Using JCOP tools under Linux
Hello.
I looked through the older web sites of IBM regarding the usage of JCOP tools under Linux.
I am interested in following questions:
1. Is there any separate distributon version of JCOP tools for Linux?
2. Can sample JCOP tools 3.1.2 plugin (for Windows) be used under Linux. What has to be modified? Also what additional tools have to be installed an used for communication with real cards through PC/SC readers.
3. Is JCOP simulation option available under Linux?
I'll appreciate any help.
Best regards,
newbie
newbie2007 wrote:Hello.
I looked through the older web sites of IBM regarding the usage of JCOP tools under Linux.
I am interested in following questions:
1. Is there any separate distributon version of JCOP tools for Linux?
2. Can sample JCOP tools 3.1.2 plugin (for Windows) be used under Linux. What has to be modified? Also what additional tools have to be installed an used for communication with real cards through PC/SC readers.
3. Is JCOP simulation option available under Linux?
I'll appreciate any help.
Best regards,
newbieEverything should work, except for the target pack and the non-existent Linux Pegoda driver.1. The is no seperate Linux distribution. You just need a Linux distribution for Eclipse.JCOP Tools plugin should work under Linux, except for the target pack and the non-existent Pegoda driver for Linux.1. There is no seperate Linux distribution. You just need the Linux distribution for Eclipse.
2. Prior to JCOP Tools 3.1.2 the last time something was mentioned about Linux was in the release notes of 3.1.1b . In version 3.2.0 IBM added a linux_support page to the JCOP Tools user guide (see release notes and linux_support page below).
3. There shouldn't be any problems with the generic simulation. The target pack runs only with Windows though.
h1. Release Notes
h2. Version
JCOP Tools 3.1.1.b (Bärlach)
h2. What's new?
h3. 3.1.1.b
<ul><li>New simulation (fixed static obj/arr bug, fixed instance field token bug).</li>
<li>Applet privileges can now be specified in the launch configuration dialog.</li>
<li>The "exportmap" feature is now available.</li>
<li>The JCOP Performance Test Demo ("JCOP Factor") is now included.</li>
<li>Minor bug fixes.</li>
</ul>
h2. Known problems
<ul><li>Simulations do not run (Linux, MacOS X)
The Eclipse update manager does not set the execute permission bits for the simulations. You need to manually <code>chmod 755</code> those files in ECLIPSE/plugins/com.ibm.bluez.jcop.eclipse_3.1.1.x/simuls/
</li>
<li>PC/SC Support (Linux)
JCOP Tools only works with pcsc-lite 1.2.0.
</li>
</ul>
h2. Frequently Asked Questions
Please refer to the online FAQ at http://www.zurich.ibm.com/jcop/download/eclipse/faq/.
h2. Bug Reports
Please send bug reports to [email protected]. Make sure you include the following:
<ul><li>Problem description</li>
<li>Steps to reproduce</li>
<li>Eclipse version and build number (Help > About)</li>
<li>JCOP Tools version (Help > About; click on BlueZ icon)</li>
</ul>
h2. Using JCOP Tools with Linux (>= 3.2.0)
h3. ___
Overview
The current JCOP Tools release now also offer a version for the popular Linux
operating system. Both the Windows and Linux verson provide more or less the same
functionality, and JCOP application development can thus fully succeed on Linux systems.
Nevertheless, installation of the JCOP Tools differ between Windows and Linux
where the Linux version does not provide a simple installer as in case of Windows.
Additionally, the Linux version expects a properly setup Muscle PCSC installation
as soon as you want to use them together with physical, real cards. As Muscle
PCSC is still not shipped with most Linux distributions, you must download and
install them separately from the JCOP Tools.
h3. ___
Contents
h3. ___
Software Requirements
Linux distribution
The JCOP Tools simulation has been developed on a Fedora Core 6 system, but should also work in case of
many other recent Linux distributions.
Java Development Kit
The JCOP Tools have been developed and tested with the Sun JDK 1.4.2_13-b06
for Linux. Your success with other Development Kits may vary as there are
partly subtle differences across the different devlopment kits.
PCSC
The JCOP Tools use PCSC to talk with real cards on Linux. Most distributions
do not ship with Linux PCSC by default (Fedora Core 6 does), you must thus download it fromhttp://www.linuxnet.com
and install it by yourself. If you are used to software installation under Linux,
and are not afraid of compiling and installing software packages, this should
not be a hard problem. You have to download both the base PCSC package
(including PCSC daemon and client libraries) and separately the driver
for the reader you want to use. The PCSC package contains a test program
which should tell you whether your installation is set up correctly and
communicating with a card works. The JCOP Tools have been reported to
work together with Muscle PCSC version 1.3.1-7.
JPCSC
The JCOP Tools are shipped with JPCSC which you can also download athttp://www.linuxnet.com. JPCSC
is a JNI library which offers Java applications the access to PC/SC functions
by mapping their requests to an underlying native PC/SC implementation. The JCOP
Tools - mostly written in Java - thus depend on JPCSC to communicate with real cards
on Linux. JPCSC depends on a properly installed and setup PC/SC environment.
Especially, the JAVA_LIBRARY_PATH should list the directories where the
PC/SC client libraries and the native JPCSC library libjpcsc.so ( downloadable as binary from
Windows Binary Download Here )
are installed, the CLASSPATH variable should list th___
Miscellaneous
What should work
As soon as you setup your system correctly, there should only be minor differences
between using JCOP Tools on Windows or on Linux. Emulating a real JCOP,
debugging, shell, cap-file conersion should all be possible as in case of Windows.
What is missing
No drivers or tools are currently available for using JCOP30's in contactless
mode. If you need such support, please contact directly NXP
at for further assistance.
Copyright 2001,2007 IBM Corp. All rights reserved.
Edited by: lexdabear on Sep 28, 2007 4:13 PM (I hate the new edit)
Similar Messages
-
JCOP tools under linux - no readers detected for activation
[eclipse 3.1.2, pcsc-lite 1.4, redhat el3]
I just downloaded the JCOP tools as described in the following post:
http://forum.java.sun.com/thread.jspa?forumID=23&threadID=722788
I found that it would not install under linux, because win32 has been specified in the site and feature manifest files. When I removed these entries, it installed OK.
Now, when I attempt to activate using my "engineering sample" card, the activation wizard notifies me that no PC/SC readers were detected. I'm puzzled by this, since pcsc-lite (1.4) is working well on my system, and I can see the reader & card being detected in pcscd's log. I have also been careful to ensure that eclipse knows about the shared library paths and I've even included jpcsc.jar as an extra library.
If anyone else has JCOP tools working under linux, I'd appreciate any insights that might help. My issue may be simply that I have downloaded a custom windows distribution (tools.zip) - hence the manifest hack - perhaps there is a linux one?Could be the pcsc-lite 1.4 version the problem?
http://forum.java.sun.com/thread.jspa?forumID=23&threadID=688560PC/SC Support (Linux)
JCOP Tools only works with pcsc-lite 1.2.0. -
Video/Audio tools under Linux???
Hi,
I'm very green in this but is assigned the task of
setting up IP/TV clients on a Linux box. We used
IP/TV 3417 and it worked fine with WinXP + Cisco
IP/TV Viewer.
I'm trying vic and vat. The former doesn't seem to
recognize MPEG streams and the later has always
complained "vat: Sorry, cannot decode this type of
audio" where the audio formats on our network are
L8 and MPEG3 (whatever these mean).
My question is, can someone point me to a video/audio
tool under Linux that understands more video/audio
formats?
Thank you.
WeiI think, the IP/TV clients do not run on Linux boxes. It does on Windows alone. Check out the following document for more details.
Chapter 2: Requirements
http://www.cisco.com/en/US/products/sw/conntsw/ps1869/products_user_guide_chapter09186a00800eaccb.html -
Using the Oracle Repository Command Line Tool under Linux
I have to use the command lines of Linux for SCM commands(like repcmd,
set workarea, checkin etc...)
should I have to install something?
I have documentation for using the oracle repository command line Toll
for Windows and Unix, but I didn't found anything about using the oracle
repository command line Tool for Linux.JDeveloper runs excellent on Linux and is supposed to be able to use the repository, but that's a GUI...
-
How do I control DAQ boards under Linux using C (gcc)?
I need to control multifunction DAQ boards using C (gcc) under Linux/x86. What drivers/packages do I need to use?
Hi NEB,
You will need to download DAQmxBase 1.3.1 found here:
http://digital.ni.com/softlib.nsf/websearch/47D4C7DDD7C777C886256F230070A606?opendocument&node=132060_US
The readme file contains information about what kernels it has been tested on.
Thanks,
Sal -
Color saturation problem in Acrobat Reader 7.0.9 under Linux
Hi,
I'm working with a guy who is producing PDFs of my work with Indesign.
Using acrobat reader under Linux (version 7.0.1 and also 7.0.9), the colours in these PDFs always appear very saturated. This is a big problem for me because I cannot see with the reference viewer the results of PDFs to be sent to print.
I tried the same pdf file under OS X & Windows, it appears OK with Acrobat reader. Other free pdf readers under Linux also show the right colours (but not always the transparency ;-).
Does anybody has an idea to help me?
@Adobe people: in case you want to test, I drop a copy of my PDF file at: http://cardot.net/files/pdfcolours.pdf (2.24 MB)
Thanks in advance
Jean-Christophe CardotWe are able to reproduce color saturation problem at our end. We have noted down and will work on this.
Thanks. -
Hello,
i would like to know, what scripts is JCOP tools exactly running while building Java files (generating class files) and converting them to CAP files. I.e. what does "Build autoimatically" exactly do in ECLIPSE IDE with JCOP plug-in? What .jar files are also used?
I.e. i want to be able to rebuild my Java Card projects for different version os java cards without opening the Eclipse IDE, openning projects and building them in IDE.
I would appreciate nay information.
Thanks a lot,
best regards,
newbie.Hello.
Thanks a lot lexdabear for your reply.
The post you've noticed above was very useful for me. I have solved the problem with tric.jar and also would like to add my 50 cents regarding some solutions proposed by Lillesand.
The error listed below can be simply avoided by explicitly declaring the whole name of the applet, i.e. -a 0xF3:0xF3:0xF3:0xF3:0xF3:0xA1:0xA1:0xA1:0xA1:0xA1 no.qfree.keyexport.KeyDiversification.
E:\tools\captest2>java -cp e:\eclipse\plugins\com.ibm.bluez.jcop.eclipse_3.1.2\tric.jar com.ibm.jc.apps.tric.jc.Converter
-dd e:\tools\captest2\
-cp e:\workspace\KeyExport\bin\;e:\tools\java_card_kit-2_2_2\lib\api.jar
-ep E:\tools\java_card_kit-2_2_2\api_export_files
-a 0xF3:0xF3:0xF3:0xF3:0xF3:0xA1:0xA1:0xA1:0xA1:0xA1 KeyDiversification 0xF3:0xF3:0xF3:0xF3:0xF3:0xA2:0xA2:0xA2:0xA2:0xA2 StringStorage
no.qfree.keyexport 0xF3:0xF3:0xF3:0xF3:0xF3 1 0
Error: class java.lang.RuntimeException, no such applet class LKeyDiversification; found in package no/qfree/keyexportAlso my there are some facts that i have figured out during the usage of tric.jar through command line:
1. Eclipse IDE produces slightly different .class files than i do by using
javac -source 1.3 -target 1.2 -g options during the compilation. May be it uses additional options?
2. Perhaps, as a result, a bit different CAP files are produced that the ones built automatically using Eclipse IDE GUI. Those CAP files also slightly differ in size (usually smaller tha mines). The only components that differ in size are:
Method.cap
Debug.cap.
The files produced through command line work just fine. I guess, that JCOP tools may additionally optimize the .class files to produce a bit smaller .CAP files.
3. Regarding the version information JCOP tools tric.jar produces
CAP files with version M=2, m=1 when using JC211 API, and
CAP files with version M=2, M=2 when using JC221.
I also converted the same files uding JCDKv2.2.1. It produces CAP files of version M=2, M=1.
In my opinion, all the problems that occured in the aforementioned post by Lillesand were caused by wrong usage of the JC2.2.2 export files.
I totally agree with you, lexdabear regarding choosing only one solution. In case you are using JCOP tools (through GUI or command line) you must use JCOP JC API .jar files and tric.jar converter.
If you are using JCDK, you must use its api.jar library with export files and converter from JCDK (coverter.bat).
I hope this info might be useful.
Best regards,
Eve
Edited by: Ieva on Nov 5, 2007 4:11 AM -
Java card cap file install error in jcop tools
When i try to run java card applet in real java card it gives this error.i used jcop tools and java version 1.5 and eclipse 3.2.when i run the applet in simulater it works fine.i saw some document it says allocate memory for the installation process.i don't know how to do that.
/term "winscard:4|SCM Microsystems Inc. SCL010 Contactless Reader 0"
--Opening terminal
> /card -a a000000003000000 -c com.ibm.jc.CardManager
resetCard with timeout: 0 (ms)
--Waiting for card...
ATR=3B 8A 80 01 4A 43 4F 50 33 31 56 32 33 32 7A ;...JCOP31V232z
ATR: T=0, T=1, Hist="JCOP31V232"
=> 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
(23807 usec)
<= 6F 65 84 08 A0 00 00 00 03 00 00 00 A5 59 9F 65 oe...........Y.e
01 FF 9F 6E 06 47 91 73 51 2E 00 73 4A 06 07 2A ...n.G.sQ..sJ..*
86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`...*.H..k
02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ....c...*.H..k.d
0B 06 09 2A 86 48 86 FC 6B 04 02 15 65 0B 06 09 ...*.H..k...e...
2B 85 10 86 48 64 02 01 03 66 0C 06 0A 2B 06 01 +...Hd...f...+..
04 01 2A 02 6E 01 02 90 00 ..*.n....
Status: No Error
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> init-update 255
=> 80 50 00 00 08 AC B1 90 01 BF 2D 24 A0 00 .P........-$..
(49906 usec)
<= 00 00 91 18 01 39 93 95 05 59 FF 02 00 2C BE 39 .....9...Y...,.9
5E A5 07 55 87 B8 C3 A8 A6 93 66 2B 90 00 ^..U......f+..
Status: No Error
cm> ext-auth plain
=> 84 82 00 00 10 0C AE 50 3E C8 7E 1D 92 29 E2 59 .......P>.~..).Y
08 D9 DA 02 16 .....
(57276 usec)
<= 90 00 ..
Status: No Error
cm> delete 060504030201
=> 80 E4 00 00 08 4F 06 06 05 04 03 02 01 00 .....O........
(40041 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> delete 010203040506
=> 80 E4 00 00 08 4F 06 01 02 03 04 05 06 00 .....O........
(17392 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> upload -d -b 250 "Cap File location"
=> 80 E6 02 00 13 06 01 02 03 04 05 06 08 A0 00 00 ................
00 03 00 00 00 00 00 00 00 .........
(32303 usec)
<= 00 90 00 ...
Status: No Error
=> 80 E8 00 00 FA C4 81 F2 01 00 23 DE CA FF ED 02 ..........#.....
02 04 00 01 06 01 02 03 04 05 06 12 68 6D 73 2F ............hms/
6A 61 76 61 63 61 72 64 2F 68 65 6C 6C 6F 02 00 javacard/hello..
21 00 23 00 21 00 0A 00 0B 00 1E 00 0E 00 3D 00 !.#.!.........=.
0A 00 0B 00 00 00 4D 01 BE 00 00 00 00 00 00 01 ......M.........
01 00 04 00 0B 01 02 01 07 A0 00 00 00 62 01 01 .............b..
03 00 0A 01 06 06 05 04 03 02 01 00 08 06 00 0E ................
00 00 00 80 03 00 FF 00 07 01 00 00 00 1C 07 00 ................
3D 00 01 10 18 8C 00 05 7A 05 30 8F 00 00 3D 8C =.......z.0...=.
00 01 18 1D 04 41 18 1D 25 8B 00 02 7A 02 21 18 .....A..%...z.!.
8B 00 03 60 03 7A 19 8B 00 04 2D 1A 04 25 73 00 ...`.z....-..%s.
09 00 00 00 00 00 0F 11 6D 00 8D 00 06 7A 08 00 ........m....z..
0A 00 00 00 00 00 00 00 00 00 00 05 00 1E 00 07 ................
01 00 02 00 06 00 00 01 03 80 03 02 03 80 03 03 ................
03 80 0A 01 06 80 03 00 06 80 07 01 09 00 0B 00 ................
00 00 07 05 06 04 0A 07 07 13 0B 00 4D 01 00 00 ............M...
(764519 usec)
<= 6A 80 j.
Status: Wrong data
jcshell: Error code: 6a80 (Wrong data)
jcshell: Wrong response APDU: 6A80
Unexpected error; aborting executionThanks ReNa
i am using nxp jcop 31 contact-less card.and it will support for java card 2.2.1 and global-platform card specification 2.1.1 .so i am using nxp jcop training 2007 tools and it has java card 2.2.1 and global-platform card specification 2.1.1.Inside my project there are three jar files these are jc221.jar and gp211.jar and bio10.jar
i will appreciate your help
Thanks -
JCOP Tools init-update problem
Hello, everybody!!!
I wanna simulate CardManager authentication behaviour and have some problems... Below i show you excerpts from my applet and the process of sending INITIALIZE UPDATE command to it using JCOP Shell.
If somebody has an idea to deal with this issue, please help.
Here's the definition of key i've used:
byte[] secKey = new byte[] {
(byte)0x40, (byte)0x41, (byte)0x42, (byte)0x43,
(byte)0x44, (byte)0x45, (byte)0x46, (byte)0x47
};This is done inside the constructor (secKey declared as a class field).
Next, i've added method to process INITIALIZE UPDATE command:
private boolean processInitUpdate(APDU apdu) {
byte[] buffer = apdu.getBuffer();
if((buffer[ISO7816.OFFSET_CLA] != 0x80) &&
(buffer[ISO7816.OFFSET_INS] != 0x50))
return false;
byte challengeLen = buffer[ISO7816.OFFSET_LC];
byte dataRead = (byte)apdu.setIncomingAndReceive();
if((challengeLen != 0x08) || (dataRead != 0x08)) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
// Encrypted cryptogram buffer
byte[] cryptogram = new byte[8];
DESKey des_key = (DESKey)KeyBuilder.buildKey(
KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES, false);
des_key.setKey(secKey, (short)0);
Cipher cipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
cipher.init(des_key, Cipher.MODE_ENCRYPT);
// Encrypt the incoming challenge
cipher.doFinal(buffer, ISO7816.OFFSET_CDATA, (byte)8, cryptogram, (byte)0);
// Output data
byte[] keyDeriviation = new byte[] {
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00,
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00
byte[] keyInfo = new byte[] {
(byte)0xff, (byte)0x02
// TODO generate random
byte[] challenge = new byte[] {
(byte)0x11, (byte)0x22, (byte)0x33, (byte)0x44,
(byte)0x55, (byte)0x66, (byte)0x77, (byte)0x88
// Calculate total length of the data to be sent
short totalLen = (short)(keyDeriviation.length + keyInfo.length +
cryptogram.length + challenge.length);
apdu.setOutgoing();
apdu.setOutgoingLength(totalLen);
apdu.sendBytesLong(keyDeriviation, (short)0, (short)keyDeriviation.length);
apdu.sendBytesLong(keyInfo, (short)0, (short)keyInfo.length);
apdu.sendBytesLong(challenge, (short)0, (short)challenge.length);
apdu.sendBytesLong(cryptogram, (short)0, (short)cryptogram.length);
return true;
}This method returns true if command has been processed successfully.
I've used GlobalPlatform specification to properly parse command APDU and to generate response APDU.
