Site Tools


Smart Card Solution

User Manual

JavaCard API Samples

Java Card Specification

Knowledge Sharing


7.4 Security Exceptions

Instructions of the Java Card virtual machine throw an instance of the class SecurityException when a security violation has been detected. The Java Card virtual machine does not mandate the complete set of security violations that can or will result in an exception being thrown. However, there is a minimum set that must be supported.

In the general case, any instruction that de-references an object reference must throw a SecurityException if the context ( Section 3.4, Contexts) in which the instruction is executing is different than the owning context ( Section 3.4, Contexts) of the referenced object. The list of instructions includes the instance field get and put instructions, the array load and store instructions, as well as the arraylength, invokeinterface, invokespecial, invokevirtual, checkcast, instanceof and athrow instructions.

There are several exceptions to this general rule that allow cross-context use of objects or arrays. These exceptions are detailed in Chapter 6 of the Runtime Environment Specification for the Java Card Platform, Version 2.2.2. An important detail to note is that any cross-context method invocation will result in a context switch ( Section 3.4, Contexts).

The Java Card virtual machine may also throw a SecurityException if an instruction violates any of the static constraints of Chapter 6, “The CAP File Format”. The Virtual Machine Specification for the Java Card Platform, Version 2.2.2 does not mandate which instructions must implement these additional security checks, or to what level. Therefore, a SecurityException may be thrown at any time during the operation of the Java Card virtual machine.

javacard/jcvm/7.4_security_exceptions.txt · Last modified: 2017/05/13 04:12 (external edit)