Awesome
Curated list of JavaCard applications
The goal is to provide curated catalog of all open-source JavaCard applets and applications relevant for JavaCard development. The list is compiled by complete search for all GitHub, SourceForge and GitLab repositories with 'javacard.framework' keyword.
:point_up: | You are encouraged to contribute - please create a pull request and insert entry into suitable section lexicographically. Thank you! |
---|
The projects collected in this list were analyzed and published (June 2017) in Analysis of JavaCard open-source ecosystem and again in June 2023 in The adoption rate of JavaCard features by certified products and open-source projects. If you will find this list helpful, please consider citing our work as:
@inproceedings{2023-cardis-javacard,
title = {The adoption rate of JavaCard features by certified products and open-source projects },
author = {Zaoral, Lukas and Dufka, Antonin and Svenda, Petr},
booktitle = {Proceedings of the 22nd Smart Card Research and Advanced Application Conference, Lecture Notes in Computer Science, vol 14530},
doi = {10.1007/978-3-031-54409-5_9},
isbn = {978-3-031-54409-5},
pages = {169--189},
publisher = {Springer},
year = {2023}
}
Backup of listed repositories
As repositores are sometimes moved or removed, the fork of each repository under the virtual organization 'javacard-curated-list' is created. Try to find a repository there if the link doesn't work.
Format and notation
Project name [activity] <br> Short description, often taken from a project readme.md If is the project located on GitHub as primary project (not only source code in some subfolder), last commit date, number of contributors and number of stars received is retrieved directly from GitHub. Otherwise, source like SourceForge or BitBucket is signalized with manual last commit date entry.
Contents
- Applets (standalone applications)
- Library code (code which is expected to be used as part of other code)
- Developer tools
- JavaCard simulators and emulators
- Learning (various school projects, simple hello world applets, etc)
- Unsorted
Applets (standalone applications)
Electronic passports and citizen ID
-
Belgian-e-id applet <br> Belgian e-id applet
-
Electronic Driving License (GitHub) [last commit 2015] <br> A reference implementation of the ISO18013 standards. Based on the passport applet code developed by the JMRTD team. The project implements the host API for reading out ISO compliant electronic driving licenses and a Java Card applet that implements the standard on a smart card.
-
EstEID compatible JavaCard applets <br> Various JavaCard applets compatible to EstEID chip protocol: FakeEstEID, MyEstEID
-
FedICT Quick-Key Toolset (GitHub) [last commit 2011] <br> EidCard project
-
IdentityCard applet (GitHub) [last commit 2017] <br> Vrije University Brussels applet (be.msec.smartcard.IdentityCard.java) with authentication, identity metadata storage and retrieval and time update functionality.
-
InfinitEID <br> JavaCard applet designed to work with Web-eID project which enables usage of European Union electronic identity (eID) smart cards for secure authentication and digital signing of documents on the web using public-key cryptography.
-
JMRTD: Machine Readable Travel Documents (SourceForge) [last commit 2017] <br> Free implementation of the MRTD (Machine Readable Travel Documents) standards as set by ICAO used in the ePassport. Consists of an API for card terminal software and a Java Card applet.
-
JMRTD applet without EAC support <br> Fork of JMRTD electronic passport applet without EAC support. The target device for this project is G+D SmartCafe Expert 144k Dual.
-
SIC eID card <br> A privacy-friendly alternative for the Belgian eID card. The project aims to improve security of Belgian ID holders by limiting the current extensive exposure of their profiles. To do so, we build an alternative ID card which limits service providers to strickly necessary ID holder profile information.
Authentication and access control
-
Biometric Authentication <br> Fuzzy extractor to authenticate with biometric data
-
CoolKey Applet <br> CoolKey Applet with the idea of making it a fresh JavaCard 2.2.2 applet meant to be revival of CardEdge Muscle card applet.
-
FIDO2 Applet <br> A feature-complete MIT-licensed implementation of the FIDO2 CTAP2.1 authenticator standard. Passes the official FIDO compatibility test suite. As is required by CTAP, also implements U2F.
-
FIDO CCU2F Applet <br> This CCU2F JavaCard Applet is based on the Ledger U2F Applet. I imported this applet to Eclipse with installed JCOP Tools and modified the AID of this applet to the standardized AID for FIDO NFC token ( 0xA0000006472F0001). I also provided some example data ([Attestation Certificate and Key](u2f-javacard/U2F Example Attestation Certificate and Key Bytes.txt)) to bring this applet to run. This Applet was succesfully tested on JCOP v2.4.2 R3 cards with KeyAgreementX.ALG_EC_SVDP_DH_PLAIN_XY from NXPs JCOP library for EC Point Multiplication.
-
FIDO de.fac2 Applet <br> de.fac2 is a Javacard applet which implements a Fido U2F token. It was designed and implemented based on the Common Criteria Protection Profile BSI-CC-PP-0096-V3-2018 "FIDO Universal Second Factor (U2F) Authenticator Version 3".
-
Generic Identity Device Specification Applet <br> Generic Identity Device Specification (GIDS) smart card is the only PKI smart card whose driver is integrated on each Windows since Windows 7 SP1 and which can be used read and write. No Windows driver installation is required. Based on ISOApplet PKI
-
Generic Identity Device Applet (JavaCardOS) <br> GidsApp is a javacard applet which was developed according the specification GIDS 2.0 (Generic Identity Device Specification).This project is based on GidsApplet (above). It provides a generic identity command set for interaction with smart cards that are used for identity applications.
