Re: [Muscle] gpshell + gemXpresso Pro

Julien Cordry Fri, 09 Jun 2006 23:50:27 -0700

On Thu, Jun 08, 2006 at 01:41:48AM +0200, Karsten Ohme wrote :
> Julien Cordry wrote:
> > Hello everyone !
> >
> > I am a complete newbie to smart cards.
> >
> > I am trying to load the helloWorld applet on a GemXpresso Pro R3.
> >
> > I am using :
> > globalplatform-3.0.2
> > gpshell-1.3.1


I forgot :
pcsc-lite 1.2.9_beta9
pcsc-towitoko-2.0.7

> >
> > Here is what I get from my script :
> > gemXpressoPro
> > enable_trace
> > establish_context
> > card_connect
> > select -AID a000000018434d
> > --> 00A4040007A000000018434D
> > <-- 6F198408A000000018434D00A50D9F6E061291301503029F6501FF9000
> > open_sc -security 0 -keyind 00 -keyver 00 -key
> > 47454d5850524553534f53414d504c45 -enc_key
> > 6ef05c1e2e9ba55b5b2619828743f795
> > -mac_key 15ca7679aa807160881c9f0c50306f6d -kek_key
> > 54455354204b45594558542041555448 // Open secure channel
> > --> 80CA9F7F00
> > <--
> > 9F7F2A40906622129130150302303106121016235D4082326712833267000000000000000000000000000000009000
> > --> 805000000872B9BA65C206717500
> > <-- 4D00303106121016235DFF0198680F69B2A0BDA3C133D069AF7D330C9000
> > --> 84820000108AF1516FC87F60D03EE6DC4783A769C1
> > <-- 9000
> > get_status -element e0
> > --> 80F2E000024F0000
> > <--
> >
08A000000018434D00019A09A00000001830040181010010A00000001830040100000000000000FF010010A0000000183003010000000000
0000FF010010A00000001830040100000000000000FE010010A00000001830030100000000000000FE010008A000000018100106010008A0
00000018100101010007A0000000030000010008A000000018100102010007A0000000620201010007A0000000620102010007A000000062
0101010007A0000000620001010008A00000001810010801000D6F656E63686D610C0ACE0D0C01010010A000000018300301000000000000
000007040E6F656E63686D610C0ACE0D0C010107009000
> >
> > List of applets (AID state privileges)
> > a000000018434d00        1       9a
> > a00000001830040181      1       0
> > a00000001830040100000000000000ff        1       0
> > a00000001830030100000000000000ff        1       0
> > a00000001830040100000000000000fe        1       0
> > a00000001830030100000000000000fe        1       0
> > a000000018100106        1       0
> > a000000018100101        1       0
> > a0000000030000  1       0
> > a000000018100102        1       0
> > a0000000620201  1       0
> > a0000000620102  1       0
> > a0000000620101  1       0
> > a0000000620001  1       0
> > a000000018100108        1       0
> > 6f656e63686d610c0ace0d0c01      1       0
> > a0000000183003010000000000000000        7       4
> > 6f656e63686d610c0ace0d0c0101    7       0
> > install -sc 1 -file HelloWorld.bin -nvDataLimit 2000 -instParam 00
> > -priv 0
> > -->
> > 80E602001B09A00000006203010C0107A00000000300000006EF04C60201A80000
> > <-- 6985
> > install_for_load() returns 0x80206985 (6985: Command not allowed -
> > Conditions of use not satisfied.)
>
> Try to explicitly specify a Security Domain, i.e. the Card Issuer
> Domain
> AID, with -sdAID a000000018434d, the same AID you have selected with
> select (or a000000018434d00 or a0000000030000).
>
> Karsten

Thanks.

Specifying the sdAID seems to be the right idea here :

install -sc 1 -sdAID a000000018434d00 -file HelloWorld.bin -nvDataLimit
2000 -instParam 00 -priv 0
--> 80E602001C09A00000006203010C0108A000000018434D000006EF04C60201A80000
<-- 009000
-->
80E80000EFC482019B010013DECAFFED010204000109A00000006203010C0102001F0013001F000E000B0036000C0067000A00130000006C
00000000000001010004000B01020107A000000062010103000E010AA00000006203010C0101001406000C00800301000107010000001F07
0067000210188C000118110100900B8700188B00027A02308F00033D8C00043B7A0523198B00052D198B0006320329041F651B1A08AD0016
041F8D00073B16041F41290419088B00083270E6198B00093B19160408418B000A1903088B000B19AD000316048B000C7A08000A00000000
000000000000050036000D020000000680030003
<-- 6985
load_applet() returns 0x80206985 (6985: Command not allowed - Conditions
of use not satisfied.)

Now this looks like an other security issue in le load command.

> >
> >
> > What could be the problem here ?
> >
>

-- 
  Julien Cordry

_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle

Re: [Muscle] gpshell + gemXpresso Pro

Reply via email to