Reputation: 43
What is the sequence of APDU commands to install applet to java card?
I have a .CAP file ( applet ) and I want to install it to my java card. I know that I can use tools like GPShell or apdutool (from JCDK) to do that but I want to replicate the installation process by myself.
The confusing thing is that in the GP standard the installation process is : APDU command INSTALL[for load] followed by multiple LOAD commands followed by INSTALL[for install] command.
While the oracle documentation proposes a different sequence of APDU commands for installing the .CAP file: Select( Issuer Security Domain? ) , CAP begin, Component ## Begin+Data+End ( for each component ), CAP End, Create Applet.
Are both methods of installing an applet equivalent?
What does the LOAD command DATA field contains? The GP standard does not specify that, and I know that sending the raw bytes from the .CAP file is wrong. I used the GPShell to successfully install the applet but the DATA field of the LOAD command made no sense to me. GPShell output
For the oracle method I used scriptgen from Java Card Developement Kit to genetate the APDU commands, but the INS byte from those commands ( B0,B2,B4,BC,BA) have no GP reference.scriptgen output
Upvotes: 4
Views: 3030
Answers (1)
Reputation: 656
While the oracle documentation proposes a different sequence of APDU commands for installing the .CAP file: Select( Issuer Security Domain? ) , CAP begin, Component ## Begin+Data+End ( for each component ), CAP End, Create Applet.
Selection of card manager (Issuer security domain - Root), is required before installing the applet because it is the responsible component for loading and installing an applet on the card. Also note, you will need to authenticate with card manager by establishing the secure channel (SCP02 preferably).
Perform the following sequence of APDU's to install the applet: -
Select Issuer Security Domain (ISD). 00 a4 04 00 Lc AID_ISD
Authenticate with ISD.
Setup a SCP02 (refer command initialization update, external authenticate). Here, you will require 3DES keys of the card. Refer the documentation provided with the card.
Send apdu, Install[for Load].
The confusing thing is that in the GP standard the installation process is : APDU command INSTALL[for load] followed by multiple LOAD commands followed by INSTALL[for install] command.
Send apdu, Load Blocks.
.cap file of applet which you will have is a zip of its constituent CAP's files(http://pfa12.free.fr/doc_java/javacard_specifications/specs/jcvm/html/JCVM06cap.html). So you need to send each CAP file one-by-one to the card.
Load (Header.cap), Load(Directory.cap)... etc.
Send apdu, Install[for Install]. Installation complete.
Upvotes: 7
Related Questions
- Installing an applet on a JavaCard
- Can an APDU command be executed *inside* the Java Card Applet?
- Upload an Applet to a real smart card using APDU
- java cards applets deployment in detail view
- How to install applet on smart card using java
- Installing applet (Java Card) on J3A081
- Loading applets to a real Java Card
- Applet ID's and APDU in Java Card
- Installing applet in javacard
- Deploy javacard applet on a Jcard