JavaCard

From YobiWiki
Jump to navigation Jump to search

Standards & Documents

JCOP

Generally speaking JCOP-specific detailed information can only be obtained at NXP.
This page does not contain any sensitive information, only tips & tricks for people having already obtained such info & tools in adequate way.
Current versions:

  • JCOP v2.4.1 R3
    • JavaCard 2.2.2
    • GlobalPlatform 2.1.1
  • JCOP v2.4.2 R2
    • JavaCard 3.0.1 Classic
    • GlobalPlatform 2.2

JCOP Tools

Tools can be obtained by contacting jcop.tools@nxp.com
Current version: NXP JCOP Plugins Generic v3.3.6 & Target v1.3.6
Current requirements are WinXP SP3, Win7 32bit or Win7 64bit, and Eclipse 3.6 or 3.7
Goal is to get everything running under Linux 64bit too!

Eclipse

You first need Java. I'm using OpenJDK 1.6

apt-get install openjdk-6-jre

Needed components are eclipse-platform & eclipse-jdt

apt-get install eclipse

Follow tools instructions to install JCOP plugins

Eclipse activation:
We'll see later how to use a real reader via jpcsc but for activation it doesn't work so better to use one of the other activation methods for now.

Configuration:

  • Windows / Preferences / Java / Compiler / Compliance Level: 1.5
  • Windows / Preferences / Java / Debug / Unselect "Suspend Execution on uncaught exceptions"

Simulators

There are still a couple of linux simulators available in the tools but not much.
You can see them in Debug/Run Configurations... / JavaCard Application / JavaCard Simulation / Configure. At time of writing, only v2.3.1 and v2.4.1R3 are available.
But... the other simulators for Windows work fine through wine.
So you can create in all ~/.eclipse/org.eclipse.platform_3.7.0_*/plugins/com.ibm.bluez.jcop.eclipse.targetpacks.smartmx_1.3.6/simul/mask*/linux/ a script jcop to use the Windows version:

#!/bin/bash
wine $(dirname $0)/../win32/jcop.exe $*

So corresponding versions will appear in JavaCard Simulation configuration.

Simulators can also be run alone, for use with JCShell or jcop_simul_ihdhandler:

sh ~/.eclipse/org.eclipse.platform_3.7.0_.../plugins/com.ibm.bluez.jcop.eclipse.targetpacks.smartmx_1.3.6/simul/maskXX/linux/jcop \
   -fab=/absolute/path/to/.eclipse/org.eclipse.platform_3.7.0_.../plugins/com.ibm.bluez.jcop.eclipse.targetpacks.smartmx_1.3.6/data/maskXX/maskXX_J..._R...dat

A couple of scripts to ease usage of the various simulator versions:

simulators/template:

#!/bin/bash

REF=$(basename $0)
MASK=${REF/[_f]*/}
FAB=$(ls $HOME/.eclipse/org.eclipse.platform_3.7.0_*/plugins/com.ibm.bluez.jcop.eclipse.targetpacks.smartmx_1.3.6/data/$MASK/$REF.dat)
SIM=~/.eclipse/org.eclipse.platform_3.7.0_*/plugins/com.ibm.bluez.jcop.eclipse.targetpacks.smartmx_1.3.6/simul/$MASK/linux/jcop
$SIM -fab=$FAB
chmod 755 template

simulators/populate:

$ cat populate 
#!/bin/bash

rm mask*
for i in $HOME/.eclipse/org.eclipse.platform_3.7.0_*/plugins/com.ibm.bluez.jcop.eclipse.targetpacks.smartmx_1.3.6/data/mask*/mask??_*; do
    REF=$(basename $i)
    REF=${REF%.dat}
    ln -sf template $REF
done

for i in $HOME/.eclipse/org.eclipse.platform_3.7.0_*/plugins/com.ibm.bluez.jcop.eclipse.targetpacks.smartmx_1.3.6/simul/*; do
    cd $i
    if [ -d linux ]; then
        continue
    fi
    mkdir linux
    cat > linux/jcop << EOF
#!/bin/bash

wine \$(dirname \$0)/../win32/jcop.exe \$*
EOF
    chmod 755 linux/jcop
done
chmod 755 populate
./populate

JCShell

From the setup executable:

7z -y x nxp-offcard-2.3.0.0_Setup_NXP-JCShell.exe

You'll get a /scripts directory in which we'll only consider a few jar files.
The tool can then be used with the following helper script:

#!/bin/bash
java -cp "lib/offcard.jar:lib/crypto.jar" com.ibm.jc.tools.JCShell $*

And connect to a standalone JCOP simulator:

- /term Remote
> /atr
> /identify

JPCSC

Pegoda doesn't work under linux but we can use PCSC readers through JPCSC.
JPC/SC Java API (0.8.0) is available in binary form in the link Windows Binary Download Here (zip)
Yes I know... Windows... but jpcsc-0.8.0.zip contains also /jpcsc/bin/linux/libjpcsc.so, a 32 bit library.
On a 64 bit Debian, you can put libjpcsc.so under /usr/lib32

ldd /usr/lib32/libjpcsc.so
[...]
libpcsclite.so.1 => not found

Indeed libpcsclite1 is not in the ia32-libs
You can get it by retrieving the 32 bit version of libpcsclite1 which you already have on your system. For me it's libpcsclite1_1.8.3-3_i386.deb.
Get it, extract libpcsclite1_1.8.3-3_i386.deb and copy libpcsclite.so.1.0.0 and symlink libpcsclite.so.1 to /usr/lib32

Now PCSC readers can be used undes JCShell:

- term PCSC
> /atr

It will find the card, no matter in which PCSC reader it is.
And with e.g. a SCL3711 it will access contactless JCOP cards without any problem.

For Eclipse, simply choose the right PCSC reader under Debug/Run Configurations

idhandler

pcsc-lite API for ifhandlers changed slightly since release of jpcsc binaries so we've to recompile it from sources jpcsc-0.8.0-src.zip

Patch to add the missing function:

diff -Naur jcop_simul_ifdhandler/ifdhandler.c jcop_simul_ifdhandler-new/ifdhandler.c
--- jcop_simul_ifdhandler/ifdhandler.c	2004-07-21 16:33:16.000000000 +0200
+++ jcop_simul_ifdhandler/ifdhandler.c	2012-05-26 01:38:51.000000000 +0200
@@ -37,9 +37,9 @@
 
 
 
-     
-RESPONSECODE IFDHCreateChannel ( DWORD Lun, DWORD Channel ) {
-
+RESPONSECODE
+IFDHCreateChannelByName(DWORD Lun, LPSTR DeviceName)
+{
   /* Lun - Logical Unit Number, use this for multiple card slots 
      or multiple readers. 0xXXXXYYYY -  XXXX multiple readers,
      YYYY multiple slots. The resource manager will set these 
@@ -77,13 +77,21 @@
     /**
      * Connection to JCOP is setup later.
     */
-    dbg_log("JCOP.CreateChanenel(): Lun 0x%x, Channel 0x%x\n", Lun, Channel);
+    dbg_log("JCOP.CreateChanenel(): Lun 0x%x, Device %s\n", Lun, DeviceName);
 
     jcop_power_up();
 
     return IFD_SUCCESS;
 }
 
+     
+RESPONSECODE IFDHCreateChannel ( DWORD Lun, DWORD Channel ) {
+    char str[16];
+    snprintf(str, sizeof str, "/dev/pcsc/%lu", (unsigned long) Channel);
+
+    return IFDHCreateChannelByName(Lun, str);
+}
+
 RESPONSECODE IFDHCloseChannel ( DWORD Lun ) {
   
   /* This function should close the reader communication channel
diff -Naur jcop_simul_ifdhandler/ifdhandler.h jcop_simul_ifdhandler-new/ifdhandler.h
--- jcop_simul_ifdhandler/ifdhandler.h	2004-07-21 16:33:16.000000000 +0200
+++ jcop_simul_ifdhandler/ifdhandler.h	2012-05-26 01:35:20.000000000 +0200
@@ -118,6 +118,7 @@
   
   /* List of Defined Functions Available to IFD_Handler */
   
+  RESPONSECODE IFDHCreateChannelByName ( DWORD, LPSTR );
   RESPONSECODE IFDHCreateChannel ( DWORD, DWORD );
   RESPONSECODE IFDHCloseChannel ( DWORD );
   RESPONSECODE IFDHGetCapabilities ( DWORD, DWORD, PDWORD,
cd jpcsc/misc/jcop_simul_ifdhandler
patch -p1 < jcop_simul_ifdhandler.diff
gcc -g -fpic -w  -c ifdhandler.c -I. 
gcc -g -fpic -w -shared ifdhandler.o -o libjcop_remote.so

Then install libjcop_remote.so in /usr/lib/pcsc/drivers/serial/ and create a conf file /etc/reader.conf.d/jcopsimul:

FRIENDLYNAME     "JCOPSimulReader"
DEVICENAME       /dev/null
LIBPATH          /usr/lib/pcsc/drivers/serial/libjcop_remote.so
CHANNELID        0x0103F8

Finally restart pcscd
Every time a simulator will be run, a "card" will be inserted in pcscd
The virtual card can be used with any PCSC-compatible application, including Eclipse.

RFIDIOt

RFIDIOt contains a few tools linked to JCOP

GPShell

http://sourceforge.net/projects/globalplatform/