embodiments of the present invention, common for this area From the point of view of technical staff, on the premise of not paying creative work, it is also possible to according to these accompanying drawings Obtain other accompanying drawing.
A kind of method flow diagram managing on card application that Fig. 1 provides for the embodiment of the present invention one;
A kind of concrete grammar flow chart preparing to load application that Fig. 2 provides for the embodiment of the present invention two;
A kind of concrete grammar flow chart loading application that Fig. 3 provides for the embodiment of the present invention three;
A kind of concrete grammar flow chart installing application that Fig. 4 provides for the embodiment of the present invention four;
A kind of concrete grammar flow chart that application state is set that Fig. 5 provides for the embodiment of the present invention five;
The concrete grammar stream of the association security domain of a kind of more new opplication that Fig. 6 provides for the embodiment of the present invention six Cheng Tu;
The concrete grammar flow chart of a kind of individualized application that Fig. 7 provides for the embodiment of the present invention seven;
Fig. 8 applies for a kind of deletion thed provide in the embodiment of the present invention eight and can perform the concrete of load document Method flow diagram.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is entered Row clearly and completely describes, it is clear that described embodiment is only that a part of the present invention is real Execute example rather than whole embodiments.Based on the embodiment in the present invention, people in the art The every other embodiment that member is obtained under not making creative work premise, broadly falls into this The scope of invention protection.
Embodiment one
The embodiment of the present invention one provides a kind of and manages the method for application on card, sees Fig. 1, described method Specifically include when card content managing module receives RE(Runtime Environment, fortune Row environment) perform following step, in the present invention, described card content pipe after the data sent Reason module is a kind of special application in card:
Step 101: check card mode, if the first preset state or the second preset state then generate also Return card mode not status of support code to RE, end;Otherwise perform step 102;
Specifically, in the present embodiment, the first preset state is that TERMINATED(terminates), second Preset state is CARD_LOCKED(locking).
Step 102: check whether the data received meet preset format, if meeting the first preset format Then perform step 103;If meeting the second preset format, perform step 104;If it is pre-to meet the 3rd If form then performs step 105;If meeting the 4th preset format, perform step 106;If meeting 5th preset format then performs step 107;If meeting the 6th preset format, perform step 108; If meeting the 7th preset format, perform step 109;If not meeting preset format, generating and returning Data error states code, to RE, terminates;
Specifically, in the present embodiment, step 102 specifically includes:
Step B1: whether the length of the data that inspection receives is five bytes, is then to perform step B2 , no The data then received do not meet preset format, generate and return data error states code to running Environment, terminates;
Step B2: whether be 0x80 or 0x84, be to hold if checking that the first character of the data received saves Row step B3, the data otherwise received do not meet preset format, generate and return error in data Conditional code, to running environment, terminates;
Step B3: check second byte of the data received, if 0xE6 then performs step B4, If 0xE8 then performs step B5, if 0xE4 then performs step B6, the data otherwise received Do not meet preset format, generate and return data error states code to running environment, end;
Step B4: check the 3rd to the 5th byte of the data received, if the 3rd byte and the 4th The data fit that byte respectively 0x02 and 0x00 and the 5th byte then receive not less than 0x0A the One preset format, performs step 103;If the 3rd byte is 0x04 or 0x0C, nybble is Data fit the 3rd preset format that 0x00 and the 5th byte then receive not less than 0x18, performs Step 105;If the 3rd byte and nybble are respectively 0x08 and 0x00 and the 5th byte is not less than Data fit the 4th preset format that 0x0C then receives, performs step 106;If the 3rd byte and The data symbols that nybble respectively 0x10 and 0x00 and the 5th byte then receive not less than 0x10 Close the 5th preset format, perform step 107;If the 3rd byte and nybble be respectively 0x20 and Data fit the 6th preset format that 0x00 and the 5th byte then receive not less than 0x0B, performs Step 108;The data otherwise received do not meet preset format, generate and return error in data shape State code, to running environment, terminates;
Step B5: whether the 3rd byte of the data that inspection receives is 0x00 or 0x80, is to connect Data fit the second preset format received, performs step 104, and the data otherwise received are not inconsistent Close preset format, generate and return data error states code to running environment, end;
Step B6: whether the 3rd byte of the data that inspection receives is 0x00, then receive Data fit the 7th preset format, performs step 109, and the data otherwise received do not meet default Form, generates also Return data error states code to running environment, end.
Step 103: continue to the data that RE sends and obtain complete APDU data, according to described APD U data prepare to load application;
Specifically, in the present embodiment, APDU data described in step 103 is for_Load order;
Prepare to load application according to described APDU data to specifically include: resolve for_Load order, obtain Load document mark associates security domain mark with load document, creates load document structure, and will Resolve the load document mark obtained and load document associated domain mark is filled into establishment adds published article In part structure, if aforesaid operations success, generate and return operation success status code and return knot Fruit gives running environment, terminates, if aforesaid operations is unsuccessful, generates according to operation failure reason And return corresponding state code to running environment, end.
Step 104: continue to the data that RE sends and obtain complete APDU data, according to described APD U data load application;
Specifically, in the present embodiment, APDU data described in step 104 is Load order;
Load application according to described APDU data to specifically include: resolve Load order, obtain load document Data block, according to described load document data block securing component data and store, will storage Address is filled in load document structure, if aforesaid operations successfully, generates and returns operates into Merit conditional code and return result to running environment, terminates, if aforesaid operations is unsuccessful, and basis Operation failure reason generates and returns corresponding state code to running environment, end.
Step 105: continue to the data that RE sends and obtain complete APDU data, according to described APD U data install application;
Specifically, in the present embodiment, APDU data described in step 105 is for_Install order ;
According to described APDU data, application is installed to specifically include: resolving for_Install order, obtaining can Perform load document mark, executable module mark, application identities and application permission, according to solution The performed load document identifier lookup load document structure that analysis obtains, adds published article find Storage address in part structure Corresponding memory space is searched and resolves executable module corresponding the performing of mark obtained Module, creates the application of the executable module found, with resolving the application identities mark obtained The application created, and give the application of establishment to resolve the authority specified by the application permission obtained , and the performed load document mark that association security domain is and parsing obtains of the application of establishment is set The association security domain of the performed load document of sensible correspondence, if aforesaid operations success, generates And return operation success status code and return result to running environment, terminate, if aforesaid operations Unsuccessful, generate and return corresponding state code to running environment, end according to operation failure reason 。
Step 106: continue to the data that RE sends and obtain complete APDU data, according to described APD U data arrange application state;
Specifically, in the present embodiment, APDU data described in step 106 is for_Makeselectabl E order;
Arrange application state according to described APDU data to specifically include: resolve for_Makeselectable Order, be applied mark and application permission, searches and resolve the application mark obtained in card The application of sensible correspondence, the state updating the application found is optional state, and updates The authority of the application found is to resolve the authority specified by application permission obtained, if above-mentioned Operate and the most then generate and return operation success status code and return result to running environment, terminate If aforesaid operations is unsuccessful, according to operation failure reason generate and return corresponding state code to Running environment, terminates.
Step 107: continue to the data that RE sends and obtain complete APDU data, according to described APD The association security domain of U data more new opplication;
Wherein, the association security domain of application provides the services such as key for application;
Specifically, in the present embodiment, APDU data described in step 107 is for_Extradition life Order;
Association security domain according to described APDU data more new opplication specifically includes: resolve for_Extrad Ition order, obtains security domain mark and application identities, searches and resolves obtain in card Application identities is relative The application answered and the application corresponding with resolving the security domain mark obtained, by find with solution The association security domain analysing the corresponding application of the application identities obtained is updated to and resolves the peace obtained The application that universe mark is corresponding, if aforesaid operations successfully, generates and returns operates into an account of somebody's meritorious service State code and return result to running environment, terminates, if aforesaid operations is unsuccessful, according to operation Failure cause generates and returns corresponding state code to running environment, end.
Step 108: continue to the data that RE sends and obtain complete APDU data, according to described APD U personalization data is applied;
Specifically, in the present embodiment, APDU data described in step 108 is for_Personalized life Order;
Specifically include according to the application of described APDU personalization data: resolve for_Personalized order , be applied mark, searches the application corresponding with resolving the application identities obtained in card , arranging the application found is individualized application, if aforesaid operations success, generates and returns Operate success status code and return result to running environment, terminating, if aforesaid operations is unsuccessful Then generate and return corresponding state code to running environment, end according to operation failure reason.
Step 109: continue to the data that RE sends and obtain complete APDU data, according to described APD U data are deleted application and can perform load document.
Specifically, in the present embodiment, APDU data described in step 109 is Delete order;
Delete to apply and load document can be performed according to described APDU data and specifically include: resolve Delete Order, obtains data field mark, searches relative with resolving the data field mark obtained in card The application answered and can perform load document, deletes the application found and can perform load document, If aforesaid operations success, generate and return operation success status code and return result to run ring Border, terminates, if aforesaid operations is unsuccessful, generates and return according to operation failure reason accordingly Conditional code, to running environment, terminates.
Specifically, in the present embodiment, return result is 0x00, and operation failure reason includes, operation Condition Be unsatisfactory for and error in data, when operation failure reason be operating condition be unsatisfactory for time, generate and return Receipt part is unsatisfactory for conditional code to RE, generates when operation failure reason is error in data and returns Data error states code is to RE.
Embodiment two
The embodiment of the present invention two provides in the method applied on the management card provided in a kind of embodiment one Preparing to load the concrete grammar of application, the APDU data in the present embodiment are to obtain in step 103 Complete APDU data, its data field part is considered as being made up of multiple data blocks, every number It is all a LV structure, the i.e. structure of data length+data according to block;See Fig. 2, described method Specifically include:
Step 201: judge that first data block of described APDU data is the most legal, be to perform step 202, otherwise error in data, operation failure;
In the present embodiment, first data block is particularly as follows: load document identification length+load document mark Know;
Judge that first data block of described APDU data is the most legal to specifically include: judge described APDU Whether the load document identification length in first data block of data, in preset range, is then Check each byte that the load document in first data block of described APDU data identifies, if Being 0x00 then first data block illegal, if being not all 0x00, first data block is legal , otherwise first data block is illegal;
Described preset range is 0x05-0x10.
Step 202: whether have the executable file corresponding with load document mark in checking card, be then Operating condition is unsatisfactory for, operation failure, otherwise performs step 203;
Step 203: check whether second data block of described APDU data meets preset requirement, if full Foot the first preset requirement then performs step 204, if meeting the second preset requirement, performs step 205 If being unsatisfactory for preset requirement, error in data, operation failure;
In the present embodiment, second data block is particularly as follows: load document association security domain identification length+add Published article Part association security domain mark;
Check whether second data block of described APDU data meets preset requirement and specifically include: judge Whether the load document association security domain identification length in second data block of described APDU data For 0x00, it is that second data block of described APDU data meets the first preset requirement, otherwise Check that the load document association security domain in second data block of described APDU data identifies every Individual byte, if being 0x00, second data block of described APDU data is unsatisfactory for preset requirement If being not all 0x00, second data block of described APDU data meets the second preset requirement;
Step 204: the association security domain arranging load document is card content managing module, performs step 208;
Wherein, described load document is and the load document in first data block of described APDU data The load document that mark is corresponding.
Step 205: whether have the application corresponding with load document association security domain mark in checking card, Being then to perform step 206, otherwise operating condition is unsatisfactory for, operation failure;
Step 206: check whether the application corresponding with load document association security domain mark has security domain Authority, is then to perform step 207, and otherwise operating condition is unsatisfactory for, operation failure;
Specifically, judge whether it has security domain authority by the Authorization Attributes of application, the power of application Limit attribute is a byte data, is followed successively by b8 b7 b6 b5 b4 from a high position to status B3 b2 b1, checks whether the application corresponding with load document association security domain mark has peace Universe authority is specially and checks that the authority of the application corresponding with load document association security domain mark belongs to Property b8, if 1 has security domain with load document association security domain application corresponding to mark and weighs Limit, if not 1 application corresponding with load document association security domain mark does not have security domain power Limit.
Step 207: the association security domain arranging load document is right for associating security domain mark with load document The application answered;
Step 208: judge that the 3rd data block of described APDU data is the most legal, be to perform step 209, Otherwise error in data, operation failure;
In the present embodiment, the 3rd data block is particularly as follows: load document data block cryptographic Hash length+loading File data blocks cryptographic Hash;
Judge the 3rd of described APDU data data block be the most legal to specifically include: judge described APDU Whether the load document data block cryptographic Hash length in the 3rd data block of data is 0x00, is 3rd data block of the most described APDU data is illegal, the 3rd of the most described APDU data Data block is legal.
Step 209: storage load document data block cryptographic Hash;
Step 210: process the fourth data block of described APDU data;
In the present embodiment, fourth data block is particularly as follows: loading parameters length of field+loading parameters territory, institute Stating loading parameters territory is 1 TLV structured data block (Tn, Ln, Vn), and described Vn is tied by 3 TLV Structure data block (Tn ', Ln ', Vn ') forms, and in the present embodiment, step 210 specifically includes :
Step 210-1: judge whether loading parameters length of field is 0x00, is then to perform step 211, no Then perform step 210-2;
Step 210-2: judge whether Tn is 0xEF, is then to perform step 210-3, otherwise error in data , operation failure;
Step 210-3: obtain 1 TLV structured data block of Vn, it is judged that the Tn of this TLV structured data block ' is the most legal, is then to perform step 210-4, otherwise error in data, operation failure;
Step 210-4: judge whether the Ln ' of this TLV structured data block is 0x02, is to perform step 210-5, otherwise error in data, operation failure;
Step 210-5: check the Tn ' of this TLV structured data block, if 0xC6 is then according to this TLV structure The Vn ' of data block obtains and stores non volatile code space quotas, performs step 210-6, if Then obtain and store volatile data space quotas according to the Vn ' of this TLV structured data block for 0xC7 , perform step 210-6, if 0xC8 then obtains according to the Vn ' of this TLV structured data block and deposits Storage Nonvolatile data is empty Between limit, perform step 210-6;
Step 210-6: judge whether the most untreated TLV structured data block, is then to return to perform step Rapid 210-3, otherwise performs step 210-7;
Step 210-7: judge whether the interior nonvolatile storage space of card and volatile memory can expire The above-mentioned limit of foot, is then to perform step 211, and otherwise operating condition is unsatisfactory for, operation failure.
Step 211: judge that the 5th data block of described APDU data is the most legal, be to perform step 212, otherwise error in data, operation failure;
In the present embodiment, the 5th data block is particularly as follows: load token length+loading token;
Judge the 5th of described APDU data data block be the most legal to specifically include: judge described APDU Whether the loading token length in the 5th data block of data is 0x00, is the most described APDU number According to the 5th data block legal, the data block of the most described APDU data is illegal.
Step 212: create load document structure, associates security domain by load document mark with load document Mark is filled in the load document structure of establishment, initializes the overall block number in card, behaviour Make successfully.
Embodiment three
The embodiment of the present invention three provides in the method applied on the management card provided in a kind of embodiment one Loading the concrete grammar of application, see Fig. 3, described method specifically includes:
Step 301: judge whether the 4th byte of described APDU data is compiled equal to the overall block in card Number, it is then to perform step 302, otherwise error in data, operation failure;
Step 302: check in described APDU data whether comprise DAP(Data Authentication Pattern, data verification pattern) block message, it is then to perform step 303, otherwise performs step Rapid 304;
Step 303: verify described DAP block message, if being verified, performs step 304, otherwise data Mistake, operation failure;
Step 304: according to the load document data block securing component data in described APDU data and carry out Storage, is filled into storage address in load document structure;
Specifically, load document is divided into several load document data blocks in card off-chip, will every time One load document data block is packaged into APDU data and is sent to card, and card is received by RE To APDU data send to card content managing module, card content managing module with assembly is Load document data block in every APDU data is processed by unit, and described assembly includes: Header assembly, Directory assembly, Applet assembly, Import assembly etc..
Step 305: update the overall block number in card;
In the present embodiment, update the overall block number in card and be specially the overall block volume updated in card Number add 1 for its currency.
Step 306: judge that whether described load document data block is that last of load document adds published article Part data block, is then to perform step 307, otherwise operates successfully;
In the present embodiment, it is judged that whether described load document data block is that last of load document adds Load file data blocks specifically includes: whether the value judging the 3rd byte of described APDU data is 0x80, is that described load document data block is last load document data of load document Block, the most described load document data block is not last load document data of load document Block, load document also has other data blocks.
Step 307: judge whether the load document data block cryptographic Hash in card has value, is to perform step Rapid 308, otherwise perform step 310;
Step 308: it is carried out by the whole load document data blocks stored in card as an entirety Hash calculation;
Step 309: judge that whether result of calculation is equal to the load document data block cryptographic Hash of storage in card , it is then to perform step 310, otherwise error in data, operation failure;
Step 310: store and submit to and can perform load document structure, operates successfully.
In the present embodiment, described submission is specially and data writes from caching persistent storage.
Embodiment four
The embodiment of the present invention four provides in the method applied on the management card provided in a kind of embodiment one Installing the concrete grammar of application, the data field part of the APDU data in the present embodiment is considered as Being made up of multiple data blocks, each data block is a LV structure, i.e. data length+data Structure;Seeing Fig. 4, described method specifically includes:
Step 401: judge that first data block of described APDU data is the most legal, be to perform step 402, otherwise error in data, operation failure;
In the present embodiment, first data block is particularly as follows: load document identification length+can perform can be performed Load document identifies;
Judge that first data block of described APDU data is the most legal to specifically include: judge described APDU Whether the performed load document identification length in first data block of data is in preset range , it is that first data block of the most described APDU data is legal, the first of the most described APDU data Individual data block is illegal;
Described preset range is: 0x05-0x10.
