I noticed that JavaCard 3.0 may have the ability to use HTTPS from the Oracle website (oracle.com/technetwork/articles/javase/javacard3-142122.html).
Are there any ways to create HTTPS connections to a normal Internet website ?
Basically with Java Card Classic you are limited to the APDU interface. This interface has been specified in the Java Card API and the ISO/IEC 7816-4 standard.
It is of course possible to channel any kind of protocol through an APDU interface, but you would have to program it yourself. Furthermore, you would have to do so on the terminal side as well, because Java doesn't know anything about TCP/IP, name resolution etc. As Java Card environments are very limited, it would be tricky to create something that resembles an HTTP client.
There have been demonstrations that implemented a tiny web server on a Java Card. Those obviously also require some kind of proxy on the terminal side.
The Connected Edition - if you can find it anywhere - uses the same idea; it implements a web-server for e.g. authentication. It doesn't provide a client to my knowledge.
A1: There are no JavaCard Connected (which describes such option) devices publicly available.
A2: Classic JavaCard does not specify/allow any kind of connections.
Related
I am a newbie dev trying to build a web application that can read and write to an RFID Card through the browser.
I am currently using an ACR122U Card Reader and have gotten it reading directly to my server in NodeJS with the nfc-pcsc node package.
Of course, I don't want to have my users have to run their own server and install a ton of libraries to read a card.
Ideally, they can just plug a card reader into their USB port and communicate from USB>Browser>Node Server and back again.
Can anyone recommend a good way to communicate with a USB RFID reader through the browser (and send to backend server?). Thanks
As far as I know, at the moment (Mar.2021) there is only experimental support for USB in browsers (WebUSB API). Please refer to https://developer.mozilla.org/en-US/docs/Web/API/USB
As this API is experimental, you may not want to rely on it for production. In this case, a component running on end users machine will be needed (e.g. a more or less simple service that responds via https at 'localhost'. This approach opens several usability/security concerns (such as supplying a trusted certificate for localhost, properly managing CORS headers etc).
You may want to refer to this question for additional suggestion: Architectures to access Smart Card from a generic browser? Or: How to bridge the gap from browser to PC/SC stack?
Folks - How does an application connect with HSM(Hardware security Module) boards? What is the protocol they use and what would be the data formats for interaction? The reason for asking protocol is that I may have the application running on a physical machine connected directly to the network where HSM is installed or I can have the application deployed on the cloud too. So, how do I connect?
For example, if I have a Java application and want to connect with a HSM, say Luna SA, what is the protocol that I use to connect with the HSM board?
FYI, I have seen some related questions already, as listed. But, nowhere I could understand the actual communication protocol and data formats.
Connect SafeNet HSM using Java remotely
How do I integrate HSM encryption with JAVA?
It is HSM-vendor specific. There will be host libraries that convert standard-based APIs (PKCS#11, CNG, JCE, etc) into the proprietary comms protocol, and then it is sent to the HSM. On receipt of a response, the response is format shifted back into whatever the API expects, which is then passed back to your code.
Unless you are writing code that will run on the HSM, you don't need to worry about how the vendor's libraries do their magic.
I study the construction of mobile networks and began to study MVAS. But could not find a specific iinformation what protocols are used in the VAS or MVAS.
I understood that main protocol using SMS - it SMPP.
It would be great if someone made a list of the protocols used, or links where I could read more information about the protocols used.
There is such a list; it is published by 3GPP in specification TS 23.039.
3GPP (earlier ETSI) specified the GSM, UMTS and LTE systems, with standard protocols for most of the interfaces. They did not specify any standard protocol between Short Message Service Centres and external messaging servers though.
Instead, this was left open, and each SMSC developer specified their own protocol. An early and successful SMSC developer was an Irish company called Aldiscon, which was later taken over by Logica. They developed the Short Message Peer-to-Peer protocol (SMPP), and published it as an open standard, which is the reason why it's so widely used today.
