Learn how jcvm 2 works

1. The following is a structure diagram of the smart card:

 

 

 

 

JRE is a smart card JavaProgramThe running environment, including jcvm, core API class library, and local methods,

 

1. The following describes how a smart card works:

First,Source codeAfter compilation by the Java compiler, class files are generated, also known as bytecode.

The Java Smart Card converter then converts a class file into a cap file. The main function of the converter is to optimize the bytecode file for running in the limited memory in the card.

All of the preceding operations are performed on external VMS.

The following are all completed in the Java card runtime environment.

Next, download the CAP file to the card. Each applet will be assigned a specific aid (it is not clear how this aid is granted to me, and it is not clear now ). After an applet is correctly downloaded to the EEPROM and associated with the Java smart card library and other libraries on the card, JRE calls the Installation Method Install of the applet to install the applet. Install is a public static method (the Java card does not support dynamic loading) used to create an applet instance. At this time, JRE will call the interpreter to create an instance. At the same time, jcres are recorded in the applet registry. Due to limited storage, the objects required during the lifetime of the Applet are usually created and initialized at this stage.

The applet installed on the card must be explicitly selected before it can be activated. Is the APDU command sent by the terminal device to the card. when JRE receives the "select APDU" command. JRE pause the selected Applet and call the deselect method of the applet to clean it. Then, JRE selects the corresponding Applet based on the aid in the command and calls the select method of the applet. If you select this applet for multiple logical channels, you need to call its multiselectable. deselect method. The select method prepares the applet to accept the APDU command. All the received APDU command jcres will be sent to the process method of the selected applet. At this time, jcres will call the interpreter and give the system control to the interpreter, until it receives the next "selectapdu" command.

After the interpreter is started, perform necessary initialization and jump to the process method of the current applet. The interpreter is interpreted and executed according to the specific bytecode. At this time, the interpreter is like the translation required by people in different languages for communication, so that programs written in Java can run on different systems, this allows Java to implement the idea of "writing once and running everywhere. When the java stack is empty, the interpreter transfers control of the system to JRE.

2. Java card virtual machines are composed of two parts: In-card virtual machines and out-of-card virtual machines

1. Working Principle of out-of-card virtual machines:

The off-board virtual machine works on the PC platform. It compiles and converts the Java source files. The converted bytecode file is called the CAP file, which is the installation file to be downloaded to the Java card.

The development of Java card applications is the same as that of other Java applications in the initial stage. developers write the source of one or more Java classes.CodeIs compiled into one or more class files by the Java compiler. The corresponding class file is converted to the CAP file using the Java card converter. After the conversion is complete, the CAP file is uploaded to the on-card virtual machine, and the on-card virtual machine executes the program code in the CAP file. The CAP file is an interface file of two virtual machines. The CAP file is generated by an external Virtual Machine and used by the internal virtual machine.

The CAP file can be downloaded and installed into the card, including executable code. The relationship between the CAP file and jcvm is equivalent to the relationship between the class file and JVM. The CAP file is generated by the converter of a Java off-card Virtual Machine. All classes in a package are converted and stored in the same cap file. The conversion process is shown in Figure 4. The export file contains the information required for operations on the virtual machine in the card, which can be generated by the converter when converting a package. Other programs that reference the classes in this package need to use the export file of this package during conversion, the converted cap file contains the export file information. The virtual machine in the card uses this information to link related items (classes, interfaces, domains, and methods) in the package ). The converter converts all classes in the same package used by the Java card applet into a cap file. The CAP file consists of a series of components whose functions are different. Compared with class files, Cap files are more compact and short in structure, and the representation of classes, methods, and fields is relatively simple. It is based on Token Based linking, java card processing is more effective. At the same time, various optimizations can be made during the conversion from class files to cap files.

2. Principle of the On-card virtual machine:

The Virtual Machine in the card works on the smart card platform. It interprets the bytecode of the CAP file downloaded to the card and converts it into the relevant local hardware implementation.

The Virtual Machine in the card executes bytecode, manages classes and objects, provides firewalls between various Java card applications, and provides confidential data sharing. Due to the limited resources in the smart card environment, the implementation method is adopted, and its stack model, heap memory organization, and Exception Handling Methods all have their own characteristics.

 

The main modules of the card are as follows:

The javacard virtual machine is the working engine of javacard. Its general structure is simpler than that of other Java versions of virtual machines, including the Java bytecode parser, java stack, Java heap, method zone, and Exception Handling Module.

1. the Java bytecode parser parses and executes all Java bytecode. When the interpreter parses the CAP file, call the classes, methods, and static fields corresponding to the application from the method area to complete the parsing of the application.

2. java stack is the workspace for calling methods during Java language execution; jcvm is a processing machine that uses the stack as the basic storage mechanism. Stack features advanced post-output (FILO ). For each method of each class, jcvm defines a certain stack space, which is pushed to the stack by calling the information of the class method.

3. Java heap is used to store permanent and temporary object data:

Heap technology is used to store all instances or arrays created during Java program running. When processing the instructions for creating bytecode objects, the Java card virtual machine should allocate storage blank information for it in the heap.

4. The method area is the location of the Java class library, which is the basic functional module of Java, including local methods and pure Java class methods.

5. Exception Handling Module

6. the java stack of the Java card virtual machine works in the ram card, the method area is masked to the ROM when the card is released, and the Java heap is allocated to the EEP-ROM or flash.

Analysis of the parsing process of the Class Library

The first important problem to be solved when implementing the API class library is how to find the referenced API class, method, and domain by the compiled bytecode information. In Java smart card, whether it is a class library or an application applet, the converter has allocated a value for all classes and instantiation methods, called the token value. When the applet is running, the interpreter uses the token value as the index tag and uses the specific package information, class information, method information, and domain information contained in each component of the CAP file, this completes class reference, method reference, and domain reference parsing. This is the dynamic link principle of token. Therefore, to solve this problem, we need to study the specific parsing process of the interpreter to call the outsourcing method in the applet.

When a Java Smart Card Application applet is running, if an outsourcing method is referenced, the interpreter obtains the referenced outsourced index and uses the class and method token value as the index tag, the specific package information, class information, and method information of each component in the CAP file can accurately jump from the token value to the specific implementation of the referenced method. This process mainly involves export files and cap files.

The export file mainly describes the association information between the applet and the referenced package, including the connection information of the complete public method of the package where the current class is located, in addition, different token values are assigned to Classes, methods, and fields in the current package.

The CAP file contains not only the content of a package, but also the link information of this package and other packages. It is a class file generated after the Java source code is compiled, and the binary file generated after the converter is used. Then it is downloaded by JRE and installed on the card. The interpreter will parse it, the specific format has been provided by the Java Smart Card virtual machine specification.

 

 

 

Requirements of the hardware system:

The underlying layer is the hardware system, mainly to ensure the Java Smart Card operating environment.

The minimum hardware configuration requirements for Java smart cards are:

8-bit Processor;

512-byte RAM: used to store the stack and output input when the application is running.

Buffer;

24kb ROM: it is mainly used to store program class libraries and system runtime systems;

8 kb eeprom: used to store Java Smart Card applets and heap