How to Programming with Javacard

Yes, there is. 1- You can use GlobalPlatformPro.It's an opensource, well-documented and easy use tool for card's content management. Quoted from its website: Load and manage applets on compatible > JavaCards from command line or from your Java project with a Do What I Mean approach. 2- For sending APDU...

How can I use this file to develop JCOP smart cards?

smartcard,javacard,jcop

Your file is a JCOP Shell script, you can open it in any text editor and have a look or make some changes. Using JCOP Shell script you can open SC readers, select javacard applets, send some APDUs to your applet, write your own testing scenarios etc. JCOP Shell script...

Hash generator applet doesn't work fine

hash,md5,javacard

There is a bug in your code. Your doHash method does the hashing as from a twice as long input (it computes the hash from "XX" instead of "X"): HashObj.update(buffer, ISO7816.OFFSET_CDATA, buffer[ISO7816.OFFSET_LC]); HashObj.doFinal(buffer, ISO7816.OFFSET_CDATA, buffer[ISO7816.OFFSET_LC], hashedValue, (short) 0); The update method is for long inputs only - it does all...

RSA Key generation fails on JCARD 2.2.2

java,eclipse,rsa,javacard,apdu

According to the JCDK User's Guide (for JC 2.2.2) the CREF (C-language RE) implementation supports the following alogirthms: 112-, 128-, 160-, 192-bit ECC 512-bit RSA Therefore, the line rsa_KeyPair = new KeyPair(KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_2048); should throw a CryptoException.NO_SUCH_ALGORITHM when executed in CREF (as CREF does not support 2048-bit RSA). Besides that...

Primary problems with authentication process in jcmanager?

for-loop,memory-leaks,javacard

The card uses SCP02 as indicated in the key information returned for the INITIALIZE UPDATE command. Thus the card challenge has 6 bytes and key derivation data based on a key-specific constant (01 82 for S_ENC) and the sequence counter (00 16 as sent by the card in the INITIALIZE...

Why I receive `6C0B` instead of data that I expected?

javacard,globalplatform

You didn't searched good enough! If you do a quick look at status words table you will see SW1=6CXX means Wrong Le field; SW2 encodes the exact number of available data bytes So you must send the below command: 80|00|00|00|0B! Table of Status Words : ...

Java Card memory leak in for loop?

The x variable does not really exist in byte code. There are operations on a location in the Java stack that represents x (be it Java byte code or the code after conversion by the Java Card converter). Now the Java stack is a virtual stack. This stack is implemented...

Why should I use “setSeed()” in my java card program?

java,random,javacard,random-seed

setSeed() supplements rather than replaces the seed for a Java Card RandomData object, just like SecureRandom on Java SE. This is however not made explicit in the API up to 3.0.4. However, if you read the text of the constant ALG_PSEUDO_RANDOM you'll get: Utility pseudo-random number generation algorithms. The random...

lib directory could not be found in jcdk home

security,cryptography,smartcard,javacard

Make sure that you extract contents of JCDK. Normally in this folder, there are 4 ZIP files, and you must extract them. More over, the Eclipse-JCDE plugin is compatible with JCDK 2.2.2 only (You can use JCDK 2.2.1 with it also, but it is a little tricky) For the JCDK...

JavaCard - pure software implementation of ECC over GF(2^n)

Smart cards that are able to perform asymmetric cryptography always do this using a co-processor (that usually contains a Montgomery multiplier). Most smart cards (e.g. the initial NXP SmartMX processors) still operate using an 8 bit or 16 bit CPU. Those CPU's are not designed to perform operations on large...

Do smartcard chips (not cards) come prepackaged with card OS

performance,cryptography,bit-manipulation,bit-shift,javacard

You won't be able to buy a chip without operating system, which might either be a native operating system or a javacard environment; this would also be somewhat useless, since you could not introduce the operating system later. (Recently situation became a little bit more complicated, since now there are...

Fast bit shift of a byte array - CMAC subkeys

When it comes for speed, known length, hard-coded version is the fastest (but ugly). If you need to shift more than one bit, ensure to update the code accordingly. output[0] = (byte)((byte)(input[0] << 1) | (byte)((input[1] >> 7) & 1)); output[1] = (byte)((byte)(input[1] << 1) | (byte)((input[2] >> 7) &...

what is wrong with these Gemplus and Visa javacards?

smartcard,javacard,smartcard-reader

6982 on INITIALIZE UPDATE typically means card locked. This is irreversible, at least without further knowledge of the card operating system.

Make 2 cardlet Java Card communicate

applet,smartcard,channel,javacard

Yes it's possible. You need a card that supports additional logical channels.In that case, you can select more than one applet simultaneously.(One applet per each channel) Fortunately current cards support some additional logical channels. But remember that if you want to select (at least) two applets of a single package...

How to do a DAP verification in .cap files loading?

javacard,globalplatform,jcop

Answer to your questions : I want the Card Manager to do a DAP verification during uploading my file. What shall I do? There are following two scenarios, if any one of the scenario will occur then DAP block will necessary in the Load block : 1.If any Security Domain...

Smart Card Pre-Personalization and Historical Bytes

smartcard,javacard,globalplatform,jcop

Q1: What/where is the historical byte of my card? How I can analyse them? A1: You can enter an ATR in this site and it will parse it for you. Based on that the historical byte of your card is 4A 43 4F 50 32 34 32 52 33. Q2:...

Two OwnerPIN object in Java Card

security,smartcard,javacard,apdu,pin-code

For user authentication, the OwnerPIN is certainly one good way to go (there are alternatives ofcourse, but OwnerPIN provides security features (e.g. tearing protection) that you would otherwise have to implement manually). For terminal authentication, nothing should prevent you from using an approach based on an instance of the OwnerPIN....

Converting decimal to hexadecimal byte in Java Card

hex,javacard,pkcs7,pkcs#5

It slipped my mind that you could do: if (num < 256) { return (byte) num; } That should have settled it for now considering the num which is the amount to pad is less than 256 for PKCS 5 and 7 padding as per RFC-1423, RFC-2898 and RFC-5652....

Why oracle doesn't provide any Development Kit for Java Card 3.0.1 and 3.0.2 and 3.0.4?

android,nfc,javacard,ndef,contactless-smartcard

A1: Please read this: http://www.oracle.com/technetwork/java/javame/javacard/download/releasenotes-jsp-1440109.html The Java Card 3 platform consists of versions 3.0, 3.0.1 and 3.0.4 of the specifications and versions 3.0.1, 3.0.2, 3.0.3 and 3.0.4 of the development kit. SDK 3.0.3 targets specification 3.0.1. A2: (also applies to A1) you can use ant-javacard: open source, cross-platform, all JavaCard...

Automatic recognition of Java Card by Android

The only way to trigger specific actions through NFC on an Android system (e.g. open URL, transfer a contact, etc.) without the need for a custom app is to use NDEF formatted data. You would therefore need to create an applet on the card that implements the NFC Forum Type...

DES Crypto applet returns errror on reception of any command

java,cryptography,javacard

Q1 StackOverflow is not meant to be a site for peer code reviews. Just a few obvious observations nevertheless: Follow the Java code conventions: myCipher instead of MyCipher, KEY_IN_NOT_SET_GOOD instead of KeyInNotSetGood etc. (see https://google-styleguide.googlecode.com/svn/trunk/javaguide.html). These rules can improve the readability of your code a lot. Never use static method...

Javacard - Signining and verifying

java,cryptography,javacard,jcop

The problem is in these two methods getExponent() and getModulus(). You are storing exponent and modulus into buffer's index ISO7816.OFFSET_CDATA (index 5) but sent it outside from buffer's index 0. Compare the correct approachs with the wrong approach: Wrong: private void getExponent(APDU apdu) { byte[] buffer = apdu.getBuffer(); short length...

Generating a certificate from the public key in Java Card Applet

cryptography,certificate,rsa,javacard

Possible yes, but it would mean that you would have to implement a minimal Certificate Authority (CA) within your smart card. And if this certificate is not self signed then you need to generate or import the private key of the CA as well. Furthermore, smart cards are often pretty...

Why my smart card accepts two different keys as its MAC key?

smartcard,javacard,3des,parity,globalplatform

You are only flipping the parity bit which is not used nor checked by the card (or software). Which means the outcome of ciphers is the same, yes.

how to build a rsa key with a modulus of 64 bytes in java

java,rsa,public-key-encryption,javacard

The issue is that BigInteger by default encodes to a signed big endian representation. If you decode the bytes using the constructor it does the opposite, i.e. it expects a signed value. Now most cryptography is performed on (large) unsigned integers. This is because the calculations are performed within a...

What is JCOP Identify Applet for?

smartcard,javacard,globalplatform,jcop

I'll answer in order: see the JCOP admin or user manual (this is information that is usually protected by non-disclosure agreements) to identify the product no ...

Interpreting a java card HelloWorld applet

applet,smartcard,javacard,apdu

Although we cannot see intent of an author, the line: byte CLA = (byte) (buffer[ISO7816.OFFSET_CLA] & 0xFF); is 100% equivalent to: byte CLA = buffer[ISO7816.OFFSET_CLA]; Java does often use integers as result of operations, and because Java Card usually does not support int values, it is often needed to cast...

is it possible to return some data along with the status word 9000 on selecting an applet in javacard?

I guess you do the "good practice" of "if selectingApplet() then return" in process? You need to process the incoming APDU instead of simple return. You can return data to select the normal way, but be careful to return 0x9000 if the select was successful....

list of algorithms that supported by the card?

java,algorithm,encryption,smartcard,javacard

you are totally mixing up things. FIRST there is Global Platform. Global Platform specifies how to interact with the card manager/security domain: e.g. how to authenticate with the card manager, how to upload a cap file, how to install a cap file, to lock the card to unlock the card...

NFC SWP applet selection returns 6999

android,nfc,smartcard,javacard,sim-card

Receiving status code 6999 in response to the SELECT (by AID) command is a clear indication that the applet was not found/not selectable. If the applet has been installed and is selectable (using the same AID) over the contact interface of the UICC/SIM card, then it is likely not made...

how to install jcdk 2.2.1 in elipse [Version: Kepler Service Release 2]?

eclipse,eclipse-plugin,smartcard,javacard

I set eclipse with java kit 2.2.2 then I close eclipse window and replace the contents of java kit 2.2.2 with contents if java kit 2.2.1 and the problem solved.

Sending signature data in response APDU - Java Card

digital-signature,smartcard,javacard,apdu,ecdsa

It's probably that signLen is larger than the Ne value (incorrectly called Le in the JavaCard specifications). You are also abusing the Le value to mean (short) MESSAGE.length by the way. Ne indicates the maximum number of bytes that are expected to be send back.

-debug flag for converter

debugging,netbeans,javacard

After all I have found a solution. I didn't find an elegant solution though. Netbeans uses jc-pack Ant task to convert files into .cap. This task is defined in Packager class which is included into src folder of the jcdk installation folder. The convertation process is in Packager.java line ~205....

Classic JavaCard 3.0 Applet Using HTTPS functions

java,applet,smartcard,javacard

Basically with Java Card Classic you are limited to the APDU interface. This interface has been specified in the Java Card API and the ISO/IEC 7816-4 standard. It is of course possible to channel any kind of protocol through an APDU interface, but you would have to program it yourself....

Javacard applet beginner

There is a development kits called JCIDE, is free. After installation, can be used directly, no configuration parameters. Unfortunately, when debugging, only set one breakpoint, but normal use is enough. I feel very good, recommended to you.

Difference between verification and authentication?

smartcard,javacard,apdu

Initialize update and ext auth commands are to establish secure channel between off card and on card entity. While 00 20 .... apdu is for verify card manager pin. So all cards which are GP compliance will support both. There is card manager which is the owner of card so...

Why all applets of a package are not installed? And why I can't delete them?

transactions,smartcard,javacard

You have a single applet installed: AID: 0102030405060708090002 (|...........|) App SELECTABLE: (none) And you have a package with 3 applets loaded: AID: 01020304050607080900 (|..........|) ExM LOADED: (none) 0102030405060708090002 (|...........|) 0102030405060708090001 (|...........|) 0102030405060708090000 (|...........|) You can only delete one existing applet 0102030405060708090002 and you can't delete the package 01020304050607080900 without either...

Why Eclipse returns an error when trying to convert an applet, while NetBeans not?

java,eclipse,javacard

Sometimes Eclipse fails to completely delete the .class files or .cap files on Windows machines, usually due to a program (e.g. McAfee or another virus scanner) locking files. In that case not all files will be deleted. In that case the right builders may not get triggered and you will...

Is this a bug in Transaction mechanism in javacards?

Although we cannot look into the card, it seems a higher chance that there is protection against this attack and that a countermeasure has been triggered. A useful countermeasure is to "mute" the card, so no information is leaked back to a possible attacker. This may mean that the card...

AID of JCOP's Security Domain and meaning of “Card Not Fused” or “Not Pre-Personalized”

smartcard,javacard,globalplatform,jcop

Before a smart card can be used, it needs to be "pre-personalized": some basic settings need to be written, ISD keys initialized, etc. If a card is not pre-personalized, it will not respond to normal APDUs. The pre-personalization process is vendor-specific and there is a chain of trust involved, so...

resources to make java card application similiar like RB 5.0

java,resources,javacard,jcop

Smart card specifications: Global Platform Card Specification (This is v 2.2.0.7, your card may was compatible a lower version) ISO/IEC 7816 (Regularly you need part 3 and 4) Java Card applet development kit (including API Specifications + RE and VM Specification): Java Card Development Kit 3.0.2 (Download the version that...

Object Deletion Management in javacards

javacard,apdu,sim-card,globalplatform

Object deletion is typically performed during start up. So basically the system can sweep the memory just like a normal Java Garbage Collector at that time. If no references are found to a specific object, then the space occupied by that object can be collected. As the oldBuffer reference is...

UICC: How to change ARA?

Security Status Not Satisfied error code occurs only when some pre-requisite authentication conditions are not satisfied before sending the APDU command. Updating APDU access rules (i.e. Access rules stored in ARA) required proper authentication, without doing proper authentication you can not update the AR in ARA applet, so only...

What is the efficient way in writing a java card applet?

Version 1: Buffer stored in EEPROM as an instance variable. This is OK. Version 2: Buffer stored in EEPROM as a class variable. This is OK. However, there might be some security issues with static fields as mentioned here https://community.oracle.com/thread/1752580: The JCRE creates a context shared by any instance of...

Programming for Java Card 3 platform in Eclipse

eclipse,javacard

The .jar is actually just an installer. You'll have to run it to get the real runtime using java -jar <file.jar>. Then you should get the SDK.

Random data generator applet returns `0x6F00`

There is a little bug in your code. You want Util.arrayCopyNonAtomic(generatedRandom, (short) 0, buffer, (short) 0, (short) buffer[ISO7816.OFFSET_P2]); instead of Util.arrayCopyNonAtomic(generatedRandom, (short) 0, buffer, (short) 0, (short) ISO7816.OFFSET_P2); General rule: ALWAYS surround the content of your process method with a try-catch block and set status words according to the type...

Why Javacard prevent uploading different in AID .cap files of a single javacard program?

1-What is the origin of first error? Is it illegal to upload two .cap file that are different in AID and have an equal PkgAID in two step? Yes. You have uploaded that package. Therefore, it is forbidden to upload the same package again. Here, you have two options: Directly...

What is the reaction of JCRE to uploading an applet with promiscuous AID?

smartcard,javacard,smartcard-reader,globalplatform,jcop

I'll provide two answers, as you've asked two questions. Please try and ask one question per question. The .cap file is different because the single .cap file is little more than a .zip archive. You can simply change the file extension to .zip to see the contents. A .zip can...

List applets on JCOP Cards using GPShell

It's trying to connect to the 3rd reader of your system. So, If you have just one card reader connected to the system just use card_connect instead of card_connect -readerNumber 3 ...

When I must use the “throws” word in declaration of a method?

java,cryptography,javacard,apdu,elliptic-curve

You must declare checked exceptions only. You may declare unchecked exceptions, to indicate they are likely to be thrown. For example parseInt(String s) declares it throws a NumberFormatException, even though it is unchecked, because it is likely to do it (passing it not a number is a common scenario). From...

Recovering an ECPublicKey from Java to JavaCard

The problem is likely: pubKey.setW(apduBuffer, ISO7816.OFFSET_CDATA, ISO7816.OFFSET_LC); First of all, you should not use ISO7816.OFFSET_CDATA and ISO7816.OFFSET_LC directly. Use APDU.getOffsetCData for the location of the command data and use APDU.setIncomingAndReceive to get the Nc value (Lc is the encoding of the Nc value). Currently your code is failing as you...

Is it possible to program a “Java Card” - enabled smart card in any other language than Java?

c,embedded,smartcard,javacard

The general answer : Unfortunately no, currently there is no other way than using Java Card API to program a Java Card compatible card. The detailed answer: Some kind of cards have a mechanism named "Secure Box". As mentioned in the JCOP v2.4.2 r3 card Security target : The Secure...

Recovering an ECPublicKey from JavaCard to Java

java,bouncycastle,javacard,apdu,elliptic-curve

The public key returned in JavaCard is formatted as follows: 04 x y. In the terminal side, first you must extract x and y coordinates. Then, KeyFactory kf = KeyFactory.getInstance("ECDSA", "BC"); ECPoint point = new ECPoint(x, y); ECParameterSpec domainparameters = new ECParameterSpec(...); // initialize your domain parameters ECPublicKeySpec spec =...

An applet without any package, and a package without any applet

java,memory-management,bytearray,javacard

yes it is an ISD (issues security domain), not App no One question per post please....

Byte array memory allocation on java card

In case the pinSig value is always 64 bytes long you should use the following implementation: public void setpinSig( byte[] sig){ javacard.framework.Util.arrayCopy(sig, (short) 0, pinSig, (short) 0, (short) 64); } ...

JavaCard applet emulating DESFireEV1

smartcard,javacard,mifare,emulation

The open source project you already found is indeed unfinished, incomplete, incorrect. NXP features an emulation that is avaiable by activation during prepersonalization (not on all cards i suppose) I have implemented an almost complete and tested DESFire applet(only supports transparent files and does not support native mode but...

Javacard KeyAgreement differs from BouncyCastle KeyAgreement

bouncycastle,javacard,elliptic-curve,diffie-hellman

There is a problem in your implementation of KeyAgreement.ALG_EC_SVDP_DH in the terminal side. The correct length of output of the this method of key agreement should always be 20 bytes since SHA-1 is being performed on the derived output. So in your terminal side, you should perform SHA-1 after generating...

SELECT APDU doesn't work fine

smartcard,javacard,smartcard-reader,globalplatform,pyscard

AID's are hierarchical. The Java Card runtime simply chooses the first one that matches against the bytes given, even if the AID contains more bytes. It may select the second one if you fire the SELECT again. To resolve this give the Applets AID's that are distinct even for the...

Extended APDUs and T=0/1 communication protocols

Q1: Changing Protocol is possible. Information which protocols are supported by hte card is transceived via ATR/ATS. The terminal then can decide which one to use. So it is dependend from your Terminal shell if protocols are selectable or not. For JCOP Shell this is /change-protocol. However is do not...

Sturdiness of an applet in Java Card

java,exception,applet,javacard

As the smart cards haven't any battery inside, you can't have any try ... catch ... like this. Alternatively you can take advantages of Transactions. The Transaction APIs are provided just for your goal. The operations that are between beginTransation() and commitTransation() methods, apply only if the commitTransation() complete successfully....

javacard byte array max length

bytearray,javacard

That depends on where you allocate the array (persistent memory, transient memory) and on the available memory on your specific card. The technical limit for an array's size in Java Card is 32767 elements, because array indices are of type short and can only be non-negative values. You can get...

How much memory does this card really have? (EEPROM and ObjectDeletion game!)

javacard,jcop

The answer is simply because each array (and other objects as well) requires 'header' to indicate its type, its size, etc. You need to read carefully on JCRE and JCVM specification for this. I haven't check the precise size of the 'header', but you can imagine it as (100 +...

Memory Access Performance in Java Card

performance,memory,smartcard,javacard

Of course, memory gets loaded on a page by page basis. If your array ends up in two or more pages, and only the first page gets loaded by the JIT (because reasons, it's very hard to track memory once the JIT and GC touch it) but the last one...

Java Card Applet and Host-based Card Emulation of Android Kitkat 4.4

android,nfc,android-4.4-kitkat,javacard,hce

No, while the Android HCE documentation lists the possibility to use secure element-based card emulation, there are several problems hindering the use of a secure element in current devices: Nexus devices have a proprietary API for access to embedded secure elements only (no API for access to UICC/SIM card-based secure...

Getting PCSC Exception 0x8010002f

javacard,globalplatform,jcop

I found in ISO7816-3 , "Sw1 =60 is a NULL Byte, it request no action on data transfer" . this was the cause of communication error.. when i tried for 9000 , same code works good in simulator and real card...thanks for all

Trying Java Card Application On real smart card

javacard,apdu

After writing your Java Card application (we call it applet) in your IDE (Such as Eclipse or Netbeans), you have the following steps to communicate with it on a real smart card : Convert the .java file to .class file Convert the .class file to .cap file using converter tool...

What does this default applets do?

java,cryptography,javacard

ExM means "Executable module" which means "package". N/A Yes. Have a look here for example: https://github.com/martinpaljak/AppletPlayground/blob/master/build.xml#L53 You really have to go and read some documentation before asking. This is a programming forum....

Java Card DES generator applet output is different from online-tools output

As I didn't know which one of DES_ECB_PKCS5, DES_ECB_NOPAD, DES_ECB_ISO9797_M2 or DES_ECB_ISO9797_M1 being used by the online tool That´s the problem. Blockmode, padding and other things are very important (and there are so much more than 4 combinations). And in case of online tools, charset stuff (input interpretation in...

How can I check INITIALIZE UPDATE and EXTERNAL AUTHENTICATE correctness?

From the INITIALIZE UPDATE command you send, you get host_challenge = 00 00 00 00 00 00 00 00 In response to the INITIALIZE UPDATE command, you get diversification_data = 00 00 11 60 01 00 8A 79 0A F9 key_information = FF 02 sequence_counter = 00 11 card_challenge =...

Can't select AID Card Manager when testing to send APDU

java,applet,javacard,apdu,pcsc

Previously Global Platform borrowed the RID (the first 5 bytes of the AID) from VISA. This is because of historical reasons. Global Platform is now a separate entity but Open Platform - as it was once called - was started by (at least) VISA. There are many RID's registered. However...

How to send a data array to my Applet and manipulation it by Applet and return new data in response apdu?

arrays,applet,javacard,apdu

In method, private void getKey( APDU apdu , byte[] data) you need to call, apdu.setIncomingAndReceive(); Remember: This is the primary receive method. Calling this method indicates that this APDU has incoming data. This method gets as many bytes as will fit without buffer overflow in the APDU buffer following the...

Receiving SW=`“6999”, “6422”, “6444” and “6D00” in the simulating procedure with NetBeans , CREF and JCWDE?

netbeans,javacard

Maybe that's simulator limitation problem to support ALG_SECURE_RANDOM. Please try ALG_PSEUDO_RANDOM instead. From Class RandomData: ALG_PSEUDO_RANDOM Utility pseudo-random number generation algorithms. The random number sequence generated by this algorithm need not be the same even if seeded with the same seed data. Even if a transaction is in progress, the...

Smart cards and their files

java,performance,time,smartcard,javacard

Where are these applets in the card? (in the MF or in a DF?) Consider each Java Card application to be a DF directly below the MF. Though, be aware that Java Cards only make use of parts of the ISO 7816-4 file system concept and that the MF itself...

Performance measures : Java vs JavaCard [closed]

You run the algorithm is in two different platform, so the final machine language is not the same.

Getting started with SIM card

smartcard,gsm,javacard,sim-card

Yes, both are smart cards. Surely there are some specific applications: the SIM and USIM application theyself, the Remote File Management, Remote Application Management, browser application ([email protected], WIB), etc. The SIM card specification is defined first. Later on, the USIM specification. The backward compatibility is required so that subscribers...

Which encryption algorithm does my Javacard support

encryption,sign,javacard,jcop

There is no build in command for this as the card does not expose this information so the answer is no. That said, this is not the first time this has come up, and the solution space is not empty. Check this page which uses an Applet + tool to...

RSA key pair generator applet, generate fixed almost zero private and public keys

java,rsa,javacard

As you may notice, the returned values are not all zeros. The first 3 bytes of the response contains the exponent. What's wrong is your usage of getSize() method. This method actually returns the key size KeyBuilder.LENGTH_RSA_512 and not the size of the key component. The size of the exponent...

Why I can't select MF?

smartcard,javacard,jcop

Maybe this card is not supported by OpenSC Check the SupportedHardware list. Verify it with opensc-tool --name to see if some driver knows how to handle your card. The expected result of the command is a line with a card driver name. ...

ISO7816 - Odd INS codes?

smartcard,javacard,apdu

I am going to answer my own question after some research. My problem was an old ISO7816-3 standard as Guidot mentioned in his comment. According to current ISO7816-3 and ISO7816-4 odd INS codes are valid. The only invalid INS values according to current ISO are 6X and 9X. The reason...

How to transfer RSA public[/private] key outside the card?

getSize() returns the bit length of the key, not the byte length. You are probably running out of RAM. 2.((RSAPublicKey) thePrivateKey).getExponent(publicKey, (short) publicKeySize); This won't work! You are asking for the exponent to be stored at offset publicKeySize in array publicKey -- that is, at the very end of...

How to send “install” method arguments to the card reader using “process” method?

The install method gets called when you install te applet. The process method gets called when you (select first and)send a command to an instantiated/installed applet. This means that the install method will get called first and thus: your first error is tat you want to write to an uninitialized...

What is the meaning of out put of GP -I command?

android,smartcard,at-command,javacard,sim-card

As suggested before: you can get detailed information from the GP specification. Consider -i a "dump data from card useful for debugging and other purposes". It dumps card data, CPLC and key template of the ISD. If you don't know what that means, read the specification.

Send APDU commands to USIM/SIM card in android

There can be two different types of applets present on your SIM card. Common applets Common applets written in plain JavaCard. This is the type of applet you are used to from the world of common smart cards. It has the process method and smart card is the passive subject...

Why am I unable to find my desired environment variable functionality on Win7?

First problem: Put the extracted address of JavaCard bin directory in the PATH environment variable. i.e replace %JC_HOME%\bin with E:\JavaDevTools\java_card_kit-2_2_2\bin and it will works fine. Second problem: The origin of this problem is answered here : When installing a public JRE (used by the Java plugin), a java.exe file is...

Installing applet in javacard

You should require about the Global Platform state of the card. 6982 is a general status word that means "Security status not satisfied", so your card may be in the wrong state (e.g. the Global Platform LOCKED or TERMINATED state). It could also be that you are using an invalid...

Is this a vulnerability in my smart card .cap verifier and its atomicity?

You can't apparently interpret the output from the tools and gpj does not really make it easy either. Applet AID and package AID are different things and only selectable applets can be selected. Not to mention the issuer security domain, which is a different thing in the first place. Also,...

How to write a cross-card Java Card applet?

I think you are mixing two problems: 1. Algorithm support You can easily install your applet, which uses AES, on a card without AES. The absence of AES would cause runtime exceptions in the moment you try to create an instance of the cryptographic object: Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false); or KeyBuilder.buildKey(KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_128);...

How to try using Native Methods in Java card applets?

transactions,garbage-collection,smartcard,javacard

A native method is a method written in another programming language (i.e. not in Java) that can be invoked by a Java program. For smartcards, a native method is typically written in C code or machine code and is directly executed on the underlying smartcard processor (whereas Java Card applications...

Javacard - power loss during garbage collection

Well I think it might be an implementation bug. In general, garbage collection is usually never needed and never used on smartcards. You should avoided it under any circumstances by good applet design. Because that way you never run into memory problems, which are bad for a smartcard thats installed...

Restricted elliptic curves in Java Card

java,cryptography,javacard,elliptic-curve

Your prime is not big enough. For curves over F(p) of 512 bit you should use 512 bit primes. Your first byte, (byte) 0x25, however starts with a hex digit 2. That means that the first byte first starts with 2 binary digits set to 0, meaning that you've defined...

How to change javacard default keys?

With gpshell, you can use the put_sc_key command: put_sc_key -keyver <current key version> -newkeyver <new key version> -mac_key <mac key> -enc_key <enc key> -kek_key <kek key> [-current_kek <kek key>] I don't think that changing keys is possible with GPJ. The GUI of jcManager has nice self-explanatory text-fields and buttons that...

what is diference between Security Domain with Delegated Management privilege and Authorized management?