User Manual - Virgilio Siti Xoom
Contents
1. ISO 7816 4 specifies four command formats CLA INS P1 P2 CLA INS P1 P2 Le CLA INS P1 P2 Le Input Data CLA INS P1 P2 Le Input Data Le CLA Command class 1 byte INS Command instruction code 1 byte P1 First parameter of the command 1 byte P2 Second parameter of the command 1 byte Le Length of the input data 1byte Le Length expected of data returned by the card 1 byte Input Data Data sent to the smart card Lc bytes The ISO commands appear in the command file unmodified as strings of hexademical digits Example AO A4 00 00 02 3F 00 GALACTIC USER MANUAL 29 Debugging environment PCOM32 30 Expected return status The expected return status for any command or for the POWER_ON directive can be appended to the command If the status returned by the card does not match the expected return status a STATUS ERROR message is displayed in the logging file An X anywhere in the expected return status matches any hexadecimal digit in the corresponding position in the actual return status The expected return status must be on the same line as the command to which it applies Syntax Command ExpectedReturnedStatus or POWER_ON ExpectedReturnedStatus Example AO A4 00 00 02 3F 00 XF XX expected return status i StatusWordl any hex digit followed by F StatusWord2 any two hex digits Expected return data The expected return data for any command or for the POWER_ON directive can be appende2. for Java PDE V2 0 To help debugging applications you also need the Sun Reference Implementation Code You can download it at the following address http java sun com products javacard index html spec To facilitate the compilation of applets a set of empty classes is supplied in the kit These classes are contained in the file cardclass zip However they are not needed if the Sun Reference Implementation Code is used instead GALACTIC USER MANUAL 7 Installation Installation procedure Before installing the CD ROM you must first connect the reader to your PC Connecting the reader Power supply cable Turn your PC off Plug the RJ45 connector O into the reader Plug the DB9 part of the connector into the serial port of the PC tightening the screws Disconnect either the PC keyboard or mouse Connect it to part O of the power supply cable Connect the mini jack to the jack socket of the connector e Connect part O of the power supply cable to the PC mouse or keyboard port For information on how to configure the reader see Installing the kit step 3 on page 9 8 DE LA RUE CARD SYSTEMS Installation procedure Installing the kit To install the GalactIC kit proceed as follows Step Action 1 Insert the GalactlC CD ROM in your drive and run setup exe Result The installation wizard starts up 2 Follow the instructions displayed particularly to indicate the
3. oa Galact IC ersion User Manual 1998 De La Rue Cartes et Syst mes All rights reserved The information contained in this publication is accurate to the best of De La Rue Cartes et Systemes knowledge However De La Rue Cartes et Syst mes disclaims any liability resulting from the use of this information and reserves the right to make changes without notice Manual references PE 993 099 12NCT 4311 240 26362 Publication date 15 December 1998 Contents CONTENTS PREFAGE i IEEE AR e seve du na Vv Presentation of this guide ii v GalactlC ACTION aen E sone sine E E EE E E ERAR i v PUTPOS Score EARE E E E E E seth E EEE EEA v A O E VOOR RR O E O RI SITO T v Structure ofthisigUide gt issni tara ia iaia v Related DOCUMENTO sisirin iiaiai ai aiaiai iaaiiai haai ieat v INSTALLATION E E E E EE E n 7 Package Contenidos ads dada 7 Technical requiITementS umm did EAR o od 7 Hard Wan a iii 7 SONWALE rimarca A ia 7 Installation procedure rustici ilaele litica ta 8 Connectino thereader irreali alla alone 8 Installine the Mt pis 9 THE CONVERTER oeren crac ce cin eree ceci eee crei e cir crei rie eee eines ene iii iii iii 11 Product Description a 11 ENVIO Medici lee 11 FUNCHONS cui ai A 12 MultiClass Applications arena done Ronda iena aaa io iii 12 Package Emkms initial i Lana eda 12 Variable Ty pes aid the o balia 13 Bytecode Veritas ie HWA LAUREL ea Ne 13
4. Hexadecimal even length Hexadecimal even length Hexadecimal even length Allows authentication of the Security Domain with the key KeyMACSecurityDomain before applet loading Defined by the Visa Open Platform specification and available as an option for GalactIC Mandatory for GalactlC Protects the card during loading Allows the loader to decipher the applet before loading Defined by the ile Visa Open Platform and available as an option for GalactIC Allows verification of the MAC Message Authentication Code before applet loading Defined by the Visa Open Platform and available as an option for GalactIC Allows loading of applet with ciphering and signature DE LA RUE CARD SYSTEMS DEBUGGING ENVIRONMENT PCOM32 Product Description The debugging environment consists of e the standard Java Development Kit Symantec Caf e De La Rue PCOM32 Card Command Processor PCOM32 sends commands to a smart card via a card reader interface and logs the responses to these commands in a text file The tool allows commands to be sent one at a time under manual control Alternatively an entire sequence of commands can be sent as a single operation In addition there are control constructs that allow the user to loop through command sequences and to insert break points Responses to commands are logged in a text file which is directly accessible from the PCOM32 window Technical Requirements Hardware You need e an
5. Launching the Converter i 14 Command Linea rr IR RO ETA 14 Tipus A Iii 14 Output TeS asi AEREA Lab a ks lets Set Lo eA SNAG Lo eh Le ALI ii 14 Conversion Elia A n i SER it 15 Conversion Warnings vu ela ais 15 Esla Eoy da s piero ine tes ii ii in e 17 Product Description lina aaa te 17 Environment an a E r a ana e 17 Product FUNCTIONS aitor pde ana 17 o A E E a ie e ia 18 Sending a file to the smart Card e 18 Loadert iNl lai lalla een 18 Initialisation pica ara ia ida 19 DeLa Rue Java Loader NN 19 Example Filling in text fields noc no conc Ea nn nono nro non Teea uits iron nera neos 19 Other Field ideas 20 Loading A ta UL ALL III AL alano ala dalia 21 Referenc ipi rile ia aa oa aa a 22 FieldSsina go E AS Mea E at ch Bara ara 22 Flags shamua A eli tena Sone iraniane 22 DEBUGGING ENVIRONMENT PCOM32 c ccs ecceceseeeeesescceeesenceeeesenceeeesescensesenceesesenceeseseeeeesensesenes 23 Product Description Adua salare liana ie Las Laine 23 Technical Requirements ceci isis ana Alani iaia rai 23 Launching PEOM3 2 sce tes rra nenita tidad ais de 23 GALACTIC USER MANUAL iii Contents User miterat aeir naii a iaar E i inl einen Ailey 24 Man MO Lilia Lele ali calo alla a nea 24 Example Command File coronas aa alare 26 Erasing Card datar A A elit eo 27 Reuseemd a iii eel oe eS Rodent tela Bacio ance hele inline 27 Gomimand Fil s ii
6. Package Linking on page 12 p Pauses output between each page Input files Below are the files necessary to launch the converter e The class files of the application Any further class files used by the application are automatically converted e The file javaconv apis and files declared within it These files are optional see Package Linking on page 12 Output files Conversion results in e a dlrjar file which is the package file and some or all of the following e a cmd file e a api file Note If an error occurs no output files are created DE LA RUE CARD SYSTEMS Conversion Errors Launching the Converter When an error is encountered the converter does not generate an output file The converter may stop execution after several errors when an error introduces exceptions Error Too many methods in class Not compiled in debug mode class Type type not supported Unsupported bytecode bytecode Can t find enough space for interface methods Native methods not supported API entry not found Packages not found The lt bytecode macro gt verifier crashed Different stack on the same location Conversion Warnings Description A class cannot have more than 256 methods The class file has not been compiled in debug mode The data type is not supported see command line reference to int data types The converter encountered a bytecode not supported by J
7. SET_BUFFER I SBUFFER_INIT GALACTIC USER MANUAL 43 Debugging environment PCOM32 44 DE LA RUE CARD SYSTEMS APPENDIX A ERROR STATUS Reader error status value hex 60 CO 60 C1 60 C2 60 C3 60 FE 60 80 60 81 60 82 60 83 60 84 60 85 60 86 60 87 60 FO 60 F1 60 F2 60 F3 60 F4 60 F8 60 FC 60 FD 90 FF meaning Function unknown Illegal function parameters Illegal format of the function bytes The length byte and the number of data bytes following do not match or a read function consists of more than five bytes Data I O line held at 0 volt or POWER_CARD not executed Operation correctly terminated No card Card in slot Card in position but too short Card in position Card pulled out and then replaced in correct position Motor failure in CAD Card still in correct position Card answer error INS not correct or erroneous TS byte during POWER_CARD 3 parity errors in TS byte reception Card cannot be processed Card protocol not supported TO lt gt 0 in TD1 byte during POWER_CARD Framing error in reception mode 3 parity errors in reception mode 3 parity errors in transmission mode Failure in programming voltage generator or possible short circuit Vpp lt 4 volts Card not in place or does not respond mute GALACTIC USER MANUAL 45 Appendix A Error status Card error status 46 Value Hex 61LL 6300 6490 6491 6581 6600 6601 6602 6603 6604 6605 6606 6
8. destination directory by default C De La Rue GalactIC and choose the installation type 1 The Typical installation installs all the GalactIC components Converter Java Loader PCOM 32 Debugging Tool user documentation samples The typical installation requires 15 M of free memory 2 The Compact installation only installs the software components lt requires 4 M of free memory 3 The Custom installation allows you to choose the components you want to install Result The GalactIC kit is installed The Loader and Debugging Tool icons are created in the task bar The Smart Card Readers icon is added to the Control Panel 3 Open the Control Panel and double click on the Smart Card Readers icon to configure the reader 4 Click on the Add button to create the new reader Result The Add Logical Connection dialogue box is displayed with three tabs enabling you to set the various parameters 5 Set the following parameters on the Reader tab Logical connection name Name to be assigned to the reader see the instructions on screen Reader type Type of the reader connected to the PC De La Rue reader name 6 Set the following parameter on the Protocol tab Protocol Protocol to be used when communicating with the reader in this case Fastnet 7 Set the following parameter on the Port tab Port Port to which the reader is connected on the PC GALACTIC USER MANUAL 9 Installation 10 DE LA RUE CARD SYSTEMS THE CONVERTER P
9. legal loop instruction must begin with a BEGIN_LOOP and end with a LOOP It is possible to nest up to 16 loops Syntax LOOP LoopCount HEX Parameters and switches e LoopCount Total number of iterations must be greater than 1 and less than 2 e HEX Interpret the LoopCount parameter as a hexadecimal number Example BEGIN_LOOP BEGIN_LOOP AO A4 00 00 02 3F 00 LOOP 10 HEX LOOP 2 the inner loop is executed 32 times GALACTIC USER MANUAL 37 Debugging environment PCOM32 Buffer management directives 38 The PCOM32 buffers PCOM23 provides five general purpose buffers and two buffers for storing card responses The general purpose buffers are accessible to directives for both reading and writing The two buffers that store card responses are read only The table below summarises the buffer properties PCOMS2 buffers Name Function Size Accessibility bytes G general purpose 256 read write I general purpose 256 read write J general purpose 256 read write K general purpose 256 read write M general purpose 256 read write R stores data returned by the card 256 read only WwW stores the status returned by the card 2 read only Accessing data from buffers Data from any of the buffers can be inserted after either a command or a directive If the buffer name is used without a range specification the entire contents of the buffer are inserted Using range specifications it is possible to in
