Our Online Store have the new products: RFID antenna board. Currently it can work with JC10M24R and JCOP4 card chips.
Compared with normal cards, the antenna board module has a smaller size and fixed holes, which is easy to integrate in the IOT(Internet Of Things) project.

Static fields in Applet + installing applet as default = phantomous bugs + fatally infected card?

JavaCard Applet Development Related Questions and Answers.
SmInc
Posts: 5
Joined: Sat Apr 21, 2018 10:04 am
Points :104
Contact:

Static fields in Applet + installing applet as default = phantomous bugs + fatally infected card?

Post by SmInc » Sat Apr 21, 2018 10:11 am

My card is GP211-based. My card is NXP J2A080.

My first silly and card-killing mistake (as I think) was following:

Code: Select all

// In Applet class
    private static byte[] bLog;
    private static short logNewIndex = 0x0;

In Applet's install() was:

Code: Select all

bLog = new byte[15000];
for (short i = 0; i < 15000; i++) {
    bLog[i] = 0x0;
}
logNewIndex = 0x0;

And, in process(), in different code nodes, I:

Code: Select all

// 
// ...clearing it
byte[] buffer = apdu.getBuffer();
...

// Here is NO apdu.setIncomingAndReceive(); call

for (short i = 0; i < 15000; i++) {
    bLog[i] = 0x0;
}
logNewIndex = 0;

le = apdu.setOutgoing();
apdu.setOutgoingLength( (short)4 );

buffer[0] = (byte)'O'; buffer[1] = (byte)'K'; buffer[2] = (byte)'A'; buffer[3] = (byte)'Y';
apdu.sendBytes ( (short)0 , (short)4 );

//
// ...writing it record-by-record to response
byte[] buffer = apdu.getBuffer();
...
// Here is NO apdu.setIncomingAndReceive(); call

du.setOutgoing();
//if (le < (short)2) ISOException.throwIt( ISO7816.SW_WRONG_LENGTH );
apdu.setOutgoingLength( (short)200 );

byte bId = buffer[6];
for (short i = 0; i < 200; i++) {
    buffer[i] = bLog[(short)((bId * (short)300) + i)];
}
apdu.sendBytes ( (short)0 , (short)200 );

return;


How I installing applet? Unfortunately I did not found some IDE plugin for so old platform or guide how to configure it, therefore I installing my applet with GPShell. As following:

Code: Select all

mode_211
enable_trace
enable_timer

establish_context
card_connect
select -AID a000000003000000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f // Keys are default
delete -AID ***
install -file Applet\javacard\Applet.cap -nvDataLimit 2000 -instParam 00 -priv 4
card_disconnect
release_context

-priv 4 is for installing as default.

And there are phantomous bugs!!!

I clearing my static byte[].
I requesting it to response - it is clear.
I disconnecting the card, connecting again.
I requesting again = bingo, it is full!
I deleting applet (and even no applets on card at all) and installing - clear. Re-connecting - full! Now it is full with info which just cannot be on the card. Applet is removed, and I used another PC and cardreader.

Moreover, the length of fillage is random for every time.

It just becomes not re-writeable. I trying rewrite it all possible ways, but no effect.

One of first tries was removing of the "static" modifier and place variables init into class' constructor. No effect.

Unfortunately I have not another card to just test new code on it.

But... I just reinstalled applet with -priv 2 - and no problems more...

Also I tried it many times before changed to -priv 4 and it was working. But non-default applet is not good solution because I need 3 selectable files, and this way I need 3 applets...

What should I do with this card? Is it because of static fields, or another? How to clean this card?


Tarantino
Posts: 101
Joined: Wed Aug 19, 2015 1:56 am
Points :478
Contact:

Re: Static fields in Applet + installing applet as default = phantomous bugs + fatally infected card?

Post by Tarantino » Mon Apr 23, 2018 4:42 am

What development tools do you use? Can you provide complete code (without important information)?
The code fragments are not easy to read.
The greatest glory in living lies not in never falling, but in rising every time we fall.--Nelson Mandela

jcfarmer
Posts: 3
Joined: Thu Apr 19, 2018 6:30 am
Points :50
Contact:

Re: Static fields in Applet + installing applet as default = phantomous bugs + fatally infected card?

Post by jcfarmer » Tue Apr 24, 2018 5:08 am

I didn't read every detail of your description.But I suggest you to use TK (transport key) or MK(master key/root applet aid) to reinitialize your card.
When some system parameters were changed (e.g. ATR ,BWT and so on ),the EEP space will be cleared by JCOP OS. This may be helpful for you.

Some dangerous experiments should be done in simulator(emulator) of java card platform, e.g. JCOP tools, JCIDE ,CREF.
You may unload your code of compiled version without sensitive information, so others can continue this experiment.

SmInc
Posts: 5
Joined: Sat Apr 21, 2018 10:04 am
Points :104
Contact:

Re: Static fields in Applet + installing applet as default = phantomous bugs + fatally infected card?

Post by SmInc » Sun Apr 29, 2018 3:01 pm

jcfarmer Thank you for answer.

I didn't read every detail of your description.But I suggest you to use TK (transport key) or MK(master key/root applet aid) to reinitialize your card.
When some system parameters were changed (e.g. ATR ,BWT and so on ),the EEP space will be cleared by JCOP OS. This may be helpful for you.

Can you describe it with more details?
What if I haven't transport key for the J2A080 card or it is already pre-personalized? Master key only.
I have the TK for J2A040 card. But I haven't J2A040 card currently, and seller not provided TK for J2A080. For J2A080 I trying it:
00A4040010C238E449F725B1510EAA699550CABA16 (J2A040's default TK)
Returns 6A82 error.

Post Reply Previous topicNext topic

Who is online

Users browsing this forum: No registered users and 40 guests

JavaCard OS : Disclaimer