I'm struggling for a long time. I need to create secure channel from Desktop App to JavaCard. I found GlobalPlatform http://www.win.tue.nl/pinpasjc/docs/apis/gp22/ but I can't get it working. I know how to react when I have a secure channel ( use it ) but strugling to create it. I know I should create Key on my desktop app then somehow send InitUpdate APDU, then create ExtAuth APDU and then it should work? I know I'm lost so if anybody have some example or something I'll be so glad!

(Assuming you want to implement the client-side of the communication)

The SCP protocols used to establish secure channel are precisely defined in GlobalPlatform Card Specifications, available here, specifically:

• SCP01 / SCP02 / SCP10 in GlobalPlatform Card Specification v2.3 (appendices D,E,F)

• SCP03 in Card Technology Secure Channel Protocol '03' Card Specification v2.2 – Amendment D V1.1.1

You can have a look at GlobalPlatformPro (java) or GPShell (C) for some source code.

Good luck!

PS: The org.globalplatform API you mention in your post is used inside the card and allows javacard applets to use keys stored in the SD for secure communication/authentication.