10. 607 6608 6609 660A 660B 660C 660D 660E 660F 6610 6640 6641 6680 6681 6682 6683 6684 6685 6686 6687 6688 6689 668A 6690 6691 6692 Meaning Correct execution response is LL bytes EXTERNAL AUTHENTICATE failed Data not found AID not written during personalisation EEPROM integrity error Incorrect optional code checksum BAD DES key Data checksum error EEPROM write error Java unhandled Exception Java unhandled Throwable Java unhandled ArithmeticException Java unhandled ArrayIndexOutOfBoundsException Java unhandled ArrayStoreException Java unhandled ClassCastException Java unhandled IndexOutOfBoundsException Java unhandled NegativeArraySizeException Java unhandled NullPointerException Java unhandled RunTimeException Java unhandled Security Exception Java unhandled UserException Java unhandled APDU Exception Java unhandled PINException Java unhandled SystemException Java unhandled TransactionException Java unhandled CryptoException JavaStackOverflowError JavaOutOfMemoryError DLRJC VM wrong package file version DLRJC VM unsupported bytecode DLRJC VM feature not supported yet DLRJC VM wrong number of parameters DLRJC VM wrong data type DLRJC VM class definition not found DLRJC VM method not found DLRJC VM native API entry not found DLRJC VM field not found DLRJC VM no access to field DLRJC VM no access to method DLRJC VM stack underflow DLRJC VM stack not empty on method return DLR
11. ARARARARARARARA RARA RARA ARARARARARA RARA RARARAAA Sends back card in start of use phase Card Domain loaded ready to accept new applications rrrssseetssesisesesiosieesiosieeeesoeesic seeieieeiis ee eis o ee SET_TIME_ OUT 10 C Nm 2 The card is now ready to accept new applications Command Files Introduction A command file is made up from following elements Card commands Card reader directives PCOM32 directives PCOM32 external directives Comments The format of the card commands is standard as defined by ISO 7816 4 The card reader directives control the reader turning it on or off or prompting the user to insert or remove the card The PCOM32 directives include e flow control constructs for looping and stepping through command sequences and e directives to assign and access variables and constants The external directives provide a mechanism for passing data to external functions DLLs 28 DE LA RUE CARD SYSTEMS Command Files Typographic conventions The following conventions are used in the command syntax descriptions Reserved words and symbols are marked in bold Parameter names which stand for values that the user has to supply are marked in italic Optional input is delimited with square brackets Note that square brackets are also used to delimit expected return values in this context the square brackets are part of the command syntax and are marked accordingly in bold Card commands
12. Gi ee ti vi le AAA A TS 28 Itroductoti rari ice chia lalla la e pe al 28 Typographic conventions ys siii earn Assia canarie ie sd 29 Card COMME af een ke ta 29 Expected return Status iaia A Atte 30 Expectedreturn dat L darias ls 30 SPeCial Characters cirrus Dia DARA cidade 31 Comment Character eraren da Neat AAA dilatan dt 31 Line continuation Character i 31 Identidad a hs 31 Card reader Girectives ceca Dia AR lada 32 INSERT atenei 32 JECT ai nre EE OE OA EOE E E ET OEE AA 32 POWER ON aa RARO RI ARA tii 32 POWER ORE EE AA as 32 Set p directiVeS iia dirai alan alia ari 33 LIST ON EEEE toaster Leidas RA A AREA AO RATES ANTA A TIR IRR 33 LIST OPE dlls 33 SLIEPTO PRECETTORE III 33 SIE RE RO AI I E ETRO 33 ERROR BEEP ON ss cirie RAEE ARRETRATA ERANO AA LE tata sine ERRATA RITA AREA a aa RASTA ARR 33 ERROR BEEPCOFF atinada ticas 33 III PONE datada 33 END BEEP ORE unidos dilata 33 SET TIME OU La tanto 34 READER us atea 34 File management directiveSs e 35 CAELrnia sarete aa nr Annie Le Re dene i 35 EXECUTE erir i Latte a 36 Loop management directives i 37 Buffer management directives nena 38 Th PCOM32 DU it a IO ARR I 38 The directives lt 0 ansa alata lied iaia A lulaia aLe eens 39 Constant management directives na nnc cronica 43 APPENDIX ERROR STATUS cc a a E don rider dae cu acdsccceupceddcneacecaas
13. IBM compatible PC connected to at least one De La Rue smart card reader Software You need e Windows 95 or NT operating systems e a smart card reader library Launching PCOM32 PCOM32 can be launched from a command line or Explorer 1 From a command line the syntax is e PCOM32 or e PCOM32 lt commandfile_name gt commandfile_name is the full name of the command file with extension This parameter is optional 2 From Explorer e Click on PCOM232 GALACTIC USER MANUAL 23 Debugging environment PCOM32 User Interface Main Window Launch the Debug Tool in the Tools folder The following window appears a ee Untitled OF ES File Edit View Process Options Window la x a ele ele The following menus are available e File e Edit e View e Process e Options e Window e About File Icon Menu Item Control Key a New Ctrl N S Open Ctrl O Close Save Ctrl S Save As Recent File Exit 24 Bb Description Creates a new command file Opens an existing command file Closes the active command file Saves the active command file Saves the active command file with selected name Opens one of the four last opened command files Exits the application DE LA RUE CARD SYSTEMS User Interface Edit lcon Menu ltem Control Key Description Undo Ctrl Z Undoes the last edit action Cut Ctrl X Cuts the selection and moves it to the clipb
14. JC VM invalid local variable access DE LA RUE CARD SYSTEMS Value Hex 6700 6982 6985 6990 6991 6A80 6A81 6A84 6A85 6A86 6A87 Meaning Length error ACs not satisfied Sequence error Command forbidden in current life phase No random generated before Incorrect parameter in data field Command not supported Not enough space Lc inconsistent with length recorded in TLV object Incorrect P1 P2 P1 P2 inconsistent with Lc GALACTIC USER MANUAL Card error status 47
15. SO IEC 7816 4 1995 Identification cards Integrated circuit s cards with contacts Part 4 Inter industry commands for interchange ISO IEC 7816 5 1992 Numbering system and registration procedure for application identifiers ISO 9564 1 1991 Banking Personal Identification Number management and security ANSI X9 19 1986 Financial Institution Retail Message authentication EMV 1996 Integrated Circuit Card Specifications for Payment Systems Part 1 Electromechanical Characteristics Logical Interface and Transmission Protocols version 3 0 Part 2 Data Elements and Commands version 3 0 Part 3 Application Selection version 3 0 Part 4 Security Aspects Version 3 0 SUN The Java Virtual Machine specification v1 0 SUN Java Card 2 0 Programming concepts SUN Java Card 2 0 Language Subset and Virtual Machine Specification SUN Java Card 2 0 Application Programming Interfaces VISA optionally Visa Open Platform 1 0 Visa proprietary vi DE LA RUE CARD SYSTEMS INSTALLATION Package contents In this package you will find e 1CD ROM e 1 Card Reader with cables e 3 test cards Technical requirements Hardware Minimal requirements you need to run GalactIC e PC Pentium with a screen resolution of 800x600 and 256 colours and 32 Mo of RAM e Operating System Windows 95 or Windows NT 4 0 Software To develop applications you need a Java development environment such as Symantec Visual Caf
16. _BEEP_OFF Disables beep on error END_BEEP_ON Enables beep on end of file END_BEEP_OFF Disables beep on end of file GALACTIC USER MANUAL 33 Debugging environment PCOM32 34 SET TIME_OUT Sets the time out for the transmit command The directive can be used to prevent premature time outs Syntax SET_TIME_OUT TimeOut Parameters e TimeOut Value in seconds of the time out delay The default value is 1 second the maximum value is 250 seconds Example SET_TIME_OUT 10 READER Changes the default reader assignment The name and characteristics of the card reader can be configured with the windows Control Panel Syntax READER Name Parameters e Name Name of the selected reader The length of the name is limited to 3 characters Example READER TE1 DE LA RUE CARD SYSTEMS File management directives File management directives Two directives are used to manage the command files CALL EXECUTE CALL Calls and executes a secondary command file Syntax CALL FileName LIST_ON LIST_OFF STEP_ON STEP_OFF Parameters and switches FileName Name of the called command file the name may include the full path to reach the file LIST_ON Enables logging for the called command file LIST_OFF Disables logging for the called command file STEP_ON Enables the step by step execution of the called command file STEP_OFF Disables the step by s
17. ass1 Class2 and OwnerPIN passing MyApplet via the command line to the converter results in a d1rjar file containing the conversion of the class files MyApplet Class1 and Class2 The class OwnerPIN is not included since it belongs to the Java Card API Note The converter looks for the class files in the current directory If they are not found the converter looks in the class files package directory For example the converter searches class myPackage utils myClass in the initial directory then in myPackage utils Package Linking This is the procedure used to instantiate classes package2 that have been declared in another package packagel e Packagel must be compiled e The converter creates an export file user api file e Package2 uses the api file during conversion For example Pack declares class1 and class2 its AID is C it generates C1 API Pack2 declares class3 and class4 its AID is C2 it generates C2 API Pack3 instantiates class1 and class4 The user does not have the sources of Pack1 or Pack2 but they have the files C1 API and C2 API By using the text file javaconv apis the user can link packages From the position of Pack3 1 Create the text file javaconv apis for example C1 api C2 api 2 Enter the text lines containing the full path of C1 API and C2 API 3 Convert Pack3 The converter automatically finds the descriptions of Pack1 and Pack2 DE LA RUE CARD SYSTEMS Functions Varia
18. ation characters can be used for indentation GALACTIC USER MANUAL 31 Debugging environment PCOM32 Card reader directives There are four card reader directives e INSERT e EJECT e POWER_ON e POWER_OFF INSERT If there is no card present in the reader PCOM32 prompts the reader to insert one Syntax INSERT EJECT Prompts the user to remove the card from the reader Syntax EJECT POWER_ON Switches on the card reader Syntax POWER_ON PROTOCOL_ON FClockFrequency Parameters and switches e ClockFrequency Frequency in MHz of the card reader clock The value must be between 4 and 8 the default value is 4 e PROTOCOL ON Enables the return of the protocol bytes by the card at power on Example POWER_ON PROTOCOL_ON F8 POWER_ON F4 POWER_OFF Switches off the card reader Syntax POWER_OFF 32 DE LA RUE CARD SYSTEMS Setup directives Setup directives The following directives are used to initialise PCOM32 LIST_ON LIST_OFF STEP_ON STEP_OFF ERROR_BEEP_ON ERROR_BEEP_OFF SET_TIME_OUT READER LIST_ON Enables logging The output from the logging process appears in a separate file LIST_OFF Disables logging However logging is automatically re enabled when an error is detected STEP_ON Enables step by step execution This is the default setting STEP_OFF Disables step by step execution ERROR_BEEP_ON Enables beep on error ERROR
19. ava Card 2 0 Too many methods have been defined The limit is 256 Native methods cannot be used in Java Card applications A method not found in the API entries The accessed package is not in the API or is nota user defined package Internal error Bytecode verification detects stack error This section gives a list of warnings given by the converter Warning Stack is not empty before return Pop no value from the stack Pop value type different from bytecode type Description Bytecode verification found that there is no empty stack at the end of the function Stack underflow in verifier operation Stack data type control error GALACTIC USER MANUAL 15 The Converter 16 DE LA RUE CARD SYSTEMS THE LOADER Product Description By default the GalactIC card supports a subset of the Visa Open Platform specification This subset does not support security domains and hence encryption and signature of a file is not supported This loading mechanism is present in all the test cards supplied with the kit and can be extended with the Visa mechanism on initialisation when the card is manufactured by De La Rue Card Systems This extension is a configurable option which supports the mechanisms as defined by Visa International through the Visa Open Platform specification This specification is the property of Visa International The Loader consists of two parts JAVALOAD EXE This is an executable file repr
20. bevdcaceeutecnesiecaddeuenceceee 45 Reader error status radar iaa 45 Cardieiror Stalin 46 DE LA RUE CARD SYSTEMS PREFACE Presentation of this guide GalactiC A definition GalactIC is a Java powered smart card optimised to store and run a range of applications written in Java This application range covers solutions for debit credit electronic purse electronic commerce loyalty access control pay TV healthcare identification mass transit and gambling The Galactic User Manual includes these tools e The Converter e The Loader e Debugging environment PCOM32 Purpose The purpose of this GalactIC User Manual is to introduce and explain the three tools comprising the Galactic solution Audience This guide is destined for programmers who know the basics of Java language and are familiar with the basic principles of smart cards Structure of this guide Chapter 1 Installation Chapter 2 The Converter Chapter 3 The Loader Chapter 4 Debugging environment PCOM32 Related documentation For further information on GalactIC refer to the following De La Rue guides e GalactIC Operating System Ref PE 993 098 e Smart Card Reader Java API Reference Guide Ref PE 993 097 GALACTIC USER MANUAL Preface For information on specifications refer to the following ISO IEC 7816 3 1989 Identification cards Integrated circuit s cards with contacts Part 3 Electronic signal and transmission protocols I
21. ble Types The converter allows the use of the following variable types byte short int optional see Command Line on page 14 boolean strings objects from the Java Card 2 0 API or user defined arrays of the above variable types The converter refuses other variable types such as e float e long e double Multiarrays and arrays of arrays are not allowed Bytecode Verifier The first step performed by the converter is to verify that the bytecode generated for the virtual machine is valid The converter checks for potential stack overflow type mismatches between actual and formal parameters use of unsupported data types transfer of control outside the current method GALACTIC USER MANUAL 13 The Converter Launching the Converter 14 Command Line The converter can be launched from e MSDOS or e Postbuild for users of Visual j Enter the command for the converter as follows JavaConv options lt file gt lt file gt isa class file s and the options are 5 Commandes MS DOS iol x a le al aja Al C Galactic gt javacony Usage JavaCony a lt aid gt p 1 1 lt classfile gt lt classfiles gt a specify AID i allows usage of type int 1 generates associated api file p pauses output between each page C Galactic gt Option Description a lt AID gt Specifies the application AID i Allows use of int type l Generates associated api file see
22. catenated Otherwise just the characters specified are used e begin end or begin length The range from the named buffer e HexData Any sequence of hexadecimal data The data may derive from one or more buffers including the buffer being assigned to or it may be supplied directly Example I FF FF FF i J 22 33 APPEND_BUFFER I 01 I FF FF FF 01 APPEND_BUFFER I 00 J I FF FF FF 01 00 22 33 APPEND_BUFFER 1 4 1 44 DE LA RUE CARD SYSTEMS Constant management directives Constant management directives PCOM23 provides a constant definition mechanism which works along the same lines as the define in C DEFINE Defines a constant value Syntax DEFINE ConstantName ConstantValue Parameters e ConstantName The constant name It must be preceded by a character and must be less than 32 characters e ConstantValue The replacement string Everything following the ConstantName up to the end of the line 1s part of the replacement string Example DEFINE A uN e H ECT AO AZ 00 00 02 UNDEFINE Undefines a constant name The name can then be reused in a further DEFINE directive Syntax UNDEFINE ConstantName Parameters e ConstantName Name of the constant to be undefined Examples DEFINE SELECT AO A4 00 00 02 DEFINE SME 3F 00 SSELECT SME DEFINE SBUFFER_INIT 00 00 00 00
23. d to the command If the data returned by the card does not match the expected return data a DATA ERROR message is displayed in the logging file and the offending bytes are flagged with a lt character An X anywhere in the expected return data matches any hexadecimal digit in the corresponding position in the actual return data The expected return data must be on the same line as the command to which it applies Syntax Command ExpectedReturnData or POWER_ON ExpectedReturnData Example AO CO 00 00 08 XX XX XX XX 3F 00 XX XX AO CO 00 00 08 XX XX XX XX 3X X0 XX XX DE LA RUE CARD SYSTEMS Special characters Special characters Comment character The and characters are defined to start a comment in a line of the command file A comment may be placed anywhere in a command file all the characters following the or the up to the end of the line are then considered to be part of the comment Example this is a comment this is a comment this is not a comment AO A4 00 00 02 3F 00 this is a comment Line continuation character A line continuation character can be added after the last significant character of a line to indicate that the card command continues on the next line Any character on the same line as the line continuation character and following it is ignored Example AO DC 01 04 10 FF FF FF FE FF FF FF FF BE BBY HE EE EE BR BEBE Indentation The space and tabul