Step 402: whether have the load document knot corresponding with load document mark can be performed in checking card Structure, is then to perform step 403, and otherwise operating condition is unsatisfactory for, operation failure;
Step 403: judge that second data block of described APDU data is the most legal, be to perform step Rapid 404, otherwise error in data, operation failure;
In the present embodiment, second data block is particularly as follows: executable module identification length+executable module Mark;
Judge that second data block of described APDU data is the most legal to specifically include: judge described APDU Whether the executable module identification length in second data block of data, in preset range, is Second data block of the most described APDU data is legal, the second number of the most described APDU data Illegal according to block;
Described preset range is 0x05-0x10.
Step 404: check whether the memory space that the storage address in load document structure is corresponding has with The executable module that executable module mark is corresponding, is then to perform step 405, otherwise operating condition It is unsatisfactory for, operation failure;
Step 405: judge that the 3rd data block of described APDU data is the most legal, be to perform step 406, otherwise error in data, operation failure;
In the present embodiment, the 3rd data block is particularly as follows: application identities length+application identities;
Judge the 3rd of described APDU data data block be the most legal to specifically include: judge described APDU Whether the application identities length in the 3rd data block of data, in preset range, is to check Each byte of the application identities in the 3rd data block of described APDU data, if being 0x00 3rd data block of the most described APDU data is illegal, if being not all 0x00, and described APDU number According to the 3rd data block legal, the 3rd data block of the most described APDU data is illegal;
Described preset range is 0x05-0x10.
Step 406: whether have the application corresponding with application identities in checking card, is then to perform step 4 07, otherwise operating condition is unsatisfactory for, operation failure;
Step 407: judge that the fourth data block of described APDU data is the most legal, be to perform step 408, otherwise error in data, operation failure;
In the present embodiment, fourth data block is particularly as follows: application permission length+application permission;
Judge that the fourth data block of described APDU data is the most legal to include: judge described APDU data Fourth data block in application permission length whether be 0x01, be the most described APDU data Fourth data block is legal, and the fourth data block of the most described APDU data is illegal.
Step 408: judge whether this application installed has acquiescence and select authority, is to perform step 409, otherwise perform step 411;
In the present embodiment, this application installed is specially and the application identities phase in the 3rd data block Corresponding application;Judge whether this application installed has acquiescence and select authority to specifically include: Judge whether the application permission in the fourth data block of described APDU data is 0x04, be then originally The application of secondary installation has acquiescence and selects authority, and otherwise this application installed does not has acquiescence choosing Select authority.
Step 409: whether the 3rd byte judging described APDU data is preset value, is then error in data , operation failure;Otherwise perform step 410;
In the present embodiment, preset value is 0x04.
Step 410: judge whether card content managing module has acquiescence and select authority, is to perform step Rapid 413;Otherwise operating condition is unsatisfactory for, operation failure;
In the present embodiment, judge whether it has acquiescence by the Authorization Attributes of card content managing module Select authority, the Authorization Attributes of card content managing module is a byte data, from a high position to Status is followed successively by b8 b7 b6 b5 b4 b3 b2 b1;
Judge whether card content managing module has acquiescence and select authority to specifically include: in judging card Whether the b3 of the Authorization Attributes holding management module is 1, is that card content managing module has acquiescence Selecting authority, otherwise card content managing module does not have acquiescence selection authority.
Step 411: judge whether application permission meets pre-conditioned, if it is pre-conditioned or the to meet first Two pre-conditioned then execution steps 412, if being unsatisfactory for pre-conditioned, operating condition is unsatisfactory for, behaviour Make unsuccessfully;
In the present embodiment, it is judged that whether application permission meets pre-conditioned specifically including: check application power Limit, if the 1st bit, the 6th bit and the 7th bit that application permission is from low order end are It is pre-conditioned that 0, the 8th bit is that 1 application permission meets first;If application permission is from low order end The 1st bit, the 6th bit and the 7th bit that rise are not all that 0 application permission meets second Pre-conditioned, otherwise application permission is unsatisfactory for pre-conditioned;
Step 412: process the installation parameter territory in the 5th data block of described APDU data, perform step Suddenly 413;
In the present embodiment, the 5th data block is particularly as follows: installation parameter length of field+installation parameter territory, institute State the installation parameter territory data by the form of one or more TLV structured data block (Tn, Ln, Vn) Composition, described Vn is made up of 0 or several TLV structured data blocks (Tn ', Ln ', Vn ') , in the present embodiment, step 412 specifically includes:
Step 412-1: judge whether installation parameter length of field is 0x00, is then to perform step 413, no Then perform step 412-2;
Step 412-2: obtain 1 TLV structured data block in installation parameter territory, check this TLV structure number According to the Tn of block, if 0xC9 then performs step 412-3, if 0xEF then performs step 412-4, Otherwise error in data, operation failure;
Step 412-3: store the Vn of this TLV structured data block, performs step 412-9;
Step 412-4: obtain a TLV structured data block of the Vn of this TLV structured data block, it is judged that T N ' is the most legal, is then to perform step 412-5, otherwise error in data, operation failure;
Step 412-5: judge whether Ln ' is 0x02, is then to perform step 412-6, and otherwise data are wrong By mistake, operation failure;
Step 412-6: check Tn ', if 0xC7 then obtains and stores volatile data sky according to Vn ' Between limit, perform step 412-7, if 0xC8 then obtains and stores non-volatile number according to Vn ' According to space quotas, perform step 412-7;
Step 412-7: judge whether also have untreated TLV structured data block in this TLV structured data block , it is then to return to perform step 412-4, otherwise performs step 412-8;
Step 412-8: judge whether the interior nonvolatile storage space of card and volatile memory can expire The above-mentioned limit of foot, is then to perform step 412-9, and otherwise operating condition is unsatisfactory for, operation failure;
Step 412-9: judge whether also have untreated TLV structured data block in installation parameter territory, be Then return Receipt row step 412-2, otherwise performs step 413.
Step 413: judge that the 6th data block of described APDU data is the most legal, be to perform step 414;Otherwise error in data, operation failure;
In the present embodiment, the 6th data block specially installs token length+installation token;
Judge the 6th of described APDU data data block be the most legal to specifically include: judge described APDU Whether the installation token length in the 6th data block of data is 0x00, is the most described APDU number According to the 6th data block legal, the 6th data block of the most described APDU data is illegal.
Step 414: register application according to the application identities in the data field of described APDU data;
In the present embodiment, step 414 is particularly as follows: create and store and performing in described APDU data One example of the executable module that module id is corresponding, by this example and described APDU data Application identities unique association, the state arranging this example is initial value, according to described APDU number Application permission according to arranges the authority of this example, and arrange the association security domain of this example for The association of the performed load document of the performed load document mark correspondence in described APDU data Security domain.
Step 415: judge that the 3rd byte of described APDU data, whether equal to preset value, is to perform Step 419;Otherwise perform step 416;
In the present embodiment, preset value is 0x04.
Step 416: the state of the application this installed is set to SELECTABLE(and may select);
In the present embodiment, step 416 is particularly as follows: the status attribute of the application this installed is set to 0x0 7。
Step 417: judge whether this application installed has acquiescence and select authority, is to perform step 418, otherwise operate successfully;
Step 418: arranging this application installed is default application, operates successfully;
Step 419: the state arranging this application installed is that INSTALLED(installs), operate into Merit.
In the present embodiment, step 419 is particularly as follows: the status attribute arranging this application installed is 0x0 3。
Embodiment five
The embodiment of the present invention five provides in the method applied on the management card provided in a kind of embodiment one Arranging the concrete grammar of application state, the data field part of the APDU data in the present embodiment can be seen Work is made up of multiple data blocks, and each data block is LV structure, i.e. a data length The structure of+data;Seeing Fig. 5, described method specifically includes:
Step 501: judge that first data block of described APDU data and second data block are the most all closed Method, is then to perform step 502, otherwise error in data, operation failure;
In the present embodiment, it is judged that first data block of described APDU data is the most legal to be specifically included: Whether first data block judging described APDU data is 0x00, is the most described APDU data First data block is legal, and first data block of the most described APDU data is illegal;
Judge that second data block of described APDU data is the most legal to specifically include: judge described APDU Whether second data block of data is 0x00, is second data block of the most described APDU data Legal, second data block of the most described APDU data is illegal.
Step 502: judge that the 3rd data block of described APDU data is the most legal, be to perform step 503, otherwise error in data, operation failure;
In the present embodiment, the 3rd data block is particularly as follows: application identities length+application identities;
Judge the 3rd of described APDU data data block be the most legal to specifically include: judge described APDU Whether the application identities length in the 3rd data block of data, in preset range, is then described 3rd data block of APDU data is legal, and the 3rd data block of the most described APDU data is not Legal;
Described preset range is 0x05-0x10.
Step 503: whether have the application corresponding with application identities in checking card, is then to perform step 5 04, otherwise operating condition is unsatisfactory for, operation failure;
Step 504: whether the state judging the application corresponding with application identities is INSTALLED, is then Performing step 505, otherwise operating condition is unsatisfactory for, operation failure;
Step 505: judge that the fourth data block of described APDU data is the most legal, be to perform step 506, otherwise error in data, operation failure;
In the present embodiment, fourth data block is specially application permission length+application permission;
Judge that the fourth data block of described APDU data is the most legal to specifically include: judge described APDU Whether the application permission length in the fourth data block of data is 0x01, is the most described APDU number According to fourth data block legal, the fourth data block of the most described APDU data is illegal.
Step 506: judge that the 5th data block of described APDU data is the most legal, be to perform step 507, otherwise error in data, operation failure;
In the present embodiment, the 5th data block is specially parameter field length+parameter field;
Judge the 5th of described APDU data data block be the most legal to specifically include: judge described APDU Whether the parameter field length in the 5th data block of data is 0x00, is the most described APDU data The 5th data block legal, the 5th data block of the most described APDU data is illegal.
Step 507: judge that the 6th data block of described APDU data is the most legal, be to perform step 508, otherwise error in data, operation failure;
In the present embodiment, the 6th data block is particularly as follows: may select token length+optional token;
Judge the 6th of described APDU data data block be the most legal to specifically include: judge described APDU Whether the optional token length in the 6th data block of data is 0x00, is the most described APDU 6th data block of data is legal, and the 6th data block of the most described APDU data is illegal 。
Step 508: the state of the application corresponding with application identities is set to SELECTABLE;
In the present embodiment, step 508 is specially the status attribute of the setting application corresponding with application identities and is 0x07。
Step 509: judge whether the application corresponding with application identities has acquiescence and select authority, is to hold Row step 510, otherwise operates successfully;
Step 510: judge whether card content managing module has acquiescence and select authority, is to perform step Rapid 511, otherwise operating condition is unsatisfactory for, operation failure;
In the present embodiment, judge whether it has acquiescence by the Authorization Attributes of card content managing module Select authority, the Authorization Attributes of card content managing module is a byte data, from a high position to Status is followed successively by b8 b7 b6 b5 b4 b3 b2 b1;
Judge whether card content managing module has acquiescence and select authority to specifically include: in judging card Whether the b3 of the Authorization Attributes holding management module is 1, is that card content managing module has acquiescence Selecting authority, otherwise card content managing module does not have acquiescence selection authority.
Step 511: arranging the application corresponding with application identities is default application, operates successfully.
Embodiment six
The embodiment of the present invention six provides in the method applied on the management card provided in a kind of embodiment one The concrete grammar of the association security domain of more new opplication, the data field of the APDU data in the present embodiment Part is considered as being made up of multiple data blocks, and each data block is a LV structure, i.e. The structure of data length+data;Seeing Fig. 6, described method specifically includes:
Step 601: judge that first data block of described APDU data is the most legal, be to perform step 602, otherwise error in data, operation failure;
In the present embodiment, first data block is particularly as follows: security domain identification length+security domain identifies;
Judge that first data block of described APDU data is the most legal to specifically include: judge described APDU Whether the security domain identification length in first data block of data, in preset range, is then institute First data block stating APDU data is legal, first data block of the most described APDU data Illegal;
Described preset range is 0x05-0x10.
Step 602: whether have the application corresponding with security domain mark in checking card, be to perform step 603, otherwise operating condition is unsatisfactory for, operation failure;
Step 603: judge whether the application corresponding with security domain mark is card content managing module, is Then operating condition is unsatisfactory for, operation failure, otherwise performs step 604;
Step 604: judge that second data block of described APDU data is the most legal, be to perform step 605, otherwise error in data, operation failure;
In the present embodiment, it is judged that second data block of described APDU data is the most legal to be specifically included: Whether second data block judging described APDU data is 0x00, is the most described APDU data Second data block is legal, and second data block of the most described APDU data is illegal.
Step 605: judge whether the state identifying corresponding application with security domain is INSTALLED, is Then performing step 606, otherwise operating condition is unsatisfactory for, operation failure;
Step 606: judge that the 3rd data block of described APDU data is the most legal, be to perform step 607, otherwise error in data, operation failure;
In the present embodiment, the 3rd data block is particularly as follows: application identities length+application identities;
Judge the 3rd of described APDU data data block be the most legal to specifically include: judge described APDU Whether the application identities length in the 3rd data block of data, in preset range, is then described 3rd data block of APDU data is legal, and the 3rd data block of the most described APDU data is not Legal;
Described preset range is 0x05-0x10.
Step 607: whether have the application corresponding with application identities in checking card, is then to perform step 6 08, otherwise operating condition is unsatisfactory for, operation failure;
Step 608: judge whether the application corresponding with security domain mark has security domain authority, is to hold Row step 609;Otherwise operating condition is unsatisfactory for, operation failure;
In the present embodiment, step 608 specifically includes: judge the authority of the application corresponding with security domain mark Whether attribute the highest-order bit is 1, is, the application corresponding with security domain mark has security domain power Limit, otherwise corresponding with security domain mark application does not have security domain authority.
Step 609: judge whether the state identifying corresponding application with security domain is LOCKED(locking) , it is that operating condition is unsatisfactory for, operation failure;Otherwise perform step 610;
Step 610: judge whether the state identifying corresponding application with security domain is PERSONALIZED( Individualized), it is then to perform step 611, otherwise operating condition is unsatisfactory for, operation failure;
Step 611: judge that the fourth data block of described APDU data and the 5th data block are the most all closed Method, is then to perform step 612, otherwise error in data, operation failure;
In the present embodiment, it is judged that the fourth data block of described APDU data is the most legal to be specifically included: Whether the fourth data block judging described APDU data is 0x00, is the most described APDU data Fourth data block is legal, and the fourth data block of the most described APDU data is illegal;
Judge the 5th of described APDU data data block be the most legal to specifically include: judge described APDU Whether the 5th data block of data is 0x00, is the 5th data block of the most described APDU data Legal, the 5th data block of the most described APDU data is illegal.
Step 612: judge that the 6th data block of described APDU data is the most legal, be to perform step 613, otherwise error in data, operation failure;
In the present embodiment, the 6th data block is particularly as follows: extradite token length+extradition token;
Judge the 6th of described APDU data data block be the most legal to specifically include: judge described APDU Whether the extradition token length in the 6th data block of data is 0x00, is the most described APDU number According to the 6th data block legal, the 6th data block of the most described APDU data is illegal.
Step 613: judge whether the application corresponding with application identities has security domain authority, is to operate Condition is unsatisfactory for, operation failure;Otherwise perform step 614;
In the present embodiment, step 613 specifically includes: judge that the authority of the application corresponding with application identities belongs to Whether property the highest-order bit is 1, is that the application corresponding with application identities has security domain authority, Otherwise corresponding with application identities application does not have security domain authority.
Step 614: the association security domain arranging the application corresponding with application identities is right with security domain mark The application answered, operates successfully.
Embodiment seven
The embodiment of the present invention seven provides in the method applied on the management card provided in a kind of embodiment one The concrete grammar of individualized application, the data field part of the APDU data in the present embodiment can be regarded as Being made up of multiple data blocks, each data block is a LV structure, i.e. data length+number According to structure;Seeing Fig. 7, described method specifically includes:
Step 701: judge that first data block of described APDU data and second data block are the most all closed Method, is then to perform step 702, otherwise error in data, operation failure;
In the present embodiment, it is judged that first data block of described APDU data is the most legal to be specifically included: Whether first data block judging described APDU data is 0x00, is the most described APDU data First data block is legal, and first data block of the most described APDU data is illegal;
Judge that second data block of described APDU data is the most legal to specifically include: judge described APDU Whether second data block of data is 0x00, is second data block of the most described APDU data Legal, second data block of the most described APDU data is illegal.
Step 702: judge that the 3rd data block of described APDU data is the most legal, be to perform step 703, otherwise error in data, operation failure;
In the present embodiment, the 3rd data block is specially application identities length+application identities;
Judge the 3rd of described APDU data data block be the most legal to specifically include: judge described APDU Number According to the 3rd data block in application identities length whether in preset range, be the most described AP 3rd data block of DU data is legal, and the 3rd data block of the most described APDU data does not conforms to Method;
Described preset range is 0x05-0x10.
Step 703: whether have the application corresponding with application identities in checking card, is then to perform step 7 04, otherwise operating condition is unsatisfactory for, operation failure;
Step 704: whether the association security domain judging the application corresponding with application identities is card content pipe Reason module, is then to perform step 705, and otherwise operating condition is unsatisfactory for, operation failure;
Step 705: judge the fourth data block of described APDU data, the 5th data block and the 6th Data block is the most legal, is then to perform step 706, otherwise error in data, operation failure;
In the present embodiment, it is judged that the fourth data block of described APDU data is the most legal to be specifically included: Whether the fourth data block judging described APDU data is 0x00, is the most described APDU data Fourth data block is legal, and the fourth data block of the most described APDU data is illegal;
Judge the 5th of described APDU data data block be the most legal to specifically include: judge described APDU Whether the 5th data block of data is 0x00, is the 5th data block of the most described APDU data Legal, the 5th data block of the most described APDU data is illegal;
Judge the 6th of described APDU data data block be the most legal to specifically include: judge described APDU Whether the 6th data block of data is 0x00, is the 6th data block of the most described APDU data Legal, the 6th data block of the most described APDU data is illegal.
