Byte Code off-card verifier for cap file

Question

I need to verify a Java Card programme (a cap file) using an off-card byte code verifier. I have manually modify the informations in the cap file and i want to verify if the new cap file is well type.

I try to use the com.sun.javacard.scriptgen.CAP.verifyCAP() methode. I send valid and invalid cap files but the result is always equal to 0.

Answer 1

I never post the solution. That day has finally arrived ;)

Download the JavaCard SDK. It contain a compiled version of the verifier. For that exemple that will be java_card_kit-2_2_1.

My files:

./
./java_card_kit-2_2_1/
./java2CAP.sh
./ValidApplet/
./ValidApplet/ValidApp.java
./verifyCAP.sh

java2CAP.sh:

#!/bin/bash
export JC_HOME=./java_card_kit-2_2_1
export CLASSPATH=$JC_HOME/lib/apduio.jar:$JC_HOME/lib/apdutool.jar:$JC_HOME/lib/jcwde.jar:$JC_HOME/lib/converter.jar:$JC_HOME/lib/scriptgen.jar:$JC_HOME/lib/offcardverifier.jar:$JC_HOME/lib/api.jar:$JC_HOME/lib/capdump.jar:$JC_HOME/lib/:$JC_HOME/samples/classes:$CLASSPATH
PACKAGE=ValidApplet
CLASS=ValidApp
APPLET=$CLASS.java
PACKAGE_AID=0x46:0x56:0x55:0x4c:0x4e:0x54:0x45:0x53:0x54:0x53
APPLET_AID=0x46:0x56:0x55:0x4c:0x4e:0x54:0x45:0x53:0x54:0x53:0x41:0x70:0x70
javac -g -source 1.3 -target 1.1  $PACKAGE/$APPLET
java com.sun.javacard.converter.Converter -nobanner -out CAP -exportpath $JC_HOME/api_export_files -applet $APPLET_AID $CLASS $PACKAGE $PACKAGE_AID 1.0 -i

verifyCAP.sh:

#!/bin/bash
export JC_HOME=./java_card_kit-2_2_1
export CLASSPATH=$JC_HOME/lib/apduio.jar:$JC_HOME/lib/apdutool.jar:$JC_HOME/lib/jcwde.jar:$JC_HOME/lib/converter.jar:$JC_HOME/lib/scriptgen.jar:$JC_HOME/lib/offcardverifier.jar:$JC_HOME/lib/api.jar:$JC_HOME/lib/capdump.jar:$JC_HOME/lib/:$JC_HOME/samples/classes:$CLASSPATH

export CAPP_PATH=./ValidApplet/javacard
export CAPP_NAME=ValidApplet.cap

java -classpath $JC_HOME/lib/offcardverifier.jar com.sun.javacard.offcardverifier.Verifier $JC_HOME/api_export_files/javacard/framework/javacard/framework.exp $JC_HOME/api_export_files/java/lang/javacard/lang.exp $JC_HOME/api_export_files/javacard/security/javacard/security.exp $CAPP_PATH/$CAPP_NAME

./ValidApplet/ValidApp.java:

package ValidApplet;

import javacard.framework.Applet;
import javacard.framework.APDU;
import javacard.framework.ISO7816;
import javacard.framework.ISOException;

public class ValidApp extends Applet //implements PIN
{
    final static byte TEST_CLA = (byte)0x77;

    public static class TestClassStatic {};

    protected ValidApp()
    {
        register();
    }

    public static void install(byte[] bArray, short bOffset, byte bLength)
    {
        new ValidApp();
    }

    public void process(APDU apdu)
    {
        byte buffer[] = apdu.getBuffer();

        try {
            if (buffer[ISO7816.OFFSET_CLA] == TEST_CLA) {
                test((byte)4, (short)2);
            } else {
                ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED);
            }
        } catch (ISOException e) {

        }
    }
}