Answering my own mail:
On Thu, Dec 03, 2009 at 02:06:15PM +0100, Ralf Schlatterbeck wrote:
> Just got my Gemalto TOP IM FIPS CY2 (Cyberflex Access 64k v2)
>
> But downloading the MCardApplet -- both my homegrown one and one
> downloaded from
> http://www.opensc-project.org/opensc/attachment/wiki/Cyberflex/CardEdgeII.ijc
> leads the following error after issuing the install_for_install command:
[...]
I've done a little investigation into the magic numbers used by
gpshell. Looks like I can find out the argument to the first select command:
select -AID a000000003000000
by doing:
enable_trace
establish_context
card_connect
open_sc -security 1 -keyind 0 -keyver 0 -mac_key
404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f
get_status -element 80
this gives me the following output (in addition to some debug output):
List of applets (AID state privileges)
a000000003000000 7 0
The other two AIDs seem to be dependent on the applet used (the applet codes
the applet ID internally). I came to this conclusion by changing the IDs
in the hello world downloader and seeing it fail.
Then I looked into the download script for the hello world applet.
When unpacking the HelloWorld.cap.transf or HelloWorld.cap file with unzip
I'm getting several .cap files. The Applet.cap contains the following
(in hex):
000000 03 00 0e 01 0a a0 00 00 00 62 03 01 0c 01 01 00
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
000010 14
000011
Now compare this with the Applet IDs used for downloading, citing
from helloInstallCyberflexAccess64k.txt from the gpshell distribution:
install_for_install -instParam 00 -priv 02 -AID a00000006203010c0101 -pkgAID
a00000006203010c01 -instAID a00000006203010c0101 -nvDataLimit 500
^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^
with that info I was able to find out the correct downloading script for
my homegrown applet, note the commented-out commands which use the wrong
applet ID (see below). My applet seems to use the AID a00000000101
Now my question:
- Is there some documentation on these magic numbers?
- Seems in all docs the MCardApplet uses the other ID I tried first
so something in my build-process probably doesn't correctly set
the applet ID. How should I change that?
# gpshell script for loading applet into card:
enable_trace
establish_context
card_connect
select -AID a000000003000000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key
404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f
delete -AID a00000000101
delete -AID a000000001
delete -AID a0000003230101
delete -AID a00000032301
#install_for_load -pkgAID a00000032301 -nvCodeLimit 16000 -sdAID
a000000003000000
install_for_load -pkgAID a000000001 -nvCodeLimit 16000 -sdAID a000000003000000
load -file CardEdgeCflex.ijc
#install_for_install -instParam 00 -priv 02 -AID a0000003230101 -pkgAID
a00000032301 -instAID a0000003230101 -nvDataLimit 16000
install_for_install -instParam 00 -priv 02 -AID a00000000101 -pkgAID a000000001
-instAID a00000000101 -nvDataLimit 32000
get_status -element 20
card_disconnect
release_context
Thanks, Ralf
--
Dr. Ralf Schlatterbeck Tel: +43/2243/26465-16
Open Source Consulting Fax: +43/2243/26465-23
Reichergasse 131 www: http://www.runtux.com
A-3411 Weidling email: [email protected]
osAlliance member email: [email protected]
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
