SlideShare una empresa de Scribd logo
1 de 36
Descargar para leer sin conexión
Smart(Java)Card
...
What & Why
What - smart card
• Tiny PC without Human Interface capabilities
• CPU: 16b/32b RISC @ handful of MhZ
• Math co-processor: RSA/DES/AES/ECC
• RAM: X KB
• HDD: XX..XXX KB (EEPROM)
• NET: "Ethernet" (contact) or "WiFi" (contactless)
• "The size of a Raspberry Pi but with specs worse than XT!"
Application Protocol Data Unit
BIBO
Bytes go In & Bytes come Out
(request - response)
What - JavaCard
• BASIC in BIOS: Java VM
• DOS: App(let) manager (GlobalPlatform)
Choose your Weapon
• ASM / C (OpenCard* by CryptoExperts)
• C (MULTOS)
• BASIC (BasicCard by ZeitControl)
• Java (JavaCard)
Why - JavaCard
• Meaningful abstraction layer!
• Commodity platform
• Multiple vendors
• Multiple applications
• "Open platform" - Oracle ...
• "Portable" - Java ...
From Academia and Business

to 

Open Source Developers
Step 1

Get the necessary hardware
Open JavaCard
• At least 3 online shops in EU (in English)
• + Canada, US
• Must be OPEN Java Card
• No "rooting" yet ;(
• Form factor: ID-1 ("credit card") or USB token
• From 5€ (Feitian) to 50€ (NXP)
• javacard.pro / Google:
"JavaCard Buyer's Guide of 2015"
Smart Card Reader
• Any* will work (Contact)
• Ludovic Rousseau's USB CCID driver (298/323)
• Google: "Readers sorted by 'section' field"
• Carefully consider contactless
• PC/SC is not a hardware standard!
Step 2

Prepare your tools
1. Normal Java development!
• Favourite editor, IDE, compiler
• Catch: running requires emulation
2. Conversion into card-loadable format (CAP file)
• Against Oracle's JavaCard SDK
3. Loading onto card
• Using GlobalPlatform
JavaCard SDK
• From Oracle ...
• No OpenJavaCardSDK :(
• Java components are cross-platform
• Suitable max version depends on card version.
ant-javacard
• ANT task for turning Java source code into a
loadable CAP file
• Any platform (Linux, OS X, Windows)
• Any version of JavaCard SDK
• Simple. Easy to use. Seriously.
Application IDentifier
GlobalPlatform
• Every package (CAP file) has an AID
• Each applet (class) has an AID
• Every on-card entity has an AID
• Packages and classes and instances
• 5..16 bytes (5+11)
GlobalPlatformPro
• Easy to use Java tool to:
• LOAD CAP files to the card
• INSTALL applets (AID-s)
• CREATE applet instances (AID-s)
• DELETE applets and packages (AID-s)
• Add/change/delete keys
• And more ...
Lock/Unlock
$ gp -l!
AID: A000000003000000 (|........|)
ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management
!
AID: A0000000035350 (|.....SP|)
ExM LOADED: (none)
A000000003535041 (|.....SPA|)
!
$ gp -lock B4F75CE0A95EA3F86BBD051CB77C0FAE
Card locked with: DES3:B4F75CE0A95EA3F86BBD051CB77C0FAE
Write this down, DO NOT FORGET/LOSE IT!
$ gp -l!
openkms.gp.GPException: STRICT WARNING: Card cryptogram invalid!
Card: CC73F92AD03A131D
Host: A358609D53744EEB
!!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!!
at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java:156)
at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:476)
at openkms.gp.GPTool.main(GPTool.java:348)
$ gp -key B4F75CE0A95EA3F86BBD051CB77C0FAE -unlock
Default DES3:404142434445464748494A4B4C4D4E4F set as master key.
$ gp -l!
AID: A000000003000000 (|........|)
ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management
!
AID: A0000000035350 (|.....SP|)
ExM LOADED: (none)
A000000003535041 (|.....SPA|)
Step 4

Learn, Learn, Learn
Read
• JavaCard API Specification
• and Runtime Environment
• Google: "JavaCard Tutorial"
• ISO 7816-4 (and javacard.framework.APDU)
• Google: "University Smart Card Paper"
• CLA/INS/P1/P2/Lc/Le/SW/0x9000
• ISO 7816/14443, ETSI, BSI, NFC, NIST etc etc
• Beware of outdated/wrong/irrelevant information on the web!
ISO 7816-7 (1999)
Structured Card Query Language
AppletPlayground
• "Ready to eat" dog food from the internet
• Almost all open source applets that may do
something
• Import into Eclipse
• Build with ANT (eclipse/cmdline)
Step 5

Engage with the Community
• Oracle JavaCard Forum / kenai.com: dead
• Stack Overflow: "javacard", "globalplatform",
"smartcard" tags: some life
• OpenSC / pcsc-lite lists: open source but no Java!
• GitHub: depends!
• IRC: #opensc
javacard.pro

Más contenido relacionado

La actualidad más candente

Introduction to Raspberrypi
Introduction to  RaspberrypiIntroduction to  Raspberrypi
Introduction to RaspberrypiIheb Ben Salem
 
Cyber Security - Unit - 1 - Systems Vulnerability Scanning Overview of Vulner...
Cyber Security - Unit - 1 - Systems Vulnerability Scanning Overview of Vulner...Cyber Security - Unit - 1 - Systems Vulnerability Scanning Overview of Vulner...
Cyber Security - Unit - 1 - Systems Vulnerability Scanning Overview of Vulner...Gyanmanjari Institute Of Technology
 
KazHackStan Doing The IoT Penetration Testing - Yogesh Ojha
KazHackStan Doing The IoT Penetration Testing - Yogesh OjhaKazHackStan Doing The IoT Penetration Testing - Yogesh Ojha
KazHackStan Doing The IoT Penetration Testing - Yogesh OjhaYogesh Ojha
 
ESP32 IoT presentation @ dev.bg
ESP32 IoT presentation @ dev.bgESP32 IoT presentation @ dev.bg
ESP32 IoT presentation @ dev.bgMartin Harizanov
 
Android security
Android securityAndroid security
Android securityMobile Rtpl
 
Difference between soc and single board computer ppt1
Difference between soc and single board computer ppt1Difference between soc and single board computer ppt1
Difference between soc and single board computer ppt1Edgefxkits & Solutions
 
3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor Authentication3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor AuthenticationFortytwo
 
Introduction To Raspberry Pi with Simple GPIO pin Control
Introduction To Raspberry Pi with Simple GPIO pin ControlIntroduction To Raspberry Pi with Simple GPIO pin Control
Introduction To Raspberry Pi with Simple GPIO pin ControlPradip Bhandari
 
4. Internet of Things - Reference Model and Architecture
4. Internet of Things - Reference Model and Architecture4. Internet of Things - Reference Model and Architecture
4. Internet of Things - Reference Model and ArchitectureJitendra Tomar
 
Android Security
Android SecurityAndroid Security
Android SecurityArqum Ahmad
 
embedded systems architecture, programming and design raj kamal.pdf
embedded systems architecture, programming and design raj kamal.pdfembedded systems architecture, programming and design raj kamal.pdf
embedded systems architecture, programming and design raj kamal.pdfMolalegnBezie
 
Language for Embedded System
Language for Embedded System Language for Embedded System
Language for Embedded System vkrhanjeeth .
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Nodemcu - introduction
Nodemcu - introductionNodemcu - introduction
Nodemcu - introductionMichal Sedlak
 

La actualidad más candente (20)

Introduction to Raspberrypi
Introduction to  RaspberrypiIntroduction to  Raspberrypi
Introduction to Raspberrypi
 
Cyber Security - Unit - 1 - Systems Vulnerability Scanning Overview of Vulner...
Cyber Security - Unit - 1 - Systems Vulnerability Scanning Overview of Vulner...Cyber Security - Unit - 1 - Systems Vulnerability Scanning Overview of Vulner...
Cyber Security - Unit - 1 - Systems Vulnerability Scanning Overview of Vulner...
 
KazHackStan Doing The IoT Penetration Testing - Yogesh Ojha
KazHackStan Doing The IoT Penetration Testing - Yogesh OjhaKazHackStan Doing The IoT Penetration Testing - Yogesh Ojha
KazHackStan Doing The IoT Penetration Testing - Yogesh Ojha
 
Ch 4 Emergence of IoT.pdf
Ch 4 Emergence of IoT.pdfCh 4 Emergence of IoT.pdf
Ch 4 Emergence of IoT.pdf
 
ESP32 IoT presentation @ dev.bg
ESP32 IoT presentation @ dev.bgESP32 IoT presentation @ dev.bg
ESP32 IoT presentation @ dev.bg
 
Android security
Android securityAndroid security
Android security
 
8 bit microcontroller
8 bit microcontroller8 bit microcontroller
8 bit microcontroller
 
Raspberry pi
Raspberry piRaspberry pi
Raspberry pi
 
Difference between soc and single board computer ppt1
Difference between soc and single board computer ppt1Difference between soc and single board computer ppt1
Difference between soc and single board computer ppt1
 
3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor Authentication3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor Authentication
 
Introduction To Raspberry Pi with Simple GPIO pin Control
Introduction To Raspberry Pi with Simple GPIO pin ControlIntroduction To Raspberry Pi with Simple GPIO pin Control
Introduction To Raspberry Pi with Simple GPIO pin Control
 
4. Internet of Things - Reference Model and Architecture
4. Internet of Things - Reference Model and Architecture4. Internet of Things - Reference Model and Architecture
4. Internet of Things - Reference Model and Architecture
 
Android Security
Android SecurityAndroid Security
Android Security
 
Interrupts
InterruptsInterrupts
Interrupts
 
embedded systems architecture, programming and design raj kamal.pdf
embedded systems architecture, programming and design raj kamal.pdfembedded systems architecture, programming and design raj kamal.pdf
embedded systems architecture, programming and design raj kamal.pdf
 
Language for Embedded System
Language for Embedded System Language for Embedded System
Language for Embedded System
 
RFID Application
RFID ApplicationRFID Application
RFID Application
 
Iot Security
Iot SecurityIot Security
Iot Security
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Nodemcu - introduction
Nodemcu - introductionNodemcu - introduction
Nodemcu - introduction
 

Destacado

OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareMartin Paljak
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaMartin Paljak
 
Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java CardJulien SIMON
 
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM serviceseSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM servicesYiannis Hatzopoulos
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitiesYiannis Hatzopoulos
 

Destacado (9)

OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source software
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardiga
 
OpenDNIe Hackfest
OpenDNIe HackfestOpenDNIe Hackfest
OpenDNIe Hackfest
 
Codebits 2011
Codebits 2011Codebits 2011
Codebits 2011
 
ID-kaardist 100%
ID-kaardist 100%ID-kaardist 100%
ID-kaardist 100%
 
Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java Card
 
Javacardtech
JavacardtechJavacardtech
Javacardtech
 
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM serviceseSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalities
 

Similar a JavaCard development Quickstart

jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!Mikhail Dudarev
 
Smart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceSmart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceMartijn Oostdijk
 
ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)家榮 張
 
Getting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitGetting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitSulamita Garcia
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam崇倍 洪
 
Developing a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionDeveloping a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionIntel® Software
 
FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02Libor GECNUK
 
4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdfRynefelElopre2
 
2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT FightBruno Capuano
 
Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Scala Italy
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advancedImran Sheikh
 
Eclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersEclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersMicroEJ
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future KingKapil Sachdeva
 
One library for all Java encryption
One library for all Java encryptionOne library for all Java encryption
One library for all Java encryptionDan Cvrcek
 

Similar a JavaCard development Quickstart (20)

jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!
 
Smart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceSmart Cards, ePassports, and open source
Smart Cards, ePassports, and open source
 
ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)
 
Getting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitGetting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer Kit
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam
 
Smart logic
Smart logicSmart logic
Smart logic
 
Developing a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionDeveloping a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT Edition
 
Vlsi lab
Vlsi labVlsi lab
Vlsi lab
 
FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02
 
4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf
 
arduino.pdf
arduino.pdfarduino.pdf
arduino.pdf
 
2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight
 
Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64
 
Embedded. What Why How
Embedded. What Why HowEmbedded. What Why How
Embedded. What Why How
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advanced
 
Craneboard
CraneboardCraneboard
Craneboard
 
Eclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersEclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for Microcontrollers
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future King
 
One library for all Java encryption
One library for all Java encryptionOne library for all Java encryption
One library for all Java encryption
 
108week2
108week2108week2
108week2
 

Último

Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecturerahul_net
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commercemanigoyal112
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...Akihiro Suda
 

Último (20)

Advantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your BusinessAdvantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your Business
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecture
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commerce
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
 

JavaCard development Quickstart

  • 1.
  • 3. What - smart card • Tiny PC without Human Interface capabilities • CPU: 16b/32b RISC @ handful of MhZ • Math co-processor: RSA/DES/AES/ECC • RAM: X KB • HDD: XX..XXX KB (EEPROM) • NET: "Ethernet" (contact) or "WiFi" (contactless) • "The size of a Raspberry Pi but with specs worse than XT!"
  • 5. BIBO Bytes go In & Bytes come Out (request - response)
  • 6.
  • 7. What - JavaCard • BASIC in BIOS: Java VM • DOS: App(let) manager (GlobalPlatform)
  • 8. Choose your Weapon • ASM / C (OpenCard* by CryptoExperts) • C (MULTOS) • BASIC (BasicCard by ZeitControl) • Java (JavaCard)
  • 9. Why - JavaCard • Meaningful abstraction layer! • Commodity platform • Multiple vendors • Multiple applications • "Open platform" - Oracle ... • "Portable" - Java ...
  • 10. From Academia and Business
 to 
 Open Source Developers
  • 11. Step 1
 Get the necessary hardware
  • 12. Open JavaCard • At least 3 online shops in EU (in English) • + Canada, US • Must be OPEN Java Card • No "rooting" yet ;( • Form factor: ID-1 ("credit card") or USB token • From 5€ (Feitian) to 50€ (NXP) • javacard.pro / Google: "JavaCard Buyer's Guide of 2015"
  • 13.
  • 14.
  • 15. Smart Card Reader • Any* will work (Contact) • Ludovic Rousseau's USB CCID driver (298/323) • Google: "Readers sorted by 'section' field" • Carefully consider contactless • PC/SC is not a hardware standard!
  • 17. 1. Normal Java development! • Favourite editor, IDE, compiler • Catch: running requires emulation 2. Conversion into card-loadable format (CAP file) • Against Oracle's JavaCard SDK 3. Loading onto card • Using GlobalPlatform
  • 18. JavaCard SDK • From Oracle ... • No OpenJavaCardSDK :( • Java components are cross-platform • Suitable max version depends on card version.
  • 19. ant-javacard • ANT task for turning Java source code into a loadable CAP file • Any platform (Linux, OS X, Windows) • Any version of JavaCard SDK • Simple. Easy to use. Seriously.
  • 20.
  • 21.
  • 22.
  • 23.
  • 25. GlobalPlatform • Every package (CAP file) has an AID • Each applet (class) has an AID • Every on-card entity has an AID • Packages and classes and instances • 5..16 bytes (5+11)
  • 26. GlobalPlatformPro • Easy to use Java tool to: • LOAD CAP files to the card • INSTALL applets (AID-s) • CREATE applet instances (AID-s) • DELETE applets and packages (AID-s) • Add/change/delete keys • And more ...
  • 28. $ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|) ! $ gp -lock B4F75CE0A95EA3F86BBD051CB77C0FAE Card locked with: DES3:B4F75CE0A95EA3F86BBD051CB77C0FAE Write this down, DO NOT FORGET/LOSE IT! $ gp -l! openkms.gp.GPException: STRICT WARNING: Card cryptogram invalid! Card: CC73F92AD03A131D Host: A358609D53744EEB !!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!! at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java:156) at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:476) at openkms.gp.GPTool.main(GPTool.java:348) $ gp -key B4F75CE0A95EA3F86BBD051CB77C0FAE -unlock Default DES3:404142434445464748494A4B4C4D4E4F set as master key. $ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|)
  • 30. Read • JavaCard API Specification • and Runtime Environment • Google: "JavaCard Tutorial" • ISO 7816-4 (and javacard.framework.APDU) • Google: "University Smart Card Paper" • CLA/INS/P1/P2/Lc/Le/SW/0x9000 • ISO 7816/14443, ETSI, BSI, NFC, NIST etc etc • Beware of outdated/wrong/irrelevant information on the web!
  • 31. ISO 7816-7 (1999) Structured Card Query Language
  • 32. AppletPlayground • "Ready to eat" dog food from the internet • Almost all open source applets that may do something • Import into Eclipse • Build with ANT (eclipse/cmdline)
  • 33.
  • 34. Step 5
 Engage with the Community
  • 35. • Oracle JavaCard Forum / kenai.com: dead • Stack Overflow: "javacard", "globalplatform", "smartcard" tags: some life • OpenSC / pcsc-lite lists: open source but no Java! • GitHub: depends! • IRC: #opensc