Smart cards and the OpenCard Framework

Learn how to implement a card terminal and use a standard API for interfacing to smart cards from your browser

1 2 3 Page 3
Page 3 of 3
File Purpose
MakefileMakes DLLs, jars for any of a number of makefiles, nmake, GNUmake, unix make
RunprogramRuns the GetCardID application with proper settings for PATH and CLASSPATH
3 Reflex20CardTerminal.javaImplementation of CardTerminal for the Reflex20
ORACardTerminalFactory.javaFactory that returns the requested driver using a name
GetCardID.javaSimple Program to demonstrate OpenCard functionality
Reflex20Driver.javaInterface to native methods
Reflex20Constants.javaConvenience Class with Constants
Reflex20Slot.javaRepresentation of a card in a Slot as an object
Reflex20Driver_w32.cC implementations of native methods for JRI and JNI VMs
native/Ctscrw95.libManufacturer provided lib file
native/Ctscrw95.DLLManufacturer provided DLL file with ct_init, ct_data and ct_close methods
native/libReflex20Driver_w32.DLLDLL build by the makefile needed for Reflex20driver native method implementations

Using OpenCard from Communicator

When I started writing this article, Communicator did not support the JDK 1.1 JNI, so this example was created with JRI (Communicator's version of a native method interface). A JNI version should be available soon at the OpenCard Web site. See the Resources section for information on both of these items.

We were able to use JRI to support the IBM 5948 reader, and we expect the same code also to function for the Reflex20 PCCard reader with some name changes. Recently, Netscape announced support for JNI with Communicator 4.0.4. This is great news for the Windows market but not so good for the Unix environment, which is my preferred development environment. The 4.0.4 release of Communicator is so new that we were unable to test our code with it. We are using JRI to access the CT-API as native methods from Java. We would like to use JNI exclusively, so we would not have to support two interfaces. (We will discuss Microsoft Internet Explorer in the next section.)

To access a smart card from your browser, you need to be able to talk to the reader. As reading and writing to devices is considered a security issue, you also need to configure your browser to support it. At the current time, the three primary browsers have different security interfaces. To get the JRI version of the interface to OpenCard working on your Communicator-enabled platform, follow these steps, starting with a version of Netscape Communicator no lower than version 4.03 on Windows 95/NT:

  • Upgrade to Communicator 4.03, which you can download from one of Netscape's mirror sites.

  • Install JDK 1.1 Preview 2 patch http://developer.netscape.com/software/index.html?content=jdk/download.html; this contains the links to Windows 95 and NT versions and directions on how to install the patch.

  • Get the Plugin SDK, which is needed for the build process: http://ftp.netscape.com/pub/sdk/plugin/windows/winsdk40.zip. This contains javah and includes. Unzip the file to some directory and add a macro NETSCAPEDIR to your Defs-<hostname>.gmk file in makefiles/host of the OpenCard build tree.

  • Running make jri in directory src/com/ibm/zurich/smartcard/terminal/ibm5948 will build both the JRI version and the JNI version of the Zueri card terminal.

  • Add to your environment an LD_LIBRARY_PATH environment variable, containing the path where the DLLs are located.

  • A test page is located in src/com/ibm/zurich/smartcard/test/IBM5948Test.html. The applet will display the terminal type in the applet frame and set the terminal's display to "Hallo..."

Running OpenCard with Internet Explorer

Interfacing to the Microsoft Internet Explorer browser requires more work due to the Windows JDirect interface. Unfortunately, Microsoft has chosen not to implement JNI, which means you cannot reuse your JNI work. Notice the difference it makes with Communicator in reducing the amount of code you must customize. JavaSoft spent some time on the development of JNI to make it complete, using some ideas from Netscape's JRI. Microsoft seems to have some technical issue with this.

In future articles, we will provide examples of interfacing to PC/SC on Microsoft platforms. As noted above, PC/SC is a standard for supporting smart cards on Windows platforms -- and that means Windows platforms only. (For more on PC/SC, see the previous column.) We have already run OpenCard on AIX, Solaris, Windows 95, and NC platforms. There has been interest in porting OpenCard to point-of-sale devices and PDAs.

Conclusion

Using the OpenCard Framework for smart cards you should be able to select and interface card terminals to the framework based on cost and implementation difficulty. The implementation of the IBM 5948 card terminal code demonstrates how to perform PIN functions as well as control LEDs on the reader. The interface to the Reflex20 should easily be reusable for other PCCard type devices. Soon serial support will be part of the JDK -- so a 100 percent pure Java interface to serial readers will be possible. We will show you such an implementation in the future. In next month's Java Developer column on smart cards, we will discuss JavaCard and provide some examples of a current implementation. After that, we will look at the 2.0 JavaCard Specification and where JavaCard is going.

To make your interfacing task easier, it is best to select a reader that has existing DLLs or .so (Unix Dynamic Link Libraries] files that are similar to the model supported by Schlumberger's Reflex20 and the IBM 5948, unless you are an extremely experienced C and Java programmer and have a solid understanding of ISO 7816. The most wonderful thing about these two readers and others is that they support the same C API, which means that it took almost no work to support the Reflex20 after understanding the IBM-supplied interface for the IBM 5948.

Peter Trommler is a researcher at the IBM Research Division Zurich Research Laboratory, Switzerland. He is one of the designers of the OpenCard Framework and implemented parts of the reference implementation. His research interests include smart cards, security, distributed systems, and Java. Rinaldo S. Di Giorgio is a staff engineer for Sun Microsystems in New York City. He currently is working on the integration of many technologies into HotJava and Java, including commerce, database connectivity, portfolio management, and analytical applications for the financial and emerging genetics market. He sees Java as the technology that will minimize two great cost factors in the computer industry: distribution and code development.

Learn more about this topic

  • You can access source code for examples in this article through a .zip or .tar file
  • The Resources section from the first in the series of articles on smart cards contains a fairly exhaustive list of URLS on the smart card subject
    http://www.javaworld.com/javaworld/jw-12-1997/jw-12-javadev.html
  • Smart cards and the Web http://www.netscapeworld.com/netscapeworld/nw-03-1997/nw-03-smartcard.html
  • General PCCard resources http://beta.missilab.com/readertest/pcmcia.html
  • On using native methods to get to the serial ports http://www.javaworld.com/javaworld/jw-07-1997/jw-07-javadev.html
  • Reflex20 contact information http://www.pcsc.austin.et.slb.com/cyberflex/pcsc/reflex20.html
  • Latest firmware and SDK for the Reflex20. If you have problems with the example, download this file and replace the DLL interface library. Follow the directions for updating the firmware.
  • IBM 5948 Card Accepting Device http://www.chipcard.ibm.com/sc09adev.htm
  • OpenCard architecture, documents, and source code for this article http://www.opencard.org/
  • Latest version of Communicator (4.0.4) has JNI support for Windows 95 platforms http://developer.netscape.com/software/jdk/download.html
  • 100% Pure -- the official definition. This FAQ has answers to most questions about what makes a Java applet, application, or Bean 100% pure http://www.javasoft.com/features/1997/may/100percent_qna.html
Related:
1 2 3 Page 3
Page 3 of 3