PC/SC Guide
Prox–DU & Prox–SU
www.gemalto.com
DOC119811A Public Use Page 15/129
The smart card Service Provider
The smart card service provider is one of two possible sub-components of the service
provider. It is responsible for exposing high-level interfaces to non-cryptographic services.
This exposure is expected to include common interfaces, defined in this specification, for
managing connections to a specific smart card, as well as access to file and authentication
services. In addition, the smart card service provider may implement interfaces that the
vendor defines for features specific to the application domain.
All smart card service providers shall implement the interface for managing connections to a
smart card as defined herein (see Section 3). This interface provides mechanisms for
connecting and disconnecting to a smart card.
In addition, to be compliant with this specification, smart card service providers that expose
file access and authentication services shall do so using the interfaces defined herein (see
Section 3.4). These interfaces encapsulate functionality defined by ISO 7816-4, along with
natural extensions for functionality such as file creation and deletion.
The file access interface defines mechanisms for the following tasks:
• Locating files by name
• Creating or opening files
• Reading and writing file contents
• Closing a file
• Deleting files
• Managing file attributes
The authentication interface defines mechanisms for the following tasks:
• Cardholder verification
• smart card authentication
• Application authentication to the smart card
The Cryptographic Service Provider
The cryptographic service provider is a sub-component of the service provider. In contrast to
the smart card service provider, the cryptographic service provider isolates cryptographic
services because existing regulations imposed by various governments affect import and
export. The cryptographic service provider allows applications to make use of cryptographic
services in a manner that compartmentalizes the sensitive elements of cryptographic
support into a well-defined and independently installable software package.
The cryptographic service provider encapsulates access to cryptographic functionality
provided by a specific smart card through high level programming interfaces. Its purpose is
to expose available cryptographic functions to applications running on a PC. All other
functionality should be implemented in the smart card service provider.
Interfaces are defined in this specification for the following general-purpose cryptographic
services:
• Key generation
• Key management
• Digital signatures
• Hashing (or message digests)
• Bulk encryption services
• Key import and export
To Next Page
Loading...
Need help?
General
