Java Card API in Web Applet

Similar Messages

• How to calculate call duration using java card API

  Hi,
  I am developing an application using Java card API. I want to calculate duration of otgoing calls in it. I am trying to start timer at the beginning of call in Call Control event. Can someone kindly check following code of Call control event? Here timerManagement function is sending proactive command for starting timer for 3 hours. Here I am asuming that maximum call will be of 3 hours. In callDisconnect event i can get current value of timer and use it to calculate duration of call. But this scenario is also not working.
  Problem is that during code execution program stuck at send command (proHdlr.send();) of timmerManagement function. I am sending postAsBERTLV command before starting timer so may be reason is that it is not possible to send proactive command while phone is busy.
  But I also cannot send postAsBERTLV after timerManagement function. Because it is mention in specification that "The EnvelopeResponseHandler content must be posted before the first invocation of a ProactiveHandler.send method or before the termination of the processToolkit, so that the GSM applet can offer these data to the ME (eg 9Fxx/9Exx/91xx). After the first invocation of the ProactiveHandler.send method the EnvelopeResponseHandler is no more available"
  Take a look at following code
                   * Method illustrating the use of the Call Control event.
                  private void callControlService() {
                                  /** @todo: Replace following sample code with your implementation */
                                  ProactiveHandler proHdlr = ProactiveHandler.getTheHandler();
                                  EnvelopeHandler envHdlr = EnvelopeHandler.getTheHandler();
                                  ProactiveResponseHandler rspHdlr = ProactiveResponseHandler
                                                                  .getTheHandler();
                                  EnvelopeResponseHandler envRspHdlr = EnvelopeResponseHandler
                                                                  .getTheHandler();
                                  durationCount = 0;
                                   // allow call with no modifications
                                  envRspHdlr.postAsBERTLV((byte)0x9F, (byte)0x00);
                                  // start clock using timer
                                  timerManagement(proHdlr, rspHdlr, (byte) 0x0, timer_id, tempBuffer);
                                  return;
                  }Please help me in this regard
  Thanks
  Yasir

  I am also unable to start timer in call connected event. I cannot send any proactive command while phone is busy. I am using Gemalto development Suite and there simulators (Simulation 2G chain).
  Is it limitation of simulator that you cannot send any proactive command while phone is busy?
  Is there any other work around for getting call duration?

• About Java Card API 2.0

  Dear all,
  I want to get the Java Card API 2.0 but dont know where to get it.
  I go to the web pages of Sun but still cant find it.
  Do some body know where to get it or just have it and be able to send to me ?
  My e-mail is [email protected]
  Thank you very much .
  Angel Wang Taiwan.

  The reason I want Java Card 2.0 API is that
  I want to test something on my card
  because I meet some unkonown problems when I used API 2.1 .
  But now , all problems are fixed .
  So , I will continue to use API 2.1
  However, thank you very much.

• Using Java Card to perform web login

  I wanna to implement a login system using java card.
  whenever a user goes to the URL, it prompts to the user that he needs to plug in his java card, and the program reads the login token from his card.
  if the token matches with the one in DB, he can then login successfully. Fail otherwise.
  However, I have no idea on what i should do, in the signed applet that reads the token, and how the JavaCard API should be used.
  my card reader is Gemplus GCR410 and the card is GemXpress 211is.
  anyone can give me some hints or sample?

  I'm quite curious as to how to do this also. How does the applet in the browser communicate to the card reader? I have the GemXpresso RAD III development kit and I believe I understand how to develop an applet on the card, but there is no information about how to send the APDU commands to OCF which in turn would send the command to the reader. Any help would be greatly appreciated. Thanks,
  -Justin

• A question about Java Card API 2.2.1

  Hi,I am doing my first project on java card and I have the software installed(java_card_kit-2_2_1, OCF 1.2, j2sdk1.4.1).
  java_card_kit-2_2_1 include these package:
  java.lang
  java.io
  java.rmi
  javacard.framework
  javacard.security
  javacardx.crypto
  com.sun.javacard.impl
  com.sun.javacard.crypto
  My question is:
  How can I get the export files of the last two package:com.sun.javacard.impl and com.sun.javacard.crypto?
  I really need your help and please mail to me.My email is [email protected] you very much.

  Hi libin_hailang
  The last two packages are not part of the api.
  So, you only can use them on the Simulation.
  On a real card implementation you will not find these packages.
  This may be the reason for the not existing export files .
  But if you need them for other purpose you can create them with the converter.
  bye.

• Java card api and long

  Java card runtime does not have support for primitive long..... but if you absolutly had to have a long, how could one do it.
  I am thinking it would be some sort of byte[] representation. But I havent found any information. Can someone point me to the right direction

  The int keyword and its 32-bit integer data type are optionally supported.
  what is wrong with using a byte array ?
  you can convert long to byte array and vice versa with your
  own code.

• Urgent ! writing a java card applet -APDU problem

  hi
  i'm fairly new to the java programming language. i'm trying to write an RSA java card applet to run on a java card simulator.
  I am not sure at all what code i need to write for the CLA byte in the command APDU and what code i need to write for the INS byte in the command APDU, and where exactly to put it in my program.
  if anybody knows please could you help me out.
  So far i have written the code below.
  thanx
  louise
  import javacard.framework.*;
  import java.math.*;
  import java.util.*;
  /*the public key is the public part of the key. Anyone
  can have it. It can only encrypt data, not decrypt.*/
  public class publickey extends Applet{
  //code of the CLA byte in the command APDU header
  final static byte publickey_CLA = (byte)0x00;
  //max number of characters for text message is 60
  final static char MAX_TXT_MSG = 0x3c;
  //MAX number of tries (3) before PIN is blocked
  final static byte PIN_TRY_LIMIT = (byte)0x03;
  //size of PIN must be 4 digits long
  final static byte PIN_SIZE = (byte)0x04;
  //below status word(SW) values are returned by applet
  //in certain circumstances:
  //signal that the PIN verification failed
  final static short SW_PIN_VERIFICATION_FAIL = 0x6300;
  //signal that PIN validation required for txt msging
  final static short SW_PIN_VERIFICATION_REQUIRED = 0x630;
  //instance variables declaration
  OwnerPIN pin; //variable for holding owners pin
  BigInteger n,e;
  String owner;//variable for holding owners name
  /*make a public key. Do not do it yourself, but
  make a public key from a private key.*/
  publickey(String iowner,BigInteger in,BigInteger ie){
  owner=iowner;
  n=in;
  e=ie;
  public void process (APDU apdu) {
  byte[] buffer = apdu.getBuffer();
  //check Select APDU command
  if((buffer[ISO7816.OFFSET_CLA] ==0) &&
  (buffer[ISO7816.OFFSET_INS] ==(byte) (0xA4)) )
  return;
  if(buffer[ISO7816.OFFSET_CLA] !=publickey_CLA)
  ISOException.throwIt
  (ISO7816.SW_CLA_NOT_SUPPORTED);
  /*read the key back from a string.*/
  publickey(String from){
  StringTokenizer st=new StringTokenizer(from," ");
  owner=st.nextToken();
  n=readBI(st.nextToken());
  e=readBI(st.nextToken());
  /*use the key to encrypt a 'message' m. m should be a
  number from 1 to n (n not included).
  use makemessage to convert your message to a BigInteger.
  BigInteger encrypt(BigInteger m){
  return m.modPow(e,n);
  /*make a string from this key.*/
  public String toString(){
  return owner+" "+printBI(n)+" "+printBI(e);
  /*help methods for reading and writing:*/
  final static int radix=36;
  static String printBI(BigInteger b){
  return b.toString(radix);
  static BigInteger readBI(String s){
  return new BigInteger(s,radix);
  /* these methods convert an arbitrary message,
  in the form of an array of bytes, to a message
  suitable for encryption. To do this random bits
  are added (this is needed to make cracking of the
  system harder), and it is converted to a BigInteger.*/
  BigInteger makemessage(byte[] input){
  /*to understand this part of the program,
  read the description of the BigInteger constructor
  (in the standard java help). */
  if(input.length>128 ||
  input.length*8+24>=n.bitLength())
  return new BigInteger("0"); //error! message to long.
  byte[] paddedinput=new byte[n.bitLength()/8-1];
  for(int i=0;i<input.length;i++)
  paddedinput[i+1]=input;
  paddedinput[0]=(byte)input.length;
  for(int i=input.length+1;i<paddedinput.length;i++)
  paddedinput[i]=(byte)(Math.random()*256);
  return new BigInteger(paddedinput);
  /*the inverse of makemessage.*/
  static byte[] getmessage(BigInteger b){
  byte[] paddedoutput=b.toByteArray();
  byte[] output=new byte[paddedoutput[0]];
  for(int i=0;i<output.length;i++)
  output[i]=paddedoutput[i+1];
  return output;
  class privatekey{
  /*the data of a key*/
  BigInteger n,e,d;
  String owner;
  int bits;
  Random ran;
  /*unimportant things, needed for calculations:*/
  static int certainty=32;
  static BigInteger one=new BigInteger("1"),
  three=new BigInteger("3"),
  seventeen=new BigInteger("17"),
  k65=new BigInteger("65537");
  /*make a new key. supply the name of the owner of the
  key, and the number of bits.
  owner: all spaces will be replaced with underscores.
  bits: the more bits the better the security. Every
  value above 500 is 'safe'. If you are a really paranoid
  person, you should use 2000.*/
  privatekey(String iowner,int ibits){
  BigInteger p,q;
  bits=ibits;
  owner=iowner.replace(' ','_');//remove spaces from owner name.
  ran=new Random();
  p=new BigInteger(bits/2,certainty,ran);
  q=new BigInteger((bits+1)/2,certainty,ran);
  n=p.multiply(q);
  BigInteger fi_n=fi(p,q);
  e=chooseprimeto(fi_n);
  d=e.modInverse(fi_n);
  /*read the key back from a string*/
  privatekey(String from){
  StringTokenizer st=new StringTokenizer(from," ");
  st.nextToken();
  n=readBI(st.nextToken());
  e=readBI(st.nextToken());
  d=readBI(st.nextToken());
  /*some help methods:*/
  static BigInteger fi(BigInteger prime1,BigInteger prime2){
  return prime1.subtract(one).multiply(prime2.subtract(one));
  static BigInteger BI(String s)
  {return new BigInteger(s);}
  BigInteger chooseprimeto(BigInteger f){
  /*returns a number relatively prime to f.
  this number is not chosen at random, it first
  tries a few primes with few 1's in it. This
  doesn't matter for security, but speeds up computations.*/
  if(f.gcd(three).equals(one))
  return three;
  if(f.gcd(seventeen).equals(one))
  return seventeen;
  if(f.gcd(k65).equals(one))
  return k65;
  BigInteger num;
  do{
  num=new BigInteger(16,ran);
  }while(!f.gcd(num).equals(one));
  return num;
  final static int radix=36;
  static String printBI(BigInteger b){
  return b.toString(radix);
  static BigInteger readBI(String s){
  return new BigInteger(s,radix);
  /*returns the public key of this private key.*/
  publickey getpublickey(){
  return new publickey(owner,n,e);
  /*the same encryption that the public key does.*/
  BigInteger encrypt(BigInteger m){
  return m.modPow(e,n);
  /*decryption is the opposite of encryption: it
  brings the original message back.*/
  BigInteger decrypt(BigInteger m){
  return m.modPow(d,n);
  public String toString(){
  return owner+" "+printBI(n)+" "+printBI(e)+" "+printBI(d);
  /*this main demonstrates the use of this program.*/
  public static void main(String[] ps){
  say("************ make key:");
  privatekey priv=new privatekey("sieuwert",92);
  publickey pub=priv.getpublickey();
  say("the public key:"+priv);
  say("************ encrypt message:");
  byte[] P="RUOK?".getBytes();
  BigInteger Pc=pub.makemessage(P);
  say("converted:\t"+printBI(Pc));
  BigInteger C=pub.encrypt(Pc);
  say("coded message: "+printBI(C));
  say("************ decrypt message:");
  BigInteger Pc2=priv.decrypt(C);
  say("decoded:\t"+printBI(Pc2));
  byte[] P2=publickey.getmessage(Pc2);
  say("deconverted: "+new String(P2));
  static void say(String s){
  System.out.println(s);

  Command APDU is not written in your source code, rather it is sent from PC or programmed Card Acceptance Device/ Card Reader/ Terminal.
  The code installed in the Java Card should be able to handle the Command APDU received and process it accordingly, and finally your code should be able to send out response APDU.
  You may think your code as a decoder, to retrieve each byte (CLA, INS, P1, P2, DATA, LC) using the Java Card API, you should be able to do it.
  Also, I notice in your code that you want to work out with strings, but Java Card does not support strings, chars, long, float, double ...
  to send out reponse APDU, there are certain steps that you can use, not just simply print like ordinary J2SE may use.
  hope this will help u

• Java Card / SIM Card proprietary APIs

  Hello all,
  I am finishing my graduation on Informatics Engineering and my final thesis is about Smart Cards.
  In the thesis I have to present all the development solutions available to create Smart Cards and SIM Cards applications
  This way, i not only have to talk about Java Card API and SIM Toolkit, but also about the UICC and USIM toolkit and about proprietary APIs, like Gemalto, G&D, etc APIs.
  I have searched on the web about proprietary APIs, or special events/features to each types of cards but I couldn't get any documentation on this. Of course if they are proprietary I am not expecting to get the implementation or the code of it, but I just need any documentation about these APIs, or any description about the methods or events on them.
  So, did any of you guys already used any proprietary APIs? or have any information about any proprietary API?
  Thank you very much,
  Helri

  Hi Joseph, thank you for your response, i'll search for .NET cards and for PKCS#15 cards as well.
  That was a great help, thank you

• Java card confusing Issues!!!!!!! java card architecture, advantage!!!!!

  QUESTION -1
  As I know about architecture of any application is -
                  //normal java software                          java card                                  java card
                    //  1                                               2                                      3
  1-            application program                        host application                           host application
  2-                     JVM                                   Applets                                       Applets
  3-              operating system                JCRE(which contain all classes, JVM ....)                 JCRE(act as a O.S too)
  4                    hardware                              Operating system                                 H/W
  5                                                                        hardwareWhat do u think- case 2 is right? or 3 is!!!!!!!!!!!
  I think - case 3 is right!!!!
  As i study from several sources , JCRE is complete package - it behaves as a operation system and use the functionality of component it contain. I also think if i will purchase a java card from any vendor , it would have JCRE inside it (means everthing inside it,), i only need to develop the applet according to my requirement and install it by on card installer program
  QUESTION 2- what is the advantage of java card.?
  // I think.
  as i read out , i got the line that it is platform independent and support multiple application. applicaton point of
  view , I am agree but how it is platfrom independent. if we use java card for smart card development, then
  i will purchase Java card from differnt vendor , all will provide me card with supported jcre inside it, so why
  this is advantage here?
  // in case of window based application , it really make sense  because if i will make any window application with java
  // i can run it in windows , linux , unix and most of os flavours, here i can see the beauty of java language.
  Clear me this and add some other java card advantages, which make java card goodquestion 3-
  Now I am capaple to make simple applets, so I want to check the entire java card process atleast once before
  going in deep of something, I am thinking to implement prepaid card concept , i made it applet for it ,it will
  contain a page with 2 text box ( 1- for recharge 2- for money deduction ) and two button , with button click i
  want to select the applet and want to pass the apdu.
  ( a) how i can make host window application ? (i think awt will work for me? , *
  i never make any java window application yet) *
  ( b) still i dont have any java card , i want to make it by using simulator, is it possible?
    (c) in this scenario what framework i need to study Ex. Import javacard.framework.* for making
  applet or from where i need to start.Regards:
  rohit pathak
  Edited by: rohit pathak on Feb 9, 2012 10:10 PM

