Applications & SmartCard : JavaCard - Identification - LIFL

Recherche & Développement 

sur les Dossiers Portables. 

Applications & 

SmartCard : JavaCard 

Gilles Grimaud 

Université des Sciences et 

Technologies de Lille 

Inspired by Jean-Jacques Vandewalle 

lecture notes, Gemplus Research Labs. 

SmartCard : Remainder 

« Chaque fois qu’un Gonda désirait quelque chose de nouveau, des vêtements, 

un bagage, des objets, il payait avec sa clef. Il pliait le majeur, enfonçait sa 

clef dans un emplacement prévu à cet effet, et son compte, à l’ordinateur 

central était aussitôt diminué de la valeur de la marchandise ou du service 

demandé. » 

la nuit des temps, R. BARJAVEL 

Vdd 

RST 

CLK 

RFU 

Rolland Moreno 

GND 

Vpp 

I/O 

RFU 

< 4,17mm 

RAM 

CPU 

I/O 

< 6,45mm 

ROM 

E²PROM 

http://www.lifl.fr/~grimaud/Cours/ 

5/28/2005 

http://www.lifl.fr/~grimaud/Cours 

JavaCard System & Framework 2 

JavaCard Architecture 

JavaCard Architecture 

JavaCard Applet 1 

JavaCard Applet 2 

Framework APIs 

(V)OP APIs 

& 

Applet Manager 

JCVM 

Memory spaces 

Java Card Virtual Machine 

Natives Layers 

Hardware : CPU + Memories + IO 

Transient Heap 

JStack 

Persistent Heap 

Bytecodes & 

Applets structs 

Romized 

Applets 


Natives Layer 

& JCVM 

RAM (~1Kb) EEPROM (~32Kb) ROM (~64Kb) 




JavaCard System & Framework 4

JavaCard Applet life cycle 

APDUs in JavaCard 

JCVM 

• Terminal command 

Applet 

sources 

Applet 

class files 

remove 

remove 

Applet 

cap file 

load 

Applet 

Loaded 

Applet 

Activited 

Install / Register 

Select → 

← Deselect 

Applet 

Selected 

Process → 

← return 

Applet 

Processing 

Off-card 

On-card 

Header Bytes 

data 

CLA INS P1 P2 P3 

P3 indicates either data length sent or length expected 

• Card response 

Outgoing data Status word 

SW1 SW2 





APDUs in JavaCard 

• According to ISO 7816 standards 

Case Command Response P3 

data 

data parameter 

Case 1 --- --- 0 

Case 2 --- Data Lsent 

Case 3 Data --- Lexpected 

Case 4 

2 APDU 

exchanges 

Data Data (i) Lsent 

(ii) Lexpected 

JavaCard limitations... 

• Byte 

[-128, +127] 

• short 

Signed values only ! 

[-32768, +32767] 

• boolean 

byte: TRUE or FALSE 

• objects (including arrays...) 

• int (optional) 

No support for "int" in GemXpresso 





JavaCard limitations 

JavaCard limitations 

• A garbage collector implies multithreading 

What is cloning 

Executing: b = a 

gives: 

Executing: b = a.clone() 

gives: 

• Not fully implemented on GemXpresso cards 

Started manually on card reset 

a 

H E L L O 

a 

H E L L O 

b 

a 

H E L L O 

H E L L O 

b 

• No explicit or implicit object de-allocation commands 

(Java innate pointer-safe philosophy) 

A proprietary Garbage collector is sometime supported 

• No clone() method in class Object 

Use Util.arrayCopy() instead (for array only) 

• Clonable interface not provided 

• Space efficiency is paramount 

⇒ creating copies of objects is critical 





JavaCard APIs 


• 1. java.lang 

 

Classes : Object , Throwable 

• java.lang 

• javacard.framework 

• javacard.security 

• javacardx.crypto 

Exceptions 

Provides classes that are fundamental to the design of the 

Java Card technology, subset of the Java programming 

language. 

• 2. javacard.framework 

• 3. javacard.security 

• 4. javacardx.crypto 







• Every exception has an associated reason 

A short value 

Forwarded to the JCVM using 


xxxException.throwIt(short reason) 

Rather than 

throw new xxxException(short reason) 

• Card returns the reason for ISOException exceptions 

only. 

