Olivier LAHAYE wrote: > Just to add some investigation to my previous email: > By browsing The Gem Xpresso Pro software tree installed on my windows PC, I > was able to find that the key version is 13 (decimal) [file > GXP211_PK_IS.properties]. thus I added > "-keyver 13" to the open_sc command with no more success. > > then I looked at the APDUs sent during the authentication done by the Gem > Xpresso Pro softwawre on my windows 2000: > 1st it does a 00A4040007A000000018434D which is a "select -AID a000000018434d"
Strange AID. But try to take it. > then it does a 80500D010800000000000000001C which it calls "CMD: Initialize > Update" > then it does a 8482000010################################ which it calls > "CMD: > External Authenticate" and where # depends on the answer of the previous > command. > > I hope that the failed attemp counter is realy reset when I authenticate the > card on Windows.... Yes. If no error occurs. Karsten > > Olivier. > > Le Tuesday 23 May 2006 12:20, Olivier LAHAYE a écrit : > >>I'm trying to help Nesrine as she works on same site as me. >> >>I have few smartcard knowledge but I'm understanding more and more though >>:-) >> >>Right now, here is our situation: >>We used muscletool to register the ATR of our Gem Xpresso 211PK-IS >>smartcard. (BTW, is it normal that even if the ATR is already in the >>Info.plist file, it is inserted one more time (leading to multiple >>identical lines containing the ATR). >> >>Then we are trying to connect to the card using a secure channel. Thus I >>created a gpshell script to try to open a secure channel and test the >>authentication. >>After digging on the net, I found that the keys are: >>Static keys: PK-IS >>Kenc = CA CA CA CA CA CA CA CA 2D 2D 2D 2D 2D 2D 2D 2D >>Kmac = 2D 2D 2D 2D 2D 2D 2D 2D CA CA CA CA CA CA CA CA >>Kkek = CA 2D CA 2D CA 2D CA 2D CA 2D CA 2D CA 2D CA 2D >> >>Thus I tried the following gpshell script with no success:(note that I >>reset the unsuccessfull failed attempt counter to open the secure channel >>by using the windows Gem Xpresso Pro software on windows 2000 and >>authenticate the card) >>Note: the open_sc line is on 1 single line >>-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<----- >>gemXpressoPro >>enable_trace >> >>establish_context >>card_connect >>select -AID a000000018434d # example of AID to test AID selection works >>open_sc -security 0 -enc_key cacacacacacacaca2d2d2d2d2d2d2d2d -mac_key >>2d2d2d2d2d2d2d2dcacacacacacacaca -kek_key ca2dca2dca2dca2dca2dca2dca2dca2d >>// Open secure channel >>get_status -element e0 >>close_sc // Close secure channel >>card_disconnect >>release_context >>-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<----- >>The gpshell version is 1.3.1 >>What means -keyind 0 -keyver 0 ? >> >>In the end, the aim is to load the CardEdge Applet applet on en empty card. >>As we are unable to use muscle framework with the applet we installed using >>Gem Xpresso Pro software on windows. >> >>Many thanks in advance for all your help and patience :-) > > -- > Olivier LAHAYE > Motorola Labs IT Manager > Computer & Information Systems > European Communications Research > > _______________________________________________ > Muscle mailing list > [email protected] > http://lists.drizzle.com/mailman/listinfo/muscle _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