  Hi,
  QUESTION -1
  As I know about architecture of any application is -
  //normal java software                          java card                                  java card
  //  1                                               2                                      3
  1-            application program                        host application                           host application
  2-                     JVM                                   Applets                                       Applets
  3-              operating system                JCRE(which contain all classes, JVM ....)                 JCRE(act as a O.S too)
  4                    hardware                              Operating system                                 H/W
  5                                                                        hardwareWhat do u think- case 2 is right? or 3 is!!!!!!!!!!! If you are using Java Card then JCRE+JVM = OS and if you put this on ein package 3 then 3 is correct according to me.
  As i study from several sources , JCRE is complete package - it behaves as a operation system and use the functionality of component it contain. I also think if i will purchase a java card from any vendor , it would have JCRE inside it (means everthing inside it,), i only need to develop the applet according to my requirement and install it by on card installer program Actually it depends. There can be following models in this regards:
  1. Buy a empty smart card, Install your own OS and then write your applets for it.
  2. As you said, Buy a card with preloaded OS and then write applets for it.
  QUESTION 2- what is the advantage of java card.?
  * Interoperable: Applets developed with Java Card technology will run on any Java Card technology-enabled smart card, independently of the card vendor and underlying hardware.
  * Secure: Java Card technology relies on the inherent security of the Java programming language to provide a secure execution environment. Designed through an open process, the platform's proven industry deployments and security evaluations ensure that card issuers benefit from the most capable and secure technology available today.
  * Multi-Application-Capable: Java Card technology enables multiple applications to co-exist securely on a single smart card.
  * Dynamic: New applications can be installed securely after a card has been issued, enabling card issuers to respond to their customer's changing needs dynamically.
  * Compatible with Existing Standards: The Java Card API is compatible with international standards for smart cards such as ISO7816, or EMV. Major industry-specific standards such as Global Platform and ETSI refer to it.
  * Developers creating Java Card applications enjoy all the advantages of working in the Java programming language:
  Object-oriented programming yields greater code modularity and reusability, leading to higher programmer productivity.
  Protection features characteristic of the Java programming language apply to Java Card applets, enforcing strong typing and protection attributes.
  Powerful off-the-shelf development tools are readily available.
  source: http://java.sun.com/javacard/overview.jsp
  And also, in case of SIM card if you are using java card then RAM is possible and native cards don't have this ability.
  question 3
  Now I am capaple to make simple applets, so I want to check the entire java card process atleast once before
  going in deep of something, I am thinking to implement prepaid card concept , i made it applet for it ,it will
  contain a page with 2 text box ( 1- for recharge 2- for money deduction ) and two button , with button click i
  want to select the applet and want to pass the apdu.
  ( a) how i can make host window application ? (i think awt will work for me? , *You can use swing for this to make interface and use smartcardIO http://docs.oracle.com/javase/6/docs/jre/api/security/smartcardio/spec/javax/smartcardio/package-summary.html for sending APDUs.
  i never make any java window application yet) * It is easy you can look here and start: http://www.roseindia.net/java/example/java/swing/
  ( b) still i dont have any java card , i want to make it by using simulator, is it possible?Actually, smartcardIO will only interact with actuall card and for simulator you will have to use console for sending APDUs.
  (c) in this scenario what framework i need to study Ex. Import javacard.framework.* for making
  applet or from where i need to start.For your current case it is enough and for host app you should study smartcardio as i mentioned above.
  Hope it helps.
  Regards
  Umer

• ECC Curve P-224 implementation in java card

  Hello
  I am implemeting ECC in java card
  but I need the Curve P-224 as my length
  but Keybuilder is only upto P-192 only
  how can I generate ECC curves parameters and generate key pair
  using Curve P-224 .. please help
  Thank you!

  You're right, Java Card API 2.2.1/2 defines only up to 192 bit ECC key length. You have to find a smart card OS provider who has longer ECC key lengths implemented, offering you an industrial extension API to access it via your applet. Best is to contact smart card manufacturers with your question.

• Generate DES key with java card with JCRE 2.1.2

  Hi everyone,
  I want to generate DES key in my applet . my card supports GP 2.0.1 and JCRE 2.1.2 .
  I have tested my applet with JCRE 2.2.1 and used this JCSystem class functions to generate DES key and it compiles and works correctlly .
  but when I want to compile my applet with JCRE 2.1.2 I recieve an error which says that API 2.1.2 doesn't support JCSystem class .
  so I'll really appreciate it if anyone could tell me how can I generate DES key with JCRE 2.1.2
  and also I use JCSystem class functions to get my card's persistent and transistent memory , so with this class not working on JCRE 2.1.2 I have problem to read my free memories too .
  So I'll appreciate your help on this matter too.
  Best Regards,
  Vivian

  Hi Vivian,
  I don't seem to have any problem with the code you posted. What is the error you are getting? Is it with the compiler or with the CAP file converter? If it is a compiler error, you will need to ensure that the Java Card API jar is in your build path.
  Here is a simple class that works with JC 2.1.1 (which will work with JC 2.1.2 as well). I have confirmed that this applet compiles and will return encrypted data to the caller.
  package test;
  import javacard.framework.APDU;
  import javacard.framework.Applet;
  import javacard.framework.ISO7816;
  import javacard.framework.ISOException;
  import javacard.framework.JCSystem;
  import javacard.security.DESKey;
  import javacard.security.KeyBuilder;
  import javacard.security.RandomData;
  import javacardx.crypto.Cipher;
  * Test JC2.1.1 applet for random DES key.
  * @author safarmer - 1.0
  * @created 24/11/2009
  * @version 1.0 %PRT%
  public class TestApplet extends Applet {
      private DESKey key;
      private Cipher cipher;
       * Default constructor that sets up key and cipher.
      public TestApplet() {
          RandomData rand = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
          short lenBytes = (short) (KeyBuilder.LENGTH_DES / 8);
          byte[] buffer = JCSystem.makeTransientByteArray(lenBytes, JCSystem.CLEAR_ON_DESELECT);
          key = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES, false);
          rand.generateData(buffer, (short) 0, lenBytes);
          key.setKey(buffer, (short) 0);
          cipher = Cipher.getInstance(Cipher.ALG_DES_CBC_ISO9797_M1, false);
      public static void install(byte[] bArray, short bOffset, byte bLength) {
          // GP-compliant JavaCard applet registration
          new TestApplet().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
      public void process(APDU apdu) {
          // Good practice: Return 9000 on SELECT
          if (selectingApplet()) {
              return;
          byte[] buf = apdu.getBuffer();
          switch (buf[ISO7816.OFFSET_INS]) {
              case (byte) 0x00:
                  cipher.init(key, Cipher.MODE_ENCRYPT);
                  short len = cipher.doFinal(buf, ISO7816.OFFSET_CDATA, buf[ISO7816.OFFSET_LC], buf, (short) 0);
                  apdu.setOutgoingAndSend((short) 0, len);
                  break;
              default:
                  // good practice: If you don't know the INStruction, say so:
                  ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
  }Cheers,
  Shane

• How to evaluate an Java Card OS

  Hi all.
  Image that you have a card with java OS. How will you do to ensure that it is a real java OS.
  I think that i only can check by writing applet (use Java Card API Spec).
  Can you suggest me which i need to do to sure that all the function of OS are good, what are really important component..
  i think you understand my issue.
  Longing for your answer.
  Thanks

  I profit of this topic to ask some questions relating to JCOS :-)
  Recently, I've heard about JCOS development from one of my friend working on this project. Supposing that he has a complete JCOS codes. What will he do is to compile this project and assemble all the compiled codes to produce a hex file. Then, he load this hex file onto the smartcard for the next step (mass perso production).
  As he described (in fact his company is working such a project), this OS includes from the lowest level (HAL for example, implemented in C) to the highest one (application layer). I'm wondering, this kind of OS loading will leads to the fact that, his OS will be loaded onto the EEPROM of the smartcard. As far as I understand, OS will normally be loaded onto the ROM, the OS developper will give out the mask of their OS to IC manufacturer in order to load their OS on ROM in mass production. This makes me surprised because so far, I have always thought that, OS must be loaded onto ROM, not onto EEPROM as he told me (of course, some high level layer of OS can be loaded onto EEPROM).
  Is there anybody here who has been working on JC OS dev to clarify me on this point? And if possible, can you tell something about the differences between OS loading on EEPROM and OS loading on ROM from your point of view?
  Best regards,
  J-D

• Java Card compatibility with readers... (please help me!!)

  Hi,
  I would like to know how to determine the compatibility of a existing reader with the JavaCard technology.
  I have studied the standar ISO 7816 and I'm not sure if a reader must be compliant with absolutely all
  parts of the standar (Part 1,2,3,4,5,6) to be capable of read, write Java Cards and select the applet to
  execute.
  Especifically I need to know if the readers GEMPC410 and CASTLES EZ200 are able to read, write
  and execute multiple java applications.
  The specifications that a read, said that GEMPC410 can read and write ISO7816 1/2/3/4 and
  CASTLES EZ200 can read and write ISO7816 1/2/3 but i have the following doubt:
  These readers should be compatible with the part 4 and/or 5 of the ISO standar to
  interchange commands with the reader (Part 4) and identifie the applications to execute (Part 5)?.
  Where I can find more information about this issues?
  Thank you very much for your soon answer.

  Well,
  There are two type of readers you can use with JavaCards:
  Contact readers
  As specified in ISO7816, for the contact readers working with T=0 and T=1 protocols. On win machines they are normally supported with the PC/SC interface, most of the readers are able to talk to that interface. In other words - if you can use any card on ur comp and if it is win platform JC will work fine.
  Contactless readers
  As specified in ISO14443, this babies are talking T=CL protocol. For now I know only JCOP30 products that are operating also in contactless mode. For this you will have to acquire some contactless reader and they are commong with drivers for standalone apps or for the PC/SC IF.
  But chance that you will use the second option in next 3 years is rather small.

• Develop Mutiple application java card?

  how does the multiple application java card works?I mean do we have to write different applets for different applications? and if yes then how does the card reader will recognize for which application the card should be used? Can anyone help me???

  Hi,
  how does the multiple application java card works?Multiple applets can exist on a single card because each applet instance is identified by a unique AID (application identifier). The card knows which applet is currently active and manages this for you. The active applet is the last applet that has been selected in the current session or the default applet for the card. If there is no default applet the card manager will be active.
  do we have to write different applets for different applications? If the different application requires different functionality you may want to use a separate applet but you can have multiple instances of the same applet as long as each instance has a unique instance AID. The instance AID is different to the applet/module AID (but it can be the same value). Each instance will have the same applet AID. You need to be careful with static variables when you have multiple instances of an applet as in any Java application, as there is still only on copy of the class in the JVM.
  how does the card reader will recognize for which application the card should be used?The card reader does not care which applet is being used. It only cares about the physical card. The card manager handles the currently active applet.
  I hope I have explained this clearly enough. One thing to remember is there are 3 AID's. The package AID, the module AID (for the applet class in the package) and the instance AID (for the instance of the applet created in the JVM with an install for install command).
  Cheers,
  Shane

• Acquiring a Java Card

  Hello,
  My company wished to update its authentification system, and replace the actual magnetic card by a Java Card. I have a few questions to ask ( some of them are very newbie, sorry :) :
  1. Does some models exists with a magnetic part ?
  2. I saw severals models, CyberFlex (SLB), Gemplus ... there are a lot of company which create Java Cards ... are there big differences between these cards ?
  3. My company acquired a long time ago a smart card reader : GemPlus GCR400. Does it Handle Java Cards, or must we acquire a new one ? Do I need a specific card reader for one type of Java Card, or maybe every Java Card works in any smart card reader ?
  4. Could I start to program some piece of software and test it on an emulator ? Does emulators exists ? If yes, could you give me links to get them ?
  Thanks in advance.

  1. Yes, look at the Visa card, and the American Express card.
  2. Nothing, other than crypto implementations. That's the purpose of the Java Card API.
  3. Yes, any ISO reader will work.
  4. Yes, an emulator comes with Sun's kit. Most vendors except SLB, provide simulators with their kits.