 During the whole session, I believe, because the plan is to have it a hands-on, so... No, no. We will see how fast we will be actually able to go and... Then it's great, because we have done enough readers and guides. Chair? No? No, you're speaker. Is that chair? Chair? Chair? Chair. Hey, chair. Um, remind or encourage folks, lightning talks, sign up for tomorrow's lightning talks. De-section as a sign-up sheet, and you can vote as well for those which were already signed up. And... That's it. Yeah. Okay, so good afternoon. Uh, I would just... Okay, so plan for today is to show you how we can program Java cards, which are the smart cards, where you can write the programs that run directly inside that card, which has a lot of advantages, especially from the security point of view, because then what you can achieve is that your application that is written by you can have all these features like authentication and stuff like that inside, runs inside the card. You can even open the secure channel from your remote server to the application running inside the card. No middleware in between. You can open the secure channel in between. So, uh, we are free here. I will be mostly talking till and Martin will help you to set up the stuff. We have a bunch of readers here and a bunch of cards here. So we plan to have this as a hands-on. So, first of all, some outline. And in between, guys will distribute the stuff and you can play with it. So, uh, I will provide you with some quick introduction to the smart cards. So what the smart card can do. If you can already. Okay, yeah, yeah. Whoever is done can play. Uh, okay. Uh, so, good thing is to visit, uh, okay, the bank. Okay, I will return here. Yeah, just visit to this page. Uh, and, uh, we put links there so you can start downloading. Uh, it should be quite easy. Yeah, we put this slide here so you can actually run, uh, as fast as you wish. That's a first thing. Second thing, uh, you will need just, uh, two, uh, projects downloaded from GitHub, which are made by, uh, Martin, uh, very nice to once. And then the assumption is that you have, uh, uh, Java, uh, completion environment set up. Yeah. So, uh, this and, uh, the slides are also here, but the link is, uh, available from the, the pet. Okay. Good. So just one question that who has prior experience, who is a Java developer? Like for us, I'm a Java developer. Uh, well, that's enough. That's enough. But the, the other question is, uh, are here any, uh, like embedded soft developers who is doing microchip, something, no? Okay. It's just to get the idea of what's relevant. Okay. Uh, basic introduction with the cards nowadays can do. Uh, then, uh, the development tools. Uh, it used to be pain to develop for smart cards, but nowadays we have open source and so everything can be done, uh, nicely. Uh, there is still some pain, but, uh, it's way better. Uh, then the plan is that you will create your own applet, the application that runs directly on the card. Uh, and then we will use, uh, also some existing applications you can use for NDEV structures, OTP, uh, BGP. Uh, let's see how far we can get with respect to, uh, timeframe we have. Okay. So the plan is also that you will play with your, uh, mobile phones and, and test what you have on your, uh, cards. And then some practical tips for the development because, uh, it's usually focused. So you should, uh, take care to produce the application, which is also, uh, uh, up to some standards and also the performance tips. Okay. So, so basic intro, uh, smart cards are nowadays quite powerful devices. Uh, it's like, uh, uh, eight, usually 16, sometimes 32 bit processor inside running with a tens of megahertz, uh, internal clock. Uh, there is a persistent memory, which you can use to store the data when the card is unplugged from the reader, because one important thing is most of the cards don't have its own battery or something like that. They don't have the own source of power. So if you will remove the card from the reader, then the card lost the power and can't compute anymore. So there is a persistent memory, which you can use to store the data between these, uh, transitions. Uh, then there is a RAM memory, which is a very precious resource. Uh, it's very limited. Usually it's way less than 10 kilobytes, usually less than five kilobytes. And this is something that is quite often a real bottleneck in applications. And, uh, of course it's used for security. So you have a truly random number generator, very nice random numbers coming out of it usually. And, uh, cryptographical processor because, uh, the main processor here is reasonably powerful, but can't compute stuff like RSA quickly or ECC, uh, crypto, asymmetric crypto quickly. So for that, there are dedicated, uh, circuits that can compute this, uh, quite fast. Uh, the main advantage, uh, for program on Java cards, there are many types of the cards. You can have a very dumb card that can just emit, uh, the string, the ID and it can't be changed. Just, but we will talk about the smart cards, which you can program. You can write big, relatively big, uh, application running inside this card. Yeah. And, uh, one platform for that is Java card. There are others like, uh, Multos, uh, platform where you can also write, uh, your own applications, but we will focus on, uh, Java cards. It's relatively easy to develop the applet. You should be able to get one, uh, during the next hour. And, uh, this applet will then run in a physically secured environment, way more secure than, uh, the ordinary laptop is. Okay. So even if your laptop is compromised, the application running inside, uh, should stay safe. And even if the other has physical access to the device, uh, so even if we'll try to peel off some layers and so on. Uh, we will focus on, uh, versions Java card, uh, two dot something and three dot something classic edition. There are more, uh, versions available, but these are, uh, the ones we will focus on. Uh, quite common, uh, issue is that if you will get a card like that, you don't know what is actually supported on that card. Uh, for that, uh, we maintain the database. Nowadays there are more than 60 cards, uh, inside provided by either us or people from around the world. Uh, we basically scan all supported algorithms on the card and then we publish it. So, so if you are interested, just visit the JCL test org, uh, project and, uh, get the, uh, that the, uh, idea there. So what do you can, uh, commonly find on the cards? Uh, there is a truly random number data generator. It's quite fast. Generates the data from the physical characteristics. So this should be a really full entropy source. Nice one. Uh, then, uh, from the symmetric crypto, usually triple this is there and AS, uh, be prepared for the situation that, uh, the cars are usually like five years behind the mainstream. Uh, uh, usually because you can just quickly quote a new algorithm there. You need to come up with a dedicated circuit that will implement new crypto. Okay. So it's usually a few years behind, uh, uh, hashing function nowadays. Uh, it's common to have SH two, uh, RSA up to two K it's, it's very common for K cards. Yes, they are available, but, uh, uh, but, uh, uh, not that often. ECC once again, uh, nowadays, uh, 256 is common. Uh, then you have some, uh, algorithms like difficult one key exchange and so on. So everything runs relatively fast. Uh, and then you have this custom environment where you can program your stuff. You can use these basic building blocks to build your application. Uh, typical performance, uh, differs between the cards. Uh, but basically you can say that, uh, stuff like generating random numbers, uh, performing symmetric crypto like AS, it's in a millisecond range. Tense of milliseconds is for the data transmission from the card and to the card. Hundreds of milliseconds of symmetric operations like RSA signatures or ECC, uh, operation, uh, and, uh, some, uh, operations can take even seconds like generate me a new RSA key pair. This will take, uh, uh, more than, uh, more than a second usually. Uh, uh, be prepared that, uh, one, uh, logical operation from your point of view, like encrypt this data can consist from multiple separate operations like prepare engine, prepare key, then prepare encryption engine, then use encryption engine and then send the data out. For example. Okay. So, so the actual time can be big, higher. Uh, okay. So quickly just to, to give you some view into environment in which we are operating. Um, that's the laptop. That's the card. And then we have, uh, some connection either, uh, contact interface or contact class interface. And so contact interface, uh, you can easily recognize this, this metallic, uh, contacts. This is the reader. Readers you all have. Yeah. Yeah. All your readers are contact. Uh, this one, for example, is contact class. Okay. So even the card, which has no metallic contacts, uh, works with that. Uh, and, uh, sometimes you have the card with a dual interface, which means, uh, the chip itself can be accessed either with a contact or with a contact class interface as well. Uh, usually what you are used to, uh, are the application at the top layer. You are probably using something like a PC and GPG can work with the smart cards. Uh, and, uh, GPG can, uh, talk to the smart card, but there are some intermediate layers in between. Uh, another option is that, uh, application running on the PC is using the card while some library. Okay. I will show you these libraries or you can write your own custom application, uh, to talk to the card. Okay. These libraries, it can be something like pkcs11 where this is the library which gives you some reasonably nice interface for cryptographic operations and, uh, in, inside it's trans, uh, translate these calls like encrypt the data into, uh, the series of packets that are sent to the card. Uh, then, uh, the operating system is giving you some, uh, stacks, uh, piece. Uh, there are, um, uh, there are, uh, Windows PC SC interface which was later ported to, uh, to the Linux. And top of that you have some programming interfaces. Yeah. So, so usually you are either writing the, uh, your application at top of CC++ library or Java library or Python. These, these are available nowadays quite easily. Uh, then you have the readers which are either contact or contactless and based on that, uh, you are transmitting the, uh, data to the smart card and then you have the smart card which can come up in different flavors based on the environment, uh, the, uh, smart card is, uh, is, uh, or the platform you are programming at. We will focus on Java card but there are other, uh, platforms. And then you are writing the applications, uh, the application can either have completely proprietary interface as you wish or you will adhere to some, uh, defined interface. Like you can write your own application which will, uh, be valid with respect to specification of electronic passport. And then all electronic passport readers will be able to talk to your application. Okay. So you can write your own custom electronic passport or EMV card. Yeah. Or you can go other way. You will create, uh, application that will have a custom interface and then of course you need to write a custom application that will talk to that, uh, application on that card. Uh, here the communication on the line, uh, is, uh, is, uh, performed via APDU packets. Uh, APDU packets are very, very simple packets. You can write headers and that, then the data. Okay. In header, you can read what should be done with the data and then there are data. Okay. Usually the whole packet is like, uh, 255, uh, bytes, something like that. So let's move towards the development and, uh, I will use this notation just to separate visually what is going on, on the PC, on the laptop and what is going on inside the card. So, so you can, uh, clearly see that. Uh, so first, uh, before you will write the first upload, you should understand that, uh, it's named Java card but it's not full blown Java. It's not something that you can just take your, uh, big Java application with full of packages and just load it there. Okay. On the other side, uh, the Java card application is compiled with regular Java compiler. Okay. So, so in a core, it's still Java but there are limitations. So first of all, there are nothing like threads, uh, all these, uh, Java packages, uh, you can't use this. On the other side, you have dedicated packages for crypto operations because quite often you are using this for security reasons and you like to have, uh, uh, packages that allows you to, uh, encrypt something or sign something. Uh, and then there are some, uh, utility functions that allows you to quickly, uh, copy something from one array into another one and stuff like that. Uh, there is a limited type system. Uh, usually because the underlying, uh, hardware is something like 16 bits, uh, then, uh, usually you are usually limited just to shorts. Okay. With respect to type, you don't have ints. Some card supports also integers but usually you are limited to ints. Uh, definitely there are no floats or strings. Nothing like that. Okay. With, uh, shorts, uh, it's, uh, a lot of fun with that. Uh, with, uh, real, uh, applet, uh, you will see a lot of typecast to short. And the reason is with a regular Java, if, uh, there are additional two operands, you will end up with the integers, right? But this is even if the original operands are short. Uh, but, uh, Java card can't handle or most Java cards can't handle shorts, so integers, uh, and therefore you need to typecast. So, so you will see a lot of typecast. Don't be confused by that. And that's, that's, uh, the basic, uh, uh, basic applet we will, uh, work on. Uh, basically what you can see that, uh, you are importing, uh, dedicated package, which is not in regular Java. So in our case, Java card framework. Uh, then you are sub-classing, uh, applet. Yeah, and the applet is, uh, from the framework. Uh, and then you, sorry? Not the applets you have in the browser. Yeah. Nothing to do with this. Uh, so we are sub-classing this one. Uh, and then you have, uh, uh, constructor. You have a special method called install, from which you are just creating the instance of this object. Okay. So, uh, our class is named hello world and we have a pointer here. Yeah. So our class is named hello world. There is a dedicated install method. We are creating an instance inside this constructor. You are really performing all locations. I will talk about that later. Uh, then there is a select method. The select method is the method which is called every time someone wants to work with your application. Okay. So, because these cards are nice in also in a sense that you can have multiple applications running together on the same card. Uh, and therefore you need to have some way how to say now I like to talk to application one. Okay. And during this saying I like to talk the application one, the select method is called. Uh, either you can leave it like this. Okay. So just, just yes, I like to be selected. Or you can perform some cleanup. Uh, so you can perform some security cleanup like removing, uh, session keys from the previous session and so on. Okay. Because quite often the select method is called after someone removed the card from the reader previously. And then later just put it back. Okay. When the card is removed from the reader, this means it lost power. And maybe there was not enough time to erase all session keys and so on. Okay. So the select method is quite often used for that. And then there is one important method called process. And that's the method that will then get all incoming packets designed to, uh, land for your application. Okay. So, so here you are getting the, you are getting all incoming packets. Uh, these packets are in the form of APDU class. And from that you will just get the buffer. And if you can recall the buffer is just five by header and then the data. Okay. Very, very, uh, simple. So this is, uh, uh, this is, uh, this was the basic applet. So how the development with that, how, how you can compile it, how you can upload it to the card and so on. So first it will start with, uh, implementation of, uh, the applet. You will extend the Java card framework applet stuff. Uh, then you will compile and you will compile with a regular Java compiler. Uh, so, so it's really the Java application. Okay. And you will end up with, uh, class files. Then there is a dedicated, uh, converter which will take these class files and convert it into, uh, Java card, uh, Java card files. Okay. Usually you will end up with, uh, cap files and with the chart files. And this, this is, uh, uh, I don't know if there are more than, uh, uh, one, uh, converter. If, uh, the, the oracle is, uh, producing one converter or original son, but maybe there are other converters as well. Uh, uh, then you have application that can be uploaded to the smart card. Okay. And, uh, for that you have dedicated applications, uh, widely used, uh, Google platform pro by Martin and a GP shell. That's another one. Using this, you can upload the application to the card and you can also install it on that card. Upload basically means trans, uh, transferring the, the binary there and installing means running it. Okay. Uh, and then it's on the card. Obviously you like to use it depending on what environment you are using. Uh, if you are using Java then you are using this smart card I, uh, package. And then you are talking to the application sending the data for signatures, something like that. Okay. Uh, important thing, application running model. Uh, recall that the smart card can be removed from the reader, which means loss of power and which means stop of the operation. Uh, once you will upload something on the card and install it, this means that the application is now running. Okay. And it's running until you will explicitly remove this application from the card. Okay. So it's in some sense running even if it's removed from the reader and has no power. Obviously it's not running at that time, but logically it's still there, it's still running. It's not like I'm resetting the computer and then I used to run the Java application again. Okay. With the Java card, install means start of the application, it can be suspended because of the loss of power. But then, uh, then you are, uh, when you are giving the card back to the reader, it's resumed and you can continue. Okay. So, so it's actually like continuing the run from like the CPU cycle that it stopped when you exactly, exactly. Uh, but there is a catch. Uh, you have two types of memory, persistent and run. And the persistent, of course, is kept. Run is cleared. Okay. So it's not like uninterrupted run, but, uh, in some sense, it's still running. So let's start. Let's start with the real work. So you all probably have the reader and, uh, card at the moment, which is good. You have, uh, uh, uh, uh, uh, uh, uh, a card reader. So you will use the contact interface to program the card, but then you can remove the card and use your mobile phone if there is an FC to, to communicate with the card further. Okay. Um, then, uh, Java SDK, you need it because you are using ordinary Java, uh, compiler and, and aunt. Yeah. Uh, then, uh, uh, uh, uh, then again, out of, uh, existing projects around the GitHub, uh, which produced, uh, in past, uh, some applications running on the cards. What you can find there, you can find one-time password, uh, uh, uh, application that are doing the, uh, either time-based or H-based, uh, uh, uh, OTPs, uh, uh, uh, uh, even a bit. Uh, uh, or Bitcoin, uh, Bitcoin stuff for storing your private key for the Bitcoin address and so on. And then we need something that allows us to upload the stuff to a smart card. Okay. The Applet Playground is not just a bunch of source code. It's bundled together for easy compilations of this source code. So if you will download this and then type get all these applets compiled, converted, and ready for upload, okay? And we will extend this applet playground structure to add our own very simple applet. And the global platform pro uploader is the tool that will then take the binary from your computer and transfer it to the card. So let's start. So how many of you already have the applet playground at laptop, please raise your hand. You can find it from the, if you give a sticker, it's a Java app, it's a website, basically. We find a link to that playground. And it's an Eclipse project, so you can also import it into Eclipse for easy editing. So just run ant, just run ant, or you can type doys as a target. And at the end, you should be served with a bunch of CAP files. CAP files are converted applications for Java card. So you can see that there are a bunch of different applets available. Does it work? You should also see a large number of warnings. This is not a Martin's fault. This is because these original applications produced by other people are coming with all these warnings, okay? So Martin didn't really spend a lot of time to clear everything. So now you should have a bunch of CAP files waiting for upload, for the upload. We will use a global platform pro tool. Global platform is a consortium which manage the specification for uploading the stuff to cards, okay? And basically it's used in a security related scenarios. So what you want to have is the properties like nobody except me can upload new applications there. Nobody except me can remove the applications. For that, obviously we'll use some authentication. So the cards are coming from the manufacturer with a set of keys that can be either default, publicly known, and for the developers cards, this is usually the case, or they can come with your custom keys already preset and pre-agreed with you. Okay, if you are a bigger consumer of the cards. And this global platform pro tool will authenticate against the card manager. So on the laptop you will provide the keys and the card manager is dedicated application already on the card, which will handle the upload. And you will then authenticate yourself against this card manager and then establish a secure channel and then you will upload the application, okay? If there are default cards, the global platform is a default key, sorry. The global platform can just handle everything for you. So once we are here, we can take a look what is already installed on your cards. For that, global platform pro tool have a minus list option. And if you will put the verbose, then you will get more information during the process. I will. Okay, okay, so I have a reader here. I have a card here. GB command comes from the global platform pro project which you can get from Github and go by yourself, it's just download the binary. And basically what you can see is that the global platform pro tried to recognize the card. It got ATR, which is some basic identification of the card. You should not count