Skip to content

F
Fido2Applet
Commit 75d64299 authored by Josh Ji's avatar Josh Ji
Browse files
Options

Initial commit

parents
Hide whitespace changes
Inline Side-by-side
Showing with 8076 additions and 0 deletions
.gitattributes 0 → 100644
View file @ 75d64299
# Auto detect text files and perform LF normalization
* text=auto
.gradle/buildOutputCleanup/cache.properties 0 → 100644
View file @ 75d64299
#Mon Dec 06 04:06:59 CST 2021
gradle.version=7.1
.idea/.gitignore 0 → 100644
View file @ 75d64299
# Default ignored files
/shelf/
/workspace.xml
.idea/compiler.xml 0 → 100644
View file @ 75d64299
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="CompilerConfiguration">
<bytecodeTargetLevel target="1.8" />
</component>
</project>
\ No newline at end of file
.idea/gradle.xml 0 → 100644
View file @ 75d64299
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="GradleMigrationSettings" migrationVersion="1" />
<component name="GradleSettings">
<option name="linkedExternalProjectsSettings">
<GradleProjectSettings>
<option name="distributionType" value="DEFAULT_WRAPPED" />
<option name="externalProjectPath" value="$PROJECT_DIR$" />
<option name="modules">
<set>
<option value="$PROJECT_DIR$" />
</set>
</option>
</GradleProjectSettings>
</option>
</component>
</project>
\ No newline at end of file
.idea/jarRepositories.xml 0 → 100644
View file @ 75d64299
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="RemoteRepositoriesConfiguration">
<remote-repository>
<option name="id" value="central" />
<option name="name" value="Maven Central repository" />
<option name="url" value="https://repo1.maven.org/maven2" />
</remote-repository>
<remote-repository>
<option name="id" value="jboss.community" />
<option name="name" value="JBoss Community repository" />
<option name="url" value="https://repository.jboss.org/nexus/content/repositories/public/" />
</remote-repository>
<remote-repository>
<option name="id" value="MavenRepo" />
<option name="name" value="MavenRepo" />
<option name="url" value="https://repo.maven.apache.org/maven2/" />
</remote-repository>
<remote-repository>
<option name="id" value="maven" />
<option name="name" value="maven" />
<option name="url" value="https://javacard.pro/maven" />
</remote-repository>
</component>
</project>
\ No newline at end of file
.idea/misc.xml 0 → 100644
View file @ 75d64299
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ExternalStorageConfigurationManager" enabled="true" />
<component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" default="true" project-jdk-name="1.8" project-jdk-type="JavaSDK">
<output url="file://$PROJECT_DIR$/out" />
</component>
</project>
\ No newline at end of file
.idea/runConfigurations.xml 0 → 100644
View file @ 75d64299
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="RunConfigurationProducerService">
<option name="ignoredProducers">
<set>
<option value="com.android.tools.idea.compose.preview.runconfiguration.ComposePreviewRunConfigurationProducer" />
</set>
</option>
</component>
</project>
\ No newline at end of file
build.gradle 0 → 100644
View file @ 75d64299
buildscript{
repositories{
mavenCentral()
maven{url 'https://javacard.pro/maven'}
}
dependencies{
classpath 'com.klinec:gradle-javacard:1.8.0'
}
}
plugins {
id 'java'
}
group 'com.josh'
version '1.0-SNAPSHOT'
apply plugin:'com.klinec.gradle.javacard'
repositories {
mavenCentral()
maven{url 'https://javacard.pro/maven'}
}
final def jcdk_dir = 'sdks/jc305u3_kit'
javacard{
config{
jckit jcdk_dir
cap{
packageName 'com.josh.vku2f'
version '0.1'
aid 'A000000647'
output 'applet.cap'
targetsdk jcdk_dir
applet{
className 'com.josh.vku2f.CTAP2'
aid 'A0000006472F0001'
}
}
}
}
build/javacard/applet.jca 0 → 100644
View file @ 75d64299
This source diff could not be displayed because it is too large. You can view the blob instead.
gradle/wrapper/gradle-wrapper.properties 0 → 100644
View file @ 75d64299
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-7.1-bin.zip
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
gradlew 0 → 100644
View file @ 75d64299
#!/usr/bin/env sh
#
# Copyright 2015 the original author or authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
##############################################################################
##
## Gradle start up script for UN*X
##
##############################################################################
# Attempt to set APP_HOME
# Resolve links: $0 may be a link
PRG="$0"
# Need this for relative symlinks.
while [ -h "$PRG" ] ; do
ls=`ls -ld "$PRG"`
link=`expr "$ls" : '.*-> \(.*\)$'`
if expr "$link" : '/.*' > /dev/null; then
PRG="$link"
else
PRG=`dirname "$PRG"`"/$link"
fi
done
SAVED="`pwd`"
cd "`dirname \"$PRG\"`/" >/dev/null
APP_HOME="`pwd -P`"
cd "$SAVED" >/dev/null
APP_NAME="Gradle"
APP_BASE_NAME=`basename "$0"`
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
# Use the maximum available, or set MAX_FD != -1 to use that value.
MAX_FD="maximum"
warn () {
echo "$*"
}
die () {
echo
echo "$*"
echo
exit 1
}
# OS specific support (must be 'true' or 'false').
cygwin=false
msys=false
darwin=false
nonstop=false
case "`uname`" in
CYGWIN* )
cygwin=true
;;
Darwin* )
darwin=true
;;
MSYS* | MINGW* )
msys=true
;;
NONSTOP* )
nonstop=true
;;
esac
CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
# Determine the Java command to use to start the JVM.
if [ -n "$JAVA_HOME" ] ; then
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD="$JAVA_HOME/jre/sh/java"
else
JAVACMD="$JAVA_HOME/bin/java"
fi
if [ ! -x "$JAVACMD" ] ; then
die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
else
JAVACMD="java"
which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
Please set the JAVA_HOME variable in your environment to match the
location of your Java installation."
fi
# Increase the maximum file descriptors if we can.
if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
MAX_FD_LIMIT=`ulimit -H -n`
if [ $? -eq 0 ] ; then
if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
MAX_FD="$MAX_FD_LIMIT"
fi
ulimit -n $MAX_FD
if [ $? -ne 0 ] ; then
warn "Could not set maximum file descriptor limit: $MAX_FD"
fi
else
warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
fi
fi
# For Darwin, add options to specify how the application appears in the dock
if $darwin; then
GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
fi
# For Cygwin or MSYS, switch paths to Windows format before running java
if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
APP_HOME=`cygpath --path --mixed "$APP_HOME"`
CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
JAVACMD=`cygpath --unix "$JAVACMD"`
# We build the pattern for arguments to be converted via cygpath
ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
SEP=""
for dir in $ROOTDIRSRAW ; do
ROOTDIRS="$ROOTDIRS$SEP$dir"
SEP="|"
done
OURCYGPATTERN="(^($ROOTDIRS))"
# Add a user-defined pattern to the cygpath arguments
if [ "$GRADLE_CYGPATTERN" != "" ] ; then
OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
fi
# Now convert the arguments - kludge to limit ourselves to /bin/sh
i=0
for arg in "$@" ; do
CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option
if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition
eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
else
eval `echo args$i`="\"$arg\""
fi
i=`expr $i + 1`
done
case $i in
0) set -- ;;
1) set -- "$args0" ;;
2) set -- "$args0" "$args1" ;;
3) set -- "$args0" "$args1" "$args2" ;;
4) set -- "$args0" "$args1" "$args2" "$args3" ;;
5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
esac
fi
# Escape application args
save () {
for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
echo " "
}
APP_ARGS=`save "$@"`
# Collect all arguments for the java command, following the shell quoting and substitution rules
eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
exec "$JAVACMD" "$@"
gradlew.bat 0 → 100644
View file @ 75d64299
@rem
@rem Copyright 2015 the original author or authors.
@rem
@rem Licensed under the Apache License, Version 2.0 (the "License");
@rem you may not use this file except in compliance with the License.
@rem You may obtain a copy of the License at
@rem
@rem https://www.apache.org/licenses/LICENSE-2.0
@rem
@rem Unless required by applicable law or agreed to in writing, software
@rem distributed under the License is distributed on an "AS IS" BASIS,
@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@rem See the License for the specific language governing permissions and
@rem limitations under the License.
@rem
@if "%DEBUG%" == "" @echo off
@rem ##########################################################################
@rem
@rem Gradle startup script for Windows
@rem
@rem ##########################################################################
@rem Set local scope for the variables with windows NT shell
if "%OS%"=="Windows_NT" setlocal
set DIRNAME=%~dp0
if "%DIRNAME%" == "" set DIRNAME=.
set APP_BASE_NAME=%~n0
set APP_HOME=%DIRNAME%
@rem Resolve any "." and ".." in APP_HOME to make it shorter.
for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
@rem Find java.exe
if defined JAVA_HOME goto findJavaFromJavaHome
set JAVA_EXE=java.exe
%JAVA_EXE% -version >NUL 2>&1
if "%ERRORLEVEL%" == "0" goto execute
echo.
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
echo.
echo Please set the JAVA_HOME variable in your environment to match the
echo location of your Java installation.
goto fail
:findJavaFromJavaHome
set JAVA_HOME=%JAVA_HOME:"=%
set JAVA_EXE=%JAVA_HOME%/bin/java.exe
if exist "%JAVA_EXE%" goto execute
echo.
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
echo.
echo Please set the JAVA_HOME variable in your environment to match the
echo location of your Java installation.
goto fail
:execute
@rem Setup the command line
set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
@rem Execute Gradle
"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
:end
@rem End local scope for the variables with windows NT shell
if "%ERRORLEVEL%"=="0" goto mainEnd
:fail
rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
rem the _cmd.exe /c_ return code!
if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
exit /b 1
:mainEnd
if "%OS%"=="Windows_NT" endlocal
:omega
sdks/jc304_kit/COPYRIGHT.html 0 → 100644
View file @ 75d64299
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=ISO-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta name="GENERATOR"
content="Adobe FrameMaker 7.0/HTML Export Filter">
<link rel="STYLESHEET" href="document.css" charset="ISO-8859-1"
type="text/css">
<title>Copyright</title>
</head>
<body style="background-color: rgb(255, 255, 255);">
<div><span style="font-weight: bold;">Copyright &copy; 1998, 2011,
Oracle and/or its affiliates. All rights reserved.</span><span
style="font-weight: bold;"><br>
</span>
<p>This software and related documentation are provided under a license
agreement containing restrictions on use and disclosure and are
protected by intellectual property laws. Except as expressly permitted
in your license agreement or allowed by law, you may not use, copy,
reproduce, translate, broadcast, modify, license, transmit, distribute,
exhibit, perform, publish, or display any part, in any form, or by any
means. Reverse engineering, disassembly, or decompilation of this
software, unless required by law for interoperability, is prohibited.</p>
<p>The information contained herein is subject to change without notice
and is not warranted to be error-free. If you find any errors, please
report them to us in writing.</p>
<p>If this is software or related software documentation that is
delivered to the U.S. Government or anyone licensing it on behalf of
the U.S. Government, the following notice is applicable:</p>
<p>U.S. GOVERNMENT RIGHTS Programs, software, databases, and related
documentation and technical data delivered to U.S. Government customers
are "commercial computer software" or "commercial technical data"
pursuant to the applicable Federal Acquisition Regulation and
agency-specific supplemental regulations. As such, the use,
duplication, disclosure, modification, and adaptation shall be subject
to the restrictions and license terms set forth in the applicable
Government contract, and, to the extent applicable by the terms of the
Government contract, the additional rights set forth in FAR 52.227-19,
Commercial Computer Software License (December 2007). Oracle USA, Inc.,
500 Oracle Parkway, Redwood City, CA 94065.</p>
<p>This software or hardware is developed for general use in a variety
of information management applications. It is not developed or intended
for use in any inherently dangerous applications, including
applications which may create a risk of personal injury. If you use
this software or hardware in dangerous applications, then you shall be
responsible to take all appropriate fail-safe, backup, redundancy, and
other measures to ensure the safe use. Oracle Corporation and its
affiliates disclaim any liability for any damages caused by use of this
software or hardware in dangerous applications.</p>
<p>Oracle and Java are registered trademarks of Oracle Corporation
and/or its
affiliates. Oracle and Java are registered trademarks of Oracle and/or
its affiliates. Other names may be trademarks of their respective
owners.</p>
<p>AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks
or registered trademarks of Advanced Micro Devices. Intel and Intel
Xeon are trademarks or registered trademarks of Intel Corporation. All
SPARC trademarks are used under license and are trademarks or
registered trademarks of SPARC International, Inc. UNIX is a registered
trademark licensed through X/Open Company, Ltd.</p>
<p>This software or hardware and documentation may provide access to or
information on content, products, and services from third parties.
Oracle Corporation and its affiliates are not responsible for and
expressly disclaim all warranties of any kind with respect to
third-party content, products, and services. Oracle Corporation and its
affiliates will not be responsible for any loss, costs, or damages
incurred due to your access to or use of third-party content, products,
or services.<br>
</p>
<br>
<span style="font-weight: bold;">Copyright &copy; 1998, 2011, Oracle
et/ou ses affili&eacute;s.
Tous droits r&eacute;serv&eacute;s.
</span>
<p>Ce logiciel et la documentation qui l&#8217;accompagne sont
prot&eacute;g&eacute;s par les
lois sur la propri&eacute;t&eacute; intellectuelle. Ils sont
conc&eacute;d&eacute;s sous licence et soumis &agrave;
des restrictions d&#8217;utilisation et de divulgation. Sauf disposition de
votre contrat de licence ou
de la loi, vous ne pouvez pas copier, reproduire, traduire, diffuser,
modifier, breveter,
transmettre, distribuer, exposer, ex&eacute;cuter, publier ou afficher
le logiciel, m&ecirc;me partiellement, sous quelque forme
et par quelque proc&eacute;d&eacute; que ce soit. Par ailleurs, il est
interdit de
proc&eacute;der &agrave; toute ing&eacute;nierie inverse du logiciel,
de le d&eacute;sassembler ou de le d&eacute;compiler,
except&eacute; &agrave; des fins d&#8217;interop&eacute;rabilit&eacute; avec
des logiciels tiers ou tel que prescrit par
la loi.</p>
<p>Les informations fournies dans ce document sont susceptibles de
modification sans pr&eacute;avis.
Par ailleurs, Oracle Corporation ne garantit pas qu&#8217;elles soient
exemptes d&#8217;erreurs et vous invite,
le cas &eacute;ch&eacute;ant, &agrave; lui en faire part par
&eacute;crit.</p>
<p>Si ce logiciel, ou
la documentation qui l&#8217;accompagne, est conc&eacute;d&eacute; sous
licence au Gouvernement des Etats-Unis, ou &agrave;
toute entit&eacute; qui d&eacute;livre la licence de ce logiciel ou
l&#8217;utilise pour le
compte du Gouvernement des Etats-Unis, la notice suivante s&#8217;applique:</p>
<p>U.S. GOVERNMENT RIGHTS. Programs,
software, databases, and related documentation and technical data
delivered to U.S. Government customers are
"commercial computer software" or "commercial technical data" pursuant
to the applicable Federal Acquisition
Regulation and agency-specific supplemental regulations. As such, the
use, duplication, disclosure, modification, and
adaptation shall be subject to the restrictions and license terms set
forth in
the applicable Government contract, and, to the extent applicable by
the terms of the
Government contract, the additional rights set forth in FAR 52.227-19,
Commercial Computer Software
License (December 2007). Oracle America, Inc., 500 Oracle Parkway,
Redwood City, CA
94065.</p>
<p>Ce logiciel ou mat&eacute;riel a &eacute;t&eacute;
d&eacute;velopp&eacute; pour un usage g&eacute;n&eacute;ral dans le
cadre d&#8217;applications de gestion des informations. Ce logiciel ou
mat&eacute;riel n&#8217;est pas con&ccedil;u ni
n&#8217;est destin&eacute; &agrave; &ecirc;tre utilis&eacute; dans des
applications &agrave; risque, notamment dans des applications
pouvant causer des dommages corporels. Si vous utilisez ce logiciel ou
mat&eacute;riel dans
le cadre d&#8217;applications dangereuses, il est de votre
responsabilit&eacute; de prendre toutes les mesures
de secours, de sauvegarde, de redondance et autres mesures
n&eacute;cessaires &agrave; son utilisation
dans des conditions optimales de s&eacute;curit&eacute;. Oracle
Corporation et ses affili&eacute;s d&eacute;clinent toute
responsabilit&eacute;
quant aux dommages caus&eacute;s par l&#8217;utilisation de ce logiciel ou
mat&eacute;riel pour ce type
d&#8217;applications.</p>
<p>Oracle et Java sont des marques d&eacute;pos&eacute;es d&#8217;Oracle
Corporation et/ou de ses affili&eacute;s.Tout
autre nom mentionn&eacute; peut correspondre &agrave; des marques
appartenant &agrave; d&#8217;autres propri&eacute;taires qu&#8217;Oracle.</p>
<p>AMD, Opteron,
le logo AMD et le logo AMD Opteron sont des marques ou des
marques d&eacute;pos&eacute;es d&#8217;Advanced Micro Devices. Intel et Intel
Xeon sont des marques ou
des marques d&eacute;pos&eacute;es d&#8217;Intel Corporation. Toutes les
marques SPARC sont utilis&eacute;es sous licence et
sont des marques ou des marques d&eacute;pos&eacute;es de SPARC
International, Inc. UNIX est une
marque d&eacute;pos&eacute;e conc&eacute;d&eacute;e sous licence par
X/Open Company, Ltd.</p>
<p>Ce logiciel ou mat&eacute;riel et
la documentation qui l&#8217;accompagne peuvent fournir des informations ou
des liens donnant acc&egrave;s &agrave;
des contenus, des produits et des services &eacute;manant de tiers.
Oracle Corporation et
ses affili&eacute;s d&eacute;clinent toute responsabilit&eacute; ou
garantie expresse quant aux contenus, produits ou services
&eacute;manant de tiers. En aucun cas, Oracle Corporation et ses
affili&eacute;s ne sauraient
&ecirc;tre tenus pour responsables des pertes subies, des co&ucirc;ts
occasionn&eacute;s ou des dommages caus&eacute;s
par l&#8217;acc&egrave;s &agrave; des contenus, produits ou services tiers,
ou &agrave; leur utilisation.<br>
</p>
<p class="Paragraph-Credits"></p>
</div>
</body>
</html>
sdks/jc304_kit/RELEASENOTES-CL.html 0 → 100644
View file @ 75d64299
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv="CONTENT-TYPE"
content="text/html; charset=windows-1252">
<title>Release Notes - Classic Edition Development Kit, Java Card
Platform, Version 3.0.4</title>
<meta name="GENERATOR" content="OpenOffice.org 3.1 (Win32)">
<meta name="CREATED" content="0;0">
<meta name="CHANGEDBY" content="Saqib Ahmad">
<meta name="CHANGED" content="20110526;16055800">
<!-- Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms. -->
<meta http-equiv="Content-Language" content="en-US">
<style type="text/css">
<!--
TD P { color: #000000; font-family: "Arial", "Helvetica", "FreeSans", "Luxi-sans", "Nimbus Sans L", sans-serif; font-size: 10pt }
P { color: #000000; font-family: "Arial", "Helvetica", "FreeSans", "Luxi-sans", "Nimbus Sans L", sans-serif; font-size: 10pt }
H4 { color: #000000 }
P.navtop { font-family: "Arial", "Helvetica", "FreeSans", "Luxi-sans", "Nimbus Sans L", sans-serif; font-size: 10pt }
H2 { color: #000000 }
H3 { color: #000000 }
H2.doctitle { color: #7f7f7f; font-family: "Univers LT Std", "Univers", "Arial", "Helvetica", sans-serif; text-align: left; text-decoration: none }
H3.subtitle { color: #7f7f7f; font-family: "Univers LT Std", "Univers", "Arial", "Helvetica", sans-serif; text-align: left; text-decoration: none }
H4.titledate { color: #7f7f7f; font-family: "Univers LT Std", "Univers", "Arial", "Helvetica", sans-serif; text-align: left; text-decoration: none }
BLOCKQUOTE { color: #000000; font-family: "Arial", "Helvetica", "FreeSans", "Luxi-sans", "Nimbus Sans L", sans-serif; font-size: 10pt }
TH P { color: #000000; font-family: "Arial", "Helvetica", "FreeSans", "Luxi-sans", "Nimbus Sans L", sans-serif; font-size: 10pt }
A:link { color: #666666; text-decoration: none }
CODE { color: #000000; font-family: "Monaco", "Courier", "Courier New" }
A:visited { color: #666666 }
-->
</style>
</head>
<body dir="LTR" vlink="#666666" bgcolor="#ffffff" lang="en-US"
link="#666666" text="#000000">
<table style="page-break-before: always;" width="100%" cellpadding="2"
cellspacing="2">
<tbody>
<tr>
<td>
<h2 class="doctitle"><a name="c1"></a><a name="c2"></a>Release
Notes</h2>
</td>
<th>
<div style="text-align: right;"> </div>
<p style="text-align: right;"><font color="#666666"><a
href="http://www.oracle.com/"><font color="#666666"><img
src="shared/smallOracleLogo.gif" name="graphics1" alt="Oracle logo"
width="133" align="BOTTOM" border="1" height="18"></font></a></font></p>
</th>
</tr>
</tbody>
</table>
<hr>
<table width="100%" cellpadding="2" cellspacing="2">
<tbody>
<tr valign="TOP">
<td>
<h2 class="doctitle"><a name="c5"></a><a name="c4"></a>Development
Kit
for
the
Java
Card
3
Platform</h2>
</td>
<th rowspan="3">
<p><a name="c3"></a><img src="shared/Java_clr_hori_interval.gif"
name="graphics2" alt="Java coffee cup logo" width="100" align="BOTTOM"
border="0" height="80"></p>
</th>
</tr>
<tr valign="TOP">
<td>
<h3 class="subtitle">Version 3.0.4, Classic Edition<br>
</h3>
</td>
</tr>
<tr valign="TOP">
<td>
<h4 class="titledate">September 2011</h4>
</td>
</tr>
</tbody>
</table>
<p class="navtop"><a name="top"></a><a href="#_maincontent">Skip
TOC&nbsp;</a><font color="#666666"><a href="#_maincontent"><font
color="#666666"><img src="shared/downicon.gif" name="graphics3"
alt="skip TOC" width="9" align="BOTTOM" border="1" height="9"></font></a></font></p>
<h2>Table of Contents</h2>
<p><a href="#Overview">1. Overview</a></p>
<p><a href="#Prerequisites">2. Prerequisites</a></p>
<p><a href="#Install">3. Installation Instructions</a></p>
<p><a href="#Using">4. Setting System Variables and Paths</a></p>
<p><a href="#config-jcre_samples">5. Configuring the Java Card RE for
the Samples</a></p>
<p><a href="#Netbeans">6. Development and Debugging with the NetBeans
IDE </a>
</p>
<p><a href="#Feedback">7. Product Information</a></p>
<h2><a name="top1"></a><a name="Overview"></a>1. Overview</h2>
<p>These release notes describe the development kit for the Java Card
3 Platform, Version 3.0.4, Classic Edition. This
version of the Classic Edition development kit is a maintenance
release and includes bug fixes. It also contains a string annotation
tool and string support as specified in Version 3.0.4 of the Java
Card API specification, Classic Edition. This release does not
include the Connected Edition.
</p>
<p>Java Card technology combines a subset of the Java programming
language with a runtime environment optimized for smart cards and
similar small-memory embedded devices. The goal of Java Card
technology is to bring many of the benefits of the Java programming
language to the resource-constrained world of smart cards. The Java
Card API is compatible with international standards such as ISO 7816,
and industry-specific standards such as Europay, Master Card, and
Visa (EMV).</p>
<p>Java Card 3 Platform, Version 3.0.4, Classic Edition is the latest
evolution of Java Card technology. This development kit is based on
version 3.0.4 of the Java Card specifications, Classic Edition, which
includes the errata sheets located at
<a
href="http://www.oracle.com/technetwork/java/javacard/jc-classic-spec-errata-140181.html">http://www.oracle.com/technetwork/java/javacard/jc-classic-spec-errata-140181.html</a>.
The
Java
Card
3
platform
consists
of
<font color="#000000">versions
3.0, 3.0.1 and 3.0.4 of the specifications and versions 3.0.1, 3.0.2,
3.0.3 and 3.0.4 of</font> the development kit.</p>
<p>The Java Card 3 Platform is available in two editions, both of which
are backward compatible with previous versions and share key security
features:</p>
<ul>
<li>
<p style="margin-bottom: 0in;">Classic Edition is based on an
evolution of the Java Card Platform, Version 2.2.2, architecture. This
edition targets more resource-constrained devices than the Connected
Edition. These release notes are for the Classic Edition development
kit, Version 3.0.4 only.</p>
</li>
<li>
<p>Connected Edition contains a new architecture compared to the
Java Card technology released in version 2.2.2, which is now known as
the "Classic Edition." The Connected Edition enables the integration of
smart cards within IP networks and web services architectures. To do
so, it features a significantly enhanced runtime environment and
virtual machine (VM), and it includes new network-oriented features,
such as support for Java Servlet APIs and Java Card applets with
extended and advanced capabilities.</p>
</li>
</ul>
<p class="navtop"><a href="#top">Top&nbsp;</a><font color="#666666"><a
href="#top"><font color="#666666"><img src="shared/topicon.gif"
name="graphics4" alt="go to TOC" width="9" align="BOTTOM" border="1"
height="9"></font></a></font></p>
<h2><a name="Prerequisites"></a>2. Prerequisites</h2>
<h3>Required Operating System</h3>
<ul>
<li>
<p>This release of the development kit for the Java Card 3
Platform, Version 3.0.4, Classic Edition is targeted for use on the
Microsoft Windows XP SP3 operating system.</p>
</li>
</ul>
<h3>Required Software</h3>
<p>The following software must be installed for the Java Card
development kit to work:</p>
<ul>
<li>
<p style="margin-bottom: 0in;"><b>Java Development Kit.</b> The
commercial version of Java Development Kit (JDK™) version 6, Update 10
or later is required. You can download the supported JDK software, JDK
6 Update 10 or later, from <a
href="http://www.oracle.com/technetwork/java/javase/downloads/index.html"
target="top">http://www.oracle.com/technetwork/java/javase/downloads/index.html</a>.
</p>
</li>
<li>
<p style="margin-bottom: 0in;"><b>GCC Compiler.</b> To build the
VM, this release requires Minimal GNU for Windows (MinGW) version 5.1.4
or later. MinGW can be obtained from <a
href="http://prdownloads.sourceforge.net/mingw" target="top">http://prdownloads.sourceforge.net/mingw</a>.
For
information
on
MinGW
go
to
<a href="http://www.mingw.org/" target="top">http://www.mingw.org</a>.
</p>
</li>
<li>
<p><b>Apache Ant.</b> Apache Ant version 1.6.5 or later is
required. Latest version of Apache Ant can be obtained <a
href="http://ant.apache.org/" target="top">http://ant.apache.org</a>. </p>
</li>
</ul>
<p><b>Note: </b>Do not install any software in a directory that
contains a space in its name. For example, do not install software in
any subdirectory of <code>c:\program files</code> because of the
space in the <code>program files</code> element</p>
<p><b>Note: </b>The bundle containing the specifications must be
downloaded separately.</p>
<h3>Contents of This Release</h3>
This release contains features required to support classic Java
Card applet applications on the card. Specifically, this release
includes the following:
<ul>
<li>
<p style="margin-bottom: 0in;">Java Card runtime environment (<code>cref.exe</code>)
</p>
</li>
<li>
<p style="margin-bottom: 0in;">Uninstaller tool</p>
</li>
<li>
<p style="margin-bottom: 0in;">Normalizer tool (<font
face="monospace">normalizer.bat</font>)</p>
</li>
<li>
<p style="margin-bottom: 0in;">APDU tool (<code>apdutool.bat</code>)
</p>
</li>
<li>
<p style="margin-bottom: 0in;">capdump tool</p>
</li>
<li>
<p style="margin-bottom: 0in;">capgen tool</p>
</li>
<li>
<p style="margin-bottom: 0in;">Converter tool (<code>converter.bat</code>)
</p>
</li>
<li>
<p style="margin-bottom: 0in;">exp2text tool</p>
</li>
<li>
<p style="margin-bottom: 0in;">on-card installer </p>
</li>
<li>
<p style="margin-bottom: 0in;">maskgen tool</p>
</li>
<li>
<p style="margin-bottom: 0in;">off-card verifier tool</p>
</li>
<li>
<p style="margin-bottom: 0in;">scriptgen tool </p>
</li>
<li>
<p style="margin-bottom: 0in;">String annotation processor</p>
</li>
<li>
<p style="margin-bottom: 0in;">optional Ant tasks</p>
</li>
<li>
<p style="margin-bottom: 0in;">Sample applications </p>
</li>
<li>
<p>Classic Edition simulator for classic applet development and
debugging </p>
</li>
</ul>
<ul>
<li>(<span style="font-family: monospace;">trimmer.bat</span>) batch
file for running the trimming tool with this development kit. The
trimming tool bundle is available
separately on the Java Licensee Engineering website <br>
</li>
</ul>
<ul>
<li><i>Development Kit User's Guide, Java Card 3 Platform, Version
3.0.4,
Classic Edition</i>.</li>
</ul>
<p class="navtop"><a href="#top">Top&nbsp;</a><font color="#666666"><a
href="#top"><font color="#666666"><img src="shared/topicon.gif"
name="graphics5" alt="go to TOC" width="9" align="BOTTOM" border="1"
height="9"></font></a></font></p>
<h2><a name="Install"></a>3. Installation Instructions</h2>
<p>For a more thorough description of the installation, contents and
use of the development kit, see <i>Development User's Guide, Java
Card 3 Platform, Version 3.0.4, Classic Edition</i>.</p>
<p>An automatic installer tool can be used to unpack the download
file containing this release. During download, you can choose to let
the installer tool unpack the download file into a directory of your
choice on your system or you can save the download file itself to
your system.</p>
<p><b>Note</b>: Do not install the development kit software in any
directory that has a space in its name. For example, on a Windows
platform, do not install software in the <code>c:\program files</code>
directory, or any subdirectory of <code>c:\program files</code>,
because the <code>program files</code> element contains a space.</p>
<p><b>Note</b>: Do not install this version of the Java Card
<font color="#000000">development kit into an existing directory </font>for
an
older
version.
You
must
first
uninstall
the
previously
installed
version of the Java Card development kit prior to
installing this version into the old directory. Installing into the
same directory without first uninstalling could result in
unpredictable behavior.</p>
<p>To install the Java Card development kit and associated software,
follow these steps:</p>
<ol>
<li>
<p style="margin-bottom: 0in;"><b>Install the JDK version 6, Update
10</b> or later. This JDK is available from: <a
href="http://www.oracle.com/technetwork/java/javase/downloads/index.html"
target="top">http://www.oracle.com/technetwork/java/javase/downloads/index.html</a>.
</p>
</li>
<li>
<p style="margin-bottom: 0in;"><b>Install Apache Ant version 1.6.5
or later</b>. The latest version is available at: <a
href="http://ant.apache.org/" target="top">http://ant.apache.org/</a>.
</p>
</li>
<li>
<p style="margin-bottom: 0in;"><b>Install the GCC compiler</b>. The
compiler Minimal GNU for Windows (MinGW), version 5.1.4 is
required.&nbsp; It is available at <a
href="http://sourceforge.net/projects/mingw">http://sourceforge.net/projects/mingw</a>,
while
its
installation
information
is
at
<a href="http://www.mingw.org/">http://www.mingw.org</a>. </p>
</li>
<li>
<p style="margin-bottom: 0in;"><b>Download the Java Card
development kit</b>. Download and store the development kit Java
Archive (JAR) file in a directory of your choice. </p>
</li>
<li>
<p><b>Run the development kit installer or use the command line</b>.
Double
click
the
JAR
file
on
your
system.
<font color="#000000">If the
JDK is installed correctly, the jar file is recognized as an executable
jar and t</font>he automatic installer will launch to step you through
the remainder of the installation process. </p>
</li>
</ol>
<p style="margin-left: 0.42in;">Alternatively, you can use the command
line to unpack the JAR file using the following command:</p>
<blockquote style="margin-left: 1.2in;"><code>java -jar</code> <i>Bundle-Filename</i></blockquote>
<blockquote>Where <i>Bundle-Filename</i> is the downloaded
development kit JAR file.
</blockquote>
<p>By default, the development kit is installed in
<code>C:\JCDK3.0.4_ClassicEdition</code> and its associated
sub-directories. You can specify a different directory if you wish.
</p>
<p>The directory <code>C:\JCDK3.0.4_ClassicEdition</code> (or
the alternate directory you specify during installation) is referred
to as <code><i>JC_CLASSIC_HOME</i></code>&nbsp; in these release
notes.
When the development kit installation is complete, <code><i>JC_CLASSIC_HOME</i></code>&nbsp;
contains
the
following:</p>
<p style="margin-bottom: 0in;"><br>
</p>
<table width="100%" border="0" cellpadding="3" cellspacing="2">
<tbody>
<tr>
<td width="15%">
<p><code><i>JC_CLASSIC_HOME</i></code> </p>
</td>
<td width="85%">
<p>These release notes. <br>
Copyright files.</p>
</td>
</tr>
<tr>
<td>
<p><code>docs</code></p>
</td>
<td>
<p><code>JCDevKitUG-Classic-3_0_4-RR.pdf</code> The <i>Development
Kit
User's
Guide
for
the
Java Card Platform, Version 3.0.4, Classic
Edition</i><font color="#000000">.</font></p>
</td>
</tr>
<tr>
<td style="vertical-align: top;">
<p><code>docs\html</code></p>
</td>
<td style="vertical-align: top;">HTML version of the user guide.<br>
</td>
</tr>
<tr>
<td>
<p><code>docs\apduiolib</code></p>
</td>
<td>
<p>Javadoc tool files for use with APDU I/O described in the
user's guide.<br>
</p>
</td>
</tr>
<tr>
<td>
<p><code>docs\rmiclientlib</code></p>
</td>
<td>
<p>Javadoc tool files for use with optional RMI implementation
described in the user's guide.<br>
</p>
</td>
</tr>
<tr>
<td>
<p><code>docs\api</code></p>
</td>
<td>
<p>Javadoc tool files for the API.</p>
</td>
</tr>
<tr>
<td>
<p><code>api_export_files</code></p>
</td>
<td>
<p>Contains <font face="monospace">java</font>, <font
face="monospace">javacard</font>, and <font face="monospace">javacardx
</font>directories of API export files.</p>
</td>
</tr>
<tr>
<td>
<p><code>bin</code> </p>
</td>
<td>
<p>Development kit executable files, including the <span
style="font-family: monospace;">trimmer.bat</span> batch file for
running the trimming tool with this development kit. </p>
</td>
</tr>
<tr>
<td>
<p><code>classic_simulator</code> </p>
</td>
<td>
<p>Contains files and directory structure required to create a
classic simulator platform in NetBeans for development and debugging of
classic applications.</p>
</td>
</tr>
<tr>
<td>
<p><code>lib</code> </p>
</td>
<td>
<p>Configuration and JAR files for the API, tools.<br>
Third-party libraries. </p>
</td>
</tr>
<tr>
<td style="vertical-align: top;">
<p><code>samples\classic_applets</code> </p>
</td>
<td style="vertical-align: top;">
<p>Samples of basic classic applets, such as HelloWorld.</p>
</td>
</tr>
<tr>
<td>
<p><code>samples\reference_apps</code></p>
</td>
<td>
<p>Samples of more robust classic applets.</p>
</td>
</tr>
<tr>
<td>
<p><code>src</code> </p>
</td>
<td>
<p>Development kit source files. AVAILABLE ONLY IF YOU HAVE A
SOURCE BUNDLE.</p>
</td>
</tr>
<tr>
<td>
<p><code>Uninstaller\uninstaller.jar</code></p>
</td>
<td>
<p>Uninstalls the development kit.</p>
</td>
</tr>
<tr>
<td>
<p><code>legal</code></p>
</td>
<td>
<p>Legal files.</p>
</td>
</tr>
</tbody>
</table>
<p><br>
</p>
<p class="navtop"><a href="#top">Top&nbsp;</a><font color="#666666"><a
href="#top"><font color="#666666"><img src="shared/topicon.gif"
name="graphics6" alt="go to TOC" width="9" align="BOTTOM" border="1"
height="9"></font></a></font></p>
<h2><a name="Using"></a>4. Setting System Variables and Paths</h2>
<p>System variables and paths must be set before running the
development kit. See the <i>Development Kit User's Guide</i> for more
details on how to set them. Note that if you choose to set the
variables and paths each time you run the development kit rather than
permanently in your system, you can place the appropriate commands in
a batch file.
</p>
<ul>
<li>
<p style="margin-bottom: 0in;"><code><b>JAVA_HOME</b></code>. You
must set the <code>JAVA_HOME</code> system variable to the JDK root
directory before running the development kit </p>
<ul>
<li>
<p style="margin-bottom: 0in;">To temporarily set <code>JAVA_HOME</code>
from the command line, enter the command: <code>set JAVA_HOME=c:\</code><code><i>path</i></code>&nbsp;
before
running
the
development
kit.
For
example,
if
the Java platform
software is stored in your <code>c:\jdk6</code> directory, enter <code>set
JAVA_HOME=c:\jdk6</code> before running the development kit. </p>
</li>
</ul>
</li>
<li>
<p style="margin-bottom: 0in;"><code><b>JC_CLASSIC_HOME</b></code>.&nbsp;<font
color="#000000">You must set the&nbsp; </font><code><font
color="#000000"><font face="monospace">JC_CLASSIC_HOME</font></font></code><font
color="#000000"> system variable to the directory in which the
development kit is installed before running the development kit.&nbsp;</font>&nbsp;
</p>
<ul>
<li>
<p>To temporarily set <code>JC_CLASSIC_HOME</code> from the
command line, enter the command: <code>set JC_CLASSIC_HOME=c:\</code><code><i>path</i></code>&nbsp;
before
running
the
development
kit.
For
example,
if the Java Card
development kit is stored in your <code>c:\JCDK3.0.4_ClassicEdition</code>
directory, enter <code>set JC_CLASSIC_HOME=c:\JCDK3.0.4_ClassicEdition</code>
before
running
the
development kit.&nbsp; </p>
</li>
</ul>
</li>
</ul>
<ul>
<li>
<p style="margin-bottom: 0in;"><b>Apache Ant. </b>You must set the
<font face="monospace">ANT_HOME</font> system variable to the
Apache Ant directory before running the samples.</p>
<ul>
<li>
<p>To temporarily set <code>ANT_HOME</code> from the command
line, enter the command: <code>set PATH=c:\</code><code><i>path</i></code>&nbsp;
before
running
the
development
kit.
For
example,
if
Apache Ant is
stored in your <code>c:\ant\apache-ant1.6.5</code> directory, enter <code>set
ANT_HOME=c:\ant\apache-ant1.6.5</code> before running the development
kit. </p>
</li>
</ul>
</li>
</ul>
<ul>
<li>
<p style="margin-bottom: 0in;"><b>MinGW</b>. You must set the path
to the location of <code>MinGW </code>before running the development
kit. Note that the path has to point to the <code>\bin</code>
subdirectory of the <code>MinGW </code>installation directory where
the <code>gcc.exe</code> file is located.&nbsp; </p>
<ul>
<li>
<p>To temporarily set the path to MinGW, enter the command <code>set
PATH=c:\</code><code><i>MinGW_path</i></code><code>;%PATH%</code>. For
example, if MinGW is installed in <code>c:\MinGW</code>, enter the
command <code>set PATH=c:\MinGW\bin;%PATH%</code> before running the
development kit. </p>
</li>
</ul>
</li>
</ul>
<h2><a name="config-jcre_samples"></a><b>5. Configuring the Java Card
RE for the Samples</b></h2>
<p>Note that the Java Card RE (<font face="monospace">cref</font>)
implementation is not optimized for memory or performance and,
therefore, requires more memory than an actual optimized
implementation on a card. To run the Java Card RE, you can use the
default executable, <font face="monospace">cref.bat</font>, using the
command line as follows:</p>
<p><code><font face="monospace"><i>JC_CLASSIC_HOME</i></font></code><code><font
face="monospace">\bin\</font></code><font face="monospace">cref.bat</font></p>
<p class="navtop"><a href="#top">Top&nbsp;</a><font color="#666666"><a
href="#top"><font color="#666666"><img src="shared/topicon.gif"
name="graphics7" alt="go to TOC" width="9" align="BOTTOM" border="1"
height="9"></font></a></font></p>
<h2><a name="Netbeans"></a><b>6. Development and Debugging with
the NetBeans IDE<br>
</b></h2>
<p style="font-weight: normal;">This release of Java Card Classic
Development Kit supports development of classic applications and
libraries using NetBeans. To develop and debug classic Java Card
applications with NetBeans Java Card plug-in, please follow the
following steps:</p>
<ol>
<li>
<p style="margin-bottom: 0in; font-weight: normal;">Download
the latest version NetBeans with Java Card
technology-specific plug-in. You will find the latest version in the
NetBeans Download Center.<br>
</p>
</li>
<li>
<p style="margin-bottom: 0in;"><font color="#000000"><span
style="font-weight: normal;">In the NetBeans Services window, under
Java Card Runtimes, add a new Java Card platform using </span></font><code><font
color="#000000"><i><span style="font-weight: normal;">JC_CLASSIC_HOME/classic_simulator
</span></i></font></code><font color="#000000"><span
style="font-weight: normal;">directory as the platform directory.</span></font></p>
</li>
</ol>
<p style="margin-bottom: 0in;"><br>
</p>
<h3 style="margin-top: 0in; margin-bottom: 0in;"><b>Known Issues With
NetBeans IDE Java Card Technology Plug-in</b></h3>
<p>Following is the
list of known issues and workarounds for the Java Card plug-in in
NetBeans. For issues related to the trimming tool, see its release
notes
in the separate trimming tool download bundle.</p>
<table width="706" border="0" cellpadding="2" cellspacing="0">
<col width="78"> <col width="620"> <thead> <tr>
<td sdval="12303491" sdnum="1033;" width="78">
<p style="text-align: left;"><b>Bug Id </b> </p>
</td>
<td width="620">
<p style="text-align: left;"><b>Description</b></p>
</td>
</tr>
</thead> <tbody>
<tr>
<td sdval="12302880" sdnum="1033;" width="78">200983 </td>
<td width="620">The classic simulator bundled in the Java Card
v3.0.4 BETA development kit does not work when the development kit is
installed in a relatively deeper directory layer </td>
</tr>
</tbody>
</table>
<p class="navtop"><a href="#top">Top&nbsp;</a><font color="#666666"><a
href="#top"><font color="#666666"><img src="shared/topicon.gif"
name="graphics8" alt="go to TOC" width="9" align="BOTTOM" border="1"
height="9"></font></a></font></p>
<h2><a name="Feedback"></a><b>7. Product Information</b></h2>
<p>The public Java Card technology web site is
<a href="http://www.oracle.com/technetwork/java/javacard">http://www.oracle.com/technetwork/java/javacard</a>.
The
developer
collaboration
web
site
also
contains
information
about
Java
Card technology at
<a href="http://kenai.com/projects/javacard/pages/HOME">http://kenai.com/projects/javacard/pages/HOME</a>.</p>
<p>If you are a Licensee, visit the product web site at
<a
href="https://java-partner.sun.com/portal/service/ent/platform/javacardgroup"
target="top">https://java-partner.sun.com/portal/service/ent/platform/javacardgroup</a>
This site has the most up-to-date information on the following:
</p>
<ul>
<li>
<p style="margin-bottom: 0in;">Product news and reviews </p>
</li>
<li>
<p style="margin-bottom: 0in;">Release notes and product
documentation </p>
</li>
<li>
<p>Technical support contact information </p>
</li>
</ul>
<p>We greatly appreciate your feedback on this reference
Implementation.&nbsp;</p>
<p class="navtop"><a href="#top">Top&nbsp;</a><font color="#666666"><a
href="#top"><font color="#666666"><img src="shared/topicon.gif"
name="graphics9" alt="go to TOC" width="9" align="BOTTOM" border="1"
height="9"></font></a></font></p>
<hr>
<p><a href="COPYRIGHT.html">Copyright</a> © 1998, 2011, Oracle
and/or its affiliates. All rights reserved.<br>
</p>
</body>
</html>
sdks/jc304_kit/bin/apdutool.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute apdutool's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.apdutool.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/capdump.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute capdump's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.capdump.CapDump %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/capgen.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute capgen's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.jcasm.cap.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/converter.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute converter's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.converter.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/cref.bat 0 → 100644
View file @ 75d64299
@echo off
rem
rem in Java Card 2 there was only cref.exe, but now we provide cref_t0.exe,
rem cref_t1.exe, and cref_tdual.exe.
rem
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem this batch file is provided as a easy way to call the new .exe's.
rem
rem "cref.bat args" will call "cref_tdual.exe args"
rem
rem "cref.bat -t0 args" will call "cref_t0.exe args"
rem "cref.bat -t1 args" will call "cref_t1.exe args"
rem "cref.bat -tdual args" will call "cref_tdual.exe args"
rem
setlocal
set list=
set target=cref_tdual
:loop
if "%1"=="" goto done
if "%1"=="-t0" (
set target=cref_t0
shift
goto loop
)
if "%1"=="-t1" (
set target=cref_t1
shift
goto loop
)
if "%1"=="-tdual" (
set target=cref_tdual
shift
goto loop
)
set list=%list% %1
shift
goto loop
:done
call %JC_CLASSIC_HOME%\bin\%target%.exe %list%
endlocal
\ No newline at end of file
sdks/jc304_kit/bin/exp2text.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute exp2text's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.converter.Exp2Text %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/normalizer.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute normalizer's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.normalizer.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/packager.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute packager's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.packager.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/scriptgen.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute scriptgen's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.scriptgen.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/trimmer.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_TRIMMER_HOME=%~dp0
set JC_TRIMMING_TOOL_CRYPTO_VERBOSE=false
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem Print warning if no JC_CLASSIC_HOME set
if not defined JC_CLASSIC_HOME goto nojcclassichome
rem Print warning if no ANT_HOME set
if not defined ANT_HOME goto noanthome
echo %JC_TRIMMER_HOME%
rem set classpath to all jars
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\Trimmer.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\commons-cli-1.0.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\commons-codec-1.3.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\commons-httpclient-3.0.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\commons-logging-1.1.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\velocity-1.4.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\velocity-dep-1.4.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\bcel-5.2.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\help.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_TRIMMER_HOME%\lib\jhall.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH="%JC_CLASSIC_HOME%"\lib\tools.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH="%ANT_HOME%"\lib\ant.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH="%ANT_HOME%"\lib\ant-nodeps.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH="%ANT_HOME%"\lib\ant-launcher.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH="%JAVA_HOME%"\lib\tools.jar;%JCT_CLASSPATH%
set JCT_CLASSPATH=%JC_CLASSIC_HOME%\lib\JCBytecodeProfiler.jar;%JCT_CLASSPATH%
rem execute Timming Tool's Main class
"%JAVA_HOME%\bin\java" -Dtrimmer.home=%JC_TRIMMER_HOME% -classpath %JCT_CLASSPATH% com.sun.jctrimmer.ui.MainTree %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
goto done
:nojcclassichome
echo JC_CLASSIC_HOME is not set - please set it to point to Java Card Classic Edition 3.0.3 SDK
goto done
:noanthome
echo ANT_HOME is not set - please set it to point to apache ant 1.6.5 or higher
goto done
:done
endlocal
sdks/jc304_kit/bin/verifycap.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute verifycap's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.offcardverifier.Verifier %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/verifyexp.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute verifyexp's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.offcardverifier.VerifyExp %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/bin/verifyrev.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute verifyrev's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CLASSIC_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.offcardverifier.VerifyRev %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc304_kit/classic_simulator/bin/apdutool.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CONNECTED_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\romizer.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api_connected.jar;%JC_CLASSPATH%
rem execute apdutool's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CONNECTED_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.apdutool.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
sdks/jc304_kit/classic_simulator/bin/converter.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CONNECTED_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\romizer.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api_connected.jar;%JC_CLASSPATH%
rem execute converter's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CONNECTED_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.converter.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
sdks/jc304_kit/classic_simulator/bin/debugproxy.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CONNECTED_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\romizer.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api_connected.jar;%JC_CLASSPATH%
rem execute debugproxy's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CONNECTED_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.debugproxy.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
sdks/jc304_kit/classic_simulator/bin/installer.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CONNECTED_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\romizer.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api_connected.jar;%JC_CLASSPATH%
rem execute installer's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CONNECTED_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.offcardinstaller.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
sdks/jc304_kit/classic_simulator/bin/javacardc.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
echo Java Card 3.0.2 Compiler
set JC_CONNECTED_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
"%JAVA_HOME%\bin\javac" -processorpath %JC_CONNECTED_HOME%\lib\jcapt.jar -processor com.sun.javacard.apt.JCAnnotationProcessor -Amode=connected %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
\ No newline at end of file
sdks/jc304_kit/classic_simulator/bin/normalizer.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CONNECTED_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\romizer.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api_connected.jar;%JC_CLASSPATH%
rem execute normalizer's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CONNECTED_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.normalizer.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
sdks/jc304_kit/classic_simulator/bin/packager.bat 0 → 100644
View file @ 75d64299
@echo off
setlocal
set JC_CONNECTED_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\romizer.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CONNECTED_HOME%\lib\api_connected.jar;%JC_CLASSPATH%
rem execute packager's Main class
"%JAVA_HOME%\bin\java" -Djc.home=%JC_CONNECTED_HOME% -classpath %JC_CLASSPATH% com.sun.javacard.packager.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set - please set it to point to JDK 1.6
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
sdks/jc304_kit/classic_simulator/lib/config.properties 0 → 100644
View file @ 75d64299
#
# Copyright (c) 2009 Sun Microsystems, Inc.
# All rights reserved.
# Use is subject to license terms.
#
# RI Specific tunable parameters
# Visible from com.sun.javacard.Configuration.getProperty(key)
#
# Note: There must be a blank line at end of the file,
# or
# keep a comment line at the end.
# **** The last line is ignored. ****
#
# Index based properties starts with index 0. Properties are read from 0 until the sequence is broken.
# For example if the property names are like
# myproperty.0, mypropert.1, myproperty.3, then the myproperty.3 is not read because the sequence is broken at .2
#
# These Properties are visible from JCRuntime.getConfigProperty()
#
#
#----//// Some RI level properties \\\\----#
system.i18n.lang: en
system.i18n.encoding: ISO8859_1
javacard.io.socket.buffersize: 256
#com.sun.javacard.io.http.proxy: webcache:8080
#com.sun.javacard.io.http.force_non_persistent: false
#com.sun.javacard.io.http.persistent_connection_linger_time: 60000
#com.sun.javacard.io.http.inputBufferSize: 256
#com.sun.javacard.io.http.outputBufferSize: 2048
#com.sun.javacard.io.http.max_persistent_connections: 4
#----//// [End] Some RI level properties \\\\----#
#
#----//// Platform Policy Default Protection Domains Configuration \\\\----#
#format of each line
# <classname><space><each argument in double quotes seperated by , as if like calling a method>
# Example: MyPermission "arg1", "arg2", "arg3"
#
# Note: There is no error checking. If there is some problem while parsing the string,
# either it will be ignored or may have wrong values for the arguments.
#---- Web Domain ----
webDomain.include.0=javacardx.spi.framework.JCREPermission "callPermJCREEPO.EXTENDED"
webDomain.include.1=javacardx.spi.framework.JCREPermission "callPermJCREEPO.CLASSIC"
webDomain.include.2=javacardx.facilities.EventRegistryPermission "event:///~/*", "notify,register,unregister"
webDomain.include.3=javacardx.facilities.EventRegistryPermission "event:///platform/*", "register,unregister"
webDomain.include.4=javacardx.facilities.EventRegistryPermission "event:///standard/*", "register,unregister"
webDomain.include.5=javacardx.facilities.ServiceRegistryPermission "sio:///~/*", "lookup,register,unregister"
webDomain.include.6=javacardx.facilities.ServiceRegistryPermission "sio:///standard/auth/*", "lookup"
webDomain.include.7=javacardx.facilities.TaskRegistryPermission "task.*"
webDomain.include.8=javacardx.framework.ContextPermission "sio:///standard/auth/*", "switch,transfer"
webDomain.include.9=javacardx.framework.JCRuntimePermission "credentialManager.*"
webDomain.include.10=javacardx.framework.JCRuntimePermission "thread.*"
webDomain.include.11=javacardx.io.ConnectorPermission "file:///~/*", "read"
#webDomain.include.12=javacardx.io.ConnectorPermission file:///~/docroot/tmp write
#---- Extended Domain ----
extendedDomain.include.0=javacardx.spi.framework.JCREPermission "callPermJCREEPO.EXTENDED"
extendedDomain.include.1=javacardx.spi.framework.JCREPermission "callPermJCREEPO.CLASSIC"
extendedDomain.include.2=javacardx.spi.framework.JCREPermission "callTempJCREEPO.CLASSIC"
extendedDomain.include.3=javacardx.facilities.EventRegistryPermission "event://aid/~/*", "notify,register,unregister"
extendedDomain.include.4=javacardx.facilities.EventRegistryPermission "event:///platform/*", "register,unregister"
extendedDomain.include.5=javacardx.facilities.EventRegistryPermission "event:///standard/*", "register,unregister"
extendedDomain.include.6=javacardx.facilities.ServiceRegistryPermission "sio://aid/~/*", "lookup,register,unregister"
extendedDomain.include.7=javacardx.facilities.ServiceRegistryPermission "sio:///standard/auth/*", "lookup"
extendedDomain.include.8=javacardx.facilities.TaskRegistryPermission "task.*"
extendedDomain.include.9=javacardx.framework.ContextPermission "sio:///standard/auth/*", "switch,transfer"
extendedDomain.include.10=javacardx.framework.JCRuntimePermission "thread.*"
extendedDomain.include.11=javacardx.framework.JCRuntimePermission "credentialManager.*"
extendedDomain.include.12=javacardx.io.ConnectorPermission "file://aid/~/*", "read"
#---- Classic Domain ----
classicDomain.include.0=javacardx.spi.framework.JCREPermission "callPermJCREEPO.CLASSIC"
classicDomain.include.1=javacardx.spi.framework.JCREPermission "callTempJCREEPO.CLASSIC"
#---- CardManagement Domain ----
cmDomain.include.0=javacardx.spi.cardmgmt.CardManagementPermission "credentialManager.*"
cmDomain.include.1=javacardx.spi.framework.JCREPermission "callPermJCREEPO.EXTENDED"
cmDomain.include.2=javacardx.spi.framework.JCREPermission "callPermJCREEPO.CLASSIC"
cmDomain.include.3=javacardx.spi.framework.JCREPermission "callTempJCREEPO.CLASSIC"
cmDomain.include.4=javacardx.facilities.EventRegistryPermission "event://*/~/*", "notify,register,unregister"
cmDomain.include.5=javacardx.facilities.EventRegistryPermission "event://*/platform/*", "register,unregister"
cmDomain.include.6=javacardx.facilities.EventRegistryPermission "event://*/standard/*", "notify,register,unregister"
cmDomain.include.7=javacardx.facilities.ServiceRegistryPermission "sio://*/~/*", "lookup,register,unregister"
cmDomain.include.8=javacardx.facilities.ServiceRegistryPermission "sio://*/standard/auth/*", "register,unregister,lookup"
cmDomain.include.9=javacardx.facilities.TaskRegistryPermission "task.*"
cmDomain.include.10=javacardx.framework.ContextPermission "sio://*/standard/auth/*", "switch,transfer"
cmDomain.include.11=javacardx.framework.JCRuntimePermission "credentialManager.*"
cmDomain.include.12=javacardx.framework.JCRuntimePermission "thread.*"
cmDomain.include.13=javacardx.io.ConnectorPermission "file://*/~/", "read"
cmDomain.include.14=javacardx.spi.cardmgmt.CardManagementPermission "deploymentUnit.*"
cmDomain.include.15=javacardx.spi.cardmgmt.CardManagementPermission "application.*"
cmDomain.include.16=javacardx.spi.cardmgmt.CardManagementPermission "protectionDomain.*"
cmDomain.include.17=javacardx.spi.framework.JCREPermission "callPermJCREEPO.CARDMGMT"
#----//// [End] Platform Policy Default Protection Domains Configuration \\\\----#
#
#----//// Custom Protection Domains \\\\----#
# This is RI specific mechanism to assign a protection domain for an application.
# <JC_CONNECTED_HOME>/samples/keystore folder contains some keystore files. These protection domains are associated with
# each of those files. The BASE-64 encoded certificate is associated with each protection domain.
# Depending on the keystore file used to sign the application, corresponding protection domain is associated to that application.
