Hi,
after trying challenge/response with muscle card for a while and
continuously failing, I decided to take a look at CardEdge.java(.src) to
find out what I did wrong. However, it seemed to me that during the call
to ExtAuth there was garbage in my challenge object.
Is it possible that the challenge object is, contrary to the comments in
the code, prematurely destroyed? If so, the lines 2440 ff should be
changed from
if (data_loc == DL_APDU) {
sendData(apdu, mem.getBuffer(), base, (short) (size + 2));
/* Don't destroy out object ! Generated data is needed in ExtAuth ! */
/* Not if running without external authentication */
om.destroyObject(OUT_OBJECT_CLA, OUT_OBJECT_ID, true);
}
to
if (data_loc == DL_APDU) {
sendData(apdu, mem.getBuffer(), base, (short) (size + 2));
/* Don't destroy out object ! Generated data is needed in ExtAuth ! */
#ifndef WITH_EXT_AUTH
/* Not if running without external authentication */
om.destroyObject(OUT_OBJECT_CLA, OUT_OBJECT_ID, true);
#endif
}
(Sorry I cannot generate a diff file at the moment, but I have no access
to the SVN from where I am due to firewall policies.)
Regards,
Frank Peters
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
