JCOP Tools
Off-Card APIs (IBM JCOPTools)
These APIs are an integral part of the JCOP Tools, but accessible and open to any kind of terminal application. These provide all basic and many advanced functions offered by the JCOP Tools, for instance OpenPlatform management functions, secure messaging, etc. Documentation and samples for their use is included in the distribution.
- com.ibm.jc offers basic functionality like opening a card connection and sending an APDU.
- com.ibm.jc.tools contains the various, powerful plugins for advanced functions like OpenPlatform management.
- com.ibm.jc.terminal provides access to all the different physical terminals supported and/or the many virtual terminals (for debugging, connections via the Internet).
The APIs are portable across Windows, Linux and Mac OS X.
- Download and unpack Eclipse SDK 3.2 (eclipse-SDK-3.2-win32.zip)
- Copy features\com.ibm.bluez.jcop.eclipse_3.1.2.jar into features directory in Eclipse
- Copy plugins\com.ibm.bluez.jcop.eclipse_3.1.2.jar into features directory in Eclipse
- JAR with API com.ibm.jc.* can be obtained from com.ibm.bluez.jcop.eclipse_3.1.2.jar plugin
- rename com.ibm.bluez.jcop.eclipse_3.1.2.jar to com.ibm.bluez.jcop.eclipse_3.1.2.zip
- browse inside, copy out content of lib folder (to classpath - can be obtained by String path = System.getProperty(“java.library.path”)
- com.ibm.jc.* is inside offcard.jar file
- com.linuxnet.jpcsc.* is inside jpcsc.jar
- jpcsc.dll is required. You may ontain it from jcManager (uploader and key modifier for JCOP cards) – Java Secure Card Manager: http://www.brokenmill.com/2010/03/java-secure-card-manager/
- use jpcsc.dll from jcManager\res\ folder
- copy to classpath
- cardManager.initializeUpdate() may throw execption 'No such key: keySet/keyIndex'. If that occur, you are missing keys in cardManager object
- keyIndex … 1, 2, 3
- OPKey key1 = new OPKey(keySet, 1, OPKey.DES_ECB, JCOP_DEFAULT_INIT_KEY1);
- cardManager.setKey(key1);
Smart card communication via JCOPTools
package jctoolapp; import com.ibm.jc.JCTerminal; import com.ibm.jc.terminal.TraceJCTerminal; import com.ibm.jc.terminal.PCSCJCTerminal; import com.ibm.jc.CardManager; import com.ibm.jc.OPKey; import com.ibm.jc.JCard; import com.ibm.jc.OPApplet; import com.ibm.jc.JCException; import java.io.PrintWriter; /** * * @author petrs */ public class JCToolApp { protected static byte[] JCOP_DEFAULT_INIT_KEY1 = "@ABCDEFGHIJKLMNO".getBytes(); protected static byte[] JCOP_DEFAULT_INIT_KEY2 = "@ABCDEFGHIJKLMNO".getBytes(); protected static byte[] JCOP_DEFAULT_INIT_KEY3 = "@ABCDEFGHIJKLMNO".getBytes(); protected static byte[] CM_AID_OBERTHUR = {(byte)0xa0, (byte)0x00, (byte)0x00, (byte)0x01, (byte)0x51, (byte)0x00, (byte)0x00}; /** * @param args the command line arguments */ public static void main(String[] args) { OPAuthJCOPTools(); } static void OPAuthJCOPTools() { JCTerminal terminal = new PCSCJCTerminal(); terminal.init("any"); //terminal.init("Gemplus GemPC Card Reader 0"); terminal.open(); // Create special terminal that will output all exchanged APDUs TraceJCTerminal _term = new TraceJCTerminal(); _term.setLog(new PrintWriter(System.out)); _term.init(terminal); terminal = _term; // new Card JCard card = new JCard(terminal, null, 2000); // Computer side CardManager CardManager cardManager = new CardManager(card, CM_AID_OBERTHUR); // KeySet must be set to value also set on smart card int keySet = 2; // 1 ... ENC_KEY, 2 ... MAC_KEY, 3 ... KEK_KEY OPKey key1 = new OPKey(keySet, 1, OPKey.DES_ECB, JCOP_DEFAULT_INIT_KEY1); OPKey key2 = new OPKey(keySet, 2, OPKey.DES_ECB, JCOP_DEFAULT_INIT_KEY2); OPKey key3 = new OPKey(keySet, 3, OPKey.DES_ECB, JCOP_DEFAULT_INIT_KEY3); // Select CardManager cardManager.select(); // Set keys to Cardmanager on PC side cardManager.setKey(key1); cardManager.setKey(key2); cardManager.setKey(key3); // Authenticate and establish secure channel via OpenPlatform SCP'01 protocol try { cardManager.initializeUpdate(0, 0, CardManager.SCP_01_15); cardManager.externalAuthenticate(OPApplet.APDU_CLR); } catch (JCException ex) { System.out.println(ex.getMessage()); } } }