licel / jcardsim Goto Github PK

I was looking for a maven repository containt the stable builds and didn't find one. Only the one with the snaphots. It would be cool to haven jcardsim even on maven central so I can include it more easly into my project.

I have a project that works with several real smartcards. Converting to jCardSim was possible and the only remaining bug is the verification of CVC certificates with Signature.ALG_ECDSA_SHA. verify() method simply fails for certificates that are correct and have been tested with a lot of smartcards, so I assume there is a bug in jCardSim. I tried to debug, but it proved to be difficult because I can't see any variable status when debugging inside bouncycastle.
Thanks, Paul

http://javacardos.com/javacardforum/viewtopic.php?f=25&t=81

Today, i use the jCardSim to simulate an javacard, and i can debug my applet code with eclipse java.
But, when install the applet, if my code as following:
public static void install(byte[] bArray, short bOffset, byte bLength) { new TestApplet().register(bArray, (short) (bOffset + 1), bArray[bOffset]); }
There is an exception raised;
when my code as following:
public static void install(byte[] bArray, short bOffset, byte bLength) { new TestApplet().register(); }
The install operation process succeeded;
What's the wrong?

From [email protected] on June 28, 2012 22:58:42

Description: http://www.cs.ru.nl/~tews/jcdocs/kit-user-2.2.2/cJDKinstaller.html#94775

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=5

This is a showstopper, even if extended length APDU-s are not supported, running applets that would make use of it, if the terminal supports it, is not possible.

Also, the javax.smartcardio implementation should connect disconnect() with deselect() and CLEAR_ON_* memory buffers.

Currently (as of 1d587ba) two tests are not working. Maybe this could be made more transparent by using a CI-System.

For open source projects on github travis ci is always a quick and suitable solution. All you have to is couple it with your github account and add a travis.yml to the root of the project.

From [email protected] on October 01, 2013 18:42:43

Since r10 the transmitAPDU in Simulator changed from using CommandAPDU and ResponseAPDU to byte arrays. This is not reflected in any documentation and as it breaks backward compatibility, should be fixed.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=20

From [email protected] on April 23, 2013 19:51:07

-> What steps will reproduce the problem?

1. try to create a new instance of a javacard.framework.service.Dispatcher Class in an applet
2. use the command line and launch com.licel.jcardsim.utils.APDUScriptTool as you would for any other applet

-> What is the expected output? What do you see instead?
I'd expect a normal behaviour: class would be instanciated and APDUs could then be dispatched to services registered into this dispatcher

Instead, we get the following error:
"Unable to execute sampleAPDU.txt due to: null"

-> What version of the product are you using? On what operating system?
jcardsim-2.2.1-all.jar on windows XP

-> Please provide any additional information below.
I see no class from javacard.framework.service in the jcardsim-2.2.1-all.jar file is it normal ???

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=11

From [email protected] on October 01, 2013 19:06:31

The method isAppletSelecting(Applet aThis) in the SimulatorSystem is not implemented correctly and returns only false.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=21

arrayFillNonAtomic should return bOff+bLen but returns bOff+bLen-1.

We changed:

while (bLen-- > 0) {
bArray[bOff++] = bValue;
}
return (short) (bOff + bLen);

to:

while (bLen > 0) {
bArray[bOff++] = bValue;
bLen--;
}
return (short) (bOff + bLen);


From [email protected] on October 01, 2013 21:36:13

when calling the function
public KeyGenerationParameters getKeyGenerationParameters(SecureRandom rnd) from the class ECKeyImpl with an uninitialized Key, the function

getDefaultKeyGenerationParameters(type, size, rnd) gets called

where type is a constant from the keyBuilder ( http://www.win.tue.nl/pinpasjc/docs/apis/jc222/constant-values.html#javacard.security.KeyBuilder.TYPE_EC_FP_PRIVATE ).

in the called function
getDefaultKeyGenerationParameters(byte algorithm, short keySize, SecureRandom rnd) {
byte keyType = algorithm == KeyPair.ALG_EC_FP ? KeyBuilder.TYPE_EC_FP_PUBLIC : KeyBuilder.TYPE_EC_F2M_PUBLIC;

this type variable gets compared to constants from the KeyPair class ( http://www.win.tue.nl/pinpasjc/docs/apis/jc222/constant-values.html#javacard.security.KeyPair.ALG_EC_FP )

directly calling getDefaultsDomainParameters() from getKeyGenerationParameters() would solve the problem.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=22

From [email protected] on February 15, 2013 19:26:54

I have an applet which returns more than 128 bytes of data.
The applet works well with a real javacard, but not with jcardsim.