on this identification as being unique or immutable. Then it authenticated itself towards the card and then it will get the list of installed applications on the card. So now you can see that there are two applications. There is the card manager application and then there is another application I already installed here. AID, AID means application ID. So all the stuff on the card is identified by an application identifier or AID. So there are three entities on the card. But one is a package, right? Good, so how many applets you have? None in all, does it work? Yeah, so Martin, can you please just cycle around? Yep. Can you speak to that? Yeah, I don't know what's happening, but I can. What, are you missing? Look at the Java, I'll write it down. Do you have Java in your machine? I mean, now I wanted to... It was working initially. I was able to download Java from Oracle, but now I'm trying to... Which operating system do you have? It's just general macro connectivity. I'm connected to the access point, but... Yeah, but maybe I can download it for you and then give it and then use BSTIC. I tried, but the same is on my phone. It's almost not working, so... I don't know. For me, what's the name of the phone? I don't know, but maybe the 100th app will be successful. For me, it's not working at all. It's working on my phone. For me, neither on the phone, so it's not up to me. Next step is to... Too many people around. Yeah, basically a bunch of applets here. Are you using Apple or... Yeah, I can give you the Oracle package, no problem. Okay, so eventually you should be able to get the list of applications installed on your account. Okay. Once we... Okay, once we reach this situation, we can start to develop our own applet. So before your SDK will download, you can start programming, okay? So the task is to create a very simple applet. We already have an applet playground, probably. This was that small package from Martin's GitHub. There, please create a directory inside the source, the simple applet directory. And inside that, create simple applet to Java, okay? So this will be the basis for our applet. And on the next slide, I will show you what you should type in. What's the problem with the Java and NSS and Fedora? The latest update. Yeah, you need... So it works with Oracle Java, if you want to install it. But otherwise, I don't have a proper solution. So the problem is that Java on Fedora 25 currently cannot connect to HTTPS servers that use elliptic curves. It's not that fixed. I don't think so, at least when I checked yesterday. And how do you install the Oracle Java? It's on the etherpad. There's a link to ask.fedora.org. So do you have all the links to etherpad? Yeah, or should I just take this page down a little bit? I can also give you the packages on the USB stick in a minute. Okay, so hello world. Applet may look like this, okay? What you can probably recognize here is VR extending this applet. We have a constructor here, which is doing nothing else than going register function that will register this application inside the card. We have this dedicated install method that will just create the instance of this applet. And then we have the process method that will create the hello world message and send it out, okay? So, how we will do so? First of all, we have a APU class here. APU class is the wrapper for the buffer, five byte header, rest the data, okay? You need to get a pointer to that buffer. So this is the function called APU get buffer. This will return you the buffer, okay? And now we can start right into that buffer. For hello world to applet, we will have no incoming data. We will just produce something and send it back, okay? And we will produce the message hello world. So we are not working with the incoming data, but we will work with outgoing data. This line is a line that is checking whether currently incoming buffer is just the information that someone wants to work with your application. It's not really intended for your application, it's intended to make your application active. Okay, so if it's selecting a blood, then you will just end and return. But if it's not, then you will execute this piece of code. Okay, and this piece of code is just using the method that will do quick array operation, okay? It will copy content of this buffer into APU buffer from this constant into APU buffer. So that's it. After this line, we will have inside the buffer that we are going to send out, copy the message hello world, and then we like to send it out. For that, we have this quick function set ongoing and send. The function has two parameters. First parameter is the offset in the buffer where the data we like to send out starts. And the second is the length of the data, okay? So for us, we started with the offset zero and then we are sending hello out. What you can notice here is that we are working with the offset inside the arrays. That's quite common with the Java card because without any Java, you are copying the arrays all the time creating the new arrays with exact length as you need. But that's quite expensive operation on cards. So on cards, what you are usually doing is that you are still working with the same buffer, but you are just saying now the data I like to process start at 27 and it's 10 bytes long, for example, okay? So instead of creating additional array and copying these seven bytes there, you are just saying this is the offset and this is the length, okay? So copy free methods are prepared here because of the performance. Garbage collector is marketing. It is a feature that sells and not all the old card standards. So this type of data is in Java. No garbage collector. Yeah, don't assume any garbage collection. Basically the mode of operation is that you will allocate everything you will need through the whole lifetime of the applet in the constructor and then you will just reuse it, okay? If you need array in persistent memory, you will call new. If you need array in RAM, you will call dedicated method from object JC system, get transient byte array, make transient byte array, okay? So there is dedicated method. You will ask for RAM memory buffer and be careful, RAM is limited. So you can't ask for unlimited memory. Okay, so we got the buffer here. We set the data here and then we send the data out, okay? So then it's received by the reader, then it's transferred to the laptop and then the application which is currently using the reader will display it or whatever, okay? So what is the structure of these packets, the APD rule? It's application protocol data unit and the structure is very simple, five bytes and then the data, okay? You can have multiple options where in some cases you don't have any data at all and therefore you are just four bytes long. Usually it's four bytes long, then the line of the data and the data, okay? So that's the most common option. So the header as such is used to specify what should happen on the card, okay? You like to somehow tell now this data should be signed and the next time you like to tell now the data should be encrypted, okay? And for that you have these specific bytes. You can more or less, except for reserved values on the header, make it as you wish, okay? And based on that, you can then decide inside your applet. We will see that a little bit later, okay? So this is the content you should have inside your simple applet.java file and now we can go forward and compile it, okay? For that, just open build.xml and add this target. What's here? This is the name of the target. This is the Java card SDK we will use to convert the application, okay? This is important from the perspective that you can't upload the application, convert it for the newer version of specification to the older card, okay? So if you are just using the latest SDK, the chances are high that you will not be able to actually upload your application anywhere, okay? Because it's written inside the header of the binary and card will refuse to load it. Good, so then this is the output file where we would like to put our output. This is where our sources are and then we have two application IDs. One application ID is the ID of package. The, with the smart card, what you can do is you can upload one binary, it's a package, it's called package, with a unique ID and then you can create multiple instances of this package. Okay, so it's same as with the ordinary program. So you have one binary but you can run multiple instances, okay? And all these instances need to have unique IDs because then you can say now I like to work with a third instance, okay? So this is what we are specifying here. Quite often you have just one package and then one instance of that package, okay? So here this is the ID of the package and this is the ID of the instance. So this is what you should put there and you should try to compile, okay? So we have a new target here so we don't need to compile everything. So if we will type and simple, this is executed and at the end we should end up with a cap file. It's all right, the example that's in there. Yeah, yeah, you can just erase what was there or just add this into it, okay? It's not necessary to overwrite everything. Okay, so just like this and then it should compile. It should be quick because the AROPA is very small. So if you're lucky, you should end up with a cap file and then you can upload it to the cart, right? So for that we have install command. So we will use global platform pro, Martin's tool with the switch install and then there is a cap file. It's always helpful to have a verbose switch here because otherwise you will not really see anything except for the worst errors. So I'm usually using the verbose. You can even use the debug where you will see everything what's going to the cart. And if this will work well, the GP will first authenticate with a special application here responsible for uploading new applications, creates secure channel. The secure channel can be either non-security at all, integrity only or encryption and integrity, which is by the way, interesting point because what you can do is you can remotely over the air upload new applications to the car which is already deployed in the field and you are creating the secure channel between your server and the cart. And even if someone is intercepting the communication, that guy should not be able to get the applet which is the application which is going through the cart. At least that's the theory. Usually the banks are not updating the applets there. Good, so if this will go through, we will get a cap loaded, which means we now have this package loaded on cart and then there is an install command which will create instance. Usually there is only one package and one instance of the package. Maybe you will get an error and the error might be because the application is already there. So it may happen that you're running this command twice and the application is already there. And you can't upload new application with the same ID twice. You need to first uninstall it, if this is the case. So just type GP uninstall and then the applet, the cap file, GP Pro will take that cap file, extract these unique IDs and then do all the dirty work for you. So removing all instances. So make sure that the install was successful and we should be in a position where we have our simple hello world uploaded on the cart. Now it's waiting. It's waiting for two things. First of all, it's waiting for someone saying I'd like to talk with you, the selection of application. And then it's waiting for the commands. Should be done. Our application is just saying hello world, but of course real application will do more like signing, encrypting, getting the input data, computing wallet, hash, OTP, and then performing the signature and then putting data out. So you can really write complicated operations inside the cart. So how to communicate with our applet? We have bunch of options. First of all, GPS such can be used to communicate with the cart. So if you were to switch APU and then bunch of bytes in hexadecimal, you can send the data to the cart, okay? So the first part here as a special command, which is responsible to make some application on the cart active, okay? In this case, our own, okay? So we are using the switch APU and then you have a header here. Say, and this is the reserved code, okay? 00A40400 is a reserved for selection command. And after that, you have your unique ID of your application, okay? This is the same unique ID we've wrote inside, inside the built hexadecimal file, okay? So this one. We are not selecting the package. We are selecting the instance of that package. With the APU switch, you can put more during the same command. And the reason is that the GP tool will first open the connection to the cart, then do stuff, and then close the connection, okay? We need to do at least two steps. We need to say, I like to work with the application one and then to send something for the application one. Okay, some input, maybe data to be signed. Okay, so here the red is the selection command and the second one is the command that will go to our application and do something, okay? Based on the implementation of that application. So you can see that I'm using the debug here. So you can see in more details what is happening. So first of all, GP just detected some readers. In this case, this one. It's connecting to that reader and it's beginning the transaction. Then it's sending the data, okay? So this part is this first APU, okay? Very fun. After 23 milliseconds, we are getting 90000 out. And this is the status code, everything is okay. Okay, we like to see this one, okay? Nothing else, okay? Our application is sending out Hello World. Why we don't see anything more here? So we brought the application that is sending out Hello World and we sent a command that is making our application active and we don't really see Hello World here. Why is that? It's hex. That's true, but just a part of it. So what do you think? Why this is not showing Hello World? Okay, the reason is simple. Because this initial APU went into this process, but we have this line. If selecting a plot, then return, okay? And that APU command was just intended to make our application active, okay? So this is the reason why we just got, okay, now it's selected, okay? And then we have the green one, which is the subsequent command that will end up inside our application and will actually trigger something. And you can see that the data are coming here and coming out after 18 milliseconds with this response. Okay, and this should be familiar. First of all, this one is the success code and all data that are coming out are appended with two bytes of the status code. So in our case, it was okay. And then there are data we sent out, okay? So this data, if you will transform it into ASCII, you should see Hello World here, okay? So that's the Hello World. We have additional commands here, but these are just from the GP, which is now cleaning the session and ending the transaction and disconnecting from the real. Okay, so two commands. First one will make our application active, second and maybe all others are ending inside our application we can do the work. So now the task would be to do something more useful rather than just saying Hello World. And in this case, we like to use the fact that the cards have a very nice physical and a number generators. And we like to get this entropy, send it to laptop and then see some system, random average generator. So for that, what do we need? First of all, there is random data. We choose the name differently than what is common in Java. Because in Java you are using secure random here that's random data, okay? So we will create the attribute of our class and then inside the constructor we will get an instance of that random data generator, okay? The reason why we are doing this in a constructor is that we like to allocate everything in a constructor and then reuse it during the whole of that lifetime, okay? The constructor as such is called during the phase where our application is installed, okay? So either we will get everything we need like all keys or random data, I mean objects for generating random data or we will fail to install. That's a good security practice. These parts are not modified and only here we edit piece of code that will do something more, okay? So what I edit is that I'm getting the APU buffer, okay? This is the incoming buffer and based on the second byte of the header I'm deciding are the people asking for a number generator or for something else, okay? If they're asking for random data I will run generate data, get some random data and then send the APU command, the buffer out. In case it's not the request for random data I will do nothing, okay? I will just end, okay? So it's very simple and of course if you have more operations like sign, and create and stuff like that you will just have more conditions here. Usually it's implemented as a switch but for clarity I used it here, okay? So I created the object, get the instance of that object and here I generate, I use that object through the applet lifetime. So this is executed just once, this is executed repeatedly. Every time someone will ask me for the data I will send that amount of data, okay? Usually you are trying to produce as many data as will fit into all the buffer which is usually something like 250 something, okay? So if you will modify this you can just of course compile it and upload it. And then you can run the command again. We first need to select our application the same as before and then we will send APU command. If we will use the debug mode so we can see the options, we will see the trace. This is just a snippet of the trace and what you can see here is that we are selecting our applet and it was okay, which is good. And then we are sending the APU and we are just getting 9000 which is okay but we don't see any random data. What do you think? Why is this the case? We are sending the second APU but we don't see any random data coming out. What do you think? I will return to the applet again. So we were able to select the applet, that's fine. And then there is another APU coming through this object here and we got no data at all out of the problem. It's a tough one, right? Because this condition was not perfect, right? Because if you will take a look again we just used the previous APU command and the instruction, the first one is called class byte, second one is called instruction byte. We are branching on the instruction byte. So we are branching on the instruction byte and it needs to be random, it needs to be 54, excelsis map, okay? And this is not the case here but it's the case here. So we should get some random data out, okay? Randomly to me. But actually the cards are able to produce very nice data. What you can do, you can test it, you can implement application that will extract maybe gigabytes of data out of smart card and then test it with the statistical batteries that are designed to detect biases in the data and so on. So you can really test whether the card is nice or somehow screwed. And good cards are usually good. Okay so we have about 25 minutes so which is just on time to try also other applications, the bigger ones that are created by other people and but you already have these in Applet Playground because Martin collected these applications. So let's try to take a look on these cards too. So and if, if you will run Ant on Applet Playground you will end up with a bunch of cap files and one of the cap file is java card minus NDEF dot cap. Be aware in Applet Playground there are multiple projects put together and some of these are buggy, it doesn't work at all. So for NDEF there are actually two. One will end up in with a NDEF dot cap with the big capitals and the second one will end up like this. Use this one, okay? The other one doesn't work. So let's, I will just show you how this works. So I have the card, I'm putting the card to the reader and very good. And then it's a little bit difficult for me to see it. And now I like to upload the NDEF Applet there, okay? So I will just put install here and then the cap file, okay? I will use minus debug, okay? So you will see everything and hopefully this will work. Okay, so first there was some authentication with the card manager, which is that special application on the card responsible for uploading new ones. Then all these chunks are commands that are transferring content of Java card NDEF to the card. And then finally we have some install command and if you can see all these 9-0-0-0, this means yes, we were able to install the Applet properly. Okay, so I end up with the card that now has the NDEF application in it and can be used by other devices, like your mobile phone, okay? And this case means it functions like a simple NFC tag you can buy from, you know, wherever. You can write URLs or something to it. It's an NFC tag and sometimes people don't know what it is, I don't know. Yeah, yeah, okay. I totally screwed to explain this. Okay, so I have the application that can be programmed with URL that is automatically opened by your mobile phone or it can be programmed or stored with data with a business card, okay? So you can automatically add your contact into it. Okay, so I will try to show this, okay? To use this, you of course need mobile phone with NFC and unit application which is first able to store something on your data and then the second step is usually already supported by the system as such. So you may try an XP tag writer but this one crashes on my phone at the moment. So I used another one that the writer buy on NFC. No idea what the application is doing but it works, okay? So basically I can tap, I like to add something to the card and for example, I will, you can't see that but I will discrag. I will insert a dedicated object which is of type of URL and points to this page, okay? And now it asked me please put the card close by so I will do so, okay? And yeah, it was written there, okay? And now, if you have NFC phone, it should open your browser and it should go there, okay? Probably the internet is not working here but. Okay, so that's the point, yeah? So you are now able to write your application which is stored here. This application can just implement interface for ordinary NFC tags or you can add even your functionality, okay? You can generate new URL every time someone will ask for it, okay? You can really play with that. It's not just a stupid memory storage because you have, you are writing your code which is responsible for serving that objects from the card, okay? And then of course you need to store something to the card and then you can distribute this card and people can use this. Of course it's a more expensive solution than dumb NFC tag, that's for sure because this is programmable but the options are better. So this is for simple NFC application. Just write easy to use, okay? Then we can try OTP, okay? OTP means one-time password. So that's the option to regular passwords maybe based on time, current time or maybe based on some counter. The new code is generated every attempt to follow the authentication. In upload playground there is implementation from Ubico, if you know the Ubiquit tokens. There is upload they produced for this exactly and you can find it under OATH cap. So just install it, okay? I will try that as well, okay? And hopefully it will go there, it's good. The upload is a little bit bigger but it's installed properly. So now I have the card which contains the application that can serve OTP. I also need the application that will talk to the card, okay? And once again I will use phone. For that you can download from store Ubico OTP Authenticator, same as the Google Authenticator but the one that can talk to the cards, okay? So it looks like this. I will show you the pictures, okay? So this is a Ubico Authenticator and you can test it. You can test it on this webpage where in JavaScript they are running the whole one-time password authentication server, okay? So you can put your card here. You can add to your account based on scanning your code as you are used to with Google Authenticator, okay? But the secrets are stored not inside your phone, they are stored inside the card, okay? So once you remove the card nobody can generate OTP codes anymore. Okay, try that. You can even try that with GitHub so you can set up to factor authentication with the GitHub inside the settings, it's not really readable but you can enable to factor authentication and then you can just scan the QR code or type the key by hand and then you can pair it, okay? Be careful with that of course because this means you will not be able to authenticate to GitHub without that card, okay? So it's not really good for initial playing because you can quickly be blocked, okay? GitHub is producing bunch of recovery codes so it's definitely a good idea if you will play with that to store these recovery codes. For playing for such kind of fights I have to have a card reader, no. No, just mobile phone, mobile phone, okay? You need the reader to program it. Just for generating. Yeah, you can just visit us, we can program the card for you and then you just need this one, okay? Yes, you can just use your smartphone as a card reader but it's complicated, I'll set it up. Yeah, at this stage you can just test it, no danger blocking you out of your real account. Okay, so if we will upload this, okay, this is the last example. I will probably not show it in details but this is OpenPGP so you can just upload something that conforms to OpenPGP specification and then GPG software can talk to it and store private keys there, okay? And even generate it there. That's another advantage of these cards that you can completely keep the keys both from the perspective of initial generation and then use inside the card. Never lease the card, it's never transmitted to your computer. So even if the computer is compromised, the private key value will not. Of course, still the malware can do just sending the other data to be signed by the card, that's true, but we'll never learn the private key. And GPG has a switch minus, minus card edit which you can use for that, okay? So you can generate it and so on. I will just quickly tell you something about debugging of cards. That's quite often by frequent situation. You already saw these chunks of excited symbol data coming from the card. So far I was lucky, I got no error, no real error, but it's quite frequent that you will get the error and it's not clear at all what is happening, okay? Over the time, you will learn that some errors means something different in different places in time but quite often it's like that. So Google for the errors, ask people in forums, this usually helps. So if you are developing your own application, it's good to use simulator first, okay? It used to be that you were paying for simulators from manufacturers but nowadays, GcardSim is very nice option for that. It's open source simulator, very nice one. You can easily use that. Inside that file, I prepared the application that can do some basic crypto stuff and is already prepared to use simulator. So we can play with that. Just play with that. And for the real development, this is very helpful. You can catch a lot of bugs just on this level because you can debug also the code inside the card. This is not the case with the real card. With the real card, you are not able to attach the debugger somehow and then debug what's there, okay? You are not able to do so. So once everything runs on simulator, you should try with the real cards. There still can be some issues left like simulator support, some algorithm that is not supported on the real card. Simulator don't really recognize difference between the RAM and EEPROM memory. And therefore you can have issues with that and so on. Execution speed, of course. But at the end, you will figure this out. For the debugging on the cards, if you can recall the old ways how to debug stuff like putting some print lines on every second line of code and so on, you can do something like that here and you can do it by inserting emission of exception at particle line. And if you will reach that line, you will see the exception going out, okay? If you will not reach, if you will even not reach that line, you will not see your exception. And then you know that issue is before that, okay? Quite often the error is just 6F00 and you need to figure out what's going on. Yeah, try it home. There is a simple applied project prepared, prepared together with the simulator. Yeah, just try it. So just to summarize, smart cards are very nice, programmable and powerful devices. And not only that, they are certified to very high level of security, even the physical one. So this is really way more secure than ordinary PC. You can have your own application on the cards and you can have more than one at the same time, okay? If you like to talk to particle one, you will first send select and then you will talk to the application but they can run there. If you need to talk to that, so far I've shown you just a global platform prop tool that can handle that, but you can use ordinary Java to create application that talk to a card. And you can develop basically everything there, okay? So you can put all your difficult parsing of some particle protocol, the whole channel can end up inside the card which has the benefit of unwrapping the secure channel only inside the secure environment, okay? This is something you can't achieve with Pkcs11. With Pkcs11, everything ends inside your laptop and then there is unprotected communication with the card. So this is something which is the power of the cards. Still, it's not full Java, right? So when you are developing, but you will get used to it. You will just stay away from some stuff from the regular Java and you need to have in your mind that when you are working with the memory, this is potentially expensive operation. You should use RAM memory instead of persistent one, especially for writing and you should not use new except for the constructor, okay? That's good rule of thumb. So that's all. Inside the slides, I have a bunch more stuff you can play with that, but that's for you for additional education if you wish, okay? So if you have any questions feel free to ask. I believe we still have some time. Nobody's pushing us out. So far you've played with the contact readers, right? But these are dual cards, which