GlobalPlatform Library & GPShell documentation now online

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

GlobalPlatform Library & GPShell documentation now online

Karsten Ohme
Hi,

I have created a Wiki for the GlobalPlatform Library and GPShell. Also a
nice intro to the GlobalPlatform card specification is given:

http://globalplatform.sourceforge.net/

Best Regards,
Karsten
_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Andreas Jellinghaus-2
Am Freitag 25 März 2011, um 03:40:21 schrieb Karsten Ohme:
> Hi,
>
> I have created a Wiki for the GlobalPlatform Library and GPShell. Also a
> nice intro to the GlobalPlatform card specification is given:
>
> http://globalplatform.sourceforge.net/

nice, thanks!

There are two issues that I find interesting, but I'm not sure
if you want to put information about these in the wiki:
a) where can people get javacard cards at reasonable price?
b) what about the standards of the javacards, e.g. JCOP?
   as far as I know there is some functionality you can't access
   once you get the finished card (e.g. change ATR, UID etc.).
   IIRC the documentation is closed under NDA, but if anyone
   found a copy available on the net, that would be interesting...

Regards, Andreas

_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Martin Paljak-4
Hello,

On Mar 25, 2011, at 08:25 , Andreas Jellinghaus wrote:
> There are two issues that I find interesting, but I'm not sure
> if you want to put information about these in the wiki:
> a) where can people get javacard cards at reasonable price?
I used to buy a bunch of Oberthur Cosmos V7 cards from smartcardfocus.com [1] but they seem to be unavailable at the moment.
cryptoshop.com seem to sell JCOP 41 v2.3.1 cards but I've not ordered from them before (should try though).

There are probably other sources as well, if you find them, OpenSC FAQ has an entry "Where can I buy smart cards?"  [2]

Why shouldn't this information be in a wiki?

> b) what about the standards of the javacards, e.g. JCOP?
>   as far as I know there is some functionality you can't access
>   once you get the finished card (e.g. change ATR, UID etc.).
>   IIRC the documentation is closed under NDA, but if anyone
>   found a copy available on the net, that would be interesting...
JCOP is not a standard, it is an implementation of a JavaCard platform by IBM / NXP. There are other vendors as well.

JavaCard specs as well as GlobalPlatform specs and API-s are freely available. Both can be downloaded as .zip files but extracted versions are also available from google:

http://www.win.tue.nl/pinpasjc/docs/apis/jc222/
http://www.win.tue.nl/pinpasjc/docs/apis/gp211/

[1] http://www.smartcardfocus.com/shop/ilp/id~407/Cosmo_V7_128K/p/index.shtml
[2] http://www.opensc-project.org/opensc/wiki/FrequentlyAskedQuestions#Q:WherecanIbuysmartcards





_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Sébastien Lorquet
In reply to this post by Andreas Jellinghaus-2


There are two issues that I find interesting, but I'm not sure
if you want to put information about these in the wiki:
a) where can people get javacard cards at reasonable price?
b) what about the standards of the javacards, e.g. JCOP?
  as far as I know there is some functionality you can't access
  once you get the finished card (e.g. change ATR, UID etc.).
  IIRC the documentation is closed under NDA, but if anyone
  found a copy available on the net, that would be interesting...

You're talking about not initialized cards. First, it's near impossible to find cards in this state, so the doc would be useless, and second, the commands available in these modes are generally secret and not even available with NDAs outside the manufacturer. In these initialization states, cards are not javacards yet, they are totally proprietary objects, as you might already know.

Aditionnaly, please avoid talking about "JCOP" when referring to Java Card, JCOP is a (not so good for all applications) NXP product, and fortunately, there are bunch of other manufacturers and cards, such as the Oberthur Cosmo, the Gemalto GXP/GCX and some others at G&D, for example.

All of these cards follow a single standard, namely Java Card.

Sebastien

_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Karsten Ohme
In reply to this post by Andreas Jellinghaus-2
Hi Andreas,

A link to the JavaCard resources might be helpful. I have integrated one
on the Main Page and under GPShell
(https://sourceforge.net/apps/mediawiki/globalplatform/index.php?title=GPShell).


It might be a nice idea to offer also some special pages for the
JavaCard topic. But because this might become a big topic I have only
included links to the Oracle page for now.

For buying cards I would rather not mention special web shops. This
would be not fair for some merchants. Under the GPShell documentation
some tested cards are listed, so a search for some of these cards will
find some shops selling cards. Maybe the compatible cards should be
moved to an own section to get a better overview.

If somebody wants to edit some content I can give edit rights.

BR,
Karsten

Am 25.03.2011 07:25, schrieb Andreas Jellinghaus:

> Am Freitag 25 März 2011, um 03:40:21 schrieb Karsten Ohme:
>> Hi,
>>
>> I have created a Wiki for the GlobalPlatform Library and GPShell. Also a
>> nice intro to the GlobalPlatform card specification is given:
>>
>> http://globalplatform.sourceforge.net/
> nice, thanks!
>
> There are two issues that I find interesting, but I'm not sure
> if you want to put information about these in the wiki:
> a) where can people get javacard cards at reasonable price?
> b) what about the standards of the javacards, e.g. JCOP?
>    as far as I know there is some functionality you can't access
>    once you get the finished card (e.g. change ATR, UID etc.).
>    IIRC the documentation is closed under NDA, but if anyone
>    found a copy available on the net, that would be interesting...
>
> Regards, Andreas
>
> _______________________________________________
> Muscle mailing list
> [hidden email]
> http://lists.drizzle.com/mailman/listinfo/muscle
>

_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Andreas Jellinghaus-2
In reply to this post by Sébastien Lorquet
Am Freitag 25 März 2011, um 11:00:01 schrieb Sébastien Lorquet:
> You're talking about not initialized cards. First, it's near impossible to
> find cards in this state, so the doc would be useless, and second, the
> commands available in these modes are generally secret and not even
> available with NDAs outside the manufacturer. In these initialization
> states, cards are not javacards yet, they are totally proprietary objects,
> as you might already know.

Hu? I thought at least every card personalisation company gets those from NXP
and can initialize them in any way their customer wants.

> Aditionnaly, please avoid talking about "JCOP" when referring to Java Card,
> JCOP is a (not so good for all applications) NXP product, and fortunately,
> there are bunch of other manufacturers and cards, such as the Oberthur
> Cosmo, the Gemalto GXP/GCX and some others at G&D, for example.

And is any such card sold in a state where you can influence the basic
settings such as atr or real-uid vs. random uid etc? And sold in quantities
like one, two or three cards (for testing)? At reasonable prices?

Regards, Andreas

_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Michael StJohns-2
At 12:46 PM 3/25/2011, Andreas Jellinghaus wrote:
>And is any such card sold in a state where you can influence the basic
>settings such as atr or real-uid vs. random uid etc? And sold in quantities
>like one, two or three cards (for testing)? At reasonable prices?

The ATR - at least the historical bytes - can be changed by any applet with a specific global platform privilege.  In general, you don't want to twiddle with the non-historical bytes as they describe fairly low level behavior of the card protocol.   For the UID - which one?   There are several.  The easiest one(s) to get access to and twiddle tend to be the global platform GetData objects at 0042 and 0045.  Figuring out how to set them can be a chore, but  - hint - look at Data Grouping Identifier (DGI) 0070.  Of course these objects require having the card's ISD keyset keys.

Mike


_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Michael StJohns-2
In reply to this post by Andreas Jellinghaus-2
At 12:46 PM 3/25/2011, Andreas Jellinghaus wrote:
>And is any such card sold in a state where you can influence the basic
>settings such as atr or real-uid vs. random uid etc? And sold in quantities
>like one, two or three cards (for testing)? At reasonable prices?

The ATR - at least the historical bytes - can be changed by any applet with a specific global platform privilege.  In general, you don't want to twiddle with the non-historical bytes as they describe fairly low level behavior of the card protocol.   For the UID - which one?   There are several.  The easiest one(s) to get access to and twiddle tend to be the global platform GetData objects at 0042 and 0045.  Figuring out how to set them can be a chore, but  - hint - look at Data Grouping Identifier (DGI) 0070.  Of course these objects require having the card's ISD keyset keys.

Mike


_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Michael StJohns-2
In reply to this post by Sébastien Lorquet
At 06:00 AM 3/25/2011, Sébastien Lorquet wrote:


>You're talking about not initialized cards. First, it's near impossible to find cards in this state,

If you buy them in enough quantity, say north of 1000 then its is possible to buy them from the manufacturer.  Generally the form you get them in is "module" - e.g. no card body, just the thing that goes in the card.

>so the doc would be useless, and second, the commands available in these modes are generally secret and not even available with NDAs outside the manufacturer.

I've only dealt with one manufacturer where I needed this level of detail and it was readily available under NDA. I would assume that if I needed to configure the card at the base level (e.g. set the protocols T=1 and SCP02 or 03 etc) I could get the information from other manufacturers if I ordered enough in quantity and I was prepared to do all the card assembly gorp.  A better way is generally to find a company that's already set up to do this and work through them.

> In these initialization states, cards are not javacards yet, they are totally proprietary objects, as you might already know.

Actually they *are* javacards, just with a whole lot more switches and levers. And the ability to add native code (think being able to add the bignum library and expose it at the javacard level).


