Security and Trust Services
`API (SATSA)
`
`for Java™ 2 Platform, Micro Edition
`
`Version 1.0
`
`JSR 177 Expert Group
`jsr-177-comments@jcp.org
`
`Java Community Process (JCP)
`
`Ericsson Ex. 2007, Page 1
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Specification: JSR-177, Security and Trust Services (SATSA), Version 1.0, Specification ("Specification")
`Status: Final Release
`Release: July 28, 2004
`
`Copyright 2004 Sun Microsystems, Inc.
`4150 Network Circle, Santa Clara, California 95054, U.S.A
`All rights reserved.
`
`NOTICE; LIMITED LICENSE GRANTS
`Sun Microsystems, Inc. ("Sun") hereby grants you a fully-paid, non-exclusive, non-transferable, worldwide,
`limited license (without the right to sublicense), under the Sun’s applicable intellectual property rights to view,
`download, use and reproduce the Specification only for the purpose of internal evaluation, which shall be
`understood to include developing applications intended to run on an implementation of the Specification
`provided that such applications do not themselves implement any portion(s) of the Specification.
`
`Sun also grants you a perpetual, non-exclusive, worldwide, fully paid-up, royalty free, limited license (without
`the right to sublicense) under any applicable copyrights or patent rights it may have in the Specification to create
`and/or distribute an Independent Implementation of the Specification that: (i) fully implements the Spec(s)
`including all its required interfaces and functionality; (ii) does not modify, subset, superset or otherwise extend
`the Licensor Name Space, or include any public or protected packages, classes, Java interfaces, fields or
`methods within the Licensor Name Space other than those required/authorized by the Specification or
`Specifications being implemented; and (iii) passes the TCK (including satisfying the requirements of the
`applicable TCK Users Guide) for such Specification. The foregoing license is expressly conditioned on your not
`acting outside its scope. No license is granted hereunder for any other purpose.
`
`You need not include limitations (i)-(iii) from the previous paragraph or any other particular "pass through"
`requirements in any license You grant concerning the use of your Independent Implementation or products
`derived from it. However, except with respect to implementations of the Specification (and products derived
`from them) that satisfy limitations (i)-(iii) from the previous paragraph, You may neither: (a) grant or otherwise
`pass through to your licensees any licenses under Sun’s applicable intellectual property rights; nor (b) authorize
`your licensees to make any claims concerning their implementation’s compliance with the Spec in question.
`
`For the purposes of this Agreement: "Independent Implementation" shall mean an implementation of the
`Specification that neither derives from any of Sun’s source code or binary code materials nor, except with an
`appropriate and separate license from Sun, includes any of Sun’s source code or binary code materials; and
`"Licensor Name Space" shall mean the public class or interface declarations whose names begin with "java",
`"javax", "com.sun" or their equivalents in any subsequent naming convention adopted by Sun through the Java
`Community Process, or any recognized successors or replacements thereof.
`
`This Agreement will terminate immediately without notice from Sun if you fail to comply with any material
`provision of or act outside the scope of the licenses granted above.
`
`TRADEMARKS
`
`ii
`
`Ericsson Ex. 2007, Page 2
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`No right, title, or interest in or to any trademarks, service marks, or trade names of Sun, Sun’s licensors,
`Specification Lead or the Specification Lead’s licensors is granted hereunder. Sun, Sun Microsystems, the Sun
`logo, Java, J2SE, J2EE, J2ME, Java Compatible, the Java Compatible Logo, and the Java Coffee Cup logo are
`trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries.
`
`DISCLAIMER OF WARRANTIES
`THE SPECIFICATION IS PROVIDED "AS IS". SUN MAKES NO REPRESENTATIONS OR
`WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, WARRANTIES
`OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, THAT
`THE CONTENTS OF THE SPECIFICATION ARE SUITABLE FOR ANY PURPOSE OR THAT ANY
`PRACTICE OR IMPLEMENTATION OF SUCH CONTENTS WILL NOT INFRINGE ANY THIRD PARTY
`PATENTS, COPYRIGHTS, TRADE SECRETS OR OTHER RIGHTS. This document does not represent any
`commitment to release or implement any portion of the Specification in any product.
