This is for Mladen... (Looking your first/last name I suppose you speak croatian but I will continue in english untill you tell me so.)
I am involved in a CSP#11 project that uses OpenSC to enable smartcard support for Microsoft based applications. I have several JCOP31bio cards but only one has PKCS#15 applet at this moment and this is being blocked. I also have JCOP21 card that I would like to use but OpenSC doesn't work woth it because of the secure messaging (well, it doesn't work with JCOP31bio neither but Chaskiel Grundman has built some tools for their initialization) I saw you are involved (and familiar) with JCOP21 cards and I would like to know if there is much to do to enable my JCOP21 card in OpenSC. Best regards, Dejan Gambin Pula Croatia -----Original Message----- From: Mladen Gavrilovic [mailto:[EMAIL PROTECTED] Sent: Friday, December 03, 2004 10:28 PM To: MUSCLE Subject: Re:SOLVED [Muscle] Setting up connection to JCOP 21 card Thanks to everyone who replied, indeed the authentication details are in Appendix D of the GlobalPlatform Card Specification document, available at www.globalplatform.org. In case someobody does a search about this, here is some info for the record: The GlobalPlatform document references some ISO and ANSI standards for details of the 3DES-MAC algorithm. The standards are not free, so I had to guess which version of the algorithm was used. In this case, you can just do 2DES (3DES where key 1 = key 3) on the 24-byte chunk described in the GlobalPlatform specification, with a beginning IV of zero (successive IVs are the MAC of the previous step). The last 8-bytes of the 24-byte cyphertext are the MAC. Thanks again, Mladen ----- Original Message ----- From: "Mladen Gavrilovic" <[EMAIL PROTECTED]> To: "MUSCLE" <[EMAIL PROTECTED]> Sent: Wednesday, November 24, 2004 5:05 PM Subject: [Muscle] Setting up connection to JCOP 21 card > Hello all, > > I am having some trouble getting correct output back from my JCOP 21 > card connected to a Omnikey CardMan 2020 USB reader. If I initialize > the card in Eclipse [1], I see that the following APDU is being sent > to it: > > 00 A4 04 00 07 A0 00 00 00 03 00 00 00 > > and the return is: > > 6F 19 84 08 A0 00 00 00 03 00 00 00 A5 0D 9F 6E 06 40 51 21 97 22 11 > 9F 65 01 FF 90 00 > > But if I try to send the same thing via pcsclite (using SCardConnect > and SCardTransmit), I get the following back: > > 61 1B > > I also tried adding SCardBeginTransaction and SCardEndTransaction, but > it didn't help. So why is the return different? I assume that Eclipse > may send the card some other commands in order to set up the > communication context, but I don't know what these are. Note that > this problem is not isolated to one APDU, I tried it with 3 different > APDUs and every time I get something different that Eclipse. > > Can anyone suggest how I can communicate with the card properly? > > Here is a code snippet of what I'm doing: > > --------------------------------------- > <snip> > > BYTE init1[] = { 0x00, 0xA4, 0x04, 0x00, 0x08, 0xA0, 0x00, 0x00, 0x00, 0x03, > 0x00, 0x00, 0x00, 0x00 }; > > <snip> > > printf("Connecting to card in first reader..."); > rv = SCardConnect(hContext, mszReaders, SCARD_SHARE_SHARED, > SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &hCard, > &dwActiveProtocol); > > if (rv != SCARD_S_SUCCESS) return error_rdisconnect(hContext, hCard); > else { > printf("done. Active protocol: "); > (dwActiveProtocol == SCARD_PROTOCOL_T0)? printf("T0\n") : printf("T1\n"); > } > > printf("\nSending Init1 APDU to card:\n"); > rv = send_APDU(init1, sizeof(init1), hCard); > if (rv != SCARD_S_SUCCESS) return error_rdisconnect(hContext, hCard); > > <snip> > //Send an APDU consisting of the data in sendBuffer > LONG send_APDU(BYTE *sendBuffer, int bufferLen, SCARDHANDLE card) { > int i; > LONG rv; > SCARD_IO_REQUEST pioRecvPci; > BYTE recvBuffer[255]; > DWORD dwRecvLength; > > printf("Transmitted value: "); > > for (i = 0; i < bufferLen; i++) printf("%X ", sendBuffer[i]); > printf("\n"); > > printf("Returned value: "); > > rv = SCardTransmit(card, SCARD_PCI_T0, sendBuffer, bufferLen, &pioRecvPci, > recvBuffer, &dwRecvLength); > > if (rv != SCARD_S_SUCCESS) { > return rv; > } > else { > for (i = 0; i < dwRecvLength; i++) printf("%X ", recvBuffer[i]); > printf("\n"); > } > > return rv; > } > ------------------------------------------------------ > > Output: > ------------------------------------------------------ > <snip> > Connecting to card in first reader...done. Active protocol: T0 > > Sending Init1 APDU to card: > Transmitted value: 0 A4 4 0 8 A0 0 0 0 3 0 0 0 0 > Returned value: 61 1B > <snip> > ------------------------------------------------------ > > [1] www.eclipse.org with JCOP plugin > > _______________________________________________ > Muscle mailing list > [EMAIL PROTECTED] > http://lists.drizzle.com/mailman/listinfo/muscle > _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.drizzle.com/mailman/listinfo/muscle _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.drizzle.com/mailman/listinfo/muscle
