i need to use Java card in my application for check user information and handle user information or handle some business logic example store user borrow book in his card. . .
but i new in java card, i know it now have version 3 (Java card version 3) who's have any book tutorials or ebook can share for me learn Java card 3
Thank you!
Java Card Technology for Smart Cards:
Architecture and Programmer's Guide
by Zhiqun Chen
Smart Card Application
Development Using Java, by Uwe
Hansmann, Frank Seliger,Martin S.
Nicklous
Also a tutorial I found quite useful
http://www.javaworld.com/jw-07-1999/jw-07-javacard.html?page=1
A.E
Related
I'm going to write a Java Card applet to convert my card into an EMV compliant card.
1- The question is how can I do that?
As far as I know, there are four EMV specifications known as EMV Books which contain principles of EMV cards (Chip characteristics, file structure and also the list of APDU commands). Do I need any other specifications to implement my applet or these are all I need? If there are some other specifications which I need, are they freely available or they are proprietary?
2- Do EMV cards have an specific Applet AID?
EFT-Lab provided a good list of applet AIDs. As you see below, there are a lot of AIDs which belong to Visa International (as vendors) that all are "EMV" types. Why does Visa International have a lot of different AIDs for its EMV applets? What's the difference between these applets?
3- Is there any open source EMV applet? Is there any Java Card that has an EMV applet/package by default?
4- Is there any specific difference between contact and contactless EMV cards? (I mean in the file-structure or in the APDU commands)
1- The question is how can I do that?
Yes. Implement the specifications. If there are any other requirements (and surely there will be) then they should be referenced in the specs.
2- Do EMV cards have an specific Applet AID?
Because they offer specific functionality? You may even have multiple applications on the same card. Note that it is possible to select applications using a partial AID (see how the Debit & Credit card partially match). The VISA specific cards are likely used internally only, e.g. when servicing cash machines.
3- Is there any open source EMV applet? Is there any Java Card that has an EMV applet/package by default?
Not likely. It would be rather unusable because it would require EMVCo security evaluation to be accepted. So you need some kind of payment structure to pay for certification and audits. No open source initiative is likely to pony up the cash up front.
Often these kind of implementations require techniques to avoid vulnerabilities that need to remain secret; smart cards do not offer perfect security after all. That's perpendicular to open sourcing an implementation. So if there is anything out there it must be created out of academic interest (e.g. for testing the security of the protocol, proof of concept etc.).
4- Is there any specific difference between contact and contactless EMV cards? (I mean in the file-structure or in the APDU commands)
Generally it is more about which parts of the applet are available or not. The fact that most applets can be used in dual mode probably speaks for itself otherwise.
This paper seems to have a good introduction to the possible differences.
Is there any open source EMV applet? Is there any Java Card that has
an EMV applet/package by default?
Was working on a similar project and found this github repo. According to the owner:
This is a fully working EMV applet for javacard 2.2.1.
I'm new to smart-card development. Please help me understand how to get started.
What's the relationship between Javacard and JCOP?
How do I map a JCOP version to a GlobalPlatform Card Specification?
For example, what specification does JCOP 2.4.1 map to?
When do I need to code against one API versus the other?
Where can I find a good tutorial to get started?
JCOP is a software platform originally from IBM that implements Javacard API and GlobalPlatform (formerly Open Platform). Now owned and managed by NXP.
JCOP 2.4.1? Probably GP 2.1.1. Do a web search for specific product specifications.
javacard and GP:
Javacard is used to write applications - javacard applets - for smartcard platforms, using the Java Programming language and a limited version of the JVM and java libraries.
GlobalPlatform is a specification for managing applet-aware smartcards, defining operations for things like:
managing card lifecycle,
card/host authentication,
installing/deleting/instantiating/selecting applets, and
managing security policies on the card.
Using GlobalPlatform you'll exchange APDUs with the GP card for the aforementioned operations; using javacard you'll write applets that can accept and process APDUs that are specific to your application. GlobalPlatform isn't javacard specific, but javacard is the only relevant technology for smartcard applet development.
For javacard tutorials, start with the javacard site. Look through the documentation section for Getting Started stuff. Download the dev kit and you'll find some html howtos. For GlobalPlatform, you'll need to begin with the latest GP spec; it's certainly not a tutorial, but I don't think you'll find anything more useful. The spec will require strong smartcard fundamentals. Also see Required Things to start Smartcard Programming Using Javacard
I used this excellent tutorial when started with JavaCard: http://javacard.vetilles.com/tutorial/
This might be useful - I spent a while getting older tutorials working on real hardware (e.g. physical Java Cards with GP), including sending APDUs etc. I've collected some of my notes into a video format as it was too much work to write down every little thing.
The video is here: https://www.youtube.com/watch?v=oj2l0X8D4y0&hd=1 and includes basically a quick run-through of what to install, building a program, installing to a Java Card, and talking to said program via Python. It's very very basic but sometimes that's what you need...
jcManager
http://www.brokenmill.com/2010/03/java-secure-card-manager/
comes with source code, which is useful
The two best introductory tutorials I have found are:
"Lecture 14 - Javacard" https://edux.pjwstk.edu.pl/mat/268/lec/lect14/lecture14.html
and this one at JavaWorld,
How to write a Java Card applet: A developer's guide
For example code there is a section titled Learning in this Github repo,
javacard-curated-list of applets
To give an idea of the first topics that are typically covered, the headings from the second link mentioned are:
Architecting the applet
Specifying the functions of the applet
Specifying AIDs
Defining the class structure and method functions of the applet
Defining the interface between an applet and its terminal application
An APDU primer
Defining APDU commands
The Javacard APDU Class
The applet processes an APDU command by invoking methods on the APDU object. In general it performs these steps:
Step 1. Retrieve the APDU buffer
Step 2. Receive data
Step 3. Return data
Step 4. Return status word
Constructing the applet code
Implementing error checking
This article is by Zhiqun Chen who also wrote the book Java Card Technology for Smart Cards
I'm looking to write a simple beginner program using Java Card to run on sim cards. Can anyone point me to some very basic information on getting started? I've seen some descriptions of the toolkit api, but I'm looking for things like: what capabilities are supported by the sim card, how to upload my code to the card (do i need special hardware?), how do I tell whether a sim card supports java card, that sort of thing.
EDIT: I'm specifically looking to run code on sim cards. I've seen some very high level tutorials online, but nothing that goes as far as connecting to a sim card or uploading code. I have a USB sim card reader and a variety of cards to test, but I can't find any detail on how to work with them.
To upload your code to a sim card, it seems to require one of these tools:
GPShell from the GlobalPlatform project
JCardManager which is part of the Gemalto Developer Suite
SIMAlliance CAT Loader
I've not got any of these to recognise my ebay sim card reader, so I think I'll have buy a different reader (probably from gemalto)
Edit: I bought the ACS ACR38 SDK, which includes 3 card readers and a selection of cards, along with drivers, code samples and tools. These card readers are working nicely with the Gemalto Developer Suite.
The Usability Lab tutorial provided with the Gemalto Developer Suite is a pretty good way of diving into sim card development.
Very interesting thing to note: it's pretty hard to get your code running on commercial mobile network operator SIM cards. They typically require the correct certificate before you can write to them.
There are hardware workarounds to this. I'm currently investigating TurboSIM and RebelSIM.
I finally gave up on this project due to other pressures. I was not able to get any Java Card running except on the dev cards, which are not compatible with real devices on a mobile network. The cutout cards such as TurboSIM and RebelSIM are a possibility but quite frustrating to work with.
there is a nice quickstart tutorial on the netbeans page
http://netbeans.org/kb/docs/javame/java-card.html
I know AdMob is not for Java ME.
Do you know any other advertising API or services that can be used in Java ME application?
It might be really good if I can earn some money with my free Java ME applications.
http://adfonic.com/ Adfonic is what can I find now.
You can follow it's instruction from http://developer.adfonic.com/index.php/Getting_Started to allow mobile advertising from Java ME application.
I am trying to sign an XML document with the Micrisift API for the smart cards...
So far I can list the card readers, connect to the right card and establish the context but after that I am not sure what is next......
What PC/SC Functions Do I need to call to sign a document with a private smartcard key?
thanks in advance
Javier
If you have a middleware installed you can use the Windows CAPI for cryptographic functions. Some middlewares also ship a PKCS#11 library you can use.
If you don't have any middleware you have to do it yourself using the PC/SC interface, I suggest you look into ISO/IEC 7816-4 and ISO/IEC 7816-8 if the card is using Secure Messaging (or Sado Machism if you ask me). Unfortunately those ISO specs are quite expensive, however you can find some excerpts from ISO/IEC 7816-4 right here.
The ISO/IEC 7816-4 describe the APDU commands for information exchange with the card. The PKCS#15 standard can also be of great help regarding how files are stored on the card.
Also, you might need the full specification from the card manufacturer. If you are lucky you can find a plugin for your card in the MuscleCard project or the OpenSC project (they both work in Windows too).