1 / 28

Programming Smart Cards

Programming Smart Cards . Rajnish Kumar Comp527. Expect to learn. Cardlet Development Installation Coke Machine Interface Implementation Basic Cryptography. Smart Cards. A Card with built-in micro-processor and memory. Applications :

jerryawilliams
Download Presentation

Programming Smart Cards

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Programming Smart Cards Rajnish Kumar Comp527.

  2. Expect to learn • Cardlet • Development • Installation • Coke Machine Interface Implementation • Basic Cryptography

  3. Smart Cards • A Card with built-in micro-processor and memory. • Applications : • Pre-paid calling card • Security needs • e-cash

  4. Terminology • Program • Applet • Application • Cardlet • Instance of Program • Unique AID • APDU • Communication format between card and terminal

  5. Java Card Architecture Cardlets Loader Application Javacard API SOLO virtual Machine Utilities APDU Mgmt FileSystem Crypto Chip Dependent Functions

  6. Developing a Cardlet 1. Compile to .class • Use the packages provided • Javacard.framework • Javacardx.cryptography • Use “-g” to compile • javac –g wallet.java Develop a .java file

  7. Developing a Cardlet 1. Compile to .class Use MakeSOLO tool to generate .bin file from .class Develop a .java file 2. Create a .bin file

  8. Developing a Cardlet 1. Use CardletManager tool to download .bin file to the card. Compile to .class Develop a .java file 2. 3. Create a .bin file Download as a program file

  9. Developing a Cardlet 1. • Instantiate the program • Assign AID Compile to .class Develop a .java file 2. 3. 4. Create a .bin file Download as a program file Install as a Cardlet

  10. Methods required for Cardlet • install() : instantiate cardlet object • select() : prepare the cardlet for execution • process() : switch statement Optional : • main() : entry point for cardlet

  11. Javacard.framework • AID - Application ID • APDU - Handling communication buffer • ISO - constants • OwnerPin • Applet • Util - array functions

  12. Beware !! • Card resource limitations • Total cardlet size : 13.5 kb • Limited heap and stack size • Operation time out • Desynchronization

  13. Writing Terminal Application

  14. Java Card’s native commands • Hosted by Loader utility • Loader acts as native OS • Loader’s function : • Conduct transaction between terminal and cardlet • Provide cryptography support • Manage card’s files, program files and cardlets.

  15. Example Commands • CreateFile • DeleteFile • SelectFile • ReadBinary • UpadteBinary • VerifyCHV • VerifyKey

  16. Terminal Application • Use slb.iop.* classes to write terminal application in Java • Example method : • SmartCard.sendCardAPDU( CLA, INS, P1,P2, dataArray, Mode )

  17. Command format (APDU) Data From Terminal CLA INS P1 P2 P3 From Card, To Terminal SW1 SW2 • CLA : Command Class ( 1byte ) • 00h for loader class ( Card specific ). • 03h for Wallet ( User defined )

  18. Command format Data From Terminal CLA INS P1 P2 P3 From Card, To Terminal SW1 SW2 • INS : Command Instruction Identifier (1b) • CLA + INS uniquely identifies the command • If native, loader process • Else, forwarded to suitable cardlet • 03h for getBalance().

  19. Command format Data From Terminal CLA INS P1 P2 P3 From Card, To Terminal SW1 SW2 • P1,P2 : Command parameters • P3 : number of bytes of data to follow, or expected by the terminal • SW1,SW2 : status words.

  20. Cryptography Support

  21. Cryptography Support • Symmetric/Asymmetric Authentication • Internal/External Authentication • Key Files • Supported Encryption Algorithms: • DES • 3-DES • RSA

  22. Key Files

  23. External Authentication • Terminal callsAskRandom. Card has to return a challenge (random number ). • Terminal encrypts the challenge. Sends the encrypted challenge back to card using ExternalAuth . Key ID is also specified. • Card checks the correctness of terminal response, and authenticates if correct.

  24. Internal Authentication • Call anInternalAuth command • Call getResponse to get the cryptogram • Check if cryptogram is correct.

  25. Javacardx.crypto • Classes • DES_Key • DES3_Key • RSA_PrivateKey • RSA_PublicKey • MessageDigest

  26. En/Decryption • DES_Key class methods • encryptECB, encryptCBC • decryptECB, decryptCBC • generateMAC, verifyMAC • setKey • getBlockSize

  27. Code Walk Through

  28. Reference • SDK Guide • Cyberflex Access Programmer’s Guide • Search google for Java cryptography • www.cyberflex.com/Support/support.html

More Related