Home

Awesome

NeoPGP - A robust Java Card OpenPGP applet

NeoPGP is a free and open souce Java card applet which implements the OpenPGP 3.4.1 specification. It aims to be robust, lightweight (in a sense of RAM consumption) and highly configurable. The applet supports ECC as well as RSA keys.

Prior Work

So, why yet another OpenPGP applet?

Only SmartPGP supports ECC keys, all the other applets only support RSA keys. SmartPGP on the other hand use dynamically allocated memory. On a Java Card, all objects are allocated in non-volatile memory, not in RAM. While the API offers a manual garbage colletion via JCSystem.requestObjectDeletion(), this is (a) optional and (b) apparently broken on some cards1. Thus it is not possible to return any allocations to the OS. If the applet will drop a reference to an object this memory is leaked forever. It is good practice to only allocate memory during the applet installation, that is preallocate any object which will ever be used by the applet. This is exactly what NeoPGP is doing. There are no uses of the new operator (or calls to factory functions) outside of an object constructor and all objects are created during the .install() hook.

Features

Build it yourself

You have to download a java card development kit, either from the offical source or by cloning the handy git repository. Set the environment variable JC_HOME to the SDK you want to use.

The latest SDK v3.1 will support newer java compiler and still can generate code for the 3.0.x java cards.

export JC_HOME=/path/to/jcsdk
ant

If everything is successful, there will be a NeoPGPApplet.cap.

Installation

You can use GlobalPlatformPro to install the NeoPGPApplet.cap onto your smart card. E.g.

java gp.jar -install NeoPGPApplet.cap

Configuration Parameters

NeoPGP is highly configurable. During applet installation you can choose the supported key and quirks that are needed for your card, can be enabled.

Parameter BitmaskDescription
00010000RSA-2048 support
00020000RSA-3072 support
00040000RSA-4096 support
00080000NIST P-256 support
00100000NIST P-384 support
00200000NIST P-521 support
00400000Brainpool P-256 support
00800000Brainpool P-384 support
01000000Brainpool P-512 support
02000000secp256k1 support
00000001Disable transaction during key generation
00000002Turn on KDF by default
00000004Disable tag and length field for GET DATA on the KDF DO

Working Cards

Java CardParametersNotes
JCOP J3R180 (DI)03f90000[1]
JCOP J3R180 4K RSA (DI)03ff0000[1]
ACOSJ 40K (DI)00d80001[2], [3]

License

The license is the GPLv3+, see COPYING.

Please note, that if you use this applet in commercial products, the GPLv3 demands that the user can modify the source code and replace the applet on the smart card. Therefore, you probably have to supply the user with the security key of the smart card.

Footnotes

  1. https://stackoverflow.com/questions/28147582/ implies that the garbage collention might brick the whole card and should only be used in secure environment, i.e. during card production.