Site Tools


Smart Card Solution

User Manual

JavaCard API Samples

Java Card Specification

Knowledge Sharing


6.2.2 Global Arrays

The global nature of some objects requires that they be accessible from any context. The firewall would ordinarily prevent these objects from being used in a flexible manner. The Java Card VM allows an object to be designated as global.

All global arrays are temporary global array objects. These objects are owned by the Java Card RE context, but can be accessed from any context. However, references to these objects cannot be stored in class variables, instance variables or array components. The Java Card RE detects and restricts attempts to store references to these objects as part of the firewall functionality to prevent unauthorized reuse.

For added security, only arrays can be designated as global and only the Java Card RE itself can designate global arrays. Because applets cannot create them, no API methods are defined. Java Card RE implementers are responsible for implementing the mechanism by which global arrays are designated.

At the time of publication of this specification, the only global arrays required in the Java Card API are the APDU buffer and the byte array input parameter (bArray) to the applet's install method.

Note - Because of the global status of the APDU buffer, the Application Programming Interface, Java Card Platform, Version 2.2.2 specifies that this buffer is cleared to zeroes whenever an applet is selected, before the Java Card RE accepts a new APDU command. This is to prevent an applet's potentially sensitive data from being “leaked” to another applet via the global APDU buffer. The APDU buffer can be accessed from a shared interface object context and is suitable for passing data across different contexts. The applet is responsible for protecting secret data that may be accessed from the APDU buffer.

javacard/jcre/6.2.2_global_arrays.txt · Last modified: 2017/05/13 04:06 (external edit)