With jcardsim everything is fine while the card returns less than or exactly 128 bytes of data.
If I try with more than 128 bytes (say 160 or 255 bytes) I get a strange status code "00 02" and no data.

With a real card, the card can respond with 255 bytes of data. For more than 255 bytes I have to do some APDU chaining, but no need to say it doesn't work with jcardsim.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=10

From [email protected] on February 03, 2013 12:10:20

Constructor of AssymetricCipherImpl can be changed to the following in order to implement ALG_RSA_PKCS1 algorithm:

public AssymetricCipherImpl(byte algorithm) {


    this.algorithm = algorithm;
    switch (algorithm) {
        case ALG_RSA_NOPAD:
            engine = new RSAEngine();
            paddingEngine = null;
            break;
        case ALG_RSA_PKCS1:
            engine = new PKCS1Encoding(new RSAEngine());
            paddingEngine = null;
            break;
        default:
            CryptoException.throwIt(CryptoException.NO_SUCH_ALGORITHM);
            break;
    }
}

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=9

From [email protected] on January 08, 2012 01:06:00

What steps will reproduce the problem? 1. Download jcardsim sources
2. Compile it using maven: mvn test
3. See the failure What is the expected output? What do you see instead? [INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
[INFO] Building Java Card Runime Environment Simulator
[INFO] task-segment: [test]
[INFO] ------------------------------------------------------------------------
[INFO] [resources:resources {execution: default-resources}]
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/lumag/EMV/jcardsim/src/main/resources
[INFO] [compiler:compile {execution: default-compile}]
[INFO] Compiling 70 source files to /home/lumag/EMV/jcardsim/target/classes
[INFO] ------------------------------------------------------------------------
[ERROR] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Compilation failure

AsymmetricSignatureImpl.java:[69,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

ECPrivateKeyImpl.java:[61,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

ECPublicKeyImpl.java:[63,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

SymmetricSignatureImpl.java:[85,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

KeyAgreementImpl.java:[56,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

RSAPrivateCrtKeyImpl.java:[111,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

DSAPublicKeyImpl.java:[62,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

RandomDataImpl.java:[39,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

RSAKeyImpl.java:[83,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

MessageDigestImpl.java:[56,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

DSAPrivateKeyImpl.java:[62,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

DSAKeyImpl.java:[68,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

SymmetricCipherImpl.java:[46,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

AssymetricCipherImpl.java:[55,5] annotations are not supported in -source 1.3
(use -source 5 or higher to enable annotations)
@OverRide

[INFO] ------------------------------------------------------------------------
[INFO] For more information, run Maven with the -e switch
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 16 seconds
[INFO] Finished at: Sun Jan 08 01:04:05 MSK 2012
[INFO] Final Memory: 6M/106M
[INFO] ------------------------------------------------------------------------ What version of the product are you using? On what operating system? I'm building on Debian wheezy, maven 2.2.1, javac from OpenJDK 1.6.0_24 Please provide any additional information below.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=1

My applet is implementing "create file", "select file" with standard INS.
"Select file" is not go to my applet process function.
It returns sw1sw2=6999 at the level of Simulator. I think It is a bug.

