7/25/2019 JavaCard Bouzefrane Dec11 Anglais
1/79
[email protected] - CEDRIC ( CNAM) -11
Java Card TechnologyJava Card Technology
Samia Bouzefrane
Associate Professor
CEDRIC CNAM
http://cedric.cnam.fr/~bouzefra
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
2/79
[email protected] - CEDRIC ( CNAM) -22
Java Card technology: introduction and principles
Java Card technology: introduction and principles
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
3/79
[email protected] - CEDRIC ( CNAM) -33
Java Card - IntroductionJava Card - Introduction
Need to programmable systems
Need to evolutive solution (exceed the R!"
#pplications : Long to develop
#ttemps1st version: october 1996, startup and actual product in 1998, an industrialreality since 2000. In 2004, the nuber !ava "ards sold has reached one billion.
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
4/79
[email protected] - CEDRIC ( CNAM) -44
$tages o% industry development$tages o% industry development
&he smart card and the main stages o% development technology:
#he pioneers $19%&'198&(: )irst thoughts$the technological basis established(
198&'199&: the technology is iproved' *ar+ets and large deployents: ", -*' Liits: need ore )le/ibility
199&'200& : e/plosion o) the ar+et, ith ne paradig' cards based on calable !ava "ard
2006: 1.2 billion obile phones using I* cards !ava "ard1.6& billion sart cards !ava "ard $un source site(
2008: 90 o) I* cards are !ava "ard in 3urope, erica.6 billion !ava "ard $ccording to un(
200&'555: the card becoes an eleent o) the netor+
' " $art "ard eb erver(' .7et, !ava "ard .0
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
5/79
[email protected] - CEDRIC ( CNAM) -55
&he beginning o% Java Card technology&he beginning o% Java Card technology
November ')* the %irst proposed use o% Java %or cards is made by a team o%$chlumberger (#ustin"
!ava "ard I proposal )or prograing in !ava "ard
!ava "ard 1.0
+ull* ,emplus and $chlumberger create the Java Card orum the !" discusses and proposes speci)ications to ;racleun
November '.* publication o% the Java Card /01-eplus deonstrates in ;ctober 7oveber ""
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
6/79
[email protected] - CEDRIC ( CNAM) -66
2volution to Java Card /0x2volution to Java Card /0x
&he version /01 o% Java Card $peci%ication :
a runtie environent
#he ability to rite applets ith an ob?ect'oriented approach$although the loading )orat as not speci)ied(
!arch '* version /0' that includes 3 parts:
!ava "ard I peci)ication
!ava "ard =untie 3nvironent peci)ication
!ava "ard @irtual *achine peci)ication
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
7/79
[email protected] - CEDRIC ( CNAM) -77
#n element o% Java technology#n element o% Java technology
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
8/79
[email protected] - CEDRIC ( CNAM) -88
#bout the license model 4 '#bout the license model 4 '
&he speci%ication is available at:
http:?ava.sun.coproducts?avacard
$ell cards (5ith or 5ithout logo" and display compatibility5ith technology means being licensed Java Card &echnology
6hich provides access to :
re)erence ipleentation
olloing copatibility testing
peci)ic support
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
9/79
[email protected] - CEDRIC ( CNAM) -99
Java #uthori7ed 8icensees o% Java Card &echnology
the copanies listed belo licensed !ava "ard technology )rothe un *icroystes. ;nly !ava "ard licensees can ship products thatbear the A !ava oered B logo and clai copatibility ith the !ava "ardlat)or speci)ication and !ava "ard #"C.
=*, spects, ""LI#=L, u?itsu, -eplus, -3*,;berthur "ard ystes, #rusted Logic, etc.
ource : http:?ava.sun.coproducts?avacardlicensees.htl
#bout the license model 4 /#bout the license model 4 /
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
10/79
[email protected] - CEDRIC ( CNAM) -1010
Java Card orumJava Card orum
#ssociation o% manu%acturers o% silicon* embedders and customers
roote !ava "ard technology
et o) technology choices and then o))er it the ;racle >tandard>.
!" : http:.?avacard)oru.org
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
11/79
[email protected] - CEDRIC ( CNAM) -1111
# Java Card plat%orm# Java Card plat%orm
is a smart card
5ith a virtual machine
able to execute applications 5ritten in Java
Java Card plat%orms are standardi7ed by racle and Java Card orum
Java is the programming language the most used in the application developementdedicated to smart cards
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
12/79
[email protected] - CEDRIC ( CNAM) -1212
Java Card 9 Java smart CardJava Card 9 Java smart Card
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
13/79
[email protected] - CEDRIC ( CNAM) -1313
# standard smart card# standard smart card
#pplication* $ and hard5are lin;ed together
&he application is developed only by the o5ner o% the $
&he application is developed in a lo5-level language (C* #ssembler"
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
14/79
[email protected] - CEDRIC ( CNAM) -1414
# Java Card plat%orm# Java Card plat%orm
#pplication* $ and hard5are are independent
&he application is developed by any Java programmer
&he application is developed in a standard language (high level"
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
15/79
[email protected] - CEDRIC ( CNAM) -1515
Java Card technology advantagesJava Card technology advantages
easy development
Interoperability o% applets (%or use on di%%erent plat%orms"
$a%ety (o% language* optimi7ation* etc0"0
!ulti-application
dynamicity
penness and compatibility (addition and update applications"
#bility to post-personali7ation
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
16/79
[email protected] - CEDRIC ( CNAM) -1616
Java Card languageJava Card language
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
17/79
[email protected] - CEDRIC ( CNAM) -1717
Java Card actorsJava Card actors
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
18/79
[email protected] - CEDRIC ( CNAM) -1818
Java Card characteristicsJava Card characteristics
Card architectures 5ith very small si7es:- less than 1C o) =*, 24'28 C o) =;* and 8 to 16 C 7@*
$33=;*(.
&o integrate Java technology into a card* the choices are:' =educe language )eatures' *iniu reDuired to run a !ava "ard progra are:
'24 C o) =;*, 33=;* and 16 C o) 1 C o) =*.'
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
19/79
[email protected] - CEDRIC ( CNAM) -1919
$upported &ypes$upported &ypes
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
20/79
[email protected] - CEDRIC ( CNAM) -2020
Not supported %eaturesNot supported %eatures
No &hreads
No dynamic loading
No ,arbage Collector until version /0/"
no cloning
no multi-dimension arrays
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
21/79
[email protected] - CEDRIC ( CNAM) -2121
$upported %eatures Non $upported %eatures
boolean, byte, short long, double, )loat, char, tring
;ne'diension array *ulti'diension array
!ava pac+age, classes, inter)ace
and e/ceptions
#hreads, serialiGation
3/tension, abstract ethod,
;verload and ob?ect creation$instantiation(
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
22/79
[email protected] - CEDRIC ( CNAM) -2222
>ey 5ords>ey 5ords
$upported ;ey 5ordsabstract, boolean, brea+, byte, case, catch, class, const, continue, de)ault, do, else,e/tends, )alse, )inal,goto null, pac+age, private, protected, public, return, static,super, sitch, this, i), ipleents, iport, instanceo), int, inter)ace, ne, null,pac+age, private, protected, public, return, short, static, super, sitch, this, thro,true, try, void, hile.
Non supported ;ey-5ordschar, double, )loat, long, native, synchroniGed, transient, threadsa)e, volatile, )inaliGe
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
23/79
[email protected] - CEDRIC ( CNAM) -2323
$peci%ic characteristics o% Java Card$peci%ic characteristics o% Java Card
&ransient ob?ects (#@
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
24/79
[email protected] - CEDRIC ( CNAM) -2424
&ransient b?ects&ransient b?ects
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
25/79
[email protected] - CEDRIC ( CNAM) -2525
#tomicity 4 &ransaction#tomicity 4 &ransaction
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
26/79
[email protected] - CEDRIC ( CNAM) -2626
$haring$haring
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
27/79
[email protected] - CEDRIC ( CNAM) -2727
Card 2xceptionCard 2xception
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
28/79
[email protected] - CEDRIC ( CNAM) -2828
Runtime 2xceptionRuntime 2xception
R
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
29/79
[email protected] - CEDRIC ( CNAM) -2929
2xception in Java2xception in Java
I% a method can thro5 an exception* it must be encapsulated by atry catch bloc;0
2xample
try
{
operationWhichThrowsAnException();
}catch (Exception e)
{
.
}
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
30/79
[email protected] - CEDRIC ( CNAM) -3030
2xception in Java Card2xception in Java Card
Exception.throwIt(value)
Non authori7ed example
if (erreur) throw new ArithmeticException((short)0);
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
31/79
[email protected] - CEDRIC ( CNAM) -3131
Java Card #@I /0'Java Card #@I /0'
3 re%erence pac;ages
?ava.lang
?avacard.)raeor+
?avacard.security
2xtension
!avacard/.crypto
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
32/79
[email protected] - CEDRIC ( CNAM) -3232
Class JCSystem
!ethods to manage atomicity:beginTransaction$(: begins transaction commitTransaction$(: saves data o) the transaction into the 33=;* abortTransaction$(: cancels the transaction
!ethod to manage transient ob?ects isTransient(Object(makeTransientXArray(short, byte( H Boolean, Short, Object
!ethods to manage sharing
!ethods to manage the in%ormation system: getVersion("
javacard.framework packagejavacard.framework package
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
33/79
[email protected] - CEDRIC ( CNAM) -3333
Contains the card speci%icities
Applet class:rovides a )raeor+ )or ipleentation and interaction ith the !"=3pples ust e/tend this class
APDU class
or e/changing data ith the terinal
PIN class
*anages the secret code
javacard.framework @ac;agejavacard.framework @ac;age
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
34/79
[email protected] - CEDRIC ( CNAM) -3434
+ased on java.security pac;age
#llo5s ;ey management and cryptographic %unctions
In addition to the conventional algorithms* it also includes the generation%unction random number* signature and the calculation o% compression %unctions
javacard.security @ac;agejavacard.security @ac;age
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
35/79
[email protected] - CEDRIC ( CNAM) -3535
#pplet development process#pplet development process
" )ile
;))'"ard
;n'"ard
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
36/79
[email protected] - CEDRIC ( CNAM) -3636
&he C#@ ile contains:
In)oration on classes
3/ecutable " $yte "ode(
in)oration necessary to lin+ing
In)oration )or veri)ication
It has the %ormat o% J#R (Java #rchive"
C#@ ileC#@ ile
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
37/79
[email protected] - CEDRIC ( CNAM) -3737
Convertor4InterpretorConvertor4Interpretor
ource: ebastian Jans, !ava "ard lat)or overvie, un *icrosystes Inc., 2008
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
38/79
[email protected] - CEDRIC ( CNAM) -3838
&he 2xport %ile is used by the convertor
In%ormation used %or lin;ing and veri%ication
Contains in%ormation on #@Is7ae o) the classes
ignature o) ethods
In)oration )or lin+ing beteen pac+ages
It does not contain +C* it can be published 5ith an applet allo5ing the applet
ave re-usable ob?ects (shareable"
2xport ile2xport ile
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
39/79
[email protected] - CEDRIC ( CNAM) -3939
ConvertorConvertor
class)ile
3/port)ile
"onvertor
3/port)ile
"
)ile
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
40/79
[email protected] - CEDRIC ( CNAM) -4040
$upports the %ollo5ing operations:
"opliance veri)ication o) the "lass ile orat
#esting copliance aspects o) the !ava language
InitialiGation o) static variables
=e)erence resolution $classes, ethods and )ields( and placed undercopact to be ore e))ective in a sall syste
;ptiiGe the byte code
llocation and creation o) structures that represent the classes in the !@*
ConvertorConvertor
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
41/79
[email protected] - CEDRIC ( CNAM) -4141
It provides a runtime environment to run +C o% the C#@ %ile0 It allo5s to theapplets loaded in a card run to be run on any plat%orm0
It per%orms:
#he e/ecution o) the "
#he control o) the eory allocation
and ensures sa)ety
&he installation o% applets is per%ormed than;s to an applet loader that is
distributed bet5een the terminal and the card
InterpreterInterpreter
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
42/79
[email protected] - CEDRIC ( CNAM) -4242
Java Card #rchitectureJava Card #rchitecture
ource: ebastian Jans, !ava "ard lat)or overvie, un *icrosystes Inc., 2008
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
43/79
[email protected] - CEDRIC ( CNAM) -4343
In 5or;station environment* the JD! is a process* it is initiali7ed at the begin andthen stopped at the end o% the process0 b?ects in R#! are lost0
In order that in%ormation is retained %rom one session to another:
In case o) a card, the initialiGation o) the !@* is done only once: at the>beginning o) li)e o) the card,> the ob?ects and data are stored in a non'volatileeory $33=;*, lash, etc.(.