-
HOTP authenticator via NDEF tag <br> JavaCard HMAC-based One Time Password generator which delivers new code via URL tag of NDEF every time the card is put close to NFC-enabled phone. As the Android (and soon also iOS) handles the NDEF tags natively, no additional software is required (after initial card personalization with OTP secret key).
-
ISOApplet PKI <br> A Java Card PKI Applet aiming to be ISO 7816 compliant. The Applet is capable of saving a PKCS#15 file structure and performing PKI related operations using the private key, such as signing or decrypting. Private keys can be generated directly on the smartcard or imported from the host computer. The import of private keys is disabled in the default security configuration.
-
Android Identity Credential HAL JCICStoreApplet <br> Javacard Implementation for the Android Identity Credential HAL
-
Ledger U2F Applet <br> This applet is a Java Card implementation of the FIDO Alliance U2F standard. It uses no proprietary vendor API and is freely available on Ledger Unplugged and for a small fee on other Fidesmo devices through Fidesmo store.
-
Ledger U2F Applet Fork <br> This applet is a Fork of Ledger U2F repository with some changes. At first, in the releases a compiled source is available along with a script for GpPro tool to both instal and personalise the applet. Secondly, a proprietary APDU was changed from
F0
CLA to80
. All personalisation APDU on other ledger forks threw6881
, but the80
CLA personalisation succeeded. The repository also claims to support iOS. -
MuscleApplet <br> Significant, but outdated applet used for OpenSC. Superseeded by PKCS#15 and PIV standards.
-
OneCard <br> radiius.com Radiius applet, applet seems to be just starting to implement required functionality as per specification. Originally from https://github.com/SharkyHarky/OneCard, but repository was moved.
-
OpenFIPS201 PIV applet <br> Personal Identity Verification (PIV) applet. Commissioned and funded by the Australian Department of Defence
-
ORWL KeyFob applets <br> Contains applets for KeyFOB NFC Secure Element for performing association, authentication and identification. Relates to ORWL secure computer.
-
OTP client and server applets <br> This is proof-of-concept implementation of One Time password JavaCard STK applet and authentication server. Load JavaCard applet to SIM card and use STK menu.
-
PinSentry-OTP for Barclays PinSentry device <br> A Javacard applet to provide an OTP (One Time Password) implementation which can be used in conjunction with a Barclays PinSentry device.
-
PIV applet <br> Personal Identity Verification (PIV) applet (NIST SP 800-73-4). Target is JavaCard 2.2.2, with 2-3k of transient memory.
-
PIV CryptonitApplet <br> Personal Identity Verification (PIV) applet
-
PKCS#15 applet [REMOVED, last commit 2015] <br> Implementation of card according to RSA PKCS#15 specification. (seems like extensive implementation, but fails to convert under ant-javacard so far)
-
PKI applet [REMOVED, last commit 2016] <br> (extensive PKI applet, requires JavaCard 3.0.5)
-
SMPC RSA (Smart-ID) <br> The implementation of the adapted Smart-ID scheme for smart cards. Performs 2-of-2 RSA signature using secure multiparty computation.
-
SSH support applet (GitHub) [last commit 2007] <br> Old, but widely copied applet performing RSA decrypt on card and used by SSH client
-
SIMple ID <br> SIMple ID: QR codes for authentication on basic and feature phones. Using Java Card 3.0.4+ applet which generates and displays QR codes for authentication using (almost*) the standard SIM ToolKit (STK) API. The itention is to permit low-cost, basic and feature phones (e.g., Jio) to offer SIM-secured authentication modes based on QR codes.
-
Trusted Identity Module <br> A local smartphone module acting as an OpenID Connect Server proxy and delivers trusted tokens to installed native applications. The TIM improves the user experience with single sign on, security and privacy enhancement. The Trusted Identity Module project is a set of four projects: an Android service (tim_service), a JAVA Card Service (TimCardlet), a modified OpenID Connect Server (phpOpTim) and a basic Android TIM-Client app enabling to test the TIM services (HelloTim). The OIDC-TIM server is based on an open source implementation of OpenID Connect in PHP by Nomura Research Institute, Ltd. Seems to be extensive and well documented.
-
U2FToken <br> An U2F Token implementation based on Ledger U2F Applet which cannot pass the NFC self-conformance test in the phase: "U2F_REGISTER, Short APDU, Change BlockSize", as it doesn't handle the situation which Le(BlockSize) is not 256 bytes.)
-
YkOtpApplet - OTP applet <br> Javacard applet emulating the Yubikey challenge-response interface
-
YkOtpApplet - VivoKey fork <br> This is a JavaCard applet that emulates the HMAC challenge-response functionality of the Yubikey NEO/4/5. It presents the same interface that a real Yubikey presents over CCID (i.e. this applet does not have any HID features). The goal is to be able to write applications that use the HMAC-SHA1 Challenge-Response mode of the Yubikey, and have a JavaCard with this applet be a drop-in replacement.
-
YubiKey NEO App: OATH <br> This project implement the HOTP/TOTP card functionality used on the YubiKey NEO device that is sold by Yubico. Its primary use is to use the YubiKey NEO to generate OATH HOTP/TOTP one-time-passwords. GPLv3+
-
Yubikey Neo One Time Pad <br> This project has been submitted to the YubiKing 2015 Hackathon. Yubisec is an implementation of a One Time Pad for secure communication between two Android phones using keys stored and generated on YubiKey Neo tokens.
Payments and loyalty
-
AppSecure <br> AppSecure uses Gemalto's eGate smart card framework to enforce pay as you go services for Win32 applications. This entry made it to the pre-final round of Gemalto's eGate Open Contest in 2004
-
E-Purse <br> just started, unifinished (04/2017)
-
EMV card simulator <br> JavaCard implementation of an EMV card for payment terminal functional and security testing.
-
EMV-TOOLS <br> Collection of source code for many EMV-related projects: SimpleEMVApplet, java-card-openEMV, card-spy, emvdemoBook, emv-bertlv...
-
EMVCAP <br> This tool emulates an EMV-CAP device, to illustrate the article "Banque en ligne : a la decouverte d'EMV-CAP" published in MISC, issue #56.
-
Gemplus Purse applet <br> Static analysis of java code applied to example of very old Gemplus Purse applet
-
JavaCard Wallet <br> Client/Server application of an electronic wallet (Pin, Storage, control, payment..)
-
Loyalty Card Applet <br> Loyalty Card System based on a Java Card featuring a smart card and a terminal. This is a system that allows customers to get credits by shopping in the same store repeatedly. Customers can spend credits to buy products in the store.
-
Mobile banking applet via STK <br> Mobile banking solution using SIM Toolkit
-
OpenEMV <br> The OpenEMV is a Java Card implementation of the EMV standard. This applet is a very basic EMV applet supporting only SDA and plaintext offline PIN.It does not offer personalisation support - everything is hard-coded.
-
EMV Applet for Javacard 2.2.1 <br> This is a fully working EMV applet for javacard 2.2.1. It does not offer personalisation support - everything is hard-coded. Contains some custom feature commands. Unfortunately, no personalization commands are implemented (use ArrayEdit or modify code manually). This applet was stitched using source code from all over the internet and a lot of dev's code. The Crypto.java file is of unknown origin, was entirely made by another person.
-
PayPass applet <br> Javacard Applet for functioning paypass credential. The javacard code included will answer to any reader that requests MasterCard PayPass contactless cards.
-
PayPass, VisaMSD, MMPP applets <br> This repository contains multiple card applet/card agent examples for using on simplytapp, GPL to v1.2.1. Originally from https://github.com/SimplyTapp/CardExamples, but repository was removed.
-
PBOC3Applet <br> payment applet
-
Simple Wallet <br> This is a simple wallet simply maintains a running account balance allowing you to credit, debit, or review the current balance of the wallet. This is simply for pure demonstration on various wearable technologies where a javacard secure element is available.
Key and password managers
-
CryptSetup JavaCard Key Manager <br> A JavaCard key manager for Cryptsetup. School project, but well documented and extensive
-
HydraMultiKeySystem applet <br> A more efficient version of Microsoft's Double Key Encryption System.
-
Java Card OpenPGP Card <br> This is a Java Card implementation of the OpenPGP smart card specifications.
-
JavaCardKeymaster <br> JavaCard implementation of the Android Keymaster 4.1 HAL (most of the specification is in the Android Keymaster 4.0 HAL), intended for creation of StrongBox Keymaster instances to support the Android Hardware-backed Keystore.
-
JCPasswordManager <br> JavaCard Password Manager is a java applet used to create and securely store a strong password used with the steganography app created by. School project, but well documented.
-
KeepassNFCApplet <br> KeepassNFC is a applet in javacard platform that can protect the secret key of KeePass database.
-
OMNI Key-Ring <br> A hobby project for OMNI ring. It's a programmable javacard NFC ring, which I plan to program as a secure password storage.
-
Password manager <br> Password manager for javacards. Tested on J3A081 card.
-
SIM Password Manager <br> Android password manager app that implements password encryption inside a secure element (SE). Can only run on a device that supports the Open Mobile API (aka SmartCardService). Requires associated Java Card applet to be loaded in the SE (SIM card or embedded SE) in advance.
-
SIM password store <br> SIM toolkit application allowing storage and retrieval of the logins and passwords by SMS in a secure way. It demonstates how to develop a SIM toolkit application that can securely store and manage information on the SIM and communcate with an external world via SMS.
-
SIM password wallet <br> Android application interacting with a JavaCard applet installed on SIM card.
-
Smartcard crypto applet <br> This repository constains the same source code ( -Februrary 2020- ) as the repository listed above (KeepassNFCApplet)
-
TrueCrypt password storage applet <br> Using TrueCrypt with a JavaCard. The app stores the user container passwords on a SmartCard and automatically loads the passwords from it to the choosen Containers. The user just remember a four digit PIN to access the SmartCard. Additionally I've implented an password-share methode. The user is able to share passwords with previous stored PublicKeys (RSA 2048 Bit). The private key is generated during the of the card and don't leave this.
Digital signing, OpenPGP and mail security
-
ANSSI-FR SmartPGP applet <br> SmartPGP is a free and open source implementation of the OpenPGP card 3.x specification in JavaCard. The main improvement introduced in OpenPGP card 3.x specification from previous version is the support of elliptic curve cryptography with several existing curves (NIST P-256, NIST P-384, NIST P-521, brainpool p256r1, brainpool p384r1 and brainpool p512r1). The SmartPGP Card applet is typically used through GnuPG.
-
FluffyPGP applet <br> The FluffyPGP Applet implements the OpenGPG Card v 2.0.1 specification without using secure channels or Global Platform for portability. GPL3
-
JCOpenPGP (SourceForge) [last commit 2016] <br> Aim of this project is to create JavaCard applet implementing Functional Specification of the OpenPGP application on ISO Smart Card Operating Systems.
-
NeoPGP applet <br> NeoPGP is a free and open souce Java card applet which implements the OpenPGP 3.4.1 specification. It aims to be robust, lightweight (in a sense of RAM consumption) and highly configurable. The applet supports ECC as well as RSA keys.
-
Secure multi-party signatures Myst <br> Secure multiparty Schnorr-based EC signatures implemented without proprietary ECPoint API.
-
SigAnima <br> SigAnima is an JavaCard ECDSA signing applet. This applet is based on the javacardsign applet from Wojciech Mostowski . The applet supports the following standardized EC domain parameters: secp224r1, BrainpoolP224r1, secp256r1, BrainpoolP256r1, BrainpoolP320r1.
-
Virtual KeyCard applet <br> This software system allows you to decrypt and sign your e-mails with your smartphone instead of using a contactless smartcard. The smartphone communicates with your PC via NFC (as a contactless smartcard would). bachelor's thesis. Warning: This is just proof-of-concept code and should NOT be used in production environments. <br> The repository contains only CardEdge applet but it is not the applet development repository. Main purpose of this repo is to run card simulator inside a smartphone; the applet is just used here.
-
Yubico OpenPGP applet <br> This project implement the OpenPGP card functionality used on the YubiKey NEO device. This project is based on the Java Card OpenPGP Card project made by Joeri de Ruiter. The OpenPGP Card applet is typically used through GnuPG.
e-Health
-
EGKfeuer <br> A project to read the German health insurance card (Elektronische Gesundheitskarte (EGK)), transform the read data to FHIR@copy; ressources, and send them to a choosable FHIR Endpoint. <b>This repository does not contain an applet, it is only client tool.</b>
-
Electronic health card <br> eHealth card implementation
-
HealthCard: JavaCard + JML specs (SourceForge) [last commit 2014] <br> Prototype of a Java Card application for smart cards and its client application. It was developed with the support of JML (Java Modeling Language) used to formally specify the requirements for developing the HealthCard application in Java Card.
NDEF tags
-
JavaCard NDEF Applet <br> This project contains a JavaCard applet acting as an NFC NDEF Tag. It is intended as a convenience applet, allowing storage of an NDEF record on a smartcard to direct the user to a relevant host-device application, such as a smartphone app related to the card or a web page for which the card serves as an authorization token. Data can be preloaded at install time using standards-compliant methods so that this generic applet can be used in different use cases without modification.
-
JavaCard NDEF application <br> JavaCard applet for speaking NDEF. Implementation of the NDEF Nfc-Forum specification for JavaCard 2.2.1. The aim is to support sending of urls to smartphones, and provoiding only compile time writeability.
-
Pico NDEF Applet (GitHub) [last commit 2017] <br>
CryptoCurrency wallets
-
Bitcoin wallet <br> BitcoinWallet is a Bitcoin Hardware Wallet implementation. It is based on the project Ledger Wallet and can be run on JavaCard platform with JCRE version 3.0.x above.
-
Ledger Bitcoin Hardware Wallet <br> This applet is an implementation of the Ledger Wallet Hardware Wallet specification emulating an NFC Forum Type 4 tag to display the second factor, with specific extensions. <br> <b>This project is DISCONTINUED according to issues section.</b>. Derived project can be found here.
-
Lamassu card <br> Very simple applet used by Lamassu Bitcoin machines to sign transaction with ECDSA. Originally from https://github.com/lamassu/ssu-card/, but removed.
-
SatoChip Bitcoin applet <br> SatoChip stands for Secure Anonymous Trustless and Open Chip. It is a javacard applet that can be used as a secure hardware wallet running for example on a Yubikey Neo. The SatoChip has full BIP32 supports but due to technical limitations on current javacards, hardened keys (i.e. child keys using indices 2^31 through 2^32-1) are derived much faster than normal keys.
-
SatoChip Seedkeeper-Applet <br> Open source javacard applet implementing a secure vault. Store your most precious secrets, including seeds, masterseed and others inside a secure chip, protected by a PIN code.
-
SlimDuet wallet applet <br> This is a sample Applet based on the Java Card standard platform that combines a cold wallet with a BIP. Usable for Taisys SIMoME card.
-
SecureBitcoinWalletJavaCardApplet <br> This project is the JavaCard applet for the Secure Bitcoin Wallet App.
-
Specter-DIY Bitcoin wallet applets <br> This is a collection of JavaCardOS applets for Specter-DIY secrets storage for use by Specter Bitcoin multisignature wallet.
-
Status KeyCard <br> Keycard is a an implementation of a BIP-32 HD wallet running on Javacard 3.0.4+. Supports among others key generation, derivation and signing, exporting keys defined in the context of EIP-1581, card duplicationand setting up a NFC NDEF tag.
Emulation of some proprietary cards
-
DESFire applet <br> reimplementation of DESFire card - master's thesis proof of concept
-
Gauss Key Card <br> Gauss Key Card is a Java Card applet that implements the minimal working subset of the Tesla Key Card Protocol. Supported Java Card implementations that load this application will be able to be paired with a compatible vehicle and subsequently unlock, start, or lock the vehicle in the same way you would with an official key card.
-
IllegalSecurityChip <br> An APDU layer emulator for the secure element found in PS4 officially licensed peripherals. It tries to be legal unlike its name suggests.
-
JavaCard DESFire emulation <br> Emulation of DESFire card
-
MobileEDEPV3 (GitHub) [last commit 2016] <br> JC emulation of some Chinese card?
-
TAG 4 emulation <br> This is an implementation of a TAG 4 for emulation
Mobile telephony (SIM)
-
LiteID-SimApp <br> A Sim Application client for LiteID
-
Mobile-ID USAT applet [REMOVED, last commit 2017] <br> The Remarc Mobile-ID USAT applet this is a JavaCard applet with USIM Application Toolkit menu support. Basic functions of the Remarc Mobile-ID SAT applet: Authentication function; Signing function; Changing PIN1/PIN2; Changing PUK; Unblock PIN1/PIN2; View information - in a USAT menu is present a menu item with information of PIN usage
-
sim-applet-sms-im-alive <br> JavaCard SIM card applet to deliver an SMS very the first time the SIM registers in the GSM/GPRS network
-
sim-applet-apn-autoconf <br> JavaCard SIM card applet to configure a PDP Context with a correct APN via RUN AT proactive command. Modems are configured by AT commands. The card application toolkit standard has a mechanism to send AT COMMANDS from the SIM card. The purpose of this applet is to configure an APN by sending AT commands from the SIM card.
-
sim-applet-data-heartbeat <br> JavaCard SIM card applet to monitor the status of data connectivity over-the-air. GSM SIM cards can realize about the status of network regitration (see "Location Status" ETSII TS 102.223. What a SIM cannot realize is whether the data connection has been correctly acquired or not). This projects aim to deliver a "hello-im-alive" heart-beat-kind message to a remote server with the content of a Location Status message.
-
STKApplet <br> SIM Toolkit Applet
-
UPSC framework <br> Identity and the security of data transmission is very critical for the success of these e-services. SIM cards might take an important role as a security service provider. They have been used for so many years to preserve the security keys(Ki) and algorithms (A3A8) for authenticating and encrypting the data. Within this project, the international consortium will try to implement a software framework on both the mobile terminal and SIM card that expose the required security functions to popular e-services like Mobile commerce, Financial transactions, Data Encryption, Secure Cloud Storage and Mobile Identity.
Unsorted applications
-
E-Voting applet <br> EVIV is a highly sound End-to-end Verifiable Internet Voting system, which offers full voter’s mobility and preserves the voter’s privacy from the vote casting PC even if the voter votes from a public PC, such as a PC at a cybercafe ́ or at a public library.
-
javacard-petrol-rationing [REMOVED, last commit 2014] <br> Applet for security of Petrol rationing, including design documents, Radboud University, Hardware Security course, JavaCard project
-
LicenseCardApp <br> applet handling license usage counters and relevant stuff (no documentation)
-
MQTT-SCACAuth: Message Queuing Telemetry Transport (MQTT) protocol for SC <br> Security Method for the Message Queuing Telemetry Transport (MQTT) protocol for Internet of Things (IoT). Additional message protection implemented on smartcards,
SCACAuth_Applets_v2 folder contains the eclipse project for create the applet for JavaCard 3.0.4 -
Prototype firmware for the Trusted Execution Module (TEM) <br> Prototype firmware for the Trusted Execution Module (TEM). The firmware is a JavaCard applet, and it can turn any capable JavaCard into a TEM.
-
Secure-Storage-and-Erasure <br> This is an open source prototype of Secure Storage and Erasure (SSE) System, including both the JavaCard and host programs.
-
SmartMeterIQ <br> The main concern with Smart Meters is the granularity of the data which enables physical and behavioral analysis of the consumer in terms of the brand and make of devices installed and their house hold activities (like when do they wake up, when they are not at home). We propose using Java Card platform as it is a natural fit and is designed to be tamper-proof and secure. In addition, we explore using advanced cryptography techniques such as Zero Knowledge Proof of Knowledge (using Pedersen Commitments) to enable the Utility Supplier to trust the data it is getting from the central device.
-
smartleia-target-applet <br> Smartleia target applet for testing APDUs and cryptography. Likely to be used with LEIA Smart Reader and side channel testing device.
-
T101-Devhub <br> Set of javacard applets like PGP, OTP, password manager, Satochip (T101-Devhub/Samples/) to run on ThothTrust THETAKey T101 card
-
TPM2 applet <br> The project aims to implement basic TPM2 functionalities for smart cards that run Java Card. Currently, this implementation supports : TPM_Startup, TPM_StartAuthSession, TPM_PCR_Extend, TPM_PCR_Read, TPM_PCR_Reset, TPM_ReadPublic, TPM_GetRandom
-
Wookey Javacard applets <br> Set of javacard applets for the WooKey project: authentication, DFU and signature tokens to run with the WooKey, a secure and trusted USB mass storage device featuring user data encryption and strong user authentication, with fully open source and open hardware foundations, developed by ANSSI.
Library code (code which is expected to be used as part of other code)
-
ACORN, AEGIS, ASCON, CLOC, and MORUS AEAD ciphers <br> Optimalized implementation of 5 selected candidates for authenticated encryption from CAESAR competition
-
AES, OAEP, SHA2-384 and SHA2-512 JC reimplementation, <br> The Suite of software reimplementations of selected cryptographic algorithms potentially missing on your smartcard with JavaCard platform. Optimized for speed and small memory footprint.
-
Audit TTP SmartCard-Based ElGamal Cryptosystem <br> TTP SmartCard-Based ElGamal Cryptosystem Using Threshold Scheme for Electronic Elections. EU Project.
-
Curve25519 jc implementation <br> Javacard implementation of Curve25519, JavaCard 3.0.1 or higher (currently developed on J2D081)
-
EC-SRP-5 password-authenticated secure channel <br> An implementation of the elliptic curve variant of the Secure Remote Password (SRP-5) password-authenticated secure channel protocol from IEEE Std 1363.2-2008 for secure channel to secure elements/smartcards. Utilizes NXP proprietary API.
-
ElGamal-based Threshold Scheme for Electronic Elections <br> TTP SmartCard-Based ElGamal Cryptosystem Using Threshold Scheme for Electronic Elections. EU Project CRISES group has studied the feasibility of developing ElGamal cryptosystem and Shamir’s secret sharing scheme into JavaCards, whose API gives no support for it. (probably significant applet).
-
Export files for ETSI/3GPP APIs <br> ETSI/3GPP standards specify various JavaCard APIs related to SIM cards. This repository contains the export files for many of these APIs. It has been created as a dependency submodule for packages using these APIs.
-
GlobalPlatform SCP11B Secure Channel protocol <br> Implementation of GlobalPlatform SCP11B Secure Channel protocol and Java Test Client
-
Hashchain applet <br> Implementation of some hash chain
-
HMAC and CMAC computation (GitHub) [last commit 2014] <br> This Java Card applet support APDUs to test HMAC (SHA-1, SHA-256) and CMAC (AES-128). It uses Java Card 2.2.2.
-
Java Card Synchronization Framework <br> The main goal of this framework is to synchronize Java Card 2 applets through the exchange of ciphered APDUs. The current state of the framework is lacking in many ways and requires more works to be fully functional. However it can serve as a proof of concept for the synchronization of applet data in a secure fashion in a pure Java Card 2 setting (i.e.: without tweaking the Java Card VM).
-
JavaCard ChaCha20 implementation <br> 32-bit JavaCard based ChaCha20 stream cipher optimized for JavaCard environment with 32-bit Integer support
-
JavaCard Connect <br> JavaCard Connect is a framework which provides an implementation of a secure communication protocol in conformance with the Global Platform Card Specification. It allows to establish a secure channel between an off-card entity and a card.
-
JCEd25519 <br> JCEd25519 is a JavaCard implementation of Ed25519 signing using public JavaCard API. The implementation uses (modified) JCMathLib library to perform necessary operations like EC and BigInt arithmetic. And in case SHA512 is not supported by given JavaCard, its software re-implementation is used.
-
JCMathLib - ECPoint library <br> Provides software re-implementation of low-level operations like ECPoint or BigInteger without any use of proprietary API.
-
JC-SSRK: Sharded Secret Key Reconstruction (SSKR) <br> An implementation of Sharded Secret Key Reconstruction (SSKR) for JavaCard environments.
-
JavaCardLightweightCiphers <br> Implementations JavaCard lightweight ciphers implementations (SHA3, UProve, Twine, ZorroCipher)
-
LibESE Android verified boot <br> Minimal transport wrapper for communicating with embedded secure elements on Android
-
OPACITY auth protocol for JC <br> This project is designed to authenticate users to the Web service using contactless smart cards. As an authentication protocol was chosen protocol OPACITY. This protocol has been specifically designed for contactless payments and it is officially registered now as an authentication protocol ISO/IEC 24727-6.
-
OpenTLSSec <br> Open source java card library for TLS secured communication under GPL v3. (Seems like significant project)
-
Primitives for JavaCard <br> JBigInteger, JCMath, SHA3, UProve...
-
Protocol for Lightweight Authentication of Identity (PLAID) (GitHub) [last commit 2015] <br> Protocol for Lightweight Authentication of Identity PLAID, Australian Government
-
SCP10 secure channel and attack <br> Implementation of GlobalPlatform SCP'10 secure channel protocol, PoC attacks against it and fixed version.
-
Sec2 cloud security project <br> message-level security must at least be applied to protect those data during and after the storing process. Novel solution for secure data storage in the cloud. It presents a security concept allowing each client to encrypt outgoing data on one’s mobile device and share it among a defined user group while using a seamless service provision. J. Somorovsky, research proof of the concept
-
Secure Element Evaluation Kit for the Android platform <br> SmartCard API for Android. The SmartCard API adds the necessary modules and API’s to the Android platform. It offers flexible access to secure elements, allowing a secure application solution to make use of any secure form factor, such as a USIM card, a secure µSD card, an embedded secure element.
-
Self-Blindable credentials <br> Java Card implementation of Self-Blindable credentials
-
SHA3, PBKDF2, TWINE, Zorro, ACORN, AEGIS, ASCON, CLOC, and MORUS AEAD ciphers implementation <br> Optimalized implementation of AEGIS, ACORN, ASCON, CLOC, MORUS (Authenticated Encryption), TWINE, Zorro (Block Ciphers), SHA-3 (Message Digest) and PBKDF2 (Key derivation)
-
SmartCardTLS <br> Client implementation of TLS 1.0 in Java Card (tested with Gmail mobile (lightweight version) with the card G&D SmartCafe 3.2)
-
SRP-6a password-authenticated secure channel <br> Java Card applet for SRP-6a password-authenticated secure channel to secure elements/smartcards. This Java Card applet is an implementation of the Secure Remote Password (SRP-6a) password-authenticated secure channel protocol by Wu [1]. In combination with an implementation of an off-card application, such as an Android application using our SRP-6A Android Library, you can establish a secure communication channel that is mutually authenticated with a PIN or password.
-
TelephonyManager Carrier Privilege granting <br> Since Android 5.1, applications are able to communicate with UICC using the class TelephonyManager. However, the concerned functions require a special privilege, that is the carrier privilege. This JavaCard applet grants this privilege to the app whose signature is included inside the applet (the variable SHA256_SIGN)
-
ykneo-curves <br> This is an applet demonstrating several curves for use in YubiKey NEO.
Developer tools
Applet build, upload and management
-
"Allow all" ARA-M <br> GlobalPlatform dummy ARA applet to grant full access
-
Ant-JavaCard <br> Easy to use Ant task for building JavaCard CAP files in a declarative way.
-
CAP File Manipulation (BitBucket) [last commit 2012] <br> A Java Card CAP file parser.