>Aditionnaly, please avoid talking about "JCOP" when referring to Java Card, JCOP is a (not so good for all applications) NXP product, and fortunately, there are bunch of other manufacturers and cards, such as the Oberthur Cosmo, the Gemalto GXP/GCX and some others at G&D, for example.


For better or worse, the JCOP cards seem to be more available in small quantity purchases than most of the other smart cards.  The only other ones I can generally find in small quantities are the Aladdin eToken cards and those have at times required you to purchase the middleware along with the card on the retail sites I've found.

Mike



>All of these cards follow a single standard, namely Java Card.
>
>Sebastien
>_______________________________________________
>Muscle mailing list
>[hidden email]
>http://lists.drizzle.com/mailman/listinfo/muscle



_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Michael StJohns-2
In reply to this post by Sébastien Lorquet
At 06:00 AM 3/25/2011, Sébastien Lorquet wrote:


>You're talking about not initialized cards. First, it's near impossible to find cards in this state,

If you buy them in enough quantity, say north of 1000 then its is possible to buy them from the manufacturer.  Generally the form you get them in is "module" - e.g. no card body, just the thing that goes in the card.

>so the doc would be useless, and second, the commands available in these modes are generally secret and not even available with NDAs outside the manufacturer.

I've only dealt with one manufacturer where I needed this level of detail and it was readily available under NDA. I would assume that if I needed to configure the card at the base level (e.g. set the protocols T=1 and SCP02 or 03 etc) I could get the information from other manufacturers if I ordered enough in quantity and I was prepared to do all the card assembly gorp.  A better way is generally to find a company that's already set up to do this and work through them.

> In these initialization states, cards are not javacards yet, they are totally proprietary objects, as you might already know.

Actually they *are* javacards, just with a whole lot more switches and levers. And the ability to add native code (think being able to add the bignum library and expose it at the javacard level).


>Aditionnaly, please avoid talking about "JCOP" when referring to Java Card, JCOP is a (not so good for all applications) NXP product, and fortunately, there are bunch of other manufacturers and cards, such as the Oberthur Cosmo, the Gemalto GXP/GCX and some others at G&D, for example.


For better or worse, the JCOP cards seem to be more available in small quantity purchases than most of the other smart cards.  The only other ones I can generally find in small quantities are the Aladdin eToken cards and those have at times required you to purchase the middleware along with the card on the retail sites I've found.

Mike



>All of these cards follow a single standard, namely Java Card.
>
>Sebastien
>_______________________________________________
>Muscle mailing list
>[hidden email]
>http://lists.drizzle.com/mailman/listinfo/muscle



_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Michael StJohns-2
In reply to this post by Karsten Ohme
At 09:33 AM 3/25/2011, Karsten Ohme wrote:
>For buying cards I would rather not mention special web shops. This
>would be not fair for some merchants


I'd actually like to second the request.  And provide a link for web shops to submit information (specific link to order card type N).  As long as you even handed about adding the information, I wouldn't think that a fairness issue would arrive.

Mike




_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Michael StJohns-2
In reply to this post by Karsten Ohme
At 09:33 AM 3/25/2011, Karsten Ohme wrote:
>For buying cards I would rather not mention special web shops. This
>would be not fair for some merchants


I'd actually like to second the request.  And provide a link for web shops to submit information (specific link to order card type N).  As long as you even handed about adding the information, I wouldn't think that a fairness issue would arrive.

Mike




_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle
Reply | Threaded
Open this post in threaded view
|

Re: GlobalPlatform Library & GPShell documentation now online

Karsten Ohme
In reply to this post by Michael StJohns-2
Hi,

OK, but I'm not so familiar with the Shops-To-Know for buying cards. I
would just google for a certain card type + shop. I could take the 4
links from the OpenSC page. If anyone can contribute information this
would be great. I will create a Shop page. If somebody wants to edit the
Wiki I can give edit rights. Or send his known shop to my private mail
address.

Also a more verbose compatibility list would be nice to have.

Karsten

Am 25.03.2011 18:16, schrieb Michael StJohns:

> At 09:33 AM 3/25/2011, Karsten Ohme wrote:
>> For buying cards I would rather not mention special web shops. This
>> would be not fair for some merchants
>
>
> I'd actually like to second the request.  And provide a link for web shops to submit information (specific link to order card type N).  As long as you even handed about adding the information, I wouldn't think that a fairness issue would arrive.
>
> Mike
>
>
>
>
> _______________________________________________
> Muscle mailing list
> [hidden email]
> http://lists.drizzle.com/mailman/listinfo/muscle
>

_______________________________________________
Muscle mailing list
[hidden email]
http://lists.drizzle.com/mailman/listinfo/muscle