I currently have some problems with muscleTool and xcard on windows. So I have analyzed the apdu and the code and documented both. If some developer of the applet reads this you could perhaps include my comments for the setup method in the main code. At least if they are useable ;-) Please correct me if there are errors.
-------------------------------------------------- Token setup APDU structure:
CLA: B0 INS: 2A P1: 00 P2: 00 Data Length Data
Data: old Admin PIN length,data(Muscle00)
number of pin tries for PIN 0 (04) number of unblock tries for PIN 0 (01) new PIN 0 length, data new Unblock PIN 0 length, data
number of tries before PIN 1 is blocked (00) number of unblock tries for PIN 1 (00) new Pin 1 (User PIN) length, data new unblock Pin 1 length, data
2 unused Bytes (00,00) 2 byte Memory size (20 00 = 8192) ACLs for create object (00) ACLs for create Key (02) ACLs for create PIN (01)
------------------------------------------------------
Commented applet code for setup
private void setup(APDU apdu, byte buffer[])
{
short bytesLeft = Util.makeShort((byte)0, buffer[ISO7816.OFFSET_LC]);
if (bytesLeft != apdu.setIncomingAndReceive())
ISOException.throwIt((short)ISO7816.SW_WRONG_LENGTH); short base = 5;
// Read old Admin PIN and verify it
byte numBytes = buffer[base++];
OwnerPIN pin = pins[0]; if (!CheckPINPolicy(buffer, base, numBytes))
ISOException.throwIt((short)SW_INVALID_PARAMETER); if (pin.getTriesRemaining() == 0)
ISOException.throwIt((short)SW_IDENTITY_BLOCKED); if (!pin.check(buffer, base, numBytes))
ISOException.throwIt((short)SW_AUTH_FAILED);base += numBytes;
// Read number of tries before PIN 0 is blocked
byte pin_tries = buffer[base++];
// Read number of possible unblock tries for PIN 0
byte ublk_tries = buffer[base++]; // Read PIN 0 (Admin PIN) and copy to applet
numBytes = buffer[base++]; if (!CheckPINPolicy(buffer, base, numBytes))
ISOException.throwIt((short)SW_INVALID_PARAMETER); pins[0] = new OwnerPIN(pin_tries, (byte)pinMaxSize);
pins[0].update(buffer, base, numBytes);
base += numBytes; // Read Unblock PIN 0 and copy to applet
numBytes = buffer[base++]; if (!CheckPINPolicy(buffer, base, numBytes))
ISOException.throwIt((short)SW_INVALID_PARAMETER); ublk_pins[0] = new OwnerPIN(ublk_tries, (byte)pinMaxSize);
ublk_pins[0].update(buffer, base, numBytes);
base += numBytes; // Read pin tries for PIN 1
pin_tries = buffer[base++];
// Read unblock tries for PIN 1
ublk_tries = buffer[base++]; // Read PIN 1 (User PIN) and copy to applet
numBytes = buffer[base++]; if (!CheckPINPolicy(buffer, base, numBytes))
ISOException.throwIt((short)SW_INVALID_PARAMETER); pins[1] = new OwnerPIN(pin_tries, (byte)pinMaxSize);
pins[1].update(buffer, base, numBytes);
base += numBytes; // Read unblock PIN 1 and copy to applet
numBytes = buffer[base++]; if (!CheckPINPolicy(buffer, base, numBytes))
ISOException.throwIt((short)SW_INVALID_PARAMETER); ublk_pins[1] = new OwnerPIN(ublk_tries, (byte)pinMaxSize);
ublk_pins[1].update(buffer, base, numBytes);
base += numBytes; // Skip next 2 bytes ?
base += 2; // Read short mem Size
short mem_size = Util.getShort(buffer, base);
base += 2; // Read and set ACLs
create_object_ACL = buffer[base++];
create_key_ACL = buffer[base++];
create_pin_ACL = buffer[base++]; // Allocate memory
mem = new MemoryManager(mem_size);
om = new ObjectManager(mem); // Initialize Memory structures
keys = new Key[MAX_NUM_KEYS];
keyACLs = new byte[48];
keyTries = new byte[MAX_NUM_KEYS];
for(byte i = 0; i < MAX_NUM_KEYS; i++)
keyTries[i] = MAX_KEY_TRIES; keyPairs = new KeyPair[MAX_NUM_KEYS];
ciphers = new Cipher[MAX_NUM_KEYS];
signatures = new Signature[MAX_NUM_KEYS];
ciph_dirs = new byte[MAX_NUM_KEYS];
for(byte i = 0; i < MAX_NUM_KEYS; i++)
ciph_dirs[i] = -1; logged_ids = 0;
getChallengeDone = false;
randomData = null;
STD_PUBLIC_ACL = new byte[6];
for(byte i = 0; i < 6; i += 2)
Util.setShort(STD_PUBLIC_ACL, i, (short)0);// Set the Setup Done flag. After this moment the setup can not be called again
setupDone = true;
}
_______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