-
capfile handling tool <br> Handle JavaCard CAP files, from command line or Java project. Cap file parsing, signing, displaying metadata....
-
Card2Jar <br> A converter for converting Java Card CAP files to JAR files. Currently this is just a handy wrapper around the JCDK3.0.4_ClassicEdition SDK distribution's normalizer utility. It is subject to all the same caveats as the normalizer.bat interface (must have export EXP file and must be a Java Card 2.2.2 or lower applet).
-
ExpParser (SourceForge) [last commit 2008] <br> Parser for JavaCard export files (*.exp) - display content in human-readable form
-
GlobalPlatform export files <br> All export files for GlobalPlatform APIs
-
GlobalPlatform / GPShell <br> Command line tool and C library for managing smart cards following the GlobalPlatform card specification.
-
GlobalPlatformPro tool <br> Mature tool for managing applets via GlobalPlatform
-
GlobalPlatform Open Mobile API (OMAPI) tests <br> Large set of test applets for GlobalPlatform Open Mobile API (OMAPI).
-
JavaCard debugging toolkit <br> JCDebug is a JavaCard debugging toolkit. A simple command line tools that instruments JavaCard applets to offer debugging and inspection services directly on the target plateform. Potentially significant project, needs closer look
-
JCProfiler: JavaCard performance profiler <br> Performance profiler for Java Card code. Automatically inserts special execution interruption "traps" into applet code, repeatedly execute target operation and measures time differences between traps. Annotates code with measured time.
-
JCProfilerNext: JavaCard performance profiler <br> Performance profiler for Java Card code. JCProfilerNext is a complete rewrite of OpenCryptoProject/JCProfiler that provides a completely automated preprocessing, compilation, installation and profiling of JavaCard code on JavaCard smart cards or in the jCardSim simulator. Automatically inserts special execution interruption "traps" into applet code, repeatedly execute target operation and measures time differences between traps. Annotates code with measured time. Produces interactive performance graphs.
-
JCUnit - JavaCard unit testing <br> Unit testing framework for JavaCard. JCUnit provides an Assertion facility, similar to that of JUnit. The main difference is how JCUnit reports the line number of the error.
-
OPAL - GlobalPlatform lib (BitBucket) [last commit 2015] <br> A GlobalPlatform Java Library. OPAL implements several authentication, encryption and transfer protocols for smart card. This tool has been developped by the SSD Research Team (XLIM Labs, University of Limoges, France).
-
Real ARA-M <br> A "real" ARA-M applet that doesn't just do Allow-all but offers a fairly complete implementation of the Secure Element Access Control v1.0 specification.
-
Smart-Card-Tool-pyResMan (SourceForge) [last commit 2017] <br> pyResMan is a free open source smartcard tool for JavaCard and other smart card. It can be used to send APDU(s), execute APDU script(s); It can be used to debug ISO14443 protocol commands and Mifare commands with R502 SPY reader; It can also be used to manage resource of GP card. It is based on pyScard and GlobalPlatform open source projects.
-
Sun/Oracle JavaCard SDK binaries <br> Oracle JavaCard SDK-s for using as a Git submodule for ant-javacard projects.
Card capabilities testing (algorithms support, performance, security issues)
-
CardPeek <br> Cardpeek is a Linux/Windows/Mac OS X tool to read the contents of ISO7816 smart cards. It features a GTK GUI to represent card data in a tree view, and is extendable with a scripting language (LUA). The goal of this project is to allow smart card owners to be better informed about what type of personal information is stored in these devices.
-
ECTester <br> Tester of Eliptic curves support and behavior (TYPE_EC_FP and TYPE_EC_F2M) on smartcards with JavaCard platform.
-
HandlerTest <br> L. Rousseau PCSCLite reader test : This program send commands to a card through the reader.
-
JCAlgTest <br> Automated testing tool for algorithms from JavaCard API supported by particular smart card. Performance testing of almost all available methods. The results for more than 60+ cards available at https://jcalgtest.org.
-
JCOSTestKit stars <br> JCOS testing kit platform with modular plugin capability. Possibly alternative approach to JCAlgTest allowing for finer definition of the operations and their sequence as defined by host plugin.
-
Ledger Wallet Java Card Eligibility applet <br> This applet let you test the performance of your Java Card platform to run a Hierarchical Deterministic Bitcoin Hardware Wallet implementation.
-
Memory profiling tool (GitHub) [last commit 2017] <br> Locates an applet constructor and places free memory measurements hooks before and after every allocation command. Summarizes required memory for every allocated object (RAM, EEPROM)
-
Mesure performance tool <br> This is Mesure, an open Java Card performance measurement tool.
-
Performance Benchmark Applet for Javacard/smartcard <br> Performance testing for various algorithms, similar as JCAlgTest (needs investigation about difference to JCAlgTest)
-
PicoLabel AES/DES/RSA speed tester <br> Performance testing for DES/AES/RSA
-
SPA-JavaCard-Applet stars <br> JavaCard applet implementating basic cryptographic operations triggered during power analysis measurements using SPA-Cryptographic-Operations-Extractor tool
-
Three applets testing on-card defenses against maliciously modified applets <br> Abuse of Shareable interface, type confusion after use of Shareable interface, direct modification of CAP file
Formal verification and code transformation tools
-
CesTa project <br> Security hardening (duplicate variables, constant branches, transaction detection...) for JavaCard applets based on ANTLR automatic code transformations
-
Joana IFC analysis framework <br> Joana is a static analysis tool that can be used for information flow control (IFC) of Java bytecode. IFC allows to verify the INTEGRITY (no attacker can temper with sensitive information) or CONFIDENTIALITY (no attacker can infer secret information from public outputs) of a Java program. System dependence graphs (SDG) form the basic technology for our analyses. Examples also on JavaCard applets. Very active project.
-
KeYmaera 3 <br> KeYmaera 3: A Hybrid Theorem Prover for Hybrid Systems with examples on JavaCard applets (among others). https://symbolaris.com/info/KeYmaera.html
-
The KeY project <br> examples on JavaCard, this github repo is not official (https://www.key-project.org)
-
VeriFast <br> VeriFast is a research prototype of a tool for modular formal verification of correctness properties of single-threaded and multithreaded C and Java programs annotated with preconditions and postconditions written in separation logic. Examples on JavaCard applets: EPurse, EidCard. Very active project.
JavaCard simulators and emulators
-
CAPRunner <br> CAPRunner is a javacard bytecode emulator that is able to execute CAP files. It also comes with an handy runcap.py that bind them together and allow you to send some APDUs to a CAP file (without the need for a smartcard). developement on BitBucket
-
FreeJCVM (SourceForge) [last commit 2015] <br> Free javacard vm implementation for AVR MCU.
-
Java Card Simulator via Node.js <br> This project provides an implementation of a Java Card Runtime Enviornment (JCRE) produced using Node.js which is capable of creating virtual smart card devices and sending APDU commands to the smart card devices for execution via a RESTful API. The project also provides a web-based interface for interacting with the JCRE.
-
Java Card API <br> This repository contains an implementation of the Java Card API v.3.0.5 and Global Platform specification v2.3 for education and research purposes.
-
JCardMock <br> Mock implementation of the Java Card API 3.0.4 in order to test Java Card applet code without a card or simulator. It runs the Java Card API 3.0.4 in a normal Java Virtual Machine. The purpose is to allow for unit tests for Java Card applets with normal test frameworks like JUnit or TestNG in a normal Java Virtual Machine (unfinished)
-
JCardSim: <br> Capable JavaCard simulator implemented atop of BouncyCastle. Very good for unit testing, quick prototyping and educational purposes. Allows for multiple simulated cards in parallel.
-
openjcvm (SourceForge) [last commit 2015] <br> A open source java card virtual machine implementation. And also some part of the VM code can be used as part of kinds of tools such as javacard bytecode disassembler.
-
PythonCard - JavaCard under PyPi <br> JavaCard API simulated in Python environment. The goal is to provide a classic 3.0.1 version, while maintaining compatiblity with earlier version like 2.1.2. This is a pure python version of the javacard operating system as found on javacard smartcards.
-
remote-card <br> JavaCard remote access. Wraps physically connected JavaCards and virtual JCardSim cards behind REST and WebSocket interface. Enables to connect multiple JavaCards on one host and access them remotely on a different host. Project also integrates with VSmartCard so Android NFC phone can be used as a card reader.
-
Secure Element Emulator <br> This project aims at emulating a secure element environment for debugging and rapid-prototyping of secure element applets. It is a fork of the open-source Java Card simulator jCardSim (original source code available here). Within our research we added extensions to emulate an application life-cycle that matches the life-cycle of applications on real smartcard chips.
-
vJCRE <br> vJCRE is a virtual Java Card Runtime Environment
Learning (various school projects, simple hello world applets, etc)
-
AppletPlayground <br> AppletPlayground is an educational repository for getting to know JavaCard development by learning from existing open source software. It includes various open source applets from the internet, bundled into ready to use package. Everything you need to edit, compile and load the applets to real JavaCard-s or test with an emulator.
-
Client applet for CDAX Crypto (GitHub) [last commit 2014] <br> The applet with implementation of basic cryptographic functions offered by JavaCard API
-
CryptedBankCard <br> The school project with goal to develop a secure banking card.
-
HelloSTK2 <br> Example Java SIM Toolkit applet updated for ant-javacard.
-
Hotel Buddy <br> Various JavaCard projects created for a lecture-series. Some PKI.
-
JavaCard Demo <br> Examples of various JavaCard functionalities (as separate applets)
-
Learning applets repository <br> This repository will provide you with javacard applet for absolutely beginners\ javacard development tools\ javacard open source applets.
-
Maze solver on JavaCard <br> A small experiment on memory about java card using jcopv2.2.1
-
MultiCard <br> An school of applied science smartcard project. This project contains offCard and onCard components with various aspects of javacard development.
-
SecureChat <br> Secure chat client/server application
-
Simple AES encrypt/decrypt <br> Master thesis - protection of wireless networks in smart homes using secure hardware
-
Smartcard-Offline-Lock <br> Electronic door locks are commonly used at hotels, exhibitions or public facilities. An offline-operational solution for an electronic lock is required. This is a study project, so please don't expect to much comfort (single DES key used).
-
TraninCard applet <br> SmartCard - Traincard, No Pain No Gain Project at HTWk Leipzig.
Unsorted
(needs further inspection)
-
Corba <br> old project, CryptoFlex uploader?
-
Teleport secret Bitcoin applet <br> Basic applet implementing simple Bitcoin signature functionality.
-
unifei-smart-cards <br> Material developed in UNIFEI-MG research about Smart Cards
Methodology
- DONE (2018-02-22) Search all GitHub repositories with "javacard.framework.Applet" string. For repeated searches, sort by Sort:Recently indexed to get new projects first
- DONE (2017-04-15) Analyze applets included in AppletPlayground
- DONE (2017-04-15) Search all SourceForge repositories with "javacard" string
- DONE (2017-04-16) Sort applets into categories according to basic topic
- Inspect other repositories of relevant developers