stackoom
  简体   繁体   中英

What is the sequence of APDU commands to install applet to java card?

 原文  2017-09-19 09:30:05       java/ smartcard/ javacard/ globalplatform

Question

I have a .CAP file ( applet ) and I want to install it to my java card. I know that I can use tools like GPShell or apdutool (from JCDK) to do that but I want to replicate the installation process by myself.

The confusing thing is that in the GP standard the installation process is : APDU command INSTALL[for load] followed by multiple LOAD commands followed by INSTALL[for install] command.

While the oracle documentation proposes a different sequence of APDU commands for installing the .CAP file: Select( Issuer Security Domain? ) , CAP begin, Component ## Begin+Data+End ( for each component ), CAP End, Create Applet.

Are both methods of installing an applet equivalent?

What does the LOAD command DATA field contains? The GP standard does not specify that, and I know that sending the raw bytes from the .CAP file is wrong. I used the GPShell to successfully install the applet but the DATA field of the LOAD command made no sense to me. GPShell output

For the oracle method I used scriptgen from Java Card Developement Kit to genetate the APDU commands, but the INS byte from those commands ( B0,B2,B4,BC,BA) have no GP reference. scriptgen output

1 answers

solution1
 4  2017-09-19 10:40:23

While the oracle documentation proposes a different sequence of APDU commands for installing the .CAP file: Select( Issuer Security Domain? ) , CAP begin, Component ## Begin+Data+End ( for each component ), CAP End, Create Applet.

Selection of card manager (Issuer security domain - Root), is required before installing the applet because it is the responsible component for loading and installing an applet on the card. Also note, you will need to authenticate with card manager by establishing the secure channel (SCP02 preferably).

Perform the following sequence of APDU's to install the applet: -

  1. Select Issuer Security Domain (ISD). 00 a4 04 00 Lc AID_ISD

  2. Authenticate with ISD.

    Setup a SCP02 (refer command initialization update, external authenticate). Here, you will require 3DES keys of the card. Refer the documentation provided with the card.

  3. Send apdu, Install[for Load].

The confusing thing is that in the GP standard the installation process is : APDU command INSTALL[for load] followed by multiple LOAD commands followed by INSTALL[for install] command.

  1. Send apdu, Load Blocks.

    .cap file of applet which you will have is a zip of its constituent CAP's files( http://pfa12.free.fr/doc_java/javacard_specifications/specs/jcvm/html/JCVM06cap.html ). So you need to send each CAP file one-by-one to the card.

    Load (Header.cap), Load(Directory.cap)... etc.

  2. Send apdu, Install[for Install]. Installation complete.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Applet ID's and APDU in Java Card Upload an Applet to a real smart card using APDU How to install applet on smart card using java Use APDU commands to get some information for a card Send APDU commands to USIM/SIM card in android What is the efficient way in writing a java card applet? What is Max and Min size of Applet in java card APDU read file java card program Decode/Decrypt APDU responses Java Card Sturdiness of an applet in Java Card
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM