Re: [Muscle] gpshell and gem Xpresso: how to open secure channel?

Fri, 26 May 2006 03:24:11 -0700 

> The diversification mode VISA is not supported by GlobalPlatform, only
> VISA2. If NONE is used (like it seems for you) (see page 123 and page 43
> what you have done there.) you should not need the gemXpresso switch and
> the card should act as a usual cards.
>
> So try the AID of the card in mode op_201 with your keys (I'm not sure
> about the name op_201, see the README, look, should be the default)
After digging into the GlobalPlatform.c source code I saw that the define 
GEMXPRRESSOPRO_CARD_MANAGER_AID correspond to my GemXpresso211PKIS card (with 
one more zero byte at the end)
Thus I think that I should use the gemXpressoPro modifier in my gpshell script 
so the corred security AID is used. Unfortunately, the use of weakened secure 
channel session key will not be handeled by GPShell, and it'll fail.
where should this weakened algorithme be implemented? in GlobalPlatform.c or 
in gpshell.c ?

> Although this should not matter for your configuration file with the
> switch NONE, for VISA2 this applies:
>
> If you have problems you might look at the function
> GemXpressoPro_create_daughter_keys() in GlobalPlatform.c. The assumed
> GEMXPRRESSOPRO_CARD_MANAGER_AID is wrong for your card and the offset in
> the CLPC data is not 13, look at the manual, where the serial begins.

Forgive my ignorance, but after digging through my GemXpresso211PKIS, the only 
information regarding CPLC is the get status command (and set status) and I 
see no offset there. What should I look for?

I've also found the following TLV data objects (is the info there?)
Tag             Description                                                     
Length
0001h   Gemplus proprietary data                                12
004Fh   Tag used to change CardManager AID              5-16
0002h   Tag to update CPLC initialization data          16
9F66h   Tag to update CPLC personalization data 8
9F67h   Tag to update CPLC pre-personalization data     8
TLV format is : tag(2bytes) length(1byte) data(0-127bytes)

Olivier.
--
        Olivier LAHAYE
        Motorola Labs IT Manager
        Computer & Information Systems
        European Communications Research
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle

Reply via email to