Introduction
Java Card technology enables secure elements, such as smart cards and other tamper-resistant security chips to host applications called applets, which employ Java technology.
Java Card technology offers a secure and interoperable execution platform that can store and update multiple applications on a single resource constrained device, while retaining the highest certification levels and compatibility with standards. Java Card developers can build, test, and deploy applications and services rapidly and securely. This accelerated process reduces development costs, increases product differentiation, and enhances value to the customers.
The Java Card Development Kit is a suite of tools for designing implementations of Java Card technology and developing applets based on the Java Card Specifications. It is available as two independent downloads:
- The Java Card Development Kit Tools are used to convert and verify Java Card applications.
- The Java Card Development Kit Simulator offers a testing and debugging reference for Java Card applications. It includes a Java Card simulation environment and Eclipse plug-in.
Together, these two downloads provide a complete, stand-alone development environment in which applications written for the Java Card platform can be developed and tested.
These release notes describe the Java Card Development Kit Simulator, Version 24.1, which is based on version 3.2 of the Java Card Platform Specifications.
What's New
The complete set of Java Card SDK features is described in the Java Card Development Kit User Guide in the Java Card Documentation web site.
New Features
- Setup – The Java Card Development Kit Simulator is now delivered with the OpenSSL shared library 3.0 (version 3.0.15 for 32-bit machine architecture) to simplify the setup process prior starting the simulator.
- Setup – Extended the Configurator tool to be able to set the key version (KVN) for the initial keyset of the Issuer Security Domain.
- Setup (Linux) – Extended the IFDHandler for PCSC-Lite to support the configuration and the use of up to 6 Simulator instances at the same time.
- Java Card API – Added the support for named curves and enabled the creation of EC
keys initialized with the corresponding domain parameters, and their use for ECDH,
ECDSA and EdDSA operations.
- Added support for
NamedParameterSpec.getInstance(…)
andKeyBuilder.buildXECKey(…)
using the predefined domain parameters for the following named curves:NamedParameterSpec.BRAINPOOLP192R1
NamedParameterSpec.BRAINPOOLP192T1
NamedParameterSpec.BRAINPOOLP224R1
NamedParameterSpec.BRAINPOOLP224T1
NamedParameterSpec.BRAINPOOLP256R1
NamedParameterSpec.BRAINPOOLP256T1
NamedParameterSpec.BRAINPOOLP320R1
NamedParameterSpec.BRAINPOOLP320T1
NamedParameterSpec.BRAINPOOLP384R1
NamedParameterSpec.BRAINPOOLP384T1
NamedParameterSpec.BRAINPOOLP512R1
NamedParameterSpec.BRAINPOOLP512T1
NamedParameterSpec.SECP192R1
NamedParameterSpec.SECP224R1
NamedParameterSpec.SECP256R1
NamedParameterSpec.SECP384R1
NamedParameterSpec.SECP521R1
NamedParameterSpec.ED448
NamedParameterSpec.ED25519
NamedParameterSpec.X448
NamedParameterSpec.X25519
- Added support for
KeyAgreement.ALG_XDH
to use the curve25519 and curve448 (RFC 7748) for ECDH key agreement operations. - Added support for
Signature.SIG_CIPHER_EDDSA
to use the named curves edwards25519 and edwards448 (RFC 8032) for Pure EdDSA signature operations without context.
- Added support for
- GlobalPlatform – The simulator has been upgraded to be compliant with the
GlobalPlatform Common Implementation Configuration v2.1, with support for
Supplementary Security Domains and support for the following list of Privileges:
- Security Domain (SSD support)
- DAP verification
- Delegated Management
- Card Lock
- Card Terminate
- Card Reset
- CVM Management
- Mandated DAP Verification
- Trusted Path
- Authorized Management
- Token Verification
- Global Delete
- Global Lock
- Global Registry
- Final Application
- Global Service
- Receipt Generation
- Ciphered Load File Data Block
- GlobalPlatform - Added support for AES (128,192,256 bit keys), RSA (1024 and 2048 bit keys) and ECC (256,384,512,521 bit keys) cryptographic schemes. This includes the ability to create and store such keys and use them during DAP and token verification operations. It also supports Receipt Generation with AES keys.
- GlobalPlatform - Added support for general data store (Data Store) to any Security Domain with the default length of 250 bytes.
- GlobalPlatform - Added support for key loading and update using either the STORE DATA or PUT KEY commands.
- GlobalPlatform - Implemented the following interfaces for GP API:
org.globalplatform.GlobalService
org.globalplatform.SecureChannelx
org.globalplatform.SecureChannelx2
- GlobalPlatform – Extended the Secure Channel Protocol ‘03’ implementation with the S16 mode, in addition to the already existing S8 mode, to support 16-byte challenges and cryptograms and 16-byte C-MAC and R-MAC.
