NeoPGP is a free and open souce Java card applet which implements the OpenPGP 3.4.1 specification. It aims to be robust, lightweight (in a sense of RAM consumption) and highly configurable. The applet supports ECC as well as RSA keys.
Only SmartPGP supports ECC keys, all the other applets only support RSA keys.
SmartPGP on the other hand use dynamically allocated memory. On a Java Card,
all objects are allocated in non-volatile memory, not in RAM. While the API
offers a manual garbage colletion via JCSystem.requestObjectDeletion(), this
is (a) optional and (b) apparently broken on some cards1. Thus it is not
possible to return any allocations to the OS. If the applet will drop a
reference to an object this memory is leaked forever. It is good practice to
only allocate memory during the applet installation, that is preallocate any
object which will ever be used by the applet. This is exactly what NeoPGP is
doing. There are no uses of the new operator (or calls to factory functions)
outside of an object constructor and all objects are created during the
.install() hook.
- Pre-allocated resources
- Resources consumption configurable during applet registration
- Generate keys on card
- Key algorithm changable
- Key import
- Support for RSA keys
- Support for ECC keys
- KDF support
- Get Challenge command support
- Private DOs
- AES encryption/decryption
- Per signature request PIN verification
- Cardholder Certificates (DO 7F21)
- SmartPGPs secure messaging
You have to download a java card development kit, either from the offical
source or
by cloning the handy git
repository. Set the
environment variable JC_HOME to the SDK you want to use.
The latest SDK v3.1 will support newer java compiler and still can generate code for the 3.0.x java cards.
export JC_HOME=/path/to/jcsdk
ant
If everything is successful, there will be a NeoPGPApplet.cap.
You can use
GlobalPlatformPro to
install the NeoPGPApplet.cap onto your smart card. E.g.
java gp.jar -install NeoPGPApplet.cap
NeoPGP is highly configurable. During applet installation you can choose the supported key and quirks that are needed for your card, can be enabled.
| Parameter Bitmask | Description |
|---|---|
00010000 |
RSA-2048 support |
00020000 |
RSA-3072 support |
00040000 |
RSA-4096 support |
00080000 |
NIST P-256 support |
00100000 |
NIST P-384 support |
00200000 |
NIST P-521 support |
00400000 |
Brainpool P-256 support |
00800000 |
Brainpool P-384 support |
01000000 |
Brainpool P-512 support |
02000000 |
secp256k1 support |
00000001 |
Disable transaction during key generation |
00000002 |
Turn on KDF by default |
00000004 |
Disable tag and length field for GET DATA on the KDF DO |
| Java Card | Parameters | Notes |
|---|---|---|
| JCOP J3R180 (DI) | 03f90000 |
[1] |
| JCOP J3R180 4K RSA (DI) | 03ff0000 |
[1] |
| ACOSJ 40K (DI) | 00d80001 |
[2], [3] |
- [1]: 3k/4k-RSA needs special pre-personalization and is not always available.
- [2]: Only ECC, because no ExtendedLength support.
- [3]: ECC up to 384bits.
The license is the GPLv3+, see COPYING.
Please note, that if you use this applet in commercial products, the GPLv3 demands that the user can modify the source code and replace the applet on the smart card. Therefore, you probably have to supply the user with the security key of the smart card.
Footnotes
-
https://stackoverflow.com/questions/28147582/ implies that the garbage collention might brick the whole card and should only be used in secure environment, i.e. during card production. ↩