I would not expect a retail card to use public enc/mac keys, would you? Any
phishing site could replace the security critical firmware, acting as card
issuer.
> Date: Fri, 28 Mar 2008 08:44:12 +0000> From: [EMAIL PROTECTED]> To:
> muscle@lists.musclecard.com; [EMAIL PROTECTED]> Subject: Re: [Muscle] Aladdin
> eToken Java 72K / Athena OS755> CC: > > Hello Karsten.> > Citando Karsten
> Ohme <[EMAIL PROTECTED]>:> > > So, far so good. But I'm not really sure if
> you card is a Global> > Paltform 2.1.1 card. Maybe it is a Open platform
> 2.0.1' card. (The> > previous spc version). Try this out. Use mode_201
> instead of mode_211.> > But be careful, some tries, maybe 10, but sometimes
> less and you card is> > locked. So skipped after the second try it for this
> card until you have> > an real answer. If this does not help, maybe you are
> not talking to the> > Card Issuer Security Domain but to a Security Domain
> with different keys> > or you use the wrong keys.> > Assuming that the card
> has indeed an Athena OS755 chip, and according to [1] it> has:> "...The
> eToken Pro (Java) is a new smartcard, not the infineon chip anymore - no>
> CardOS. It is an Athena OS755 and supports 2048bit size..."> > It should be a
> Global Platform 2.1.1 compliant card [2]:> Specifications Supported:> "...> *
> Java CardTM 2.2.1 (2.2.2 optional)> * GlobalPlatform 2.1.1> * ISO 7816> * ISO
> 14443 Type B (optional)> ..."> > >> > I know these two keys:> >> > /** The
> default key value for new cards defined in a VISA specification. */> > static
> const BYTE OPGP_VISA_DEFAULT_KEY[16] = {0x40, 0x41, 0x42, 0x43,> > 0x44,
> 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F};> > As you
> probably noticed this is the key I was already using:> (...)> open_sc
> -security 1 -keyind 0 -keyver 0 -mac_key> 404142434445464748494a4b4c4d4e4f
> -enc_key 404142434445464748494a4b4c4d4e4f> (...)> > > /** The default mother
> key value for new GemXpresso cards. */> > static const BYTE
> OPGP_GEMXPRESSO_DEFAULT_KEY[16] = {0x47, 0x45, 0x4d,> > 0x58, 0x50, 0x52,
> 0x45, 0x53, 0x53, 0x4f, 0x53, 0x41, 0x4d, 0x50, 0x4c,> > 0x45};> > Don't
> believe that it is a gemXpresse, but you can try.> > According to [1] it
> isn't...> > I don't have much experience with Global Platform or GPShell,
> could it be that> the authentication errors are due to me providing incorrect
> commands to the> card? Should I specify the -kek_key in addition to -mac_key
> and -enc_key or is> it irrelevant? Am I providing the incorrect -keyind or
> -keyver parameters? Etc.> Etc.> > Thank you for your help.> > Best regards,>
> Joao> > [1] http://www.etokenonlinux.org/et/FAQ> [2]
> http://www.athena-scs.com/product.asp?pid=32>
> _______________________________________________> Muscle mailing list>
> Muscle@lists.musclecard.com> http://lists.drizzle.com/mailman/listinfo/muscle
_________________________________________________________________
In a rush? Get real-time answers with Windows Live Messenger.
http://www.windowslive.com/messenger/overview.html?ocid=TXT_TAGLM_WL_Refresh_realtime_042008_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
