Re: [Muscle] muscleTool 2.1.0 & gpshell problem

[kammi cazze]

From: Karsten Ohme <[EMAIL PROTECTED]>
Reply-To: MUSCLE  <muscle@lists.musclecard.com>
To: MUSCLE <muscle@lists.musclecard.com>
Subject: Re: [Muscle] muscleTool 2.1.0 & gpshell problem
Date: Thu, 09 Feb 2006 01:52:09 +0100
kammi cazze wrote:
> Hi Karsten,
>
>> From: Karsten Ohme <[EMAIL PROTECTED]>
>> Reply-To: MUSCLE  <muscle@lists.musclecard.com>
>> To: MUSCLE <muscle@lists.musclecard.com>
>> Subject: Re: [Muscle] muscleTool 2.1.0 & gpshell problem
>> Date: Tue, 07 Feb 2006 21:53:17 +0100
>>
>> kammi cazze wrote:
>> > Hi,
>> >
>> > after some long vacation, i started to work on the smartcard stuff
>> > again, but still have some problems with the tools :(
>> >
>> > I compile muscletool-2.1.0 succesfully, but if i run the program and
>> ask
>> > for tokens, the processor raise to 99% and stays there.
>> > I tried the same with muscleTool-0.9.2, but didn't had that problem.
>>
>> This problem is fixed with the new release of pcsclite (and the
>> contained libmusclecard). If you compile it with gcc3.3 it works. It
>> seems GCC 4.0 does some stuff different then GCC 3.3.
>
>
> I did compile with 3.4.4 so no 4.0 stuff. By the new release, do you
> mean beta10 ?

Yes the beta10 release. That the problem was something to do with the
GCC 4.0 compiler is only a assumption. It was working before, so
something must have changed maybe GCC 3.4.4 also has this new "feature",
before I used GCC 3.3.

I installed beta10 and recompiled muscletool against it, but it still gives 
me the same problem. Can i do something more to give more information to 
trace the bug? I am no coder so if i should debug something please explain 
me clearly what to do ;)


>
>>
>> >
>> > Another thing is with my GemXpresso Pro R3 cards. From the docs, the
>> > card supports both gp211 and op2.0.1'.
>>
>> GemPlus use a key derivation scheme for getting the keys for mutual
>> authentication. Don't repeat the script to often or you card will be
>> locked!!!! You first must have the mother key and derive from their the
>> keys ...
>>
>> This does not comply with the GlobalPlatform specification.
>>
>> Matheus Ribeiro fixed this problem. See the added diff, which you must
>> apply and compile the result with the switch GEMPLUS enabled ... This 
is
>> not contained in the SVN. You must do it on you own.
>>
>> Karsten
>
>
> Will the Gemplus derivation scheme patch be applied to gpshell in the
> future? Maybe with a config flag?

Yes.

> Another question, where can i get the master key? Does Gemplus have to
> give it or is there a generic one available?

Don't know. Maybe there is a master key for a each new card. Usually
such a key is stored on a HSM (Hardware storage module) and the master
key stays there. You only talk to this HSM give an identifier, the key
diversification data, and get back the keys for your card. I do not have
such a card. And I don't know how I can get such a card. Some
manufacturers don't sell cards. I have not found a possibility to order it.

>
> I think both my cards are blocked now, but how can i be sure? If i try
> to do a get_status to get the life-cycle, i get a 6985 response, command
> not allowed.

This is shit. You only have (had) 10 tries. You must execute a
successful authentication in between. GemXpresso has the GemXpresso RAD
III Kit for managing the card content. I have not found how to buy it.
Usually something like this is very well-priced. Maybe the JCOP Tools
from IBM for Eclipse can do it. But I hope it will be working with
GPShell in a while.

To get the life cycle you must have executed a successful authentication.

>
> I can do a get_data to get the CPLC data.

This command does not need a secure channel (which is created with
mutual authentication.)

Karsten
>
> Regards,
>
> Pierre
>
>> >
>> > I tried this script with gpshell 1.2, both with mode_211 and mode_201
>> >
>> > mode_201 (mode_211)
>> > enable_trace
>> > establish_context
>> > card_connect
>> > select -AID a000000018434d
>> > card_disconnect
>> > release_context
>> >
>> > and got this back for both modes:
>> >
>> > mode_201 (mode_211)
>> > enable_trace
>> > establish_context
>> > card_connect
>> > select -AID a000000018434d
>> > --> 00A4040007A000000018434D
>> > <-- 6F188407A000000018434DA50D9F6E061291035633309F6501FF9000
>> > card_disconnect
>> > release_context
>> >
>> > If i now want to use the next script, i get different responce back
>> from
>> > both modes, all failing :(
>> >
>> > mode_201
>> > enable_trace
>> > establish_context
>> > card_connect
>> > select -AID a000000018434d
>> > open_sc -security 1 -keyind 0 -keyver 0 -mac_key
>> > 404142434445464748494a4b4c4d4e4f -enc_key
>> > 404142434445464748494a4b4c4d4e4f // Open secure channel
>> > get_status -element e0
>> > card_disconnect
>> > release_context
>> >
>> > i get this back:
>> >
>> > mode_201
>> > enable_trace
>> > establish_context
>> > card_connect
>> > select -AID a000000018434d
>> > --> 00A4040007A000000018434D
>> > <-- 6F188407A000000018434DA50D9F6E061291035633309F6501FF9000
>> > open_sc -security 1 -keyind 0 -keyver 0 -mac_key
>> > 404142434445464748494a4b4c4d4e4f -enc_key
>> > 404142434445464748494a4b4c4d4e4f // Open secure channel
>> > --> 8050000008425A1BDDA8BC472300
>> > <-- 434D10159416191223C10D01C671894151329DA516BDD69A278053809000
>> > mutual_authentication() returns 0x80302000 (The verification of the
>> card
>> > cryptogram failed.)
>> >
>> > and for the 211 script:
>> >
>> > mode_211
>> > enable_trace
>> > establish_context
>> > card_connect
>> > select -AID a000000018434d
>> > open_sc -security 1 -keyind 0 -keyver 0 -mac_key
>> > 404142434445464748494a4b4c4d4e4f -enc_key
>> > 404142434445464748494a4b4c4d4e4f // Open secure channel
>> > get_status -element 20
>> > card_disconnect
>> > release_context
>> >
>> > i got this back:
>> >
>> > mode_211
>> > enable_trace
>> > establish_context
>> > card_connect
>> > select -AID a000000018434d
>> > --> 00A4040007A000000018434D
>> > <-- 6F188407A000000018434DA50D9F6E061291035633309F6501FF9000
>> > open_sc -security 1 -keyind 0 -keyver 0 -mac_key
>> > 404142434445464748494a4b4c4d4e4f -enc_key
>> > 404142434445464748494a4b4c4d4e4f // Open secure channel
>> > --> 00CA006600
>> > <-- 6E00
>> > --> 8050000008FCF70277F3E05F1C00
>> > <-- 434D10159416191223C10D01861F156B46ED8FF3BC529AD43D11B5709000
>> > mutual_authentication() returns 0x8030F006 (The Secure Channel 
Protocol
>> > Implementation is invalid.)
>> >
>> > I tried this all with different cards, but they all gave me the same
>> > result. Does this mean my cards are blocked? How can i see it if they
>> > are blocked? Which of the 2 modes is better to use if it support
>> both (i
>> > think so but am not sure getting the above result with gp211)?
>> >
>> > Any ID?
>> >
>> > Regards,
>> >
>> > Pierre
>> >
>> >
>> > _______________________________________________
>> > Muscle mailing list
>> > Muscle@lists.musclecard.com
>> > http://lists.drizzle.com/mailman/listinfo/muscle
>>
>
>
>> 2412,2413d2411
>> <     /* Switch on, if R-MAC is only applied to last command of
>> session. */
>> <     secInfo->securityLevel |= GP211_SCP02_SECURITY_LEVEL_R_MAC;
>> 4882a4881,4905
>> > #ifdef GEMPLUS
>> > /**
>> >   * Generate a daughter key based on the mother key, as Gemplus spec.
>> >   */
>> > static LONG create_daughter_key(BYTE motherKey[16], BYTE
>> derivationData[16], BYTE daughterKey[16]){
>> >     LONG result;
>> >     unsigned char derivation_data[16];
>> >     int outl;
>> >     BYTE  left_diversifier[8];
>> >     BYTE  right_diversifier[8];
>> >     BYTE diversifier[16];
>> >
>> >     LOG_START(_T("create_daughter_key"));
>> >
>> >     result = calculate_enc_ecb_two_key_triple_des(motherKey,
>> derivationData, 16, daughterKey, &outl);
>> >     if (result != OPGP_ERROR_SUCCESS) {
>> >         goto end;
>> >     }
>> >     { result = OPGP_ERROR_SUCCESS; goto end; }
>> > end:
>> >     LOG_END(_T("create_daughter_key"), result);
>> >     return result;
>> > }
>> > #endif
>> >
>> 4897c4920,4924
>> <
>> ---
>> >     // matheus: teste
>> >     BYTE  left_diversifier[8];
>> >     BYTE  right_diversifier[8];
>> >     BYTE diversifier[16];
>> >
>> 4898a4926,4934
>> > #if 1
>> >     // matheus: create diversifier
>> >     memcpy(left_diversifier, cardChallenge+4, 4);
>> >     memcpy(left_diversifier+4, hostChallenge, 4);
>> >     memcpy(right_diversifier, cardChallenge, 4);
>> >     memcpy(right_diversifier+4, hostChallenge+4, 4);
>> >     memcpy(diversifier, left_diversifier, 8);
>> >     memcpy(diversifier+8, right_diversifier, 8);
>> > #else
>> 4902a4939
>> > #endif
>> 4904c4941
>> <     result = calculate_enc_ecb_two_key_triple_des(key,
>> derivation_data, 16, sessionKey, &outl);
>> ---
>> >     result = calculate_enc_ecb_two_key_triple_des(key,
>> diversifier/*derivation_data*/, 16, sessionKey, &outl);
>> 4913a4951
>> >
>> 4945a4984,5003
>> > /*
>> > static LONG calculate_3des_sessionkey(BYTE diversifier[8], BYTE
>> staticKey[16], BYTE outKey[16]){
>> >     LONG result;
>> >     int i,outl;
>> >     EVP_CIPHER_CTX ctx;
>> >
>> >     // initialize context
>> >     EVP_CIPHER_CTX_init(&ctx);
>> >     if (result != 1) {
>> >         { result = OPGP_OPENSSL_ERROR; goto end; }
>> >     }
>> >
>> > end:
>> >     if (EVP_CIPHER_CTX_cleanup(&ctx) != 1) {
>> >         { result = OPGP_OPENSSL_ERROR; goto end; }
>> >     }
>> >     LOG_END(_T("calculate_enc_ecb_two_key_triple_des"), result);
>> >     return result;
>> >
>> > }*/
>> 5431c5489
>> <     // random for host challenge
>> ---
>> >
>> 5496a5555,5556
>> >
>> >
>> 5596a5657,5678
>> > #ifdef GEMPLUS
>> >             // daughter key
>> >             BYTE daughterKey[16];
>> >             // this comes from card diversification
>> >             BYTE derivationData[16];
>> >
>> >             // derivation left
>> >             memcpy(derivationData, key_diversification_data, 2);
>> >             memcpy(derivationData+2, key_diversification_data+4, 4);
>> >             derivationData[6] = 0xF0;
>> >             derivationData[7] = 0x01;
>> >             // derivation right
>> >             memcpy(derivationData+8, key_diversification_data, 2);
>> >             memcpy(derivationData+10, key_diversification_data+4, 4);
>> >             derivationData[14] = 0x0F;
>> >             derivationData[15] = 0x01;
>> >
>> >             // generate daughter key
>> >             result = create_daughter_key(S_ENC, derivationData,
>> daughterKey);
>> >             // and session key
>> >             result = create_session_key_SCP01(daughterKey,
>> cardChallengeSCP01, hostChallenge, secInfo->encryptionSessionKey);
>> > #else
>> 5597a5680,5681
>> > #endif
>> >
>> 5602a5687,5699
>> > #ifdef GEMPLUS
>> >             // left derivation for MAC
>> >             derivationData[6] = 0xF0;
>> >             derivationData[7] = 0x02;
>> >             // right derivation for MAC
>> >             derivationData[14] = 0x0F;
>> >             derivationData[15] = 0x02;
>> >
>> >             // daughter key
>> >             result = create_daughter_key(S_MAC, derivationData,
>> daughterKey);
>> >             // and session key
>> >             result = create_session_key_SCP01(daughterKey,
>> cardChallengeSCP01, hostChallenge, secInfo->C_MACSessionKey);
>> > #else
>> 5603a5701
>> > #endif
>
>
>
>> _______________________________________________
>> Muscle mailing list
>> Muscle@lists.musclecard.com
>> http://lists.drizzle.com/mailman/listinfo/muscle
>
>
>
> _______________________________________________
> Muscle mailing list
> Muscle@lists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle

_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle


_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle