Ismael Valladolid Torres wrote:
We're trying to add cryptographic support to GSM cards. What we're thinking is
hacking some cryptographic application so it reads wirelessly its support files
from a card inserted in a mobile phone and registered into the network.
If you want to run your application in a GSM card that is registered in
the network you will need some support form your operator to load the
app and give you the right permissions.
At first what we need is to make clear the scope where OpenSC is to be used and
the scope where Musclecard is to be used.
OpenSC reports that it's to be used with "traditional" smartcards with a file system,
and suggests to avoid Java enabled cards, as they don't have a filesystem. But indeed GSM
cards operators here are using are Java cards and do have a filesystem. Only from Java Card 2.2.2
on a filesystem is excluded (this means AFAIK that the package javacard.frameworkx is no longer available, am I right?)
A Java Card for the GSM network, consists of the JCRE and API of the
Java Card specification typically today version 2.2. It come with some
additional API to get access to the GSM filesystem in SIM card or to the
filesystem of the USM/SIM/ISIM applications on a UICC card, and some
additional APIs to drive the toolkit protocoll. These addtional APIs are
defined by ETSI and 3GPP. You need the informations from your car vendor
or operator which version of the APIs he is using.
So OpenSC *could* be used with current GSM cards.
Moreover Musclecard reports being available to Java cards, which include
current GSM cards. Does this mean Musclecard don't make use of the filesystem
in any way?
yes what makes sense if you have your keys and other credential defined
as Java objects.
Also, Musclecard implements PKCS #11 where OpenSC implements PKCS #15. What are
the differences from a practical point of view between #11 and #15?
PKCS#11 is outside the card on the desktop, PKCS#15 is an object
structure in the card. There are Java Card based implementations of
PKCS#15 available.
Also, is a cryptoprocessor in the smartcard needed for using also Musclecard
and OpenSC?
if you whant to perform cryptographic operations in the card then yes :-)
Summarizing: Given that we need cryptographic support into a current GSM Java
card, should we go for OpenSC or for Musclecard?
Any ideas, comments or suggestions are welcome.
Cordially, Ismael
------------------------------------------------------------------------
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
--
--
_____________________________________________________________________
Sun Microsystems GmbH Sebastian J. Hans
Clienst System Group
Komturstrasse 18a email: [EMAIL PROTECTED]
12099 Berlin Tel: +49-(0)30-74 70 96 701
Germany Fax: +49-(0)30-74 70 96 787
http://www.sun.com mobile: +49-(0)174-300 75 34
Sitz der Gesellschaft:
Sun Microsystems GmbH, Sonnenallee 1,
D-85551 Kirchheim-Heimstetten
Amtsgericht Muenchen: HRB 161028
Geschaeftsfuehrer: Marcel Schneider, Wolfgang Engels, Dr. Roland Boemer
Vorsitzender des Aufsichtsrates: Martin Haering
_____________________________________________________________________
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
