Just to add some investigation to my previous email:
By browsing The Gem Xpresso Pro software tree installed on my windows PC, I
was able to find that the key version is 13 (decimal) [file
GXP211_PK_IS.properties]. thus I added
"-keyver 13" to the open_sc command with no more success.
then I looked at the APDUs sent during the authentication done by the Gem
Xpresso Pro softwawre on my windows 2000:
1st it does a 00A4040007A000000018434D which is a "select -AID a000000018434d"
then it does a 80500D010800000000000000001C which it calls "CMD: Initialize
Update"
then it does a 8482000010################################ which it calls "CMD:
External Authenticate" and where # depends on the answer of the previous
command.
I hope that the failed attemp counter is realy reset when I authenticate the
card on Windows....
Olivier.
Le Tuesday 23 May 2006 12:20, Olivier LAHAYE a écrit :
> I'm trying to help Nesrine as she works on same site as me.
>
> I have few smartcard knowledge but I'm understanding more and more though
> :-)
>
> Right now, here is our situation:
> We used muscletool to register the ATR of our Gem Xpresso 211PK-IS
> smartcard. (BTW, is it normal that even if the ATR is already in the
> Info.plist file, it is inserted one more time (leading to multiple
> identical lines containing the ATR).
>
> Then we are trying to connect to the card using a secure channel. Thus I
> created a gpshell script to try to open a secure channel and test the
> authentication.
> After digging on the net, I found that the keys are:
> Static keys: PK-IS
> Kenc = CA CA CA CA CA CA CA CA 2D 2D 2D 2D 2D 2D 2D 2D
> Kmac = 2D 2D 2D 2D 2D 2D 2D 2D CA CA CA CA CA CA CA CA
> Kkek = CA 2D CA 2D CA 2D CA 2D CA 2D CA 2D CA 2D CA 2D
>
> Thus I tried the following gpshell script with no success:(note that I
> reset the unsuccessfull failed attempt counter to open the secure channel
> by using the windows Gem Xpresso Pro software on windows 2000 and
> authenticate the card)
> Note: the open_sc line is on 1 single line
> -----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----
> gemXpressoPro
> enable_trace
>
> establish_context
> card_connect
> select -AID a000000018434d # example of AID to test AID selection works
> open_sc -security 0 -enc_key cacacacacacacaca2d2d2d2d2d2d2d2d -mac_key
> 2d2d2d2d2d2d2d2dcacacacacacacaca -kek_key ca2dca2dca2dca2dca2dca2dca2dca2d
> // Open secure channel
> get_status -element e0
> close_sc // Close secure channel
> card_disconnect
> release_context
> -----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----
> The gpshell version is 1.3.1
> What means -keyind 0 -keyver 0 ?
>
> In the end, the aim is to load the CardEdge Applet applet on en empty card.
> As we are unable to use muscle framework with the applet we installed using
> Gem Xpresso Pro software on windows.
>
> Many thanks in advance for all your help and patience :-)
--
Olivier LAHAYE
Motorola Labs IT Manager
Computer & Information Systems
European Communications Research
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