Step 706: the state of the application corresponding with application identities is set to PERSONLIZED, operates into Merit.
Embodiment eight
The embodiment of the present invention eight provides in the method applied on the management card provided in a kind of embodiment one Delete application and the concrete grammar of load document, the number of the APDU data in the present embodiment can be performed Can see according to territory part Work is made up of multiple data blocks, and each data block is LV structure, i.e. a data length The structure of+data;Seeing Fig. 8, described method specifically includes:
Step 801: judge that first data block of described APDU data is the most legal, be to perform step 802, otherwise error in data, operation failure;
In the present embodiment, it is judged that first data block of described APDU data is the most legal to be specifically included: Whether first data block judging described APDU data is 0x4f, is the most described APDU data First data block is legal, and first data block of the most described APDU data is illegal.
Step 802: judge that second data block of described APDU data is the most legal, be to perform step 803, otherwise error in data, operation failure;
In the present embodiment, second data block is specially data field identification length+data field mark;
Judge that second data block of described APDU data is the most legal to specifically include: judge described APDU Whether the data field identification length in second data block of data, in preset range, is then institute Second data block stating APDU data is legal, second data block of the most described APDU data Illegal;
Described preset range is: 0x05-0x10.
Step 803: whether have the application corresponding with data field mark in checking card, be to perform step 804, otherwise perform step 805;
Step 804: judge that the 4th byte of described APDU data, whether equal to preset value, is to perform Step 805, otherwise performs step 809;
In the present embodiment, preset value is 0x80.
Step 805: whether have the performed load document corresponding with data field mark in checking card, be Then performing step 806, otherwise operating condition is unsatisfactory for, operation failure;
Step 806: judge that the 4th byte of described APDU data, whether equal to preset value, is to perform Step 807, otherwise performs step 808;
In the present embodiment, preset value is 0x80.
Step 807: delete the application corresponding with data field mark and identify corresponding performing with data field Load document, operates successfully;
Step 808: delete the performed load document corresponding with data field mark, operate successfully;
Step 809: check whether the application corresponding with data field mark is that other are applied or other can perform The association security domain of load document, is that operating condition is unsatisfactory for, operation failure;Otherwise perform Step 810;
Step 810: judge whether the application corresponding with data field mark is card content managing module, is Then operating condition is unsatisfactory for, operation failure;Otherwise perform step 811;
Step 811: delete the application corresponding with data field mark, operate successfully.
Embodiment described above is the present invention more preferably detailed description of the invention, the technology of this area The usual variations and alternatives that personnel are carried out in the range of technical solution of the present invention all should be included in this In bright protection domain.

Claims (22)

1. one kind manages the method for application on card, it is characterised in that when card content managing module receives Execution following steps after the data that running environment is sent:
Step A: check card mode, if the first preset state or the second preset state then generate and return card Sheet state not status of support code, to running environment, terminates, and otherwise performs step B;
Step B: check whether the data received meet preset format, if meeting the first preset format, performs Step C, if meeting the second preset format, performs step D, if meeting the 3rd preset format, performs step E, If meeting the 4th preset format, performing step F, if meeting the 5th preset format, performing step G, if meeting 6th preset format then performs step H, if meeting the 7th preset format, performs step I, if not meeting default Form then generates and returns data error states code to running environment, end;
Step C: continue to the data that running environment sends and obtain the first complete order, resolve described first Order, obtains load document mark and associates security domain mark with load document, create load document structure, and Load document mark parsing obtained and load document associated domain mark are filled into the load document structure of establishment In, if operating successfully, generating and returning operation success status code and returning result to running environment, terminating, If operating unsuccessful, generate and return corresponding state code to running environment, end according to operation failure reason;
Step D: continue to the data that running environment sends and obtain the second complete order, resolve described second Order, obtains load document data block, according to described load document data block securing component data and deposit Storage, is filled into storage address in load document structure, if operating successfully, generating and returning and operate successfully Conditional code and return result to running environment, terminates, if operating unsuccessful, raw according to operation failure reason Become and return corresponding state code to running environment, end;
Step E: continue to the data that running environment sends and obtain the 3rd complete order, resolve the described 3rd Order, obtains performing load document mark, executable module mark, application identities and application permission, root The performed load document identifier lookup load document structure obtained according to parsing, at the load document knot found Storing in structure is searched corresponding with resolving the executable module mark obtained in the memory space that address is corresponding Executable module, creates the application of the executable module found, with resolving the application identities mark wound obtained The application built, the authority specified by application permission parsing obtained gives the application created, and arranges establishment The association security domain of application be and resolve the performed load document that obtains and identify corresponding performed loading The association security domain of file, if operating successfully, generating and returning operation success status code and returning result to Running environment, terminating, if operating unsuccessful, generating and returning corresponding state code according to operation failure reason To running environment, terminate;
Step F: continue to the data that running environment sends and obtain the 4th complete order, resolve the described 4th Order, be applied mark and application permission, searches corresponding with resolving the application identities obtained in card Application, updating the state of application found is optional state, and updates the power of the application found It is limited to resolve the authority specified by the application permission obtained, if operating successfully, generating and returning and operate successfully Conditional code and return result to running environment, terminates, if operating unsuccessful, raw according to operation failure reason Become and return corresponding state code to running environment, end;
Step G: continue to the data that running environment sends and obtain the 5th complete order, resolve the described 5th Order, obtains security domain mark and application identities, searches relative with resolving the application identities obtained in card The application answered and the application corresponding with resolving the security domain mark obtained, pacify the association of the application found Universe is updated to the application corresponding with resolving the security domain mark obtained, if operating successfully, generating and returning Returning operation success status code and return result to running environment, terminating, if operating unsuccessful, according to operation Failure cause generates and returns corresponding state code to running environment, end;
Step H: continue to the data that running environment sends and obtain the 6th complete order, resolve the described 6th Order, be applied mark, searches the application corresponding with resolving the application identities obtained in card, if Put the application that finds for individualized application, if operate successfully, generate and return operate success status code with Return result to running environment, terminate, if operating unsuccessful, generating according to operation failure reason and returning Corresponding state code, to running environment, terminates;
Step I: continue to the data that running environment sends and obtain the 7th complete order, resolve the described 7th Order, obtains data field mark, searches the application corresponding with resolving the data field mark obtained in card With can perform load document, deleting the application that finds and load document can be performed, if operating successfully, giving birth to Become and return operation success status code and return result to running environment, terminating, if operating unsuccessful, root Generate and return corresponding state code to running environment, end according to operation failure reason.
2. the method for claim 1, it is characterised in that described step B specifically includes:
Step B1: whether the length of the data that inspection receives is five bytes, is then to perform step B2, no The data then received do not meet preset format, generate and return data error states code to running environment, knot Bundle;
Step B2: whether be 0x80 or 0x84, be to perform if checking that the first character of the data received saves Step B3, the data otherwise received do not meet preset format, generate and return data error states code to fortune Row environment, terminates;
Step B3: check second byte of the data received, if 0xE6 then performs step B4, if Then perform step B5 for 0xE8, if 0xE4 then performs step B6, the data otherwise received do not meet Preset format, generates and returns data error states code to running environment, end;
Step B4: check the 3rd to the 5th byte of data received, if the 3rd byte and the four Byte respectively 0x02 and 0x00 and the 5th byte are pre-not less than the data fit first that 0x0A then receives If form, perform step C;If the 3rd byte is 0x04 or 0x0C, the 4th byte is 0x00 and Data fit the 3rd preset format that five bytes then receive not less than 0x18, performs step E;If the 3rd Individual byte and the 4th byte respectively 0x08 and 0x00 and the 5th byte are not less than what 0x0C then received Data fit the 4th preset format, performs step F;If three byte and the nybble are respectively 0x10 Data fit the 5th preset format then received not less than 0x10 with 0x00 and the 5th byte, performs step Rapid G;If the 3rd byte and the 4th byte are respectively 0x20 and 0x00 and the 5th byte not less than 0x0B Data fit the 6th preset format then received, performs step H;The data otherwise received do not meet pre- If form, generate and return data error states code to running environment, end;
Step B5: whether the 3rd byte of the data that inspection receives is 0x00 or 0x80, is to receive Data fit the second preset format arrived, performs step D, and the data otherwise received do not meet preset format, Generate and return data error states code to running environment, end;
Step B6: whether the 3rd byte of the data that inspection receives is 0x00, is, the data received Meeting the 7th preset format, perform step I, the data otherwise received do not meet preset format, generate and return Return data error states code to running environment, end.
3. the method for claim 1, it is characterised in that described return result is 0x00;
Described operation failure reason includes that operating condition is unsatisfactory for and error in data, when operation failure reason is behaviour When condition is unsatisfactory for, described card content managing module generates and returns condition and is unsatisfactory for conditional code to running Environment, when operation failure reason is error in data, described card content managing module generates and returns data Error status code is to running environment.