t each session ith the card:
' oer: the !"=3 is >reactivated>
' #he card receives and processes
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
44/79
[email protected] - CEDRIC ( CNAM) -4444
@ersistent ob?ects and temporary
!ava "ard ob?ects are by de)ault persistent
or reasons o) e))iciency $speed o) =ead rite in 7@*( andsecurity $+ey, interediate results(, applets can create teporary ob?ects
#tomic operation and transaction
#he !"@* ensures atoicity o) the updates hen odi)ying ob?ect values
#he !"=3 provides an I to allo applets group several rerites and
to provide consistency o) these updates $egin #ransaction, "oit, =oll'ac+(
JCR2 characteristicsJCR2 characteristics
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
45/79
[email protected] - CEDRIC ( CNAM) -4545
2ach applet runs in its o5n space
pplications separated by an applet )ireall to prevent intrusion
#here is a sharing echanis that allos an applet to access
services o))ered by an applet or by the !"=3.
#pplet %ire5all sharing mechanism#pplet %ire5all sharing mechanism
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
46/79
[email protected] - CEDRIC ( CNAM) -4646
o5 to 5rite an applet Eo5 to 5rite an applet E
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
47/79
[email protected] - CEDRIC ( CNAM) -4747
#n application dedicated to a card
"ode in the card: server application !ava "ard pplet
"ode in the terinal: client application
#n application built in 3 steps
riting the server application $applet(
Installation o) the !ava "ard applet
riting the client application
+uilding Java Card applets+uilding Java Card applets
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
48/79
[email protected] - CEDRIC ( CNAM) -4848
Java Card #@I /0'
$tages o% development o% an applet
peci)y the )unctions o) the applet:
' speci)y the I
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
49/79
[email protected] - CEDRIC ( CNAM) -4949
peci)y the )unctions o) the applet
ssign an I< to the applet and an I
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
50/79
[email protected] - CEDRIC ( CNAM) -5050
#pplication 5ritten in Java Card
#pplet on the card
' is selected
' receives essages )ro the reader
' processes these essages
' returns data to the reader
' is de'selected.
#pplet behaviour#pplet behaviour
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
51/79
[email protected] - CEDRIC ( CNAM) -5151
8oads applets on the card
$elect the applet to activate
andles messages (#@
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
52/79
[email protected] - CEDRIC ( CNAM) -5252
8i%e cycle o% an applet8i%e cycle o% an applet
nce the applet is loaded on the card* itmust be:- Installed* registered (identi%ied by theJCR2 through its #I
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
53/79
[email protected] - CEDRIC ( CNAM) -5353
2xample o% 2cho applet:
Role: tore a data that it receives and returns it to the terinal.
$peci%ying the %unctions o% the applet$peci%ying the %unctions o% the applet
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
54/79
[email protected] - CEDRIC ( CNAM) -5454
Java Card and the #@
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
55/79
[email protected] - CEDRIC ( CNAM) -5555
#@
7/25/2019 JavaCard Bouzefrane Dec11 Anglais
56/79
[email protected] - CEDRIC ( CNAM) -5656
@ac;age #I