`
`THE SPECIFICATION COULD INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL
`ERRORS. CHANGES ARE PERIODICALLY ADDED TO THE INFORMATION THEREIN; THESE
`CHANGES WILL BE INCORPORATED INTO NEW VERSIONS OF THE SPECIFICATION, IF ANY. SUN
`MAY MAKE IMPROVEMENTS AND/OR CHANGES TO THE PRODUCT(S) AND/OR THE
`PROGRAM(S) DESCRIBED IN THE SPECIFICATION AT ANY TIME. Any use of such changes in the
`Specification will be governed by the then-current license for the applicable version of the Specification.
`
`LIMITATION OF LIABILITY
`TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL SUN OR ITS LICENSORS BE
`LIABLE FOR ANY DAMAGES, INCLUDING WITHOUT LIMITATION, LOST REVENUE, PROFITS OR
`DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES,
`HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF OR
`RELATED TO ANY FURNISHING, PRACTICING, MODIFYING OR ANY USE OF THE
`SPECIFICATION, EVEN IF SUN AND/OR ITS LICENSORS HAVE BEEN ADVISED OF THE
`POSSIBILITY OF SUCH DAMAGES.
`
`You will indemnify, hold harmless, and defend Sun and its licensors from any claims arising or resulting from:
`(i) your use of the Specification; (ii) the use or distribution of your Java application, applet and/or clean room
`implementation; and/or (iii) any claims that later versions or releases of any Specification furnished to you are
`incompatible with the Specification provided to you under this license.
`
`RESTRICTED RIGHTS LEGEND
`U.S. Government: If this Specification is being acquired by or on behalf of the U.S. Government or by a U.S.
`Government prime contractor or subcontractor (at any tier), then the Government’s rights in the Specification
`and accompanying documentation shall be only as set forth in this license; this is in accordance with 48 C.F.R.
`227.7201 through 227.7202-4 (for Department of Defense (DoD) acquisitions) and with 48 C.F.R. 2.101 and
`12.212 (for non-DoD acquisitions).
`
`REPORT
`You may wish to report any ambiguities, inconsistencies or inaccuracies you may find in connection with your
`use of the Specification ("Feedback"). To the extent that you provide Sun with any Feedback, you hereby: (i)
`agree that such Feedback is provided on a non-proprietary and non-confidential basis, and (ii) grant Sun a
`
`iii
`
`Ericsson Ex. 2007, Page 3
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`perpetual, non-exclusive, worldwide, fully paid-up, irrevocable license, with the right to sublicense through
`multiple levels of sublicensees, to incorporate, disclose, and use without limitation the Feedback for any
`purpose related to the Specification and future versions, implementations, and test suites thereof.
`
`GENERAL TERMS
`Any action related to this Agreement will be governed by California law and controlling U.S. federal law. The
`U.N. Convention for the International Sale of Goods and the choice of law rules of any jurisdiction will not
`apply.
`
`The Specification is subject to U.S. export control laws and may be subject to export or import regulations in
`other countries. Licensee agrees to comply strictly with all such laws and regulations and acknowledges that it
`has the responsibility to obtain such licenses to export, re-export or import as may be required after delivery to
`Licensee.
`
`Neither party may assign or otherwise transfer any of its rights or obligations under this Agreement, without the
`prior written consent of the other party, except that Sun may assign this Agreement to an affiliated company.
`
`This Agreement is the parties’ entire agreement relating to its subject matter. It supersedes all prior or
`contemporaneous oral or written communications, proposals, conditions, representations and warranties and
`prevails over any conflicting or additional terms of any quote, order, acknowledgment, or other communication
`between the parties relating to its subject matter during the term of this Agreement. No modification to this
`Agreement will be binding, unless in writing and signed by an authorized representative of each party.
`
`(Sun.CfcsSpec.license.11.14.2003)
`
`iv
`
`Ericsson Ex. 2007, Page 4
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Contents
`
`Preface .......................................................................................................... vii
`1 Overview ......................................................................................................... 1
`2 Package Summary ......................................................................................... 7
`3 java.lang ........................................................................................................ 11
`IllegalStateException ................................................................................................................................ 12
`UnsupportedOperationException .............................................................................................................. 13
`4 java.rmi ......................................................................................................... 15
`Remote ...................................................................................................................................................... 16
`RemoteException ...................................................................................................................................... 17
`5 java.security ................................................................................................. 19
`DigestException ........................................................................................................................................ 21
`GeneralSecurityException ........................................................................................................................ 22
`InvalidAlgorithmParameterException ...................................................................................................... 23
`InvalidKeyException ................................................................................................................................ 24
`Key ............................................................................................................................................................ 25
`KeyException ............................................................................................................................................ 27
`KeyFactory ................................................................................................................................................ 28
`MessageDigest .......................................................................................................................................... 30
`NoSuchAlgorithmException ..................................................................................................................... 32
`PublicKey .................................................................................................................................................. 33
`Signature ................................................................................................................................................... 34
`SignatureException ................................................................................................................................... 36
`6 java.security.spec ......................................................................................... 37
`AlgorithmParameterSpec .......................................................................................................................... 38
`EncodedKeySpec ...................................................................................................................................... 39
`InvalidKeySpecException ......................................................................................................................... 41
`KeySpec .................................................................................................................................................... 42
`X509EncodedKeySpec ............................................................................................................................. 43
`7 javacard.framework .................................................................................... 45
`APDUException ........................................................................................................................................ 46
`CardException ........................................................................................................................................... 49
`CardRuntimeException ............................................................................................................................. 51
`ISOException ............................................................................................................................................ 53
`PINException ............................................................................................................................................ 54
`SystemException ....................................................................................................................................... 56
`TransactionException ................................................................................................................................ 59
`UserException ........................................................................................................................................... 61
`8 javacard.framework.service ....................................................................... 63
`ServiceException ...................................................................................................................................... 64
`9 javacard.security .......................................................................................... 67
`CryptoException ....................................................................................................................................... 68
`
`v
`
`Ericsson Ex. 2007, Page 5
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Contents
`
`10 javax.crypto .................................................................................................. 71
`BadPaddingException ............................................................................................................................... 72
`Cipher ........................................................................................................................................................ 73
`IllegalBlockSizeException ........................................................................................................................ 78
`NoSuchPaddingException ........................................................................................................................ 79
`ShortBufferException ............................................................................................................................... 80
`11 javax.crypto.spec .......................................................................................... 81
`IvParameterSpec ....................................................................................................................................... 82
`SecretKeySpec .......................................................................................................................................... 83
`12 javax.microedition.apdu .............................................................................. 85
`APDUConnection ..................................................................................................................................... 86
`13 javax.microedition.io ................................................................................... 97
`Connector .................................................................................................................................................. 99
`14 javax.microedition.jcrmi ........................................................................... 105
`JavaCardRMIConnection ........................................................................................................................ 106
`RemoteRef .............................................................................................................................................. 112
`RemoteStub ............................................................................................................................................. 114
`15 javax.microedition.pki ............................................................................... 117
`UserCredentialManager .......................................................................................................................... 118
`UserCredentialManagerException .......................................................................................................... 126
`16 javax.microedition.securityservice ........................................................... 129
`CMSMessageSignatureService ............................................................................................................... 130
`CMSMessageSignatureServiceException ............................................................................................... 138
`17 Constant Field Values ................................................................................ 141
`A Recommended Security Element Access Control ................................... 147
`B Security Permissions .................................................................................. 157
`C Java Card RMI Client API ....................................................................... 161
`D WIM Recommended Practice ................................................................... 167
`E Recommended Algorithms for the SATSA-CRYPTO Optional Package ...
`171
`F Use Case Scenarios .................................................................................... 173
`Almanac ...................................................................................................... 183
`Index ........................................................................................................... 195
`
`vi
`
`Ericsson Ex. 2007, Page 6
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Preface
`
`This book describes the Security and Trust Services API for the Java™ 2 Platform, Micro Edition (J2ME™).
`
`Revision History
`
`Draft
`
`Final
`Specification
`
`Proposed
`Final Draft
`submitted
`for the FAB
`
`Proposed
`Final Draft
`
`0.23
`
`0.22
`
`0.21
`
`0.20
`
`0.19
`
`0.18
`
`0.17
`
`0.16
`
`0.15
`
`Comments
`
`Date
`
`7/17/04
`
`5/21/04
`
`Minor clarifications
`
`4/23/04
`
`Incorporated comments to draft 0.23.
`
`4/4/04
`
`3/12/04
`
`1/23/04
`
`10/21/03
`
`Updates from copy edit pass.
`
`Updates based on public review and TCK comments.
`
`Updates based on editorial public review comments.
`
`Public Review final edits. Added clarification of permission
`domain mechanism.
`
`10/17/2003
`
`Public Review copy edits.
`
`10/10/2003
`
`Incorporated the comments to draft 0.17.
`
`9/26/2003
`
`Added use cases and recommended algorithm appendices.
`Corrected SecretKeySpec and Signature.verify.
`Restored accessor methods to crypto spec interfaces. Updated
`APDU URL syntax for target=SAT. Many exceptions and
`PIN operations clarified. Clarifications for x.509 version 3
`certificates and PKCS#1 version 2.0 data structures. Added
`reason codes for missing certificates and no keys available.
`Clarified WIMM SE selection by tokenInfo.label.
`
`7/11/2003
`
`Added SATSA-CRYPTO optional package.
`
`6/20/2003
`
`Updates from copy edit pass. Added PIN clarifications. Added
`UnsupportedOperationExceptions. Added
`clarifications about multiple valid certificates requiring user
`selection.
`
`vii
`
`Ericsson Ex. 2007, Page 7
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Preface
`Who Should Use This Book
`
`Draft
`
`0.14
`
`Date
`
`6/1/2003
`
`Comments
`
`Added security section to overview. Generated fully qualified
`references to java.io and java.lang interfaces. Updated
`PIN interfaces. Updated Access Control appendix.
`
`0.13
`
`0.12
`
`5/16/2003
`
`Clarification of JCRMI stub usage of RemoteExceptions
`
`5/9/2003
`
`Clarification about CLDC 1.0 Connector class. Clarifications
`about JCRMI exceptions and channel 0 behavior. Updated
`reference for PKI Path.
`
`0.11
`
`5/2/2003
`
`0.10
`
`4/18/2003
`
`0.9
`
`4/3/2003
`
`3/25/2003
`
`3/21/2003
`
`3/14/2003
`
`2/21/2003
`
`0.8
`
`0.7
`
`0.6
`
`0.5
`
`0.4
`
`0.3
`
`0.2
`
`0.1
`
`Updates for Remote references. Moved USIM appendix into
`APDUConnection. Added reason code to PKI exception
`constructors. Added signing exception to generateCSR.
`Added WIM recommended practice appendix. Added the
`JCRMI access control information in Appendix A. Added
`optional package descriptions in the Overview chapter.
`
`Added optional package definitions; moving GCF protocol
`handlers to separate Java packages. Moved Java CardTM RMI
`stub generation to an appendix. Updated addCredential
`method to require a PKI path.
`
`Community review copy edits. Incorporated the comments to
`draft 0.8. The four proposals for the support for the (U)SIM
`Application Toolkit (Appendix B) have been reduced to one.
`Changes were also made to the javax.microedition.io
`package for the slots naming convention.
`
`Community review draft copy edit updates. Incorporated the
`comments to draft 0.7.
`
`Incorporated the comments to draft 0.6. Added MIDP 2.0
`Permissions appendix.
`
`Revision to Recommended Practices appendix. Added Support
`For (U)SIM Application Toolkit appendix. Added channel
`management procedure and enterPin method to
`APDUConnection interface.
`
`Revision to Recommended Practices appendix. The names of
`the BaseStub and RMIReference classes have changed to
`RemoteStub and RemoteRef respectively. The name of the
`BaseStub.setRemoteReference method has changed to
`RemoteStub.setRef(RemoteRef ref).
`
`2/7/2003
`
`Added Recommended Practices appendix.
`
`1/31/2003
`
`Added Smart Card Communications chapter.
`
`1/24/2003
`
`Added API to draft specification.
`
`1/17/2003
`
`Initial draft.
`
`Who Should Use This Book
`
`This book is intended primarily for:
`• The Java Community ProcessSM (JCPSM) expert group defining the API
`
`viii
`
`Ericsson Ex. 2007, Page 8
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Preface
`How this Specification is Organized
`
`• Implementors of the API
`
`• Application developers targeting the API
`
`How this Specification is Organized
`
`Chapter 1: Overview, defines the goals, scope, and specification requirements.
`
`Chapter 2: Package Summary, provides a summary of the packages in the four optional packages SATSA-
`APDU, SATSA-JCRMI, SATSA-PKI and SATSA-CRYPTO defined in this specification.
`Chapter 3-17: JavadocTM API documentation.
`Appendix A: Recommended Security Element Access Control, provides a recommended access control model
`that allows a security element to protect the usage of its resources.
`Appendix B: Security Permissions, defines the permissions to protect access to the API in the SATSA-APDU,
`SATSA-JCRMI, and SATSA-PKI optional packages.
`Appendix C: Java Card RMI Client API, describes the client side communication to the card application and the
`stubs that must be generated to handle synchronization and marshalling of parameters and return values.
`Appendix D: WIM Recommended Practice, describes the implementation instructions for mapping the features
`into a WIM security element.
`Appendix E: Recommended Algorithms for the SATSA-CRYPTO Optional package, describes the recommended
`algorithms, algorithm modes, and padding schemes that an implementation of the SATSA-CRYPTO optional
`package should support.
`Appendix F: Use Case Scenarios, provides a collection of use case scenarios that illustrate how the APIs
`defined in this specification can be usefully applied.
`
`Acronyms Used in This Specification
`
`The following acronyms are used in this Specification.
`
`Acronym
`(U) SAT
`3G
`ACE
`ACF
`ACIE
`ACL
`AID
`ASN.1
`AODF
`APDU
`ATR
`CA
`CDF
`
`Term
`Universal SIM Application Toolkist
`Third Generation
`Access Control Entry
`Access Control File
`Access Control Index Entry
`Access Control List
`Application Identifier
`Abstract Syntax Notation One
`Authentication Object Directory File
`Application Protocol Data Unit
`Answer to Reset
`Certificate Authority
`Certificate Directory File
`
`ix
`
`Ericsson Ex. 2007, Page 9
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Preface
`References
`
`Acronym
`CDMA
`CHV
`CDC
`CLDC
`CMS
`CPS
`DER
`DF
`EF
`FP
`GCF
`GSM
`ISO
`J2ME
`JCE
`JCRE
`JCRMI
`JSR
`MF
`MIDP
`OID
`PKI
`RMI
`RUIM
`SAT
`SATSA
`SE
`SHA
`SIM
`TLS
`UICC
`UMTS
`URI
`URL
`WAP
`WIM
`
`References
`
`Term
`Code Division Multiple Access
`Card Holder Verification
`Connected Device Configuration
`Connected Limited Device Configuration
`Cryptographic Message Syntax
`Certification Practice Statement
`Distinguished Encoding Rules
`Dedicated File
`Elementary File
`Foundation Profile
`Generic Connection Framework
`Global System for Mobile Communications
`International Standards Organization
`Java 2, Micro Edition
`Java Cryptography Extension
`Java Card Runtime Environment
`Java Card Remote Method Invocation
`JavaTM Specification Request
`Master File
`Mobile Information Device Profile
`Object Identifier
`Public Key Infrastructure
`Remote Method Invocation
`Removable User Identity Module
`SIM Application Toolkit
`Security and Trust Services API
`Security Element
`Secure Hash Algorithm
`Subscriber Identity Module
`Transport Layer Security
`Universal Integrated Circuit Card
`Universal Mobile Telecommunication System
`Universal Resource Identifier
`Universal Resource Locator
`Wireless Application Protocol
`Wireless Identity Module
`
`Connected, Limited Device Configuration (CLDC), Version 1.0
`
`• http://jcp.org/aboutJava/communityprocess/final/jsr030/index.html
`
`x
`
`Ericsson Ex. 2007, Page 10
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Preface
`Related Documentation
`
`• http://java.sun.com/products/cldc
`
`Mobile Information Device Profile (MIDP), Version 2.0
`
`• http://jcp.org/aboutJava/communityprocess/final/jsr118/index.html
`
`• http://java.sun.com/products/midp
`
`Connected Device Configuration (CDC), Version 1.0
`
`• http://jcp.org/aboutJava/communityprocess/final/jsr036/index.html
`
`• http://java.sun.com/products/cdc
`
`Foundation Profile (FP), Version 1.0
`
`• http://jcp.org/aboutJava/communityprocess/final/jsr046/index.html
`
`• http://java.sun.com/products/foundation
`
`ISO-7816 specifications
`
`GSM/3GPP specification for SIM card
`
`3GPP specification for the USIM card
`
`3GPP2 specification for the RUIM card
`
`Wireless Identity Module Specification
`
`• http://www.openmobilealliance.org/tech/affiliates/wap/wapindex.html
`
`Cryptographic Message Syntax (CMS)
`
`• http://www.ietf.org/rfc/rfc2630.txt
`
`Java Card™ 2.2 Platform Specification
`
`• http://java.sun.com/products/javacard/specs.html
`
`Abstract Syntax Notation One (ASN.1)
`
`• http://www.itu.int/ITU-T/studygroups/com17/languages
`
`Distinguished Encoding Rules (DER)
`
`• http://www.itu.int/ITU-T/studygroups/com17/languages
`JavaTM Cryptography Architecture API Specification & Reference
`• http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html
`JavaTM Cryptography Extension (JCE) Reference Guide
`• http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html
`
`PKCS #1: RSA Cryptography Specification Version 2.0
`• http://www.ietf.org/rfc/rfc2437.txt
`
`Related Documentation
`
`The Java™ Language Specification by James Gosling, Bill Joy, and Guy L. Steele (Addison-Wesley, 1996),
`ISBN 0-201-63451-1
`
`The Java™ Virtual Machine Specification (Java Series), Second Edition by Tim Lindholm and Frank Yellin
`(Addison-Wesley, 1999), ISBN 0-201-43294-3
`
`xi
`
`Ericsson Ex. 2007, Page 11
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Preface
`JSR 177 Expert Group
`
`JSR 177 Expert Group
`
`• Betrusted
`
`• Cingular Wireless
`
`• Gemplus Corporation
`
`• Hutchison 3G UK Limited
`
`• J-Phone Co., Ltd.
`
`• KDDI Corporation
`
`• Motorola
`
`• NTT DoCoMo, Inc.
`
`• Nokia Corporation
`
`• Oberthur Card Systems
`
`• Orange PCS
`
`• Research In Motion, LTD (RIM)
`
`• Siemens AG
`
`• Sony Ericsson Mobile Communications AB
`
`• Sun Microsystems, Inc.
`
`• Telefónica Móviles España
`
`• VeriSign, Inc.
`
`• Vodafone Group PCL
`
`Document Conventions
`
`This document uses definitions based on those specified in RFC 2119 (http://www.ietf.org/rfc/
`rfc2119.txt).
`
`Term
`
`MUST
`
`MUST NOT
`
`SHOULD
`
`SHOULD NOT
`
`Definition
`
`The associated definition is an absolute requirement of this specification.
`
`The definition is an absolute prohibition of this specification.
`
`Indicates a recommended practice. There may exist valid reasons in particular circumstances
`to ignore this recommendation, but the full implications must be understood and carefully
`weighed before choosing a different course.
`
`Indicates a non-recommended practice. There may exist valid reasons in particular
`circumstances when the particular behavior is acceptable or even useful, but the full
`implications should be understood and the case carefully weighed before implementing any
`behavior described with this label.
`
`MAY
`
`Indicates that an item is truly optional.
`
`xii
`
`Ericsson Ex. 2007, Page 12
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Typographic Conventions
`
`Preface
`Typographic Conventions
`
`Typeface
`
`Meaning
`
`AaBbCc123
`
`The names of commands, files, and directories;
`on-screen computer output.
`
`Examples
`
`Edit your .login file.
`Use ls -a to list all files.%
`%You have mail.
`
`AaBbCc123
`
`AaBbCc123
`
`What you type, when contrasted with on-screen
`computer output.
`
`% su
`%Password:
`
`Book titles, new words or terms, words to be
`emphasized.
`Command-line variable; replace with a real name
`or value.
`
`Read Chapter 6 in the User's Guide.
`These are called class options.
`You must be superuser to do this.
`To delete a file, enter rm filename.
`
`JSR 177 Welcomes Your Comments
`
`We are interested in improving our documentation and welcome your comments and suggestions. You can
`email your comments to us at:
`
`jsr-177-comments@jcp.org
`
`xiii
`
`Ericsson Ex. 2007, Page 13
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`Preface
`JSR 177 Welcomes Your Comments
`
`xiv
`
`Ericsson Ex. 2007, Page 14
`TCL et al. v Ericsson
`IPR2015-01605
`
`

`
`C H A P T E R 1
`
`Overview
`
`The Security and Trust Services API specification defines optional packages1 for the JavaTM 2 Platform, Micro
`Edition (J2METM). The specification has been produced in response to Java Specification Request 177 (JSR-
`177). The purpose of this JSR is to specify a collection of APIs that provides security and trust services by
`integrating a Security Element (SE). A SE, a component in a J2ME device, provides the following benefits:
`
`• Secure storage to protect sensitive data, such as the user’s private keys, public key (root) certificates, service
`credentials, personal information, and so on.
`
`• Cryptographic operations to support payment protocols, data integrity, and data confidentiality.
`
`• A secure execution environment to deploy custom security features. J2ME applications would rely on these
`features to handle many value-added services, such as user identification and authentication, banking,
`payment, loyalty applications, and so on.
`
`A SE can be in a variety of forms. Smart cards are commonly used to implement a SE. They are widely
`deployed in wireless phones, such as SIM cards in GSM phones, UICC cards in 3G phones, and RUIM cards in
`CDMA phones. For example, in GSM networks, the network operator enters the network authentication data on
`the smart card, as well as the subscriber's personal information, such as the address book. When the subscriber
`inserts the smart card into a mobile handset, the handset is enabled to work on the operator’s network. In
`addition to a smart card-based implementation, a SE can also be implemented by a handset itself. Such
`implementation may utilize, for example, embedded chips or special security features of the hardware.
`Alternatively, a SE may be entirely implemented in software. This specification does not exclude any of the
`possible implementations of a SE even though some of the packages are optimized for smart card
`implementation.
`
`1.1 Scope
`
`SEs can have diverse software and hardware characteristics. Rather than attempt to address each possible type
`of SE and its capabilities, this specification considers the API functions based on the following criteria:
`
`• Size requirements for resource-constrained consumer devices
`
`• Breadth of usage of the SE
`
`• Flexibility and extensibility of the API
`
`1. The definition and usage of a J2ME optional package is defined in JSR-68, J2ME Platform Specification.
`
`1
`
`Ericsson Ex. 2007, Pa