Hi Amanda, Great! I will check that log, and back soon with analysis.
Regarding the Get Challenge: a part of the response was in my comment regarding the ACL. The 8 bits of the internal security state are described as "strong authentication" as opposed to the 8 lower bits that store PIN verification results.
A "strong authentication" is symmetric key based and consists in a Get Challenge, External Authenticate sequence (the terminal shall requests a challenge and send it ciphered with a symm. key in the data field of a subsequent External Auth. command).
But the 0.9.8 applet does not support such "strong authentication" ! meaning that both Get Challenge & External Auth commands return "instruction not supported" '6D00'.
OOH, Get Challenge is not supposed to participate to any data encryption / decryption scheme. So you should not be worried about that (unsupported) command.
Cheers, Sylvain. Amanda Ortega a écrit :
The sequence of APDUS obtained through pcscd -fda to the same sequence of encrypt/decrypt is:
_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
