JavaCard Bouzefrane Dec11 Anglais

    Java Card TechnologyJava Card Technology

    Samia Bouzefrane

    Associate Professor


    [email protected]


    Java Card technology: introduction and principles

    Java Card - IntroductionJava Card - Introduction

    Need to programmable systems

    Need to evolutive solution (exceed the R!"

    #pplications : Long to develop

    #ttemps1st version: october 1996, startup and actual product in 1998, an industrialreality since 2000. In 2004, the nuber !ava "ards sold has reached one billion.

    $tages o% industry development$tages o% industry development

    &he smart card and the main stages o% development technology:

    #he pioneers $19%&'198&(: )irst thoughts$the technological basis established(

    198&'199&: the technology is iproved' *ar+ets and large deployents: ", -*' Liits: need ore )le/ibility

    199&'200& : e/plosion o) the ar+et, ith ne paradig' cards based on calable !ava "ard

    2006: 1.2 billion obile phones using I* cards !ava "ard1.6& billion sart cards !ava "ard $un source site(

    2008: 90 o) I* cards are !ava "ard in 3urope, erica.6 billion !ava "ard $ccording to un(

    200&'555: the card becoes an eleent o) the netor+

    ' " $art "ard eb erver(' .7et, !ava "ard .0

    &he beginning o% Java Card technology&he beginning o% Java Card technology

    November ')* the %irst proposed use o% Java %or cards is made by a team o%$chlumberger (#ustin"

    !ava "ard I proposal )or prograing in !ava "ard

    !ava "ard 1.0

    +ull* ,emplus and $chlumberger create the Java Card orum the !" discusses and proposes speci)ications to ;racleun

    November '.* publication o% the Java Card /01-eplus deonstrates in ;ctober 7oveber ""

    2volution to Java Card /0x2volution to Java Card /0x

    &he version /01 o% Java Card $peci%ication :

    a runtie environent

    #he ability to rite applets ith an ob?ect'oriented approach$although the loading )orat as not speci)ied(

    !arch '* version /0' that includes 3 parts:

    !ava "ard I peci)ication

    !ava "ard =untie 3nvironent peci)ication

    !ava "ard @irtual *achine peci)ication

    #n element o% Java technology#n element o% Java technology

    #bout the license model 4 '#bout the license model 4 '

    &he speci%ication is available at:


    $ell cards (5ith or 5ithout logo" and display compatibility5ith technology means being licensed Java Card &echnology

    6hich provides access to :

    re)erence ipleentation

    olloing copatibility testing

    peci)ic support

    Java #uthori7ed 8icensees o% Java Card &echnology

    the copanies listed belo licensed !ava "ard technology )rothe un *icroystes. ;nly !ava "ard licensees can ship products thatbear the A !ava oered B logo and clai copatibility ith the !ava "ardlat)or speci)ication and !ava "ard #"C.

    =*, spects, ""LI#=L, u?itsu, -eplus, -3*,;berthur "ard ystes, #rusted Logic, etc.

    ource : http:?ava.sun.coproducts?avacardlicensees.htl

    #bout the license model 4 /#bout the license model 4 /

    Java Card orumJava Card orum

    #ssociation o% manu%acturers o% silicon* embedders and customers

    roote !ava "ard technology

    et o) technology choices and then o))er it the ;racle >tandard>.

    !" : http:.?avacard)oru.org

    # Java Card plat%orm# Java Card plat%orm

    is a smart card

    5ith a virtual machine

    able to execute applications 5ritten in Java

    Java Card plat%orms are standardi7ed by racle and Java Card orum

    Java is the programming language the most used in the application developementdedicated to smart cards

    Java Card 9 Java smart CardJava Card 9 Java smart Card

    # standard smart card# standard smart card

    #pplication* $ and hard5are lin;ed together

    &he application is developed only by the o5ner o% the $

    &he application is developed in a lo5-level language (C* #ssembler"

    # Java Card plat%orm# Java Card plat%orm

    #pplication* $ and hard5are are independent

    &he application is developed by any Java programmer

    &he application is developed in a standard language (high level"

    Java Card technology advantagesJava Card technology advantages

    easy development

    Interoperability o% applets (%or use on di%%erent plat%orms"

    $a%ety (o% language* optimi7ation* etc0"0



    penness and compatibility (addition and update applications"

    #bility to post-personali7ation

    Java Card languageJava Card language

    Java Card actorsJava Card actors

    Java Card characteristicsJava Card characteristics

    Card architectures 5ith very small si7es:- less than 1C o) =*, 24'28 C o) =;* and 8 to 16 C 7@*


    &o integrate Java technology into a card* the choices are:' =educe language )eatures' *iniu reDuired to run a !ava "ard progra are:

    '24 C o) =;*, 33=;* and 16 C o) 1 C o) =*.'

  • 7/25/2019 JavaCard Bouzefrane Dec11 Anglais


    $upported &ypes$upported &ypes

    Not supported %eaturesNot supported %eatures

    No &hreads

    No dynamic loading

    No ,arbage Collector until version /0/"

    no cloning

    no multi-dimension arrays

    $upported %eatures Non $upported %eatures

    boolean, byte, short long, double, )loat, char, tring

    ;ne'diension array *ulti'diension array

    !ava pac+age, classes, inter)ace

    and e/ceptions

    #hreads, serialiGation

    3/tension, abstract ethod,

    ;verload and ob?ect creation$instantiation(

    >ey 5ords>ey 5ords

    $upported ;ey 5ordsabstract, boolean, brea+, byte, case, catch, class, const, continue, de)ault, do, else,e/tends, )alse, )inal,goto null, pac+age, private, protected, public, return, static,super, sitch, this, i), ipleents, iport, instanceo), int, inter)ace, ne, null,pac+age, private, protected, public, return, short, static, super, sitch, this, thro,true, try, void, hile.

    Non supported ;ey-5ordschar, double, )loat, long, native, synchroniGed, transient, threadsa)e, volatile, )inaliGe

    $peci%ic characteristics o% Java Card$peci%ic characteristics o% Java Card

    &ransient ob?ects (#@

    &ransient b?ects&ransient b?ects

    #tomicity 4 &ransaction#tomicity 4 &ransaction

  • 7/25/2019 JavaCard Bouzefrane Dec11 Anglais


    Card 2xceptionCard 2xception

    Runtime 2xceptionRuntime 2xception


    2xception in Java2xception in Java

    I% a method can thro5 an exception* it must be encapsulated by atry catch bloc;0





    }catch (Exception e)




    2xception in Java Card2xception in Java Card


    Non authori7ed example

    if (erreur) throw new ArithmeticException((short)0);

  • 7/25/2019 JavaCard Bouzefrane Dec11 Anglais


    Java Card #@I /0'Java Card #@I /0'

    3 re%erence pac;ages






    Class JCSystem

    !ethods to manage atomicity:beginTransaction$(: begins transaction commitTransaction$(: saves data o) the transaction into the 33=;* abortTransaction$(: cancels the transaction

    !ethod to manage transient ob?ects isTransient(Object(makeTransientXArray(short, byte( H Boolean, Short, Object

    !ethods to manage sharing

    !ethods to manage the in%ormation system: getVersion("

    javacard.framework packagejavacard.framework package

  • 7/25/2019 JavaCard Bouzefrane Dec11 Anglais


    Contains the card speci%icities

    Applet class:rovides a )raeor+ )or ipleentation and interaction ith the !"=3pples ust e/tend this class

    APDU class

    or e/changing data ith the terinal

    PIN class

    *anages the secret code

    javacard.framework @ac;agejavacard.framework @ac;age

    +ased on java.security pac;age

    #llo5s ;ey management and cryptographic %unctions

    In addition to the conventional algorithms* it also includes the generation%unction random number* signature and the calculation o% compression %unctions

    javacard.security @ac;agejavacard.security @ac;age

    #pplet development process#pplet development process

    " )ile



    &he C#@ ile contains:

    In)oration on classes

    3/ecutable " $yte "ode(

    in)oration necessary to lin+ing

    In)oration )or veri)ication

    It has the %ormat o% J#R (Java #rchive"

    C#@ ileC#@ ile

    ource: ebastian Jans, !ava "ard lat)or overvie, un *icrosystes Inc., 2008

    &he 2xport %ile is used by the convertor

    In%ormation used %or lin;ing and veri%ication

    Contains in%ormation on #@Is7ae o) the classes

    ignature o) ethods

    In)oration )or lin+ing beteen pac+ages

    It does not contain +C* it can be published 5ith an applet allo5ing the applet

    ave re-usable ob?ects (shareable"

    2xport ile2xport ile

    $upports the %ollo5ing operations:

    "opliance veri)ication o) the "lass ile orat

    #esting copliance aspects o) the !ava language

    InitialiGation o) static variables

    =e)erence resolution $classes, ethods and )ields( and placed undercopact to be ore e))ective in a sall syste

    ;ptiiGe the byte code

    llocation and creation o) structures that represent the classes in the !@*


    It provides a runtime environment to run +C o% the C#@ %ile0 It allo5s to theapplets loaded in a card run to be run on any plat%orm0

    It per%orms:

    #he e/ecution o) the "

    #he control o) the eory allocation

    and ensures sa)ety

    &he installation o% applets is per%ormed than;s to an applet loader that is

    distributed bet5een the terminal and the card


    Java Card #rchitectureJava Card #rchitecture

    ource: ebastian Jans, !ava "ard lat)or overvie, un *icrosystes Inc., 2008

    In 5or;station environment* the JD! is a process* it is initiali7ed at the begin andthen stopped at the end o% the process0 b?ects in R#! are lost0

    In order that in%ormation is retained %rom one session to another:

    In case o) a card, the initialiGation o) the !@* is done only once: at the>beginning o) li)e o) the card,> the ob?ects and data are stored in a non'volatileeory $33=;*, lash, etc.(.

    t each session ith the card:

    ' oer: the !"=3 is >reactivated>

    ' #he card receives and processes

    @ersistent ob?ects and temporary

    !ava "ard ob?ects are by de)ault persistent

    or reasons o) e))iciency $speed o) =ead rite in 7@*( andsecurity $+ey, interediate results(, applets can create teporary ob?ects

    #tomic operation and transaction

    #he !"@* ensures atoicity o) the updates hen odi)ying ob?ect values

    #he !"=3 provides an I to allo applets group several rerites and

    to provide consistency o) these updates $egin #ransaction, "oit, =oll'ac+(

    JCR2 characteristicsJCR2 characteristics

    2ach applet runs in its o5n space

    pplications separated by an applet )ireall to prevent intrusion

    #here is a sharing echanis that allos an applet to access

    services o))ered by an applet or by the !"=3.

    #pplet %ire5all sharing mechanism#pplet %ire5all sharing mechanism

    o5 to 5rite an applet Eo5 to 5rite an applet E

    #n application dedicated to a card

    "ode in the card: server application !ava "ard pplet

    "ode in the terinal: client application

    #n application built in 3 steps

    riting the server application $applet(

    Installation o) the !ava "ard applet

    riting the client application

    +uilding Java Card applets+uilding Java Card applets

    Java Card #@I /0'

    $tages o% development o% an applet

    peci)y the )unctions o) the applet:

    ' speci)y the I

    peci)y the )unctions o) the applet

    ssign an I< to the applet and an I

    #pplication 5ritten in Java Card

    #pplet on the card

    ' is selected

    ' receives essages )ro the reader

    ' processes these essages

    ' returns data to the reader

    ' is de'selected.

    #pplet behaviour#pplet behaviour

    8oads applets on the card

    $elect the applet to activate

    andles messages (#@

    8i%e cycle o% an applet8i%e cycle o% an applet

    nce the applet is loaded on the card* itmust be:- Installed* registered (identi%ied by theJCR2 through its #I

    2xample o% 2cho applet:

    Role: tore a data that it receives and returns it to the terinal.

    $peci%ying the %unctions o% the applet$peci%ying the %unctions o% the applet

    Java Card and the #@

    @ac;age #I
