SecureFileManager

Introduction

This project was developed as part of a bachelor thesis at the DHBW Ravensburg Campus Friedrichshafen in cooperation with Giesecke and Devrient.

The SecureFileManager is a filemanager for the android platform, which is making use of the G&D secure microSD card, in order to cipher files.
To spare the user to keep numerous complicated passwords, which are being used for ciphering, in mind, a secure key is being generated and saved, by the use of the Java Card Applet, which is running on the Mobile Security Card.

Android Application

The Android Application is for demonstration and test purposes only. Do not use in production environments!

To use this application, you need a Android platform with smart card access.
For this purpose look BuildingTheSystem or the introduction on the Mobile Security Developer's Kit.

Checkout the SecureFileManger source code and install your own generated .apk file on your Android device.
Run the SecureFileManager application on your Android smartphone.

With inserted Mobile Security Card the encryption functions are available.

Java Card Applet

The Java Card applet is for demonstration and test purposes only. Do not use in production environments!

Download the filemanager.cap file from the Download page.
Install the filemanager.cap file on the Mobile Security Card. Therfore you can use JLoad or other Java Card compliant Global Platform loader tools.
JLoad is included in the Mobile Security Developer's Kit.
You can even compile and convert the fileManager.java file to a Java Card Cap file. For this reason please check the source code page.

With the help of the Java Card Applet a secure key is being established for a specific file-ID and a given password. This triple is saved on the secure element of the Mobile Security Card.

securefilemanager_triple

Only if you are authenticated you have access to all methods. The default Pin is 0x31 0x32 0x33 0x34.
After 3 times wrong pin entry the applet is blocked. A correct Pin resets the counter.

APDU Interface

Verify Pin

CLA:  90
INS:  10
P1:   00
P2:   00
P3:   04
data: <4 bytes pin>

APDU: 90 10 00 00 04 31 32 33 34
RESPONSE: 90 00

Create Key

CLA:  90
INS:  20
P1:   00
P2:   00
P3:   <length of data>
data: <length of file-ID><file-ID><length of pwd><pwd>

APDU: 90 20 00 00 10 04 2F 02 38 3B 0A 31 32 33 34 35 36 37 38 39 40
RESPONSE: <key> 90 00

Verify Key

CLA:  90
INS:  30
P1:   00
P2:   00
P3:   <length of data>
data: <length of file-ID><file-ID><length of pwd><pwd>

APDU: 90 30 00 00 10 04 2F 02 38 3B 0A 31 32 33 34 35 36 37 38 39 40
RESPONSE: <key> 90 00

Delete Key

CLA:  90
INS:  40
P1:   00
P2:   00
P3:   <length of data>
data: <length of file-ID><file-ID><length of pwd><pwd>

APDU: 90 30 00 00 10 04 2F 02 38 3B 0A 31 32 33 34 35 36 37 38 39 40
RESPONSE: 90 00

Introduction
How To
Access Control
- Introduction
UICC Support
ASSD Support
- Concept
- How To Build
MSC Support
- MSC Smartcard Service
- Version History
PC/SC Interface
Service Layer
- Service Layer API
- PKI Support on Android
Applications
FAQS
Abbreviations
Contributions

Provide feedback

Saved searches

Use saved searches to filter your results more quickly