We are developing a JavaCard based data protection application. Our goal is to allow the client code to interact with the GlobaPlatform 2.2+-based JavaCard applet to convince itself that it is actually talking to a specific (and verifiable) version of the JavaCard applet that it needs to talk to. In other words, we are looking for a "platform integrity" mechanism to make sure that the JavaCard applet code has not been replaced / changed by "insiders" (for example, even with us who developed the applet).
At first, we hoped to use the installation mechanism as described in the GP specification, but we were told that this does not apply.
So, is there a way for client code to request a card for authenticity (for example, a simple hash) from the applet database (i.e. the installed .cap file) without having to request and trust the JavaCard applet itself?
source share