means you are able to first program it via the contact interface and then use it via the interface. I tried to write to the card from the application and it seems it's not working. I think there is a problem with the chip inside. It doesn't support the standard. I think which application did you use? The NXP tag writer? Yeah. It has something. I think they changed it so that they only support the NXP chips or something like that because it worked one year ago, it doesn't work now and then other application works. And I think by then I tried the Nexus 5x and was able to read certain cards and this one wasn't so. I think there's also some hardware differences. NXP has the application tacking for something like that and this should work. It should be able to read something from your card. If NXP didn't read the ID or something. This is actually quite nice because it's showing also the global platform information, more or less the information Markin is using with the global platform to communicate. Yeah, it shows the communication. Yeah, that's actually the pain because with this stack you have multiple hardware devices, a lot of drivers, it's not infrequent that something doesn't work. On the other side, the cards as such are quite stable, especially if you are buying good brands. These cards are really good with respect to security and if you know what you should stay out of then you probably don't have an issue also during the deployment. You should keep in mind that there is a persistent memory and after maybe millions of writes, this can be damaged but usually you are not using it that way. If you have just signature cards, maybe a few times per day, there is some operation, some counter is written, PGB counter but nothing really serious. On the other side, I work on another project where we are using a bunch of cards that are running full speed all the time and the cards can handle that. So it's possible to use it as a basically high speed encryption or signature device. It's not really high speed as a single card but if you have hundreds, maybe thousands of cards at the end you will end up with a serious performance. Okay, so do you have any further questions? Okay, if not, then thank you a lot for being here and trying to go through this stuff. If you will feel that you'd like to ask us, we will be somewhere around for the next two days. Take the cards home. The cards. Cards, yeah, the readers. So thank you, Martin, for donating the cards. So if you have any questions, just feel free to ask. To pink us. Our support is Meperic plastic. Yes. And it's the one I have all the time. Yeah, it's because the microplastics are everything. And they are really good for us. And there are also different steps to take the microplastics and things that stand for the devices. The question is not in actually the capability but just you need to license my protocol from NXP and because NXP is proprietary, the goal is it. Nobody actually wants to depend on my protocol. So there is the NFC forum standard. So it's cheaper not to license the readerships from NXP than to take the chips with plastic. Nothing to do with the capability. So what is your application that you use to write? It's on wide, I think. Yeah, on NFC. It's in the slides. Yeah, and also on the, on the pet, at the pet. On NFC writer by Mobius, the Mobia. Yeah, on NFC, I think. Mobium, Mobium maybe, yes. In the pet, on the chat, there is the info. If you don't have a reader, you can get one from you. Or me, I can give you the same data from I use. That's a very good price because in Estonia, they are, the government is subsidizing the readers. So you can't buy this for that price. So the guys sell them the same readers on eBay for like 17 or 80 euros. But maybe you can go to the shelf and get one for 60 euros. For example, we have the readers for the ID. Is it the same reader? Yes, exactly. Okay. So there is nothing special. Maybe you even have the reader inside your laptop. That's possible. So you can read your EMV cards, or like bank cards or... SIM cards as well. SIM cards as well. See the contacts or something. Good, so will someone push us out? Yes, we will. Okay. You have a seat, five minutes. Five minutes, okay. The room is reserved for private meeting. Oh, yeah. So if you are buying the cards, then notice there are a bunch of shops you can use to buy. Martin maintained the list of shops. I don't know how... The job card buyers guide, if you Google for it, you will find the website. There is a listing of different shops, the prices vary from like five euros for the Chinese cards like this, up to even less than five euros, up to like 30, 35, 40 if you buy a single. Like the small quantities, and also the features vary. The lists in the buyers guide shop are supposed to be all variable by meaning that they actually deliver. So you can buy, you can see stuff on Na'vi Express that you know, you be afraid of the Chinese shops. Even if you get something, it will be crap. But it's cheap. Yeah, yeah. So, but in Europe, there is a crypto shop? There is crypto shop in Austria, there is market focus in UK, there is Motepe in Germany, there is one more, at least. A smart card source in Canada. A smart card source in Canada, yeah. So basically the big manufacturers are not selling to end users. So there are some intermediaries, they are buying 100,000s and then splitting and splitting and splitting and adding the price. Normally the minimum, if you want to get something from an actual vendor, which is like Kemalto or Infineon or Ben XP or something, is at least 1000, if not 10,000 cards. And an NDA and all the things. But nowadays, there are shops where you can just buy. Yeah, but the most important thing if you do buy them from the internet is to be sure that you are buying open Java cards, meaning the ones you can actually access because you can find stuff on the internet that is advert-tested. Basically all the smart cards you can find on the market, they're sim cards or bank cards. Not actually bank cards, but like crypto cards are based on Java cards usually. But they come in close configuration, meaning that you get the Java card, for example, your physical access cards. They're based on the Java chip from HID, but you cannot access anything on the card because they're closed. You must get the open platform and it does the vendor that, you know, do you give me the keys for the card? Yes or no? And they are closed in the sense that you don't have these keys. So we use the default developer's keys. You can change these keys once you get the card. You need to know these keys. Otherwise you can't do anything with that card, except for the applications that are already loaded there. But these shops market maintain are... I don't maintain the shops yet. Okay, yeah, the list of the shops are selling the open cards, which is good. I thought about making a high-level smart card in a shop, you know, best selections of best things. The question is, okay, which particular card do you have in mind to sell there? Because there was the discussion about the project where they were building the open source hardware, you know, they bought some older, I believe, NXP or Infineon. Now this is the... What for? The expert's project where they tried to make an open source smart card, but I think they have not delivered it. And that was based on, you know... Yeah, who though? I don't know. I don't know what it was based on, but some single vendors chips. Yeah. Okay, so that's all. We have only one minute, which is enough to clean the whiteboard. So thank you all for coming. And if you have any questions, just feel free to.