smartcard,javacard,globalplatform , What is the reaction of JCRE to uploading an applet with promiscuous AID?

What is the reaction of JCRE to uploading an applet with promiscuous AID?


Tag: smartcard,javacard,globalplatform

As we know the AID of applets mus have a length between 5 and 16 bytes. And in case of applet that they have a promiscuous length (greater than 16 byte or less than 5 bytes), the Converter doesn't works. But this is the Off-Card verifier.

I want to see what is the reaction of the JCRE to a non-standard .cap file. In the other word, I want to change the contents of a .cap file using a hex editor tool in order to changing the AID.

As you see AIDs are saved in the .cap files headers. But where is the header? Not only I can't find the AID in the contents of a .cap file, but also, two converted file of a single .java file with an equal AID, are different!

I mean if you convert a .java file to .cap file twice, the result is different! even for equal AIDs! why?

Below, You see content of two .cap file of a single program with equal AIDs :

enter image description here

enter image description here


I'll provide two answers, as you've asked two questions. Please try and ask one question per question.

The .cap file is different because the single .cap file is little more than a .zip archive. You can simply change the file extension to .zip to see the contents.

A .zip can contain entries in any order and it should also contain dates etc. So even if the contents of the files within the archive are completely identical, the .zip file is still likely to be different. In the .zip there should be a Header.cap.

Usually the .zip is not compressed, so you may still see contents of the .cap files within it.

And yes, I would expect the runtime to reject AID's with an invalid length. Note that the instance AID used for Applet selection may be different from the Applet AID. The instance AID may be given during the INSTALL for INSTALL command.


Fast bit shift of a byte array - CMAC subkeys

I need to implement as fast as possible left bit shift of a 16-byte array in JavaCard. I tried this code: private static final void rotateLeft(final byte[] output, final byte[] input) { short carry = 0; short i = (short) 16; do { --i; carry = (short)((input[i] << 1) |...

ADPU Service in iOS

I'm looking for an NFC solution for iOS similar to HostApduService for Android. Can someone tell me how can I exchange APDU commands in iOS. Thank you....

Java Card memory leak in for loop?

I know that Java Card VM's doesn't have have a garbage collector, but what happens with a for loop: for(short x=0;x<10;x++) {} Does the x variable get utilized after the for loop, or it turns into garbage? Just in case I have a transient byte array called index from size...

Smartcard PKCS11 AES Key Gen Failure

I am attempting to create an AES 256 key on an ACOS5-64 smartcard and OMNIKEY 3121 card reader, using PKCS11 in python (using the PyKCS11 library). So far, all the "standard" operations seem to work with regards to asymmetric crypto. I have run plenty of code samples and pkcs11-tool commands,...

Encode publicKey on Java Card

How to encode an ECDSA PublicKey on Java Card so that after I can decode it on another platform (e.g. sending the encoded key in a response APDU and processing it in a standard Java application)? keyPair.getPublic().getEncoded() on Java would do the trick with PKCS#8 encoding, but as far as...

How can I extract an X509 certificate from a smart card using Java?

I use the OmniKey 3121 reader and can use the javax.smartcardio API to send APDU commands to the card reader. I'm not sure if there is a standard way to access the certificate stored on the card. Pointers to example code to read the certificate data would greatly help. Also,...

DES Crypto applet returns errror on reception of any command

In the below you see a simple Java Card applet that is written to encrypt and decrypt data with different DES and 3DES algorithms. These are supported commands : 00 C0 00 00 | KeyLength | KeyValue : To set the DES/3DES Key. (8 byte for DES, 16/24 bytes for...

ISO7816 - Odd INS codes?

I found these mysterious lines in ISO 7816, ( 5.4.2 Instruction byte The instruction byte INS of a command shall be coded to allow transmission with any of the protocols defined in part 3 of ISO/IEC 7816. Table 10 shows the INS codes that are consequently invalid. Table 10 -...

how changing master key or other keys can provide security ?how used session key to keep the further communication between DESFire and reader?

I am working on the ticket electronik that tickets are DESFire cards. I want communications be safe . i now trying change PICC key . Before changing DESFire master key Authenticate with master key is necessary. In desfire sheet about Authenticate at page 31 was described: "This procedure not only...

How to send a data array to my Applet and manipulation it by Applet and return new data in response apdu?

I want to send a random byte array including for example 24 elements to my JavaCard applet and then my applet is supposed to change that array using a specific method. For example that method XOR each elements with 0x05 and returns the result array in APDU response. To aim...

Change PIN of a Gemalto Smartcard through a script

We have to use the Gemalto IDPrime .Net card Smartcard. We get these USB Dongles and have to change the PIN. Gemalto says via windows: From the Start menu, choose Run and type PINTool. Insert a IDPrime .Net card in the reader as prompted, and click OK. The change PIN...

UID of a NFC/SWP-accessed SIM card

SIM card is used as a secure element in my project. It is accessed through NFC-SWP contactless interface from a terminal device. I need to identify the SIM card somehow with a unique and permanent identifier and I need to be able to read the identifier through NFC. ICCID seems...

number value to byte[6] array card reader

What's the best way to convert a number to a byte[6] in C#? I'm using MagTek Card reader and trying to display desired amount on device screen, it should be 6-byte array. The amount needs to be used and authorized, EMV Tag 9F02, format n12. Function: int requestSmartCard(int cardType, int...

Is it possible to program a “Java Card” - enabled smart card in any other language than Java?

I have a Java Card enabled smart card and a card reader that was given by my Lab-instructor. I am supposed to do a project using Java Card 2.1.1 API. I don't like the Java Card API. Is it possible to program my given smart card using any other language...

lib directory could not be found in jcdk home

I will start a project about Java card on Eclipse IDE.I follow the instructions here and when I set the home location of JCDK , I am getting "lib directory could not be found in JCDK home." error.What can be reason?

Java Card DES generator applet output is different from online-tools output

The below applet is written to do a DES encryption/Decryption on the APDU data field : package cryptoPack; import javacard.framework.APDU; import javacard.framework.Applet; import javacard.framework.ISO7816; import javacard.framework.ISOException; import javacard.framework.JCSystem; import javacard.framework.Util; import; import; import; import javacardx.crypto.Cipher; public class CryptoDES extends Applet { // Array for the encryption/decryption key...

Recovering an ECPublicKey from Java to JavaCard

This question is related to the one I asked yesterday : Recovering an ECPublicKey from JavaCard to Java I have the same problem but in the opposite way : After sending the public key from my card to my computer (the point is represented as an octet string in uncompressed...

Sturdiness of an applet in Java Card

I developed an applet in Java Card and it works fine. Now I am working on the sturdiness of this applet and more precisely, what happens if the card is deplugged during the applet execution for example. I am wondering if there is an Exception which handle this kind of...

Two OwnerPIN object in Java Card

I am working on a Java Card application where our requirement is to keep some static data and balance in the card. For security I was thinking to make 2 object of OwnerPIN. One object is for terminal authentication (i.e. the terminal needs to send 8 bytes of data to...

RSA key pair generator applet, generate fixed almost zero private and public keys

I wrote the below JavaCard applet to generate 512 bit RSA public and private key pairs on the card and transfer them through the APDU responses to the outside: public class CryptoRSA extends Applet { //Abbreviations private static final boolean NO_EXTERNAL_ACCESS = false; //arrays for generated keys in byte. (I...

Send APDU commands to USIM/SIM card in android

I was already worked with smart cards and I am familiar with APDU commands (that are defined in ISO/IEC 7816 and Global Platform specifications). Now I want to know if is there any way to send an APDU command to my USIM/SIM card that is inserted to my mobile phone?...

Hash generator applet doesn't work fine

Below, you see an applet that generate hash value of input data based on MD5, RIPEMD160, SHA, SHA224, SHA256, SHA384 and SHA512 : package hashPack; import javacard.framework.*; import; import; public class HashMachine extends Applet { //outputArray byte[] hashedValue = new byte[64]; //output Length short OLength = 0x0000; //Defining...

Smart Card Reader T0 T1 communication on APDU level

I am struggle to understand what protocol I have to use to communicate with the card T0 or T1? So, correct me if I am wrong, but the reader actually decides by itself what protocol to use to communicate with the card if the card supports both. So my logic...

Recovering an ECPublicKey from JavaCard to Java

I am trying to implement ECDH between a terminal (simulated by my computer) and a smart card (Java Card). I fixed the elliptic curve that I want to use, and on the card side I have the following code to run the first part of the protocol : ECPublicKey pubKey...

NFC SWP applet selection returns 6999

I have a simple JavaCard applet installed on my SIM card. I try to communicate with my applet using Omnikey 5121 CL reader and NFC-enabled Sony Xperia L through NFC/SWP (single wire protocol). The problem is I cannot select the applet - as a status word I get 6999. The...

Secure Box in JCOP card

JCOP V2.4.2 Revision 3 Security Target: Page 11-12 A Secure Box concept is implemented within JCOP 2.4.2 R3. The Secure Box is a construct which allows to run non certified third party native code and ensures that this code cannot harm, influence or manipulate the JCOP 2.4.2 R3 operating system...

Receiving SW=`“6999”, “6422”, “6444” and “6D00” in the simulating procedure with NetBeans , CREF and JCWDE?

A simple 8 byte random number generator program is written in NetBeans for Java Card. This is the program : public class RandGen extends Applet { byte[] generatedArray; RandomData randData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); private RandGen() { generatedArray = JCSystem.makeTransientByteArray((short)8, JCSystem.CLEAR_ON_DESELECT); } public static void install(byte bArray[], short bOffset, byte bLength) throws...

How to write a cross-card Java Card applet?

Normally, when we write an applet containing a feature that our card not support it, the on-card verifier prevents installing its CAP file. I want to know if is there any way to write an applet that can install on all cards, but returns an already defined error during run-time...

C on smartcards [closed]

I have the task to write some crypto stuff in C and make it lightweight. The idea behind making it lightweight is, that it could run on a smartcard which doesn't offer much computational power and memory. It won't come to actually running it on a smartcard and it won't...

Trying Java Card Application On real smart card

I will write an application for smart card with using Java Card Framework.When I finished my application I want to set up to a real smart card and try it.Which equipment I must have?How can I run my codes on a real smart card?I have to provide a connector between...

Converting decimal to hexadecimal byte in Java Card

I would like to convert a decimal (integer or short types) in Java to hexadecimal byte in a Java Card environment (only supports byte and short types and possibly int types). Example: int num = 254 Print out result: 0xFD My current method of using switches and if-else to handle...

Performance measures : Java vs JavaCard [closed]

I implemented two algorithms in Java. To compare their effectiveness, I call each function 1000 times and compare the execution time (using System.currentTimeMillis()). It needs 2500 ms to execute the first one and 1300 ms for the second one. With these results, I thought have a significative difference (in term...

Why Eclipse returns an error when trying to convert an applet, while NetBeans not?

Below, you see a Java Card program that acts as a 8 byte random number generator : package randGen; import javacard.framework.APDU; import javacard.framework.Applet; import javacard.framework.ISOException; import javacard.framework.JCSystem; import javacard.framework.Util; import; public class RandGen extends Applet { byte[] generatedArray; RandomData randData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); private RandGen() { generatedArray = JCSystem.makeTransientByteArray((short)8,...

Why am I unable to find my desired environment variable functionality on Win7?

And, in the path section I have: C:\ProgramData\Oracle\Java\javapath; C:\Program Files (x86)\Intel\iCLS Client\; C:\Program Files\Intel\iCLS Client\; %SystemRoot%\system32; %SystemRoot%; %SystemRoot%\System32\Wbem; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL; C:\Program Files\Intel\Intel(R) Management Engine Components\IPT; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT; C:\Program Files (x86)\Skype\Phone\; C:\Program...

How to transfer RSA public[/private] key outside the card?

I wrote the below simple program to generate a RSA key pair and transfer the public key to outside the card in the APDU response: public class CryptoRSA extends Applet { //Abbreviations private static final boolean NO_EXTERNAL_ACCESS = false; //Switch case parameters for selecting instruction = INS in apdu command...

Sending signature data in response APDU - Java Card

I would like to sign some data (the MESSAGE byte array) on my Java Card and then return the signature in a response APDU. My code works fine (or at least I think it does and it returns 9000) without the line apdu.sendBytes(BAS, sSignLen), but when I uncomment it I...

Is there any alternative to GlobalPlatform Shell for Java Cards?

I know that GP Shell is a tool for testing I/O to Java Cards. But, it is very cumbersome to work with. Is there any alternative to GP Shell which doesn't need written scripts?...

How to change master key of DESfire cards?What is deciphered key?

I want to change the master key of a DESfire card. I read mifare DESFire datasheet already, but as I am new in this field, I couldn't understand it. It is explained how to Change the Key at page 37 of above document. Can anybody give me an example or...

How much memory does this card really have? (EEPROM and ObjectDeletion game!)

I wrote a simple program to check requestObjectDeletion() method functionality and my card's available memory. My applet respond to five different kind of APDU commands as follow : SELECT APDU command : Response : 0X9000 Command : XX 00 XX XX XX [...] Response : Return available memory in byte....

resources to make java card application similiar like RB 5.0

I am making java app which main function is to write data on java card 36k, so I need resources ,tutorials about java cards,stuff like that.? I have no experience making java card apps, so please give me any helpful resources.. I am making application like RB 5.0 , if...

Random data generator applet returns `0x6F00`

I wrote the below program to generate random numbers of different lengths, using two different algorithms (ALG_SECURE_RANDOM and ALG_PSEUDO_RANDOM). P1 and P2 in the APDU command specify the algorithm and the random length in order. P1 = 0X01 : ALG_SECURE_RANDOM P1 = 0X02 : ALG_PSEUDO_RANDOM P2 = Random number length...

Determine Facility Code and Card Number from ATR in C#

I have the following card reader HID Omnikey 5325. I have a contact-less card named HIS Proximity. The number written on this card is 133593 42101044091-3. By reading the card, I get the following ATR hex: 3B050002F10673 Using the folowing applications I have managed to see the following information. I...