move installation script to gradle with configurable parameters
This commit is contained in:
parent
91b4a96194
commit
5b231fb711
33
README.md
33
README.md
|
@ -1,14 +1,39 @@
|
|||
# JavaCard Hardware Wallet
|
||||
|
||||
Currently just a skeleton for the hardware wallet.
|
||||
|
||||
The .gpshell files are meant to be fed to GPShell. The statuswallet_install.gpshell file is actually dependent on the
|
||||
target hw. Currently it assumes that the default VISA AID and keys for the ISD are used, but the version number is 2.
|
||||
The status.im Hardware Wallet. At the moment Secure Channel and PIN management/verification are implemented.
|
||||
|
||||
The project is built using Gradle with the [Fidesmo Javacard Gradle plugin](https://github.com/fidesmo/gradle-javacard).
|
||||
You can set the JavaCard HOME not only through the environment but also creating a gradle.properties file with the
|
||||
property "com.fidesmo.gradle.javacard.home" set to the correct path.
|
||||
|
||||
Loading and installing the applet requires [gpshell](https://sourceforge.net/p/globalplatform/wiki/GPShell/) to be
|
||||
installed on the system. The gradle.properties file must contain the following properties
|
||||
|
||||
* im.status.gradle.gpshell = the path to the gpshell executable
|
||||
* im.status.gradle.gpshell.isd = the AID of the issuer security domain
|
||||
* im.status.gradle.gpshell.mac_key = the MAC key for the ISD
|
||||
* im.status.gradle.gpshell.enc_key = the ENC key for the ISD
|
||||
* im.status.gradle.gpshell.kek_key = the KEK key for the ISD
|
||||
* im.status.gradle.gpshell.kvn = the Key Version Number for the ISD
|
||||
|
||||
Testing is done with JUnit and performed on a real card. Although the tests are comprehensive, debugging is not easy
|
||||
because raw APDUs are not shown in the test log and there is no way to set breakpoints in the applet. Using a simulator
|
||||
like [jCardSim](https://github.com/licel/jcardsim) would make debugging easier but only a subset of bugs can be reliably
|
||||
found with this system. Code changes would be needed for tests to support jCardSim. The tests are run with the test task
|
||||
in gradle.
|
||||
|
||||
## Example gradle.properties file
|
||||
|
||||
```
|
||||
com.fidesmo.gradle.javacard.home=/home/username/javacard-2_2_2
|
||||
im.status.gradle.gpshell=/usr/local/bin/gpshell
|
||||
im.status.gradle.gpshell.isd=A000000003000000
|
||||
im.status.gradle.gpshell.mac_key=404142434445464748494a4b4c4d4e4f
|
||||
im.status.gradle.gpshell.enc_key=404142434445464748494a4b4c4d4e4f
|
||||
im.status.gradle.gpshell.kek_key=404142434445464748494a4b4c4d4e4f
|
||||
im.status.gradle.gpshell.kvn=2
|
||||
```
|
||||
|
||||
## Implementation notes
|
||||
|
||||
* This implementation will try to use only features available in JavaCard 2.2.2 for broader compatibility with existing
|
||||
|
|
24
build.gradle
24
build.gradle
|
@ -1,12 +1,15 @@
|
|||
apply plugin: 'javacard'
|
||||
apply plugin: 'org.junit.platform.gradle.plugin'
|
||||
|
||||
buildscript {
|
||||
repositories {
|
||||
maven { url 'http://releases.marmeladburk.fidesmo.com/' }
|
||||
mavenCentral()
|
||||
}
|
||||
|
||||
dependencies {
|
||||
classpath 'com.fidesmo:gradle-javacard:0.2.7'
|
||||
classpath 'org.junit.platform:junit-platform-gradle-plugin:1.0.0'
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -41,6 +44,27 @@ task wrapper(type: Wrapper) {
|
|||
gradleVersion = '2.10'
|
||||
}
|
||||
|
||||
task install(type: Exec) {
|
||||
def gpShellScript = """
|
||||
mode_211
|
||||
enable_trace
|
||||
establish_context
|
||||
card_connect
|
||||
select -AID ${project.properties['im.status.gradle.gpshell.isd']}
|
||||
open_sc -security 1 -keyind 0 -keyver ${project.properties['im.status.gradle.gpshell.kvn']} -mac_key ${project.properties['im.status.gradle.gpshell.mac_key']} -enc_key ${project.properties['im.status.gradle.gpshell.enc_key']} -kek_key ${project.properties['im.status.gradle.gpshell.kek_key']}
|
||||
send_apdu_nostop -sc 1 -APDU 80E400800E4F0C53746174757357616C6C6574
|
||||
install -file build/javacard/im/status/wallet/javacard/wallet.cap -AID 53746174757357616C6C6574417070 -instAID 53746174757357616C6C6574417070 -instParam 313233343536373839303132
|
||||
card_disconnect
|
||||
release_context
|
||||
"""
|
||||
|
||||
executable project.properties['im.status.gradle.gpshell']
|
||||
standardInput new ByteArrayInputStream(gpShellScript.getBytes("UTF-8"))
|
||||
}
|
||||
|
||||
tasks.install.dependsOn(convertJavacard)
|
||||
tasks.test.dependsOn(install)
|
||||
|
||||
compileTestJava {
|
||||
sourceCompatibility = 1.8
|
||||
targetCompatibility = 1.8
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
pushd scripts
|
||||
gpshell <statuswallet_install.gpshell
|
||||
popd
|
|
@ -1,10 +0,0 @@
|
|||
mode_211
|
||||
enable_trace
|
||||
establish_context
|
||||
card_connect
|
||||
select -AID A000000003000000
|
||||
open_sc -security 1 -keyind 0 -keyver 2 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f -kek_key 404142434445464748494a4b4c4d4e4f
|
||||
send_apdu_nostop -sc 1 -APDU 80E400800E4F0C53746174757357616C6C6574
|
||||
install -file ../build/javacard/im/status/wallet/javacard/wallet.cap -AID 53746174757357616C6C6574417070 -instAID 53746174757357616C6C6574417070 -instParam 313232343536373839303132
|
||||
card_disconnect
|
||||
release_context
|
Loading…
Reference in New Issue