堆栈内存溢出
  简体   繁体   English

如何与同一物理智能卡上的多个 javacard 应用程序交互(如 yubikey)

[英]How to interact with multiple javacard applications on the same physical smartcard (like yubikey)

 原文  2020-04-02 23:45:50       smartcard/ javacard/ pkcs#11/ globalplatform/ opensc

问题描述

I have installed the popular IsoApplet ( https://github.com/philipWendland/IsoApplet ) on my 2.2.2 javacard and have been able to use the pkcs11-tool and pkcs15-tool from the OpenSC project to generate private keys on the card and use them to authenticate to servers over SSH.我已经在我的 2.2.2 javacard 上安装了流行的 IsoApplet ( https://github.com/philipWendland/IsoApplet ),并且能够使用 OpenSC 项目中的pkcs11-toolpkcs15-tool在卡上生成私钥并使用它们通过 SSH 对服务器进行身份验证。

Separately, I was able to successfully use the challenge-response of my Yubikey 5 ( https://www.yubico.com/products/services-software/personalization-tools/challenge-response/ ) in order to add security to unencrypting a KeepassXC database.另外,我能够成功地使用我的 Yubikey 5 ( https://www.yubico.com/products/services-software/personalization-tools/challenge-response/ ) 的质询-响应,以增加解密 a KeepassXC 数据库。

Now, I'd like to add https://github.com/arekinath/YkOtpApplet to the same javacard that has the IsoApplet.现在,我想将https://github.com/arekinath/YkOtpApplet添加到具有 IsoApplet 的同一个 javacard 中。 How do external applications interact with separate applications on the javacard?外部应用程序如何与 javacard 上的单独应用程序交互? Can I have both of these apps on the same javacard?我可以将这两个应用程序放在同一个 javacard 上吗? Are the limits just the storage on the card?限制只是卡上的存储空间吗?

I have two cards available:我有两张卡可用:

  • NXP JCOP3 J3H145 Java Card 3.0.4恩智浦 JCOP3 J3H145 Java 卡 3.0.4
  • JavaCOS A22 155K Java Card 2.2.2 JavaCOS A22 155K Java卡2.2.2

1 个解决方案

解决方案1
 3 已采纳  2020-04-03 08:44:31

Yes, you can have both apps in the same card and the only limit is the permanent storage on the card (unless one of the apps is not compatible with your card, for example if it requires some crypto functions not provided by the card OS).是的,您可以将两个应用程序放在同一张卡中,唯一的限制是卡上的永久存储(除非其中一个应用程序与您的卡不兼容,例如,如果它需要卡操作系统未提供的某些加密功能) .

Each application has an identifier imaginatively named AID, "Application ID", assigned when the application is installed on the card.每个应用程序都有一个标识符,想象地命名为 AID,“应用程序 ID”,当应用程序安装在卡上时分配。 When an external system wants to interact with a card, the first command (called SELECT ) selects the application it wants to talk to, using the AID as a parameter.当外部系统想要与卡交互时,第一个命令(称为SELECT )使用 AID 作为参数选择它想要与之交谈的应用程序。 Any subsequent command then is routed to that app, until the card is reset or a SELECT to a different app is received.然后任何后续命令都会路由到该应用程序,直到卡被重置或收到SELECT到另一个应用程序。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 开发 Javacard Applet 时如何访问智能卡读卡器的密码键盘 - How to access Pinpad of a Smartcard Reader when developing a Javacard Applet 主机应用程序如何在 Netbeans 中的模拟智能卡上查询 javacard 小程序? - How a Host application can query a javacard applet on a simulated smartcard in Netbeans? 使用Javacard启动智能卡编程所需的东西 - Required Things to start Smartcard Programming Using Javacard Yubikey PIV “智能卡无法执行请求的操作。” - Yubikey PIV "The smartcard cannot perform the requested operation." 如何在javacard上存储数据? - How to store data on javacard? 我可以在没有读卡器和实体卡的情况下使用 Javacard 吗? - Can I use Javacard without reader and physical card? 如何检查智能卡是否有效? - How to check if a smartcard is valid? 如何更改javacard的默认键? - How to change javacard default keys? 如何从 C# 中的智能卡读取基本数据,如姓名和地址? - How to read fundamental data like name & address from a smartcard in c#? SCardTransmit,如何读写智能卡 - SCardTransmit, how to read and write smartcard
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM