Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
public:smartcard [2011-08-31 20:45] – [Writing Microsoft Smart card minidriver] petrspublic:research:smartcard:smartcard [2024-01-17 18:56] (current) – [Smart cards info] xjancar
Line 1: Line 1:
- 
 ====== Smart cards info ====== ====== Smart cards info ======
  
  
-[[public:smartcard:JavaCardCompilation|JavaCard applet compilation (NetBeans, JC2.2.2, Java SDK 1.3)]]+[[public:research:smartcard:JavaCardCompilation|JavaCard applet compilation (NetBeans, JC2.2.2, Java SDK 1.3)]] 
 + 
 +[[public:research:smartcard:GPShell|GPShell documentation and usable scripts]] 
 + 
 +[[public:research:smartcard:TutorialEuropen|Tutorial preparation (Europen 2011)]] 
 + 
 +[[public:research:smartcard:JCOPTools| JCOP Tools]] 
 + 
 +[[public:research:smartcard:Mifare| Mifare cards]] 
 + 
 +[[public:research:smartcard:cesta| CesTa project]] 
 + 
 +====== Various links ====== 
 + 
 +  * JavaCard applet programming guideline: http://ruimtools.com/doc.php?doc=jc_best 
 +  * JavaCard history: http://javacard.vetilles.com/2012/09/20/chip-to-cloud-day-2-java-card-15-years-later/ 
 +  * Report on JavaCard 3.0 vulnerabilities (Royal Holloway) http://www.ma.rhul.ac.uk/static/techrep/2013/MA-2013-04.pdf 
 +====== Handy smart card tools ====== 
 +  * Cardpeek, Reader of smart card content: http://code.google.com/p/cardpeek/ 
 +  * GPShell, JavaCard applets and keys manager: http://sourceforge.net/projects/globalplatform/ 
 +  * jcManager, JavaCard applets and keys manager: http://www.brokenmill.com/2010/03/java-secure-card-manager/ 
 +  * List of smart cards with ATR: http://ludovic.rousseau.free.fr/softwares/pcsc-tools/smartcard_list.txt 
 +  * Online ATR parsers: http://ruimtools.com/atr.php
  
-[[public:smartcard:GPShell|GPShell documentation and usable scripts]] 
  
 ====== PKCS#11/PKCS#15 with JavaCard on Windows ====== ====== PKCS#11/PKCS#15 with JavaCard on Windows ======
Line 13: Line 33:
   * Download Muscle applet via svn co svn://svn.debian.org/muscleplugins/trunk/MCardApplet// or local copy of {{:public:cardedge.zip|preconfigured NetBeans applet}}   * Download Muscle applet via svn co svn://svn.debian.org/muscleplugins/trunk/MCardApplet// or local copy of {{:public:cardedge.zip|preconfigured NetBeans applet}}
     * (Applet using Extended APDU is available here: https://github.com/martinpaljak/MuscleApplet). Note that this applet requires cards with support to javacardx.apdu.ExtendedLength package     * (Applet using Extended APDU is available here: https://github.com/martinpaljak/MuscleApplet). Note that this applet requires cards with support to javacardx.apdu.ExtendedLength package
-  * Compile, Convert and upload applet to smart card - see [[public:smartcard:JavaCardCompilation|HOWTO]]+  * Compile, Convert and upload applet to smart card - see [[public:research:smartcard:JavaCardCompilation|HOWTO]]
   * IMPORTANT: Muscle applet needs to be installed with privilege 'default selected' (CARD_RESET in later specifications). OpenSC tools are **NOT** selecting Muscle applet, therefore preselected applet is necessity.   * IMPORTANT: Muscle applet needs to be installed with privilege 'default selected' (CARD_RESET in later specifications). OpenSC tools are **NOT** selecting Muscle applet, therefore preselected applet is necessity.
     * e.g. in GPShell, //install -file cardedge.cap -nvDataLimit 2000 -instParam 00 **-priv 4**// (-priv 4 makes applet default selected)     * e.g. in GPShell, //install -file cardedge.cap -nvDataLimit 2000 -instParam 00 **-priv 4**// (-priv 4 makes applet default selected)
Line 65: Line 85:
  
 ====== Generate self-signed X.509 certificates with OpenSSL====== ====== Generate self-signed X.509 certificates with OpenSSL======
 +
 +  * Complete Linux Tutorial: http://www.howtoforge.com/how-to-encrypt-mails-with-ssl-certificates-s-mime
 +
 +
   * openssl genrsa -out my.key 2048   * openssl genrsa -out my.key 2048
     * (unable to write 'random state' may appear - not important)      * (unable to write 'random state' may appear - not important) 
Line 71: Line 95:
     * fill in certificate parameters     * fill in certificate parameters
     * you may prefill required info into file and 'openssl req -new -x509 -days 365 -key my.key -out my.crt -sha512 < certificate_info.txt'      * you may prefill required info into file and 'openssl req -new -x509 -days 365 -key my.key -out my.crt -sha512 < certificate_info.txt' 
 +    * error: Unable to load config info from /usr/local/ssl/openssl.cnf
 +      * https://stackoverflow.com/questions/14459078/unable-to-load-config-info-from-usr-local-ssl-openssl-cnf-windows
 +      * set environmental variable OPENSSL_CONF=c:/libs/openssl-0.9.8k/openssl.cnf
   * openssl pkcs12 -export -out my.p12 -in my.crt -inkey my.key   * openssl pkcs12 -export -out my.p12 -in my.crt -inkey my.key
     * export your private and public key into single my.p12 file     * export your private and public key into single my.p12 file