SlideShare une entreprise Scribd logo

JavaCard development Quickstart

Martin Paljak
Martin Paljak

Presentation from FOSDEM 2015 on how to start JavaCard development

Logiciels
1  sur  36
Télécharger pour lire hors ligne
Smart(Java)Card ... What & Why
What - smart card • Tiny PC without Human Interface capabilities • CPU: 16b/32b RISC @ handful of MhZ • Math co-processor: RSA/DES/AES/ECC • RAM: X KB • HDD: XX..XXX KB (EEPROM) • NET: "Ethernet" (contact) or "WiFi" (contactless) • "The size of a Raspberry Pi but with specs worse than XT!"
Application Protocol Data Unit
BIBO Bytes go In & Bytes come Out (request - response)
What - JavaCard • BASIC in BIOS: Java VM • DOS: App(let) manager (GlobalPlatform)
Choose your Weapon • ASM / C (OpenCard* by CryptoExperts) • C (MULTOS) • BASIC (BasicCard by ZeitControl) • Java (JavaCard)
Why - JavaCard • Meaningful abstraction layer! • Commodity platform • Multiple vendors • Multiple applications • "Open platform" - Oracle ... • "Portable" - Java ...
From Academia and Business
 to 
 Open Source Developers
Step 1
 Get the necessary hardware
Open JavaCard • At least 3 online shops in EU (in English) • + Canada, US • Must be OPEN Java Card • No "rooting" yet ;( • Form factor: ID-1 ("credit card") or USB token • From 5€ (Feitian) to 50€ (NXP) • javacard.pro / Google: "JavaCard Buyer's Guide of 2015"
Smart Card Reader • Any* will work (Contact) • Ludovic Rousseau's USB CCID driver (298/323) • Google: "Readers sorted by 'section' field" • Carefully consider contactless • PC/SC is not a hardware standard!
Step 2
 Prepare your tools
1. Normal Java development! • Favourite editor, IDE, compiler • Catch: running requires emulation 2. Conversion into card-loadable format (CAP file) • Against Oracle's JavaCard SDK 3. Loading onto card • Using GlobalPlatform
JavaCard SDK • From Oracle ... • No OpenJavaCardSDK :( • Java components are cross-platform • Suitable max version depends on card version.
ant-javacard • ANT task for turning Java source code into a loadable CAP file • Any platform (Linux, OS X, Windows) • Any version of JavaCard SDK • Simple. Easy to use. Seriously.
Application IDentifier
GlobalPlatform • Every package (CAP file) has an AID • Each applet (class) has an AID • Every on-card entity has an AID • Packages and classes and instances • 5..16 bytes (5+11)
GlobalPlatformPro • Easy to use Java tool to: • LOAD CAP files to the card • INSTALL applets (AID-s) • CREATE applet instances (AID-s) • DELETE applets and packages (AID-s) • Add/change/delete keys • And more ...
Lock/Unlock
$ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|) ! $ gp -lock B4F75CE0A95EA3F86BBD051CB77C0FAE Card locked with: DES3:B4F75CE0A95EA3F86BBD051CB77C0FAE Write this down, DO NOT FORGET/LOSE IT! $ gp -l! openkms.gp.GPException: STRICT WARNING: Card cryptogram invalid! Card: CC73F92AD03A131D Host: A358609D53744EEB !!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!! at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java:156) at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:476) at openkms.gp.GPTool.main(GPTool.java:348) $ gp -key B4F75CE0A95EA3F86BBD051CB77C0FAE -unlock Default DES3:404142434445464748494A4B4C4D4E4F set as master key. $ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|)
Step 4
 Learn, Learn, Learn
Read • JavaCard API Specification • and Runtime Environment • Google: "JavaCard Tutorial" • ISO 7816-4 (and javacard.framework.APDU) • Google: "University Smart Card Paper" • CLA/INS/P1/P2/Lc/Le/SW/0x9000 • ISO 7816/14443, ETSI, BSI, NFC, NIST etc etc • Beware of outdated/wrong/irrelevant information on the web!
ISO 7816-7 (1999) Structured Card Query Language
AppletPlayground • "Ready to eat" dog food from the internet • Almost all open source applets that may do something • Import into Eclipse • Build with ANT (eclipse/cmdline)
Step 5
 Engage with the Community
• Oracle JavaCard Forum / kenai.com: dead • Stack Overflow: "javacard", "globalplatform", "smartcard" tags: some life • OpenSC / pcsc-lite lists: open source but no Java! • GitHub: depends! • IRC: #opensc
javacard.pro

Recommandé

Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java CardJulien SIMON
 
SS7 Vulnerabilities
SS7 VulnerabilitiesSS7 Vulnerabilities
SS7 VulnerabilitiesPositiveTechnologies
 
Java card technology
Java card technologyJava card technology
Java card technologyKeerthi Thomas
 
IPsec vpn
IPsec vpnIPsec vpn
IPsec vpnsharetech
 
Verilog ques
Verilog quesVerilog ques
Verilog quesmrinalmishra21
 
DDR, GDDR, HBM SDRAM Memory
DDR, GDDR, HBM SDRAM MemoryDDR, GDDR, HBM SDRAM Memory
DDR, GDDR, HBM SDRAM MemorySubhajit Sahu
 
Ccnp presentation [Day 1-3] Class
Ccnp presentation [Day 1-3] ClassCcnp presentation [Day 1-3] Class
Ccnp presentation [Day 1-3] ClassSagarR24
 
ASIC
ASICASIC
ASICGourab Palui
 

Recommandé

Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java CardJulien SIMON
 
SS7 Vulnerabilities
SS7 VulnerabilitiesSS7 Vulnerabilities
SS7 VulnerabilitiesPositiveTechnologies
 
Java card technology
Java card technologyJava card technology
Java card technologyKeerthi Thomas
 
IPsec vpn
IPsec vpnIPsec vpn
IPsec vpnsharetech
 
Verilog ques
Verilog quesVerilog ques
Verilog quesmrinalmishra21
 
DDR, GDDR, HBM SDRAM Memory
DDR, GDDR, HBM SDRAM MemoryDDR, GDDR, HBM SDRAM Memory
DDR, GDDR, HBM SDRAM MemorySubhajit Sahu
 
Ccnp presentation [Day 1-3] Class
Ccnp presentation [Day 1-3] ClassCcnp presentation [Day 1-3] Class
Ccnp presentation [Day 1-3] ClassSagarR24
 
ASIC
ASICASIC
ASICGourab Palui
 
CCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingCCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingVuz Dở Hơi
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Andriy Berestovskyy
 
SmartTrust WIB 1.3
SmartTrust WIB 1.3SmartTrust WIB 1.3
SmartTrust WIB 1.3Julien SIMON
 
CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7Nil Menon
 
ARM
ARMARM
ARMPune University
 
DPDK KNI interface
DPDK KNI interfaceDPDK KNI interface
DPDK KNI interfaceDenys Haryachyy
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDKDenys Haryachyy
 
1 Introduction To Premises Cabling System
1 Introduction To Premises Cabling System1 Introduction To Premises Cabling System
1 Introduction To Premises Cabling SystemMrirfan
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
Ccna rse chp6 VLAN
Ccna rse chp6 VLANCcna rse chp6 VLAN
Ccna rse chp6 VLANnewbie2019
 
Pcie basic
Pcie basicPcie basic
Pcie basicSaifuddin Kaijar
 
Low Power Design and Verification
Low Power Design and VerificationLow Power Design and Verification
Low Power Design and VerificationDVClub
 
Computer Security Lecture 4: Block Ciphers and the Data Encryption Standard
Computer Security Lecture 4: Block Ciphers and the Data Encryption StandardComputer Security Lecture 4: Block Ciphers and the Data Encryption Standard
Computer Security Lecture 4: Block Ciphers and the Data Encryption StandardMohamed Loey
 
Fpga Knowledge
Fpga KnowledgeFpga Knowledge
Fpga Knowledgeranvirsingh
 
CCNA 2 Routing and Switching v5.0 Chapter 2
CCNA 2 Routing and Switching v5.0 Chapter 2CCNA 2 Routing and Switching v5.0 Chapter 2
CCNA 2 Routing and Switching v5.0 Chapter 2Nil Menon
 
Vhdl lab manual
Vhdl lab manualVhdl lab manual
Vhdl lab manualMukul Mohal
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network SecurityInformation Technology
 
Chiplets in Data Centers
Chiplets in Data CentersChiplets in Data Centers
Chiplets in Data CentersODSA Workgroup
 
01 nand flash_reliability_notes
01 nand flash_reliability_notes01 nand flash_reliability_notes
01 nand flash_reliability_notesswethamg18
 
Openwrt wireless
Openwrt wirelessOpenwrt wireless
Openwrt wireless晓东 杜
 
OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareMartin Paljak
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaMartin Paljak
 

Contenu connexe

Tendances

CCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingCCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingVuz Dở Hơi
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Andriy Berestovskyy
 
SmartTrust WIB 1.3
SmartTrust WIB 1.3SmartTrust WIB 1.3
SmartTrust WIB 1.3Julien SIMON
 
CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7Nil Menon
 
1 Introduction To Premises Cabling System
1 Introduction To Premises Cabling System1 Introduction To Premises Cabling System
1 Introduction To Premises Cabling SystemMrirfan
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
Ccna rse chp6 VLAN
Ccna rse chp6 VLANCcna rse chp6 VLAN
Ccna rse chp6 VLANnewbie2019
 
Low Power Design and Verification
Low Power Design and VerificationLow Power Design and Verification
Low Power Design and VerificationDVClub
 
Computer Security Lecture 4: Block Ciphers and the Data Encryption Standard
Computer Security Lecture 4: Block Ciphers and the Data Encryption StandardComputer Security Lecture 4: Block Ciphers and the Data Encryption Standard
Computer Security Lecture 4: Block Ciphers and the Data Encryption StandardMohamed Loey
 
CCNA 2 Routing and Switching v5.0 Chapter 2
CCNA 2 Routing and Switching v5.0 Chapter 2CCNA 2 Routing and Switching v5.0 Chapter 2
CCNA 2 Routing and Switching v5.0 Chapter 2Nil Menon
 
Chiplets in Data Centers
Chiplets in Data CentersChiplets in Data Centers
Chiplets in Data CentersODSA Workgroup
 
01 nand flash_reliability_notes
01 nand flash_reliability_notes01 nand flash_reliability_notes
01 nand flash_reliability_notesswethamg18
 
Openwrt wireless
Openwrt wirelessOpenwrt wireless
Openwrt wireless晓东 杜
 

Tendances (20)

CCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingCCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan Routing
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)
 
SmartTrust WIB 1.3
SmartTrust WIB 1.3SmartTrust WIB 1.3
SmartTrust WIB 1.3
 
CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7CCNA 2 Routing and Switching v5.0 Chapter 7
CCNA 2 Routing and Switching v5.0 Chapter 7
 
ARM
ARMARM
ARM
 
DPDK KNI interface
DPDK KNI interfaceDPDK KNI interface
DPDK KNI interface
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
 
1 Introduction To Premises Cabling System
1 Introduction To Premises Cabling System1 Introduction To Premises Cabling System
1 Introduction To Premises Cabling System
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2
 
Ccna rse chp6 VLAN
Ccna rse chp6 VLANCcna rse chp6 VLAN
Ccna rse chp6 VLAN
 
Pcie basic
Pcie basicPcie basic
Pcie basic
 
Low Power Design and Verification
Low Power Design and VerificationLow Power Design and Verification
Low Power Design and Verification
 
Computer Security Lecture 4: Block Ciphers and the Data Encryption Standard
Computer Security Lecture 4: Block Ciphers and the Data Encryption StandardComputer Security Lecture 4: Block Ciphers and the Data Encryption Standard
Computer Security Lecture 4: Block Ciphers and the Data Encryption Standard
 
