Search found 155 matches

by tay00000
Sat Jan 09, 2021 10:43 pm
Forum: Questions & Answers
Topic: CAP Verifier Error in JCIDE 6.1.0.8
Replies: 2
Views: 142

Re: CAP Verifier Error in JCIDE 6.1.0.8

Found the answer.

JavaCard does not support following syntax:

Code: Select all

byte[] SYMBOLS = { ... };
for (byte b : SYMBOLS) { // <--- Not supported
You will still have to use the for loop:

Code: Select all

 for(short i = 0; i < (short) SYMBOLS.length; i++) :
by tay00000
Sat Jan 09, 2021 9:55 pm
Forum: Questions & Answers
Topic: CAP Verifier Error in JCIDE 6.1.0.8
Replies: 2
Views: 142

CAP Verifier Error in JCIDE 6.1.0.8

I am getting a Verification failed during applet build and conversion with JCIDE version 6.1.0.8 and ft222 and ft_3_0_5_for_classic converters are both being used but failed to execute conversion and verification of CAP files proper. "C:/JavaCardKit/SDK/Tools/JDK/bin/java.exe" "-Djc.home=C:/JavaCard...
by tay00000
Fri Jan 08, 2021 11:30 am
Forum: Card Products
Topic: AES Cipher Engine Bufferoverflow in NXP JCOP 4
Replies: 0
Views: 224

AES Cipher Engine Bufferoverflow in NXP JCOP 4

I have discovered independently a vulnerability in the JCOP 4 smart cards I recently purchased from JavaCardOS store (J3R180) to have a bufferoverflow vulnerability in the AES cipher algorithm. The vulnerability works by using the Cipher.update() function on the AES Cipher object and continuously up...
by tay00000
Fri Jan 08, 2021 11:20 am
Forum: Card Products
Topic: New ECC Crypto Vulnerability in NXP Chips
Replies: 0
Views: 140

New ECC Crypto Vulnerability in NXP Chips

Please note that new ECC crypto vulnerability has been discovered in NXP A700x chips. The following NXP products are considered insecure: J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D...
by tay00000
Thu Dec 31, 2020 1:46 am
Forum: Questions & Answers
Topic: Setting DAP RSA key and setting up and executing DAP verification
Replies: 3
Views: 228

Re: Setting DAP RSA key and setting up and executing DAP verification

Thanks. Is there a user guide for Snooper to execute the DAP key setting and verification ?
by tay00000
Thu Dec 31, 2020 12:09 am
Forum: Questions & Answers
Topic: Setting DAP RSA key and setting up and executing DAP verification
Replies: 3
Views: 228

Setting DAP RSA key and setting up and executing DAP verification

Is there a guide to use PyApduTool to generate a DAP RSA key in the Security Domain and to setup DAP verification and loading cap files ?

I can't seem to get the PyApduTool to install cap files with DAP verification checked.
by tay00000
Sat Mar 07, 2020 4:28 am
Forum: Algorithm School
Topic: Signing with custom hash
Replies: 1
Views: 19454

Re: Signing with custom hash

Hi Thumb, The smart card industry world moves on a very very slow pace. We only recently see the practical implementation of JC 3.0.4 on smart cards and most of the smart cards and SIM cards are still being equipped with just JC 2.2.2 or 3.0.1/2. It will take a very long time before the industry mov...
by tay00000
Sun Mar 01, 2020 11:34 am
Forum: Applets Development Guide
Topic: How to create an array of AESKey objects?
Replies: 1
Views: 24193

Re: How to create an array of AESKey objects?

Firstly declare the array of short totalKeyObjects = (short) 24; AESKey[] keys = new AESKey[totalKeyObjects]; Then afterwards loop through as needed and use the KeyBuilder to build the keys when you need to use them otherwise the keys are not initialized properly and are useless until initialized an...
by tay00000
Wed Jan 08, 2020 12:21 am
Forum: Card Products
Topic: Feitian's K9 FIDO token
Replies: 6
Views: 12752

Re: Feitian's K9 FIDO token

There is no known method of accessing the U2F capacitive touch button on the K9 because the access method to the touch button is proprietary to Feitian. You only have Java card smart card CCID access. Entire FIDO function is proprietary only to Feitian including the HID and touch button access which...
by tay00000
Fri Dec 20, 2019 10:14 am
Forum: Card Products
Topic: eJavaToken E5 Specifications
Replies: 1
Views: 7471

eJavaToken E5 Specifications

I have been digging around the eJavaToken E5 and here are my summary of what I noticed in the E5. Normal algorithms like AES, DES, RSA and ECDSA (SHA1 with ECDSA signature) are expected and thus are omitted from the above tests. The test is simply to find out unique functions and to make a note on i...
JavaCard OS : Disclaimer