# This is a way to add more permissions to default platform policy for application type by adding more include/exclude prmissions.
#
# <JC_CONNECTED_HOME>/samples/keystore/a.keystore
pd.0.certificate=MIIB8TCCAVqgAwIBAgIER+0X/zANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJVUzELMAkGA1UEChMCUkkxFTATBgNVBAsTDEhvd1RvU2FtcGxlczEKMAgGA1UEAxMBQTAeFw0wODAzMjgxNjA4MzFaFw0wODA2MjYxNjA4MzFaMD0xCzAJBgNVBAYTAlVTMQswCQYDVQQKEwJSSTEVMBMGA1UECxMMSG93VG9TYW1wbGVzMQowCAYDVQQDEwFBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCTIYVeLV+oyViuf8WOPQeo9AaydiuO5tWzHarb3ol3tY1o0xuooC9MpJEYyDTFBJ9YH9oNtemDU0YxswNtVbJropvwO9lVChn3OvXNfoFEYw8aeVl3pFHrAf4T+EL61Ybgi8PqW0OO/fEf6gkvbJkxy5S421gOrK191pIRTmyr5QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAD0ufB/7/hgx0Zp/T5kjuaWEc6hXB4wlRnXzfwjysvx8K2z2aSVGO5ZbJL8qCh3PQmZZZlpVTbxey/jijwylFiBT3rTonjdKFpv3pypt+3teXvvSfApnUrA7PlgPBgfkWR/UgzN9N6huOWNfJkkWuCsRhq47PpxYfdh1LeyLjuNR
pd.0.name=0
pd.0.include.0=javacardx.facilities.ServiceRegistryPermission "sio:///*", "register,unregister,lookup"
pd.0.include.1=javacardx.facilities.EventRegistryPermission "event:///*", "register,unregister,notify"
pd.0.include.2=javacardx.security.CryptoServicePermission "*"
pd.0.include.3=javacardx.framework.ContextPermission "/*", "transfer,switch"
pd.0.include.4=javacardx.facilities.EventRegistryPermission "event://aid/*", "notify,register,unregister"
pd.0.include.5=javacardx.facilities.ServiceRegistryPermission "sio://aid/*", "lookup,register,unregister"
pd.0.include.6=javacardx.framework.ContextPermission "pd:1", "transfer,switch"
#added for file system
pd.0.include.7=javacardx.io.ConnectorPermission "file:///~/*", "write"
pd.0.include.8=javacardx.io.ConnectorPermission "file://aid/~/*", "write"
pd.0.include.9=javacardx.io.ConnectorPermission "socket://*/*", "connect,listen,accept,read,write"
# <JC_CONNECTED_HOME>/samples/keystore/b.keystore
pd.1.certificate=MIIB8TCCAVqgAwIBAgIER+0v9jANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJVUzELMAkGA1UEChMCUkkxFTATBgNVBAsTDEhvd1RvU2FtcGxlczEKMAgGA1UEAxMBQjAeFw0wODAzMjgxNzUwNDZaFw0wODA2MjYxNzUwNDZaMD0xCzAJBgNVBAYTAlVTMQswCQYDVQQKEwJSSTEVMBMGA1UECxMMSG93VG9TYW1wbGVzMQowCAYDVQQDEwFCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAwAK5KOHPZ9tPMW1fhI7ZMbf/8oKWPaXA4jysLBJZRujb9MHb4k8sXRryU+poaR2WfiWiEaf1e++Vg9WqiIZK/nWvkJM+RvLDjp/uXq771AreLeB6UCfCpyKuYkeNufSyBQb8y2Mw4ZaNimQuSou9N0z+cufwq32q4FklvezVZQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAG95Tg9tOrrQSOvxENy1dbHDueUam9wZ19a3torZNng5RG77048lj4V4VA+lMjFcw8dzB3KnPjePhUj3w/tBTNzXH/0lZ8K9MSxlXOVxF7/KcBEV3DluHS986um5LIEwcFqVgFf+Vg3jBMV3SE77tNAFVSmzhHETqIyLVr8sBV9P
pd.1.name=1
pd.1.include.0=javacardx.facilities.ServiceRegistryPermission "sio:///standard/auth/holder/global/foo/pin", "register,unregister"
pd.1.include.1=javacardx.framework.ContextPermission "pd:2", "transfer,switch"
pd.1.include.2=javacardx.facilities.ServiceRegistryPermission "sio:///*", "register,unregister,lookup"
#added for file system
pd.1.include.3=javacardx.io.ConnectorPermission "file:///~/*", "write"
# <JC_CONNECTED_HOME>/samples/keystore/c.keystore
pd.2.certificate=MIIB8TCCAVqgAwIBAgIER+0pITANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJVUzELMAkGA1UEChMCUkkxFTATBgNVBAsTDEhvd1RvU2FtcGxlczEKMAgGA1UEAxMBQzAeFw0wODAzMjgxNzIxMzdaFw0wODA2MjYxNzIxMzdaMD0xCzAJBgNVBAYTAlVTMQswCQYDVQQKEwJSSTEVMBMGA1UECxMMSG93VG9TYW1wbGVzMQowCAYDVQQDEwFDMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOkTtscaWeOTYVNormIhM5cS2ky/6U1gqU6mhuje6YaRxdIi35XfJozK4ydmASw9YE61jHjauRthljr2rC84/fjOfgHawYK8CSIpyKQ9q4T60u+SWJHb6ekJths7/KRGfPFzRew4Wkk/fR79Y7MgxkHkWar3iEvWaNkEgjWeognwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFNEh6+6pfInBfozlHtK7TSuH1yEeDEcx/VKIHUNOmquobtckVLl6i1iMTT694w2pEeY7zMX4o53/TFJAWruyQFnil3XfS/Culz77gVJhT8w4xpdiVA/Grv8+zKMFqc45KsNjdYqk5sZW161Bate2sSQWzt4MGKqWMLGENmPWi5m
pd.2.name=2
pd.2.include.0=javacardx.facilities.TaskRegistryPermission "task.*"
pd.2.include.1=javacardx.framework.ContextPermission "pd:0", "transfer,switch"
pd.2.include.2=javacardx.io.ConnectorPermission "ssl://*/*", "connect,listen,accept,read,write"
pd.2.include.3=javacardx.io.ConnectorPermission "http://*/*", "connect,listen,accept,read,write"
pd.2.include.4=javacardx.io.ConnectorPermission "https://*/*", "connect,listen,accept,read,write"
pd.2.include.5=javacardx.io.ConnectorPermission "file://*/*", "connect,listen,accept,read,write"
pd.2.include.6=javacardx.io.ConnectorPermission "socket://*/*", "connect,listen,accept,read,write"
pd.2.include.7=javacardx.facilities.ServiceRegistryPermission "sio:///*", "register,unregister,lookup"
pd.2.include.8=javacardx.facilities.EventRegistryPermission "event:///*", "register,unregister,notify"
pd.2.include.9=javacardx.framework.JCRuntimePermission "credentialManager.*"
pd.2.include.10=javacardx.framework.JCRuntimePermission "thread.*"
pd.2.include.11=javacardx.security.CryptoServicePermission "*"
#----//// [End] Custom Protection Domains \\\\----#
#
#----//// Authenticators Configuration \\\\----#
# Configure authenticators used by RI
#
authenticator.0.uri: sio:///standard/auth/holder/session/admin/pin
authenticator.0.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory
authenticator.0.pin: 1234
authenticator.0.digest: false
#
authenticator.1.uri: sio:///standard/auth/user/session/admin/pin
authenticator.1.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory
authenticator.1.pin: 1234
authenticator.1.digest: false
#
authenticator.2.uri: sio:///standard/auth/holder/global/owner1/pin
authenticator.2.factory: com.sun.javacard.security.PINGlobalAuthenticatorFactory
authenticator.2.pin: 1234
authenticator.2.digest: false
#
authenticator.3.uri: sio:///standard/auth/holder/global/sunny/pin
authenticator.3.factory: com.sun.javacard.security.PINGlobalAuthenticatorFactory
authenticator.3.pin: 1234
authenticator.3.digest: false
#
authenticator.4.uri: sio:///standard/auth/user/session/boss/pin
authenticator.4.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory
authenticator.4.pin: 5678
authenticator.4.digest: false
#
authenticator.5.uri: sio:///standard/auth/holder/global/admin/pin
authenticator.5.factory: com.sun.javacard.security.PINGlobalAuthenticatorFactory
authenticator.5.pin: 1234
authenticator.5.digest: false
# bio auth user
authenticator.6.uri: sio:///standard/auth/user/session/hk/bio-password
authenticator.6.factory: com.sun.javacard.security.BioSessionAuthenticatorFactory
authenticator.6.pin: testing
authenticator.6.digest: false
# transit app pos card holder
authenticator.7.uri: sio:///standard/auth/holder/session/transit/owner-pos/pin
authenticator.7.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory
authenticator.7.pin: 8888
authenticator.7.digest: false
# transit app admin card holder
authenticator.8.uri: sio:///standard/auth/holder/global/transit/owner-admin/pin
authenticator.8.factory: com.sun.javacard.security.PINGlobalAuthenticatorFactory
authenticator.8.pin: 8888
authenticator.8.digest: false
# transit app admin remote user
authenticator.9.uri: sio:///standard/auth/user/session/transit/remote-admin/pin
authenticator.9.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory
authenticator.9.pin: 8888
authenticator.9.digest: false
# transit app pos guest card holder
authenticator.10.uri: sio:///standard/auth/holder/session/transit/guest-pos/pin
authenticator.10.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory
authenticator.10.pin: 8888
authenticator.10.digest: false
# authenticators for digest authentication
authenticator.11.uri: sio:///standard/auth/holder/session/digest-admin/pin
authenticator.11.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory
authenticator.11.pin: 1234
authenticator.11.digest: true
#
authenticator.12.uri: sio:///standard/auth/user/session/digest-user/pin
authenticator.12.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory
authenticator.12.pin: 1234
authenticator.12.digest: true
#
authenticator.13.uri: sio:///standard/auth/user/session/hk/password
authenticator.13.factory: com.sun.javacard.security.PasswordSessionAuthenticatorFactory
authenticator.13.pin: testing
authenticator.13.digest: false
#----//// [End] Authenticators Configuration \\\\----#
#
#----//// Credential Manager Defaults \\\\----#
# CAs used for trust determination in the normal SSL handshake
# VeriSign Class 3 Public Primary Certification Authority - G2
ssl.trusted.ca.0=MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4XDTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg013gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSkU01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7iF6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpYoJ2daZH9
# our CA root
ssl.trusted.ca.1=MIIC+zCCAmSgAwIBAgIJANyV276phVfFMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRUwEwYDVQQKEwxIb3dUb1NhbXBsZXMxCzAJBgNVBAsTAlJJMRUwEwYDVQQDEwxIb3dUb1NhbXBsZXMwHhcNMDgwMzI3MjEwNTIyWhcNMTgwMzI1MjEwNTIyWjBdMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEVMBMGA1UEChMMSG93VG9TYW1wbGVzMQswCQYDVQQLEwJSSTEVMBMGA1UEAxMMSG93VG9TYW1wbGVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiEg6Q/1H7z6Flu4vX8G20cgIhKNJfhzKGy6fFnNNyFSfhjcxnseJ1m2s+zdjN8FutwmqpYR0+4+impMMufj3NAP945jGiXTI7BS4TB7a3xsv8ZCn5PJI8cv7hxU5/+jqOfHEnbatfI7KEt69Dhi0XCTE9TaLCUE0tuhJq0JV35wIDAQABo4HCMIG/MB0GA1UdDgQWBBQwHYyR3nNaJME5E3MDhOUQzEFJ0TCBjwYDVR0jBIGHMIGEgBQwHYyR3nNaJME5E3MDhOUQzEFJ0aFhpF8wXTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxFTATBgNVBAoTDEhvd1RvU2FtcGxlczELMAkGA1UECxMCUkkxFTATBgNVBAMTDEhvd1RvU2FtcGxlc4IJANyV276phVfFMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAqjE2QvQT3CNRQic326c4tdEMl4+Ik4joCoutPD218n9O3RthgMXFGiKZ6gkVqqNaNZ47W+Wnam/QBLZMDK1MImVGIBPPOYtqP9XOnyGxQ8f6Eq0AgHby9Dal+158WwCyOgXwGet/FnfKhcjp4mhU2Xb1qEvPCaJX7KPuhSNhIs8=
# accepted certificate issuers (used in client authentication)
ssl.accepted.issuer.0=MIIC+zCCAmSgAwIBAgIJANyV276phVfFMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRUwEwYDVQQKEwxIb3dUb1NhbXBsZXMxCzAJBgNVBAsTAlJJMRUwEwYDVQQDEwxIb3dUb1NhbXBsZXMwHhcNMDgwMzI3MjEwNTIyWhcNMTgwMzI1MjEwNTIyWjBdMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTEVMBMGA1UEChMMSG93VG9TYW1wbGVzMQswCQYDVQQLEwJSSTEVMBMGA1UEAxMMSG93VG9TYW1wbGVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiEg6Q/1H7z6Flu4vX8G20cgIhKNJfhzKGy6fFnNNyFSfhjcxnseJ1m2s+zdjN8FutwmqpYR0+4+impMMufj3NAP945jGiXTI7BS4TB7a3xsv8ZCn5PJI8cv7hxU5/+jqOfHEnbatfI7KEt69Dhi0XCTE9TaLCUE0tuhJq0JV35wIDAQABo4HCMIG/MB0GA1UdDgQWBBQwHYyR3nNaJME5E3MDhOUQzEFJ0TCBjwYDVR0jBIGHMIGEgBQwHYyR3nNaJME5E3MDhOUQzEFJ0aFhpF8wXTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxFTATBgNVBAoTDEhvd1RvU2FtcGxlczELMAkGA1UECxMCUkkxFTATBgNVBAMTDEhvd1RvU2FtcGxlc4IJANyV276phVfFMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAqjE2QvQT3CNRQic326c4tdEMl4+Ik4joCoutPD218n9O3RthgMXFGiKZ6gkVqqNaNZ47W+Wnam/QBLZMDK1MImVGIBPPOYtqP9XOnyGxQ8f6Eq0AgHby9Dal+158WwCyOgXwGet/FnfKhcjp4mhU2Xb1qEvPCaJX7KPuhSNhIs8=
# Certificate sent by cjcre when acting as HTTPS server. (signed by our CA root)
ssl.selfIdentityAsServer=MIICJTCCAY4CAQkwDQYJKoZIhvcNAQEEBQAwXTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUtU3RhdGUxFTATBgNVBAoTDEhvd1RvU2FtcGxlczELMAkGA1UECxMCUkkxFTATBgNVBAMTDEhvd1RvU2FtcGxlczAeFw0xMDAzMjUyMDQ2MjhaFw0xMTAzMjUyMDQ2MjhaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8iU6cOGSsn75Pqh7gJu1CbMX6/LKKRoruEtS+ivq0+QzDQjjOo9lKfy3HbSWcLoEkZMfQbd1Xlr/aBtNu+p2Gc4O/ORrX4wK/7PikQRDxbWWUIEpRC8eXvg/wZG6sEVt+o0BCxmkXUAo89v/j0urGjA/fkSbe6s3etrPjkT55HcCAwEAATANBgkqhkiG9w0BAQQFAAOBgQCallptZqbrBfiC6azWRhZsd1d/zF3ODV4gTLvRZcvFhRUxMUAVU5eiieWPXHWrabJI/HyNg30aMtPuyIoNRVnH+oqqMubJVFR31D03UJlRs6Hjxi4VCUNeHfNgPWNFhToklNY+Laj0zgR9xeSHMG9ke3zzF0B1gV3HiUBsuECOcA==
# private key for ssl.selfIdentityAsServer
ssl.selfIdentitySSLPrivateKeyExp=sxNLI/3+clkq1Obe5x7ABRtYnpsgXMNI//NcuzzNXsTN6F7hRQaVJzcI6UQLWfSHum0WWZBmkVA0wHYox8c+bKjELIlCv2n9x/gZJ+FgF+Z3wQbWnlYts0ECrtJxFNVkugT2e80h2FFYRGClkesMLFMBfF9tMqJw9hD0iPLPJoE=
ssl.selfIdentitySSLPrivateKeyMod=8iU6cOGSsn75Pqh7gJu1CbMX6/LKKRoruEtS+ivq0+QzDQjjOo9lKfy3HbSWcLoEkZMfQbd1Xlr/aBtNu+p2Gc4O/ORrX4wK/7PikQRDxbWWUIEpRC8eXvg/wZG6sEVt+o0BCxmkXUAo89v/j0urGjA/fkSbe6s3etrPjkT55Hc=
# PSK Identity Hint
PSKIdentityHint=X509
#----//// [End] Credential Manager Defaults \\\\----#
#
#----//// Crypto Providers \\\\----#
# classes are expected to be ROMized.
# Only the listed CryptoProviders are registered.
# Note: The index sequence is important.
crypto.provider.0=com.sun.javacard.crypto.SunProvider
#cryptoProvider.1=my.romized.MyProvider
#
#End of configuration
\ No newline at end of file
sdks/jc304_kit/classic_simulator/lib/logging.properties 0 → 100644
View file @ 75d64299
# Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
# Properties file which configures the operation of the JDK
# logging facility.
# The system will look for this config file, first using
# a System property specified at startup:
#
# >java -Djava.util.logging.config.file=myLoggingConfigFilePath
#
# If this property is not specified, then the config file is
# retrieved from its default location at:
#
# JDK_HOME/jre/lib/logging.properties
# Global logging properties.
# ------------------------------------------
# The set of handlers to be loaded upon startup.
# Comma-separated list of class names.
# java.util.logging.ConsoleHandler
handlers=com.sun.javacard.tools.util.JCConsoleHandler, java.util.logging.FileHandler
# Default global logging level.
# Loggers and Handlers may override this level
.level=ALL
# Loggers
# ------------------------------------------
# Loggers are usually attached to packages.
# Here, the level for each package is specified.
# The global level is used by default, so levels
# specified here simply act as an override.
#com.sun.javacard.offcardinstaller=ALL
# Handlers
# -----------------------------------------
com.sun.javacard.tools.util.JCConsoleHandler.level=ALL
com.sun.javacard.tools.util.JCConsoleHandler.formatter=com.sun.javacard.tools.util.JCToolsFormatter
com.sun.javacard.tools.util.JCConsoleHandler.filter=com.sun.javacard.tools.util.ConsoleFilter
# --- FileHandler ---
# Override of global logging level
java.util.logging.FileHandler.level=ALL
# Naming style for the output file:
# (The output file is placed in the directory
# defined by the "user.home" System property.)
java.util.logging.FileHandler.pattern=%h/java%u.log
# Limiting size of output file in bytes:
java.util.logging.FileHandler.limit=50000
# Number of output files to cycle through, by appending an
# integer to the base file name:
java.util.logging.FileHandler.count=10
# Style of output (Simple or XML):
java.util.logging.FileHandler.formatter=java.util.logging.SimpleFormatter
java.util.logging.FileHandler.append=true
#--------------print class method info
printCurrentClassAndMethod = false
sdks/jc304_kit/classic_simulator/lib/system.properties 0 → 100644
View file @ 75d64299
#
# Copyright (c) 2009 Sun Microsystems, Inc.
# All rights reserved.
# Use is subject to license terms.
#
# Properties visible from System.getProperty()
# Note: There must be a blank line at end of the file
javacard.version: Java Card(tm) Platform v3.0 [Connected Edition]
#
javacard.connector.socket: true
javacard.connector.ssl: true
javacard.connector.http: true
javacard.connector.https: true
javacard.connector.file: false
javacard.connector.com: false
javacard.connector.datagram: false
#
javacard.encoding: ISO8859_1
# Irrespective of OS we are running, internally Java Card RI uses : as the path separator
path.separator: :
# Irrespective of OS we are running, internally Java Card RI uses / as the file separator
file.separator: /
# Irrespective of OS we are running, internally Java Card RI uses \n as the line separator
line.separator: \n
# I18N aliases for common character encodings
SHIFT_JIS_InternalEncodingName: SJIS
X_SJIS_InternalEncodingName: SJIS
# Trusted Clients on localhost
# A client is a trusted client if the HTTP field User-Agent contains
# the string value of trusted.useragent.includes and does not contain
# the string value of trusted.useragent.excludes.
# In the default configuration Firefox can be used as a trusted client and
# MSIE as a remote (not trusted) client.
trusted.useragent.includes=Firefox
trusted.useragent.excludes=MSIE
sdks/jc304_kit/classic_simulator/platform.properties 0 → 100644
View file @ 75d64299
# Various properties used by Tools.
javacard.name=Java Card Platform
javacard.vendor=Oracle Corporation
javacard.version=3.0.4
javacard.java.majorVersion=1
javacard.java.minorVersion=6
javacard.edition=Classic
javacard.distribution.scope=@EXPORT_TYPE@
javacard.home=./
javacard.emulator=bin/cjcre.exe
javacard.bootclasspath=lib/api_connected.jar
javacard.classic.bootclasspath=lib/api_classic.jar
javacard.classpath=
javacard.javadocpath=docs/api/
javacard.sourcepath=src/api/
javacard.toolClassPath=lib/tools.jar:lib/ant-contrib-1.0b3.jar:lib/bcel-5.2.jar:lib/commons-cli-1.0.jar:lib/commons-codec-1.3.jar:lib/commons-httpclient-3.0.jar:lib/commons-logging-1.1.jar
javacard.nbtasksClassPath=lib/nbtasks.jar:lib/nbutils.jar
javacard.platform.kind=RI
javacard.device.file.extension=jcard
#
javacard.runtime.name=Java Card Runtime Environment
javacard.specification.version=3.0.1
javacard.specification.vendor=Sun Microsystems Inc.
javacard.referenceimplementation.version=3.0.4
javacard.referenceimplementation.vendor=Sun Microsystems Inc.
javacard.referenceimplementation.httpPort=yes
javacard.referenceimplementation.contactedPort=yes
javacard.referenceimplementation.contactlessPort=yes
#Supported app models
javacard.platform.supported.project.kinds=classic-applet,classic-lib
#tools/task class names
javacard.apdutoolClass=com.sun.javacard.apdutool.Main
javacard.tasks.packTaskClass=com.sun.javacard.nbtasks.PackTask
javacard.tasks.signTaskClass=com.sun.javacard.nbtasks.SignTask
javacard.tasks.proxyTaskClass=com.sun.javacard.nbtasks.ProxyTask
javacard.tasks.loadTaskClass=com.sun.javacard.nbtasks.LoadTask
javacard.tasks.createTaskClass=com.sun.javacard.nbtasks.CreateTask
javacard.tasks.deleteTaskClass=com.sun.javacard.nbtasks.DeleteTask
javacard.tasks.unloadTaskClass=com.sun.javacard.nbtasks.UnloadTask
javacard.tasks.browseTaskClass=com.sun.javacard.nbtasks.OpenBrowserTask
sdks/jc304_kit/classic_simulator/samples/keystore/a.certificate 0 → 100644
View file @ 75d64299
MIIB8TCCAVqgAwIBAgIER+0X/zANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJVUzELMAkGA1UEChMCUkkxFTATBgNVBAsTDEhvd1RvU2FtcGxlczEKMAgGA1UEAxMBQTAeFw0wODAzMjgxNjA4MzFaFw0wODA2MjYxNjA4MzFaMD0xCzAJBgNVBAYTAlVTMQswCQYDVQQKEwJSSTEVMBMGA1UECxMMSG93VG9TYW1wbGVzMQowCAYDVQQDEwFBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCTIYVeLV+oyViuf8WOPQeo9AaydiuO5tWzHarb3ol3tY1o0xuooC9MpJEYyDTFBJ9YH9oNtemDU0YxswNtVbJropvwO9lVChn3OvXNfoFEYw8aeVl3pFHrAf4T+EL61Ybgi8PqW0OO/fEf6gkvbJkxy5S421gOrK191pIRTmyr5QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAD0ufB/7/hgx0Zp/T5kjuaWEc6hXB4wlRnXzfwjysvx8K2z2aSVGO5ZbJL8qCh3PQmZZZlpVTbxey/jijwylFiBT3rTonjdKFpv3pypt+3teXvvSfApnUrA7PlgPBgfkWR/UgzN9N6huOWNfJkkWuCsRhq47PpxYfdh1LeyLjuNR
sdks/jc304_kit/classic_simulator/samples/keystore/a.privateKey 0 → 100644
View file @ 75d64299
MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJMhhV4tX6jJWK5/xY49B6j0BrJ2K47m1bMdqtveiXe1jWjTG6igL0ykkRjINMUEn1gf2g216YNTRjGzA21Vsmuim/A72VUKGfc69c1+gURjDxp5WXekUesB/hP4QvrVhuCLw+pbQ4798R/qCS9smTHLlLjbWA6srX3WkhFObKvlAgMBAAECgYBF+Os0nt+fpiJG2v1ZaCz8bRHCTfDpRV7ckH9xkaRPCkj2UXAWAhh8msdmwdBW4pvljUBmxN0JV9FKUZiPpvHzBHu7eHfNipFPa34Tw834sYRXz4jauHY10AD4d2blzBX59qtQY0oBYm5Ey4j76LFjAiA8Qp8s6lYabAurhBIIAQJBANzt9ooLQQLunIeg4v88jTGHs5iLMfoEL+RvZWRqpHWwPD6AzjtaL61F+vTqztYX03eP5Ix63wOTSsvPo8UegMkCQQCqfJAh4G1fOmKcnf1n3KmHw0BXVpk8TNM+wAZtNre60Ei7WJqwx22rN7N22GcDeNyXRxOgpIygJCXh+GDKghw9AkByUPNr1IzsLnlyOI6ckUFh6pzEhunyO25onjdxsTit6OYTVWThEzZuSzKivkkOQL/cMumIwx9YY0OlmChem/z5AkA3XXplNf/u1AQgPoKDzzpS94qWkm3zEjPsBepQX1utVGS6Spz52dn4p38lkkNp8j8Y9aEfIzDz9KlEyCeOvFA1AkBr982/4ktAy3TmtCzuSaIDjK5jqSkBahqM9kH8nz9dJY1EqY7GmFBOPj7CWoOo5BTA02XJvbb6kXVWF4kaUZVQ
sdks/jc304_kit/classic_simulator/samples/keystore/b.certificate 0 → 100644
View file @ 75d64299
MIIB8TCCAVqgAwIBAgIER+0v9jANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJVUzELMAkGA1UEChMCUkkxFTATBgNVBAsTDEhvd1RvU2FtcGxlczEKMAgGA1UEAxMBQjAeFw0wODAzMjgxNzUwNDZaFw0wODA2MjYxNzUwNDZaMD0xCzAJBgNVBAYTAlVTMQswCQYDVQQKEwJSSTEVMBMGA1UECxMMSG93VG9TYW1wbGVzMQowCAYDVQQDEwFCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAwAK5KOHPZ9tPMW1fhI7ZMbf/8oKWPaXA4jysLBJZRujb9MHb4k8sXRryU+poaR2WfiWiEaf1e++Vg9WqiIZK/nWvkJM+RvLDjp/uXq771AreLeB6UCfCpyKuYkeNufSyBQb8y2Mw4ZaNimQuSou9N0z+cufwq32q4FklvezVZQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAG95Tg9tOrrQSOvxENy1dbHDueUam9wZ19a3torZNng5RG77048lj4V4VA+lMjFcw8dzB3KnPjePhUj3w/tBTNzXH/0lZ8K9MSxlXOVxF7/KcBEV3DluHS986um5LIEwcFqVgFf+Vg3jBMV3SE77tNAFVSmzhHETqIyLVr8sBV9P
sdks/jc304_kit/classic_simulator/samples/keystore/b.privateKey 0 → 100644
View file @ 75d64299
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAIDAArko4c9n208xbV+Ejtkxt//ygpY9pcDiPKwsEllG6Nv0wdviTyxdGvJT6mhpHZZ+JaIRp/V775WD1aqIhkr+da+Qkz5G8sOOn+5ervvUCt4t4HpQJ8KnIq5iR4259LIFBvzLYzDhlo2KZC5Ki703TP5y5/CrfargWSW97NVlAgMBAAECgYAUmKLW5Adbmo2m2Y1ZnmcLr7xzoWPqjOobNRXnpRU6WvGdXkY02rs3qZ1J7sqs8UPec0ep6ZEo4C6viGuB4F07H+YBlvwsqxaXyJYMfQvJzMlsq3Rpc1WhNEGLWXVGdaLM/Q+gQ5EShZuZ+fLX/wiBXetr9zIbbieMnkn5Tv0igQJBALqwq3v9a9ESsVqjdlnLfu5IbQqbETtNF951RE29pob5jPV/js7eWne3Di0yIjQqqQpsDwa0XXxG4zEHJ99gi1kCQQCwjJ9bD9LegC8iXEJrPigBhHtfNznQaHmCxjucxtpVO71u8LA6aSUrgYvtDBpNQk1aLfPzCWn1zrDh2fY6M/TtAkAZBPpGaKUdZOLt4cBHsnT1XDF43WVGzEMppg+cV5FMv377m7e406XOK3Mz7WcWFK2I3wh4fo2UzS8/b9URI7ApAkBDxzjGdOS3lu6BennlQg+JxZq3izQe1n0Pv5rTLWRUpIKtPKnrQsKKWUmmz6apUnLv1AR7oXmUbK1rh4oH/jphAkEAsSsmtbVpK850usdWmCIbcmwwWK8QaF77WOcE8YqymnL3zFFlWBQEZTYY1HGkqmaySrRdSo4e7PZe6pi08Wl7Qw==
sdks/jc304_kit/classic_simulator/samples/keystore/c.certificate 0 → 100644
View file @ 75d64299
MIIB8TCCAVqgAwIBAgIER+0pITANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJVUzELMAkGA1UEChMCUkkxFTATBgNVBAsTDEhvd1RvU2FtcGxlczEKMAgGA1UEAxMBQzAeFw0wODAzMjgxNzIxMzdaFw0wODA2MjYxNzIxMzdaMD0xCzAJBgNVBAYTAlVTMQswCQYDVQQKEwJSSTEVMBMGA1UECxMMSG93VG9TYW1wbGVzMQowCAYDVQQDEwFDMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOkTtscaWeOTYVNormIhM5cS2ky/6U1gqU6mhuje6YaRxdIi35XfJozK4ydmASw9YE61jHjauRthljr2rC84/fjOfgHawYK8CSIpyKQ9q4T60u+SWJHb6ekJths7/KRGfPFzRew4Wkk/fR79Y7MgxkHkWar3iEvWaNkEgjWeognwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFNEh6+6pfInBfozlHtK7TSuH1yEeDEcx/VKIHUNOmquobtckVLl6i1iMTT694w2pEeY7zMX4o53/TFJAWruyQFnil3XfS/Culz77gVJhT8w4xpdiVA/Grv8+zKMFqc45KsNjdYqk5sZW161Bate2sSQWzt4MGKqWMLGENmPWi5m
sdks/jc304_kit/classic_simulator/samples/keystore/c.privateKey 0 → 100644
View file @ 75d64299
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAM6RO2xxpZ45NhU2iuYiEzlxLaTL/pTWCpTqaG6N7phpHF0iLfld8mjMrjJ2YBLD1gTrWMeNq5G2GWOvasLzj9+M5+AdrBgrwJIinIpD2rhPrS75JYkdvp6Qm2Gzv8pEZ88XNF7DhaST99Hv1jsyDGQeRZqveIS9Zo2QSCNZ6iCfAgMBAAECgYEAsvdJEK912hufK8nRlYk4NrBD51+F9dVr3ZEpYX8+lHWcyWPviPlIKFwNIFNG8XsSVbjBdkLbvqaSYLd+O+FhZ7J6knUwunCjKZkhK+qywyiqC92pq7azh1KMBW2rUAgH7OpbF8YINJIlKsM3tuFIEqwHYCSJ6nrRn3bfhPqRPoECQQDw4B4orfzooJMlmMXkLl7lnFX7uCbd7/or4GxkP8QRfl2T5joTJsGULK/KFeenLuD51Rpcf2DBfeoXMS8TgN4vAkEA24mjVeCxoLwlmVNQCJvJA7boNl+Ux8E7v3Jnzdi6dPRZm1z+gTp/1bYMBHLJVuT/Lu0jFgZ49ZigjJbthU44kQJAZETXKRXsLqYROthSoD7RUAF5JXSt8TshR7x/Qmfs5V9V8ugmiqxabqT/dD8UFFsGWdlkxNZdX45bsNXPg+3kDwJBAMP34AJ3uXe2m4V7VhTpIw2axzxKI+AQAIqL0FdyoDZoLFjAMTsgAh6+C4opAMr9TUERU2GE05K/9Iiq7UkyotECQGYXR4YOmTzdr4GlZBlA0f8xGMV//BSZeIYuRuI73DmIfFlTdtcobkskKHJpxoE3SGW/5tIjTMggTvghzW64NR8=
sdks/jc304_kit/document.css 0 → 100644
View file @ 75d64299
/*
* Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved.
* Use is subject to license terms.
*
* SCCS: %W% %E%
*/
/* font tag overwrite */
font {
font-family:Arial, Helvetica, FreeSans, "Luxi-sans", "Nimbus Sans L", sans-serif;
font-size:14px;
}
/* font family */
body, input, select, textarea, button {
font-family:Arial, Helvetica, FreeSans, "Luxi-sans", "Nimbus Sans L", sans-serif;
font-size:100%;
}
code, kbd, tt, pre {
font-family:Monaco, Courier, "Courier New";
font-size:110%;
}
/* generic */
body {
color:#000;
}
a {
color:#666;
text-decoration:none
}
a.href {
color:#666;
text-decoration:none
}
a.hover {
color:#F00;
text-decoration:none
}
a.visited {
color:#999;
text-decoration:none
}
a.link {
color:#F00;
text-decoration:none
}
ol, ul {
margin:1ex;
padding-left:1ex;
}
li {
margin:1ex;
padding-left:0ex
}
dl {
margin:1.6ex;
padding-left:0ex;
}
dt {
margin:1ex;
padding-left:0ex
}
tr {vertical-align:top;}
table tr th {
background:#E5E5E6;
font-size:90%;
text-align:left;
vertical-align:top;
padding-left:1ex;
}
caption {
font-weight:bold;
font-size:85%;
}
/* hr */
hr.light {
background:#E3E3E3;
color:#E3E3E3;
height:2px;
padding:0;
border:0
}
hr.red {
background:#F00;
color:#F00;
height:2px;
padding:0;
border:0
}
div.MastheadPane {
height: 45px;
width: 100%;
top: 0;
right: 0;
bottom: auto;
left: 0;
overflow: hidden;
border-bottom: 3px #F00;
margin: 0;
text-decoration:none;
}
div.MastheadDateBuild {
height: 90px;
width: 100%;
top: 0;
right: 0;
bottom: auto;
left: 0;
overflow: visible;
border-bottom: 3px #F00;
text-decoration:none;
}
.MastheadPane tr td {
background:#fff;
background-color:#FFF;
padding: 0px;
margin: 0px;
}
.MastheadPane tr th {
background:#fff;
background-color:#FFF;
padding: 0px;
margin: 0px;
}
.MastheadDateBuild tr th {
background:#fff;
background-color:#FFF;
padding: 0px;
margin: 0px;
}
.MastheadDateBuild tr td {
background:#fff;
background-color:#FFF;
padding: 0px;
margin: 0px;
}
table.MastheadTable {
width: 100%;
border-collapse:collapse;
padding: 0px;
margin: 0px;
background:#FFF;
background-color:#FFF
}
table.MastheadDateBuild {
width: 100%;
border-collapse:collapse;
margin: 0px;
padding: 0px;
background:#FFF;
}
div.MastheadPane a {
color: rgb(127, 127, 127);
background:#FFF;
}
th.smallLogo {
width: 130px;
align: right;
}
td.smallLogo {
width: 130px;
align: right;
}
td.javaLogo {
width: 100px;
text-align: right;
}
.smallLogo img {
padding-right: 15px;
}
tr.breadcrumbbar {
margin: 0px;
height: 15px;
}
tr.titlebar {
height: 55px;
padding: 0px;
background-color:#FFF;
}
h4.contentpage-doctitle {
color: rgb(127, 127, 127);
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
font-size: 120%;
font-weight: bold;
text-align: left;
padding: 0px;
width: auto;
}
p.breadcrumb a {
color: rgb(255, 0, 0);
font-weight: bold;
}
p.breadcrumb {
margin-bottom: 20px
}
div.MainContent a:visited {
color: rgb(127, 127, 127)
}
div.MainContent a {
color: rgb(0, 0, 0);
text-decoration:none
}
div.embeddedtoc {
margin: 0ex;
}
.embeddedtoc a {
color:#666;
text-decoration:none
}
.embeddedtoc a.href {
color:#666;
text-decoration:none
}
.embeddedtoc a.hover {
color:#F00;
text-decoration:none
}
.embeddedtoc a.visited {
color:#999;
text-decoration:none
}
.embeddedtoc a.link {
color:#666;
text-decoration:none
}
.embeddedtoc p {
margin-top: -1ex;
}
.embeddedtoc p.level1 a {
color: (127,127,127);
font-size: 100%;
}
.embeddedtoc p.level2 a {
color: rgb(127,127,127);
font-size: 90%;
margin-left: 3ex;
}
.embeddedtoc p.level3 a {
color: rgb(127,127,127);
font-size: 85%;
margin-left: 6ex;
}
.embeddedtoc p.level4 a {
color: rgb(127,127,127);
font-size: 85%;
margin-left: 9ex;
}
.embeddedtoc p.level5 a {
color: rgb(70,70,70);
font-size: 85%;
margin-left: 12ex;
}
div.BodyStyle {
width: 100%;
top: 100px;
right: 0;
bottom: 20px;
left: 0px;
margin: 0px;
overflow: hidden;
font-family:Arial, Helvetica, FreeSans, "Luxi-sans", "Nimbus Sans L", sans-serif;
}
BodyStyle a.href {
text-decoration:none
}
BodyStyle a.hover {
color:#F00
}
BodyStyle a.visited {
color:#999
}
BodyStyle a.link {
color:#666
}
p.navtop, p.navtop a {
font-size:85%;
}
body {
padding: 1.5em;
margin: 0;
background-color: white;
font-size:14px;
}
h1+p, h2+p, h3+p, h4+p, h5+p {
margin-top: 0;
}
code, pre {
color: black;
}
pre {
background-color: #efefef;
border: 1px solid #ccc;
padding: 0.5em;
overflow: hidden;
font-size: 110%;
}
a img {
border-style: none;
}
div.TitleDiv {
margin-top: 30px;
}
h2.DocTitle {
color: rgb(127, 127, 127);
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
font-size: 115%;
font-weight: bold;
text-align: left;
text-decoration: none;
text-indent: 0px;
text-transform: none
}
h3.SubTitle {
color: rgb(127, 127, 127);
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
font-size: 90%;
font-weight: bold;
text-align: left;
text-decoration: none;
text-indent: 0px;
text-transform: none
}
h4.TitleDate {
color: rgb(127, 127, 127);
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
font-size: 80%;
font-weight: bold;
text-align: left;
text-decoration: none;
text-indent: 0px;
text-transform: none
}
.BodyStyle tr thead th {
text-align:left;
background-color:#fefefe;
}
.BodyStyle h1 {
margin-top: 1.25em;
margin-bottom: 0.5em;
color: rgb(127, 127, 127);
}
.BodyStyle h2 {
font-size: 125%;
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
margin-top: 1.25em;
margin-bottom: 0.5em;
color: rgb(127, 127, 127);
}
.BodyStyle h3 {
font-size: 115%;
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
margin-top: 1.25em;
color: rgb(127, 127, 127);
margin-bottom: 0.5em;
}
.BodyStyle h4 {
font-size: 105%;
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
margin-top: 1.25em;
margin-bottom: 0.5em;
color: rgb(127, 127, 127);
}
.BodyStyle h5 {
font-size: 95%;
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
margin-top: 1.25em;
margin-bottom: 0.5em;
color: rgb(127, 127, 127);
}
.BodyStyle h6 {
font-size: 85%;
font-family: "Univers LT Std", Univers, Arial, Helvetica, sans-serif;
margin-top: 1.25em;
margin-bottom: 0.5em;
color: rgb(127, 127, 127);
}
.BodyStyle table {
font-size:100%;
border-color:#CCC;
width:100%;
border:solid;
border-left:none;
border-right:none;
border-top:none;
border-bottom:medium;
border-width:medium;
}
sdks/jc304_kit/legal/Distribution_ReadME.txt 0 → 100644
View file @ 75d64299
DistributionREADME
DISTRIBUTION BY DEVELOPERS. Subject to the terms and conditions of the Software License Agreement and the obligations, restrictions, and exceptions set forth below, You may reproduce and distribute the portions of Software identified below ("Redistributable"), provided that:
(a) You distribute Redistributable complete and unmodified and only bundled as part of Your Programs,
(b) Your Programs add significant and primary functionality to the Redistributable,
(c) You do not distribute additional software intended to replace any
component(s) of the Redistributable,
(d) You do not remove or alter any proprietary legends or notices contained in or on the Redistributable.
(e) You only distribute the Redistributable subject to a license agreement that protects Oracle's interests consistent with the terms contained in this
Agreement, and
(f) You agree to defend and indemnify Oracle and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Redistributable.
The following files are Redistributables:
Java Card Development Kit 3.0.4
sdks/jc304_kit/legal/THIRDPARTYREADME.txt 0 → 100644
View file @ 75d64299
This source diff could not be displayed because it is too large. You can view the blob instead.
sdks/jc304_kit/lib/logging.properties 0 → 100644
View file @ 75d64299
# Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
# Properties file which configures the operation of the JDK
# logging facility.
# The system will look for this config file, first using
# a System property specified at startup:
#
# >java -Djava.util.logging.config.file=myLoggingConfigFilePath
#
# If this property is not specified, then the config file is
# retrieved from its default location at:
#
# JDK_HOME/jre/lib/logging.properties
# Global logging properties.
# ------------------------------------------
# The set of handlers to be loaded upon startup.
# Comma-separated list of class names.
# java.util.logging.ConsoleHandler
handlers=com.sun.javacard.tools.util.JCConsoleHandler, java.util.logging.FileHandler
# Default global logging level.
# Loggers and Handlers may override this level
.level=ALL
# Loggers
# ------------------------------------------
# Loggers are usually attached to packages.
# Here, the level for each package is specified.
# The global level is used by default, so levels
# specified here simply act as an override.
#com.sun.javacard.offcardinstaller=ALL
# Handlers
# -----------------------------------------
com.sun.javacard.tools.util.JCConsoleHandler.level=ALL
com.sun.javacard.tools.util.JCConsoleHandler.formatter=com.sun.javacard.tools.util.JCToolsFormatter
com.sun.javacard.tools.util.JCConsoleHandler.filter=com.sun.javacard.tools.util.ConsoleFilter
# --- FileHandler ---
# Override of global logging level
java.util.logging.FileHandler.level=ALL
# Naming style for the output file:
# (The output file is placed in the directory
# defined by the "user.home" System property.)
java.util.logging.FileHandler.pattern=%h/java%u.log
# Limiting size of output file in bytes:
java.util.logging.FileHandler.limit=50000
# Number of output files to cycle through, by appending an
# integer to the base file name:
java.util.logging.FileHandler.count=10
# Style of output (Simple or XML):
java.util.logging.FileHandler.formatter=java.util.logging.SimpleFormatter
java.util.logging.FileHandler.append=true
#--------------print class method info
printCurrentClassAndMethod = false
sdks/jc305u3_kit/bin/apdutool.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute apdutool's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.apdutool.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/capdump.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute capdump's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.capdump.CapDump %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/capgen.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute capgen's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.jcasm.cap.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/converter.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute converter's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.converter.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/cref.bat 0 → 100644
View file @ 75d64299
@echo off
rem
rem Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
rem
rem in Java Card 2 there was only cref.exe, but now we provide cref_t0.exe,
rem cref_t1.exe, and cref_tdual.exe.
rem
@echo off
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem this batch file is provided as a easy way to call the new executables.
rem
rem "cref.bat args" will call "cref_tdual.exe args"
rem
rem "cref.bat -t0 args" will call "cref_t0.exe args"
rem "cref.bat -t1 args" will call "cref_t1.exe args"
rem "cref.bat -tdual args" will call "cref_tdual.exe args"
rem
setlocal
set list=
set target=cref_tdual
:loop
if "%1"=="" goto done
if "%1"=="-t0" (
set target=cref_t0
shift
goto loop
)
if "%1"=="-t1" (
set target=cref_t1
shift
goto loop
)
if "%1"=="-tdual" (
set target=cref_tdual
shift
goto loop
)
set list=%list% %1
shift
goto loop
:done
call "%JC_CLASSIC_HOME%\bin\%target%.exe" %list%
endlocal
\ No newline at end of file
sdks/jc305u3_kit/bin/exp2text.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute exp2text's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.converter.Exp2Text %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/normalizer.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute normalizer's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.normalizer.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/packager.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute packager's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.packager.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/scriptgen.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute scriptgen's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.scriptgen.Main %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/verifycap.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute verifycap's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.offcardverifier.Verifier %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/verifyexp.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute verifyexp's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.offcardverifier.VerifyExp %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/bin/verifyrev.bat 0 → 100644
View file @ 75d64299
@echo off
@REM Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
setlocal
set JC_CLASSIC_HOME=%~dp0\..
rem Print warning if no JAVA_HOME set
if not defined JAVA_HOME goto nojavahome
rem set classpath to all jars
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\ant-contrib-1.0b3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic_annotations.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\asm-all-3.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\bcel-5.2.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-cli-1.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-codec-1.3.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-httpclient-3.0.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\commons-logging-1.1.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\jctasks.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\tools.jar;%JC_CLASSPATH%
set JC_CLASSPATH=%JC_CLASSIC_HOME%\lib\api_classic.jar;%JC_CLASSPATH%
rem execute verifyrev's Main class
"%JAVA_HOME%\bin\java" "-Djc.home=%JC_CLASSIC_HOME%" -classpath "%JC_CLASSPATH%" com.sun.javacard.offcardverifier.VerifyRev %*
goto done
:nojavahome
echo JAVA_HOME is not set. Please set it to point to JDK 7 or JDK 8
:done
endlocal
rem Send the error code to the command interpreter
cmd /c Exit /B %errorlevel%
\ No newline at end of file
sdks/jc305u3_kit/legal/Distribution_ReadME.txt 0 → 100644
View file @ 75d64299
DistributionREADME
Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
DISTRIBUTION BY DEVELOPERS. Subject to the terms and conditions of the Software License Agreement and the obligations, restrictions, and exceptions set forth below, You may reproduce and distribute the portions of Software identified below ("Redistributable"), provided that:
(a) You distribute Redistributable complete and unmodified and only bundled as part of Your Programs,
(b) Your Programs add significant and primary functionality to the Redistributable,
(c) You do not distribute additional software intended to replace any
component(s) of the Redistributable,
(d) You do not remove or alter any proprietary legends or notices contained in or on the Redistributable.
(e) You only distribute the Redistributable subject to a license agreement that protects Oracle's interests consistent with the terms contained in this
Agreement, and
(f) You agree to defend and indemnify Oracle and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Redistributable.
The following files are Redistributables:
Java Card Development Kit 3.0.5
sdks/jc305u3_kit/legal/THIRDPARTYREADME.txt 0 → 100644
View file @ 75d64299
DO NOT TRANSLATE OR LOCALIZE
/* Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved. */
***************************************************************************
%%The following software may be included in this product:
ASM
Use of any of this software is governed by the terms of the license below:
Copyright (c) 2000-2005 INRIA, France Telecom
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the copyright holders nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
THE POSSIBILITY OF SUCH DAMAGE.
***************************************************************************
%%The following software may be included in this product:
Apache BCEL (Byte Code Engineering Library)
Use of any of this software is governed by the terms of the license below:
* Apache License
* Version 2.0, January 2004
* http://www.apache.org/licenses/
*
* TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
*
* 1. Definitions.
*
* "License" shall mean the terms and conditions for use, reproduction,
* and distribution as defined by Sections 1 through 9 of this document.
*
* "Licensor" shall mean the copyright owner or entity authorized by
* the copyright owner that is granting the License.
*
* "Legal Entity" shall mean the union of the acting entity and all
* other entities that control, are controlled by, or are under common
* control with that entity. For the purposes of this definition,
* "control" means (i) the power, direct or indirect, to cause the
* direction or management of such entity, whether by contract or
* otherwise, or (ii) ownership of fifty percent (50%) or more of the
* outstanding shares, or (iii) beneficial ownership of such entity.
*
* "You" (or "Your") shall mean an individual or Legal Entity
* exercising permissions granted by this License.
*
* "Source" form shall mean the preferred form for making modifications,
* including but not limited to software source code, documentation
* source, and configuration files.
*
* "Object" form shall mean any form resulting from mechanical
* transformation or translation of a Source form, including but
* not limited to compiled object code, generated documentation,
* and conversions to other media types.
*
* "Work" shall mean the work of authorship, whether in Source or
* Object form, made available under the License, as indicated by a
* copyright notice that is included in or attached to the work
* (an example is provided in the Appendix below).
*
* "Derivative Works" shall mean any work, whether in Source or Object
* form, that is based on (or derived from) the Work and for which the
* editorial revisions, annotations, elaborations, or other modifications
* represent, as a whole, an original work of authorship. For the purposes
* of this License, Derivative Works shall not include works that remain
* separable from, or merely link (or bind by name) to the interfaces of,
* the Work and Derivative Works thereof.
*
* "Contribution" shall mean any work of authorship, including
* the original version of the Work and any modifications or additions
* to that Work or Derivative Works thereof, that is intentionally
* submitted to Licensor for inclusion in the Work by the copyright owner
* or by an individual or Legal Entity authorized to submit on behalf of
* the copyright owner. For the purposes of this definition, "submitted"
* means any form of electronic, verbal, or written communication sent
* to the Licensor or its representatives, including but not limited to
* communication on electronic mailing lists, source code control systems,
* and issue tracking systems that are managed by, or on behalf of, the
* Licensor for the purpose of discussing and improving the Work, but
* excluding communication that is conspicuously marked or otherwise
* designated in writing by the copyright owner as "Not a Contribution."
*
* "Contributor" shall mean Licensor and any individual or Legal Entity
* on behalf of whom a Contribution has been received by Licensor and
* subsequently incorporated within the Work.
*
* 2. Grant of Copyright License. Subject to the terms and conditions of
* this License, each Contributor hereby grants to You a perpetual,
* worldwide, non-exclusive, no-charge, royalty-free, irrevocable
* copyright license to reproduce, prepare Derivative Works of,
* publicly display, publicly perform, sublicense, and distribute the
* Work and such Derivative Works in Source or Object form.
*
* 3. Grant of Patent License. Subject to the terms and conditions of
* this License, each Contributor hereby grants to You a perpetual,
* worldwide, non-exclusive, no-charge, royalty-free, irrevocable
* (except as stated in this section) patent license to make, have made,
* use, offer to sell, sell, import, and otherwise transfer the Work,
* where such license applies only to those patent claims licensable
* by such Contributor that are necessarily infringed by their
* Contribution(s) alone or by combination of their Contribution(s)
* with the Work to which such Contribution(s) was submitted. If You
* institute patent litigation against any entity (including a
* cross-claim or counterclaim in a lawsuit) alleging that the Work
* or a Contribution incorporated within the Work constitutes direct
* or contributory patent infringement, then any patent licenses
* granted to You under this License for that Work shall terminate
* as of the date such litigation is filed.
*
* 4. Redistribution. You may reproduce and distribute copies of the
* Work or Derivative Works thereof in any medium, with or without
* modifications, and in Source or Object form, provided that You
* meet the following conditions:
*
* (a) You must give any other recipients of the Work or
* Derivative Works a copy of this License; and
*
* (b) You must cause any modified files to carry prominent notices
* stating that You changed the files; and
*
* (c) You must retain, in the Source form of any Derivative Works
* that You distribute, all copyright, patent, trademark, and
* attribution notices from the Source form of the Work,
* excluding those notices that do not pertain to any part of
* the Derivative Works; and
*
* (d) If the Work includes a "NOTICE" text file as part of its
* distribution, then any Derivative Works that You distribute must
* include a readable copy of the attribution notices contained
* within such NOTICE file, excluding those notices that do not
* pertain to any part of the Derivative Works, in at least one
* of the following places: within a NOTICE text file distributed
* as part of the Derivative Works; within the Source form or
* documentation, if provided along with the Derivative Works; or,
* within a display generated by the Derivative Works, if and
* wherever such third-party notices normally appear. The contents
* of the NOTICE file are for informational purposes only and
* do not modify the License. You may add Your own attribution
* notices within Derivative Works that You distribute, alongside
* or as an addendum to the NOTICE text from the Work, provided
* that such additional attribution notices cannot be construed
* as modifying the License.
*
* You may add Your own copyright statement to Your modifications and
* may provide additional or different license terms and conditions
* for use, reproduction, or distribution of Your modifications, or
* for any such Derivative Works as a whole, provided Your use,
* reproduction, and distribution of the Work otherwise complies with
* the conditions stated in this License.
*
* 5. Submission of Contributions. Unless You explicitly state otherwise,
* any Contribution intentionally submitted for inclusion in the Work
* by You to the Licensor shall be under the terms and conditions of
* this License, without any additional terms or conditions.
* Notwithstanding the above, nothing herein shall supersede or modify
* the terms of any separate license agreement you may have executed
* with Licensor regarding such Contributions.
*
* 6. Trademarks. This License does not grant permission to use the trade
* names, trademarks, service marks, or product names of the Licensor,
* except as required for reasonable and customary use in describing the
* origin of the Work and reproducing the content of the NOTICE file.
*
* 7. Disclaimer of Warranty. Unless required by applicable law or
* agreed to in writing, Licensor provides the Work (and each
* Contributor provides its Contributions) on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
* implied, including, without limitation, any warranties or conditions
* of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
* PARTICULAR PURPOSE. You are solely responsible for determining the
* appropriateness of using or redistributing the Work and assume any
* risks associated with Your exercise of permissions under this License.
*
* 8. Limitation of Liability. In no event and under no legal theory,
* whether in tort (including negligence), contract, or otherwise,
* unless required by applicable law (such as deliberate and grossly
* negligent acts) or agreed to in writing, shall any Contributor be
* liable to You for damages, including any direct, indirect, special,
* incidental, or consequential damages of any character arising as a
* result of this License or out of the use or inability to use the
* Work (including but not limited to damages for loss of goodwill,
* work stoppage, computer failure or malfunction, or any and all
* other commercial damages or losses), even if such Contributor
* has been advised of the possibility of such damages.
*
* 9. Accepting Warranty or Additional Liability. While redistributing
* the Work or Derivative Works thereof, You may choose to offer,
* and charge a fee for, acceptance of support, warranty, indemnity,
* or other liability obligations and/or rights consistent with this
* License. However, in accepting such obligations, You may act only
* on Your own behalf and on Your sole responsibility, not on behalf
* of any other Contributor, and only if You agree to indemnify,
* defend, and hold each Contributor harmless for any liability
* incurred by, or claims asserted against, such Contributor by reason
* of your accepting any such warranty or additional liability.
*
* END OF TERMS AND CONDITIONS
*
* APPENDIX: How to apply the Apache License to your work.
*
* To apply the Apache License to your work, attach the following
* boilerplate notice, with the fields enclosed by brackets "[]"
* replaced with your own identifying information. (Don't include
* the brackets!) The text should be enclosed in the appropriate
* comment syntax for the file format. We also recommend that a
* file or class name and description of purpose be included on the
* same "printed page" as the copyright notice for easier
* identification within third-party archives.
*
* Copyright [yyyy] [name of copyright owner]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
***************************************************************************
%%The following software may be included in this product:
Apache Jakarta Commons
Use of any of this software is governed by the terms of the license below:
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
***************************************************************************
%%The following software may be included in this product:
Apache Commons CLI
Use of any of this software is governed by the terms of the license below:
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
***************************************************************************
%%The following software may be included in this product:
Apache Commons Logging
Use of any of this software is governed by the terms of the license below:
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
***************************************************************************
%%The following software may be included in this product:
Ant-Contrib
Use of any of this software is governed by the terms of the license below:
/*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 Ant-Contrib project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Ant-Contrib project (http://sourceforge.net/projects/ant-contrib)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The name Ant-Contrib must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact
* [email protected].
*
* 5. Products derived from this software may not be called "Ant-Contrib"
* nor may "Ant-Contrib" appear in their names without prior written
* permission of the Ant-Contrib project.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE ANT-CONTRIB PROJECT OR ITS
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*/
***************************************************************************
sdks/jc305u3_kit/lib/logging.properties 0 → 100644
View file @ 75d64299
# Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
# Properties file which configures the operation of the JDK
# logging facility.
# The system will look for this config file, first using
# a System property specified at startup:
#
# >java -Djava.util.logging.config.file=myLoggingConfigFilePath
#
# If this property is not specified, then the config file is
# retrieved from its default location at:
#
# JDK_HOME/jre/lib/logging.properties
# Global logging properties.
# ------------------------------------------
# The set of handlers to be loaded upon startup.
# Comma-separated list of class names.
# java.util.logging.ConsoleHandler
handlers=com.sun.javacard.tools.util.JCConsoleHandler, java.util.logging.FileHandler
# Default global logging level.
# Loggers and Handlers may override this level
.level=ALL
# Loggers
# ------------------------------------------
# Loggers are usually attached to packages.
# Here, the level for each package is specified.
# The global level is used by default, so levels
# specified here simply act as an override.
#com.sun.javacard.offcardinstaller=ALL
# Handlers
# -----------------------------------------
com.sun.javacard.tools.util.JCConsoleHandler.level=ALL
com.sun.javacard.tools.util.JCConsoleHandler.formatter=com.sun.javacard.tools.util.JCToolsFormatter
com.sun.javacard.tools.util.JCConsoleHandler.filter=com.sun.javacard.tools.util.ConsoleFilter
# --- FileHandler ---
# Override of global logging level
java.util.logging.FileHandler.level=ALL
# Naming style for the output file:
# (The output file is placed in the directory
# defined by the "user.home" System property.)
java.util.logging.FileHandler.pattern=%h/java%u.log
# Limiting size of output file in bytes:
java.util.logging.FileHandler.limit=50000
# Number of output files to cycle through, by appending an
# integer to the base file name:
java.util.logging.FileHandler.count=10
# Style of output (Simple or XML):
java.util.logging.FileHandler.formatter=java.util.logging.SimpleFormatter
java.util.logging.FileHandler.append=true
#--------------print class method info
printCurrentClassAndMethod = false
settings.gradle 0 → 100644
View file @ 75d64299
rootProject.name = 'newJavaCardApplet'
src/main/java/com/josh/vku2f/AttestationKeyPair.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.Util;
import javacard.security.ECKey;
import javacard.security.ECPublicKey;
import javacard.security.KeyBuilder;
import javacard.security.KeyPair;
import javacard.security.Signature;
/**
* Attestation keypair object.
*/
public class AttestationKeyPair {
private KeyPair kp;
private Signature sig;
public byte[] x509cert;
public short x509len;
public AttestationKeyPair() {
kp = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_256);
KeyParams.sec256r1params((ECKey) kp.getPublic());
// Generate a new keypair for attestation.
kp.genKeyPair();
// Initialise a signature object
sig = Signature.getInstance(Signature.ALG_ECDSA_SHA_256, false);
sig.init(kp.getPrivate(), Signature.MODE_SIGN);
}
/**
* Signs a byte array with the attestation keypair.
* @param inBuf Buffer to sign from.
* @param inOff Offset to begin at.
* @param inLen Length of data to sign.
* @param sigBuf Buffer to sign into.
* @param sigOff Offset to begin at.
*/
public short sign(byte[] inBuf, short inOff, short inLen, byte[] sigBuf, short sigOff) {
return sig.sign(inBuf, inOff, inLen, sigBuf, sigOff);
}
public void update(byte[] inBuf, short inOff, short inLen) {
sig.update(inBuf, inOff, inLen);
}
/**
* Sets the attestation certificate.
* @param inBuf buffer to read from
* @param inOff offset to begin reading from
* @param inLen length of certificate.
*/
public void setCert(byte[] inBuf, short inOff, short inLen) {
x509cert = new byte[inLen];
x509len = inLen;
Util.arrayCopy(inBuf, inOff, x509cert, (short) 0, inLen);
}
/**
* Gets the attestation certificate.
* @param outBuf the buffer to read into.
* @param outOff the offset to begin at.
* @return the length of the certificate.
*/
public short getCert(byte[] outBuf, short outOff) {
Util.arrayCopy(x509cert, (short) 0, outBuf, outOff, (short) x509cert.length);
return (short) x509cert.length;
}
/**
* Checks if the certificate is set.
* @return if the certificate is set.
*/
public boolean isCertSet() {
return (x509len != 0);
}
public short getPubkey(byte[] outBuf, short outOff) {
return ((ECPublicKey) kp.getPublic()).getW(outBuf, outOff);
}
}
src/main/java/com/josh/vku2f/AuthenticatorGetAssertion.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.JCSystem;
import javacard.framework.UserException;
import javacard.framework.Util;
public class AuthenticatorGetAssertion {
public byte[] rpId;
byte[] clientDataHash;
boolean[] options;
PublicKeyCredentialDescriptor[] allow;
public AuthenticatorGetAssertion(CBORDecoder decoder) throws UserException {
short[] vars;
try {
vars = JCSystem.makeTransientShortArray((short) 8, JCSystem.CLEAR_ON_RESET);
} catch (Exception e) {
vars = new short[8];
}
// Create options
options = new boolean[2];
// UP
options[0] = true;
// UV
options[1] = false;
vars[0] = decoder.readMajorType(CBORBase.TYPE_MAP);
// Create scratch
byte[] scratch;
try {
scratch = JCSystem.makeTransientByteArray((short) 64, JCSystem.MEMORY_TYPE_TRANSIENT_RESET);
} catch (Exception e) {
scratch = new byte[64];
}
for(vars[1] = 0; vars[1] < vars[0]; vars[1]++ ) {
vars[2] = decoder.readInt8();
switch(vars[2]) {
case 0x01:
// RpId
vars[3] = decoder.readTextString(scratch, (short) 0);
rpId = new byte[vars[3]];
// Copy to it
Util.arrayCopy(scratch, (short) 0, rpId, (short) 0, vars[3]);
break;
case 0x02:
// clientDataHash
vars[3] = decoder.readByteString(scratch, (short) 0);
clientDataHash = new byte[vars[3]];
Util.arrayCopy(scratch, (short) 0, clientDataHash, (short) 0, vars[3]);
break;
case 0x03:
// allowList
// Read the array
vars[3] = decoder.readMajorType(CBORBase.TYPE_ARRAY);
allow = new PublicKeyCredentialDescriptor[vars[3]];
for(vars[4] = 0; vars[4] < (short) allow.length; vars[4]++) {
// Read the map. It has 2 things in it.
vars[3] = decoder.readMajorType(CBORBase.TYPE_MAP);
if(vars[3] != 2) {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
break;
}
for(vars[5] = 0; vars[5] < (short) 2; vars[5]++) {
vars[3] = decoder.readTextString(scratch, (short) 0);
if(Util.arrayCompare(scratch, (short) 0, Utf8Strings.UTF8_ID, (short) 0, (short) 2) == (byte) 0) {
// Read the actual id
vars[3] = decoder.readByteString(scratch, (short) 0);
allow[vars[4]] = new PublicKeyCredentialDescriptor(scratch, (short) 0, vars[3]);
} else if (Util.arrayCompare(scratch, (short) 0, Utf8Strings.UTF8_TYPE, (short) 0, (short) 4) == (byte) 0) {
// Read the type field, it must be text
decoder.readTextString(scratch, (short) 0);
// It doesn't matter what it is, just check it's string and exists.
} else {
// If it's not these two, throw an error
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
break;
}
}
}
break;
case 0x05:
// Options - two important things here
vars[3] = decoder.readMajorType(CBORBase.TYPE_MAP);
for(vars[4] = 0; vars[4] < vars[3]; vars[4]++) {
// Read the text string
decoder.readTextString(scratch, (short) 0);
if(Util.arrayCompare(scratch, (short) 0, Utf8Strings.UTF8_UP, (short) 0, (short) 2) == 0) {
// Is the UP param
options[0] = decoder.readBoolean();
} else if (Util.arrayCompare(scratch, (short) 0, Utf8Strings.UTF8_UV, (short) 0, (short) 2) == 0) {
// Is the UV param
options[1] = decoder.readBoolean();
} else {
decoder.skipEntry();
}
}
break;
case 0x04:
// Extensions - we mostly ignore
decoder.skipEntry();
break;
case 0x06:
// Pin stuff
decoder.skipEntry();
break;
case 0x07:
// Pin protocol
decoder.skipEntry();
break;
default:
UserException.throwIt((byte) 0x85);
break;
}
}
// We should check we have our "mandatory" options
if(rpId == null || clientDataHash == null) {
UserException.throwIt(CTAP2.CTAP2_ERR_MISSING_PARAMETER);
}
// Good to go I guess
}
public short getHash(byte[] buf, short off) {
Util.arrayCopy(clientDataHash, (short) 0, buf, off, (short) clientDataHash.length);
return (short) clientDataHash.length;
}
public boolean hasAllow() {
return (allow != null && allow.length > 0);
}
}
src/main/java/com/josh/vku2f/AuthenticatorMakeCredential.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.JCSystem;
import javacard.framework.UserException;
import javacard.framework.Util;
public class AuthenticatorMakeCredential {
public byte[] dataHash;
private PublicKeyCredentialRpEntity rp;
private PublicKeyCredentialUserEntity user;
private PublicKeyCredentialParams params;
private boolean[] options = new boolean[2];
public PublicKeyCredentialDescriptor[] exclude;
/**
* Parses a CBOR structure to create an AuthenticatorMakeCredential object
*
* @param decoder the initialised decoder on the CBOR structure
* @param vars a short array to store variables in
*/
public AuthenticatorMakeCredential(CBORDecoder decoder) throws UserException {
short[] vars;
try {
vars = JCSystem.makeTransientShortArray((short) 8, JCSystem.CLEAR_ON_RESET);
} catch (Exception e) {
vars = new short[8];
}
// Start reading, we should get a map
byte[] scratch1;
try {
scratch1 = JCSystem.makeTransientByteArray((short) 64, JCSystem.CLEAR_ON_DESELECT);
} catch (Exception e) {
scratch1 = new byte[64];
}
byte[] scratch2;
try {
scratch2 = JCSystem.makeTransientByteArray((short) 64, JCSystem.CLEAR_ON_DESELECT);
} catch (Exception e) {
scratch2 = new byte[64];
}
short len1 = decoder.readMajorType(CBORBase.TYPE_MAP);
// options[0] is rk - default true for us
// options[1] is uv - default false
options[0] = true;
options[1] = false;
// We now have the number of objects in the map
// Read all the objects in map
for (short i = 0; i < len1; i++) {
// Read the ID type
short type = decoder.readInt8();
// Do based on the ID
short len2;
switch (type) {
case (short) 1:
// Grab and store the data hash
len2 = decoder.readByteString(scratch1, (short) 0);
dataHash = new byte[len2];
Util.arrayCopy(scratch1, (short) 0, dataHash, (short) 0, len2);
break;
case (short) 2:
// Rp object, create it
rp = new PublicKeyCredentialRpEntity();
// Read the map length - should be 2
len2 = decoder.readMajorType(CBORBase.TYPE_MAP);
// If less than 2, error
if (len2 < (short) 2) {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
}
// Read the map iteratively
for (short j = 0; j < len2; j++) {
// Read the text string in
decoder.readTextString(scratch1, (short) 0);
// Check if it equals id
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_ID, (short) 0,
(short) 2) == (byte) 0) {
// It does, so read its length
short len3 = decoder.readTextString(scratch1, (short) 0);
// Set it
rp.setRp(scratch1, len3);
} else
// Check if it equals name, if not id
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_NAME, (short) 0,
(short) 4) == (byte) 0) {
// Read the string into scratch
short len3 = decoder.readTextString(scratch1, (short) 0);
// Set it
rp.setName(scratch1, len3);
}
}
break;
case (short) 3:
// UserEntity, create
user = new PublicKeyCredentialUserEntity();
// Read the map length
len2 = decoder.readMajorType(CBORBase.TYPE_MAP);
// Read the map iteratively
for (short j = 0; j < len2; j++) {
// Read the text string in
decoder.readTextString(scratch1, (short) 0);
// Check if it equals id
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_ID, (short) 0,
(short) 2) == (byte) 0) {
// Read the string into scratch
short len3 = decoder.readByteString(scratch1, (short) 0);
// Set it
user.setId(scratch1, (short) 0, len3);
} else
// Check if it equals name, if not id
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_NAME, (short) 0,
(short) 4) == (byte) 0) {
// Read the string into scratch
short len3 = decoder.readTextString(scratch1, (short) 0);
// Set it
user.setName(scratch1, len3);
} else
// Check if it equals displayName, if not those
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_DISPLAYNAME, (short) 0,
(short) 11) == (byte) 0) {
// Read the string into scratch
short len3 = decoder.readTextString(scratch1, (short) 0);
// Set it
user.setDisplayName(scratch1, len3);
} else
// If icon, even
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_ICON, (short) 0, (short) 4) == (byte) 0) {
// Read the string into scratch
short len3 = decoder.readTextString(scratch2, (short) 0);
user.setIcon(scratch2, len3);
} else {
// Is optional, so we need to skip the value
decoder.skipEntry();
}
}
break;
case (short) 4:
len2 = decoder.readMajorType(CBORBase.TYPE_ARRAY);
// Create the params object
params = new PublicKeyCredentialParams(len2);
// Process the array
for (short j = 0; j < len2; j++) {
// Read the map length - should be 2
short len3 = decoder.readMajorType(CBORBase.TYPE_MAP);
if(len3 != 2) {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
}
// Iterate over the map
for (short k = 0; k < (short) 2; k++) {
decoder.readTextString(scratch1, (short) 0);
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_ALG, (short) 0,
(short) 3) == (byte) 0) {
// Read the integer type (positive or negative)
if (decoder.getMajorType() == CBORBase.TYPE_UNSIGNED_INTEGER) {
// Positive number
len3 = decoder.readEncodedInteger(scratch2, (short) 0);
if (len3 == 1) {
// Single byte
params.addAlgorithm(scratch2[0]);
} else if (len3 == 2) {
// A full short
params.addAlgorithm(Util.makeShort(scratch2[0], scratch2[1]));
}
} else if (decoder.getMajorType() == CBORBase.TYPE_NEGATIVE_INTEGER) {
// Negative
len3 = decoder.readEncodedInteger(scratch2, (short) 0);
if (len3 == 1) {
params.addAlgorithm((short) (-1 - scratch2[0]));
} else if (len3 == 2) {
// Full short
params.addAlgorithm((short) (-1 - Util.makeShort(scratch2[0], scratch2[1])));
}
}
} else if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_TYPE, (short) 0, (short) 4) == (byte) 0) {
// Public key type
// Check it
decoder.readTextString(scratch1, (short) 0);
if(Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_PUBLIC_KEY, (short) 0, (short) 10) != (byte) 0) {
UserException.throwIt(CTAP2.CTAP2_ERR_UNSUPPORTED_ALGORITHM);
}
} else {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
}
}
// Done
}
break;
case (short) 5:
// Credential exclusion stuff
// Parse it
len2 = decoder.readMajorType(CBORBase.TYPE_ARRAY);
exclude = new PublicKeyCredentialDescriptor[len2];
for (short j = 0; j < len2; j++) {
// Read the map. It has 2 things in it.
short len3 = decoder.readMajorType(CBORBase.TYPE_MAP);
if (len3 != 2) {
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_CBOR);
}
// Parse it, properly
for(short k = 0; k < (short) 2; k++) {
decoder.readTextString(scratch1, (short) 0);
if(Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_ID, (short) 0, (short) 2) == (byte) 0) {
// Read the actual id
len3 = decoder.readByteString(scratch1, (short) 0);
exclude[j] = new PublicKeyCredentialDescriptor(scratch1, (short) 0, len3);
} else if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_TYPE, (short) 0, (short) 4) == (byte) 0) {
// Read the type field, it must be text
decoder.readTextString(scratch1, (short) 0);
// It doesn't matter what it is, just check it's string and exists.
} else {
// If it's not these two, throw an error
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
break;
}
}
}
break;
case (short) 7:
// Options map
// Parse the two rk and uv objects
// Read the map
if(decoder.getMajorType() != CBORBase.TYPE_MAP) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
break;
}
len2 = decoder.readMajorType(CBORBase.TYPE_MAP);
for (short j = 0; j < len2; j++) {
// Parse the map
decoder.readTextString(scratch1, (short) 0);
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_UV, (short) 0,
(short) 2) == (short) 0) {
// Is the user validation bit
options[1] = decoder.readBoolean();
} else
if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_RK, (short) 0,
(short) 2) == (short) 0) {
// Is the resident key bit
decoder.readBoolean();
} else if (Util.arrayCompare(scratch1, (short) 0, Utf8Strings.UTF8_UP, (short) 0, (short) 2) == (short) 0) {
// Error out
UserException.throwIt(CTAP2.CTAP2_ERR_INVALID_OPTION);
break;
} else {
// Skip it
decoder.skipEntry();
}
}
break;
case (short) 6:
// Extensions
// We don't support any yet
// So check it's a map and skip
if(decoder.getMajorType() != CBORBase.TYPE_MAP) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
break;
}
decoder.skipEntry();
break;
default:
// Skip it transparently
decoder.skipEntry();
break;
}
}
// Check we've got stuff like the clientDataHash
if(dataHash == null || rp == null || user == null || params == null) {
UserException.throwIt(CTAP2.CTAP2_ERR_MISSING_PARAMETER);
}
// We're done, I guess
}
public PublicKeyCredentialUserEntity getUser() {
return user;
}
public PublicKeyCredentialRpEntity getRp() {
return rp;
}
public boolean isResident() {
return options[0];
}
public byte getAlgorithm() {
return params.getAlgorithm();
}
public boolean isExclude() {
return (exclude != null && exclude.length > 0);
}
/**
* Reads the clientDataHash into a buffer.
*
* @param outBuf The buffer to read into.
* @param outOff the offset to begin at.
* @return the length of the data read out.
*/
public short getDataHash(byte[] outBuf, short outOff) {
Util.arrayCopy(dataHash, (short) 0, outBuf, outOff, (short) dataHash.length);
return (short) dataHash.length;
}
}
src/main/java/com/josh/vku2f/CBORBase.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2018, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.APDU;
import javacard.framework.ISO7816;
import javacard.framework.ISOException;
import javacard.framework.JCSystem;
public abstract class CBORBase {
// Mask for the major CBOR type
protected static final byte MAJOR_TYPE_MASK = (byte) 0x07;
// Mask for additional information in the low-order 5 bits
protected static final byte ADDINFO_MASK = (byte) 0x1F;
// Major type 0: an unsigned integer
public static final byte TYPE_UNSIGNED_INTEGER = (byte) (0x00);
// Major type 1: a negative integer
public static final byte TYPE_NEGATIVE_INTEGER = (byte) (0x01);
// Major type 2: a byte string
public static final byte TYPE_BYTE_STRING = (byte) (0x02);
// Major type 3: a text string
public static final byte TYPE_TEXT_STRING = (byte) (0x03);
// Major type 4: an array of data items
public static final byte TYPE_ARRAY = (byte) (0x04);
// Major type 5: a map of pairs of data items
public static final byte TYPE_MAP = (byte) (0x05);
// Major type 6: optional semantic tagging of other major types
public static final byte TYPE_TAG = (byte) (0x06);
// Major type 7: floating-point numbers
public static final byte TYPE_FLOAT = (byte) (0x07);
/**
* Length information (Integer size, array length, etc.) in low-order 5 bits
*/
// One byte unsigned value (uint8)
protected static final byte ENCODED_ONE_BYTE = 0x18;
// Two byte unsigned value (uint16)
protected static final byte ENCODED_TWO_BYTES = 0x19;
// Four byte unsigned value (uint32)
protected static final byte ENCODED_FOUR_BYTES = 0x1a;
// Eight byte unsigned value (uint64)
protected static final byte ENCODED_EIGHT_BYTES = 0x1b;
/**
* Values for additional information in major type 7
*/
// CBOR encoded boolean - false
protected static final byte ENCODED_FALSE = (byte) 0xF4;
// CBOR encoded boolean - true
protected static final byte ENCODED_TRUE = (byte) 0xF5;
// CBOR encoded null
protected static final byte ENCODED_NULL = (byte) 0xF6;
// CBOR encoded undefined value
protected static final byte ENCODED_UNDEFINED = (byte) 0xF7;
// CBOR encoded break for unlimited arrays/maps.
protected static final byte ENCODED_BREAK = (byte) 0xFF;
public static final byte INVALID_INPUT = -1;
protected short[] mStatusWords;
protected byte[] mBuffer;
protected CBORBase() {
mStatusWords = JCSystem.makeTransientShortArray((short) 2, JCSystem.CLEAR_ON_RESET);
}
/**
* Initializes the encoder/decoder without buffer (use the APDU buffer instead).
*
* @param offset Offset in APDU buffer where content should be read
* @param length Length in the APDU buffer
*/
final public void init(short off, short length) {
mBuffer = null;
mStatusWords[0] = off;
mStatusWords[1] = (short)(off + length);
}
/**
* Initializes with a given array and the given offset.
* @param buffer Buffer with CBOR content
* @param offset Offset in buffer where content should be read/written
*/
final public void init(byte[] buffer, short off, short length) {
if (buffer != APDU.getCurrentAPDUBuffer()) { // do not store the APDU buffer
mBuffer = buffer;
} else {
mBuffer = null;
}
mStatusWords[0] = off;
mStatusWords[1] = (short)(off + length);
}
/**
* Reset the internal state of the parser
*/
final public void reset() {
mBuffer = null;
mStatusWords[0] = 0;
mStatusWords[1] = 0;
}
/**
* Returns the current offset within the buffer stream.
*/
final public short getCurrentOffset() {
return mStatusWords[0];
}
/**
* Returns the length of the current buffer stream.
*/
final public short getBufferLength() {
return mStatusWords[1];
}
/**
* Returns the current offset in the buffer stream and increases it by the given
* number
*
* @param inc Value that should be add to the offset
* @return Current offset value (before increase)
*/
final protected short getCurrentOffsetAndIncrease(short inc) {
final short off = mStatusWords[0];
increaseOffset(inc);
return off;
}
/**
* Get the current raw byte (do not increase offset
* @return Current byte value
*/
protected byte getRawByte() {
return getBuffer()[mStatusWords[0]];
}
/**
* Returns the internal buffer or the APDU buffer if non is initializes
*
* @return The buffer for encoding/decoding
*/
protected byte[] getBuffer() {
if(mBuffer == null) {
return APDU.getCurrentAPDUBuffer();
}
return mBuffer;
}
/**
* Increase the current offset and return the new value.
*
* @param inc Value that should be added to the offset
* @return New offset value (after increase)
*/
final protected short increaseOffset(short inc) {
if((short)(getCurrentOffset() + inc) > getBufferLength() || inc < 0)
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
mStatusWords[0]+=inc;
return mStatusWords[0];
}
}
src/main/java/com/josh/vku2f/CBORDecoder.java 0 → 100644
View file @ 75d64299
/*
**
**
** Copyright 2018, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.ISO7816;
import javacard.framework.ISOException;
import javacard.framework.UserException;
import javacard.framework.Util;
public class CBORDecoder extends CBORBase {
/**
* Return the current major type (does not increase buffer location)
*
* @return Major type at the current buffer location
*/
public byte getMajorType() {
return (byte) ((getRawByte() >>> 5) & (MAJOR_TYPE_MASK & 0xff));
}
/**
* Returns the size of the integer at the current location.
*
* @return Size of the integer in bytes
*/
public byte getIntegerSize() {
final byte eventlength = (byte) (getRawByte() & ADDINFO_MASK);
if (eventlength <= ENCODED_ONE_BYTE) {
return 1;
} else if (eventlength == ENCODED_TWO_BYTES) {
return 2;
} else if (eventlength == ENCODED_FOUR_BYTES) {
return 4;
} else if (eventlength == ENCODED_EIGHT_BYTES) {
return 8;
}
return INVALID_INPUT;
}
/**
* Skips the current entry (offset will be increased by the size of the entry)
*
* @return The offset value after the skipped entry
*/
public short skipEntry(){
short mapentries = 1;
switch (getMajorType()) {
case TYPE_UNSIGNED_INTEGER:
case TYPE_NEGATIVE_INTEGER:
short size = getIntegerSize();
if (size == 1) { // Make sure one byte integers are handled correctly
readInt8(); // Increases by 1 (one byte encoded int) or 2 bytes
} else {
increaseOffset((short) (1 + size));
}
break;
case TYPE_TEXT_STRING:
case TYPE_BYTE_STRING:
increaseOffset(readLength());
break;
case TYPE_MAP:
mapentries = 2; // Number of entries are doubled for maps (keys + values)
case TYPE_ARRAY:
mapentries = (short) (mapentries * readLength());
for (short i = 0; i < mapentries; i++) {
skipEntry();
}
break;
case TYPE_TAG:
case TYPE_FLOAT:
default:
}
return getCurrentOffset();
}
/**
* Read the major type and verifies if it matches the given type. Returns the
* length information of the additional information field (increases offset by
* the number of length bytes). Throws a CTAP2Exeption if the major type is not
* correct.
*
* @param majorType The expected major type
* @return The length in the addition information field
*/
public short readMajorType(byte majorType) throws UserException {
if (majorType != getMajorType()) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
return 0;
}
return readLength();
}
/**
* Read the 8bit integer at the current location (offset will be increased).
* Note: this function works for positive and negative integers. Sign
* interpretation needs to be done by the caller.
*
* @return The current 8bit Integer
*/
public byte readInt8(){
final byte eventlength = (byte) (readRawByte() & ADDINFO_MASK);
if (eventlength < ENCODED_ONE_BYTE) {
return eventlength;
} else if (eventlength == ENCODED_ONE_BYTE) {
return (byte) (readRawByte() & 0xff);
} else {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
return 0; // Never reached
}
/**
* Read the 16bit integer at the current location (offset will be increased)
* Note: this function works for positive and negative integers. Sign
* interpretation needs to be done by the caller.
*
* @return The current 16bit Integer
*/
public short readInt16() {
final byte addInfo = (byte) (readRawByte() & ADDINFO_MASK);
if (addInfo == ENCODED_TWO_BYTES) {
return Util.getShort(getBuffer(), getCurrentOffsetAndIncrease((short) 2));
} else {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
return 0; // Never reached
}
public void readInt32(byte[] output, short offset) {
final byte addInfo = (byte) (readRawByte() & ADDINFO_MASK);
if (addInfo == ENCODED_FOUR_BYTES) {
Util.arrayCopyNonAtomic(getBuffer(), getCurrentOffsetAndIncrease((short) 4), output, offset, (short) 4);
} else {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
}
public void readInt64(byte[] output, short offset) {
final byte addInfo = (byte) (readRawByte() & ADDINFO_MASK);
if (addInfo == ENCODED_EIGHT_BYTES) {
Util.arrayCopyNonAtomic(getBuffer(), getCurrentOffsetAndIncrease((short) 8), output, offset, (short) 8);
} else {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
}
public short readEncodedInteger(byte[] output, short offset) {
final byte size = getIntegerSize();
if (size == 1) { // Check for special case (integer could be encoded in first type)
output[offset] = readInt8();
} else {
Util.arrayCopyNonAtomic(getBuffer(), getCurrentOffsetAndIncrease((short) (1 + size)), output, offset, size);
}
return (short) (size & 0xFF);
}
public short readLength() {
final byte size = getIntegerSize(); // Read length information
short length = 0;
if (size == 1) {
length = (short) (readInt8() & 0xFF);
} else if (size == 2) {
length = readInt16();
} else { // length information above 4 bytes not supported
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
return length;
}
/**
* Reads a boolean at the current location (offset will be increased).
*/
public boolean readBoolean() {
byte b = readRawByte();
if (b == ENCODED_TRUE) {
return true;
} else if (b == ENCODED_FALSE) {
return false;
} else {
ISOException.throwIt(ISO7816.SW_DATA_INVALID);
}
// Never happens
return true;
}
/**
* Read a byte string at the current location and copy it into the given buffer
* (offset will be increased). Throws an error if it's the wrong type.
*
* @param outBuffer Buffer where the array should be copied to
* @param outOffset Offset location within the buffer
* @return Number of bytes copied into the buffer
*/
public short readByteString(byte[] outBuffer, short outOffset) throws UserException {
if(getMajorType() != TYPE_BYTE_STRING) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
return 0;
}
short length = readLength();
return readRawByteArray(outBuffer, outOffset, length);
}
/**
* Read a text (really a byte) string at the current location and copy it into the given buffer
* (offset will be increased).
*
* @param outBuffer Buffer where the array should be copied to
* @param outOffset Offset location within the buffer
* @return Number of bytes copied into the buffer
* @throws CTAP2Exception
*/
public short readTextString(byte[] outBuffer, short outOffset) throws UserException {
if(getMajorType() != TYPE_TEXT_STRING) {
UserException.throwIt(CTAP2.CTAP2_ERR_CBOR_UNEXPECTED_TYPE);
return 0;
}
short length = readLength();
return readRawByteArray(outBuffer, outOffset, length);
}
/**
* Read the byte array at the current location and copy it into the given buffer
* (offset will be increased).
*
* @param outBuffer Buffer where the array should be copied to
* @param outOffset Offset location within the buffer
* @param length Number of bytes that should be read from the buffer
* @return Number of bytes copied into the buffer
*/
public short readRawByteArray(byte[] outBuffer, short outOffset, short length) {
if (length > (short) outBuffer.length || (short) (length + getCurrentOffset()) > getBufferLength())
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
length = Util.arrayCopyNonAtomic(getBuffer(), getCurrentOffset(), outBuffer, outOffset, length);
increaseOffset(length);
return length;
}
/**
* Read the raw byte at the current buffer location and increase the offset by
* one.
*
* @return Current raw byte
*/
public byte readRawByte() {
return getBuffer()[mStatusWords[0]++];
}
}
src/main/java/com/josh/vku2f/CBOREncoder.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2018, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.ISO7816;
import javacard.framework.ISOException;
import javacard.framework.Util;
public class CBOREncoder extends CBORBase{
/**
* Start a new array at the current buffer location with the given array size.
*
* @return The offset in the buffer where the first array entry is supposed to
* be copied into.
*/
public short startArray(short arraySize) {
encodeValue((byte) (TYPE_ARRAY << 5), arraySize);
return getCurrentOffset();
}
/**
* Start a new map at the current buffer location with the given map size.
*
* @return The offset in the buffer where the first key is supposed to be copied
* into.
*/
public short startMap(short mapSize) {
encodeValue((byte) (TYPE_MAP << 5), mapSize);
return getCurrentOffset();
}
/**
* Encodes the start of a byte string with the given length at the current
* buffer location. The actual byte string is not copied into the buffer and the
* internal offset will already be increased by the given length (offset will be
* set to the location after the byte string)
*
* @return The offset in the buffer where the byte string is supposed to be
* copied into.
*/
public short startByteString(short length) {
encodeValue((byte) (TYPE_BYTE_STRING << 5), length);
return getCurrentOffsetAndIncrease(length);
}
/**
* Encodes the start of a text string with the given length at the current
* location. The actual text string is not copied into the buffer and the
* internal offset will already be increased by the given length (offset will be
* set to the location after the byte string)
*
* @return The offset in the buffer where the text string is supposed to be
* copied into.
*/
public short startTextString(short length) {
encodeValue((byte) (TYPE_TEXT_STRING << 5), length);
return getCurrentOffsetAndIncrease(length);
}
/**
* Encodes the given byte string at the current buffer location.
*
* @return The number of bytes written to buffer
*/
public short encodeByteString(byte[] byteString, short offset, short length) {
short len = encodeValue((byte) (TYPE_BYTE_STRING << 5), length);
len += writeRawByteArray(byteString, offset, length);
return len;
}
/**
* Encodes the text string at the current buffer location.
*
* @return The number of bytes written to buffer
*/
public short encodeTextString(byte[] byteString, short offset, short length) {
short len = encodeValue((byte) (TYPE_TEXT_STRING << 5), length);
len += writeRawByteArray(byteString, offset, length);
return len;
}
/**
* Encode the given integer value at the current buffer location.
*
* @param value Value to encode in the byte array. Note: as there are no
* unsigned shorts in Java card, a negative number will be
* interpreted as positive value.
* @return The number of bytes written to buffer
*/
public short encodeUInt8(byte value) {
return encodeValue(TYPE_UNSIGNED_INTEGER, (short) (value & 0x00FF));
}
public short encodeNegativeUInt8(byte value) {
return encodeValue((byte) 0x20, (short) (value & 0x00FF));
}
public short encodeNegativeUInt16(short value) {
return encodeValue((byte) 0x20, value);
}
/**
* Encode the given integer value at the current buffer location.
*
* @param value Value to encode in the byte array. Note: as there are no
* unsigned shorts in Java card, a negative number will be
* interpreted as positive value.
* @return The number of bytes written to buffer
*/
public short encodeUInt16(short value) {
return encodeValue(TYPE_UNSIGNED_INTEGER, value);
}
/**
* Encodes the given byte array as 4 byte Integer
*
* @return The number of bytes written to buffer
*/
public short encodeUInt32(byte[] valueBuf, short valueOffset) {
writeRawByte((byte) (TYPE_UNSIGNED_INTEGER | ENCODED_FOUR_BYTES));
return (short) (writeRawByteArray(valueBuf, valueOffset, (short) 4) + 1);
}
/**
* Encodes the given byte array as 8 byte Integer
*
* @return The number of bytes written to buffer
*/
public short encodeUInt64(byte[] valueBuf, short valueOffset) {
writeRawByte((byte) (TYPE_UNSIGNED_INTEGER | ENCODED_EIGHT_BYTES));
return (short) (writeRawByteArray(valueBuf, valueOffset, (short) 8) + 1);
}
/**
* Encodes the given boolean
*
* @return The number of bytes written to buffer
*/
public short encodeBoolean(boolean value) {
if(value) {
return writeRawByte(ENCODED_TRUE);
} else {
return writeRawByte(ENCODED_FALSE);
}
}
final private short encodeValue(byte majorType, short value) {
if(ICUtil.isLessThanAsUnsignedShort(value, ENCODED_ONE_BYTE)) {
return writeRawByte((byte) (majorType | value));
} else if (ICUtil.isLessThanAsUnsignedShort(value, (short) 0x100)) {
return writeUInt8(majorType, (byte) value);
} else {
return writeUInt16(majorType, value);
}
}
final private short writeUInt8(byte type, byte value) {
writeRawByte((byte) (type | ENCODED_ONE_BYTE));
writeRawByte(value);
return (short) 2;
}
final private short writeUInt16(byte type, short value) {
writeRawByte((byte) (type | ENCODED_TWO_BYTES));
writeRawShort(value);
return (short) 3;
}
/**
* Write the given byte at the current buffer location and increase the offset
* by one.
*/
final public short writeRawByte(byte val) {
getBuffer()[getCurrentOffset()] = val;
increaseOffset((short) 1);
return (short) 1;
}
/**
* Write the given short value at the current buffer location and increase the
* offset by two.
*/
final private short writeRawShort(short val) {
Util.setShort(getBuffer(), getCurrentOffset(), val);
increaseOffset((short) 2);
return (short) 2;
}
/**
* Write the byte array at the current buffer location and increase the offset
* by its size.
*
* @param value Buffer array with the content
* @param offset Offset in input buffer
* @param length Length of data that should be encoded
* @return The current offset in the buffer
*/
final private short writeRawByteArray(byte[] value, short offset, short length) {
if (length > (short) (value.length + offset) || (short)(length + getCurrentOffset()) > getBufferLength())
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
short currentOff = getCurrentOffset();
length = (short) (Util.arrayCopyNonAtomic(value, offset, getBuffer(), currentOff, length) - currentOff);
increaseOffset(length);
return length;
}
}
src/main/java/com/josh/vku2f/CTAP2.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.APDU;
import javacard.framework.Applet;
import javacard.framework.ISO7816;
import javacard.framework.ISOException;
import javacard.framework.JCSystem;
import javacard.framework.UserException;
import javacard.framework.Util;
import javacard.security.ECKey;
import javacard.security.ECPrivateKey;
import javacard.security.ECPublicKey;
import javacard.security.KeyBuilder;
import javacard.security.KeyPair;
import javacard.security.MessageDigest;
import javacard.security.Signature;
import javacardx.apdu.ExtendedLength;
public class CTAP2 extends Applet implements ExtendedLength {
private CBORDecoder cborDecoder;
private CBOREncoder cborEncoder;
private byte[] inBuf;
private byte[] scratch;
private short[] vars;
private CredentialArray discoverableCreds;
private MessageDigest sha;
private AttestationKeyPair attestation;
private byte[] info;
private StoredCredential[] assertionCreds;
private short[] nextAssertion;
AuthenticatorGetAssertion assertion;
private boolean persoComplete;
private boolean[] isChaining;
private short[] chainRam;
private short[] outChainRam;
private boolean[] isOutChaining;
private AuthenticatorMakeCredential cred;
private KeyPair ecDhKey;
private boolean[] ecDhSet;
private StoredCredential tempCred;
private static final byte ISO_INS_GET_DATA = (byte) 0xC0;
private static final byte FIDO2_INS_NFCCTAP_MSG = (byte) 0x10;
public static final byte CTAP1_ERR_SUCCESS = (byte) 0x00;
public static final byte CTAP1_ERR_INVALID_COMMAND = (byte) 0x01;
public static final byte CTAP1_ERR_INVALID_PARAMETER = (byte) 0x02;
public static final byte CTAP1_ERR_INVALID_LENGTH = (byte) 0x03;
public static final byte CTAP1_ERR_INVALID_SEQ = (byte) 0x04;
public static final byte CTAP1_ERR_TIMEOUT = (byte) 0x05;
public static final byte CTAP1_ERR_CHANNEL_BUSY = (byte) 0x06;
public static final byte CTAP1_ERR_LOCK_REQUIRED = (byte) 0x0A;
public static final byte CTAP1_ERR_INVALID_CHANNEL = (byte) 0x0B;
public static final byte CTAP1_ERR_OTHER = (byte) 0x7F;
public static final byte CTAP2_ERR_CBOR_UNEXPECTED_TYPE = (byte) 0x11;
public static final byte CTAP2_ERR_INVALID_CBOR = (byte) 0x12;
public static final byte CTAP2_ERR_MISSING_PARAMETER = (byte) 0x14;
public static final byte CTAP2_ERR_LIMIT_EXCEEDED = (byte) 0x15;
public static final byte CTAP2_ERR_UNSUPPORTED_EXTENSION = (byte) 0x16;
public static final byte CTAP2_ERR_CREDENTIAL_EXCLUDED = (byte) 0x19;
public static final byte CTAP2_ERR_PROCESSING = (byte) 0x21;
public static final byte CTAP2_ERR_INVALID_CREDENTIAL = (byte) 0x22;
public static final byte CTAP2_ERR_USER_ACTION_PENDING = (byte) 0x23;
public static final byte CTAP2_ERR_OPERATION_PENDING = (byte) 0x24;
public static final byte CTAP2_ERR_NO_OPERATIONS = (byte) 0x25;
public static final byte CTAP2_ERR_UNSUPPORTED_ALGORITHM = (byte) 0x26;
public static final byte CTAP2_ERR_OPERATION_DENIED = (byte) 0x27;
public static final byte CTAP2_ERR_KEY_STORE_FULL = (byte) 0x28;
public static final byte CTAP2_ERR_NO_OPERATION_PENDING = (byte) 0x2A;
public static final byte CTAP2_ERR_UNSUPPORTED_OPTION = (byte) 0x2B;
public static final byte CTAP2_ERR_INVALID_OPTION = (byte) 0x2C;
public static final byte CTAP2_ERR_KEEPALIVE_CANCEL = (byte) 0x2D;
public static final byte CTAP2_ERR_NO_CREDENTIALS = (byte) 0x2E;
public static final byte CTAP2_ERR_USER_ACTION_TIMEOUT = (byte) 0x2F;
public static final byte CTAP2_ERR_NOT_ALLOWED = (byte) 0x30;
public static final byte CTAP2_ERR_PIN_INVALID = (byte) 0x31;
public static final byte CTAP2_ERR_PIN_BLOCKED = (byte) 0x32;
public static final byte CTAP2_ERR_PIN_AUTH_INVALID = (byte) 0x33;
public static final byte CTAP2_ERR_PIN_AUTH_BLOCKED = (byte) 0x34;
public static final byte CTAP2_ERR_PIN_NOT_SET = (byte) 0x35;
public static final byte CTAP2_ERR_PIN_REQUIRED = (byte) 0x36;
public static final byte CTAP2_ERR_PIN_POLICY_VIOLATION = (byte) 0x37;
public static final byte CTAP2_ERR_PIN_TOKEN_EXPIRED = (byte) 0x38;
public static final byte CTAP2_ERR_REQUEST_TOO_LARGE = (byte) 0x39;
public static final byte CTAP2_ERR_ACTION_TIMEOUT = (byte) 0x3A;
public static final byte CTAP2_ERR_UP_REQUIRED = (byte) 0x3B;
public static final byte FIDO2_AUTHENTICATOR_MAKE_CREDENTIAL = (byte) 0x01;
public static final byte FIDO2_AUTHENTICATOR_GET_ASSERTION = (byte) 0x02;
public static final byte FIDO2_AUTHENTICATOR_GET_NEXT_ASSERTION = (byte) 0x08;
public static final byte FIDO2_AUTHENTICATOR_GET_INFO = (byte) 0x04;
public static final byte FIDO2_AUTHENTICATOR_CLIENT_PIN = (byte) 0x06;
public static final byte FIDO2_AUTHENTICATOR_RESET = (byte) 0x07;
// Vendor specific - for attestation cert loading.
public static final byte FIDO2_VENDOR_ATTEST_SIGN = (byte) 0x41;
public static final byte FIDO2_VENDOR_ATTEST_LOADCERT = (byte) 0x42;
public static final byte FIDO2_VENDOR_PERSO_COMPLETE = (byte) 0x43;
public static final byte FIDO2_VENDOR_ATTEST_GETPUB = (byte) 0x44;
public static final byte FIDO2_VENDOR_ATTEST_GETCERT = (byte) 0x4A;
public static final byte FIDO2_DESELECT = 0x12;
// AAGUID - this uniquely identifies the type of authenticator we have built.
// If you're reusing this code, please generate your own GUID and put it here -
// this is unique to manufacturer and device model.
public static final byte[] aaguid = {
(byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
(byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 };
private CTAP2() {
// 1210 bytes of a transient buffer for read-in and out
// We advertise 1200 bytes supported, but 10 bytes for protocol nonsense
try {
inBuf = JCSystem.makeTransientByteArray((short) 1210, JCSystem.CLEAR_ON_DESELECT);
} catch (Exception e) {
inBuf = new byte[1210];
}
try {
scratch = JCSystem.makeTransientByteArray((short) 512, JCSystem.CLEAR_ON_DESELECT);
} catch (Exception e) {
scratch = new byte[512];
}
vars = JCSystem.makeTransientShortArray((short) 8, JCSystem.CLEAR_ON_DESELECT);
// Create the CBOR decoder
cborDecoder = new CBORDecoder();
cborEncoder = new CBOREncoder();
discoverableCreds = new CredentialArray((short) 5);
sha = MessageDigest.getInstance(MessageDigest.ALG_SHA_256, false);
attestation = new AttestationKeyPair();
nextAssertion = JCSystem.makeTransientShortArray((short) 1, JCSystem.CLEAR_ON_RESET);
persoComplete = false;
isChaining = JCSystem.makeTransientBooleanArray((short) 2, JCSystem.CLEAR_ON_DESELECT);
chainRam = JCSystem.makeTransientShortArray((short) 4, JCSystem.CLEAR_ON_DESELECT);
outChainRam = JCSystem.makeTransientShortArray((short) 4, JCSystem.CLEAR_ON_DESELECT);
isOutChaining = JCSystem.makeTransientBooleanArray((short) 2, JCSystem.CLEAR_ON_DESELECT);
ECPublicKey ecDhPub = (ECPublicKey) KeyBuilder.buildKey(KeyBuilder.ALG_TYPE_EC_FP_PUBLIC,
JCSystem.MEMORY_TYPE_TRANSIENT_RESET, KeyBuilder.LENGTH_EC_FP_256, false);
ECPrivateKey ecDhPriv = (ECPrivateKey) KeyBuilder.buildKey(KeyBuilder.ALG_TYPE_EC_FP_PRIVATE,
JCSystem.MEMORY_TYPE_TRANSIENT_RESET, KeyBuilder.LENGTH_EC_FP_256, false);
ecDhKey = new KeyPair(ecDhPub, ecDhPriv);
ecDhSet = JCSystem.makeTransientBooleanArray((short) 1, JCSystem.CLEAR_ON_RESET);
}
public void handle(APDU apdu) {
byte[] buffer = apdu.getBuffer();
tempCred = null;
cred = null;
vars[3] = doApduIngestion(apdu);
if (vars[3] == 0) {
// If zero, we had no ISO error, but there might be a CTAP error to return.
// Throw either way.
ISOException.throwIt(ISO7816.SW_NO_ERROR);
return;
}
// Need to grab the CTAP command byte
switch (inBuf[0]) {
case FIDO2_AUTHENTICATOR_MAKE_CREDENTIAL:
authMakeCredential(apdu, vars[3]);
break;
case FIDO2_AUTHENTICATOR_GET_ASSERTION:
authGetAssertion(apdu, vars[3]);
break;
case FIDO2_AUTHENTICATOR_GET_INFO:
authGetInfo(apdu);
break;
case FIDO2_AUTHENTICATOR_GET_NEXT_ASSERTION:
authGetNextAssertion(apdu, buffer);
break;
case FIDO2_VENDOR_ATTEST_SIGN:
attestSignRaw(apdu, vars[3]);
break;
case FIDO2_VENDOR_ATTEST_LOADCERT:
attestSetCert(apdu, vars[3]);
break;
case FIDO2_VENDOR_PERSO_COMPLETE:
persoComplete(apdu);
break;
case FIDO2_VENDOR_ATTEST_GETPUB:
getAttestPublic(apdu);
break;
case FIDO2_VENDOR_ATTEST_GETCERT:
getCert(apdu);
break;
case FIDO2_AUTHENTICATOR_RESET:
// Need to finish doing this, we can, i mean, but I don't like it
doReset(apdu);
break;
default:
returnError(apdu, CTAP1_ERR_INVALID_COMMAND);
}
}
public void persoComplete(APDU apdu) {
if (attestation.isCertSet() && !persoComplete) {
persoComplete = true;
returnError(apdu, CTAP1_ERR_SUCCESS);
} else {
returnError(apdu, CTAP1_ERR_INVALID_COMMAND);
}
}
/**
* Gets the attestation public key.
*
* @param apdu
* @ param buffer
* @ param inBuf
* @ param bufLen
*/
public void getAttestPublic(APDU apdu) {
if (persoComplete) {
returnError(apdu, CTAP1_ERR_INVALID_COMMAND);
return;
}
inBuf[0] = 0x00;
vars[0] = (short) (attestation.getPubkey(inBuf, (short) 1) + 1);
apdu.setOutgoing();
apdu.setOutgoingLength(vars[0]);
apdu.sendBytesLong(inBuf, (short) 0, vars[0]);
}
/**
* Performs raw signatures, may only occur when personalisation is not complete.
*
* @param apdu
* @ param buffer
* @ param inBuf
* @param bufLen
*/
public void attestSignRaw(APDU apdu, short bufLen) {
if (persoComplete) {
returnError(apdu, CTAP1_ERR_INVALID_COMMAND);
return;
}
Util.arrayCopy(inBuf, (short) 1, scratch, (short) 0, (short) (bufLen - 1));
inBuf[0] = 0x00;
vars[2] = attestation.sign(scratch, (short) 0, vars[1], inBuf, (short) 1);
apdu.setOutgoing();
apdu.setOutgoingLength((short) (vars[2] + 1));
apdu.sendBytesLong(inBuf, (short) 0, (short) (vars[2] + 1));
}
public void attestSetCert(APDU apdu, short bufLen) {
if (persoComplete) {
returnError(apdu, CTAP1_ERR_INVALID_COMMAND);
return;
}
// We don't actually use any CBOR here, simplify copying
attestation.setCert(inBuf, (short) 1, (short) (bufLen - 1));
MessageDigest dig = MessageDigest.getInstance(MessageDigest.ALG_SHA_256, false);
short len = (short) (dig.doFinal(attestation.x509cert, (short) 0, attestation.x509len, inBuf, (short) 3) + 3);
inBuf[0] = 0x00;
Util.setShort(inBuf, (short) 1, attestation.x509len);
apdu.setOutgoing();
apdu.setOutgoingLength(len);
apdu.sendBytesLong(inBuf, (short) 0, len);
}
public void authMakeCredential(APDU apdu, short bufLen) {
// Init the decoder
cborDecoder.init(inBuf, (short) 1, bufLen);
// create a credential object
try {
cred = new AuthenticatorMakeCredential(cborDecoder);
} catch (UserException e) {
returnError(apdu, e.getReason());
return;
}
// Create the actual credential
switch (cred.getAlgorithm()) {
case Signature.ALG_ECDSA_SHA_256:
tempCred = new StoredES256Credential(cred);
break;
case Signature.ALG_RSA_SHA_256_PKCS1:
tempCred = new StoredRS256Credential(cred);
break;
case Signature.ALG_RSA_SHA_256_PKCS1_PSS:
tempCred = new StoredPS256Credential(cred);
break;
default:
returnError(apdu, CTAP2_ERR_UNSUPPORTED_ALGORITHM);
return;
}
if (cred.isResident()) {
// Check if a credential exists on the exclude list
if (cred.isExclude() && isPresent(cred.exclude)) {
// Throw the error
returnError(apdu, CTAP2_ERR_CREDENTIAL_EXCLUDED);
return;
}
// Add the credential to the resident storage, overwriting if necessary
addResident(apdu, tempCred);
// Initialise the output buffer, for CBOR writing.
// output buffer needs 0x00 as first byte as status code
inBuf[0] = 0x00;
cborEncoder.init(inBuf, (short) 1, (short) 1199);
// Create a map in the buffer
vars[0] = cborEncoder.startMap((short) 3);
// Attestation stuff
cborEncoder.writeRawByte((byte) 0x01);
cborEncoder.encodeTextString(Utf8Strings.UTF8_PACKED, (short) 0, (short) 6);
// Put the authdata identifier there
cborEncoder.writeRawByte((byte) 0x02);
// Allocate some space for the byte string
vars[0] = cborEncoder.startByteString((short) (37 + tempCred.getAttestedLen()));
// Stash where it begins
vars[7] = vars[0];
// Create the SHA256 hash of the RP ID
tempCred.rp.getRp(scratch, (short) 0);
vars[0] += sha.doFinal(scratch, (short) 0, tempCred.rp.getRpLen(), inBuf, vars[0]);
// Set flags - User presence, user verified, attestation present
inBuf[vars[0]++] = (byte) 0x45;
// Set the signature counter
vars[0] += tempCred.readCounter(inBuf, vars[0]);
// Read the credential details in
// Just note down where this starts for future ref
vars[0] += tempCred.getAttestedData(inBuf, vars[0]);
// Generate and then attach the attestation
cborEncoder.writeRawByte((byte) 0x03);
// Start to build into the cbor array manually, to avoid arrayCopy
// Create a map with 3 things
cborEncoder.startMap((short) 3);
// Add the alg label
cborEncoder.encodeTextString(Utf8Strings.UTF8_ALG, (short) 0, (short) 3);
// Add the actual algorithm - -7 is 6 as a negative
cborEncoder.encodeNegativeUInt8((byte) 0x06);
// Add the actual signature, we should generate this
cborEncoder.encodeTextString(Utf8Strings.UTF8_SIG, (short) 0, (short) 3);
// Generate the signature, can't do this directly unfortunately.