Fpga Knowledge
Fpga KnowledgeFpga Knowledge
Fpga Knowledge
 
CCNA 2 Routing and Switching v5.0 Chapter 2
CCNA 2 Routing and Switching v5.0 Chapter 2CCNA 2 Routing and Switching v5.0 Chapter 2
CCNA 2 Routing and Switching v5.0 Chapter 2
 
Vhdl lab manual
Vhdl lab manualVhdl lab manual
Vhdl lab manual
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Chiplets in Data Centers
Chiplets in Data CentersChiplets in Data Centers
Chiplets in Data Centers
 
01 nand flash_reliability_notes
01 nand flash_reliability_notes01 nand flash_reliability_notes
01 nand flash_reliability_notes
 
Openwrt wireless
Openwrt wirelessOpenwrt wireless
Openwrt wireless
 

En vedette

OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareMartin Paljak
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaMartin Paljak
 
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM serviceseSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM servicesYiannis Hatzopoulos
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitiesYiannis Hatzopoulos
 

En vedette (8)

OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source software
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardiga
 
OpenDNIe Hackfest
OpenDNIe HackfestOpenDNIe Hackfest
OpenDNIe Hackfest
 
Codebits 2011
Codebits 2011Codebits 2011
Codebits 2011
 
ID-kaardist 100%
ID-kaardist 100%ID-kaardist 100%
ID-kaardist 100%
 
Javacardtech
JavacardtechJavacardtech
Javacardtech
 
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM serviceseSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalities
 

Similaire à JavaCard development Quickstart

jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!Mikhail Dudarev
 
Smart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceSmart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceMartijn Oostdijk
 
ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)家榮 張
 
Getting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitGetting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitSulamita Garcia
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam崇倍 洪
 
Developing a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionDeveloping a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionIntel® Software
 
FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02Libor GECNUK
 
4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdfRynefelElopre2
 
2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT FightBruno Capuano
 
Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Scala Italy
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advancedImran Sheikh
 
Eclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersEclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersMicroEJ
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future KingKapil Sachdeva
 
One library for all Java encryption
One library for all Java encryptionOne library for all Java encryption
One library for all Java encryptionDan Cvrcek
 

Similaire à JavaCard development Quickstart (20)

jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!
 
Smart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceSmart Cards, ePassports, and open source
Smart Cards, ePassports, and open source
 
ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)
 
Getting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitGetting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer Kit
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam
 
Smart logic
Smart logicSmart logic
Smart logic
 
Developing a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionDeveloping a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT Edition
 
Vlsi lab
Vlsi labVlsi lab
Vlsi lab
 
FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02
 
4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf
 
arduino.pdf
arduino.pdfarduino.pdf
arduino.pdf
 
2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight
 
Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64
 
Embedded. What Why How
Embedded. What Why HowEmbedded. What Why How
Embedded. What Why How
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advanced
 
Craneboard
CraneboardCraneboard
Craneboard
 
Eclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersEclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for Microcontrollers
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future King
 
One library for all Java encryption
One library for all Java encryptionOne library for all Java encryption
One library for all Java encryption
 
108week2
108week2108week2
108week2
 

Dernier

UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxAndreas Kunz
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolsosttopstonverter
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxRTS corp
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogueitservices996
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?Alexandre Beguel
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecturerahul_net
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesKrzysztofKkol1
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...OnePlan Solutions
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesVictoriaMetrics
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZABSYZ Inc
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsSafe Software
 
Patterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencePatterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencessuser9e7c64
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 

Dernier (20)

UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration tools
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogue
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecture
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 Updates
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
 
Patterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencePatterns for automating API delivery. API conference
Patterns for automating API delivery. API conference
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 

JavaCard development Quickstart

  • 1.
  • 3. What - smart card • Tiny PC without Human Interface capabilities • CPU: 16b/32b RISC @ handful of MhZ • Math co-processor: RSA/DES/AES/ECC • RAM: X KB • HDD: XX..XXX KB (EEPROM) • NET: "Ethernet" (contact) or "WiFi" (contactless) • "The size of a Raspberry Pi but with specs worse than XT!"
  • 5. BIBO Bytes go In & Bytes come Out (request - response)
  • 6.
  • 7. What - JavaCard • BASIC in BIOS: Java VM • DOS: App(let) manager (GlobalPlatform)
  • 8. Choose your Weapon • ASM / C (OpenCard* by CryptoExperts) • C (MULTOS) • BASIC (BasicCard by ZeitControl) • Java (JavaCard)
  • 9. Why - JavaCard • Meaningful abstraction layer! • Commodity platform • Multiple vendors • Multiple applications • "Open platform" - Oracle ... • "Portable" - Java ...
  • 10. From Academia and Business
 to 
 Open Source Developers
  • 11. Step 1
 Get the necessary hardware
  • 12. Open JavaCard • At least 3 online shops in EU (in English) • + Canada, US • Must be OPEN Java Card • No "rooting" yet ;( • Form factor: ID-1 ("credit card") or USB token • From 5€ (Feitian) to 50€ (NXP) • javacard.pro / Google: "JavaCard Buyer's Guide of 2015"
  • 13.
  • 14.
  • 15. Smart Card Reader • Any* will work (Contact) • Ludovic Rousseau's USB CCID driver (298/323) • Google: "Readers sorted by 'section' field" • Carefully consider contactless • PC/SC is not a hardware standard!
  • 17. 1. Normal Java development! • Favourite editor, IDE, compiler • Catch: running requires emulation 2. Conversion into card-loadable format (CAP file) • Against Oracle's JavaCard SDK 3. Loading onto card • Using GlobalPlatform
  • 18. JavaCard SDK • From Oracle ... • No OpenJavaCardSDK :( • Java components are cross-platform • Suitable max version depends on card version.
  • 19. ant-javacard • ANT task for turning Java source code into a loadable CAP file • Any platform (Linux, OS X, Windows) • Any version of JavaCard SDK • Simple. Easy to use. Seriously.
  • 20.
  • 21.
  • 22.
  • 23.
  • 25. GlobalPlatform • Every package (CAP file) has an AID • Each applet (class) has an AID • Every on-card entity has an AID • Packages and classes and instances • 5..16 bytes (5+11)
  • 26. GlobalPlatformPro • Easy to use Java tool to: • LOAD CAP files to the card • INSTALL applets (AID-s) • CREATE applet instances (AID-s) • DELETE applets and packages (AID-s) • Add/change/delete keys • And more ...
  • 28. $ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|) ! $ gp -lock B4F75CE0A95EA3F86BBD051CB77C0FAE Card locked with: DES3:B4F75CE0A95EA3F86BBD051CB77C0FAE Write this down, DO NOT FORGET/LOSE IT! $ gp -l! openkms.gp.GPException: STRICT WARNING: Card cryptogram invalid! Card: CC73F92AD03A131D Host: A358609D53744EEB !!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!! at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java:156) at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:476) at openkms.gp.GPTool.main(GPTool.java:348) $ gp -key B4F75CE0A95EA3F86BBD051CB77C0FAE -unlock Default DES3:404142434445464748494A4B4C4D4E4F set as master key. $ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|)
  • 30. Read • JavaCard API Specification • and Runtime Environment • Google: "JavaCard Tutorial" • ISO 7816-4 (and javacard.framework.APDU) • Google: "University Smart Card Paper" • CLA/INS/P1/P2/Lc/Le/SW/0x9000 • ISO 7816/14443, ETSI, BSI, NFC, NIST etc etc • Beware of outdated/wrong/irrelevant information on the web!
  • 31. ISO 7816-7 (1999) Structured Card Query Language
  • 32. AppletPlayground • "Ready to eat" dog food from the internet • Almost all open source applets that may do something • Import into Eclipse • Build with ANT (eclipse/cmdline)
  • 33.
  • 34. Step 5
 Engage with the Community
  • 35. • Oracle JavaCard Forum / kenai.com: dead • Stack Overflow: "javacard", "globalplatform", "smartcard" tags: some life • OpenSC / pcsc-lite lists: open source but no Java! • GitHub: depends! • IRC: #opensc