Presentation is loading. Please wait.

Presentation is loading. Please wait.

Programming Smart Cards Rajnish Kumar Comp527.. Expect to learn Cardlet Development Installation Coke Machine Interface Implementation Basic Cryptography.

Similar presentations


Presentation on theme: "Programming Smart Cards Rajnish Kumar Comp527.. Expect to learn Cardlet Development Installation Coke Machine Interface Implementation Basic Cryptography."— Presentation transcript:

1 Programming Smart Cards Rajnish Kumar Comp527.

2 Expect to learn Cardlet Development Installation Coke Machine Interface Implementation Basic Cryptography

3 Smart Cards A Card with built-in micro-processor and memory. Applications : Pre-paid calling card Security needs e-cash

4 Terminology Program Applet Application Cardlet Instance of Program Unique AID APDU Communication format between card and terminal

5 Java Card Architecture Loader Application Cardlets Javacard API SOLO virtual Machine APDU MgmtFileSystemCrypto Utilities Chip Dependent Functions

6 Developing a Cardlet Develop a.java file -Use the packages provided -Javacard.framework -Javacardx.cryptography -Use “-g” to compile - javac –g wallet.java 1. Compile to.class

7 Developing a Cardlet Develop a.java file 1. Compile to.class Create a.bin file 2. Use MakeSOLO tool to generate.bin file from.class

8 Developing a Cardlet Develop a.java file 1. Compile to.class Create a.bin file 2. Use CardletManager tool to download.bin file to the card. Download as a program file 3.

9 Develop a.java file 1. Compile to.class Create a.bin file 2. Instantiate the program Assign AID Download as a program file 3. Install as a Cardlet 4. Developing a Cardlet

10 Methods required for Cardlet install() : instantiate cardlet object select() : prepare the cardlet for execution process() : switch statement Optional : main() : entry point for cardlet

11 Javacard.framework AID - Application ID APDU - Handling communication buffer ISO - constants OwnerPin Applet Util - array functions

12 Beware !! Card resource limitations Total cardlet size : 13.5 kb Limited heap and stack size Operation time out Desynchronization

13 Writing Terminal Application

14 Java Card’s native commands Hosted by Loader utility Loader acts as native OS Loader’s function : Conduct transaction between terminal and cardlet Provide cryptography support Manage card’s files, program files and cardlets.

15 Example Commands CreateFile DeleteFile SelectFile ReadBinary UpadteBinary VerifyCHV VerifyKey

16 Terminal Application Use slb.iop.* classes to write terminal application in Java Example method : SmartCard.sendCardAPDU( CLA, INS, P1,P2, dataArray, Mode )

17 Command format (APDU) CLA : Command Class ( 1byte ) 00h for loader class ( Card specific ). 03h for Wallet ( User defined ) CLAINSP1P2P3 From Terminal SW1 SW2 From Card, To Terminal Data

18 Command format INS : Command Instruction Identifier (1b) CLA + INS uniquely identifies the command If native, loader process Else, forwarded to suitable cardlet 03h for getBalance(). CLAINSP1P2P3 From Terminal SW1 SW2 From Card, To Terminal Data

19 Command format P1,P2 : Command parameters P3 : number of bytes of data to follow, or expected by the terminal SW1,SW2 : status words. CLAINSP1P2P3 From Terminal SW1 SW2 From Card, To Terminal Data

20 Cryptography Support

21 Symmetric/Asymmetric Authentication Internal/External Authentication Key Files Supported Encryption Algorithms: DES 3-DES RSA

22 Key Files Key FileFile IDDetails CHV1 CHV Card holder verification PIN, unblocking PIN, attempts Ext Key file0011Contains DES/3DES keys for external authentication, transport key Int Key file0001DES/3DES keys for internal authentication, MAC RSA-PRI RSA-PUB Private key Public key

23 External Authentication 1. Terminal calls AskRandom. Card has to return a challenge (random number ). 2. Terminal encrypts the challenge. Sends the encrypted challenge back to card using ExternalAuth. Key ID is also specified. 3. Card checks the correctness of terminal response, and authenticates if correct.

24 Internal Authentication 1. Call an InternalAuth command 2. Call getResponse to get the cryptogram 3. Check if cryptogram is correct. CLA INS P1 P2 P3 Mode 00/F0 88 algo_ID key_nb length S/R

25 Javacardx.crypto Classes DES_Key DES3_Key RSA_PrivateKey RSA_PublicKey MessageDigest

26 En/Decryption DES_Key class methods encryptECB, encryptCBC decryptECB, decryptCBC generateMAC, verifyMAC setKey getBlockSize

27 Code Walk Through

28 Reference SDK Guide Cyberflex Access Programmer’s Guide Search google for Java cryptography


Download ppt "Programming Smart Cards Rajnish Kumar Comp527.. Expect to learn Cardlet Development Installation Coke Machine Interface Implementation Basic Cryptography."

Similar presentations


Ads by Google