// We sign over the client data hash and the attested data.
// AuthenticatorData is first. We noted down where it begins and know how long
// it is.
attestation.update(inBuf, vars[7], (short) (tempCred.getAttestedLen() + 37));
// The client data hash is next, which we use to finish off the signature.
vars[4] = attestation.sign(cred.dataHash, (short) 0, (short) cred.dataHash.length, scratch, (short) 0);
// Create the byte string for the signature
cborEncoder.encodeByteString(scratch, (short) 0, vars[4]);
// Set the x509 cert now
cborEncoder.encodeTextString(Utf8Strings.UTF8_X5C, (short) 0, (short) 3);
// Supposedly we need an array here
cborEncoder.startArray((short) 1);
cborEncoder.encodeByteString(attestation.x509cert, (short) 0, attestation.x509len);
// We're actually done, send this out
sendLongChaining(apdu, cborEncoder.getCurrentOffset());
} else {
// Non-resident credential
// TODO - we currently force resident credentials
returnError(apdu, CTAP2_ERR_UNSUPPORTED_OPTION);
}
}
public void authGetAssertion(APDU apdu, short bufLen) {
nextAssertion[0] = (short) 0;
// Decode the CBOR array for the assertion
cborDecoder.init(inBuf, (short) 1, bufLen);
try {
assertion = new AuthenticatorGetAssertion(cborDecoder);
} catch (UserException e) {
returnError(apdu, e.getReason());
return;
}
// Match the assertion to the credential
// Get a list of matching credentials
assertionCreds = findCredentials(apdu, assertion);
// Use the first one; this complies with both ideas - use the most recent match
// if no allow list, use any if an allow list existed
if (assertionCreds.length == 0 || assertionCreds[0] == null) {
returnError(apdu, CTAP2_ERR_NO_CREDENTIALS);
return;
}
// Create the authenticatorData to sign
sha.doFinal(assertion.rpId, (short) 0, (short) assertion.rpId.length, scratch, (short) 0);
if (assertion.options[1]) {
scratch[32] = 0x05;
} else {
scratch[32] = 0x01;
}
assertionCreds[0].readCounter(scratch, (short) 33);
// Copy the hash in
assertion.getHash(scratch, (short) 37);
// Create the output
// Status flags first
inBuf[0] = 0x00;
// Create the encoder
cborEncoder.init(inBuf, (short) 1, (short) 1199);
// Determine if we need 4 or 5 in the array
if (assertionCreds.length > 1) {
doAssertionCommon(cborEncoder, (short) 5);
} else {
doAssertionCommon(cborEncoder, (short) 4);
}
nextAssertion[0] = (short) 1;
// Emit this as a response
sendLongChaining(apdu, cborEncoder.getCurrentOffset());
}
/**
* Get the next assertion in a list of multiple.
*
* @param apdu
* @param buffer
* @ param inBuf
* @ param inLen
*/
private void authGetNextAssertion(APDU apdu, byte[] buffer) {
// Confirm that we have more assertions to do
if (nextAssertion[0] != (short) 0 && nextAssertion[0] < assertionCreds.length) {
// Create the authenticatorData to sign
sha.doFinal(assertion.rpId, (short) 0, (short) assertion.rpId.length, scratch, (short) 0);
if (assertion.options[1]) {
scratch[32] = 0x05;
} else {
scratch[32] = 0x01;
}
assertionCreds[nextAssertion[0]].readCounter(scratch, (short) 33);
// Copy the hash in
assertion.getHash(scratch, (short) 37);
// Create the output
// Status flags first
inBuf[0] = 0x00;
// Create the encoder
cborEncoder.init(inBuf, (short) 1, (short) 1199);
doAssertionCommon(cborEncoder, (short) 4);
nextAssertion[0]++;
// Emit this as a response
sendLongChaining(apdu, cborEncoder.getCurrentOffset());
}
}
// Process the AuthenticatorClientPin feature
// Note: we only implement the keyAgreement bit
public void clientPin(APDU apdu, short bufLen) {
try {
cborDecoder.init(inBuf, (short) 1, bufLen);
// Start reading
cborDecoder.readMajorType(CBORBase.TYPE_MAP);
// Read PIN protocol tag
if (cborDecoder.readInt8() != (byte) 0x01) {
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
return;
}
// Read the actual protocol
if (cborDecoder.readInt8() != (byte) 0x01) {
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
return;
}
// Subcommand now
if (cborDecoder.readInt8() != (byte) 0x02) {
UserException.throwIt(CTAP2_ERR_INVALID_CBOR);
return;
}
// Actual subcommand
switch (cborDecoder.readInt8()) {
case 0x02:
// Seems to be a Diffie-Hellman thing
generateDH(apdu);
break;
default:
UserException.throwIt(CTAP2_ERR_UNSUPPORTED_OPTION);
return;
}
} catch (UserException e) {
returnError(apdu, e.getReason());
}
}
private void addResident(APDU apdu, StoredCredential cred) {
// Add a Discoverable Credential (resident)
try {
discoverableCreds.addCredential(cred);
} catch (UserException e) {
returnError(apdu, e.getReason());
}
}
// Generate a session-specific ECDH P-256 key for Diffie-Hellman with the
// platform (Used for PIN but we only ever do it for hmac-secret)
private void generateDH(APDU apdu) {
byte[] w;
try {
w = JCSystem.makeTransientByteArray((short) 65, JCSystem.CLEAR_ON_RESET);
} catch (Exception e) {
w = new byte[65];
}
if (!ecDhSet[0]) {
// Grab the public key and set it's parameters
KeyParams.sec256r1params((ECKey) ecDhKey.getPublic());
// Generate a new key-pair
ecDhKey.genKeyPair();
}
((ECPublicKey) ecDhKey.getPublic()).getW(w, (short) 0);
// Return the data requested
inBuf[0] = 0x00;
cborEncoder.init(inBuf, (short) 1, (short) 1199);
// Start a map
cborEncoder.startMap((short) 1);
// Encode the COSE key identifier
cborEncoder.encodeUInt8((byte) 0x01);
// Start the COSE map
cborEncoder.startMap((short) 5);
// Kty tag
cborEncoder.encodeUInt8((byte) 0x01);
// Kty value - EC2
cborEncoder.encodeUInt8((byte) 0x02);
// Alg tag
cborEncoder.encodeUInt8((byte) 0x03);
// Alg value - ES256 (-7, 6 in negative format)
cborEncoder.encodeNegativeUInt8((byte) 0x06);
// Crv tag - negative
cborEncoder.encodeNegativeUInt8((byte) 0x00);
// Crv value - P-256
cborEncoder.encodeUInt8((byte) 0x01);
// X-coord tag
cborEncoder.encodeNegativeUInt8((byte) 0x01);
// X-coord value
cborEncoder.encodeByteString(w, (short) 1, (short) 32);
// Y-coord tag
cborEncoder.encodeNegativeUInt8((byte) 0x02);
// Y-coord value
cborEncoder.encodeByteString(w, (short) 33, (short) 32);
// That's it
sendLongChaining(apdu, cborEncoder.getCurrentOffset());
}
/**
* Finds all credentials scoped to the RpId, and optionally the allowList, in
* assertion
*
* @param apdu the APDU to send through for errors
* @param assertion the assertion CTAP object
* @return an array of StoredCredential objects, null if none matched.
*/
private StoredCredential[] findCredentials(APDU apdu, AuthenticatorGetAssertion assertion) {
StoredCredential[] list;
StoredCredential temp;
if (assertion.hasAllow()) {
// Our list can be no bigger than the allowList
list = new StoredCredential[(short) assertion.allow.length];
vars[6] = 0;
for (vars[7] = (short) (discoverableCreds.getLength() - 1); vars[7] >= 0; vars[7]--) {
temp = discoverableCreds.getCred(vars[7]);
// Check if null or doesn't match rpId
if (temp != null && temp.rp.checkId(assertion.rpId, (short) 0, (short) assertion.rpId.length)) {
for (vars[5] = 0; vars[5] < (short) assertion.allow.length; vars[5]++) {
// Check the list
// Does length match?
if ((short) assertion.allow[vars[5]].id.length != (short) temp.id.length) {
continue;
}
if (Util.arrayCompare(assertion.allow[vars[5]].id, (short) 0, temp.id, (short) 0,
(short) temp.id.length) == 0) {
// Add it to the list
list[vars[6]++] = temp;
}
}
}
}
} else {
// Old code path, works fine for me
list = new StoredCredential[discoverableCreds.getLength()];
vars[6] = 0;
for (vars[7] = (short) (discoverableCreds.getLength() - 1); vars[7] >= 0; vars[7]--) {
temp = discoverableCreds.getCred(vars[7]);
// Check for null or doesn't match rpId
if (temp != null && temp.rp.checkId(assertion.rpId, (short) 0, (short) assertion.rpId.length)) {
// Then valid
list[vars[6]++] = temp;
}
}
}
// Trim the list
StoredCredential[] ret = new StoredCredential[vars[6]];
// Trim
for (vars[7] = 0; vars[7] < vars[6]; vars[7]++) {
ret[vars[7]] = list[vars[7]];
}
// Null out the unused stuff
JCSystem.requestObjectDeletion();
return ret;
}
/**
* Check if anything in the list is present
*
* @param list
* @return
*/
private boolean isPresent(PublicKeyCredentialDescriptor[] list) {
StoredCredential temp;
for (vars[7] = (short) 0; vars[7] < discoverableCreds.getLength(); vars[7]++) {
temp = discoverableCreds.getCred(vars[7]);
if (temp == null) {
continue;
}
for (vars[6] = (short) 0; vars[6] < (short) list.length; vars[6]++) {
if (temp.checkId(list[vars[6]].id, (short) 0, (short) list[vars[6]].id.length)) {
return true;
}
}
}
return false;
}
/**
* Reset the authenticator. This doesn't actually take much. TODO: Implement
* checking. This is just so testing doesn't crap out.
*/
private void doReset(APDU apdu) {
discoverableCreds = new CredentialArray((short) 5);
JCSystem.requestObjectDeletion();
returnError(apdu, CTAP1_ERR_SUCCESS);
}
/**
* Return an error via APDU - an error on the FIDO2 side is considered a success
* in APDU-land so we send a response.
*
* @param apdu shared APDU object
* @ param buffer APDU buffer
* @param err error code
*/
public void returnError(APDU apdu, byte err) {
byte[] buffer = apdu.getBuffer();
buffer[0] = err;
apdu.setOutgoingAndSend((short) 0, (short) 1);
}
/**
* Return an error via APDU - an error on the FIDO2 side is considered a success
* in APDU-land so we send a response.
*
* @param apdu shared APDU object
* @ param buffer APDU buffer
* @param err error code
*/
public void returnError(APDU apdu, short err) {
byte[] buffer = apdu.getBuffer();
// Get the low byte of the error.
Util.setShort(buffer, (short) 0, err);
apdu.setOutgoingAndSend((short) 1, (short) 1);
}
/**
* Get authenticator-specific informtion, and return it to the platform.
*
* @param apdu
* @ param buffer
* @ param inBuf
* @ param bufLen
*/
public void authGetInfo(APDU apdu) {
// Create the authenticator info if not present.
if (info == null) {
// Create the authGetInfo - 0x00 is success
inBuf[0] = 0x00;
cborEncoder.init(inBuf, (short) 1, (short) 1199);
cborEncoder.startMap((short) 4);
// 0x01, versions
cborEncoder.encodeUInt8((byte) 0x01);
// Value is an array of strings
cborEncoder.startArray((short) 1);
// Type 1, FIDO2
cborEncoder.encodeTextString(Utf8Strings.UTF8_FIDO2, (short) 0, (short) 8);
// AAGUID, 0x03
cborEncoder.encodeUInt8((byte) 0x03);
cborEncoder.encodeByteString(aaguid, (short) 0, (short) 16);
// Options, 0x04
cborEncoder.encodeUInt8((byte) 0x04);
// Map of 3
cborEncoder.startMap((short) 3);
// Rk
cborEncoder.encodeTextString(Utf8Strings.UTF8_RK, (short) 0, (short) 2);
cborEncoder.encodeBoolean(true);
// UP
cborEncoder.encodeTextString(Utf8Strings.UTF8_UP, (short) 0, (short) 2);
cborEncoder.encodeBoolean(true);
// UV
cborEncoder.encodeTextString(Utf8Strings.UTF8_UV, (short) 0, (short) 2);
cborEncoder.encodeBoolean(true);
// Max msg size, 0x05
cborEncoder.encodeUInt8((byte) 0x05);
cborEncoder.encodeUInt16((short) 1200);
// Done
JCSystem.beginTransaction();
info = new byte[cborEncoder.getCurrentOffset()];
Util.arrayCopy(inBuf, (short) 0, info, (short) 0, cborEncoder.getCurrentOffset());
JCSystem.commitTransaction();
}
// Send it
Util.arrayCopyNonAtomic(info, (short) 0, inBuf, (short) 0, (short) info.length);
sendLongChaining(apdu, (short) info.length);
}
/**
* Covers the common assertion building process.
*
* @param enc
* @param mapLen
*/
private void doAssertionCommon(CBOREncoder enc, short mapLen) {
// Determine if we need 4 or 5 in the array
if (mapLen == 4) {
enc.startMap((short) 4);
} else {
enc.startMap((short) 5);
}
// Tag 1, credential data
enc.encodeUInt8((byte) 0x01);
// Start a map, which is all the PublicKeyCredentialDescriptor is
enc.startMap((short) 2);
// Put the id key
cborEncoder.encodeTextString(Utf8Strings.UTF8_ID, (short) 0, (short) 2);
// Put the value, which is a byte array
cborEncoder.encodeByteString(assertionCreds[nextAssertion[0]].id, (short) 0,
(short) assertionCreds[nextAssertion[0]].id.length);
// Put the key for the type
cborEncoder.encodeTextString(Utf8Strings.UTF8_TYPE, (short) 0, (short) 4);
// Put the value
cborEncoder.encodeTextString(Utf8Strings.UTF8_PUBLIC_KEY, (short) 0, (short) 10);
// Done with tag 1
cborEncoder.encodeUInt8((byte) 0x02);
// Tag 2, which is the Authenticator bindings data (turns out this is excluding
// the clientDataHash)
cborEncoder.encodeByteString(scratch, (short) 0, (short) 37);
// Tag 3, the signature of said data
// Put the tag in
cborEncoder.encodeUInt8((byte) 0x03);
// Turns out this is DER encoding, again
// Sign the data
vars[3] = assertionCreds[nextAssertion[0]].performSignature(scratch, (short) 0, (short) 69, scratch,
(short) 69);
// Create the ByteString to put it into
cborEncoder.encodeByteString(scratch, (short) 69, vars[3]);
// Tag 4, user details
cborEncoder.encodeUInt8((byte) 0x04);
// Start the PublicKeyCredentialUserEntity map
// If we have "UV" enabled, then we do all the info we have.
if (assertion.options[1]) {
cborEncoder.startMap(assertionCreds[nextAssertion[0]].user.numData);
// We need to check what we have for users
// Iterate over the bit flags
boolean[] usrFlags = assertionCreds[nextAssertion[0]].getPresentUser();
// This actually
if (usrFlags[2]) {
// Has the 'displayName' tag
cborEncoder.encodeTextString(Utf8Strings.UTF8_DISPLAYNAME, (short) 0, (short) 11);
cborEncoder.encodeTextString(assertionCreds[nextAssertion[0]].user.displayName.str, (short) 0,
assertionCreds[nextAssertion[0]].user.displayName.len);
}
if (usrFlags[1]) {
// The 'id' tag
cborEncoder.encodeTextString(Utf8Strings.UTF8_ID, (short) 0, (short) 2);
cborEncoder.encodeByteString(assertionCreds[nextAssertion[0]].user.id, (short) 0,
(short) assertionCreds[nextAssertion[0]].user.id.length);
}
if (usrFlags[0]) {
// The 'name'
cborEncoder.encodeTextString(Utf8Strings.UTF8_NAME, (short) 0, (short) 4);
cborEncoder.encodeTextString(assertionCreds[nextAssertion[0]].user.name.str, (short) 0,
assertionCreds[nextAssertion[0]].user.name.len);
}
if (usrFlags[3]) {
// Has the 'icon' tag
cborEncoder.encodeTextString(Utf8Strings.UTF8_ICON, (short) 0, (short) 4);
cborEncoder.encodeTextString(assertionCreds[nextAssertion[0]].user.icon, (short) 0,
(short) assertionCreds[nextAssertion[0]].user.icon.length);
}
} else {
// UV not enabled. Don't send extra info apart from the id field
cborEncoder.startMap((short) 1);
cborEncoder.encodeTextString(Utf8Strings.UTF8_ID, (short) 0, (short) 2);
cborEncoder.encodeByteString(assertionCreds[nextAssertion[0]].user.id, (short) 0,
(short) assertionCreds[nextAssertion[0]].user.id.length);
}
// Done tag 4
if (mapLen == 5) {
cborEncoder.encodeUInt8((byte) 0x05);
cborEncoder.encodeUInt8((byte) assertionCreds.length);
}
}
// There's only so many ways to do this.
static boolean isCommandChainingCLA(APDU apdu) {
byte[] buf = apdu.getBuffer();
return ((byte) (buf[0] & (byte) 0x10) == (byte) 0x10);
}
/**
* Handle the command chaining or extended APDU logic.
*
* Due to the FIDO2 spec requiring support for both extended APDUs and command
* chaining, we need to implement chaining here.
*
* I didn't want to pollute the logic over in the process function, and it makes
* sense to do both here.
*
* @param apdu
* @return length of data to be processed. 0 if command chaining's not finished.
*/
private short doApduIngestion(APDU apdu) {
byte[] buffer = apdu.getBuffer();
// Receive the APDU
vars[4] = apdu.setIncomingAndReceive();
// Get true incoming data length
vars[3] = apdu.getIncomingLength();
// Check if the APDU is too big, we only handle 1200 byte
if (vars[3] > 1200) {
returnError(apdu, CTAP2_ERR_REQUEST_TOO_LARGE);
return 0;
}
// Check what we need to do re APDU buffer, is it full (special case for 1 len)
// If this is a command chaining APDU, swap to that logic
if (isCommandChainingCLA(apdu)) {
// In the chaining
if (!isChaining[0]) {
// Must be first chaining APDU
isChaining[0] = true;
// Prep the variables
chainRam[0] = 0;
}
// Copy buffer
chainRam[1] = vars[4];
// chainRam[0] is the current point in the buffer we start from
chainRam[0] = Util.arrayCopyNonAtomic(buffer, apdu.getOffsetCdata(), inBuf, chainRam[0], chainRam[1]);
return 0x00;
} else if (isChaining[0]) {
// Must be the last of the chaining - make the copy and return the length.
chainRam[1] = vars[4];
chainRam[0] = Util.arrayCopyNonAtomic(buffer, apdu.getOffsetCdata(), inBuf, chainRam[0], chainRam[1]);
isChaining[0] = false;
isChaining[1] = true;
return chainRam[0];
} else if (vars[3] == 0x01) {
inBuf[0] = buffer[apdu.getOffsetCdata()];
return 0x01;
} else if (apdu.getCurrentState() == APDU.STATE_FULL_INCOMING) {
// We need to do no more
// Read the entirety of the buffer into the inBuf
Util.arrayCopyNonAtomic(buffer, apdu.getOffsetCdata(), inBuf, (short) 0, vars[3]);
return vars[4];
} else {
// The APDU needs a multi-stage copy
// First, copy the current data buffer in
// Get the number of bytes in the data buffer that are the Lc, vars[5] will do
vars[5] = vars[4];
// Make the copy, vars[3] is bytes remaining to get
vars[4] = 0;
while (vars[3] > 0) {
// Copy data
vars[4] = Util.arrayCopyNonAtomic(buffer, apdu.getOffsetCdata(), inBuf, vars[4], vars[5]);
// Decrement vars[3] by the bytes copied
vars[3] -= vars[5];
// Pull more bytes
vars[5] = apdu.receiveBytes(apdu.getOffsetCdata());
}
// Now we're at the end, here, and the commands expect us to give them a data
// length. Turns out Le bytes aren't anywhere to be found here.
// The commands use vars[3], so vars[4] will be fine to copy to vars[3].
return vars[4];
}
}
/**
* Gets 256 or fewer bytes from inBuf.
*
* @param apdu
*/
public void getData(APDU apdu) {
if (outChainRam[0] > 256) {
// More to go after this
outChainRam[0] -= 256;
byte[] buf = apdu.getBuffer();
Util.arrayCopyNonAtomic(inBuf, outChainRam[1], buf, (short) 0, (short) 256);
apdu.setOutgoingAndSend((short) 0, (short) 256);
outChainRam[1] += 256;
if (outChainRam[0] > 255) {
// At least 256 to go, so 256 more
ISOException.throwIt((short) 0x6100);
} else {
// Less than, so say how many bytes are left.
ISOException.throwIt(Util.makeShort((byte) 0x61, (byte) outChainRam[0]));
}
} else {
// This is the last message
byte[] buf = apdu.getBuffer();
Util.arrayCopyNonAtomic(inBuf, outChainRam[1], buf, (short) 0, outChainRam[0]);
apdu.setOutgoingAndSend((short) 0, outChainRam[0]);
isOutChaining[0] = false;
outChainRam[0] = 0;
outChainRam[1] = 0;
ISOException.throwIt(ISO7816.SW_NO_ERROR);
}
}
/**
* Set chaining flags to send dataLen bytes from inLen via chaining, if
* necessary.
*
* @param apdu
*/
public void sendLongChaining(APDU apdu, short dataLen) {
if (dataLen > 256) {
// Set the chaining boolean to 1
isOutChaining[0] = true;
// All the bytes are in inBuf already
// Set the chaining remainder to dataLen minus 256
outChainRam[0] = (short) (dataLen - 256);
// Send the first 256 bytes out
byte[] buf = apdu.getBuffer();
Util.arrayCopyNonAtomic(inBuf, (short) 0, buf, (short) 0, (short) 256);
apdu.setOutgoingAndSend((short) 0, (short) 256);
outChainRam[1] = 256;
// Throw the 61 xx
if (outChainRam[0] > 255) {
// More than 255 (at least 256) to go, so 256 more
ISOException.throwIt((short) 0x6100);
} else {
// Less than, so say how many bytes are left.
ISOException.throwIt(Util.makeShort((byte) 0x61, (byte) outChainRam[0]));
}
} else {
// Chaining not necessary, send in one go
isOutChaining[0] = false;
apdu.setOutgoing();
apdu.setOutgoingLength(dataLen);
apdu.sendBytesLong(inBuf, (short) 0, dataLen);
ISOException.throwIt(ISO7816.SW_NO_ERROR);
}
}
/**
* Checks if chaining is set for U2FApplet
*
* @return
*/
public boolean isChaining() {
return isOutChaining[0];
}
private void getCert(APDU apdu) {
inBuf[0] = 0x00;
vars[0] = (short) (attestation.getCert(inBuf, (short) 1) + 1);
sendLongChaining(apdu, vars[0]);
}
public void process(APDU apdu) throws ISOException {
byte[] buffer = apdu.getBuffer();
if (selectingApplet()) {
Util.arrayCopyNonAtomic(Utf8Strings.UTF8_FIDO2, (short) 0, buffer, (short) 0,
(short) Utf8Strings.UTF8_FIDO2.length);
apdu.setOutgoingAndSend((short) 0, (short) Utf8Strings.UTF8_FIDO2.length);
return;
}
if (!apdu.isCommandChainingCLA() && apdu.isISOInterindustryCLA()) {
ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED);
}
JCSystem.requestObjectDeletion();
switch (buffer[ISO7816.OFFSET_INS]) {
case ISO_INS_GET_DATA:
if (isChaining()) {
getData(apdu);
} else {
ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);
}
break;
case FIDO2_INS_NFCCTAP_MSG:
handle(apdu);
break;
case FIDO2_DESELECT:
// Appears to be a reset function in the FIDO2 spec, but never referenced
// anywhere
ISOException.throwIt(ISO7816.SW_NO_ERROR);
break;
default:
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
}
public static void install(byte[] bArray, short bOffset, byte bLength) throws ISOException {
short offset = bOffset;
offset += (short) (bArray[offset] + 1); // instance
offset += (short) (bArray[offset] + 1); // privileges
final CTAP2 applet = new CTAP2();
try {
applet.register(bArray, (short) (bOffset + 1), bArray[bOffset]);
} catch (Exception e) {
applet.register();
}
}
}
src/main/java/com/josh/vku2f/CTAP2Exception.java 0 → 100644
View file @ 75d64299
package com.josh.vku2f;
import javacard.framework.CardException;
/**
* CTAP2 error, a "better" way for us to throw errors and propagate their reasons, to be processed upstream (in the CTAP2 module).
* If this Exception is thrown, it's expected that the upstream command processing will convert it into a CTAP2 error (which is ISOException 9000, with additional status).
*/
public class CTAP2Exception extends CardException {
// initialized when created by Dispatcher
private static CTAP2Exception systemInstance;
/**
* Constructs a <code>CTAP2Exception</code> with the specified reason. To
* conserve on resources use <code>throwIt()</code> to use the Java Card
* runtime environment-owned instance of this class.
*
* @param reason
* the reason for the exception
*/
public CTAP2Exception(short reason) {
super(reason);
if (systemInstance == null) {
systemInstance = this;
}
}
/**
* Throws the Java Card runtime environment-owned instance of
* <code>CTAP2Exception</code> with the specified reason.
* <p>
* Java Card runtime environment-owned instances of exception classes are
* temporary Java Card runtime environment Entry Point Objects and can be
* accessed from any applet context. References to these temporary objects
* cannot be stored in class variables or instance variables or array
* components. See
* <em>Runtime Environment Specification, Java Card Platform, Classic Edition</em>,
* section 6.2.1 for details.
*
* @param reason
* the reason for the exception
* @exception CTAP2Exception
* always
*/
public static void throwIt(short reason) throws CTAP2Exception {
systemInstance.setReason(reason);
throw systemInstance;
}
/**
* Throws the Java Card runtime environment-owned instance of
* <code>CTAP2Exception</code> with the specified reason.
* <p>
* Java Card runtime environment-owned instances of exception classes are
* temporary Java Card runtime environment Entry Point Objects and can be
* accessed from any applet context. References to these temporary objects
* cannot be stored in class variables or instance variables or array
* components. See
* <em>Runtime Environment Specification, Java Card Platform, Classic Edition</em>,
* section 6.2.1 for details.
*
* @param reason
* the reason for the exception
* @exception CTAP2Exception
* always
*/
public static void throwIt(byte reason) throws CTAP2Exception {
systemInstance.setReason(reason);
throw systemInstance;
}
}
src/main/java/com/josh/vku2f/CredentialArray.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.JCSystem;
import javacard.framework.UserException;
/**
* Dynamically resizable credential storage array. Gracefully handles space errors.
*/
public class CredentialArray {
private StoredCredential[] creds;
private boolean[] slotStatus;
private short size;
private short counter;
/**
* Constructor for a CredentialArray.
* @param initialSize Initial sizing for the CredentialArray.
*/
public CredentialArray(short initialSize) {
creds = new StoredCredential[initialSize];
slotStatus = new boolean[initialSize];
size = initialSize;
}
/**
* Adds a new credential to the first free slot, or overwrites if a matching rp and user id matches.
* @param in the StoredCredential object to be stored.
*/
public void addCredential(StoredCredential in) throws UserException{
try {
short slot = alreadyExists(in);
creds[slot] = in;
slotStatus[slot] = true;
} catch (Exception e) {
UserException.throwIt(CTAP2.CTAP2_ERR_KEY_STORE_FULL);
}
}
/**
* Finds and returns a StoredCredential given the rpId and userId, returns null if not present.