From [email protected] on September 18, 2013 18:36:08

Hi,
could please someone take a look at these two functions in the ECKeyImpl.java?

public void setFieldFP(byte[] buffer, short offset, short length) throws CryptoException {
fp.getBytes(buffer, offset);
}

public void setA(byte[] buffer, short offset, short length) throws CryptoException {
    a.getBytes(buffer, offset);
}

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=17

From [email protected] on September 10, 2013 23:11:06

What steps will reproduce the problem? -->Calling RandomData.getInstance(RandomData.ALG_SECURE_RANDOM) results in a CryptoException with error code NO_SUCH_ALGORITHM. What version of the product are you using? On what operating system? -->JCardSim 2.2.1, Windows 7 x64, JRE/JDK 7u25

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=12

I am working on executing the OpenPGP Java Card applet on an android smartphone using jCardSim (jcardsim-3.0.4-SNAPSHOT.jar).

As you can see in this thread, creating signatures does not work yet. The reason for this is, that the signatures created in the applet are not padded as in the OpenPGP card standard. The padding is part of jCardSim, which, I guess, uses BouncyCastle to implement it.

I could not find any hint in the PKCS1 standard, telling me that the hashes always have to be padded to the full key length. This would mean, that both behaviors are correct according to the standard, but only one behavior is accepted in OpenPGP. Anyhow, I am not very familiar with this standard and might have missed something. Maybe you know more about this.

Do you think it is possible, that jCardSim influences the padding? Or can this only be (if at all) a BouncyCastle problem?

Any kind of help would be appreciated!

From [email protected] on June 28, 2012 18:39:22

Implement support for virtual Java Card jCardSim for Netbeans Java Card Plugin.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=4

Thanks for your great work on jCardSim.

The emulator extension of the SEEK project (see https://code.google.com/p/seek-for-android/wiki/EmulatorExtension) enables a patched SIM Toolkit system app to run in an Android emulator and talk to a real SIM card in a PCSC reader on the development PC.

Can this work in conjunction with jCardSim, where a SIM applet is developed in jCardSim rather than on a real SIM card?

After cloning the repository and slightly modifying pom.xml I've discovered unsuccessful build.

After executing mvn initialize in maven console I got following log:

"C:\Program Files\Java\jdk1.8.0_73\bin\java" "-Dmaven.home=C:\Program Files(x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\plugins\maven\lib\maven3" "-Dclassworlds.conf=C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\plugins\maven\lib\maven3\bin\m2.conf" -Didea.launcher.port=7537 "-Didea.launcher.bin.path=C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\bin" -Dfile.encoding=UTF-8 -classpath "C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\plugins\maven\lib\maven3\boot\plexus-classworlds-2.4.jar;C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\lib\idea_rt.jar" com.intellij.rt.execution.application.AppMain org.codehaus.classworlds.Launcher -Didea.version=15.0.4 initialize
[INFO] Scanning for projects...
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building Java Card Runime Environment Simulator 3.0.4
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-install-plugin:2.5.2:install-file (default) @ jcardsim ---
[INFO] pom.xml not found in api.jar
[INFO] Installing C:\java_card_kit-2_2_2\lib\api.jar to C:\Users\Foo\.m2\repository\oracle\javacard\api_classic\2.2.2\api_classic-2.2.2.jar
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 0.527s
[INFO] Finished at: Sun Mar 06 10:19:39 MSK 2016
[INFO] Final Memory: 5M/116M
[INFO] ------------------------------------------------------------------------

Process finished with exit code 0

Which seems ok for me.

And this is what I've got after mvn clean install

"C:\Program Files\Java\jdk1.8.0_73\bin\java" "-Dmaven.home=C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\plugins\maven\lib\maven3" "-Dclassworlds.conf=C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\plugins\maven\lib\maven3\bin\m2.conf" -Didea.launcher.port=7538 "-Didea.launcher.bin.path=C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\bin" -Dfile.encoding=UTF-8 -classpath "C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\plugins\maven\lib\maven3\boot\plexus-classworlds-2.4.jar;C:\Program Files (x86)\JetBrains\IntelliJ IDEA Community Edition 15.0.4\lib\idea_rt.jar" com.intellij.rt.execution.application.AppMain org.codehaus.classworlds.Launcher -Didea.version=15.0.4 clean install
[INFO] Scanning for projects...
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building Java Card Runime Environment Simulator 3.0.4
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.4.1:clean (default-clean) @ jcardsim ---
[INFO] Deleting C:\Users\Foo\Documents\GitHub\jcardsim\target
[INFO] 
[INFO] --- maven-install-plugin:2.5.2:install-file (default) @ jcardsim ---
[INFO] pom.xml not found in api.jar
[INFO] Installing C:\java_card_kit-2_2_2\lib\api.jar to C:\Users\Foo\.m2\repository\oracle\javacard\api_classic\2.2.2\api_classic-2.2.2.jar
[INFO] 
[INFO] --- maven-resources-plugin:2.5:resources (default-resources) @ jcardsim ---
[debug] execute contextualize
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory C:\Users\Foo\Documents\GitHub\jcardsim\src\main\resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ jcardsim ---
[INFO] Compiling 86 source files to C:\Users\Foo\Documents\GitHub\jcardsim\target\classes
[INFO] 
[INFO] --- maven-dependency-plugin:2.10:unpack (default) @ jcardsim ---
[INFO] Configured Artifact: oracle.javacard:api_classic:2.2.2:jar
[INFO] Unpacking C:\Users\Foo\.m2\repository\oracle\javacard\api_classic\2.2.2\api_classic-2.2.2.jar to C:\Users\Foo\Documents\GitHub\jcardsim\target\classes with includes "**/*.class" and excludes ""
[INFO] 
[INFO] --- exec-maven-plugin:1.4.0:java (default) @ jcardsim ---
[WARNING] 
java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:293)
    at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalStateException: ClassReader.accept() should be called with EXPAND_FRAMES flag
    at org.objectweb.asm.commons.LocalVariablesSorter.visitFrame(Unknown Source)
    at org.objectweb.asm.commons.RemappingMethodAdapter.visitFrame(Unknown Source)
    at org.objectweb.asm.tree.FrameNode.accept(Unknown Source)
    at org.objectweb.asm.tree.InsnList.accept(Unknown Source)
    at org.objectweb.asm.tree.MethodNode.accept(Unknown Source)
    at org.objectweb.asm.tree.MethodNode.accept(Unknown Source)
    at org.objectweb.asm.tree.ClassNode.accept(Unknown Source)
    at com.licel.jcardsim.utils.JavaCardApiProcessor.proxyClass(JavaCardApiProcessor.java:92)
    at com.licel.jcardsim.utils.JavaCardApiProcessor.main(JavaCardApiProcessor.java:47)
    ... 6 more
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4.245s
[INFO] Finished at: Sun Mar 06 10:21:25 MSK 2016
[INFO] Final Memory: 20M/201M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.codehaus.mojo:exec-maven-plugin:1.4.0:java (default) on project jcardsim: An exception occured while executing the Java class. null: InvocationTargetException: ClassReader.accept() should be called with EXPAND_FRAMES flag -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException

Process finished with exit code 1

This issue might be caused implicitly by Java 1.8 (when 1.5 required), but this link tells that there is some issue with plugin or plugins.

Can anyone explain where did I go wrong?

From [email protected] on September 10, 2013 23:48:55

Description:
--> SimulatorRuntime::transmitCommand() recalculates the Lc parameter when copying from CommandAPDU commandAPDU to byte[] commandBuffer (SimulatorRuntime.java ~line 211). This breaks applets that expect Lc to be used as a third parameter instead of Nc for certain commands. For example, refer to "CKYListObjects" (section 2.6.17) in the following document: http://pki.fedoraproject.org/images/7/7a/CoolKeyApplet.pdf What steps will reproduce the problem? --> Generate CommandAPDU - 0xb0 0x58 0x00 0x00 0x0e (CKYListObjects). APDU is converted to 0xb0 0x58 0x00 0x00 0x00. Coolkey result: 0x67 0x00 (SW_WRONG_LENGTH).

What is the expected output?
--> Generate CommandAPDU - 0xb0 0x58 0x00 0x00 0x0e (CKYListObjects). Lc remains unaltered. Coolkey result: 0x90 0x00 What version of the product are you using? On what operating system? --> JCardSim 2.2.1, Windows 7 x64, JRE/JDK 7u25

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=13

The constructor for KeyPair in JC 2.2.2 says:

KeyPair(byte algorithm, short keyLength)
Constructs a KeyPair instance for the specified algorithm and keylength; the encapsulated keys are uninitialized.

This would imply the public and private keys are created, and will return false from the isInitialized() method. It seems that instead I get that keyPair.getPrivate() and keyPair.getPublic() return null on a freshly created KeyPair.

The following comments need to change.

/**
 * Length of digest in bytes for SHA
 */
public static final byte LENGTH_MD5 = 16;
/**
 * Length of digest in bytes for SHA-256
 */
public static final byte LENGTH_SHA = 20;
/**
 * Length of digest in bytes for MD5
 */
public static final byte LENGTH_SHA_256 = 32;

From [email protected] on September 28, 2012 10:12:20

Can we simulate a security domain in jcardsim?

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=7

From [email protected] on February 03, 2013 12:07:11

The return statement in getBigInteger method must be changed to this:
return new BigInteger(1, data);

Otherwise the RSA decryption won't work correctly. Modulus will always be smaller than the encrypted data and 'input data too large' exception will be thrown.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=8

Hi,
First I would like to thank you and your team for this great work.
I am using this solution in CLI mode in connection with virtual smart card reader to be able to test the applet before I actually put in on real card.

I have follow the instructions as explains and everything is working fine using the example you have reference HelloWorldApplet.

I am using the Eclipse JavaCard plugin to develop the Applet, as result of this it is generates Applet Class (name ID.class), I try to load the applets as follow:

1. copy the ID.class to the same folder of the jcardsim.
2. update the jcardsim.cfg as follow:
   com.licel.jcardsim.card.applet.0.AID=D2760000604104
   com.licel.jcardsim.card.applet.0.Class=ID
3. run the following command from the command line:
   java -cp jcardsim-2.2.1-all.jar com.licel.jcardsim.utils.APDUScriptTool jcardsim.cfg test.apdu out.apdu
   Then I get an error:
   Unable to execute test.apdu due to: null
   I believe there is a problem to load my ID.class, can you please support me with this.
   Best Regards.
   AS

When install Applet that uses a MessageDigest.getInstance(MessageDigest.ALG_SHA, true); (true as second parameter means with external access) launch Exception. When second parameters is false it installs and works fine.

On real card it works also with external access enabled (needed to manage shared objects).

JavaxSmartCardInterface simulator;
AID appletAID = new AID(new byte[] { (byte) 0xF2, 0x34, 0x12, 0x34,
0x56, 0x10, 0x00, 0x01 }, (short) 0, (byte)8);
simulator = new JavaxSmartCardInterface();
simulator.installApplet(appletAID, TestA.class);
simulator.selectApplet(appletAID); <- Launch SystemException

TestApplet:

package test;
import javacard.framework.APDU;
import javacard.framework.Applet;
import javacard.framework.ISOException;
import javacard.security.MessageDigest;
public class TestA extends Applet {
private TestA() {
}
private MessageDigest digest = MessageDigest.getInstance(MessageDigest.ALG_SHA, true);
public static void install(byte bArray[], short bOffset, byte bLength)
throws ISOException {
new TestA().register();
}
public void process(APDU arg0) throws ISOException {
// TODO Auto-generated method stub
}
}

In some cases it might be useful to be able to set memory constraints on transient memory in the simulator.

Java Card v2.2.1 for javacard.security.RSAPrivateCrtKey:
When all five components (P,Q,PQ,DP1,DQ1) of the key are set, the key is initialized and ready for use.
But I get CryptoException.UNINITIALIZED_KEY on Cipher.init.
Actually in the jcardsim sources for RSAPrivateCrtKeyImpl it's written that the modulus and exponent must be also initialized: check for super.isInitialized() in isInitialized() method.

From [email protected] on September 13, 2013 22:48:47

The specification says that APDUException.BAD_LENGTH is thrown "if len is greater than 256 ..."

Shorter APDU buffers can be handled by checking the buffer length and calling sendBytes multiple times if necessary, but this method should accept any value up to and including 256.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=16

I'd like to save the state of a Simulator with its loaded/initialized applets persistently to load them later. Unfortunately, the simulator is not serializable by ObjectOutputStream so that the following does not work on Android:

FileOutputStream fileOut = this.openFileOutput(filename, Activity.MODE_PRIVATE);
objectOut = new ObjectOutputStream(fileOut);
objectOut.writeObject(object);

I also tried Google's Gson without success:

FileOutputStream fileOut = this.openFileOutput(filename, Activity.MODE_PRIVATE);
fileOut.write(new Gson().toJson(object).getBytes());

Do you have any idea how to do this? Is there a built-in mechanism?

Do you plan to support KeyAgreement.ALG_EC_SVDP_DH_PLAIN which is defined (at least) since Java Card 3.0.4?

I'm a bit confused because there is a jcardsim snapshot of version 3.0.4, but the KA scheme is not defined anywhere in the java code.

From [email protected] on September 20, 2013 21:53:17

What steps will reproduce the problem? Create an applet that returns long responses using ISO7816.SW_BYTES_REMAINING_00 status words. What is the expected output? What do you see instead? The CardChannel implementation should transparently handle these long responses, so that clients using the CardChannel only get one long ResponseAPDU, with the status being the status of the final response to the original command. Instead, the 0x61xx response code is returned to the application. What version of the product are you using? On what operating system? jCardSim-2.2.1, OS-independent Please provide any additional information below. Support for this and other "artifacts of the transmission protocol" should be handled by the smartcardio implementation, as described in the API docs. http://docs.oracle.com/javase/7/docs/jre/api/security/smartcardio/spec/javax/smartcardio/CardChannel.html#transmit&#37;28javax.smartcardio.CommandAPDU&#37;29

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=19

From [email protected] on September 13, 2013 03:05:06

The jCardSim implementation of methods to get parameters like the modulus or public exponent of an RSA key return the index of the byte after the copied value.

This is consistent with many other javacard APIs, like Util.arrayCopy(). Unfortunately, it is incorrect.

These methods are specified to return "the byte length of the modulus value returned." In other words, they result in the number of bytes copied to the array, not an offset into the array. These methods produce incorrect results with a non-zero offset argument.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=14

KeyPair key = new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);
RSAPublicKey rsaPubKey = (RSAPublicKey)key.getPublic();

rsaPubKey is NULL, but in real java card is a PublicKey, to permit initialization on exponent with different value from default 65537

rsaPubKey.setExponent(new byte[] { 0x03 }, (short)0, (short)1);

will work on real java card but not in jcardsim

From [email protected] on September 20, 2013 21:38:03

What steps will reproduce the problem? Attempt to use ALG_RSA_NOPAD with AssymetricCipherImpl. What is the expected output? What do you see instead? I expect plain text and cipher text to have the same length as the RSA key modulus. Instead, plain text must be one byte shorter on encryption, and the result of decryption is one byte shorter too. What version of the product are you using? On what operating system? jCardSim-2.2.1, OS-independent. Please provide any additional information below. The Bouncy Castle implementation of raw RSA is a little quirky in that it requires plain text to be one byte shorter than the modulus on encryption, and returns one byte less on decryption. This is a defensible choice for truly "unpadded" message, and clearly documented in the BouncyCastle library, but it isn't consistent with my smart cards (Gemalto and G&D), which always require cipher text and plain text the same size of the RSA modulus.

I created a wrapper around the BC RSAEngine to fix this. You might want to swap some operations with calls to JCSystem and Util.

final class RawRSAWrapper
implements AsymmetricBlockCipher
{

private final AsymmetricBlockCipher rsa = new RSAEngine();

private boolean encrypt;

@OverRide
public int getInputBlockSize()
{
int iblk = rsa.getInputBlockSize();
return encrypt ? iblk + 1 : iblk;
}

@OverRide
public int getOutputBlockSize()
{
int oblk = rsa.getOutputBlockSize();
return encrypt ? oblk : oblk + 1;
}

@OverRide
public void init(boolean encrypt, CipherParameters params)
{
this.encrypt = encrypt;
rsa.init(encrypt, params);
}

@OverRide
public byte[] processBlock(byte[] buf, int off, int len)
throws InvalidCipherTextException
{
if (encrypt) {
if (buf[off] != 0)
/* Maybe only most significant BIT needs to be clear. Need to check. */
throw new InvalidCipherTextException("Leading byte must be zero.");
return rsa.processBlock(buf, off + 1, len - 1);
}
else {
byte[] unpadded = rsa.processBlock(buf, off, len);
byte[] padded = new byte[unpadded.length + 1];
System.arraycopy(unpadded, 0, padded, 1, unpadded.length);
return padded;
}
}

}

Here's how I use it in AssymetricCipherImpl(byte) constructor:

...
case ALG_RSA_NOPAD:
engine = new RawRSAWrapper();
...

BTW, since padding is always null currently, it's dead code, and I removed all references to it for simplification.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=18

From martin.paljak on October 20, 2013 12:27:27

Is there a list somewhere that tracks the missing pieces from JC 2.2.2 and/or JC3.0.4 classic compatibility? I can understand that the list might not be all-inclusive but somebody with good understanding of the codebase probably has some guesstimates.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=26

Reported by core.lance, Today (19 minutes ago)

KeyAgreement in Java Card returns SHA-1 (20 bytes) digest of the secret data, not the secret data itself (as how bccrypto does it in ECDHBasicAgreement).

This is verified on SmartMX J3A080v2.4.1

I have an Application using shareable running on a JCOB 2.4.2R2. Once I am in a Shareable JCSystem.getAid() returns the AID of the Applet providing the Shareable (which also is consitent with the JCRE spec, as far as I understood it). On jcardsim it returns the AID of the Applet calling into the Shareable if I am not mistaken.

From [email protected] on July 24, 2012 21:46:03

So the jcardsim can be used on Firefox for SSL mutual authentication and Thunderbird email encryption via pkcs#11 module (via opensc)

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=6

I think I've run across a bug in jCardSim. Working on a test case, I discovered that if I verified a PIN, then reset the simulator with simulator.reset(), the PIN remained verified once the applet was re-selected. I made a simple applet and test case to demonstrate the issue. This test applet has two commands: VERIFY and GET DATA:

• The VERIFY command verifies the submitted PIN against a hard-coded value of 123456, using the standard OwnerPIN.check() method.
• The GET DATA command requires a verified PIN. It returns a test data object when presented with its identifier in P1P2.

The test case implements three tests:

1. GET DATA should fail before the PIN is submitted.
2. GET DATA should succeed after the PIN is submitted.
3. GET DATA should fail after the card is reset, but before the PIN has been resubmitted.

On a real Java Card, the following (abbreviated) transcript shows each case succeeding:

/select A00000FFFE0102030405
/send 00CA010000
 => 00 CA 01 00 00                                     .....
 <= 69 82                                              i.
/send 0020000006313233343536
 => 00 20 00 00 06 31 32 33 34 35 36                   . ...123456
 <= 90 00                                              ..
/send 00CA010000
 => 00 CA 01 00 00                                     .....
 <= 74 65 73 74 64 61 74 61 90 00                      testdata..
/atr
/select A00000FFFE0102030405
/send 00CA010000
 => 00 CA 01 00 00                                     .....
 <= 69 82                                              i.

The same test, executed on the jcardsim simulator, succeeds in cases 1 and 2, but in case 3, it fails:

[junit] ------------- Standard Output ---------------
[junit] Test 1: GET DATA should fail before PIN is presented.
[junit]  => 00 ca 01 00 
[junit]  <= 69 82 
[junit] 
[junit] Test 2: After successful presentation of PIN, GET DATA should succeed.
[junit]  => 00 20 00 00 06 31 32 33 34 35 36 
[junit]  <= 90 00 
[junit]  => 00 ca 01 00 
[junit]  <= 74 65 73 74 64 61 74 61 90 00 
[junit] 
[junit] Test 3: After a reset, but before PIN is presented, GET DATA command should fail.
[junit]  => 00 ca 01 00 
[junit]  <= 74 65 73 74 64 61 74 61 90 00 
[junit] ------------- ---------------- ---------------

The data object is returned despite the fact that the PIN has not been submitted. Is this a bug in jCardSim, or am I doing something wrong?

From [email protected] on September 13, 2013 22:45:10

If the most significant bit of a BigInteger's magnitude is set, when encoded to a byte array, an extra leading byte will be added so that the resulting byte array can be passed back to the BigInteger constructor that takes only a byte array and no sign indicator.

This causes encoded parameters to sometimes be one byte longer than expected. All parameters (modulus, exponent, etc.) should be treated as unsigned numbers, and this leading byte can be discarded. In other words, since the sign of new BigInteger is fixed to be positive, we don't need to track the sign.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=15

From martin.paljak on October 20, 2013 11:35:15

Hello,

I have a bunch of changes I've made to jcardsim that might be of interest, as dealing with SVN and patches is a PITA, maybe it would make sense to have an official mirror on github or somewhere else, where different people can easily have their own branches?

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=25

It would be nice if some background easy classloader-fu magic (or something similar) allowed to have api.jar in the eclipse classpath (as normal) for development and then bring in the jcardsim only for junit tests.

Putting some thought into how this could be done easily and "by default" would be really nice.

From [email protected] on January 23, 2012 16:11:56

Ability to send batch APDU to the simulator, and check responses with patterns.

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=3

From [email protected] on October 01, 2013 22:05:04

When calling the method KeyPair.genKeyPair() the previously set key parameters (fp, a, b, g, r, k) are only used to determine the Domain of the key, if also the field s of the ECPrivateKey was set (initialized).

This behaiviour is caused this method from the ECKeyImpl.class, because it checks also if s.isInitialized() (by calling is Initialized()):

public KeyGenerationParameters getKeyGenerationParameters(SecureRandom rnd) {
if (isInitialized()) {
return new ECKeyGenerationParameters(getDomainParameters(), rnd);
}
return getDefaultKeyGenerationParameters(type, size, rnd);
}

public KeyGenerationParameters getKeyGenerationParameters(SecureRandom rnd) {
if (isInitialized()) {
return new ECKeyGenerationParameters(getDomainParameters(), rnd);
}
return getDefaultKeyGenerationParameters(type, size, rnd);
}

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=23

From [email protected] on January 23, 2012 16:09:11

Ability to use simulator from application as real javacard terminal

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=2

Frech checkout of jCardSim fails with the following error:

$ mvn test
[INFO] Scanning for projects...
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building Java Card Runime Environment Simulator 3.0.4-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[WARNING] The POM for oracle.javacard:api_classic:jar:3.0.4 is missing, no dependency information available
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 0.327 s
[INFO] Finished at: 2015-12-29T09:06:52+03:00
[INFO] Final Memory: 7M/148M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal on project jcardsim: Could not resolve dependencies for project com.licel:jcardsim:jar:3.0.4-SNAPSHOT: Failure to find oracle.javacard:api_classic:jar:3.0.4 in https://repo.maven.apache.org/maven2 was cached in the local repository, resolution will not be reattempted until the update interval of central has elapsed or updates are forced -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException

From [email protected] on October 02, 2013 21:30:03

The method
short javacard.framework.APDU.setIncomingAndReceive()
returns negative values if more than 128 Bytes are received.
Seems like a problem with casting a byte to a short variable.

As a workaround I use a method like this:
private short apduSetIncomingAndReceive(APDU apdu){
short len = apdu.setIncomingAndReceive();
if (len < 0){
len = (short) (len & 0xff);
}
return len;
}

Original issue: http://code.google.com/p/jcardsim/issues/detail?id=24