Re: [Muscle] Aladdin eToken Java 72K / Athena OS755

Fri, 28 Mar 2008 01:58:53 -0700 

Hello Karsten.

Citando Karsten Ohme <[EMAIL PROTECTED]>:

> So, far so good. But I'm not really sure if you card is a Global
> Paltform 2.1.1 card. Maybe it is a Open platform 2.0.1' card. (The
> previous spc version). Try this out. Use mode_201 instead of mode_211.
> But be careful, some tries, maybe 10, but sometimes less and you card is
> locked. So skipped after the second try it for this card until  you have
> an real answer. If this does not help, maybe you are not talking to the
> Card Issuer Security Domain but to a Security Domain with different keys
> or you use the wrong keys.

Assuming that the card has indeed an Athena OS755 chip, and according to [1] it
has:
"...The eToken Pro (Java) is a new smartcard, not the infineon chip anymore - no
CardOS. It is an Athena OS755 and supports 2048bit size..."

It should be a Global Platform 2.1.1 compliant card [2]:
Specifications Supported:
"...
    * Java CardTM 2.2.1 (2.2.2 optional)
    * GlobalPlatform 2.1.1
    * ISO 7816
    * ISO 14443 Type B (optional)
..."

>
> I know these two keys:
>
> /** The default key value for new cards defined in a VISA specification. */
> static const BYTE OPGP_VISA_DEFAULT_KEY[16] = {0x40, 0x41, 0x42, 0x43,
> 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F};

As you probably noticed this is the key I was already using:
(...)
open_sc -security 1 -keyind 0 -keyver 0 -mac_key
404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f
(...)

> /** The default mother key value for new GemXpresso cards. */
> static const BYTE OPGP_GEMXPRESSO_DEFAULT_KEY[16] = {0x47, 0x45, 0x4d,
> 0x58, 0x50, 0x52, 0x45, 0x53, 0x53, 0x4f, 0x53, 0x41, 0x4d, 0x50, 0x4c,
> 0x45};
> Don't believe that it is a gemXpresse, but you can try.

According to [1] it isn't...

I don't have much experience with Global Platform or GPShell, could it be that
the authentication errors are due to me providing incorrect commands to the
card? Should I specify the -kek_key in addition to -mac_key and -enc_key or is
it irrelevant? Am I providing the incorrect -keyind or -keyver parameters? Etc.
Etc.

Thank you for your help.

Best regards,
Joao

[1] http://www.etokenonlinux.org/et/FAQ
[2] http://www.athena-scs.com/product.asp?pid=32
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle

Reply via email to