* @param rpId
* @ param off
* @ param len
* @ return
*/
public StoredCredential getCredential(byte[] rpId, short rpOff, short rpLen, byte[] userId, short userOff, short userLen) {
for(counter = 0; counter < size; counter++) {
// Check the slot status, if the RP matches, and then if the user matches. If so, return the credential.
if(slotStatus[counter] && creds[counter].rp.checkId(rpId, rpOff, rpLen) && creds[counter].user.checkId(userId, userOff, userLen)) {
return creds[counter];
}
}
return null;
}
/**
* Confirms there is no already existing discoverable credential - if it finds one, it returns its location for overwriting.
* @return the location of a discoverable credential already matching the RP and User IDs, or the first free slot otherwise.
*/
public short alreadyExists(StoredCredential cred) {
for(counter = 0; counter < size; counter++) {
// Check the slot status, if the RP matches, and then if the user matches. If so, return the slot to use.
if(slotStatus[counter] && creds[counter].rp.checkId(cred.rp) && creds[counter].user.checkId(cred.user)) {
return counter;
}
}
// Find the first free slot
for(counter = 0; counter < size; counter++) {
if(!slotStatus[counter]) {
return counter;
}
}
// No free slots
// Add more
StoredCredential[] tmp = new StoredCredential[size];
boolean[] tmpStatus = new boolean[size];
for(counter = 0; counter < size; counter++) {
// SonarLint throws an error here, but JavaCard can only copy byte arrays
tmp[counter] = creds[counter];
tmpStatus[counter] = slotStatus[counter];
}
creds = new StoredCredential[(short) (size*2)];
slotStatus = new boolean[(short) (size*2)];
for(counter = 0; counter < size; counter++) {
creds[counter] = tmp[counter];
slotStatus[counter] = tmpStatus[counter];
}
// Actually double the size....
size *= (short) 2;
// Delete objects we used to copy
JCSystem.requestObjectDeletion();
// Return the first free slot in the new array, which is going to be the counter plus 1
return (short) (counter + (short) 1);
}
/**
* Get the size of the array.
* @return the array size
*/
public short getLength() {
return size;
}
/**
* Returns the credential at position, or null if none.
* @param position the position to get.
* @return the credential, or null.
*/
public StoredCredential getCred(short position) {
return creds[position];
}
}
src/main/java/com/josh/vku2f/DomString.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.Util;
// Performs a very simple truncation
public class DomString {
public byte[] str;
public short len;
// We limit name to length of 64 bytes or less. Errors are allowed, as the User Agent is responsible for managing invalid Unicode.
public DomString(byte[] input, short len) {
if(len > (short) 64) {
len = 64;
}
str = new byte[len];
Util.arrayCopy(input, (short) 0, str, (short) 0, len);
this.len = len;
}
/**
* Checks the equality of a DomString to an inputBuf.
* Performs truncation in the same manner as creation.
* @param inputBuf
* @param inOff
* @param inLen
* @return
*/
public boolean checkEquals(byte[] inputBuf, short inOff, short inLen) {
if(inLen > 64) {
inLen = 64;
}
if(inLen != len) {
return false;
}
return (Util.arrayCompare(inputBuf, inOff, str, (short) 0, len)==0);
}
/**
* Checks the equality of two DomStrings.
* @param other the other DomString
* @return if they match
*/
public boolean checkEquals(DomString other) {
return other.checkEquals(str, (short) 0, len);
}
}
src/main/java/com/josh/vku2f/ICUtil.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2019, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
public class ICUtil {
/**
* Get the sign bit of a given short (returns 0 or 1)
*/
public static short sign(short a) {
return (byte) ((a >>> (short) 15) & 1);
}
/**
* Return the smaller short of two given values
*/
public static short min(short a, short b) {
if (a < b) {
return a;
}
return b;
}
/**
* Return the bigger short of two given values
*/
public static short max(short a, short b) {
if (a > b) {
return a;
}
return b;
}
/**
* Set the bit in a given bitfield array
*
* @param bitField The bitfield array
* @param flag Index in the bitfield where the bit should be set
* @param value Sets bit to 0 or 1
*/
public static void setBit(byte[] bitField, short flag, boolean value) {
short byteIndex = (short) (flag >>> (short) 3);
byte bitMask = (byte) ((byte) 1 << (short) (flag & (short) 0x0007));
if (value) {
bitField[byteIndex] |= bitMask;
} else {
bitField[byteIndex] &= ~bitMask;
}
}
/**
* Get the value of a bit inside a bitfield
*
* @param bitField The bitfield
* @param flag Index in the bitfield that should be read
* @return Value at the index (0 or 1)
*/
public static boolean getBit(byte bitField, byte flag) {
byte bitMask = (byte) ((byte) 1 << (short) (flag & 0x07));
return bitMask == (byte) (bitField & bitMask);
}
/**
* Set the bit in a given bitfield
*
* @param bitField The bitfield
* @param flag Index in the bitfield where the bit should be set
* @param value Sets bit to 0 or 1
*/
public static byte setBit(byte bitField, byte flag, boolean value) {
byte bitMask = (byte) ((byte) 1 << (short) (flag & 0x07));
if (value) {
bitField |= bitMask;
} else {
bitField &= ~bitMask;
}
return bitField;
}
/**
* Get the value of a bit inside a bitfield
*
* @param bitField The bitfield array
* @param flag Index in the bitfield that should be read
* @return Value at the index (0 or 1)
*/
public static boolean getBit(byte[] bitField, short flag) {
short byteIndex = (short) (flag >>> (short) 3);
byte bitMask = (byte) ((byte) 1 << (short) (flag & (short) 0x0007));
return bitMask == (byte) (bitField[byteIndex] & bitMask);
}
/**
* Compare two signed shorts as unsigned value. Returns true if n1 is truly
* smaller, false otherwise.
*/
public static boolean isLessThanAsUnsignedShort(short n1, short n2) {
return (n1 < n2) ^ ((n1 < 0) != (n2 < 0));
}
/**
* Fill a provided short array with a given value.
*/
public static short shortArrayFillNonAtomic(short[] buffer, short offset, short len, short value) {
len += offset;
for (; offset < len; offset++) {
buffer[offset] = value;
}
return offset;
}
}
src/main/java/com/josh/vku2f/KeyParams.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.security.ECKey;
public class KeyParams {
// Prime spec for the field
public final static byte[] secp256r1p = new byte[] {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
(byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF};
// A
public final static byte[] secp256r1A = new byte[] {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
(byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC};
// B
public final static byte[] secp256r1B = new byte[] {(byte) 0x5A, (byte) 0xC6, (byte) 0x35, (byte) 0xD8, (byte) 0xAA, (byte) 0x3A, (byte) 0x93, (byte) 0xE7, (byte) 0xB3, (byte) 0xEB, (byte) 0xBD, (byte) 0x55,
(byte) 0x76, (byte) 0x98, (byte) 0x86, (byte) 0xBC, (byte) 0x65, (byte) 0x1D, (byte) 0x06, (byte) 0xB0, (byte) 0xCC, (byte) 0x53, (byte) 0xB0, (byte) 0xF6, (byte) 0x3B, (byte) 0xCE, (byte) 0x3C,
(byte) 0x3E, (byte) 0x27, (byte) 0xD2, (byte) 0x60, (byte) 0x4B};
// G
public final static byte[] secp256r1G = new byte[] {(byte) 0x04, (byte) 0x6B, (byte) 0x17, (byte) 0xD1, (byte) 0xF2, (byte) 0xE1, (byte) 0x2C, (byte) 0x42, (byte) 0x47, (byte) 0xF8, (byte) 0xBC, (byte) 0xE6,
(byte) 0xE5, (byte) 0x63, (byte) 0xA4, (byte) 0x40, (byte) 0xF2, (byte) 0x77, (byte) 0x03, (byte) 0x7D, (byte) 0x81, (byte) 0x2D, (byte) 0xEB, (byte) 0x33, (byte) 0xA0, (byte) 0xF4, (byte) 0xA1,
(byte) 0x39, (byte) 0x45, (byte) 0xD8, (byte) 0x98, (byte) 0xC2, (byte) 0x96, (byte) 0x4F, (byte) 0xE3, (byte) 0x42, (byte) 0xE2, (byte) 0xFE, (byte) 0x1A, (byte) 0x7F, (byte) 0x9B, (byte) 0x8E,
(byte) 0xE7, (byte) 0xEB, (byte) 0x4A, (byte) 0x7C, (byte) 0x0F, (byte) 0x9E, (byte) 0x16, (byte) 0x2B, (byte) 0xCE, (byte) 0x33, (byte) 0x57, (byte) 0x6B, (byte) 0x31, (byte) 0x5E, (byte) 0xCE,
(byte) 0xCB, (byte) 0xB6, (byte) 0x40, (byte) 0x68, (byte) 0x37, (byte) 0xBF, (byte) 0x51, (byte) 0xF5};
// Order of G
public final static byte[] secp256r1R = new byte[] {(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF,
(byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xBC, (byte) 0xE6, (byte) 0xFA, (byte) 0xAD, (byte) 0xA7, (byte) 0x17, (byte) 0x9E, (byte) 0x84, (byte) 0xF3, (byte) 0xB9, (byte) 0xCA,
(byte) 0xC2, (byte) 0xFC, (byte) 0x63, (byte) 0x25, (byte) 0x51};
// Cofactor of G
public final static short secp256r1K = 1;
public static void sec256r1params(ECKey setKey) {
// Set the key parameters from above
// Set field
setKey.setFieldFP(KeyParams.secp256r1p, (short)0, (short) 32);
setKey.setA(KeyParams.secp256r1A, (short)0, (short) 32);
setKey.setB(KeyParams.secp256r1B, (short)0, (short) 32);
setKey.setG(KeyParams.secp256r1G, (short)0, (short) 65);
setKey.setR(KeyParams.secp256r1R, (short)0, (short) 32);
setKey.setK(KeyParams.secp256r1K);
}
}
src/main/java/com/josh/vku2f/PublicKeyCredentialDescriptor.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.Util;
public class PublicKeyCredentialDescriptor {
byte[] type;
byte[] id;
public PublicKeyCredentialDescriptor(byte[] pkId, short offset, short len) {
type = new byte[(short) (Utf8Strings.UTF8_PUBLIC_KEY.length)];
Util.arrayCopy(Utf8Strings.UTF8_PUBLIC_KEY, (short) 0, type, (short) 0, (short) type.length);
id = new byte[len];
Util.arrayCopy(pkId, offset, id, (short) 0, (short) id.length);
}
}
src/main/java/com/josh/vku2f/PublicKeyCredentialEntity.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
// WebAuthn 5.4.1
public abstract class PublicKeyCredentialEntity {
// DOMString name
public DomString name;
public void setName(byte[] pkName, short len) {
name = new DomString(pkName, len);
}
}
src/main/java/com/josh/vku2f/PublicKeyCredentialParams.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.security.Signature;
public class PublicKeyCredentialParams {
// Stores an array consisting of wanted credentials for a AuthenticatorMakeCredential object
// Provides conversion services to Java algorithms
private short[] paramList;
private short listIndex;
public static final short COSE_ES256 = -7;
public static final short COSE_RS256 = -257;
public static final short COSE_PS256 = -37;
public PublicKeyCredentialParams(short len) {
// Create the array
paramList = new short[len];
listIndex = 0;
}
// Add an algorithm
public void addAlgorithm(short algId) {
// Add to the list as-is
paramList[listIndex++] = algId;
}
// Return the first algorithm, in Java algorithm form, that we support from the list
public byte getAlgorithm() {
for(short i = 0; i < listIndex; i++) {
if(paramList[i] == COSE_ES256) {
return Signature.ALG_ECDSA_SHA_256;
}
if(paramList[i] == COSE_RS256) {
return Signature.ALG_RSA_SHA_256_PKCS1;
}
if(paramList[i] == COSE_PS256) {
return Signature.ALG_RSA_SHA_256_PKCS1_PSS;
}
}
// Didn't get a result
return 0;
}
}
src/main/java/com/josh/vku2f/PublicKeyCredentialRpEntity.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.Util;
public class PublicKeyCredentialRpEntity extends PublicKeyCredentialEntity {
DomString rpId;
public void setRp(byte[] rpId, short len) {
this.rpId = new DomString(rpId, len);
}
/**
* Checks the RP ID against the internal DomString.
* @param inBuf
* @param inOff
* @param inLen
* @return
*/
public boolean checkId(byte[] inBuf, short inOff, short inLen) {
return rpId.checkEquals(inBuf, inOff, inLen);
}
/**
* Convenience method to simplify checking two PublicKeyCredentialRpEntity objects.
* @param other the other object to check
* @return if they match
*/
public boolean checkId(PublicKeyCredentialRpEntity other) {
return rpId.checkEquals(other.rpId);
}
public void getRp(byte[] buf, short off) {
Util.arrayCopy(rpId.str, (short) 0, buf, off, rpId.len);
}
public short getRpLen() {
return rpId.len;
}
}
src/main/java/com/josh/vku2f/PublicKeyCredentialUserEntity.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.UserException;
import javacard.framework.Util;
public class PublicKeyCredentialUserEntity extends PublicKeyCredentialEntity {
public byte[] id;
public DomString displayName;
// 4-bit. 0 is the parent name, 1 is the id, 2 is the displayName and 3 is the icon.
public boolean[] dataPresent;
public byte numData;
public byte[] icon;
public PublicKeyCredentialUserEntity() {
dataPresent = new boolean[4];
numData = 0;
}
public void setId(byte[] src, short off, short len) {
id = new byte[len];
Util.arrayCopy(src, off, id, (short) 0, len);
if (!dataPresent[1]) {
dataPresent[1] = true;
numData++;
}
}
public void setIcon(byte[] src, short len) throws UserException {
try {
icon = new byte[len];
Util.arrayCopy(src, (short) 0, icon, (short) 0, len);
if (!dataPresent[3]) {
dataPresent[3] = true;
numData++;
}
} catch (ArrayIndexOutOfBoundsException e) {
UserException.throwIt((byte) 0xFA);
}
}
public void setDisplayName(byte[] src, short len) {
displayName = new DomString(src, len);
if (!dataPresent[2]) {
dataPresent[2] = true;
numData++;
}
}
/**
* Checks the id against the src byte array.
*
* @param src source byte array
* @param off offset in the byte array to start at
* @param len length of the id in the source byte array
* @return if they match
*/
public boolean checkId(byte[] src, short off, short len) {
if (len != (short) id.length) {
return false;
}
return (Util.arrayCompare(src, off, id, (short) 0, len) == 0);
}
public void setName(byte[] pkName, short len) {
name = new DomString(pkName, len);
if (!dataPresent[0]) {
dataPresent[0] = true;
numData++;
}
}
/**
* Convenience method to check two PublicKeyCredentialUserEntity objects
*
* @param other the second PublicKeyCredentialUserEntity to compare
* @return if they match
*/
public boolean checkId(PublicKeyCredentialUserEntity other) {
return other.checkId(id, (short) 0, ((short) id.length));
}
}
src/main/java/com/josh/vku2f/ServerKeyCrypto.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.security.RandomData;
/**
* Provide a way to handle static RNGs.
*/
public class ServerKeyCrypto {
private static RandomData rng;
public static RandomData getRng() {
if(rng == null) {
rng = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
}
return rng;
}
}
src/main/java/com/josh/vku2f/StoredCredential.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.JCSystem;
import javacard.framework.Util;
import javacard.security.KeyPair;
import javacard.security.RandomData;
// Abstract class to represent and perform actions with a stored credential
public abstract class StoredCredential {
private static RandomData rng;
byte[] id;
KeyPair kp;
PublicKeyCredentialUserEntity user;
PublicKeyCredentialRpEntity rp;
private byte[] sigCounter;
protected boolean initialised;
protected byte[] credRandom;
protected boolean hmacEnabled;
protected StoredCredential() {
if(rng == null) {
rng = ServerKeyCrypto.getRng();
}
id = new byte[16];
rng.generateData(id, (short) 0, (short) 16);
sigCounter = new byte[4];
initialised = false;
hmacEnabled = false;
}
// Does the HMAC secret stuff
public short doHmacSecret(byte[] inBuf, short inOff, short inLen) {
// TODO: Well, this
return 0;
}
// Initialise the credRandom
public boolean initialiseCredSecret() {
// Generate the actual credRandom - this is the same across all credentials
credRandom = new byte[32];
rng.generateData(credRandom, (short) 0, (short) 32);
hmacEnabled = true;
return true;
}
// Generic ID check function, for credential IDs
public boolean checkId(byte[] inBuf, short inOff, short inLen) {
if(inLen != (short) 16) {
return false;
}
return Util.arrayCompare(id, (short) 0, inBuf, inOff, inLen) == 0;
}
public boolean[] getPresentUser() {
return user.dataPresent;
}
/**
* Increment the counter.
* NOTE: Atomic.
*/
protected void incrementCounter() {
JCSystem.beginTransaction();
for(short i = 3; i > 1; i--) {
if(sigCounter[i] == 0xFF) {
sigCounter[(short) (i-1)]++;
sigCounter[i] = 0x00;
JCSystem.commitTransaction();
return;
}
}
if(sigCounter[0] == 0xFF && sigCounter[1] == 0xFF && sigCounter[2] == 0xFF && sigCounter[3] == 0xFF) {
// Overflow, roll to 0
Util.arrayFillNonAtomic(sigCounter, (short) 0, (short) 4, (byte) 0x00);
JCSystem.commitTransaction();
return;
}
sigCounter[3]++;
JCSystem.commitTransaction();
}
/**
* Copies the counter (a 32-bit unsigned int) to the buffer specified, at offset bufOff.
* @param buf the buffer to copy into
* @param bufOff the offset to begin at
* @returns length
*/
public short readCounter(byte[] buf, short bufOff) {
Util.arrayCopy(sigCounter, (short) 0, buf, bufOff, (short) 4);
return (short) 4;
}
/**
* Signature class. Signs into the output buffer from the input buffer using the keypair.
* @param inBuf input buffer to sign
* @param inOff offset in buffer
* @param inLen length of data to sign
* @param outBuf output buffer to sign into
* @param outOff output buffer offset to begin writing at
*/
public abstract short performSignature(byte[] inBuf, short inOff, short inLen, byte[] outBuf, short outOff);
/**
* Returns the attestation data (pubkey and definition) attached to this object.
* @param buf buffer to copy the details to
* @param off offset to begin copying to
* @returns length
*/
public abstract short getAttestedData(byte[] buf, short off);
/**
* Returns the length of the attestation data that will be fed later on.
* @returns length
*/
public abstract short getAttestedLen();
/**
* Protected common attestation parameters
* @param buf
* @param off
* @return
*/
protected void doAttestationCommon(byte[] buf, short off) {
// AAGUID
Util.arrayCopy(CTAP2.aaguid, (short) 0, buf, off, (short) 16);
// Length of the credential ID - 16 bytes
buf[(short) (off+16)] = 0x00;
buf[(short) (off+17)] = 0x10;
// Copy the credential ID
Util.arrayCopy(id, (short) 0, buf, (short) (off+18), (short) 16);
}
}
src/main/java/com/josh/vku2f/StoredES256Credential.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.framework.JCSystem;
import javacard.security.ECKey;
import javacard.security.ECPublicKey;
import javacard.security.KeyBuilder;
import javacard.security.KeyPair;
import javacard.security.Signature;
public class StoredES256Credential extends StoredCredential {
Signature sig;
public StoredES256Credential(AuthenticatorMakeCredential inputData) {
// Generate a new ES256 credential
kp = new KeyPair(KeyPair.ALG_EC_FP, KeyBuilder.LENGTH_EC_FP_256);
KeyParams.sec256r1params((ECKey) kp.getPublic());
kp.genKeyPair();
user = inputData.getUser();
rp = inputData.getRp();
sig = Signature.getInstance(Signature.ALG_ECDSA_SHA_256, false);
sig.init(kp.getPrivate(), Signature.MODE_SIGN);
}
public short performSignature(byte[] inBuf, short inOff, short inLen, byte[] outBuf, short outOff) {
// Performs the signature as per ES256
incrementCounter();
return sig.sign(inBuf, inOff, inLen, outBuf, outOff);
}
public short getAttestedLen() {
// AAGUID (16), 0010 (2), Credential ID (16), the map (1 byte header, 6 bytes
// keytype and curve type, 35 bytes x, 35 bytes y, 77 total)
return (short) 111;
}
public short getAttestedData(byte[] buf, short off) {
CBOREncoder enc = new CBOREncoder();
// Get the ECPublicKey
byte[] w;
try {
w = JCSystem.makeTransientByteArray((short) 65, JCSystem.CLEAR_ON_RESET);
} catch (Exception e) {
w = new byte[65];
}
((ECPublicKey) kp.getPublic()).getW(w, (short) 0);
// Form the common params
doAttestationCommon(buf, off);
enc.init(buf, (short) (off + 34), (short) 1000);
enc.startMap((short) 5);
// We had to kinda hack the map labels - this is kty
enc.writeRawByte((byte) 0x01);
// value: EC2 keytype
enc.encodeUInt8((byte) 0x02);
// Alg - ES256
enc.writeRawByte((byte) 0x03);
enc.encodeNegativeUInt8((byte) 0x06);
// Curve type - P256
enc.encodeNegativeUInt8((byte) 0x00);
enc.encodeUInt8((byte) 0x01);
// X coord
enc.encodeNegativeUInt8((byte) 0x01);
enc.encodeByteString(w, (short) 1, (short) 32);
// Y coord
enc.encodeNegativeUInt8((byte) 0x02);
enc.encodeByteString(w, (short) 33, (short) 32);
// That is all
w = null;
JCSystem.requestObjectDeletion();
return 111;
}
}
src/main/java/com/josh/vku2f/StoredPS256Credential.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.security.KeyBuilder;
import javacard.security.KeyPair;
import javacard.security.RSAPublicKey;
import javacard.security.Signature;
public class StoredPS256Credential extends StoredCredential {
Signature kpSignature;
public StoredPS256Credential(AuthenticatorMakeCredential inputData) {
// Generate a new RS256 credential
kp = new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);
kp.genKeyPair();
user = inputData.getUser();
rp = inputData.getRp();
kpSignature = Signature.getInstance(Signature.ALG_RSA_SHA_256_PKCS1_PSS, false);
kpSignature.init(kp.getPrivate(), Signature.MODE_SIGN);
}
public short performSignature(byte[] inBuf, short inOff, short inLen, byte[] outBuf, short outOff) {
incrementCounter();
// Increment sig counter first
return kpSignature.sign(inBuf, inOff, inLen, outBuf, outOff);
}
public short getAttestedLen() {
// AAGUID (16), 0010 (2), Credential ID (16), map (1 byte header + 5 bytes type
// and alg + 260 bytes mod inc header, 5 bytes exp inc header)
return (short) 305;
}
public short getAttestedData(byte[] buf, short off) {
CBOREncoder enc = new CBOREncoder();
doAttestationCommon(buf, off);
// Start the public key CBOR
enc.init(buf, (short) (off + 34), (short) 1000);
enc.startMap((short) 4);
// kty - key type
enc.writeRawByte((byte) 0x01);
// RSA
enc.encodeUInt8((byte) 0x03);
// alg
enc.writeRawByte((byte) 0x03);
// PS256 - -37 is 36 negative (minus 1 for neg on CBOR, 0x24 byte)
enc.encodeNegativeUInt8((byte) 0x24);
// Modulus tag
enc.encodeNegativeUInt8((byte) 0x00);
// Write the modulus
short start = enc.startByteString((short) 256);
((RSAPublicKey) kp.getPublic()).getModulus(buf, start);
// Exponent tag
enc.encodeNegativeUInt8((byte) 0x01);
// Write the exponent
start = enc.startByteString((short) 3);
((RSAPublicKey) kp.getPublic()).getExponent(buf, start);
return 305;
}
}
src/main/java/com/josh/vku2f/StoredRS256Credential.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
import javacard.security.KeyBuilder;
import javacard.security.KeyPair;
import javacardx.crypto.Cipher;
import javacard.security.RSAPublicKey;
public class StoredRS256Credential extends StoredCredential {
Cipher kpSignature;
public StoredRS256Credential(AuthenticatorMakeCredential inputData) {
// Generate a new RS256 credential
kp = new KeyPair(KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_2048);
kp.genKeyPair();
user = inputData.getUser();
rp = inputData.getRp();
kpSignature = Cipher.getInstance(Cipher.ALG_RSA_PKCS1, false);
kpSignature.init(kp.getPrivate(), Cipher.MODE_ENCRYPT);
}
public short performSignature(byte[] inBuf, short inOff, short inLen, byte[] outBuf, short outOff) {
incrementCounter();
// Increment sig counter first
return kpSignature.doFinal(inBuf, inOff, inLen, outBuf, outOff);
}
public short getAttestedLen() {
// AAGUID (16), 0010 (2), Credential ID (16), map (1 byte header + 7 bytes type
// and alg + 260 bytes mod inc header, 5 bytes exp inc header)
return (short) 307;
}
public short getAttestedData(byte[] buf, short off) {
CBOREncoder enc = new CBOREncoder();
doAttestationCommon(buf, off);
// Start the public key CBOR
enc.init(buf, (short) (off + 34), (short) 1000);
enc.startMap((short) 4);
// kty - key type
enc.writeRawByte((byte) 0x01);
// RSA
enc.encodeUInt8((byte) 0x03);
// alg
enc.writeRawByte((byte) 0x03);
// RS256 - -257 is 256 negative (minus 1 for neg on CBOR)
enc.encodeNegativeUInt16((short) 256);
// Modulus tag
enc.encodeNegativeUInt8((byte) 0x00);
// Write the modulus
short start = enc.startByteString((short) 256);
((RSAPublicKey) kp.getPublic()).getModulus(buf, start);
// Exponent tag
enc.encodeNegativeUInt8((byte) 0x01);
// Write the exponent
start = enc.startByteString((short) 3);
((RSAPublicKey) kp.getPublic()).getExponent(buf, start);
return 306;
}
}
src/main/java/com/josh/vku2f/Utf8Strings.java 0 → 100644
View file @ 75d64299
/*
**
** Copyright 2021, VivoKey Technologies
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
package com.josh.vku2f;
public class Utf8Strings {
public static final byte[] UTF8_UP = {'u', 'p'};
// Representation of "id" in UTF8
public static final byte[] UTF8_ID = {0x69, 0x64};
// Representation of "name" in UTF8
public static final byte[] UTF8_NAME = {0x6e, 0x61, 0x6d, 0x65};
// Representation of "displayName" in UTF8
public static final byte[] UTF8_DISPLAYNAME = {0x64, 0x69, 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, 0x65};
// Representation of "alg" in UTF8
public static final byte[] UTF8_ALG = {0x61, 0x6c, 0x67};
public static final byte[] UTF8_UV = {'u', 'v'};
public static final byte[] UTF8_RK = {0x72, 0x6b};
public static final byte[] UTF8_TYPE = {'t', 'y', 'p', 'e'};
public static final byte[] UTF8_PACKED = {'p', 'a', 'c', 'k', 'e', 'd'};
public static final byte[] UTF8_SIG = {'s', 'i', 'g'};
public static final byte[] UTF8_X5C = {'x', '5', 'c'};
public static final byte[] UTF8_PUBLIC_KEY = {'p', 'u', 'b', 'l', 'i', 'c', '-', 'k', 'e', 'y'};
public static final byte[] UTF8_FIDO2 = {'F', 'I', 'D', 'O', '_', '2', '_', '0'};
public static final byte[] UTF8_ICON = {'i', 'c', 'o', 'n'};
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment