SlideShare una empresa de Scribd logo

JavaCard development Quickstart

Martin Paljak
Martin Paljak

Presentation from FOSDEM 2015 on how to start JavaCard development

Software
1 de 36
Descargar para leer sin conexión
Smart(Java)Card ... What & Why
What - smart card • Tiny PC without Human Interface capabilities • CPU: 16b/32b RISC @ handful of MhZ • Math co-processor: RSA/DES/AES/ECC • RAM: X KB • HDD: XX..XXX KB (EEPROM) • NET: "Ethernet" (contact) or "WiFi" (contactless) • "The size of a Raspberry Pi but with specs worse than XT!"
Application Protocol Data Unit
BIBO Bytes go In & Bytes come Out (request - response)
What - JavaCard • BASIC in BIOS: Java VM • DOS: App(let) manager (GlobalPlatform)
Choose your Weapon • ASM / C (OpenCard* by CryptoExperts) • C (MULTOS) • BASIC (BasicCard by ZeitControl) • Java (JavaCard)
Why - JavaCard • Meaningful abstraction layer! • Commodity platform • Multiple vendors • Multiple applications • "Open platform" - Oracle ... • "Portable" - Java ...
From Academia and Business
 to 
 Open Source Developers
Step 1
 Get the necessary hardware
Open JavaCard • At least 3 online shops in EU (in English) • + Canada, US • Must be OPEN Java Card • No "rooting" yet ;( • Form factor: ID-1 ("credit card") or USB token • From 5€ (Feitian) to 50€ (NXP) • javacard.pro / Google: "JavaCard Buyer's Guide of 2015"
Smart Card Reader • Any* will work (Contact) • Ludovic Rousseau's USB CCID driver (298/323) • Google: "Readers sorted by 'section' field" • Carefully consider contactless • PC/SC is not a hardware standard!
Step 2
 Prepare your tools
1. Normal Java development! • Favourite editor, IDE, compiler • Catch: running requires emulation 2. Conversion into card-loadable format (CAP file) • Against Oracle's JavaCard SDK 3. Loading onto card • Using GlobalPlatform
JavaCard SDK • From Oracle ... • No OpenJavaCardSDK :( • Java components are cross-platform • Suitable max version depends on card version.
ant-javacard • ANT task for turning Java source code into a loadable CAP file • Any platform (Linux, OS X, Windows) • Any version of JavaCard SDK • Simple. Easy to use. Seriously.
Application IDentifier
GlobalPlatform • Every package (CAP file) has an AID • Each applet (class) has an AID • Every on-card entity has an AID • Packages and classes and instances • 5..16 bytes (5+11)
GlobalPlatformPro • Easy to use Java tool to: • LOAD CAP files to the card • INSTALL applets (AID-s) • CREATE applet instances (AID-s) • DELETE applets and packages (AID-s) • Add/change/delete keys • And more ...
Lock/Unlock
$ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|) ! $ gp -lock B4F75CE0A95EA3F86BBD051CB77C0FAE Card locked with: DES3:B4F75CE0A95EA3F86BBD051CB77C0FAE Write this down, DO NOT FORGET/LOSE IT! $ gp -l! openkms.gp.GPException: STRICT WARNING: Card cryptogram invalid! Card: CC73F92AD03A131D Host: A358609D53744EEB !!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!! at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java:156) at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:476) at openkms.gp.GPTool.main(GPTool.java:348) $ gp -key B4F75CE0A95EA3F86BBD051CB77C0FAE -unlock Default DES3:404142434445464748494A4B4C4D4E4F set as master key. $ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|)
Step 4
 Learn, Learn, Learn
Read • JavaCard API Specification • and Runtime Environment • Google: "JavaCard Tutorial" • ISO 7816-4 (and javacard.framework.APDU) • Google: "University Smart Card Paper" • CLA/INS/P1/P2/Lc/Le/SW/0x9000 • ISO 7816/14443, ETSI, BSI, NFC, NIST etc etc • Beware of outdated/wrong/irrelevant information on the web!
ISO 7816-7 (1999) Structured Card Query Language
AppletPlayground • "Ready to eat" dog food from the internet • Almost all open source applets that may do something • Import into Eclipse • Build with ANT (eclipse/cmdline)
Step 5
 Engage with the Community
• Oracle JavaCard Forum / kenai.com: dead • Stack Overflow: "javacard", "globalplatform", "smartcard" tags: some life • OpenSC / pcsc-lite lists: open source but no Java! • GitHub: depends! • IRC: #opensc
javacard.pro

Recomendados

Technical Overview of Java Card
Technical Overview of Java CardTechnical Overview of Java Card
Technical Overview of Java CardAnshuman Sinha
 
Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Julien SIMON
 
Evolution of microprocessors
Evolution of microprocessorsEvolution of microprocessors
Evolution of microprocessorsharinder
 
Java card technology
Java card technologyJava card technology
Java card technologyKeerthi Thomas
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsFIDO Alliance
 
WiFi practical hacking "Show me the passwords!"
WiFi practical hacking "Show me the passwords!"WiFi practical hacking "Show me the passwords!"
WiFi practical hacking "Show me the passwords!"DefCamp
 
Snapdragon Processor
Snapdragon ProcessorSnapdragon Processor
Snapdragon ProcessorKrishna Gehlot
 
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry PiEmbedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry PiAhmed El-Arabawy
 

Recomendados

Technical Overview of Java Card
Technical Overview of Java CardTechnical Overview of Java Card
Technical Overview of Java CardAnshuman Sinha
 
Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Julien SIMON
 
Evolution of microprocessors
Evolution of microprocessorsEvolution of microprocessors
Evolution of microprocessorsharinder
 
Java card technology
Java card technologyJava card technology
Java card technologyKeerthi Thomas
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsFIDO Alliance
 
WiFi practical hacking "Show me the passwords!"
WiFi practical hacking "Show me the passwords!"WiFi practical hacking "Show me the passwords!"
WiFi practical hacking "Show me the passwords!"DefCamp
 
Snapdragon Processor
Snapdragon ProcessorSnapdragon Processor
Snapdragon ProcessorKrishna Gehlot
 
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry PiEmbedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry PiAhmed El-Arabawy
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyDeepak Raj
 
SCOSTA (Smart Card Operating System for Transport Applications)
SCOSTA (Smart Card Operating System for Transport Applications)SCOSTA (Smart Card Operating System for Transport Applications)
SCOSTA (Smart Card Operating System for Transport Applications)ALOK GUPTA
 
Communication Protocols (UART, SPI,I2C)
Communication Protocols (UART, SPI,I2C)Communication Protocols (UART, SPI,I2C)
Communication Protocols (UART, SPI,I2C)Emertxe Information Technologies Pvt Ltd
 
jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!Mikhail Dudarev
 
Armboot process zeelogic
Armboot process zeelogicArmboot process zeelogic
Armboot process zeelogicAleem Shariff
 
430525618-Snapdragon-processors-seminar.pptx
430525618-Snapdragon-processors-seminar.pptx430525618-Snapdragon-processors-seminar.pptx
430525618-Snapdragon-processors-seminar.pptxShyamPriya2
 
Modes of 80386
Modes of 80386Modes of 80386
Modes of 80386aviban
 
Stolen e-money in 60sec - Tri Sumarno
Stolen e-money in 60sec - Tri SumarnoStolen e-money in 60sec - Tri Sumarno
Stolen e-money in 60sec - Tri Sumarnoidsecconf
 
6th gen processor
6th gen processor6th gen processor
6th gen processorAmit Sinha
 
Salient featurs of 80386
Salient featurs of 80386Salient featurs of 80386
Salient featurs of 80386aviban
 
Snapdragon
SnapdragonSnapdragon
SnapdragonKaushal Kabra
 
8-bit PIC Microcontrollers
8-bit PIC Microcontrollers8-bit PIC Microcontrollers
8-bit PIC MicrocontrollersPremier Farnell
 
Uart
UartUart
UartAditee Apurvaa
 
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCET
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCETEC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCET
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCETSeshaVidhyaS
 
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver OverviewLinux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver OverviewRajKumar Rampelli
 
80286 microprocessors
80286 microprocessors80286 microprocessors
80286 microprocessorsRajesh Reddy G
 
8085
80858085
8085Sunil Dutt
 
Mifare cards
Mifare cardsMifare cards
Mifare cardsGlen Cifuentes Toro
 
The Value of FIDO Certification
The Value of FIDO CertificationThe Value of FIDO Certification
The Value of FIDO CertificationFIDO Alliance
 
DMA Versus Polling or Interrupt Driven I/O
DMA Versus Polling or Interrupt Driven I/ODMA Versus Polling or Interrupt Driven I/O
DMA Versus Polling or Interrupt Driven I/Osathish sak
 
OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareMartin Paljak
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaMartin Paljak
 

Más contenido relacionado

La actualidad más candente

Smart card technology
Smart card technologySmart card technology
Smart card technologyDeepak Raj
 
SCOSTA (Smart Card Operating System for Transport Applications)
SCOSTA (Smart Card Operating System for Transport Applications)SCOSTA (Smart Card Operating System for Transport Applications)
SCOSTA (Smart Card Operating System for Transport Applications)ALOK GUPTA
 
jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!Mikhail Dudarev
 
Armboot process zeelogic
Armboot process zeelogicArmboot process zeelogic
Armboot process zeelogicAleem Shariff
 
430525618-Snapdragon-processors-seminar.pptx
430525618-Snapdragon-processors-seminar.pptx430525618-Snapdragon-processors-seminar.pptx
430525618-Snapdragon-processors-seminar.pptxShyamPriya2
 
Modes of 80386
Modes of 80386Modes of 80386
Modes of 80386aviban
 
Stolen e-money in 60sec - Tri Sumarno
Stolen e-money in 60sec - Tri SumarnoStolen e-money in 60sec - Tri Sumarno
Stolen e-money in 60sec - Tri Sumarnoidsecconf
 
6th gen processor
6th gen processor6th gen processor
6th gen processorAmit Sinha
 
Salient featurs of 80386
Salient featurs of 80386Salient featurs of 80386
Salient featurs of 80386aviban
 
8-bit PIC Microcontrollers
8-bit PIC Microcontrollers8-bit PIC Microcontrollers
8-bit PIC MicrocontrollersPremier Farnell
 
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCET
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCETEC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCET
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCETSeshaVidhyaS
 
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver OverviewLinux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver OverviewRajKumar Rampelli
 
The Value of FIDO Certification
The Value of FIDO CertificationThe Value of FIDO Certification
The Value of FIDO CertificationFIDO Alliance
 
DMA Versus Polling or Interrupt Driven I/O
DMA Versus Polling or Interrupt Driven I/ODMA Versus Polling or Interrupt Driven I/O
DMA Versus Polling or Interrupt Driven I/Osathish sak
 

La actualidad más candente (20)

Smart card technology
Smart card technologySmart card technology
Smart card technology
 
SCOSTA (Smart Card Operating System for Transport Applications)
SCOSTA (Smart Card Operating System for Transport Applications)SCOSTA (Smart Card Operating System for Transport Applications)
SCOSTA (Smart Card Operating System for Transport Applications)
 
Communication Protocols (UART, SPI,I2C)
Communication Protocols (UART, SPI,I2C)Communication Protocols (UART, SPI,I2C)
Communication Protocols (UART, SPI,I2C)
 
jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!
 
Armboot process zeelogic
Armboot process zeelogicArmboot process zeelogic
Armboot process zeelogic
 
430525618-Snapdragon-processors-seminar.pptx
430525618-Snapdragon-processors-seminar.pptx430525618-Snapdragon-processors-seminar.pptx
430525618-Snapdragon-processors-seminar.pptx
 
Modes of 80386
Modes of 80386Modes of 80386
Modes of 80386
 
Stolen e-money in 60sec - Tri Sumarno
Stolen e-money in 60sec - Tri SumarnoStolen e-money in 60sec - Tri Sumarno
Stolen e-money in 60sec - Tri Sumarno
 
6th gen processor
6th gen processor6th gen processor
6th gen processor
 
Salient featurs of 80386
Salient featurs of 80386Salient featurs of 80386
Salient featurs of 80386
 
Snapdragon
SnapdragonSnapdragon
Snapdragon
 
8-bit PIC Microcontrollers
8-bit PIC Microcontrollers8-bit PIC Microcontrollers
8-bit PIC Microcontrollers
 
Uart
UartUart
Uart
 
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCET
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCETEC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCET
EC8392 -DIGITAL ELECTRONICS -II YEAR ECE-by S.SESHA VIDHYA /ASP/ ECE/ RMKCET
 
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver OverviewLinux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver Overview
 
80286 microprocessors
80286 microprocessors80286 microprocessors
80286 microprocessors
 
8085
80858085
8085
 
Mifare cards
Mifare cardsMifare cards
Mifare cards
 
The Value of FIDO Certification
The Value of FIDO CertificationThe Value of FIDO Certification
The Value of FIDO Certification
 
DMA Versus Polling or Interrupt Driven I/O
DMA Versus Polling or Interrupt Driven I/ODMA Versus Polling or Interrupt Driven I/O
DMA Versus Polling or Interrupt Driven I/O
 

Destacado

OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareMartin Paljak
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaMartin Paljak
 
Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java CardJulien SIMON
 
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM serviceseSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM servicesYiannis Hatzopoulos
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitiesYiannis Hatzopoulos
 

Destacado (9)

OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source software
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardiga
 
OpenDNIe Hackfest
OpenDNIe HackfestOpenDNIe Hackfest
OpenDNIe Hackfest
 
Codebits 2011
Codebits 2011Codebits 2011
Codebits 2011
 
ID-kaardist 100%
ID-kaardist 100%ID-kaardist 100%
ID-kaardist 100%
 
Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java Card
 
Javacardtech
JavacardtechJavacardtech
Javacardtech
 
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM serviceseSmartlock a USB Javacard dongle with anti-piracy and DRM services
eSmartlock a USB Javacard dongle with anti-piracy and DRM services
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalities
 

Similar a JavaCard development Quickstart

Smart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceSmart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceMartijn Oostdijk
 
ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)家榮 張
 
Getting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitGetting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitSulamita Garcia
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam崇倍 洪
 
Developing a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionDeveloping a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionIntel® Software
 
FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02Libor GECNUK
 
4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdfRynefelElopre2
 
2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT FightBruno Capuano
 
Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Scala Italy
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advancedImran Sheikh
 
Eclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersEclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersMicroEJ
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future KingKapil Sachdeva
 
One library for all Java encryption
One library for all Java encryptionOne library for all Java encryption
One library for all Java encryptionDan Cvrcek
 

Similar a JavaCard development Quickstart (20)

Smart Cards, ePassports, and open source
Smart Cards, ePassports, and open sourceSmart Cards, ePassports, and open source
Smart Cards, ePassports, and open source
 
ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)
 
Getting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitGetting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer Kit
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam
 
Smart logic
Smart logicSmart logic
Smart logic
 
Developing a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionDeveloping a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT Edition
 
Vlsi lab
Vlsi labVlsi lab
Vlsi lab
 
FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02
 
4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf
 
arduino.pdf
arduino.pdfarduino.pdf
arduino.pdf
 
2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight2015 02 28 DotNetSpain IoT Fight
2015 02 28 DotNetSpain IoT Fight
 
Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64
 
Embedded. What Why How
Embedded. What Why HowEmbedded. What Why How
Embedded. What Why How
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advanced
 
Craneboard
CraneboardCraneboard
Craneboard
 
Eclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for MicrocontrollersEclipse Edje: A Java API for Microcontrollers
Eclipse Edje: A Java API for Microcontrollers
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future King
 
One library for all Java encryption
One library for all Java encryptionOne library for all Java encryption
One library for all Java encryption
 
108week2
108week2108week2
108week2
 
Using FPGA in Embedded Devices
Using FPGA in Embedded DevicesUsing FPGA in Embedded Devices
Using FPGA in Embedded Devices
 

Último

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 

Último (20)

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 

JavaCard development Quickstart

  • 1.
  • 3. What - smart card • Tiny PC without Human Interface capabilities • CPU: 16b/32b RISC @ handful of MhZ • Math co-processor: RSA/DES/AES/ECC • RAM: X KB • HDD: XX..XXX KB (EEPROM) • NET: "Ethernet" (contact) or "WiFi" (contactless) • "The size of a Raspberry Pi but with specs worse than XT!"
  • 5. BIBO Bytes go In & Bytes come Out (request - response)
  • 6.
  • 7. What - JavaCard • BASIC in BIOS: Java VM • DOS: App(let) manager (GlobalPlatform)
  • 8. Choose your Weapon • ASM / C (OpenCard* by CryptoExperts) • C (MULTOS) • BASIC (BasicCard by ZeitControl) • Java (JavaCard)
  • 9. Why - JavaCard • Meaningful abstraction layer! • Commodity platform • Multiple vendors • Multiple applications • "Open platform" - Oracle ... • "Portable" - Java ...
  • 10. From Academia and Business
 to 
 Open Source Developers
  • 11. Step 1
 Get the necessary hardware
  • 12. Open JavaCard • At least 3 online shops in EU (in English) • + Canada, US • Must be OPEN Java Card • No "rooting" yet ;( • Form factor: ID-1 ("credit card") or USB token • From 5€ (Feitian) to 50€ (NXP) • javacard.pro / Google: "JavaCard Buyer's Guide of 2015"
  • 13.
  • 14.
  • 15. Smart Card Reader • Any* will work (Contact) • Ludovic Rousseau's USB CCID driver (298/323) • Google: "Readers sorted by 'section' field" • Carefully consider contactless • PC/SC is not a hardware standard!
  • 17. 1. Normal Java development! • Favourite editor, IDE, compiler • Catch: running requires emulation 2. Conversion into card-loadable format (CAP file) • Against Oracle's JavaCard SDK 3. Loading onto card • Using GlobalPlatform
  • 18. JavaCard SDK • From Oracle ... • No OpenJavaCardSDK :( • Java components are cross-platform • Suitable max version depends on card version.
  • 19. ant-javacard • ANT task for turning Java source code into a loadable CAP file • Any platform (Linux, OS X, Windows) • Any version of JavaCard SDK • Simple. Easy to use. Seriously.
  • 20.
  • 21.
  • 22.
  • 23.
  • 25. GlobalPlatform • Every package (CAP file) has an AID • Each applet (class) has an AID • Every on-card entity has an AID • Packages and classes and instances • 5..16 bytes (5+11)
  • 26. GlobalPlatformPro • Easy to use Java tool to: • LOAD CAP files to the card • INSTALL applets (AID-s) • CREATE applet instances (AID-s) • DELETE applets and packages (AID-s) • Add/change/delete keys • And more ...
  • 28. $ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|) ! $ gp -lock B4F75CE0A95EA3F86BBD051CB77C0FAE Card locked with: DES3:B4F75CE0A95EA3F86BBD051CB77C0FAE Write this down, DO NOT FORGET/LOSE IT! $ gp -l! openkms.gp.GPException: STRICT WARNING: Card cryptogram invalid! Card: CC73F92AD03A131D Host: A358609D53744EEB !!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!! at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java:156) at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:476) at openkms.gp.GPTool.main(GPTool.java:348) $ gp -key B4F75CE0A95EA3F86BBD051CB77C0FAE -unlock Default DES3:404142434445464748494A4B4C4D4E4F set as master key. $ gp -l! AID: A000000003000000 (|........|) ISD SECURED: Security Domain, Card lock, Card terminate, Default selected, CVM (PIN) management ! AID: A0000000035350 (|.....SP|) ExM LOADED: (none) A000000003535041 (|.....SPA|)
  • 30. Read • JavaCard API Specification • and Runtime Environment • Google: "JavaCard Tutorial" • ISO 7816-4 (and javacard.framework.APDU) • Google: "University Smart Card Paper" • CLA/INS/P1/P2/Lc/Le/SW/0x9000 • ISO 7816/14443, ETSI, BSI, NFC, NIST etc etc • Beware of outdated/wrong/irrelevant information on the web!
  • 31. ISO 7816-7 (1999) Structured Card Query Language
  • 32. AppletPlayground • "Ready to eat" dog food from the internet • Almost all open source applets that may do something • Import into Eclipse • Build with ANT (eclipse/cmdline)
  • 33.
  • 34. Step 5
 Engage with the Community
  • 35. • Oracle JavaCard Forum / kenai.com: dead • Stack Overflow: "javacard", "globalplatform", "smartcard" tags: some life • OpenSC / pcsc-lite lists: open source but no Java! • GitHub: depends! • IRC: #opensc