I'm working on firmware for an MFI device and when the user plug in his device I can test if he has a specific app. However, if he doesn't have it I would like to open App Store and show him the application so he can download it.
I cannot figure out how to do that. Any ideas or links to docs that can help?
Yours
/peter
This is from the developer docs at this link.
Declaring the Protocols Your Application Supports Applications that
are able to communicate with an external accessory should declare the
protocols they support in their Info.plist file. Declaring support for
specific protocols lets the system know that your application can be
launched when that accessory is connected. If no application supports
the connected accessory, the system may choose to launch the App Store
and point out applications that do.
To declare the protocols your application supports, you must include
the UISupportedExternalAccessoryProtocols key in your application’s
Info.plist file. This key contains an array of strings that identify
the communications protocols that your application supports. Your
application can include any number of protocols in this list and the
protocols can be in any order. The system does not use this list to
determine which protocol your application should choose; it uses it
only to determine if your application is capable of communicating with
the accessory. It is up to your code to choose an appropriate
communications protocol when it begins talking to the accessory.
So as long as your app and your device have the same external accessory protocol, you shouldn't have to do anything to get that behavior.
I need to connect to a Bluetooth device through virtual COM port created in Windows. It's easy when the port has been already created during manual pairing procedure. But I would like my application to relieve an user from the manual pairing of a device. I would like to present all devices in the range, allow user to chose one, and then create virtual COM port connected with the selected device. I'm not trying to avoid the pairing procedure itself, but rather I would like to invoke it by my application.
I started getting familiar with Microsoft Bluetooth API. And then some doubts arose. I've been wondering what happen if some user would use different (than Microsoft's) Bluetooth stack? Is the Microsoft's API the real Bluetooth API, which have to be implemented by any other Bluetooth stack provider? Or rather each provider has its own API, and the Microsoft's is only one of many other?
Thanks everyone for valuable input. I'd like to summarize what I've found so far. The Microsoft Bluetooth API is not operating system API. Application written against it will not cooperate correctly with any other Bluetooth stack. It seems that applications which are intended to cooperate with multiple stacks need to provide some stack abstraction layer, and stack specific code for all of them.The other solution is to allow user for manual pairing of the Bluetooth device, which eventually create some virtual device in the operating system (e.g., COM port). Then the application can use standard interface of such a device.
I can't speak for the Microsoft Bluetooth API, but there are multiple Bluetooth stacks available for the PC platform (even more for mobile devices).
The underlying API is defined by the Bluetooth Core Spec and so all stacks should be able to interact, in fact it is mandatory that they interop or they cannot use the Bluetooth name and logo.
As to pairing, your going to have a hard time getting devices to pair if they have default security, which requires a pin code.
Things might be simpler in the (near) future, as the Bluetooth standard has introduced a new security model, secure simple pairing, which has a 'just works' mode that requires no Pin code. This is still stronger then the current security, except against Man in the middle attacks. However, it could be a while before you see the chips with this feature in PCs.
If you can change to using .NET :-/ I can recommend our library 32feet.NET.
For explicit pairing there's BluetoothSecurity.PairDevice. We can also create the virtual port for you, for example:
BluetoothClient cli = new BluetoothClient();
BluetoothDeviceInfo[] list = cli.DiscoverDevices();
BluetoothDeviceInfo selected = GetUserToSelectOne(list);
BluetoothSecurity.PairDevice(selected, pin);
// Ask Win32 to create a virtual serial port
selected.SetServiceState(BluetoothService.SerialPort);
However I really don't like virtual serial ports so I always suggest that people use a normal sockets connection using our BluetoothClient class, it will automatically handle a pairing request if required.
On Win32 we support the stacks from Microsoft, Widcomm/Broadcom, and BlueSoleil. On Widcomm there's no support for SetServiceState there yet, and their API has no support for responding to pairing requests. BlueSoleil should support both.
A brief user's guide is at 32feet.NET — User’s Guide, and all the class documentation is available at the main site http://32feet.net, the Widcomm documentation is only in our code repository at the moment.