bertrandmartel / aram-applet

JavaCard implementation of GlobalPlatform Access Rule Application Master Applet
MIT License
29 stars 23 forks source link
javacard smartcard

ARAM Applet

Build Status Coverage Status

JavaCard implementation of Global Platform Access Rule Application Master (ARA-M) applet from Secure Element Access Control v1.0 specification.

What is this ?

ARA-M is an application (typically present on a SIM card) which manage access rules that are enforced by an Access Control Enforcer (typically present on Android device). The enforcer makes sure the rules from the ARAM are enforced. An access rule is composed of :

The Access Control enforcer will allow/deny a client application (for example an Android app) to send APDU to a SE applet based on these rules

More information : seek-for-android Access Control wiki

Features

Get Data

Store Data

Note

Setup

git clone git@github.com:bertrandmartel/aram-applet.git
cd aram-applet
git submodule update --init
./gradlew build
./gradlew installJavaCard

Tests

./gradlew test
./gradlew test -DtestMode=smartcard

Scripts

Install for personalization

gp -acr-list

Use GlobalPlatformPro to send store data via the Security Domain with install comand + install for personalization :

gp -acr-add -acr-rule 01 -app D2760001180002FF49502589C0019B18 -acr-hash 1FA8CC6CE448894C7011E23BCF56DB9BD9097432
gp -acr-delete -app D2760001180002FF49502589C0019B18 -acr-hash 1FA8CC6CE448894C7011E23BCF56DB9BD9097432

Raw APDU

./gradlew list

The following task send store data command raw apdu via GlobalPlatformPro (for add & delete) :

./gradlew store

or

./gradlew test --tests fr.bmartel.aram.AramTest.storeDataValid
./gradlew delete

or

./gradlew test --tests fr.bmartel.aram.AramTest.deleteByAid

License

The MIT License (MIT) Copyright (c) 2017 Bertrand Martel