For otherException, reason is always “6F00” code (JCVM 

terminated). 


• How can you customize your exceptions : example 

 

 

 


define an exception 

APDUException a 

associate a reason to this exception and throw it 

a.throwIt(BAD_LENGTH) 

catch it and convert it into a ISOException with a customized reason, 

then throw it 

ISOException.throwIt(SW_UNKNOWN+0x30+a.getReason()) 

ISOException reasons are always returned : 

SW1 SW2 = 

SW1 SW2 = 6F 33 

6F 00 (SW_UNKNOWN:defined in ISO7816 interface) 

+ 0x30 (customized convention) 

+ 0x03 (BAD_LENGTH:defined in APDUException class) 






Interfaces ISO7816 PIN Shareable 

Classes AID APDU Applet JCSystem OwnerPIN Util 

Exceptions 

Provides framework of classes and interfaces for the core 

functionality of a Java Card applet. 




JavaCard.Framework APIs 

° class java.lang.Object 

° class javacard.framework.AID 

° class javacard.framework.APDU 

° class javacard.framework.Applet 

° class javacard.framework.JCSystem 

° class javacard.framework.OwnerPIN (implements javacard.framework.PIN) 

° class java.lang.Throwable 

° class java.lang.Exception 

° class javacard.framework.CardException 

° class javacard.framework.UserException 

° class java.lang.RuntimeException 

° class javacard.framework.CardRuntimeException 

° class javacard.framework.APDUException 

° class javacard.framework.ISOException 

° class javacard.framework.PINException 

° class javacard.framework.SystemException 

° class javacard.framework.TransactionException 

° class javacard.framework.Util 

° interface javacard.framework.ISO7816 

Optionally used by the 

° interface javacard.framework.PIN 

developer... 

° interface javacard.framework.Shareable 




• AID 

• APDU 

• Applet 

• OwnerPIN 

• Util 

• JCSystem 


• AID 

This class encapsulates the Application 

Identifier(AID) associated with an applet. 

• APDU 

• Applet 

• OwnerPIN 

• Util 

• JCSystem 





JavaCard.Framework.AID 


• AID 

• Encapsulates 7816-5 application identifier 

(AID) in a byte array (5 to 16 bytes) 

• Uniquely identifies an applet object 

• APDU 

Application Protocol Data Unit (APDU) is the 

communication format between the card and the offcard 

applications. The format of the APDU is defined 

in ISO specification 7816-4. 

• JCRE creates the applets’ AID objects at 

installation time 



• Applet 

• OwnerPIN 

• Util 

• JCSystem 



JavaCard.Framework.APDU 

• Encapsulates 7816-4 APDU elements in pre-created I/O 


• APDU buffer is handled by the JCRE as a global array 

buffer 

• APDU = communication packet between on-card and 

off-card applications 

Incoming APDU 

ISO standards 

APDU Buffer 

CLA INS P1 P2 P3 

• Contains methods for sending and receiving data 

• Hides the low level details of the protocol used 

• APDU objects are owned by the JCRE 

• To have a reference on the APDU buffer in the applet 

getBuffer() 

Return the APDU buffer byte array, filled with APDU 

header 






• process() method is called 

• getBuffer() 

• INS is examined 

CLA INS P1 P2 L 

Process( ) 

INS = V1 

INS = Vx 

INS =V2 

Method1( ) 

Methodx( ) 

Method2( ) 


Buffer 

• To retrieve incoming data (for ISO cases 2 and 4) 

setIncomingAndReceive() 

Sets the transfer direction to inbound 

Receives the incoming data in the APDU buffer at offset = 4 

byte bLength = (byte)_apdu.setIncomingAndReceive(); 

byte bData = baBuffer[ISO7816.OFFSET_CDATA]; 

OR 

receiveBytes(short offset) 

Sets the transfer direction to inbound 

Receives the incoming data in the APDU buffer at user offset 






Buffer 

APDU Buffer 


• To send back data (for ISO cases 3 and 4) 

User manages the APDU buffer 

setOutgoing() 

 

 

Sets the transfer direction to outbound 

Obtains the expected length 

setOutgoingLength(short length) 

 

Sets the expected length 

sendBytes(short offset, short length) 

APDU Buffer 

• To send back data for cases 3 and 4 

User manages the APDU buffer and send in a very nice way 

setOutgoingAndSend(short offset, short length) 

= setOutgoing() + setOutgoingLength() + sendBytes() 

 

Sends length bytes from the APDU buffer starting at offset 






• AID 

• APDU 

• Applet 

This abstract class defines an applet in Java Card. 

The Applet class should be extended by any applet 

that is intended to be loaded onto, installed into and 

executed on a Java Card compliant smart card. 

OwnerPIN 

• Util 

• JCSystem 

JavaCard.Framework.Applet 

• "Super class" of all Java Card applets 

• No relationship with java.applet.Applet 

• Contains lifecycle methods 

• Abstract class, but none of its methods are abstract 

Must subclass, but not programmatically required to override any 

particular methods 

Must implement process() methods in order to interact with 

JCRE 

Shall implement install() method to allow multiple instances 

May override the select()and deselect() methods 

Common behavior of all JavaCard applets 







• 0. Applet design and download 

• 1. Install () 

• 2. Register () 

• 3. Select () 

• 4. Process () 

• 5. Deselect () 

• 6. Power loss 














JCVM 

Applet 

sources 

Applet 

class files 

remove 

remove 

Applet 

cap file 

load 

Applet 

Loaded 

Applet 

Activited 


Select → 

← Deselect 

Applet 

Selected 

Process → 

← return 

Applet 

Processing 

Off-card 

On-card 













JavaCard.Framework.Applet.install() 

JCVM 

Applet 

sources 

Applet 

class files 

remove 

Applet 

cap file 

load 

Applet 

Loaded 

Off-card 

On-card 

CLA Install P1 P2 Lc Install Parameters 

SW1 SW2 

Initialize / customize fields 

• Instanciation and initialization of the AID 

and Applet objects 

remove 

Applet 

Activited 


Select → 

← Deselect 

Applet 

Selected 

Process → 

← return 

Applet 

Processing 

• Static method (called once by the JCRE) in 

which the applet object is allocated and 

partly initialized 






JavaCard.Framework.Applet.register() 

JCVM 








Applet 

sources 

Applet 

class files 

remove 

remove 

Applet 

cap file 

load 

Applet 

Loaded 

Applet 

Activited 


Select → 

← Deselect 

Applet 

Selected 

Process → 

← return 

Applet 

Processing 

Off-card 

On-card 





JavaCard.Framework.Applet.register() 


• Updates the applet table 

AID 

Registers the applet within the JCRE 

Located in the install() method 

• Two protected methods 

register() uses applet’s AID for the instance’s AID 

register(array offset length) allows to define 

an AID for an instance, and multiple-instanciation. 












JavaCard.Framework.Applet.select() 

JavaCard.Framework.Applet.select() 

Applet 

sources 

Applet 

class files 

remove 

remove 

Applet 

cap file 

load 

Applet 

Loaded 

Applet 

Activited 


Applet 

Selected 

JCVM 

Applet 

Processing 

Off-card 

On-card 

CLA Select P1 P2 Lc AID 

SW1 

SW2 

Please select Applet which AID is... 

OK, selection accepted 

• Called by the JCRE to inform an applet that it has 

been selected 

• Indicates the applet is ready to accept incoming 

APDUs 

• Once the applet has been selected, commands that 

cannot be interpreted by the JCRE are sent to the 

process() method 

Select → 

← Deselect 

Process → 

← return 

Use selectingApplet() for filtering out the applet selection 

APDU (returns TRUE if the applet is being selected) 






JavaCard.Framework.process() 

JCVM 





Applet 

sources 

Applet 

class files 

remove 

Applet 

cap file 

load 

Applet 

Loaded 

Off-card 

On-card 




remove 

Applet 

Activited 

Applet 

Selected 

Applet 

Processing 


Select → 

← Deselect 

Process → 

← return 





JavaCard.Framework.process() 


• Contains the core application code of the 

applet 



Incoming 

APDUs 

• Handles all the incoming APDU messages 

for the applet 

JCRE 

Selected Applet 

Method_1( ) 

process( ) 

deselect( ) 

Method_2( ) 

Method_i( ) 










JavaCard.Framework.Applet.deselect() 

JavaCard.Framework.Applet.deselect() 

Applet 

sources 

Applet 

class files 

remove 

remove 

Applet 

cap file 

load 

Applet 

Loaded 

Applet 

Activited 


Applet 

Selected 

JCVM 

Applet 

Processing 

Off-card 

On-card 

• Automatically called by the JCRE 

upon selection of another applet 

• Informs the current applet that 

another applet has been selected 

• Not called in case of power loss 

process( )( ) 

Applet 1 Applet 2 

Process( ) 

Select → 

← Deselect 

Process → 

← return 

OK, I am no 

longer selected 

deselect( ) select( ) 

JCRE 





Applet Example 

package com.gemplus.training.code... ; 

import javacard.framework.* ; 

public class MyApplet extends javacard.framework.Applet { 

private final static byte CONSTANT = 0x.. ; 

private static final int myVariable = ... ; 

private int counterValue ; 

MyBaseApplet() { super() ; counterValue = ... ; } 

public static void install(byte[] param,short offs,byte ln) 

{ 

MyBaseApplet myApplet = new MyBaseApplet() ; 

myApplet.register() ; } 

public boolean select() { return true ; } 

public void process( APDU apdu ) { 

switch ( INS... ) { 

case COMMAND_1 : command_1( _apdu) ; break ; 

case COMMAND_2 : command_2( _apdu) ; break ; 

default ... 

break ; 

}} 

private void command_1( APDU _apdu ) { ... } 

private void command_2( APDU _apdu ) { ... } 

private void utilityMethod( ... ) { ... } 


} 

Initialization Command 

declaration selection dispaching 













Power loss 

JCVM 


Power loss 

Applet 

sources 

Applet 

class files 

remove 

Applet 

cap file 

load 

Applet 

Loaded 


Off-card 

On-card 

• Transient object fields -> reset 

• Transactions in progress -> aborted 

• “Current” applet deselected 

remove 

Applet 

Activited 

Applet 

Selected 

Applet 

Processing 

Select → 

← Deselect 

Process → 

← return 






• AID 

• APDU 

• Applet 

• OwnerPIN 

This class represents an Owner PIN. It implements 

Personal Identification Number functionality as 

defined in the PIN interface. It provides the ability to 

update the PIN and thus owner functionality. 

• Util 

• JCSystem 


• AID 

• APDU 

• Applet 

• OwnerPIN 

• Util 

The Util class contains common utility functions. 

• JCSystem 





JavaCard.Framework.Utils 

• Functions for byte array manipulation & comparison 

 

 

 

 

byte arrayCompare() ; Compares 2 arrays 

arrayCopy() ; Copies 1 array into another atomically 

arrayCopyNonAtomic() ; Copies 1 array into another 

non-atomically 

arrayFillNonAtomic() ; Fills an array non-atomically 

• Functions for type conversion (short / byte) 

short getShort() ; 

short makeShort() ; 

setShort() ; 

, 

[ 0E 06 ] 0E 06 

0E 06 0E 06 

0E 06 

0E 06 


• AID 

• APDU 

• Applet 

• OwnerPIN 

• Util 

• JCSystem 

The JCSystem class includes a collection of 

methods to control applet execution, resource 

management, atomic transaction management and 

inter-applet object sharing in Java Card. 





JavaCard.Framework.JCSystem 

• 1. Object sharing 

• 2. Persistence / transience 

• 3. Transaction atomicity 


1. Sharing 

• Applets can share individual objects with each other 

• Once an object is shared, it cannot be unshared 

• JCRE Privilege 

JCRE has access to all objects regardless if they are shared or not 

• getAppletShareableInterfaceObject(AID, byte) 

Called by a ‘ client ’ applet to get a ‘ server ’ applet's shareable 

interface object. 

A ‘ server ’ applet can not be deleted 






1. Sharing 


1. Sharing 

• Identification of the shared objects 

> 

Shareable 

Applet 

• All objects that want to be shared have to implement 

this interface 

extends 

extends 

Declare which method will go through the firewall 

> 

JavaLoyaltyInterface 

grantPoints() 

Shared methods 

Non shared method 

implements 

JavaLoyalty 

Install() 

JavaLoyalty() 

getShareableInterfaceObject() 

grantPoints() 

process() 






2. Persistence 



JCVM 

• A persistent object’s fields retain their values between 

CAD sessions 

Memory spaces 

Object instances are persistent by default since they are 

stored in the heap 

• A transient object’s fields are reset between CAD 

sessions 

Transient Heap 

JStack 

Persistent Heap 

Bytecodes & 

Applets structs 

Romized 

Applets 


Natives Layer 

& JCVM 

RAM (~1Kb) EEPROM (~32Kb) ROM (~64Kb) 







• An object is created and made transient by calling 

JCsystem.makeTransientXX(short, byte) 

 

 

CLEAR_ON_DESELECT 

• Reset when the owning applet is deselected 

CLEAR_ON_RESET 

• Reset at the end of each CAD session 

• Default 

• XX being: 

 

 

 

 

BooleanArray 

ByteArray 

ObjectArray 

ShortArray 


3. Atomicity 

• Transaction = set of operations 

• Atomicity = if the transaction does not 

complete, the modified object fields 

will be restored to their original values. 

• Atomicity guaranteed for persistent 

fields only 

Transaction 

Initial State 

Instr. 1 

Instr. 2 

Instr. 3 

Instr. 4 

Final State 

Rollback ! 






3. Atomicity 

• Transaction lifecycle 

 

 

 

JCsystem.beginTransaction() 

• All subsequent updates are conditional 

JCsystem.abortTransaction() 

• Undo conditional updates 

JCsystem.commitTransaction() 

• Commit conditional updates 

Memo... 

Initial State 

Instr. 1 

Instr. 2 

Instr. 3 

Instr. 4 

Final State 


3. Atomicity 

• JCRE manages a commit buffer 

• Conditional updates written to the 

commit buffer 

• Commit buffer capacity is limited 

due to limited system resources 

Memo... 

Initial State 

Instr. 1 

Instr. 2 

Instr. 3 

Instr. 4 

Final State 






Javacard.Security 

Key 




PublicKey 

PrivateKey 

SecretKey 

 

 

Classes : KeyBuilder, Signature, MessageDigest, 

RandomData, CryptoException 

Interfaces : Key, SecretKey, DESKey, PublicKey, 

RSAPublicKey, DSAPublicKey, PrivateKey, 

DSAPrivateKey, RSAPrivateKey, RSAPrivateCrtKey 


DSAPublicKey RSAPublicKey 

DESKey 

DSAPrivateKey RSAPrivateKey RSACrtPrivateKey 






• KeyBuilder = Key object factory 

Creates cryptographic keys 

• Used by signature and ciphering algorithms 

• Returned object must be cast to the appropriate key type interface 

Mandatory objects for Signature and Cipher 

initialisation 


• MessageDigest 

Base class for hashing algorithms 

Algorithm MD5, SHA, MD-160 

• RandomData 

Pseudo-random seed data set to default 

Secure-random algorithm allows user seeding 

• Signature 

Several schemes for RSA or DES padding 

Several algorithms support (e.g. DES-CBC, DES-ECB) 






• Key 

Base interface for all keys 

• DESKey 

Contains an 8/16/24 byte key 

• single / 2 keys triple DES / 3 keys triple DES operations 

Declaration : 


Example 

private Cipher myDESAlgo; 

private DESKey myDESKey; 

• DSAKey 

Base interface for the DSA algorithms 

• private and public key implementations 





Initialisation : 


Example 

// produce/select the algo 

myDESAlgo = Cipher.getInstance( 

Cipher.ALG_DES_ECB_NOPAD, 

false); 

// produce the key 

myDESKey = (DESKey)KeyBuilder.buildKey( 

KeyBuilder.TYPE_DES, 

KeyBuilder.LENGTH_DES3_2KEY, 

false); 

// init the key 

myDESKey.setKey( 

buffer, 

dataOffset); 

Use : 


Example 

// DES encryption 

// initialize algorithm with default key 

myDESAlgo.init( 

myDESKey, 

Cipher.MODE_ENCRYPT); 

// compute DES on data 

myDESAlgo.doFinal( 

buffer, 

(short)ISO7816.OFFSET_CDATA, 

count, 

buffer, 

(short)0);

Applications & SmartCard : JavaCard - Identification - LIFL

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?