smartcard,javacard,globalplatform , what is diference between Security Domain with Delegated Management privilege and Authorized management?

what is diference between Security Domain with Delegated Management privilege and Authorized management?


Tag: smartcard,javacard,globalplatform

I want to know difference between Security Domain with Authorized Management privilege and Security Domain with delegated Management privilege. And what we do operation in two state(like loading, installing,...). I read Global platform 2.2.1 about this subject, But I understand meaning and different yet, And I want know for which privilege I can make or create security domain? And how do I found my card which privilege supported?



Security domain with AM privilege can perform all the Card Content Management operations without an authorization, However SD with a DM priviledge requires a Authorization of the Card Content MAnagement Operation from a SD with AM privilege via Token verification.

Please go through Table 6-3 of GP2.2.1 for Privilege Assignment Example Use Cases, the Privilege Assignment can change from requirement.

The Privilege can be retrived from Get Status command it will be returned by TAg 'C5'in Response Message.

Feel free in case further information is required


how changing master key or other keys can provide security ?how used session key to keep the further communication between DESFire and reader?

I am working on the ticket electronik that tickets are DESFire cards. I want communications be safe . i now trying change PICC key . Before changing DESFire master key Authenticate with master key is necessary. In desfire sheet about Authenticate at page 31 was described: "This procedure not only...

lib directory could not be found in jcdk home

I will start a project about Java card on Eclipse IDE.I follow the instructions here and when I set the home location of JCDK , I am getting "lib directory could not be found in JCDK home." error.What can be reason?

NFC SWP applet selection returns 6999

I have a simple JavaCard applet installed on my SIM card. I try to communicate with my applet using Omnikey 5121 CL reader and NFC-enabled Sony Xperia L through NFC/SWP (single wire protocol). The problem is I cannot select the applet - as a status word I get 6999. The...

Trying Java Card Application On real smart card

I will write an application for smart card with using Java Card Framework.When I finished my application I want to set up to a real smart card and try it.Which equipment I must have?How can I run my codes on a real smart card?I have to provide a connector between...

Converting decimal to hexadecimal byte in Java Card

I would like to convert a decimal (integer or short types) in Java to hexadecimal byte in a Java Card environment (only supports byte and short types and possibly int types). Example: int num = 254 Print out result: 0xFD My current method of using switches and if-else to handle...

Why am I unable to find my desired environment variable functionality on Win7?

And, in the path section I have: C:\ProgramData\Oracle\Java\javapath; C:\Program Files (x86)\Intel\iCLS Client\; C:\Program Files\Intel\iCLS Client\; %SystemRoot%\system32; %SystemRoot%; %SystemRoot%\System32\Wbem; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL; C:\Program Files\Intel\Intel(R) Management Engine Components\IPT; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT; C:\Program Files (x86)\Skype\Phone\; C:\Program...

ADPU Service in iOS

I'm looking for an NFC solution for iOS similar to HostApduService for Android. Can someone tell me how can I exchange APDU commands in iOS. Thank you....

Recovering an ECPublicKey from JavaCard to Java

I am trying to implement ECDH between a terminal (simulated by my computer) and a smart card (Java Card). I fixed the elliptic curve that I want to use, and on the card side I have the following code to run the first part of the protocol : ECPublicKey pubKey...

Smart Card Reader T0 T1 communication on APDU level

I am struggle to understand what protocol I have to use to communicate with the card T0 or T1? So, correct me if I am wrong, but the reader actually decides by itself what protocol to use to communicate with the card if the card supports both. So my logic...

Determine Facility Code and Card Number from ATR in C#

I have the following card reader HID Omnikey 5325. I have a contact-less card named HIS Proximity. The number written on this card is 133593 42101044091-3. By reading the card, I get the following ATR hex: 3B050002F10673 Using the folowing applications I have managed to see the following information. I...

Why Eclipse returns an error when trying to convert an applet, while NetBeans not?

Below, you see a Java Card program that acts as a 8 byte random number generator : package randGen; import javacard.framework.APDU; import javacard.framework.Applet; import javacard.framework.ISOException; import javacard.framework.JCSystem; import javacard.framework.Util; import; public class RandGen extends Applet { byte[] generatedArray; RandomData randData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); private RandGen() { generatedArray = JCSystem.makeTransientByteArray((short)8,...

How much memory does this card really have? (EEPROM and ObjectDeletion game!)

I wrote a simple program to check requestObjectDeletion() method functionality and my card's available memory. My applet respond to five different kind of APDU commands as follow : SELECT APDU command : Response : 0X9000 Command : XX 00 XX XX XX [...] Response : Return available memory in byte....

UID of a NFC/SWP-accessed SIM card

SIM card is used as a secure element in my project. It is accessed through NFC-SWP contactless interface from a terminal device. I need to identify the SIM card somehow with a unique and permanent identifier and I need to be able to read the identifier through NFC. ICCID seems...

How to change master key of DESfire cards?What is deciphered key?

I want to change the master key of a DESfire card. I read mifare DESFire datasheet already, but as I am new in this field, I couldn't understand it. It is explained how to Change the Key at page 37 of above document. Can anybody give me an example or...

How to write a cross-card Java Card applet?

Normally, when we write an applet containing a feature that our card not support it, the on-card verifier prevents installing its CAP file. I want to know if is there any way to write an applet that can install on all cards, but returns an already defined error during run-time...

Secure Box in JCOP card

JCOP V2.4.2 Revision 3 Security Target: Page 11-12 A Secure Box concept is implemented within JCOP 2.4.2 R3. The Secure Box is a construct which allows to run non certified third party native code and ensures that this code cannot harm, influence or manipulate the JCOP 2.4.2 R3 operating system...

ISO7816 - Odd INS codes?

I found these mysterious lines in ISO 7816, ( 5.4.2 Instruction byte The instruction byte INS of a command shall be coded to allow transmission with any of the protocols defined in part 3 of ISO/IEC 7816. Table 10 shows the INS codes that are consequently invalid. Table 10 -...

How to send a data array to my Applet and manipulation it by Applet and return new data in response apdu?

I want to send a random byte array including for example 24 elements to my JavaCard applet and then my applet is supposed to change that array using a specific method. For example that method XOR each elements with 0x05 and returns the result array in APDU response. To aim...

Change PIN of a Gemalto Smartcard through a script

We have to use the Gemalto IDPrime .Net card Smartcard. We get these USB Dongles and have to change the PIN. Gemalto says via windows: From the Start menu, choose Run and type PINTool. Insert a IDPrime .Net card in the reader as prompted, and click OK. The change PIN...

Receiving SW=`“6999”, “6422”, “6444” and “6D00” in the simulating procedure with NetBeans , CREF and JCWDE?

A simple 8 byte random number generator program is written in NetBeans for Java Card. This is the program : public class RandGen extends Applet { byte[] generatedArray; RandomData randData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); private RandGen() { generatedArray = JCSystem.makeTransientByteArray((short)8, JCSystem.CLEAR_ON_DESELECT); } public static void install(byte bArray[], short bOffset, byte bLength) throws...

Hash generator applet doesn't work fine

Below, you see an applet that generate hash value of input data based on MD5, RIPEMD160, SHA, SHA224, SHA256, SHA384 and SHA512 : package hashPack; import javacard.framework.*; import; import; public class HashMachine extends Applet { //outputArray byte[] hashedValue = new byte[64]; //output Length short OLength = 0x0000; //Defining...

number value to byte[6] array card reader

What's the best way to convert a number to a byte[6] in C#? I'm using MagTek Card reader and trying to display desired amount on device screen, it should be 6-byte array. The amount needs to be used and authorized, EMV Tag 9F02, format n12. Function: int requestSmartCard(int cardType, int...

Two OwnerPIN object in Java Card

I am working on a Java Card application where our requirement is to keep some static data and balance in the card. For security I was thinking to make 2 object of OwnerPIN. One object is for terminal authentication (i.e. the terminal needs to send 8 bytes of data to...

How can I extract an X509 certificate from a smart card using Java?

I use the OmniKey 3121 reader and can use the javax.smartcardio API to send APDU commands to the card reader. I'm not sure if there is a standard way to access the certificate stored on the card. Pointers to example code to read the certificate data would greatly help. Also,...

C on smartcards [closed]

I have the task to write some crypto stuff in C and make it lightweight. The idea behind making it lightweight is, that it could run on a smartcard which doesn't offer much computational power and memory. It won't come to actually running it on a smartcard and it won't...

Is there any alternative to GlobalPlatform Shell for Java Cards?

I know that GP Shell is a tool for testing I/O to Java Cards. But, it is very cumbersome to work with. Is there any alternative to GP Shell which doesn't need written scripts?...

Sturdiness of an applet in Java Card

I developed an applet in Java Card and it works fine. Now I am working on the sturdiness of this applet and more precisely, what happens if the card is deplugged during the applet execution for example. I am wondering if there is an Exception which handle this kind of...

Java Card memory leak in for loop?

I know that Java Card VM's doesn't have have a garbage collector, but what happens with a for loop: for(short x=0;x<10;x++) {} Does the x variable get utilized after the for loop, or it turns into garbage? Just in case I have a transient byte array called index from size...

Performance measures : Java vs JavaCard [closed]

I implemented two algorithms in Java. To compare their effectiveness, I call each function 1000 times and compare the execution time (using System.currentTimeMillis()). It needs 2500 ms to execute the first one and 1300 ms for the second one. With these results, I thought have a significative difference (in term...

Sending signature data in response APDU - Java Card

I would like to sign some data (the MESSAGE byte array) on my Java Card and then return the signature in a response APDU. My code works fine (or at least I think it does and it returns 9000) without the line apdu.sendBytes(BAS, sSignLen), but when I uncomment it I...

Java Card DES generator applet output is different from online-tools output

The below applet is written to do a DES encryption/Decryption on the APDU data field : package cryptoPack; import javacard.framework.APDU; import javacard.framework.Applet; import javacard.framework.ISO7816; import javacard.framework.ISOException; import javacard.framework.JCSystem; import javacard.framework.Util; import; import; import; import javacardx.crypto.Cipher; public class CryptoDES extends Applet { // Array for the encryption/decryption key...

Encode publicKey on Java Card

How to encode an ECDSA PublicKey on Java Card so that after I can decode it on another platform (e.g. sending the encoded key in a response APDU and processing it in a standard Java application)? keyPair.getPublic().getEncoded() on Java would do the trick with PKCS#8 encoding, but as far as...

DES Crypto applet returns errror on reception of any command

In the below you see a simple Java Card applet that is written to encrypt and decrypt data with different DES and 3DES algorithms. These are supported commands : 00 C0 00 00 | KeyLength | KeyValue : To set the DES/3DES Key. (8 byte for DES, 16/24 bytes for...

Is it possible to program a “Java Card” - enabled smart card in any other language than Java?

I have a Java Card enabled smart card and a card reader that was given by my Lab-instructor. I am supposed to do a project using Java Card 2.1.1 API. I don't like the Java Card API. Is it possible to program my given smart card using any other language...

Random data generator applet returns `0x6F00`

I wrote the below program to generate random numbers of different lengths, using two different algorithms (ALG_SECURE_RANDOM and ALG_PSEUDO_RANDOM). P1 and P2 in the APDU command specify the algorithm and the random length in order. P1 = 0X01 : ALG_SECURE_RANDOM P1 = 0X02 : ALG_PSEUDO_RANDOM P2 = Random number length...

Recovering an ECPublicKey from Java to JavaCard

This question is related to the one I asked yesterday : Recovering an ECPublicKey from JavaCard to Java I have the same problem but in the opposite way : After sending the public key from my card to my computer (the point is represented as an octet string in uncompressed...

How to transfer RSA public[/private] key outside the card?

I wrote the below simple program to generate a RSA key pair and transfer the public key to outside the card in the APDU response: public class CryptoRSA extends Applet { //Abbreviations private static final boolean NO_EXTERNAL_ACCESS = false; //Switch case parameters for selecting instruction = INS in apdu command...

resources to make java card application similiar like RB 5.0

I am making java app which main function is to write data on java card 36k, so I need resources ,tutorials about java cards,stuff like that.? I have no experience making java card apps, so please give me any helpful resources.. I am making application like RB 5.0 , if...

Send APDU commands to USIM/SIM card in android

I was already worked with smart cards and I am familiar with APDU commands (that are defined in ISO/IEC 7816 and Global Platform specifications). Now I want to know if is there any way to send an APDU command to my USIM/SIM card that is inserted to my mobile phone?...

RSA key pair generator applet, generate fixed almost zero private and public keys

I wrote the below JavaCard applet to generate 512 bit RSA public and private key pairs on the card and transfer them through the APDU responses to the outside: public class CryptoRSA extends Applet { //Abbreviations private static final boolean NO_EXTERNAL_ACCESS = false; //arrays for generated keys in byte. (I...

Smartcard PKCS11 AES Key Gen Failure

I am attempting to create an AES 256 key on an ACOS5-64 smartcard and OMNIKEY 3121 card reader, using PKCS11 in python (using the PyKCS11 library). So far, all the "standard" operations seem to work with regards to asymmetric crypto. I have run plenty of code samples and pkcs11-tool commands,...

Fast bit shift of a byte array - CMAC subkeys

I need to implement as fast as possible left bit shift of a 16-byte array in JavaCard. I tried this code: private static final void rotateLeft(final byte[] output, final byte[] input) { short carry = 0; short i = (short) 16; do { --i; carry = (short)((input[i] << 1) |...