matheus ribeiro wrote:
> Hi Karsten
>
> Can you presnt an APDU command log? Stop
> pcscd and start pcscd in foreground (pcscd -f -d -a or something like
> this should present this information).
>
>
>
> Ill present the commands and the log. I had the card formatted and
> generated a pair of 1024 rsa keys. Then I tried to sign with the private
> key:
Look into your documentation for your smart card. I hope your
manufacturer is competent enough to provide one. The most aren't. There
should be mentioned which crypto algorithms your card supports. If RSA
with MD5 is not, this will never even work. The error 0x6F00 is thrown
by a throw exception on the card which is not caught.
If you browse the svn of your applet version, you see:
private Signature getSignature(byte key_nb, byte alg_id)
{
if (signatures[key_nb] == null)
signatures[key_nb] = Signature.getInstance(alg_id, false);
else
if (signatures[key_nb].getAlgorithm() != alg_id)
ISOException.throwIt((short)SW_OPERATION_NOT_ALLOWED);
return signatures[key_nb];
}
That means that nobody cares if a CryptoException is thrown if you
request the signature, so this functions always fails very harshly.
Karsten
>
> =====================================
> muscleTool [MuscleCard Applet] > crypt 2
>
> Would you like to:
> 0. Abort this selection.
> 1. Sign
> 2. Decrypt
>
> Choose (0-2): 1
>
> Please enter text to sign in hexadecimal ASCII (at most 1023 characters)
> Example: 30313233 for 0123
>
> 'a' aborts this query.
> Enter text : 3031
>
> Select the algorithm:
> 0. Abort this selection.
> 1. RSA with MD5 hash and PKCS#1 padding
>
> Choose (0-1): 1
> ERR: Crypt Failed ! (0x6F00 Unknown SW: 6F00)
> ==========================================
> APDU log:
> APDU: B0 36 02 01 05 01 03 01 00 00
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 90 00
> APDU: B0 36 02 03 05 01 00 02 30 31
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 6F 00
> ==========================================
>
> Then I created the object bla and tried signing again:
> ==========================================
> muscleTool [MuscleCard Applet] > create bla 1024
> doCreate(bla, 1024)
>
> Enter the ACL for reading the object
> Example: 0xFFFF for all users
> 'a' aborts this query.
> Enter ACL mask : 0x0
>
> Enter the ACL for writing the object
> Example: 0x0002 for user PIN #1
> 'a' aborts this query.
> Enter ACL mask : 0
>
> Enter the ACL for deleting the object
> Example: 0x0002 for user PIN #1
> 'a' aborts this query.
> Enter ACL mask : 0
> CreateObject Successful
> muscleTool [MuscleCard Applet] > crypt 2
>
> Would you like to:
> 0. Abort this selection.
> 1. Sign
> 2. Decrypt
>
> Choose (0-2): 1
>
> Please enter text to sign in hexadecimal ASCII (at most 1023 characters)
> Example: 30313233 for 0123
>
> 'a' aborts this query.
> Enter text : 3031
>
> Select the algorithm:
> 0. Abort this selection.
> 1. RSA with MD5 hash and PKCS#1 padding
>
> Choose (0-1): 1
> Result : 127A
> Crypt Successful.
> =======================================
> APDU log:
> APDU: B0 5A 00 00 0E 62 6C 61 00 00 00 04 00 00 00 00 00 00 00
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 90 00
> APDU: B0 3A 00 00 0B
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 00 03 FF 04 00 00 00 00 00 00 00 90 00
> APDU: B0 3A 01 00 0B
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 01 01 FF 04 00 00 00 00 00 00 00 90 00
> APDU: B0 3A 01 00 0B
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 02 03 FF 04 00 00 00 00 00 00 00 90 00
> APDU: B0 36 02 01 05 01 03 01 00 00
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 90 00
> APDU: B0 36 02 03 05 01 00 02 30 31
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 61 04
> APDU: 00 C0 00 00 04
> ifdhandler.c:831:IFDHTransmitToICC() lun: 0
> SW: 00 02 12 7A 90 00
> ==========================================
>
> Thanks a lot
> Matheus
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Muscle mailing list
> [email protected]
> http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
