Monthly Archives: November 2018

JavaCard Applets






STK Applets – simhacks

JavaCard Applets

Writing, compiling, loading, and using JavaCard STK SIM Applets.

Java Card refers to a software technology that allows Java-based applications (applets) to be run securely on smart cards and similar small memory footprint devices. Java Card is the tiniest of Java platforms targeted for embedded devices. Java Card gives the user the ability to program the devices and make them application specific. It is widely used in SIM cards (used in GSM mobile phones) and ATM cards.

wikipedia

Eclipse

Remove the JRE system library and add the Java Card library. Set compiler level to 1.3 and bytecode compatibility to 1.1

Oops, this will be here shortly!

Shadysim is a collection of Makefiles and python scripts that makes it easy to compile and load SIM applets. See https://github.com/shadytel/sim-tools
for more information.





Smart Card Standards

simhacks

DEFCON 21 Talk
SIM Cards
JavaCard STK Applets
Android Emulator
Resources
Store

SIM Cards

Random notes about interfacing with SIM cards.

Smart Card Standards
GlobalPlatform
References

Smart Card Standards

ISO 7816-1: Physical characteristics
ISO 7816-2: Electrical contacts
ISO 7816-3: Electrical interface, Transmission Protocol Data Units (TPDUs)
T=0: Byte-oriented protocol
T=1: Block-oriented protocol
ISO 7816-4: Standard commands, Application Protocol Data Units (APDUs)
ISO 14443-4: “T=CL”: APDUs over RFID

GlobalPlatform
At install time, you can specify:

Initialization data
App parameters
STK uses these extensively
Privileges
Priority
Number of menu items
Max menu item size

Other fun commands:

List AIDs, including both modules and instances
Delete AIDs
You MUST delete instances before deleting the executable!
You MUST delete old AIDs before reusing them!

References

Java Card 2.1.1 Virtual Machine Specification
GlobalPlatform card specification 2.1/2.2
GSM 03.48 – Secure remote SIM access
GSM 03.40 – SMS standard
ETSI TS 101 220 – Assigned numbers
ETSI TS 102 221 – UICC/(U)SIM spec
ETSI TS 102 223 – Card Application Toolkit
ETSI TS 102 226 – Remote APDUs
ETSI TS 102 241 – UICC/SIM API for JavaCard