24. egin end Increment Parameters e BufferName Name of buffer to which the increment is to be applied e begin end begin end The range of the buffer to which the increment is to be applied e Increment The value of the increment The value can be provided from the same or another buffer The number of bytes in the value must be less than or equal to the number of bytes specified in BufferName begin end Note that two characters are required to express the value of a byte so an increment of one is written 01 not 1 Examples I 00 00 00 INCREASE_BUFFER I 01 7 I 00 00 01 INCREASE BUFFER I FF I 00 01 00 INCREASE BUFFER 1 2 2 FF I 00 00 00 note that the overflow is not carried to the left DE LA RUE CARD SYSTEMS Buffer management directives DECREASE_BUFFER Decrements one or more buffer elements If a range is not specified the decrement is subtracted from the last element of the buffer and any borrow that may be required is taken from the left Syntax DECREASE_BUFFER BufferNamel begin end Increment DECREASE_BUFFER BufferName begin end Increment Parameters e BufferName Name of buffer to which the decrement is to be applied e begin end begin end The range of the buffer to which the decrement is to be applied e Increment The value of the decrement The value can be provided from the same or another buffer The number of bytes in the dec
25. esenting the user interface to send commands to the card PCOMOP DLL This is the dynamic link library which includes the functions and the interface between the reader and the smart card Environment The De La Rue Loader runs under MS Windows NT It is designed as a menu mouse application It uses De La Rue Smart Cards drivers and libraries To use the Loader you need e a physical and logical smart card reader e all configuration files installed Note The CD ROM automatically runs the file Setup exe the configuration file If it does not then you must run Setup exe manually before using the Loader Product Functions The file to be written to the smart card can be loaded using different functions These functions conform to the Visa Open Platform specification and are available as configurable options during card initialisation These functions are designed to increase the level of security and management of the target file GALACTIC USER MANUAL 17 The Loader Loading Sending a file to the smart card The Loader cuts the file into several blocks APDU Application Protocol Data Unit and then sends it to the smart card These blocks can be sent directly or secured The following table shows the options available and the domain keys to use File Keys Sent directly None Ciphered and signed ENC card domain MAC card domain Loader ini 18 This file contains information used by the Loader to load code onto t
26. f applications onto the card and discard all the currently loaded applications you must erase the applications on the card To do so launch the Debug Tool in the Tools folder 1 Select Open under the File menu The browser appears The Reuse cmd file is in the same directory as Debug Tool The Reuse commands lets you erase data from the card Open the Reuse cmd file The following screen appears PCOM32 Reuse cmd JO x B File Edit View Process Options Window 181x 2 ela sibie Sep ale rrrstttsseeitsseeeesioeesiceeeeiceoeioeioeiiosinitio stes ice EERE a Sends back card in start of use phase Card Domain loaded ready to accept new applications FARA rrsssssisseeeeosioiosiesiioseeite see iio iosic seotio iesiese0e SET_TIME_OUT 10 INSERT POWER_ON 32 3B 73 96 00 GALACTIC USER MANUAL 27 Debugging environment PCOM32 3 To launch the Reuse command click on the Go icon twice Go Clicking on this icon runs the program and brings up this screen A PCOM32 C DELARUE GalactIC PCOM32 RI Reuse L00 LCO olx File Edit View Process Options Window 2 lel x a sla sele Command File C DELARUE GalactIC PC0M32 RI Reuse cnd Logging File C DELARUE GalactIC PCOM32 RI Reuse LOO Date Version oool 0002 0003 0004 0005 0006 0007 0008 0009 o 19 August 1998 at 11h43 32s PCOM32 Version 3 24 naso
27. he smart card The GalactIC card supports as a configurable option during initialisation the Visa Open Platform specification Loader ini must be created and or edited using an external editor such as Windows Notepad Two of the parameters AID and SID are automatically updated by the Loader There are four fields in Loader ini 1 Common AIDCardDomain 47 61 6C 61 63 74 49 43 This is the AID of the Card Domain and the value is defined before the loading The user cannot modify it 2 KeySetl Name GalactIC demo keys KeyIndex 0 KeySetIdentifier 0 KeyMACCardDomain 22334455667788113344556677881122 KeyENCCardDomain 1 12233445566778822334455667788 1 1 KeyMACSecurity Domain 22334455667788 1 1334455667788 1 122 KeyENCSecurityDomain 1 12233445566778822334455667788 1 1 This field contains the set of keys defined in the Card Domain and Security Domain The keys are hexadecimal triple DES keys of 16 bytes The values are fixed during the Card Domain loading and cannot be modified The keys are used for authentication and the functions are defined by the Visa Open Platform specification 3 AID AID1 A0 00 00 00 03 10 10 AID2 A0 00 00 00 03 90 10 AID3 A0 00 00 00 03 60 10 AID4 A0 00 00 00 03 60 20 AIDS A0 00 00 00 03 60 30 DE LA RUE CARD SYSTEMS Initialisation 4 SID SID1 00 00 00 00 This field contains the Security Domain AID It is defined by the Visa Open Platform specification Initialisation De La Rue Ja
28. oard Copy Ctrl C Copies the selection to the clipboard a Paste Ctrl V Inserts the clipboard contents at the insertion point Find Ctrl F Finds the specified text Replace Replaces the specified text Go To Ctrl G Moves to a specified line View Menu ltem Description Toolbar Toggles toolbar view Status Bar Toggles status bar view Process lcon Menu Item Control Description Key Go F5 Starts or continues the processing of the command file F Restart Alt F5 Stops and restarts processing from the beginning of the file A End Escape Aborts processing of the command file 5 Stop Space Stops processing of the command file eS Next Step Enter Processes the next directive or command of the TP command file Options Menu Item Description Settings Allows the configuration of the execution mode command file logging and error or end of file beeps Readers Allows logical reader configuration GALACTIC USER MANUAL 25 Debugging environment PCOM32 Window Menu Item Description Cascade Arranges windows so they overlap Tile Arranges windows as non overlapping tiles Arrange Icons Arranges icons at the bottom of the window Opened File Activates the opened file About Menu Item Description About PCOM32 Displays PCOM32 information version number and copyright Example Command File The following command file chk Loy cmd which contains a list of arbitrary commands shows how commands can be sent one at a time
29. rement must be less than or equal to the number specified in BufferName begin end Note that two characters are required to express the value of a byte so a decrement of one is written 01 not 1 Example 1 FF FF FF DECREASE_BUFFER I 01 ge hb SEE EE EB DECREASE_BUFFER I FF OLAS EFE PE EE DECREASE_BUFFER 1 2 1 FE FL E BEE RE EE Ww wn ET_BUFFER I 00 00 00 O ECREASE_BUFFER I 01 ge Lo BEE EE GALACTIC USER MANUAL 41 Debugging environment PCOM32 42 APPEND_BUFFER Concatenates two or more byte sequences and assigns the result to the first named buffer The byte sequences can be provided directly as data or from one or more buffers Note that the total length of the string assigned is the total length of the strings specified so that a buffer can be truncated by an APPEND_BUFFER directive For example SET_BUFFER G 00 00 00 00 00 00 00 00 APPEND_BUFFER G 3 3 11 G 3 3 is one byte 00 it is concatenated with the 11 and the result is assigned to the buffer G so the buffer now contains just two bytes 00 11 Syntax APPEND_BUFFER BufferNamel begin end HexData APPEND_BUFFER BufferNamel begin end HexData Parameters e BufferName The name of the buffer to which the concatenated string is assigned If the name is not qualified with a range the whole buffer is used as the first part of the string to be con
30. roduct Description This section describes the De La Rue Java Card DLRJC converter The De La Rue Java Card converter takes several class files created by any Java compiler and converts them into a single DLRIC install file The resulting install file is run on a smart card by the De La Rue implementation of the Java Virtual Machine 32 bit MultiClass version In addition to creating the install file the DLRJC has two functions Verify The DLRIC converter verifies that the class files contain only bytecodes included in the subset of the Java language defined for the Javacard Optimise In order to comply with smart card technology constraints the DLRJC converter must reduce the size of the DLRJC install file Using improved class management and new bytecodes this file is reduced to between 20 and 30 of its original size Environment The converter is designed to run on any 32 bit version of Windows The converter is a console application and must be launched from a Windows command line The Java compiler used must conform to the Java Virtual Machine Specification Sun Microsystems GALACTIC USER MANUAL 11 The Converter Functions 12 MultiClass Applications The converter integrates several class files into a single d1r3ar file This allows applications to create and use objects defined by the user or any objects already defined in the Java Card API If for example the class MyApplet explicitly uses the classes Cl
31. sert substrings from a buffer Syntax Command BufferNamel begin end or Command BufferName beginslength or Directive BufferName begin end or Directive BufferName begin length Parameters e BufferName One of the buffers G I J K L M R or W If the BufferId is not followed by a range the entire content of the buffer is inserted If the Bufferld is followed by a range then the specified range is inserted e begin end The range to be inserted 2 6 means bytes 2 to 6 inclusive and 6 6 means just the sixth byte Note that the first element in the buffer is element 1 e begin end The range to be inserted 2 6 means insert 6 bytes starting at byte 2 and 6 2 means insert 2 bytes starting at byte 6 Note that the first element in the buffer is element 1 Example AO A4 00 00 02 R 2 2 R 1 1 AO A4 00 00 02 R 2 1 R 1 1 DE LA RUE CARD SYSTEMS Buffer management directives The directives The following directives are used to initialise or modify the buffers SET_BUFFER INCREASE_BUFFER DECREASE_BUFFER APPEND_BUFFER SET_BUFFER Sets or modifies the contents of any of the read write buffers Syntax SET_BUFFER BufferNamel begin end HexData SET_BUFFER BufferNamel begin end HexData Parameters BufferName If no range is specified the first data byte is assigned to the first element of the buffer and subsequent bytes to subsequent elements in left to right order This is the onl
32. tep execution of the called command file The default execution mode is the execution mode of the calling command file When the last instruction of the called file has been executed control returns to the command immediately following the CALL directive CALL directives can be nested Example r Responses to commands in INI_LOCK CMD not logged CALL C A_TEST C COMMUNS INI_LOCK CMD LIST_OFF GALACTIC USER MANUAL 35 Debugging environment PCOM32 36 EXECUTE Calls and executes a secondary command file and logs the responses in a text file Syntax EXECUTE FileName Parameters FileName Name of command file to execute the name may include the full path to reach the file The responses to the called file are always logged separately in the first instance in FileName L00 and if the same command file is executed a second time in FileName L01 Note all the buffers are reinitialised by the EXECUTE directive The DLLs loaded before the EXECUTE directive are not considered loaded by the executed command file and the DLLs loaded by the executed command file are unloaded after the executed command file processing Example Execute scenario cmd and generate SCENARIO L00 EXECUTE SCENARIO CMD DE LA RUE CARD SYSTEMS Loop management directives Loop management directives BEGIN_LOOP and LOOP A basic loop instruction is available in PCOM32 through the BEGIN_LOOP and LOOP directives A
33. tions offered as an option Security domain identifier Add to list Installation parameters Test For a complete description of the fields and flags see Reference on page 22 DE LA RUE CARD SYSTEMS Loading Loading When all mandatory fields have been filled you can load the smart card 1 Click Load If the smart card is already in the reader the Applet loading window appears and the file loads automatically Go to step 3 If the smart card is not already in the reader the following windows appears E hee a ze a 0 YAI Insert your Smart Card into the Reader LCO 2 Insert the smart card The file loads automatically 3 When the file finishes loading click OK 4 Remove card The loading is complete Now you can load another file or exit the application GALACTIC USER MANUAL 21 The Loader Reference 22 Fields Field Name Card reader name Initialisation file File to install Key Set name Mandatory Yes Yes Yes Yes Application Identifier Yes Security domain identifier Installation parameters Flags TT Security Domain with authorisation I Extemal authentication TT Preliminary decryption of f TT Preliminary check signature of file T Secure messaging No No Min char Length 3 N A N A y 2 2 Max char Length 3 64 64 32 32 32 64 Character type 2 letters 1 number N A N A N A
34. under manual control The toolbar and control keys allow different options when processing the command file such as stop end or restart Use the Window menu to switch between the log file and command file windows When opened in the command file window the following code appears INSERT POWER_ON 00 A4 04 00 07 A0000000039010 9000 1 Press F5 to process command file The log file display window opens showing the following code Command File C javacard Course Galact IC PCOM32 RI chkloy cmd Logging File C javacard Course GalactIC PCOM32 RI chkloy L97 Date 25 August 1998 at 11h28 18s Version PCOM32 Version 3 24 0001 0002 INSERT 2 Press Enter Window asks you to insert card in reader 3 Insert card PCOM23 continues processing 0001 0002 INSERT 0003 POWER_ON 26 DE LA RUE CARD SYSTEMS Erasing card data 4 Press Enter to step through commands 0003 POWER_ON Command POWER_ON Output Data 00 31 80 71 96 64 32 CE 01 00 82 Status 90 00 0004 0005 00 A4 04 00 07 A0000000039010 9000 Command 00 A4 04 00 07 Input Data AO 00 00 00 03 90 10 Status 90 00 0006 0007 0008 KKKKKKKKKKKKKKKKKKKKKKKKKKKEK FILE PROCESSING RESULT x NORMAL EXECUTION KKKKKKKKKKKKKKKKKKKKKKKKKKKK PCOM23 processes the command file and gives the processing result Erasing card data Reuse cmd To add a new set o
35. va Loader Launching Two files are necessary e the initialisation file Loader ini e the file to install dlrjar Run Javaload exe The following window opens O Visa Loader Open Platform 1 0 JavaLoad Example Filling in text fields The following procedure is an example of filling in the text fields 1 Use Browse to enter Card reader name By default this is LCO which is created during the Setup exe 2 Use Browse to enter path and name of the initialisation file This file is Loader ini The maximum number of characters is 256 3 Use Browse to enter path and name of the file to install onto card This is the dlrjar file The maximum number of characters is 256 GALACTIC USER MANUAL 19 The Loader 20 4 Use the scroll bar to select KeySet section of the initialisation file Key Set name Galactic demo ks E 5 Use scroll bar to select Application identifier from the list This can be from 2 to 32 hexadecimal even length characters A new value can be added to the list by using Add to list Application identifier A0000000038010 y Add to list 6 Select the flag External authentication ME authentication Now you can install the file onto the smart card see Loading on page 21 Other Fields The following fields are NOT used by the GalactIC loader when using the cards from the kit They are used only if cards support Visa Open Platform specifica
36. y way to initialise a buffer begin end The range of buffer elements to be assigned G 3 7 for example means elements 3 to 7 inclusive The range specified must already contain data begin end The range of buffer elements to be assigned G 3 7 for example means 7 elements starting at element 3 and ending at element 9 The range specified must already contain data HexData If you are assigning to a range of elements the number of elements must be the same on both sides of the assignment Example ET_BUFFE R I 11 22 33 44 55 66 77 88 I 11 22 33 44 55 66 77 88 1 5 4 I 1 4 E ER I 11 22 33 44 11 22 33 44 BUFFER 1 1 4 1 8 1 I 7 1 I 6 1 I 5 1 I 44 33 22 11 11 22 33 44 GALACTIC USER MANUAL 39 Debugging environment PCOM32 40 INCREASE_BUFFER Increments one or more buffer elements If a range is not specified the increment is added to the last element of the buffer and any overflow is carried over to the left So a 256 byte buffer used in this way provides a counter with a maximum value of 22 1 which should be enough for most purposes Of more practical value is the possibility of specifying a number of bytes for a counter somewhere within the buffer For example INCREASE_BUFFER G 10 11 01 could be used to provide a modulo 2 counter using bytes 10 and 11 Syntax INCREASE _ BUFFER BufferNamel begin end Increment INCREASE _BUFFER BufferNamel b
Download Pdf Manuals
Related Search