Then i use JCOP Tools for Eclipse shell. I select above applet and define keys as follows:
set-key 255/1/DES-ECB/4041424344454647
set-key 255/2/DES-ECB/4041424344454647
set-key 255/3/DES-ECB/4041424344454647Then i use init-update command:
init-update 255Shell generates the following APDU command sequence:
80 50 00 00 08 C3 17 13 59 C6 0F ED ED 00We can see the challenge, generated by simulator: C3 17 13 59 C6 0F ED ED.
I got the response:
00 00 00 00 00 00 00 00 00 00 FF 02 11 22 33 44 55 66 77 88 4D 4C E8 7E 6A 04 B1 43 90 00It seems everything all right, but shell shows an error:
Status: No Error
jcshell: Error code: -5 (Authentication failed)
jcshell: Wrong response APDU: 00000000000000000000FF0211223344556677884D4CE87E6A04B1439000I think I set keys inside the shell incorrectly. I use triple-DES, but code uses simple DES. However, i use equal keysets for triple-DES so it's the same as DES.
What's wrong?
Thank you.Hello everybody, again!
At last, I solved my problem. The issue was I incorrectly generated card cryptogram data. Cryptogram must be constructed using full triple DES algorithm. After that JCOP shell processes init-update 255 successfully.
Below I'll present working code for processing INITIALIZE UPDATE command in JCOP tools, maybe this will be helpful for somebody.
private boolean processInitUpdate(APDU apdu) {
byte[] buffer = apdu.getBuffer();
// Whether this INITIALIZE UPDATE command?
if((buffer[ISO7816.OFFSET_CLA] != 0x80) &&
(buffer[ISO7816.OFFSET_INS] != 0x50))
return false;
byte challengeLen = buffer[ISO7816.OFFSET_LC];
byte dataRead = (byte)apdu.setIncomingAndReceive();
if((challengeLen != 0x08) || (dataRead != 0x08)) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
// TODO generate random
// Card challange
byte[] challenge = new byte[] {
(byte)0x11, (byte)0x22, (byte)0x33, (byte)0x44,
(byte)0x55, (byte)0x66, (byte)0x77, (byte)0x88
// DES Secure Channel Encryption Key (S-ENC) generation
// Deriviation data array
byte[] derivData = new byte[16];
// Secure Channel Encryption Key data array
byte[] s_enc_key = new byte[16];
// The construction of deriviation data
Util.arrayCopy(buffer, (short)(ISO7816.OFFSET_CDATA + 4), derivData, (short)12, (short)4);
Util.arrayCopy(challenge, (short)0, derivData, (short)8, (short)4);
Util.arrayCopy(buffer, ISO7816.OFFSET_CDATA, derivData, (short)4, (short)4);
Util.arrayCopy(challenge, (short)4, derivData, (short)0, (short)4);
// Construct and initialize Cipher with des_key
DESKey des_key = (DESKey)KeyBuilder.buildKey(
KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_2KEY, false);
des_key.setKey(secKey, (short)0);
Cipher cipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
cipher.init(des_key, Cipher.MODE_ENCRYPT);
// Generate session S-ENC key
cipher.doFinal(derivData, (byte)0, (byte)derivData.length, s_enc_key, (byte)0);
// Card Authentication Cryptogram generation
// Cryptogram data array
byte[] cryptogram = new byte[8];
// Initial vector data
byte[] initVector = new byte[] {
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00,
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00
// Construct and initialize Cipher with s_enc_key
des_key.setKey(s_enc_key, (short)0);
cipher = Cipher.getInstance(Cipher.ALG_DES_CBC_NOPAD, false);
cipher.init(des_key, Cipher.MODE_ENCRYPT, initVector, (short)0, (short)initVector.length);
// Extract host challenge from input buffer
byte[] hostChallenge = new byte[8];
Util.arrayCopy(buffer, ISO7816.OFFSET_CDATA, hostChallenge, (short)0, (short)hostChallenge.length);
// Step 1: Encrypt host challenge using ICV of binary zeroes
byte[] inputData = xorOperation(initVector, hostChallenge);
cipher.doFinal(inputData, (short)0, (short)inputData.length, cryptogram, (short)0);
// Step 2: Encrypt card challenge using results of the previous operation
inputData = xorOperation(cryptogram, challenge);
cipher.doFinal(inputData, (short)0, (short)inputData.length, cryptogram, (short)0);
// Step 3: Encrypt DES padding data using results of the previous operation
byte[] pad = new byte[] {
(byte)0x80, (byte)0x00, (byte)0x00, (byte)0x00,
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00
inputData = xorOperation(cryptogram, pad);
cipher.doFinal(inputData, (short)0, (short)inputData.length, cryptogram, (short)0);
// Generate output
byte[] keyDeriviation = new byte[] {
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00,
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00
byte[] keyInfo = new byte[] {
(byte)0xff, (byte)0x01
// Calculate total length of the data to be sent
short totalLen = (short)(keyDeriviation.length + keyInfo.length +
cryptogram.length + challenge.length);
apdu.setOutgoing();
apdu.setOutgoingLength(totalLen);
apdu.sendBytesLong(keyDeriviation, (short)0, (short)keyDeriviation.length);
apdu.sendBytesLong(keyInfo, (short)0, (short)keyInfo.length);
apdu.sendBytesLong(challenge, (short)0, (short)challenge.length);
apdu.sendBytesLong(cryptogram, (short)0, (short)cryptogram.length);
return true;
private byte[] xorOperation(byte[] op1, byte[] op2) {
byte[] res = new byte[8];
if((op1.length != 8) || (op2.length != 8)) return null;
for(byte i = 0; i < res.length; i++) {
res[i] = (byte)(op1[i] ^ op2);
return res;
Regards, Eugene. -
Has anyone used multithreaded OCI under linux? If so could you please tell me how you got this to work. What libraries and settings etc. as this does not seem to be working for me.
AaronWhat doesn't work (compile, link, etc)? What errors do you see?
-
320 GB External Drive (PX1267E-1GB32) under Linux
Hi,
I just bought a Toshiba 320 GB External Drive (PX1267E-1GB32) and I need it to work under Linux.
Linux recognizes the drive as a SDA but give an I/O error with an Unable to read partition table.
Any idea what is the problem? Can I use this Drive under linux?
Carlos.@Gipsyman
Sorry, but he could be right imho.
This disk mounts a cd-drive with the security software on it. This could be the reason why other operating systems could have difficulties recognizing it. A solution to the problem could be deleting the whole partition, which you mentioned, but you cannot use Disk Management for this issue. Because of the fact that the disk has one partition containing two partitions (CD-drive and FAT32 disk), one has to delete this partition as a whole. I haven't yet figured out how to delete this partition (which is tagged as 'BAD' by Partition Magic 8). I tried to format it to NTFS, but that doesn't work either. -
JCOP Tools Problem Error code: 6985 (Conditions of use not satisfied)
I have a problem with the JCOP tools. I am developing a very simple applet which does nothing at all. It is a "hello world" type applet so that I can get something working. It compiles ok, however as soon as I try to run it under the emulator I get an error.
Status: Conditions of use not satisfied jcshell: Error code: 6985 (Conditions of use not satisfied) jcshell: Wrong response APDU: 6985
This always happens when the jcshell issues the install command.
The install command is:
install -i 1234567890 -t -l -d -m -p -s -b -e -q C9#(1234567890) 1234567890 1234567890
I must be doing something very basic incorrectly. I have tried searching the forums and internet and I haven't found anything. Any help would be appreciated.
The code is this:
package pt.microfil.test;
import javacard.framework.*;
import javacard.framework.ISO7816;
import javacard.framework.ISOException;
import javacard.framework.APDU;
public class testcard extends Applet {
final static byte CLASS = (byte) 0x80; // Class of the APDU commands
final static byte INS_READ = (byte) 0x02; // instruction for the READ APDU command
// this is the text string which will send back from the ICC to the IFD
final static byte[] text = {(byte) 'e', (byte) 't', (byte) 's', (byte) ' ',
(byte) 'g', (byte) 'e', (byte) 'h', (byte) 't', (byte) 's', (byte) ' ',
(byte) 'd', (byte) 'e', (byte) 's', (byte) ' ',
(byte) 'G', (byte) 'l', (byte) 'u', (byte) 'm', (byte) 'p'};
public static void install(byte[] bArray, short bOffset, byte bLength) {
// GP-compliant JavaCard applet registration
//new testcard().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
new testcard().register();
public static void install() {
new testcard().register();
public void process(APDU apdu) {
byte[] cmd_apdu = apdu.getBuffer(); // the cmd_apdu variable is used because of performance reasons
if (cmd_apdu[ISO7816.OFFSET_CLA] == CLASS) { // it is the rigth class
switch(cmd_apdu[ISO7816.OFFSET_INS]) { // check the instruction byte
case INS_READ: // it is a READ instruction
// check if P1=P2=0
if ((cmd_apdu[ISO7816.OFFSET_P1] != 0) || (cmd_apdu[ISO7816.OFFSET_P2] != 0)) {
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
} // if
// check if P3=length of the text field
short le = (short)(cmd_apdu[ISO7816.OFFSET_LC] & 0x00FF); // calculate Le (expected length)
short len_text = (short)text.length; // the len_text variable is used because of performance reasons
if (le != len_text) {
ISOException.throwIt((short)(ISO7816.SW_CORRECT_LENGTH_00 + len_text)); // give the expected length back to the IFD
} // if
apdu.setOutgoing(); // set transmission to outgoing data
apdu.setOutgoingLength((short)len_text); // set the number of bytes to send to the IFD
apdu.sendBytesLong(text, (short)0, (short)len_text);
break;
default : // the instruction in the command apdu is not supported
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
} // switch
} // if
else { // the class in the command apdu is not supported
ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED);
}i also found this error and i change the package name and applet id.it is not changing.now i got same error.
cm> install -i 6d796170702e617070 -q C9#() 6d797061636b616765 6d796170702e617070
jcshell: Error code: 6985 (Conditions of use not satisfied)
jcshell: Wrong response APDU: 6985
Unexpected error; aborting execution
how can i solve the problem?? -
Simulation using Eclipse plugin for JCOP tools
Dear All,
In search for a simulation environment for java card applet development I tried to use Eclipse plugin for JCOP tools.
The samples which comes with the JCOP tools works fine but when try to debug my applet I receive the error: Wrong Data 6A 80.
Generic JCOP v2.4.1 is selected for Java Card Simulation.
Following is the JCOP Shell screen:
cm- /term "Remote|localhost:8050"
--Opening terminal
/card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
--Waiting for card...
ATR=3B F8 13 00 00 81 31 FE 45 4A 43 4F 50 76 32 34 ;.....1.EJCOPv24
31 B7 1.
IOCTL().
ATR: T=1, FI=1/DI=3 (93clk/etu), N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOPv241"
=> 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
(908058 nsec)
<= 6F 65 84 08 A0 00 00 00 03 00 00 00 A5 59 9F 65 oe...........Y.e
01 FF 9F 6E 06 47 91 92 18 00 00 73 4A 06 07 2A ...n.G.....sJ..*
86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`...*.H..k
02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ....c...*.H..k.d
0B 06 09 2A 86 48 86 FC 6B 04 02 15 65 0B 06 09 ...*.H..k...e...
2B 85 10 86 48 64 02 01 03 66 0C 06 0A 2B 06 01 +...Hd...f...+..
04 01 2A 02 6E 01 02 90 00 ..*.n....
Status: No Error
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> init-update 255
=> 80 50 00 00 08 B1 04 15 2B 41 3F 62 AB 00 .P......+A?b..
(2668 usec)
<= 00 00 F9 02 71 E3 BB AD BD CD FF 02 00 00 3D 02 ....q.........=.
9C 31 C7 89 AD 44 8E 13 17 15 2E 5A 90 00 .1...D.....Z..
Status: No Error
cm> ext-auth plain
=> 84 82 00 00 10 CE 6C DC D2 8C BE 5E 33 EC 58 D0 ......l....^3.X.
57 3A 52 D2 24 W:R.$
(2288 usec)
<= 90 00 ..
Status: No Error
cm> delete -r a00000006203010c04
=> 80 E4 00 80 0B 4F 09 A0 00 00 00 62 03 01 0C 04 .....O.....b....
00 .
(1084 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> upload -d -b 250 "D:\JCOP\eclipse\projects\DigitalTachograph\bin\digitaltachograph\javacard\digitaltachograph.cap"
=> 80 E6 02 00 16 09 A0 00 00 00 62 03 01 0C 04 08 ..........b.....
A0 00 00 00 03 00 00 00 00 00 00 00 ............
(2100 usec)
<= 00 90 00 ...
Status: No Error
=> 80 E8 00 00 FA C4 82 84 42 01 00 25 DE CA FF ED ........B..%....
02 02 04 00 01 09 A0 00 00 00 62 03 01 0C 04 11 ..........b.....
64 69 67 69 74 61 6C 74 61 63 68 6F 67 72 61 70 digitaltachograp
68 02 00 21 00 25 00 21 00 0E 00 29 03 3E 00 CD h..!.%.!...).>..
23 D2 01 BB 04 44 00 00 09 E3 4B E5 00 11 00 05 #....D....K.....
01 A2 04 01 00 04 00 29 04 00 01 07 A0 00 00 00 .......)........
62 00 01 02 01 07 A0 00 00 00 62 01 01 02 01 07 b.........b.....
A0 00 00 00 62 01 02 02 01 07 A0 00 00 00 62 02 ....b.........b.
01 03 00 0E 01 0A A0 00 00 00 62 03 01 0C 04 01 ..........b.....
01 DF 06 00 CD 00 00 00 80 00 00 FF 00 01 00 00 ................
00 01 81 03 13 00 12 07 03 00 00 02 01 03 06 0B ................
8C 81 00 00 00 80 00 0B 00 0B 01 01 00 00 0B F9 ................
00 80 00 11 00 0F 01 01 00 10 0E A9 0D D4 0D F7 ................
0E 07 0E 18 0E 26 0E 35 0E 44 0E 50 0E 72 0E 81 .....&.5.D.P.r..
0E 90 0E 9B 0E F5 11 05 11 1A 11 50 00 80 00 05 ...........P....
00 04 01 04 00 01 13 AF 13 B5 13 BA 14 0C 13 00 ................
(6775 usec)
<= 6A 80 j.
Status: Wrong data
jcshell: Error code: 6a80 (Wrong data)
jcshell: Wrong response APDU: 6A80
Unexpected error; aborting execution
I will be very happy if you can help me. I am desperately in need of a working debugging environment.
Thanks in advance!
Kind regards,
Mehmet* Processes incoming READ_BINARY APDUs. Returns data of the currently
* selected file.
* @param apdu where the offset is carried in header bytes p1 and p2.
* @param le expected length by terminal
* @return length of the response APDU
private short processReadBinary(APDU apdu, boolean protectedApdu, short leUnprotected) {
if (!hasFileSelected()) {
ISOException.throwIt(SW_CONDITIONS_NOT_SATISFIED);
byte[] buffer = apdu.getBuffer();
// retrieve p1p2 from apdu buffer
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short offset = Util.makeShort(p1, p2); // offset encoded in P1/P2, 15 lowest bit
// offset encoded in P1/P2, 15 lowest bit
// check if le != 0 <-- no response expected
if (leUnprotected == 0) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
if (selectedFile == null) {
ISOException.throwIt(ISO7816.SW_FILE_NOT_FOUND);
if ((selectedFile.getAccessConditions() & READ_REQUIRES_SM) == READ_REQUIRES_SM) {
if(!protectedApdu)
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
short fileSize = (short) selectedFile.getFileLength();
// check offset
if (offset >= fileSize) {
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
// check expected length
if ((short) (offset + leUnprotected) > fileSize) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
//ISOException.throwIt(SW_TAMAM);
short bufferOffset = 0;
crypto.setEncryptionStatus(isSelectedFileEncrypted());
if (protectedApdu) {
bufferOffset = crypto.getApduBufferOffsetDT(leUnprotected);
if(isSelectedFileEncrypted())
bufferOffset = crypto.getApduBufferOffset(leUnprotected);
apdu.setOutgoing();
Util.arrayCopyNonAtomic(selectedFile.getData(), offset, buffer, bufferOffset, leUnprotected);
return leUnprotected;
* Processes and UPDATE_BINARY apdu. Writes data in the currently selected
* file.
* @param apdu
* carries the offset where to write date in header bytes p1 and
* p2.
private void processUpdateBinary(APDU apdu, boolean protectedApdu) {
if (!hasFileSelected() || isLocked()) {
ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
if ((selectedFile.getAccessConditions() & DigitalTachograph.UPDATE_ALW) != DigitalTachograph.UPDATE_ALW) {
if ((selectedFile.getAccessConditions() & DigitalTachograph.UPDATE_REQUIRES_SM) != DigitalTachograph.UPDATE_REQUIRES_SM) {
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
return;
}else if(!protectedApdu){
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
byte[] buffer = apdu.getBuffer();
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short offset = Util.makeShort(p1, p2);
short readCount = (short) (buffer[ISO7816.OFFSET_LC] & 0xff);
//if (!protectedApdu){
readCount = apdu.setIncomingAndReceive();
while (readCount > 0) {
selectedFile.writeData(offset, buffer, OFFSET_CDATA, readCount);
offset += readCount;
readCount = apdu.receiveBytes(ISO7816.OFFSET_CDATA);
private short processInternalAuthenticate(APDU apdu , boolean protectedApdu) throws CryptoException {
byte[] buffer = apdu.getBuffer();
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (KID_LENGTH * 2)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
// Check if VU.CHR maches the one of the selected certificate on the card
if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + KID_LENGTH), keyStore.selected_KID, (short) 0, KID_LENGTH) != 0) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, Rnd1, (short) 0, (short) 8) != (short) 8) { // Receive Rnd1
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
// Hash(PRnd2||K1||Rnd1||VU.CHR)
random.generateData(PRnd2, (short) 0, (short) 90);
random.generateData(K1, (short) 0, (short) 16);
crypto.shaDigest.update(PRnd2, (short) 0, (short) 90); // PRnd2
crypto.shaDigest.update(K1, (short) 0, (short) 16); // PRnd2||K1
crypto.shaDigest.doFinal(buffer, OFFSET_CDATA, lc, digest, (short) 0); //Rnd1||VU.CHR
BigNumber mod = new BigNumber((short) 128);
mod.init(keyStore.Card_PubMod, (short) 0, (short) keyStore.Card_PubMod.length, BigNumber.FORMAT_HEX);
mod.subtract(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX);
if (mod.compareTo(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX) == -1) {
mod.toBytes(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX);
// To be added: if the selected private key is considered corrupted, the processing state returned is '6400' or '6581'.
signed[0] = (byte) 0x6A;
Util.arrayCopyNonAtomic(PRnd2, (short) 0, signed, (short) 1, (short) 90);
Util.arrayCopyNonAtomic(K1, (short) 0, signed, (short) 91, (short) 16);
Util.arrayCopyNonAtomic(digest, (short) 0, signed, (short) 107, (short) 20);
signed[127] = (byte) 0xBC;
if (!keyStore.cardPrivateKey.isInitialized()) {
CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
try {
crypto.rsaSigner.init(keyStore.cardPrivateKey, Signature.MODE_SIGN);
crypto.rsaSigner.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (!keyStore.selectedPublicKey.isInitialized()) {
CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
try {
crypto.rsaCipher.init(keyStore.selectedPublicKey, Cipher.MODE_ENCRYPT);
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
apdu.setOutgoing();
Util.arrayCopyNonAtomic(signed, (short) 0, buffer, (short) 0, (short) 128);
return (short) signed.length;
private void processExternalAuthenticate(APDU apdu) {
short equipmentType = 0;
if (keyStore.Selected_Cert != null) {
equipmentType = (short) keyStore.Selected_Cert.CHA[6]; // check equipment type
if (equipmentType != (short) 1 && equipmentType != (short) 2 && equipmentType != (short) 3 && equipmentType != (short) 4 && equipmentType != (short) 6) {
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); // Instead of 6F00 throw a more meaningfull SW in case CHA is not valid.
if (Util.arrayCompare(keyStore.Selected_Cert.CHA, (short) 0, TACHOGRAPH_AID, (short) 0, (short) 6) != 0) {
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
if (p1 != 0 || p2 != 0) {
ISOException.throwIt(SW_WRONG_P1P2);
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (128)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, signed, (short) 0, (short) 128); // receive the cryptogram from the VU
// decrypt the encrypted message with the card private key
try {
crypto.rsaCipher.init(keyStore.cardPrivateKey, Cipher.MODE_DECRYPT);
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
// verify the signature with the VU public key
try {
crypto.rsaCipher.init(keyStore.selectedPublicKey, Signature.MODE_VERIFY); // Cipher.MODE_ENCRYPT
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (signed[0] != (byte) 0x6A || signed[127] != (byte) 0xBC) {
ISOException.throwIt(Util.makeShort(signed[0], signed[127]));
try {
verifyCardCertificates();
Util.arrayCopyNonAtomic(signed, (short) 1, preDigest, (short) 0, (short) 106); // accumulate preDigest
Util.arrayCopyNonAtomic(Rnd3, (short) 0, preDigest, (short) 106, (short) 8); // accumulate preDigest
Util.arrayCopyNonAtomic(keyStore.Card_Cert.CHR, (short) 0, preDigest, (short) 114, (short) 8); // accumulate preDigest
Util.arrayCopyNonAtomic(signed, (short) 91, K2, (short) 0, (short) 16); // receive K2 value
crypto.shaDigest.update(signed, (short) 1, (short) 106); // PRnd4||K2
crypto.shaDigest.update(Rnd3, (short) 0, (short) 8); // Rnd3
crypto.shaDigest.doFinal(keyStore.Card_Cert.CHR, (short) 0, (short) 8, digest, (short) 0); //||Card.CHR
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
if (Util.arrayCompare(signed, (short) 107, digest, (short) 0, (short) 20) != 0) {
ISOException.throwIt(SW_TAMAM);
volatileState[0] |= MUTUAL_AUTHENTICATED;
try {
DTUtil.xor(K1, (short) 0, K2, (short) 0, KaKb, (short) 0, (short) 16);
Util.arrayCopyNonAtomic(Rnd3, (short) 4, SSC, (short) 0, (short) 4); // tail of Rnd3
Util.arrayCopyNonAtomic(Rnd1, (short) 4, SSC, (short) 4, (short) 4); // tail of Rnd1
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
try {
keyStore.setKey_Ka(KaKb, (short) 0);
keyStore.setKey_Kb(KaKb, (short) 8);
keyStore.setSecureMessagingKeys(KaKb, (short) 0, KaKb, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM_DEGIL);
return;
private short returnPreDigest(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(preDigest, (short) 0, buffer, (short) 0, (short) 122);
return (short)preDigest.length;
private short returnDigest(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(digest, (short) 0, buffer, (short) 0, (short) 20);
return (short)digest.length;
private short returnOriginalText(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(signed, (short) 0, buffer, (short) 0, (short) 128);
return (short)signed.length;
private void processVerify(APDU apdu) { // Verify_CHV(Pin_Ws)
byte[] buffer = apdu.getBuffer();
// retrieve the PIN data for validation.
byte byteRead = (byte) (apdu.setIncomingAndReceive());
// the PIN data is read into the APDU buffer
// at the offset ISO7816.OFFSET_CDATA the PIN data length = byteRead
if (pin.check(buffer, ISO7816.OFFSET_CDATA, byteRead) == false) {
ISOException.throwIt(SW_VERIFICATION_FAILED);
return;
private void processPSO(APDU apdu) { // verify certificate
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
short lc = (short) (buffer[ISO7816.OFFSET_LC] & 0xFF);
if (p1 == (byte) 0x00 && p2 == P2_VERIFYCERT) {
if (lc != TACHO_CERT_LENGTH) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
try { // copy the certificate to be verified from APDU buffer to cert object
Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, cert, (short) 0, lc);
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
if (Util.arrayCompare(keyStore.selected_KID, (short) 0, keyStore.ERCA_KID, (short) 0, KID_LENGTH) == 0) {
keyStore.VUCA_Cert.verifyCert(cert, keyStore.selectedPublicKey, keyStore.selected_KID);
} else if (Util.arrayCompare(keyStore.selected_KID, (short) 0, keyStore.VUCA_Cert.CHR, (short) 0, KID_LENGTH) == 0) {
keyStore.VU_Cert.verifyCert(cert, keyStore.selectedPublicKey, keyStore.selected_KID);
} else {
ISOException.throwIt(SW_CERT_VERIFICATION_FAILED); // Selected keyId, with MSE, is neither ERCA_KID nor VUCA_KID
} else {
ISOException.throwIt(SW_CERT_VERIFICATION_FAILED);
return;
private short processGetChallenge(APDU apdu, boolean protectedApdu) {
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
if (p1 != 0 || p2 != 0) {
ISOException.throwIt(SW_WRONG_P1P2);
random.generateData(Rnd3, (short) 0, (short) 8);
short Le = apdu.setOutgoing();
if (Le != (short) 8) {
ISOException.throwIt(SW_WRONG_LENGTH);
Util.arrayCopyNonAtomic(Rnd3, (short) 0, buffer, (short) 0, (short) 8);
return Le;
private void processMSE(APDU apdu) {
byte[] buffer = apdu.getBuffer();
if (buffer[OFFSET_P1] == (byte) 0xC1 && buffer[OFFSET_P2] == P2_DST) {
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (KID_LENGTH + 2)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
if (buffer[OFFSET_CDATA] != (byte) 0x83) {//check the tag of the data
ISOException.throwIt(SW_SECURE_MESSAGING_DATA_OBJECTS_MISSING);
} else if (buffer[OFFSET_CDATA + 1] != (byte) 0x08) {
ISOException.throwIt(SW_INCORRECT_DATA_OBJECT); // check if the key is already selected one
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.selected_KID, (short) 0, KID_LENGTH) != 0) {
if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.ERCA_KID, (short) 0, KID_LENGTH) == 0) {// KID is EUR_KID
keyStore.selected_KID = keyStore.ERCA_KID;
keyStore.selectedPublicKey = keyStore.eurPublicKey;
keyStore.Selected_Cert = null; // ERCA public key is selected
return;
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.VUCA_Cert.CHR, (short) 0, KID_LENGTH) == 0) {// KID is MSCA_KID
keyStore.Selected_Cert = keyStore.VUCA_Cert;
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.VU_Cert.CHR, (short) 0, KID_LENGTH) == 0) { // KID is VU_KID
keyStore.Selected_Cert = keyStore.VU_Cert;
} else {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
}// KID not found
keyStore.selectedPublicKey = keyStore.Selected_Cert.publicKey;
keyStore.selected_KID = keyStore.Selected_Cert.CHR;
} else { // if the KID is already set, just return
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
private void processSelectFile(APDU apdu) {
byte[] buffer = apdu.getBuffer();
short lc = (short) (buffer[OFFSET_LC] & 0x00FF);
// retrieve p1p2 from apdu buffer
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short p1p2 = Util.makeShort(p1, p2);
apdu.setIncomingAndReceive();
if (p1 == 4) {
if (lc == (short) TACHO_AID_LENGTH) {
if (Util.arrayCompare(buffer, (short) OFFSET_CDATA, TACHOGRAPH_AID, (short) 0, (short) TACHO_AID_LENGTH) == 0) {
selectedFile = fileSystem.getDT();
fileSystem.selectDT();
volatileState[0] |= FILE_SELECTED;
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
} else if (lc != 2) {
ISOException.throwIt(SW_WRONG_LENGTH);
short fid = Util.getShort(buffer, OFFSET_CDATA);
if (fileSystem.getFile(fid) != null) {
selectedFile = fileSystem.getDT();
fileSystem.selectDT();
volatileState[0] |= FILE_SELECTED;
return;
} else if (p1 == 2) {
if (lc != 2) {
ISOException.throwIt(SW_WRONG_LENGTH);
short fid = Util.getShort(buffer, OFFSET_CDATA);
if (fileSystem.getFile(fid) != null) {
selectedFile = fileSystem.getFile(fid);
volatileState[0] |= FILE_SELECTED;
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
setNoFileSelected();
ISOException.throwIt(ISO7816.SW_FILE_NOT_FOUND);
public static void setNoFileSelected() {
if (hasFileSelected()) {
volatileState[0] ^= FILE_SELECTED;
public static boolean hasFileSelected() {
return (volatileState[0] & FILE_SELECTED) == FILE_SELECTED;
public static boolean hasMutuallyAuthenticated() {
return (volatileState[0] & MUTUAL_AUTHENTICATED) == MUTUAL_AUTHENTICATED;
static boolean isLocked() {
return (persistentState & LOCKED) == LOCKED;
public boolean isSelectedFileEncrypted() {
return ((selectedFile.getAccessConditions() & DigitalTachograph.ENCRYPTED) == DigitalTachograph.ENCRYPTED);
} -
How to use DAQ as a soundcard under linux
Hi,
My goal is to use a pci-4461 as a high accuracy replacement for a soundcard in a linux environment. The programming language should be C.
I have already looked at the examples that come with the linux driver but my problem is how to exchange the audio data with other applications in real time.
My other application is a softphone for IP-telephony that normally uses the /dev/dsp device under linux to exchange sound with the soundcard. (This can be changed to another device from within the softphone). Now, I want the softphone to read from and write to the DAQ instead of the soundcard. So the DAQ should be configured for continous analog input and output and give the data to the softphone in real time.
Do you have any ideas how to do that with the nidaq-C-functions?
Thank you for your help
FabianThis example might help:
http://sine.ni.com/apps/we/niepd_web_display.display_epd4?p_guid=EE91CE2098BB42C1E0340003BA230ECF&p_... -
Too many resources used under Linux
I have tested sun jvm under linux red-dat 6.2
and 7.1 (listed by Sun as official platform supported)
The JVM I test was from 1.3.0 to the 1.4.1
I have written a simple application server that
runs java application starting a new JVM.
When the java application runs (with the -server or
-hotspot option) I see that 10 java process are
istantiated. (10 JVM)
This is a real problem because for 4 users that runs 4
applications there are 40 JVM running
(each one allocates about 20 Mb of memory)
and the system became very slow.
With the -classic option the situation is better: only 1 JVM
for application is started, (the application is the same, I
have change only the -server option with -classic)
but JVM seems to be less stable: I have a lot of segmentation
fault errors. (with core dump)
With the new distribution of Sun JVM (1.4.1) the -classic option
is no longer supported.
Does anyone knows if is there a way to have only one JVM
for application? (-classic does not works well)
Is there others JVM for linux more stable instead of the Sun one?
PS: I have tested the same code under win/2000 using JVM 1.3.1_03
and the -classic option. All goes well (the same application):
I haver only 1 thread for application without jvm runtime error.
Now my doubt is: does Sun belive in the Linux Word?
JVM for Windows is much more stable!!!
Thank you in advanced and best regards.I am assuming that you believe that there are 10 processes because that is what ps shows. However on Linux, each thread in a java program shows up in ps as a separate process. The memory for each "ps process" corresponding to a java thread is shared among all the threads of the JVM. Therefore if you see 10 processes with 20MB each you are not using 200MB, just 20.
If you are running 4 JVMs then you would be using 40MB not 800 as shown in ps.
I think Sun's JVM for linux is quite good (as I use it every day). If you need to run so many JVMs you should invest in more memory.
BTW, How much memory is installed in your system?
Maybe you are looking for
-
How do I download the solution center to my HP Touchsmart 310 pc
I have a HP Touchsmart 310 PC with the Windows 7 operating system. Back in January I started having trouble logging in on my page. I was the only admin on the pc, so I could not access certain information or make any changes to the computer. I fin
-
AirPlay Amazon instant video works very poorly
Whenever I try to AirPlay Amazon to my AppleTV, it works for crap. Buffering, freezing, bombing out, inability to skip forward without it taking more time than if you had just let it play in real time. If I use my iPad the video will start fine and
-
How to delete parameter which is not in any of the profile
Hi Gurus, SAP has asked us to delete following parameters: - vmcj/option/gc/sharedWaterMark - vmcj/option/percentageSharedClasses - vmcj/option/percentageCopyOnlySC I DO NOT see any of the above mentioned parameters in any of the profiles, but when I
-
Hello, I do not had too much time to dive in the problem yet, but here it is: I've installed arch on virtualbox, I use netcfg ( I will have multiple interfaces soon, that was the reason ). Netcfg worked for me on several machines. By now, if I use ne
-
Changes in Signature text not carried forward to the next server
Hi All, I changed the Signature TExt in Global Server. I need to transport this to development server.3 After moving the transport, no chagnes are updated in development. I moved the transport 3 times. Please help me in solving this problem.