GlobalTester
GlobalTester | |
---|---|
Basic data
|
|
developer | secunet Security Networks AG |
Current version | 3.2 (March 6, 2017) |
operating system | all Java capable OS |
category | Test tool |
License | GPL |
GlobalTester |
The GlobalTester is a software test tool for chip cards . The GlobalTester is freely available under the GNU General Public License (GPL) and is being developed by secunet Security Networks AG . The software is available as a plug-in for the widely used development platform Eclipse .
history
When the European Union decided to introduce electronic passports (e-Passports, MRTD ) worldwide, it was quickly recognized that extensive conformity tests were necessary to ensure that the passports functioned smoothly. For this purpose, the international aviation authority ICAO and the Federal Office for Information Security (BSI) have specified extensive tests, each containing several hundred test cases. In order to implement these test cases in software and thereby also to verify them, secunet has provided a tool at the Paderborn location based on open source components. With this software, the tests can not only be created, but also executed directly. All that is required for this is a standard PC running Eclipse and a PC / SC-compatible card reader with which communication with the card can be implemented.
Tests with chip cards
When testing a chip card , it is important, on the one hand, to check the functions that must be provided by the card. These positive cases are used to verify the guaranteed benefits of the card. On the other hand, the negative cases also play an even greater role. For this purpose, error cases are constructed in order to check the behavior of the card when such an error occurs. In this way, the behavior of the chip in extreme situations can be examined. In this way you can examine how the card reacts, for example, if the application tries to read past the end of the file. Or it is verified how the chip behaves when the application accesses a file that does not exist or that has no access rights. During testing, after the error states have been constructed, a check is carried out to determine whether the chip card is in an error status specified by specifications.
Another test is checking for undefined commands. In a simple loop, you can construct all options for sending a command (a so-called APDU ) to the chip and then check the chip's reaction. In this way, undefined and unintended commands can be found.
This is where the GlobalTester comes into play. This tool enables the user to easily create scripts in order to carry out these tests automatically and thus to repeat them with different chip cards.
architecture
Various freely available components are used in the GlobalTester. The most important components are:
- Eclipse : runtime environment
- SmartCard Shell: Part of the Open Smart Card Development Platform
- GlobalPlatform: Specification of the card commands and structures as well as the corresponding protocols
- Open Card Framework: communication between card and reader
- Rhino : JavaScript engine
- JDOM : XML parser
- Bouncy Castle : Cryptographic Library