How to get started with Javacard?

StackOverflow https://stackoverflow.com/questions/7190338

  •  12-01-2021
  •  | 
  •  

Question

I'm new to smart-card development. Please help me understand how to get started.

  1. What's the relationship between Javacard and JCOP?
  2. How do I map a JCOP version to a GlobalPlatform Card Specification?
    • For example, what specification does JCOP 2.4.1 map to?
  3. When do I need to code against one API versus the other?
  4. Where can I find a good tutorial to get started?
Was it helpful?

Solution

  1. JCOP is a software platform originally from IBM that implements Javacard API and GlobalPlatform (formerly Open Platform). Now owned and managed by NXP.
  2. JCOP 2.4.1? Probably GP 2.1.1. Do a web search for specific product specifications.
  3. javacard and GP:
    • Javacard is used to write applications - javacard applets - for smartcard platforms, using the Java Programming language and a limited version of the JVM and java libraries.
    • GlobalPlatform is a specification for managing applet-aware smartcards, defining operations for things like:
      • managing card lifecycle,
      • card/host authentication,
      • installing/deleting/instantiating/selecting applets, and
      • managing security policies on the card.
    • Using GlobalPlatform you'll exchange APDUs with the GP card for the aforementioned operations; using javacard you'll write applets that can accept and process APDUs that are specific to your application. GlobalPlatform isn't javacard specific, but javacard is the only relevant technology for smartcard applet development.
  4. For javacard tutorials, start with the javacard site. Look through the documentation section for Getting Started stuff. Download the dev kit and you'll find some html howtos. For GlobalPlatform, you'll need to begin with the latest GP spec; it's certainly not a tutorial, but I don't think you'll find anything more useful. The spec will require strong smartcard fundamentals. Also see Required Things to start Smartcard Programming Using Javacard

OTHER TIPS

I used this excellent tutorial when started with JavaCard: http://javacard.vetilles.com/tutorial/

jcManager http://www.brokenmill.com/2010/03/java-secure-card-manager/ comes with source code, which is useful

This might be useful - I spent a while getting older tutorials working on real hardware (e.g. physical Java Cards with GP), including sending APDUs etc. I've collected some of my notes into a video format as it was too much work to write down every little thing.

The video is here: https://www.youtube.com/watch?v=oj2l0X8D4y0&hd=1 and includes basically a quick run-through of what to install, building a program, installing to a Java Card, and talking to said program via Python. It's very very basic but sometimes that's what you need...

The two best introductory tutorials I have found are:

  1. "Lecture 14 - Javacard" https://edux.pjwstk.edu.pl/mat/268/lec/lect14/lecture14.html

and this one at JavaWorld,

  1. How to write a Java Card applet: A developer's guide

For example code there is a section titled Learning in this Github repo,

javacard-curated-list of applets

To give an idea of the first topics that are typically covered, the headings from the second link mentioned are:

Architecting the applet

Specifying the functions of the applet

Specifying AIDs

Defining the class structure and method functions of the applet

Defining the interface between an applet and its terminal application

An APDU primer

  • Defining APDU commands

  • The Javacard APDU Class

    The applet processes an APDU command by invoking methods on the APDU object. In general it performs these steps:

    Step 1. Retrieve the APDU buffer

    Step 2. Receive data

    Step 3. Return data

    Step 4. Return status word

Constructing the applet code

Implementing error checking

This article is by Zhiqun Chen who also wrote the book Java Card Technology for Smart Cards

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top