Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
New Contributor
Posts: 6
Registered: ‎06-29-2011
My Device: bold 9900

smart card driver and ASSD

Dear experts,

 

i would like to create a cryptographic smart card driver for my Advanced Security SD card. I mean certificate and public key/private key  wil be stored on ASSD card (conform to Mc-EX extension spec.).  is it possible ? how to open smart card session to my SD card (instead of the SIM card) ? i have read the smartcard guide but it is still not clear for me.

 

regards,

/tony

New Contributor
Posts: 6
Registered: ‎06-29-2011
My Device: bold 9900

Re: smart card driver and ASSD

[ Edited ]

Please could u help me ?

Retired
Posts: 571
Registered: ‎06-25-2010
My Device: Z10

Re: smart card driver and ASSD

[ Edited ]

Hi, first of all, implementing a BlackBerry smart card driver for a secure SD card is fundamentally the same as implementing a driver for a standard smart card as described in the smart card developers guide.

 

The key steps are:

 

1. Implement a class which extends CryptoSmartCard. Include a libMain method which will add your card to the system like this:

 

       public static void libMain(String args[]) {

              try {

                     SmartCardFactory.addSmartCard(new FakeCryptoSmartCard());

              } catch (ControlledAccessException cae) {

              } catch (Throwable t) {

              }

       }

 

Set your application to automatically start and so that its icon is not shown on the home screen. You do this through the application descriptor of course.

 

Implement all of the abstract methods and any others which you wish to override. The method which will result in your driver being used with your secure SD card is

protected boolean checkAnswerToResetImpl(AnswerToReset atr)

 

When a smart card or secure SD card is inserted or connected to your BlackBerry device, it will be sent a reset command and will reply to this with the Answer To Reset or "ATR" response. This should contain a sufficiently unique identifier to allow the particular type of card to be recognised. The system will then call the checkAnswerToResentImpl method on all registered drivers. The one that returns true is the one which will then be used as the driver with the card. So you need to know what the ATR for your SD card looks like so you can check for it and return true when you encounter it. Your code might look like this:

 

       private final static byte MY_ATR[] = { (byte) 0x3b, (byte) 0xdf,

                     (byte) 0x18, (byte) 0xff, (byte) 0x81, (byte) 0x31, (byte) 0xfe,

                     (byte) 0x45, (byte) 0x80, (byte) 0x59, (byte) 0x01, (byte) 0x80,

                     (byte) 0x48, (byte) 0x49, (byte) 0x44, (byte) 0x43, (byte) 0x37,

                     (byte) 0x30, (byte) 0x30, (byte) 0x73, (byte) 0x00, (byte) 0x01,

                     (byte) 0x1b, (byte) 0x33 };

 

       protected boolean checkAnswerToResetImpl(AnswerToReset atr) {

              AnswerToReset myATR = new AnswerToReset(MY_ATR);

              boolean result = myATR.equals(atr);

              return result;

       }

 

If you don't know the ATR then it's not hard to find out through a bit of "snooping". Just implement something like the following which will log the ATR to the EventLog so you can then examine it:

 

       protected boolean checkAnswerToResetImpl(AnswerToReset atr) {

              Utilities.log("XXXX requesting atr=" + atr.toString());

              return false;

       }

 

Obviously here I've used a Utilities class of my own which uses the EventLogger API.

 

The method protected SmartCardSession openSessionImpl must return a class which extends SmartCardSession. This is the second piece of work you must undertake:

 

2. Implement a class which extends SmartCardSession or in your case CryptoSmartCardSession

 

It is in this class which you implement behaviours such as login control and where you are able to exchange APDUs with your card. This is where you need to know about ISO7816-4 to be able to formulate and decode the APDUs. You may also need to know proprietory details of your specific card.

 

Hope this helps

 

--------------------------------------------------------------------------------------------
Feel free to press the like button on the right side if you liked my attempts to help :-)
And please mark posts as solved if you think I found the solution or set you on its path. Thanks!
Follow me on Twitter: @mdwrim
New Contributor
Posts: 6
Registered: ‎06-29-2011
My Device: bold 9900

Re: smart card driver and ASSD

hi mwooley,

 

Thank you for this very helpful informations.

As you recommend me, i need to implement both CryptoSmartCard and CryptoSmartCardSession classes for my "particular" smart card (in fact it is in my micro SD card).

 

At the end, i hope that my new registered smart card driver with the system could be used with native blackberry applications. For example, could i use my driver to decrypt a mail (private key will remain in the smart card) or to encrypt a mail (with public key) to ensure confidentialy. Could you confirm me before starting this "long" development?

 

Regards

/tony

Retired
Posts: 571
Registered: ‎06-25-2010
My Device: Z10

Re: smart card driver and ASSD

You'd need a certificate on the card and the user would need to import the certificate to the BlackBewrry device key store. The associated private key would stay on the smart card but be referenced from the device key store. Once imported by the user (you cannot automate this by the way; the user must do the import and say they trust the certificate) the certificate should be generally available to applications.

--------------------------------------------------------------------------------------------
Feel free to press the like button on the right side if you liked my attempts to help :-)
And please mark posts as solved if you think I found the solution or set you on its path. Thanks!
Follow me on Twitter: @mdwrim