In order to thank you for all members' support of our website, we are holding new events - Getting Free Samples by Paying Freight only.
Want to get free samples? Please check this post for more details.

The usage of PKI host application combined with PKIApplet in A40CR card

An ISO7816 compliant Java Card PKI applet.

Moderator: Ellisun

User avatar
JavaCardOS
Posts: 263
Joined: Thu Apr 30, 2015 12:00 pm
Points :2295
Contact:

The usage of PKI host application combined with PKIApplet in A40CR card

Post by JavaCardOS » Fri Jan 29, 2016 2:50 am

This PKI host application only communicates on the contact interface of the A40CR card.

Preparation:
    1.First, install JCIDE to configure Java Runtime Environment 1.8.
    2.Use pyApdutool to download the PKIApplet into A40CR card, install and select the applet.
    3.Go to the "lib" folder in your terminal/prompt window and enter "java -jar pkihost.jar" to start the PKI host application.

Using A40CR card create a PKI card
    1. Remove and insert A40CR card to connect again. the PKI host will automatically connect to A40CR card.
    2. Fill in the data in the first tab (Private Init tab). You need to load the three private keys and the four certificates. You can use the key files provided in the ".\javacardsign\files" folder.
    Note:
    >> The PUC has to be 8 bytes long and The PUC code lets you to unblock a forgotten PIN code.
    >> Setting the historical bytes of the ATR is optional.

    3. Through the "View" button to view the messages of certificate or private key.
    4. Click "Initialize Applet", and all the required data will be written to the A40CR card, you can see the following figure 001.

    5.After the applet is initialized successfully, the PKI card has been successfully created, you can use it.

    Note:The PKI card stores three user certificates, one CA certificate that was used to sign user certificates, and three corresponding user private keys: for authentication, signing, and decryption. These keys are used with signing, decrypting, and authentication.
User Administrator PIN set and verify

    In 'User Administration' tab, you can set a PIN for this PKI applet. Once you set the PIN, the following decrypt and sign operations you must enter the PIN to verify.

Load certificates from A40CR card
    In the certificates tab you can load all the certificates from the card and view it, and this is necessary to perform following operations later on, such as encryption, decryption, signature and authentication. The user certificates in our PKI applet are protected by a PIN, you will be asked every time.

    Note:
    If you don't load these certificates, the following operations will remind you "No User Decipher Certificate loaded".

Use the PKI card
    1. In the "Decrypt" tab you can encrypt and decrypt any data.
    Click "Encrypt Text..." or "Encrypt File..." button to encrypt data by PKI host. After encrypt successful, you can press "Decrypt" button to decrypt the data, which will appear in the "Result" box. In this process, you will be asked for a PIN, you can see the following figure 002.

    Note: The text/file is encrypted to cipher text by PKI host application, and cipher text is decrypted to plain text by A40CR card with PKI applet.

    2. The "Signature & Authentication" tab works in a similar way.
    Select the signature/encryption algorithm with the radio buttons, and enter the data to be signed or encrypted in "Data to be signed/encrypted" input box. Click the "Sign" button to sign/encrypt data, The result will appear in the "Signature" box, you can see the following figure 003.

    Here you can also verify the signature with using the card's certificate.

    3. The "Challenge" tab can be used to get challenge with any length generated by PKI card. This challenge can be used as a data to be signed in the signature tab.
You do not have the required permissions to view the files attached to this post. Please login first.

User avatar
UNKNwYSHSA
Posts: 630
Joined: Thu May 21, 2015 4:05 am
Points :3023
Contact:

Re: The usage of PKI host application combined with PKIApplet in A40CR card

Post by UNKNwYSHSA » Sat Jan 30, 2016 9:51 pm

Can you provide me one link to download this tool?
sense and simplicity

User avatar
JavaCardOS
Posts: 263
Joined: Thu Apr 30, 2015 12:00 pm
Points :2295
Contact:

Re: The usage of PKI host application combined with PKIApplet in A40CR card

Post by JavaCardOS » Mon Feb 01, 2016 2:53 am

UNKNwYSHSA wrote:Can you provide me one link to download this tool?


You can download this applet source code and tool from here.

hunterra
Posts: 1
Joined: Sat Apr 22, 2017 9:23 am
Points :36
Contact:

Re: The usage of PKI host application combined with PKIApplet in A40CR card

Post by hunterra » Fri Apr 28, 2017 5:39 am

hello, can you please share the source code of PKI host application?

User avatar
UNKNwYSHSA
Posts: 630
Joined: Thu May 21, 2015 4:05 am
Points :3023
Contact:

Re: The usage of PKI host application combined with PKIApplet in A40CR card

Post by UNKNwYSHSA » Fri Apr 28, 2017 6:11 am

The host application is not a opensource application.
sense and simplicity

ThePhoenyx
Posts: 41
Joined: Mon Jul 20, 2015 1:08 pm
Points :376
Contact:

Re: The usage of PKI host application combined with PKIApplet in A40CR card

Post by ThePhoenyx » Thu Jun 08, 2017 1:26 pm

Can you point us to a open source host program we can use with this? If not, it's not much use.
The world is full of stories;
And sometimes they permit themselves to be told.
~Cherokee Proverb

User avatar
UNKNwYSHSA
Posts: 630
Joined: Thu May 21, 2015 4:05 am
Points :3023
Contact:

Re: The usage of PKI host application combined with PKIApplet in A40CR card

Post by UNKNwYSHSA » Thu Jun 08, 2017 10:11 pm

ThePhoenyx wrote:Can you point us to a open source host program we can use with this? If not, it's not much use.


This is a java application, it can be decompiled to java source code. Maybe.
sense and simplicity

tay00000
Posts: 112
Joined: Tue Sep 27, 2016 10:58 am
Points :1498
Contact:

Re: The usage of PKI host application combined with PKIApplet in A40CR card

Post by tay00000 » Tue Jun 13, 2017 10:55 am

@ThePhoenyx
Do you have a special requirement for using the PKIApplet ?

Post Reply Previous topicNext topic

Who is online

Users browsing this forum: No registered users and 2 guests

JavaCard OS : Disclaimer