4. the method for claim 1, it is characterised in that described add according to described first order preparation Load application specifically includes:
Step C1: judge that first data block of described first order is the most legal, if legal, check card The most whether there is the executable file corresponding with described first data block, be that operating condition is unsatisfactory for, behaviour Make unsuccessfully, otherwise perform step C2;If not conforming to rule error in data, operation failure;
Step C2: judge whether second data block of described first order meets preset requirement, if meeting the It is described card that one preset requirement then arranges the association security domain of the load document corresponding with described first data block Sheet content managing module, performs step C4;If meeting the second preset requirement, perform step C3;If being unsatisfactory for Preset requirement then error in data, operation failure;
Step C3: whether have the application corresponding with described second data block in checking card, if not, Operating condition is unsatisfactory for, operation failure;If having, check that the application corresponding with described second data block is No have security domain authority, if having security domain authority, arranges the loading corresponding with described first data block The association security domain of file is the application corresponding with described second data block, performs step C4;If not having Security domain authority then operating condition is had to be unsatisfactory for, operation failure;
Step C4: judge that the 3rd data block of described first order is the most legal, be to store the described 3rd Corresponding data in individual data block, performs step C5;Otherwise error in data, operation failure;
Step C5: process the fourth data block of described first order, perform step C6;
Step C6: judge that the 5th data block of described first order is the most legal, be to create load document Structure, and according to described first data block and described second data block, load document structure is filled with, Initialize the overall block number in card, operate successfully;Otherwise error in data, operation failure.
5. method as claimed in claim 4, it is characterised in that first data block of described first order Including: load document identification length and load document mark;Judge first data block of described first order The most legal particularly as follows: judge described load document identification length whether in preset range, and described loading Each byte of file identification is not all 0x00, if meet above-mentioned two condition simultaneously, described first order First data block is legal, and first data block of the most described first order is illegal;With described first The executable file that data block is corresponding is particularly as follows: identify corresponding executable file with described load document; The load document corresponding with described first data block is particularly as follows: identify corresponding adding with described load document Published article part;
Second data block of described first order includes: load document association security domain identification length and loading File association security domain identifies;Whether described second data block judging described first order meets to preset is wanted Ask particularly as follows: judge whether described load document association security domain identification length is 0x00, is the most described first Second data block of order meets the first preset requirement, otherwise checks that described load document associates security domain mark Know, if each byte of described load document association security domain mark is 0x00, the of described first order Two data blocks are unsatisfactory for preset requirement, if each byte of described load document association security domain mark is not all It is that second data block that 0x00 the most described first orders meets the second preset requirement;Described with described second The application that data block is corresponding is particularly as follows: identify corresponding application with described load document association security domain;
3rd data block of described first order includes: load document data block cryptographic Hash length and add published article Part data block cryptographic Hash;Described judge described first order the 3rd data block the most legal particularly as follows: sentence Whether disconnected described load document data block cryptographic Hash length is 0x00, is the 3rd number of the most described first order Illegal according to block, the 3rd data block of the most described first order is legal;Described 3rd number of described storage According to the corresponding data in block particularly as follows: store described load document data block cryptographic Hash;
The fourth data block of described first order includes: loading parameters territory;Described first order of described process Fourth data block particularly as follows: process described loading parameters territory;
5th data block of described first order includes: loads token length and loads token;Described judgement 5th data block of described first order is the most legal particularly as follows: judge that whether described loading token length is 0x00, is that the 5th data block of the most described first order is legal, the 5th number of the most described first order Illegal according to block;
Described preset range is 0x05-0x10.
6. method as claimed in claim 5, it is characterised in that described inspection and described second data block Whether corresponding application has security domain authority particularly as follows: check and associate security domain mark with described load document Whether the Authorization Attributes the highest-order bit knowing corresponding application is 1, is then corresponding with described second data block Application there is security domain authority, otherwise corresponding with second data block application does not have security domain authority.
7. the method for claim 1, it is characterised in that described loading according to described second order should With specifically including:
Step D1: judge whether the 4th byte of described second order is equal to the overall block number in card, It is then to perform step D2, otherwise error in data, operation failure;
Step D2: check in described second order of institute whether comprise data verification mode block information, if comprising, Verify the described fast information of data verification pattern, if being verified, performing step D3, if checking is not passed through, counting According to mistake, operation failure;If not comprising, perform step D3;
Step D3: according to described second order in load document data block securing component data and store, Being filled in load document structure storage address, the overall block number updated in card is that its currency adds 1, Judge that whether described load document data block is last load document data block of load document, be to hold Row step D4, otherwise operates successfully;
Step D4: judge whether the load document data block cryptographic Hash in card has value, if there being value, to by card The entirety that in sheet, whole load document data blocks of storage are constituted carries out Hash calculation, and judges that result of calculation is No equal to described load document data block cryptographic Hash, if equal to, perform step D5, if being not equal to, data are wrong By mistake, operation failure;If void value, perform step D5;
Step D5: store and submit to and can perform load document structure, operates successfully.
8. method as claimed in claim 7, it is characterised in that described judgement described load document data block Whether it is that last load document data block of load document is particularly as follows: judge the 3rd of described second order Whether individual byte equal to 0x80, is, described load document data block is that last of load document adds published article Part data block, the most described load document data block is not last load document data block of load document.
9. the method for claim 1, it is characterised in that described according to described 3rd Installing of Command should With specifically including:
Step E1: judge that first data block of described 3rd order is the most legal, if legal, check card The most whether there is the load document structure corresponding with described first data block, be then to perform step E2, otherwise Operating condition is unsatisfactory for, operation failure;If not conforming to rule error in data, operation failure;
Step E2: judge that second data block of described 3rd order is the most legal, if legal, check described It is relative with described second data block whether storing in load document structure has in the memory space that address is corresponding The executable module answered, is then to perform step E3, and otherwise operating condition is unsatisfactory for, operation failure;If not conforming to Rule error in data, operation failure;
Step E3: judge that the 3rd data block of described 3rd order is the most legal, if legal, check card The most whether have and described 3rd application that data block is corresponding, be then to perform step E4, otherwise operating condition It is unsatisfactory for, operation failure;If not conforming to rule error in data, operation failure;
Step E4: judge that the fourth data block of described 3rd order is the most legal, if legal, judge and institute State whether the 3rd application that data block is corresponding has acquiescence selection authority, be then to perform step E5, otherwise Perform step E6;If not conforming to rule error in data, operation failure;
Step E5: judge whether the 3rd byte of described 3rd order is equal to preset value, if preset value is then Error in data, operation failure;If not preset value then judges whether described card content managing module has silent Recognizing selection authority, be then to perform step E7, otherwise operating condition is unsatisfactory for, operation failure;
Step E6: judge whether the 3rd data block of described 3rd order meets pre-conditioned, if meeting the One is pre-conditioned or second pre-conditioned, processes the 5th data block of described 3rd order, performs step E7, If being unsatisfactory for pre-conditioned, operating condition is unsatisfactory for, operation failure;
Step E7: judge that the 6th data block of described 3rd order is the most legal, be then according to the described 3rd Ordered Registration is applied, and performs step E8, otherwise error in data, operation failure;
Step E8: judge that the 3rd byte of described 3rd order, whether equal to described preset value, is to arrange The state of the 3rd application that data block is corresponding with described 3rd order, for installing, operates successfully;Otherwise The state with the 3rd application that data block is corresponding of described 3rd order that arranges is optional, performs step E9;
Step E9: judge whether there is acquiescence with the 3rd application that data block is corresponding of described 3rd order Selecting authority, be, arranging the 3rd application that data block is corresponding with described 3rd order is default application, Operate successfully, otherwise operate successfully.
10. method as claimed in claim 9, it is characterised in that first data of described 3rd order Block includes: can perform load document identification length and can perform load document mark;
Described judge described 3rd order first data block the most legal particularly as follows: can perform described in Pan Duaning Whether load document identification length, in preset range, is that first data block of the most described 3rd order is legal, First data block of the most described 3rd order is illegal;
Described and described first performed load document that data block is corresponding is particularly as follows: perform with described The performed load document that load document mark is corresponding;
Second data block of described 3rd order includes: executable module identification length and executable module mark Know;
Described second data block judging described 3rd order the most legal particularly as follows: judge described can Whether execution module id length, in preset range, is that second data block of the most described 3rd order is legal, Second data block of the most described 3rd order is illegal;
The corresponding executable module of described and described second data block is specially and described executable module mark The executable module of sensible correspondence;
3rd data block of described 3rd order includes: application identities length and application identities;
Described judge described 3rd order the 3rd data block the most legal particularly as follows: judge described application mark Whether knowledge length is in preset range, and each byte of described application identities is not all 0x00, if simultaneously full 3rd data block of the most described 3rd order of foot above-mentioned two condition is legal, the of the most described 3rd order Three data blocks are illegal;
Described and described 3rd order the 3rd application that data block is corresponding particularly as follows: with described application mark The application of sensible correspondence;
The fourth data block of described 3rd order includes: application permission length and application permission;
Described judge described 3rd order fourth data block the most legal particularly as follows: judge that described application is weighed Whether limit for length's degree is 0x01, is that the fourth data block of the most described 3rd order is legal, the most described 3rd life The fourth data block of order is illegal;
Whether described judgement has acquiescence with described 3rd application that data block is corresponding selects authority concrete For: judging whether described application permission is 0x04, be, corresponding with described 3rd data block answers apparatus There is acquiescence right to choose, otherwise with described 3rd application that data block is corresponding, not there is acquiescence right to choose;
Described preset value is 0x04;
Whether described the 3rd data block judging described 3rd order meets pre-conditioned particularly as follows: check institute State whether application permission meets pre-conditioned;
5th data block of described 3rd order includes: installation parameter length of field and installation parameter territory;
5th data block of described 3rd order of described process is particularly as follows: process described installation parameter territory;
6th data block of described 3rd order includes: installs token length and installs token;
Described judge that the 3rd the 6th data block ordered is the most legal particularly as follows: judge that described installation token is long Whether degree is 0x00, is that the 6th data block of the most described 3rd order is legal, the most described 3rd order 6th data block is illegal;
Described preset range is 0x05-0x10.
11. methods as claimed in claim 10, it is characterised in that described whether judge described application permission Meet pre-conditioned specifically including: check described application permission, if described application permission from low order end the 1st Bit, the 6th bit and the 7th bit are 0, and the 8th bit is 1 described 3rd order It is pre-conditioned that three data blocks meet first;If the described application permission the 1st bit from low order end, the 6th Bit and the 7th bit are not all that the 3rd data block of 0 described 3rd order meets second and preset article Part;3rd data block of the most described 3rd order is unsatisfactory for pre-conditioned.
12. methods as claimed in claim 10, it is characterised in that described according to described 3rd Ordered Registration Application specifically includes: create and store a reality of the executable module corresponding with described executable module mark Example, by this example and described application identities unique association, the state arranging this example is initial value, according to institute State application permission and the authority of this example is set, and the association security domain of this example is set for add with described execution Carry the association security domain of performed load document corresponding to file identification.
13. the method for claim 1, it is characterised in that described order according to the 4th arranges application State specifically includes:
Step F1: judge that first data block of described 4th order and second data block are the most legal, It is then to perform step F2, otherwise error in data, operation failure;
Step F2: judge that the 3rd data block of described 4th order is the most legal, if it is wrong not conform to rule data By mistake, operation failure;If legal, whether have and described 3rd application that data block is corresponding in checking card, If not, operating condition is unsatisfactory for, operation failure;If having, judge corresponding with described 3rd data block The state of application whether be installation, if not installing, operating condition is unsatisfactory for, operation failure;If peace Dress then performs step F3;
Step F3: judge that the fourth data block of described 4th order is the most legal, be then to perform step F4, Otherwise error in data, operation failure;
Step F4: judge that the 5th data block of described 4th order is the most legal, be then to perform step F5, Otherwise error in data, operation failure;
Step F5: judge that the 6th data block of described 4th order is the most legal, be then to arrange and described the The state of the application that three data blocks are corresponding is optional, performs step F6, and otherwise error in data operation is lost Lose;
Step F6: judge that whether having acquiescence with described 3rd application that data block is corresponding selects authority, If, not operating successfully;If having, judge whether described card content managing module has acquiescence and select authority, It is that arranging with described 3rd application that data block is corresponding is default application, operates successfully, otherwise operates Condition is unsatisfactory for, operation failure.
14. methods as claimed in claim 13, it is characterised in that the of described 4th order of described judgement One data block and second data block is the most legal specifically includes: judge first of described 4th order Whether data block is 0x00, is that first data block of the most described 4th order is legal, the most described 4th life First data block of order is illegal;Judge whether the described 4th second data block ordered is 0x00, is Second data block of the most described 4th order is legal, and second data block of the most described 4th order does not conforms to Method;
3rd data block of described 4th order includes: application identities length and application identities;
Described judge described 4th order the 3rd data block the most legal particularly as follows: judge described application mark Whether knowledge length, in preset range, is that the 3rd data block of the most described 4th order is legal, otherwise described 3rd data block of the 4th order is illegal;
The application that described and described 3rd data block is corresponding is particularly as follows: corresponding with described application identities should With;
Whether described judgement has acquiescence with described 3rd application that data block is corresponding selects authority concrete For: judge the 3rd byte of described 4th order whether equal to 0x04, be then with described 3rd data block Corresponding application has acquiescence and selects authority, does not otherwise have with described 3rd application that data block is corresponding Acquiescence is had to select authority;
The fourth data block of described 4th order includes: application permission length and application permission;
Described judge described 4th order fourth data block the most legal particularly as follows: judge that described application is weighed Whether limit for length's degree is 0x01, is that the fourth data block of the most described 4th order is legal, the most described 4th life The fourth data block of order is illegal;
5th data block of described 4th order includes: parameter field length and parameter field;
Described judge described 4th order the 5th data block the most legal particularly as follows: judge described parameter field Whether length is 0x00, is that the 5th data block of the most described 4th order is legal, the most described 4th order The 5th data block illegal;
6th data block of described 4th order includes: optional token length and optional token;
Described judge that the 6th data block of described 4th order is the most legal particularly as follows: judge described optional Whether token length is 0x00, is that the 6th data block of the most described 4th order is legal, the most described 4th 6th data block of order is illegal;
Described preset range is 0x05-0x10.
15. the method for claim 1, it is characterised in that described according to described 5th order renewal The association security domain of application specifically includes:
Step G1: judge that first data block of described 5th order is the most legal, if it is wrong not conform to rule data By mistake, operation failure;If legal, in checking card, whether there is the application corresponding with described first data block, If not, operating condition is unsatisfactory for, operation failure;If having, judge corresponding with described first data block Application whether be described card content managing module, if then operating condition is unsatisfactory for, operation failure;If It not then to perform step G2;
Step G2: judge that second data block of described 5th order is the most legal, if it is wrong not conform to rule data By mistake, operation failure;If legal, judge that whether the state of the application corresponding with described first data block is Installing, if not installing, operating condition is unsatisfactory for, operation failure;Step G3 is then performed if installing;
Step G3: judge that the 3rd data block of described 5th order is the most legal, if it is wrong not conform to rule data By mistake, operation failure;If legal, whether have and described 3rd application that data block is corresponding in checking card, If not, operating condition is unsatisfactory for, operation failure;If having, perform step G4;
Step G4: judge whether the application corresponding with described first data block has security domain authority, if The most then operating condition is unsatisfactory for, operation failure;If having, judge corresponding with described first data block Whether the state of application is locking, if locking, operating condition is unsatisfactory for, operation failure;If not locking Then whether the state of the application that judgement is corresponding with described first data block is individualized, if individualizing then Perform step G5, if not individualized then operating condition is unsatisfactory for, operation failure;
Step G5: judge that the fourth data block of described 5th order and the 5th data block are the most legal, It is then to perform step G6, otherwise error in data, operation failure;
Step G6: judge that the 6th data block of described 5th order is the most legal, if it is wrong not conform to rule data By mistake, operation failure;If legal, judge whether there is safety with described 3rd application that data block is corresponding Territory authority, if having, operating condition is unsatisfactory for, operation failure;If not having, arrange and described 3rd The association security domain of the application that data block is corresponding is the application corresponding with described first data block, operation Success.
16. methods as claimed in claim 15, it is characterised in that first data of described 5th order Block includes: security domain identification length and security domain mark;
Described judge described 5th order first data block the most legal particularly as follows: judge described security domain Whether identification length, in preset range, is that first data block of the most described 5th order is legal, otherwise institute First data block stating the 5th order is illegal;
The application that described and described first data block is corresponding is particularly as follows: identify corresponding with described security domain Application;
Described judge described 5th order second data block the most legal particularly as follows: judge described 5th life Whether second data block of order is 0x00, is that second data block of the most described 5th order is legal, otherwise Second data block of described 5th order is illegal;
3rd data block of described 5th order includes: application identities length and application identities;
Described judge described 5th order the 3rd data block the most legal particularly as follows: judge described application mark Whether knowledge length, in preset range, is that the 3rd data block of the most described 5th order is legal, otherwise described 3rd data block of the 5th order is illegal;
The corresponding application of described and described 3rd data block is particularly as follows: corresponding with described application identities Application;
The described fourth data block judging described 5th order and the 5th the most legal concrete bag of data block Include: judge whether the described 5th fourth data block ordered is 0x00, be the 4th of the most described 5th order the Individual data block is legal, and the fourth data block of the most described 5th order is illegal;Judge described 5th order The 5th data block whether be 0x00, be the most described 5th order the 5th data block legal, otherwise institute The 5th data block stating the 5th order is illegal;
6th data block of described 5th order includes: extradition token length and extradition token;
Described judge described 5th order the 6th data block the most legal particularly as follows: judge described delivery order Whether board length is 0x00, is that the 6th data block of the most described 5th order is legal, the most described 5th life 6th data block of order is illegal;
Described preset range is 0x05-0x10.
17. methods as claimed in claim 15, it is characterised in that described judgement and described first data Whether the corresponding application of block has security domain authority particularly as follows: judge to identify with described load document security domain Whether the Authorization Attributes the highest-order bit of corresponding application is 1, is then corresponding with described first data block Application has a security domain authority, and otherwise corresponding with first data block application does not have security domain authority;
Judge with described 3rd application that data block is corresponding, whether there is security domain authority particularly as follows: judge Whether the Authorization Attributes the highest-order bit of the application corresponding with described application identities is 1, be then with described 3rd The corresponding application of data block has security domain authority, does not otherwise have with the 3rd application that data block is corresponding There is security domain authority.
18. the method for claim 1, it is characterised in that described according to described 6th order individual Change application to specifically include:
Step H1: judge that first data block of described 6th order and second data block are the most legal, It is then to perform step H2, otherwise error in data, operation failure;
Step H2: judge that the 3rd data block of described 6th order is the most legal, if it is wrong not conform to rule data By mistake, operation failure;If legal, whether have and described 3rd application that data block is corresponding in checking card, If not, operating condition is unsatisfactory for, operation failure;If having, judge corresponding with described 3rd data block The association security domain of application whether be described card content managing module, be then execution step H3, otherwise grasp It is unsatisfactory for as condition, operation failure;
Step H3: judge fourth data block, the 5th data block and the 6th data of described 6th order Block is the most legal, is then to arrange to apply for individualized with described 3rd application that data block is corresponding, no Then operating condition is unsatisfactory for, operation failure.
19. methods as claimed in claim 18, it is characterised in that the of described 6th order of described judgement One data block and second data block is the most legal includes: judge first data of described 6th order Whether block is 0x00, is that first data block of the most described 6th order is legal, the most described 6th order First data block is illegal;Whether second data block judging described 6th order is 0x00, is then institute Second data block stating the 6th order is legal, and second data block of the most described 6th order is illegal;
3rd data block of described 6th order includes: application identities length and application identities;
Described judge described 6th order the 3rd data block the most legal particularly as follows: judge described application mark Whether knowledge length, in preset range, is that the 3rd data block of the most described 6th order is legal, otherwise described 3rd data block of the 6th order is illegal;Wherein, described preset range is 0x05-0x10;
The corresponding application of described and described 3rd data block is particularly as follows: corresponding with described application identities Application;
Fourth data block, the 5th data block and the 6th data block of described 6th order of described judgement are No the most legal include: whether the fourth data block judging described 6th order is 0x00, is the most described 6th The fourth data block of order is legal, and the fourth data block of the most described 6th order is illegal;Judge institute Whether the 5th data block stating the 6th order is 0x00, is that the 5th data block of the most described 6th order is closed Method, the 5th data block of the most described 6th order is illegal;Judge the 6th number of described 6th order Whether it is 0x00 according to block, is that the 6th data block of the most described 6th order is legal, the most described 6th life 6th data block of order is illegal.
20. the method for claim 1, it is characterised in that described according to described 7th order deletion Apply and load document can be performed and specifically include:
Step I1: judge that first data block of described 7th order is the most legal, be then to perform step I2, Otherwise error in data, operation failure;
Step I2: judge that second data block of described 7th order is the most legal, if it is wrong not conform to rule data By mistake, operation failure;If legal, in checking card, whether there is the application corresponding with described second data block, It is then to perform step I3, otherwise performs step I4;
Step I3: judge that the 4th byte of described 7th order, whether equal to preset value, is to perform step I4, otherwise performs step I5;
Step I4: whether have and described second performed load document that data block is corresponding in checking card, If not, operating condition is unsatisfactory for, operation failure;If having, judge the 4th byte of described 7th order Whether equal to preset value, if equal to, delete the application corresponding with described second data block and can perform to add Published article part, operating successfully, if being not equal to, deleting and described second performed loading that data block is corresponding File, operates successfully;
Step I5: check whether the application corresponding with described second data block is that other are applied or other can Perform the association security domain of load document, be that operating condition is unsatisfactory for, operation failure;Otherwise perform step I6;
Step I6: judge whether the application corresponding with described second data block is described card Content Management Module, is that operating condition is unsatisfactory for, operation failure, otherwise deletes corresponding with described second data block Application, operate successfully.
21. methods as claimed in claim 20, it is characterised in that the of described 7th order of described judgement One data block is the most legal particularly as follows: judge whether first data block of described 7th order is 0x4f, First data block being the most described 7th order is legal, and first data block of the most described 7th order is not Legal;
Second data block of described 7th order includes: data field identification length and data domain identifier;
Described judge described 7th order second data block the most legal particularly as follows: judge described data field Whether identification length, in preset range, is that second data block of the most described 7th order is legal, otherwise institute Second data block stating the 7th order is illegal;Wherein said preset range is 0x05-0x10;
Corresponding the applying of described and described second data block is specially corresponding with described data field mark Application;
Described and described second performed load document that data block is corresponding is specially and described data field mark The performed load document of sensible correspondence;
Described preset value is 0x80.
22. methods as described in claim 9 or 13, it is characterised in that described judgement described card content Whether management module has acquiescence selects authority particularly as follows: judge that the authority of described card content managing module belongs to Whether property the 3rd bit from low order end is 1, is that described card content managing module has acquiescence right to choose Limit, the most described card content managing module does not have acquiescence and selects authority.
CN201310399702.7A 2013-04-25 2013-09-05 A kind of method managing on card application Active CN103473093B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201310399702.7A CN103473093B (en) 2013-09-05 2013-09-05 A kind of method managing on card application
PCT/CN2014/076030 WO2014173298A1 (en) 2013-04-25 2014-04-23 Method for managing application on card
US14/786,213 US10324781B2 (en) 2013-04-25 2014-04-23 Method for managing application on card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310399702.7A CN103473093B (en) 2013-09-05 2013-09-05 A kind of method managing on card application

Publications (2)

Publication Number Publication Date
CN103473093A CN103473093A (en) 2013-12-25
CN103473093B true CN103473093B (en) 2016-08-24

Family

ID=49797962

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310399702.7A Active CN103473093B (en) 2013-04-25 2013-09-05 A kind of method managing on card application

Country Status (1)

Country Link
CN (1) CN103473093B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10324781B2 (en) 2013-04-25 2019-06-18 Feitian Technologies Co., Ltd. Method for managing application on card
CN104092546B (en) * 2014-06-30 2017-07-14 飞天诚信科技股份有限公司 The generation method of security domain on smart card
CN104182699B (en) * 2014-08-25 2017-02-22 飞天诚信科技股份有限公司 Receipt verification method and system
CN107688473B (en) * 2016-08-03 2020-09-08 北京数码视讯科技股份有限公司 Method for realizing user-defined security domain in smart card and smart card

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2823330B1 (en) * 2001-04-10 2004-08-20 Gemplus Card Int METHOD AND SYSTEM FOR MANAGING DATA TO BE STORED IN A MEMORY, FOR EXAMPLE OF THE CODE OF AN APPLICATION LOADED IN A PROGRAMMABLE CHIP CARD
GB0517615D0 (en) * 2005-08-30 2005-10-05 Ecebs Ltd Improved smartcard system
KR20080094878A (en) * 2008-10-06 2008-10-27 주식회사 비즈모델라인 Method for operating application(or data) for smart card

Also Published As

Publication number Publication date
CN103473093A (en) 2013-12-25

Similar Documents

Publication Publication Date Title
CN102420902B (en) A kind of method of classification management over right of using functions and mobile terminal
CN103473093B (en) A kind of method managing on card application
CN106127872B (en) Work attendance method, client and equipment based on mobile terminal
CN103581187B (en) Method and system for controlling access rights
CN102158488B (en) Dynamic countersign generation method and device and authentication method and system
US20120324229A1 (en) System and method for generating keyless digital multi-signatures
CN106452786A (en) Encryption and decryption processing method, apparatus and device
CN103634935B (en) WPS (Wi-Fi protected setup) or QSS (quick secure setup)-based network accessing method and device
CN112700246B (en) Block chain-based data processing method, device, equipment and readable storage medium
CN108769186A (en) service authority control method and device
CN101686572B (en) Method and system for interlocking wireless terminal cards, and management platform
CN106709324A (en) Method and equipment used for verifying application safety
CN107729746A (en) A kind of application program of installation tamper resistant method and system based on digital signature
CN110866265A (en) Data storage method, device and storage medium based on block chain
CN106487505B (en) Key management, acquisition methods and relevant apparatus and system
CN103218560B (en) Method of realizing card data management
CN106228090B (en) A kind of how main security domain Java smart card and its implementation
CN110162274A (en) A kind of data processing method based on block chain, device and equipment
CN101026736A (en) Method and system for J2ME business authentication for IPTV system
CN109639434A (en) A kind of method for unlocking based on block chain, device, system and calculate equipment
CN109086576A (en) Licensing dissemination method, License Authentication method, system and electronic equipment
CN109829334A (en) Data box configuration, use and bookkeeping methods and its operation system based on block chain
CN108420290A (en) A kind of method and system of express delivery cabinet compatibility mailbox
CN102592100B (en) Method and equipment for implementing application operation safety certificate
CN104753902B (en) A kind of operation system verification method and verifying device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant