SMART CARDS APPLET DEVELOPMENT. Miguel Monteiro FEUP / DEI

Transcription

1 SMART CARDS APPLET DEVELOPMENT Miguel Monteiro FEUP / DEI

2 JAVA SUPPORTED IDES Actual Java Card major version is now 3 (from 2009) It occurs in two flavors Java Card Classic (supported by the majority of card makers) Java Card Connected (scarcely available) Last update is version (from 2015) In this last version, Oracle changed the official IDE Until the IDE is Netbeans (that includes the runtime environment for Connected 3.0.2) In an Eclipse plugin is supplied and the runtime does not run in Netbeans anymore There are many others 3 rd party development tools From the main makers Gemalto, Oberthur, Morpho (Safran), (with a high price) jcardsim (free for Java Card 2.2) ( 2

3 NETBEANS Get the complete package from netbeans.org Select the Java Card 3 Connected package during installation 3

4 LATEST VERSION From the Oracle site for Java Card 4

5 ECLIPSE Install Eclipse and after that install the plugin From Help Install New Software (Add) Select the plugin archive (the.zip file) 5

6 APPLET INFO An Applet has a package and a class (from Applet) Both have a unique AID with the first 5 bytes common The project is created with a very simple applet skeleton. 6

7 THE SKELETON APPLET CODE create.script select.script 7

8 A HELLO APPLET Accepts a single command, and returns Hello Returns the sequence { 48 h, 65 h, 6c h, 6c h, 6f h } It responds only to the APDU (base 16): B

9 PROCESSING THE INCOMING APDU APDU bytes are in a Java Card allocated buffer OFFSET_CLA There is just one buffer for all applets Its size can be less than the transmitted bytes OFFSET_INS OFFSET_P1 OFFSET_CDATA OFFSET_P2 OFFSET_LC CDATA APDU Buffer Only the first 5 bytes are guaranteed to be in the buffer when process() is called. If for this APDU input data is expected, it is necessary to read them with short setincomingandreceive() (APDU method) It puts incoming bytes in the CDATA area of the buffer, but those bytes can be short of the total. The method returns the valid bytes transferred The total incoming bytes can be obtained with getincominglength() or reading the buffer at OFFSET_LC Further incoming bytes are transferred to the CDATA area with short receivebytes(short offset) that returns the number of bytes transferred to the position offset of the APDU buffer. 9

10 BUILDING THE OUTGOING APDU The same buffer is used for the response APDU Its size can be not enough for all the outgoing bytes In that case the response should be sent in chunks - A call to short setoutgoing() allows the use of the APDU buffer to store the response bytes and returns the expected number of outgoing bytes. - Next, the number of bytes to send should be indicated calling setoutgoinglength(short len) - After putting those bytes in some part of the APDU buffer, they are actually sent with a call to sendbytes(short offset, short len) - If the number of bytes doesn t fit in the buffer we can call sendbytes() multiple times. There Is also a convenience method for long responses using sendbyteslong( ) that manages automatically the APDU buffer. - After sending all the bytes the status bytes are also automatically sent. - All the above calls can be replaced by a single call to setoutgoingand Send(short offset, short len) if all the outgoing bytes fit into the APDU buffer. To send an error status, call the static method ISOException.throwIt(short code). Many error codes are already defined as constants in the ISO7816 static class. 10

11 A MORE ELABORATE EXAMPLE Purse protected with a 6 digit PIN Features Takes notes of small amounts of money Has a protection PIN with 3 tries Operations of credit and debit require the PIN There is a maximum amount in the purse ( ) There an operation to get the total, without the PIN The PIN is initialized at install Operations EnterPIN INS = 0x10 Credit INS = 0x20 Debit INS = 0x30 GetTotal INS = 0x40 11

12 12 DEMO Purse with Eclipse

13 SENSITIVE INFORMATION It is possible to intercept the communication between card and card reader For sensitive information that info can be encrypted using asymmetric keys Problem: card personalization, after applet is installed How Or Card can generate key pairs, but outputting just one of them Or a CSR with a public key Can have a command to store a key (or a certificate) These types of commands should be executed only once We can enforce it using a boolean to control the execution We can provide a temporary applet just for personalization After personalization using this second applet, it is deleted from the card (security domain owner) It can be reinstalled later for modifications (security domain owner) 13

14 COMMUNICATION BETWEEN APPLETS Applets in the same security domain can talk One of them will be the server and the other the client The server defines a Shareable java interface The Java Card framework defines the empty interface Shareable { } The server should derive an interface that extends it One object of the server Applet should implement it The client Applet can ask for this object calling the framework getappletshareableinterfaceobject( ) The server needs to override from the Applet class the method getshareableinterfaceobject( ) The server should verify the client identity Asymmetric keys Challenge - Response 14

15 COMMUNICATION SCHEME Java Card Runtime Environment getappletshareabeinterfaceobject() AID Client Applet return the SIO invoke a method return from method firewall return the SIO AID SIO Shareable interface and SIO getshareableinterfaceobject() Server Applet 15

16 AUTHENTICATION SCHEME Client implements AuthInterface challenge(byte[] buffer) Server implements ServiceShareableInterface someop(authinterface client, byte[] buffer, ) aid = lookupaid(buffer, 0, len); sio = getappletshareableinterfaceobject(aid, par); sio.someop(this, buffer, ); public void challenge(byte[] buffer) { respondtochallenge(buffer); } overrides getshareableinterfaceobject(aid client, par) public void someop(authinterface client, byte[] buffer, ) { generatechallenge(buffer); client.challenge(buffer); if (!checkresponse(buffer)) ISOException.throwIt(SW_UNAUTHORIZED_CLIENT); } Shareable Interface Objects can communicate only using primitive values static fields that do not contain references to objects global arrays - the APDU buffer is a global array (it is cleaned when process() returns) 16

17 INITIALIZATION THROUGH 2 ND APPLET We can use the following schema After performing the initialization Applet B is removed from the card The initialization involved creating a key pair in the card Getting the public key Putting it into a CSR and getting a certificate from a CA Putting the user certificate (signed by the CA) in the card 17