- GlobalPlatform - Added Default Secure Channel Key Set DGI in STORE DATA command.
- GlobalPlatform – Added chaining mechanism for PUT KEY, INSTALL and DELETE commands.
Bug Fixes
- Java Card API – Fix issues in
HMACKey.setKey(…)
andGenericSecretKey.setKey()
incorrectly interpreting key length when usingKeyEncryption
- Java Card API – Fix issues for ECDSA in
Signature.verify(…)
andSignature.sign(…)
failing with incorrect signature length - Java Card API – Fix issues in
ECKey.setK(…)
not throwing expected exception for invalid values. - Java Card API – Fix issue in
Key.clearKey(…)
when executed onECKey
with shared domain parameters
System Requirements
This product is targeted for use on a PC running on the following systems:
- Microsoft Windows for versions 10 or 11
- Ubuntu Linux 20.04 LTS or Oracle 9
The following software must be installed for the Java Card Development Kit Simulator to work:
-
Java Development Kit (JDK): This release has been verified and tested with Oracle JDK 17 (64 bit version) and OpenJDK 17 (64 bit version). Download the JDK software from:
http://www.oracle.com/technetwork/java/javase/downloads
Install it according to the instructions on the website.
-
Eclipse IDE: Eclipse IDE is optional and is required only for using Eclipse plug-in. The Java Card Eclipse Plug-in was tested with Eclipse 2023-03 (4.27) and JDK 17. Download the Windows Eclipse IDE from the following URL, and install it according to instructions on the website:
Installation
The Java Card Specifications, Development Kit Simulator, and Development Kit Tools must be downloaded and installed individually.
-
See the Downloading the Specification Documents topic of the Java Card Platform Specification Release Notes, Version 3.2 for more details on how to download the Java Card Specification bundle.
-
See the Installation topic of the Java Card Development Kit User Guide for more details on how to install the Java Card Development Kit Simulator and Java Card Development Kit Tools.
Contents of the Development Kit Simulator
This release of the Java Card Development Kit Simulator contains Java Card simulation environment and Eclipse plug-in.
The following table describes the files and directories that are installed in the
root installation directory (JC_HOME_SIMULATOR
).
Directory/File | Description |
---|---|
client |
Contains client components: an application management service API
(AMService.jar file and javadoc documentation),
a communication smartcardio API (socketprovider.jar
file) and a debugger proxy (jc-debug-proxy.jar
file) to manage, communicate, and debug Java Card
applications.
|
drivers |
It is only for the Linux version. It contains the IFD
Handler (libjcsdkifdh.so ) for PCSCLite allowing an
application to communicate with the Java Card Development Kit
Simulator based on PC/SC.
|
runtime |
Contains the Java Card Development Kit Simulator binary executable as well as the OpenSSL shared library 3.0 (32-bit). |
samples |
Contains sample applets and the corresponding client applications. |
tools |
Contains a tool to configure the Java Card Development Kit
Simulator (Configurator.jar ) with a secure channel
protocol key set and a Global PIN.
|
Documentation
The Java Card Documentation web site provides online product documentation for the Java Card Platform.
Document | Description |
---|---|
Java Card Platform Specifications. | The following specification documents are available for the Java Card Platform,
Version 3.2:
|
Java Card Options List | This document describes the list of options available to implement a Java Card platform, based on the Java Card Specifications. |
Java Card Development Kit Simulator - User Guide | This document describes how to use the Java Card Development Kit Simulator and Eclipse plugin to develop, test and debug applications for Java Card Platform. It is available in HTML and PDF formats. |
Java Card Development Kit Tools - User Guide | This document describes how to use the Java Card Development Kit Tools to convert and verify applications for Java Card Platform. It is available in HTML and PDF formats. |
Product Information
The Java Card Technology website provides useful information about the Java Card product.
Visit the Java Card Technology website to access the most up-to-date information on the following:
- Product news and reviews
- Release notes and product documentation
Documentation Accessibility
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at https://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc
Access to Oracle Support
Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit https://www.oracle.com/pls/ topic/lookup?ctx=acc&id=info or visit https://www.oracle.com/pls/topic/lookup?ctx=acc&id=trsif you are hearing impaired.
Documentation Accessibility
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.
Access to Oracle Support
Oracle customer access to and use of Oracle support services will be pursuant to the terms and conditions specified in their Oracle order for the applicable services.
Java Card Development Kit Simulator Release Notes, Version 24.1
F92101-03