On Thu, 17 Jun 2010 19:59:12 +0800, Josef Windorfer <josef.windor...@stud.fh-deggendorf.de> wrote:
> Hi, > > i have a feitian pki smart card. I initialise the smart card with > pkcs15-init --create-pkcs15. > For all actions the computer sends the GET CHALLENGE command and the > card returns 8 bytes. After this the computer sends 4 bytes to the card. > > The 8 Byte includes a MAC and a message. Where can I see with which key > is the MAC ciphered? That key may vary from different function calls, please check entersafe_transmit_apdu() for more details. > > Thats a cutout (with my comments) from the log-file: > > >> MESSAGE (E0 Create File) > >[pkcs15-init] card-entersafe.c:677:entersafe_create_mf: called > >[pkcs15-init] card-entersafe.c:322:entersafe_transmit_apdu: called > >[pkcs15-init] apdu.c:184:sc_apdu_log: > >Outgoing APDU data [ 46 bytes] ===================================== > >84 E0 00 00 29 3F 00 04 11 03 00 10 C0 10 C0 FC ....)?.......... > >67 00 FC 06 07 08 8F 08 6A 00 FF 00 00 00 01 02 g.......j....... > >03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 .............. > >====================================================================== > >[pkcs15-init] card-entersafe.c:229:entersafe_mac_apdu: called > >[pkcs15-init] card-entersafe.c:150:entersafe_gen_random: called > >[pkcs15-init] apdu.c:516:sc_transmit_apdu: called > >[pkcs15-init] card.c:285:sc_lock: called > >[pkcs15-init] apdu.c:184:sc_apdu_log: > >> GET CHALLENGE > >Outgoing APDU data [ 5 bytes] ===================================== > >00 84 00 00 08 ..... > >====================================================================== > >[pkcs15-init] reader-pcsc.c:161:pcsc_internal_transmit: called > >[pkcs15-init] apdu.c:184:sc_apdu_log: > >> 8 Byte MAC + message > >Incoming APDU data [ 10 bytes] ===================================== > >05 05 8B 83 AD 4F F8 16 90 00 .....O.... > >====================================================================== > >[pkcs15-init] card.c:312:sc_unlock: called > >[pkcs15-init] card-entersafe.c:164:entersafe_gen_random: returning > with: 0 > >[pkcs15-init] card-entersafe.c:310:entersafe_mac_apdu: returning with:0 > >[pkcs15-init] apdu.c:516:sc_transmit_apdu: called > >[pkcs15-init] card.c:285:sc_lock: called > >[pkcs15-init] apdu.c:184:sc_apdu_log: > >> LAST 4 BYTES ENCIPHERED MAC > >Outgoing APDU data [ 50 bytes] ===================================== > >84 E0 00 00 2D 3F 00 04 11 03 00 10 C0 10 C0 FC ....-?.......... > >67 00 FC 06 07 08 8F 08 6A 00 FF 00 00 00 01 02 g.......j....... > >03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 DF D1 ................ > >A8 2A .* > >====================================================================== > >[pkcs15-init] reader-pcsc.c:161:pcsc_internal_transmit: called > >[pkcs15-init] apdu.c:184:sc_apdu_log: > >>OK > >Incoming APDU data [ 2 bytes] ===================================== > >90 00 .. > >====================================================================== In this case, the MAC is generated by the key "trans_code_ftcos_pk_01c", and the iv(card generated random number). Regards, Xiaoshuo _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel