Skip to Main Content

Java Card

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

How to verify DAP Verification from a customer's perspective

1881106Jan 23 2025

Hi,

I am writing and compiling a Java card applet. A distributor will be in charge of burning the .cap compiled applet into the cards.

I was able to

  1. generate an SSD with my public key in it.
  2. generate the signature of the applet with my private key.

I would like to

  1. provide the distributor with my public key, the cApplet's signature and the cApplet so they can create the custom SSD and then burn the cApplet it into the card.
  2. have a way for the customers to verify that the installed applet (by the distributor) is the very same applet we shipped to them.

I was thinking in a built-in verification mechanism inside the cApplet's code but I am not finding a reliable way to do it without tampering the chain of trust, meaning that the distributor could potentially mimic the behavior of the verification mechanism from within the compiled cApplet.

ideas are welcome, thanks!

Comments

Hiroshi Tonegawa May 31 2024

追加情報です。

リスナーからエラーメッセージでておりました。ただどうしたら良いのかわかりません。

そのlog(TNSLSNR.log)を添付しました。ここから原因、また対処法など解析できませんでしょうか?

大変困っております。よろしくお願いいたします。

TNSLSNR_496.log

1 - 1

Post Details

Added on Jan 23 2025
0 comments
74 views