PKCS11 card_data fields return wrong values

GertClaeskens / eid-mw

Automatically exported from code.google.com/p/eid-mw

GNU Lesser General Public License v3.0

0 stars 0 forks source link

PKCS11 card_data fields return wrong values #88

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

What steps will reproduce the problem?

1. read all CARD_DATA objects through PKCS11

What is the expected output? 

The correct data for the following fields:
  "carddata_glob_os_version"
  "carddata_appl_int_version"
  "carddata_pkcs1_support"
  "carddata_appl_lifecycle"
  "carddata_key_exchange_version"

What do you see instead?

Incorrect values for some fields, both for existing cards and for the protype 
applet V1.7 cards.

NOTE: this is due to inconsistencies in the Gemalto/Zetes specification.

What version of the product are you using? On what operating system?

Middleware 4.0 latest build (Unofficial Windows 4.0.0.7142 QI)
Windows 7 Enterprise 64 bit

Please provide any additional information below.

The description of the "Get Card Data" response APDU is incorrect in the 
Gemalto/Zetes specifications.
There are also some changes for applet V1.7 (also not correctly documented).

Original issue reported on code.google.com by Danny.He...@gmail.com on 24 Jan 2012 at 3:04

GoogleCodeExporter commented 9 years ago

These are the values from my own eid (in decimal except for the serial number):

SerialNr=534C494E33660013930D207288012D3B
CompCode=208
OSNr=0
OSVersion=72
SoftMaskVersion=1
SoftMaskNumber=1
ApplVersion=17
GlobOSVersion=512
ApplIntVersion=0
PKCS1Support=1
ApplLifeCycle=1
KeyExchangeVersion=15

And these are from the applet V1.7 card:

SerialNr=534C425092490006A076206540821188
CompCode=200
OSNr=19
OSVersion=1
SoftMaskVersion=1
SoftMaskNumber=6
ApplVersion=1
GlobOSVersion=775
ApplIntVersion=1
PKCS1Support=2
ApplLifeCycle=1
KeyExchangeVersion=15

Original comment by Danny.He...@gmail.com on 24 Jan 2012 at 3:50

GoogleCodeExporter commented 9 years ago

Hey Danny, 

Thanks for the detailed report.

About the current cards:
-) We do indeed need to switch 'Key exchange version' and 'Application Life 
cycle' as byte 26 and 27
-) GlobOSVersion seems to be a byte order issue (0x0200) while it should be 
(0x0002)
it looks ok in the C sdk, I'll have a look if the CS wrapper isn't responsible 
here

Original comment by frederik...@gmail.com on 25 Jan 2012 at 2:46

Changed state: Accepted

GoogleCodeExporter commented 9 years ago

Frederik,

GlobOSVersion is my own error: I used BitConverter to convert the 2 byte value 
returned by FindObjects() to a short but they are of course big endian. Sorry 
about that...

Danny

Original comment by Danny.He...@gmail.com on 26 Jan 2012 at 7:41

GoogleCodeExporter commented 9 years ago

Original comment by frederik...@gmail.com on 18 Apr 2012 at 1:18

GoogleCodeExporter commented 9 years ago

Fixed in revision 1532
We return different carddata objects now, depending on the applet version

Original comment by frederik...@gmail.com on 10 Jul 2014 at 2:35

Changed state: Fixed