Thanks to everyone who replied, indeed the authentication details are in
Appendix D of the GlobalPlatform Card Specification document, available at
www.globalplatform.org.
In case someobody does a search about this, here is some info for the
record:
The GlobalPlatform document references some ISO and ANSI standards for
details of the 3DES-MAC algorithm. The standards are not free, so I had to
guess which version of the algorithm was used.
In this case, you can just do 2DES (3DES where key 1 = key 3) on the 24-byte
chunk described in the GlobalPlatform specification, with a beginning IV of
zero (successive IVs are the MAC of the previous step). The last 8-bytes of
the 24-byte cyphertext are the MAC.
Thanks again,
Mladen
----- Original Message -----
From: "Mladen Gavrilovic" <[EMAIL PROTECTED]>
To: "MUSCLE" <[EMAIL PROTECTED]>
Sent: Wednesday, November 24, 2004 5:05 PM
Subject: [Muscle] Setting up connection to JCOP 21 card
> Hello all,
>
> I am having some trouble getting correct output back from my JCOP 21 card
> connected to a Omnikey CardMan 2020 USB reader. If I initialize the card
> in Eclipse [1], I see that the following APDU is being sent to it:
>
> 00 A4 04 00 07 A0 00 00 00 03 00 00 00
>
> and the return is:
>
> 6F 19 84 08 A0 00 00 00 03 00 00 00 A5 0D 9F 6E 06 40 51 21 97 22 11 9F 65
> 01 FF 90 00
>
> But if I try to send the same thing via pcsclite (using SCardConnect and
> SCardTransmit), I get the following back:
>
> 61 1B
>
> I also tried adding SCardBeginTransaction and SCardEndTransaction, but it
> didn't help.
> So why is the return different? I assume that Eclipse may send the card
> some other commands in order to set up the communication context, but I
> don't know what these are. Note that this problem is not isolated to one
> APDU, I tried it with 3 different APDUs and every time I get something
> different that Eclipse.
>
> Can anyone suggest how I can communicate with the card properly?
>
> Here is a code snippet of what I'm doing:
>
> ---------------------------------------
> <snip>
>
> BYTE init1[] = { 0x00, 0xA4, 0x04, 0x00, 0x08, 0xA0, 0x00, 0x00, 0x00,
0x03,
> 0x00, 0x00, 0x00, 0x00 };
>
> <snip>
>
> printf("Connecting to card in first reader...");
> rv = SCardConnect(hContext, mszReaders, SCARD_SHARE_SHARED,
> SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &hCard, &dwActiveProtocol);
>
> if (rv != SCARD_S_SUCCESS) return error_rdisconnect(hContext, hCard);
> else {
> printf("done. Active protocol: ");
> (dwActiveProtocol == SCARD_PROTOCOL_T0)? printf("T0\n") :
printf("T1\n");
> }
>
> printf("\nSending Init1 APDU to card:\n");
> rv = send_APDU(init1, sizeof(init1), hCard);
> if (rv != SCARD_S_SUCCESS) return error_rdisconnect(hContext, hCard);
>
> <snip>
> //Send an APDU consisting of the data in sendBuffer
> LONG send_APDU(BYTE *sendBuffer, int bufferLen, SCARDHANDLE card) {
> int i;
> LONG rv;
> SCARD_IO_REQUEST pioRecvPci;
> BYTE recvBuffer[255];
> DWORD dwRecvLength;
>
> printf("Transmitted value: ");
>
> for (i = 0; i < bufferLen; i++) printf("%X ", sendBuffer[i]);
> printf("\n");
>
> printf("Returned value: ");
>
> rv = SCardTransmit(card, SCARD_PCI_T0, sendBuffer, bufferLen,
&pioRecvPci,
> recvBuffer, &dwRecvLength);
>
> if (rv != SCARD_S_SUCCESS) {
> return rv;
> }
> else {
> for (i = 0; i < dwRecvLength; i++) printf("%X ", recvBuffer[i]);
> printf("\n");
> }
>
> return rv;
> }
> ------------------------------------------------------
>
> Output:
> ------------------------------------------------------
> <snip>
> Connecting to card in first reader...done. Active protocol: T0
>
> Sending Init1 APDU to card:
> Transmitted value: 0 A4 4 0 8 A0 0 0 0 3 0 0 0 0
> Returned value: 61 1B
> <snip>
> ------------------------------------------------------
>
> [1] www.eclipse.org with JCOP plugin
>
> _______________________________________________
> Muscle mailing list
> [EMAIL PROTECTED]
> http://lists.drizzle.com/mailman/listinfo/muscle
>
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle
