search

frankmorgner / vsmartcard

umbrella project for emulation of smart card readers or smart cards
http://frankmorgner.github.io/vsmartcard/
702 stars 202 forks source link

How can i test vicc pin feature with nPa type on pace, #172

Closed xaqfan closed 4 years ago

xaqfan commented 4 years ago

I have build env on ubuntu 18.04 (64 bit). And i have install some npa-tool in opensc . run "npa-tool --pin=111111",and I have print some logs , but there is no apdu (FF 9A) .

I have run shell -- git submodule update --init --recursive.

frankmorgner commented 4 years ago

would you mind printing the exact error code? with -vvv you can make it more verbose

xaqfan commented 4 years ago 
alex@Alex:~/SoftPKI/vsmartcard/virtualsmartcard$ npa-tool --pin=111111 -vvvvv
P:3044; T:0x140079225365888 17:46:26.467 [npa-tool] sc.c:325:sc_detect_card_presence: called
P:3044; T:0x140079225365888 17:46:26.467 [npa-tool] reader-pcsc.c:472:pcsc_detect_card_presence: called
P:3044; T:0x140079225365888 17:46:26.467 [npa-tool] reader-pcsc.c:360:refresh_attributes: Virtual PCD 00 00 check
P:3044; T:0x140079225365888 17:46:26.467 [npa-tool] reader-pcsc.c:385:refresh_attributes: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.468 [npa-tool] reader-pcsc.c:477:pcsc_detect_card_presence: returning with: 1
P:3044; T:0x140079225365888 17:46:26.468 [npa-tool] sc.c:330:sc_detect_card_presence: returning with: 1
Using reader with a card: Virtual PCD 00 00
P:3044; T:0x140079225365888 17:46:26.468 [npa-tool] sc.c:325:sc_detect_card_presence: called
P:3044; T:0x140079225365888 17:46:26.468 [npa-tool] reader-pcsc.c:472:pcsc_detect_card_presence: called
P:3044; T:0x140079225365888 17:46:26.468 [npa-tool] reader-pcsc.c:360:refresh_attributes: Virtual PCD 00 00 check
P:3044; T:0x140079225365888 17:46:26.468 [npa-tool] reader-pcsc.c:385:refresh_attributes: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.469 [npa-tool] reader-pcsc.c:477:pcsc_detect_card_presence: returning with: 1
P:3044; T:0x140079225365888 17:46:26.469 [npa-tool] sc.c:330:sc_detect_card_presence: returning with: 1
Connecting to card in reader Virtual PCD 00 00...
P:3044; T:0x140079225365888 17:46:26.469 [npa-tool] card.c:254:sc_connect_card: called
P:3044; T:0x140079225365888 17:46:26.469 [npa-tool] reader-pcsc.c:605:pcsc_connect: called
P:3044; T:0x140079225365888 17:46:26.469 [npa-tool] reader-pcsc.c:360:refresh_attributes: Virtual PCD 00 00 check
P:3044; T:0x140079225365888 17:46:26.469 [npa-tool] reader-pcsc.c:385:refresh_attributes: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.470 [npa-tool] reader-pcsc.c:637:pcsc_connect: Initial protocol: T=1
P:3044; T:0x140079225365888 17:46:26.470 [npa-tool] card-default.c:47:default_init: called
P:3044; T:0x140079225365888 17:46:26.470 [npa-tool] card-default.c:52:default_init: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.470 [npa-tool] card.c:385:sc_connect_card: card info name:'Unsupported card', type:-1, flags:0x0, max_send/recv_size:255/256
P:3044; T:0x140079225365888 17:46:26.470 [npa-tool] card.c:1562:sc_card_sm_check: called
P:3044; T:0x140079225365888 17:46:26.471 [npa-tool] card.c:1567:sc_card_sm_check: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.471 [npa-tool] card.c:397:sc_connect_card: returning with: 0 (Success)
Using card driver Default driver for unknown cards.
P:3044; T:0x140079225365888 17:46:26.471 [npa-tool] apdu.c:546:sc_transmit_apdu: called
P:3044; T:0x140079225365888 17:46:26.471 [npa-tool] card.c:473:sc_lock: called
P:3044; T:0x140079225365888 17:46:26.471 [npa-tool] reader-pcsc.c:684:pcsc_lock: called
P:3044; T:0x140079225365888 17:46:26.472 [npa-tool] card.c:513:sc_lock: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.472 [npa-tool] apdu.c:513:sc_transmit: called
P:3044; T:0x140079225365888 17:46:26.472 [npa-tool] apdu.c:363:sc_single_transmit: called
P:3044; T:0x140079225365888 17:46:26.472 [npa-tool] apdu.c:370:sc_single_transmit: CLA:0, INS:B0, P1:9C, P2:0, data(0) (nil)
P:3044; T:0x140079225365888 17:46:26.472 [npa-tool] reader-pcsc.c:323:pcsc_transmit: reader 'Virtual PCD 00 00'
P:3044; T:0x140079225365888 17:46:26.472 [npa-tool] reader-pcsc.c:324:pcsc_transmit: 
Outgoing APDU (5 bytes):
00 B0 9C 00 DF .....
P:3044; T:0x140079225365888 17:46:26.472 [npa-tool] reader-pcsc.c:242:pcsc_internal_transmit: called
P:3044; T:0x140079225365888 17:46:26.520 [npa-tool] reader-pcsc.c:333:pcsc_transmit: 
Incoming APDU (184 bytes):
31 81 B3 30 0D 06 08 04 00 7F 00 07 02 02 02 02 1..0............
01 02 30 12 06 0A 04 00 7F 00 07 02 02 03 02 02 ..0.............
02 01 02 02 01 41 30 12 06 0A 04 00 7F 00 07 02 .....A0.........
02 03 02 02 02 01 02 02 01 45 30 12 06 0A 04 00 .........E0.....
7F 00 07 02 02 04 02 02 02 01 02 02 01 0D 30 1C ..............0.
06 09 04 00 7F 00 07 02 02 03 02 30 0C 06 07 04 ...........0....
00 7F 00 07 01 02 02 01 0D 02 01 41 30 1C 06 09 ...........A0...
04 00 7F 00 07 02 02 03 02 30 0C 06 07 04 00 7F .........0......
00 07 01 02 02 01 0D 02 01 45 30 2A 06 08 04 00 .........E0*....
7F 00 07 02 02 06 16 1E 68 74 74 70 3A 2F 2F 62 ........http://b
73 69 2E 62 75 6E 64 2E 64 65 2F 63 69 66 2F 6E si.bund.de/cif/n
70 61 2E 78 6D 6C 62 82                         pa.xmlb.
P:3044; T:0x140079225365888 17:46:26.520 [npa-tool] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.520 [npa-tool] apdu.c:535:sc_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.520 [npa-tool] card.c:523:sc_unlock: called
P:3044; T:0x140079225365888 17:46:26.520 [npa-tool] reader-pcsc.c:736:pcsc_unlock: called
P:3044; T:0x140079225365888 17:46:26.522 [npa-tool] iso7816.c:128:iso7816_check_sw: End of file/record reached before reading Le bytes
P:3044; T:0x140079225365888 17:46:26.522 [npa-tool] sm-eac.c:1137:perform_pace: 
EF.CardAccess (182 bytes):
31 81 B3 30 0D 06 08 04 00 7F 00 07 02 02 02 02 1..0............
01 02 30 12 06 0A 04 00 7F 00 07 02 02 03 02 02 ..0.............
02 01 02 02 01 41 30 12 06 0A 04 00 7F 00 07 02 .....A0.........
02 03 02 02 02 01 02 02 01 45 30 12 06 0A 04 00 .........E0.....
7F 00 07 02 02 04 02 02 02 01 02 02 01 0D 30 1C ..............0.
06 09 04 00 7F 00 07 02 02 03 02 30 0C 06 07 04 ...........0....
00 7F 00 07 01 02 02 01 0D 02 01 41 30 1C 06 09 ...........A0...
04 00 7F 00 07 02 02 03 02 30 0C 06 07 04 00 7F .........0......
00 07 01 02 02 01 0D 02 01 45 30 2A 06 08 04 00 .........E0*....
7F 00 07 02 02 06 16 1E 68 74 74 70 3A 2F 2F 62 ........http://b
73 69 2E 62 75 6E 64 2E 64 65 2F 63 69 66 2F 6E si.bund.de/cif/n
70 61 2E 78 6D 6C                               pa.xml
P:3044; T:0x140079225365888 17:46:26.523 [npa-tool] sm-eac.c:483:format_mse_cdata: 
MSE command data (15 bytes):
80 0A 04 00 7F 00 07 02 02 04 02 02 83 01 03 ...............
P:3044; T:0x140079225365888 17:46:26.523 [npa-tool] apdu.c:546:sc_transmit_apdu: called
P:3044; T:0x140079225365888 17:46:26.523 [npa-tool] card.c:473:sc_lock: called
P:3044; T:0x140079225365888 17:46:26.523 [npa-tool] reader-pcsc.c:684:pcsc_lock: called
P:3044; T:0x140079225365888 17:46:26.524 [npa-tool] card.c:513:sc_lock: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.524 [npa-tool] apdu.c:513:sc_transmit: called
P:3044; T:0x140079225365888 17:46:26.524 [npa-tool] apdu.c:363:sc_single_transmit: called
P:3044; T:0x140079225365888 17:46:26.524 [npa-tool] apdu.c:370:sc_single_transmit: CLA:0, INS:22, P1:C1, P2:A4, data(15) 0x556836a822e0
P:3044; T:0x140079225365888 17:46:26.524 [npa-tool] reader-pcsc.c:323:pcsc_transmit: reader 'Virtual PCD 00 00'
P:3044; T:0x140079225365888 17:46:26.524 [npa-tool] reader-pcsc.c:324:pcsc_transmit: 
Outgoing APDU (20 bytes):
00 22 C1 A4 0F 80 0A 04 00 7F 00 07 02 02 04 02 ."..............
02 83 01 03                                     ....
P:3044; T:0x140079225365888 17:46:26.524 [npa-tool] reader-pcsc.c:242:pcsc_internal_transmit: called
P:3044; T:0x140079225365888 17:46:26.607 [npa-tool] reader-pcsc.c:333:pcsc_transmit: 
Incoming APDU (2 bytes):
90 00 ..
P:3044; T:0x140079225365888 17:46:26.607 [npa-tool] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.607 [npa-tool] apdu.c:535:sc_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.607 [npa-tool] card.c:523:sc_unlock: called
P:3044; T:0x140079225365888 17:46:26.607 [npa-tool] reader-pcsc.c:736:pcsc_unlock: called
P:3044; T:0x140079225365888 17:46:26.616 [npa-tool] sm-eac.c:633:eac_gen_auth_1_encrypted_nonce: 
General authenticate (Encrypted Nonce) command data (2 bytes):
7C 00 |.
P:3044; T:0x140079225365888 17:46:26.617 [npa-tool] apdu.c:546:sc_transmit_apdu: called
P:3044; T:0x140079225365888 17:46:26.617 [npa-tool] card.c:473:sc_lock: called
P:3044; T:0x140079225365888 17:46:26.617 [npa-tool] reader-pcsc.c:684:pcsc_lock: called
P:3044; T:0x140079225365888 17:46:26.617 [npa-tool] card.c:513:sc_lock: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.617 [npa-tool] apdu.c:513:sc_transmit: called
P:3044; T:0x140079225365888 17:46:26.617 [npa-tool] apdu.c:363:sc_single_transmit: called
P:3044; T:0x140079225365888 17:46:26.617 [npa-tool] apdu.c:370:sc_single_transmit: CLA:10, INS:86, P1:0, P2:0, data(2) 0x556836a83570
P:3044; T:0x140079225365888 17:46:26.618 [npa-tool] reader-pcsc.c:323:pcsc_transmit: reader 'Virtual PCD 00 00'
P:3044; T:0x140079225365888 17:46:26.618 [npa-tool] reader-pcsc.c:324:pcsc_transmit: 
Outgoing APDU (8 bytes):
10 86 00 00 02 7C 00 00 .....|..
P:3044; T:0x140079225365888 17:46:26.618 [npa-tool] reader-pcsc.c:242:pcsc_internal_transmit: called
P:3044; T:0x140079225365888 17:46:26.664 [npa-tool] reader-pcsc.c:333:pcsc_transmit: 
Incoming APDU (22 bytes):
7C 12 80 10 A8 C8 31 06 6D 30 F7 64 9D B6 59 10 |.....1.m0.d..Y.
98 78 EB 35 90 00                               .x.5..
P:3044; T:0x140079225365888 17:46:26.664 [npa-tool] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.664 [npa-tool] apdu.c:535:sc_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.664 [npa-tool] card.c:523:sc_unlock: called
P:3044; T:0x140079225365888 17:46:26.664 [npa-tool] reader-pcsc.c:736:pcsc_unlock: called
P:3044; T:0x140079225365888 17:46:26.673 [npa-tool] sm-eac.c:643:eac_gen_auth_1_encrypted_nonce: 
General authenticate (Encrypted Nonce) response data (20 bytes):
7C 12 80 10 A8 C8 31 06 6D 30 F7 64 9D B6 59 10 |.....1.m0.d..Y.
98 78 EB 35                                     .x.5
P:3044; T:0x140079225365888 17:46:26.673 [npa-tool] sm-eac.c:1174:perform_pace: 
Encrypted nonce from MRTD (16 bytes):
A8 C8 31 06 6D 30 F7 64 9D B6 59 10 98 78 EB 35 ..1.m0.d..Y..x.5
P:3044; T:0x140079225365888 17:46:26.675 [npa-tool] sm-eac.c:719:eac_gen_auth_2_map_nonce: 
General authenticate (Map Nonce) command data (69 bytes):
7C 43 81 41 04 65 D1 23 52 E7 09 B7 FF 4A 53 9F |C.A.e.#R....JS.
E4 E2 74 FD 97 C0 D5 3F 49 59 63 D5 06 9D CC E6 ..t....?IYc.....
C3 4F A6 E6 C0 3D FE 7B 4E 9A 3D 5E 49 44 41 79 .O...=.{N.=^IDAy
6C B3 0E 8A 5E C1 D0 D0 6A 63 CF E7 75 36 66 CA l...^...jc..u6f.
5F F5 D1 D0 A7                                  _....
P:3044; T:0x140079225365888 17:46:26.675 [npa-tool] apdu.c:546:sc_transmit_apdu: called
P:3044; T:0x140079225365888 17:46:26.675 [npa-tool] card.c:473:sc_lock: called
P:3044; T:0x140079225365888 17:46:26.675 [npa-tool] reader-pcsc.c:684:pcsc_lock: called
P:3044; T:0x140079225365888 17:46:26.675 [npa-tool] card.c:513:sc_lock: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.675 [npa-tool] apdu.c:513:sc_transmit: called
P:3044; T:0x140079225365888 17:46:26.675 [npa-tool] apdu.c:363:sc_single_transmit: called
P:3044; T:0x140079225365888 17:46:26.675 [npa-tool] apdu.c:370:sc_single_transmit: CLA:10, INS:86, P1:0, P2:0, data(69) 0x556836a82e30
P:3044; T:0x140079225365888 17:46:26.676 [npa-tool] reader-pcsc.c:323:pcsc_transmit: reader 'Virtual PCD 00 00'
P:3044; T:0x140079225365888 17:46:26.676 [npa-tool] reader-pcsc.c:324:pcsc_transmit: 
Outgoing APDU (75 bytes):
10 86 00 00 45 7C 43 81 41 04 65 D1 23 52 E7 09 ....E|C.A.e.#R..
B7 FF 4A 53 9F E4 E2 74 FD 97 C0 D5 3F 49 59 63 ..JS...t....?IYc
D5 06 9D CC E6 C3 4F A6 E6 C0 3D FE 7B 4E 9A 3D ......O...=.{N.=
5E 49 44 41 79 6C B3 0E 8A 5E C1 D0 D0 6A 63 CF ^IDAyl...^...jc.
E7 75 36 66 CA 5F F5 D1 D0 A7 00                .u6f._.....
P:3044; T:0x140079225365888 17:46:26.676 [npa-tool] reader-pcsc.c:242:pcsc_internal_transmit: called
P:3044; T:0x140079225365888 17:46:26.724 [npa-tool] reader-pcsc.c:333:pcsc_transmit: 
Incoming APDU (71 bytes):
7C 43 82 41 04 23 9F 40 72 1A 66 5E F4 2F 9D C7 |C.A.#.@r.f^./..
10 17 20 6F 0E 85 E2 2D 10 BA 08 11 3E CB 99 71 .. o...-....>..q
93 57 FC F3 BD 07 92 52 35 96 06 8E 4B 00 A7 B1 .W.....R5...K...
19 46 14 F4 45 AC 8A 9D 07 52 CF A7 3F 21 56 86 .F..E....R..?!V.
D6 8A 7D EC ED 90 00                            ..}....
P:3044; T:0x140079225365888 17:46:26.724 [npa-tool] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.724 [npa-tool] apdu.c:535:sc_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.724 [npa-tool] card.c:523:sc_unlock: called
P:3044; T:0x140079225365888 17:46:26.725 [npa-tool] reader-pcsc.c:736:pcsc_unlock: called
P:3044; T:0x140079225365888 17:46:26.726 [npa-tool] sm-eac.c:729:eac_gen_auth_2_map_nonce: 
General authenticate (Map Nonce) response data (69 bytes):
7C 43 82 41 04 23 9F 40 72 1A 66 5E F4 2F 9D C7 |C.A.#.@r.f^./..
10 17 20 6F 0E 85 E2 2D 10 BA 08 11 3E CB 99 71 .. o...-....>..q
93 57 FC F3 BD 07 92 52 35 96 06 8E 4B 00 A7 B1 .W.....R5...K...
19 46 14 F4 45 AC 8A 9D 07 52 CF A7 3F 21 56 86 .F..E....R..?!V.
D6 8A 7D EC ED                                  ..}..
P:3044; T:0x140079225365888 17:46:26.726 [npa-tool] sm-eac.c:1209:perform_pace: 
Mapping data from MRTD (65 bytes):
04 23 9F 40 72 1A 66 5E F4 2F 9D C7 10 17 20 6F .#.@r.f^./.... o
0E 85 E2 2D 10 BA 08 11 3E CB 99 71 93 57 FC F3 ...-....>..q.W..
BD 07 92 52 35 96 06 8E 4B 00 A7 B1 19 46 14 F4 ...R5...K....F..
45 AC 8A 9D 07 52 CF A7 3F 21 56 86 D6 8A 7D EC E....R..?!V...}.
ED                                              .
P:3044; T:0x140079225365888 17:46:26.731 [npa-tool] sm-eac.c:805:eac_gen_auth_3_perform_key_agreement: 
General authenticate (Perform Key Agreement) command data (69 bytes):
7C 43 83 41 04 26 08 D5 6D 81 E3 D4 3F 9A 54 47 |C.A.&..m...?.TG
7D 36 66 E9 DF 78 19 D2 B6 2A 5E 20 1A 0E 9E D0 }6f..x...*^ ....
E4 E9 51 F1 B8 99 60 C7 25 DC C9 B9 6C 98 23 1D ..Q...`.%...l.#.
06 27 10 A4 34 4E 8E 59 D6 CA 96 F5 4B 0D 95 1E .'..4N.Y....K...
88 02 FB DC 26                                  ....&
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] apdu.c:546:sc_transmit_apdu: called
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] card.c:473:sc_lock: called
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] reader-pcsc.c:684:pcsc_lock: called
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] card.c:513:sc_lock: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] apdu.c:513:sc_transmit: called
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] apdu.c:363:sc_single_transmit: called
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] apdu.c:370:sc_single_transmit: CLA:10, INS:86, P1:0, P2:0, data(69) 0x556836a857d0
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] reader-pcsc.c:323:pcsc_transmit: reader 'Virtual PCD 00 00'
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] reader-pcsc.c:324:pcsc_transmit: 
Outgoing APDU (75 bytes):
10 86 00 00 45 7C 43 83 41 04 26 08 D5 6D 81 E3 ....E|C.A.&..m..
D4 3F 9A 54 47 7D 36 66 E9 DF 78 19 D2 B6 2A 5E .?.TG}6f..x...*^
20 1A 0E 9E D0 E4 E9 51 F1 B8 99 60 C7 25 DC C9  ......Q...`.%..
B9 6C 98 23 1D 06 27 10 A4 34 4E 8E 59 D6 CA 96 .l.#..'..4N.Y...
F5 4B 0D 95 1E 88 02 FB DC 26 00                .K.......&.
P:3044; T:0x140079225365888 17:46:26.732 [npa-tool] reader-pcsc.c:242:pcsc_internal_transmit: called
P:3044; T:0x140079225365888 17:46:26.781 [npa-tool] reader-pcsc.c:333:pcsc_transmit: 
Incoming APDU (71 bytes):
7C 43 84 41 04 63 88 13 54 DE D2 9D 8F DE FA 10 |C.A.c..T.......
33 FA E4 FB 27 27 98 A3 95 A2 E7 64 A8 E9 F8 B8 3...''.....d....
FB A9 02 37 42 6E 1B 5E E1 50 64 11 69 69 CB 56 ...7Bn.^.Pd.ii.V
DE 23 2B 92 F7 B7 03 EB DF 31 D3 0E F8 2A A8 5D .#+......1...*.]
2E CB 82 FF 8D 90 00                            .......
P:3044; T:0x140079225365888 17:46:26.781 [npa-tool] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.781 [npa-tool] apdu.c:535:sc_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.781 [npa-tool] card.c:523:sc_unlock: called
P:3044; T:0x140079225365888 17:46:26.781 [npa-tool] reader-pcsc.c:736:pcsc_unlock: called
P:3044; T:0x140079225365888 17:46:26.787 [npa-tool] sm-eac.c:815:eac_gen_auth_3_perform_key_agreement: 
General authenticate (Perform Key Agreement) response data (69 bytes):
7C 43 84 41 04 63 88 13 54 DE D2 9D 8F DE FA 10 |C.A.c..T.......
33 FA E4 FB 27 27 98 A3 95 A2 E7 64 A8 E9 F8 B8 3...''.....d....
FB A9 02 37 42 6E 1B 5E E1 50 64 11 69 69 CB 56 ...7Bn.^.Pd.ii.V
DE 23 2B 92 F7 B7 03 EB DF 31 D3 0E F8 2A A8 5D .#+......1...*.]
2E CB 82 FF 8D                                  .....
P:3044; T:0x140079225365888 17:46:26.788 [npa-tool] sm-eac.c:1235:perform_pace: 
Ephemeral public key from MRTD (65 bytes):
04 63 88 13 54 DE D2 9D 8F DE FA 10 33 FA E4 FB .c..T.......3...
27 27 98 A3 95 A2 E7 64 A8 E9 F8 B8 FB A9 02 37 ''.....d.......7
42 6E 1B 5E E1 50 64 11 69 69 CB 56 DE 23 2B 92 Bn.^.Pd.ii.V.#+.
F7 B7 03 EB DF 31 D3 0E F8 2A A8 5D 2E CB 82 FF .....1...*.]....
8D                                              .
P:3044; T:0x140079225365888 17:46:26.789 [npa-tool] sm-eac.c:893:eac_gen_auth_4_mutual_authentication: 
General authenticate (Perform Key Agreement) command data (12 bytes):
7C 0A 85 08 74 25 F2 91 C5 AB E1 83 |...t%......
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] apdu.c:546:sc_transmit_apdu: called
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] card.c:473:sc_lock: called
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] reader-pcsc.c:684:pcsc_lock: called
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] card.c:513:sc_lock: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] apdu.c:513:sc_transmit: called
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] apdu.c:363:sc_single_transmit: called
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] apdu.c:370:sc_single_transmit: CLA:0, INS:86, P1:0, P2:0, data(12) 0x556836a81ad0
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] reader-pcsc.c:323:pcsc_transmit: reader 'Virtual PCD 00 00'
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] reader-pcsc.c:324:pcsc_transmit: 
Outgoing APDU (18 bytes):
00 86 00 00 0C 7C 0A 85 08 74 25 F2 91 C5 AB E1 .....|...t%.....
83 00                                           ..
P:3044; T:0x140079225365888 17:46:26.790 [npa-tool] reader-pcsc.c:242:pcsc_internal_transmit: called
P:3044; T:0x140079225365888 17:46:26.834 [npa-tool] reader-pcsc.c:333:pcsc_transmit: 
Incoming APDU (14 bytes):
7C 0A 86 08 0D F9 A8 A8 4C E2 7D 9A 90 00 |.......L.}...
P:3044; T:0x140079225365888 17:46:26.834 [npa-tool] apdu.c:382:sc_single_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.834 [npa-tool] apdu.c:535:sc_transmit: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:26.834 [npa-tool] card.c:523:sc_unlock: called
P:3044; T:0x140079225365888 17:46:26.835 [npa-tool] reader-pcsc.c:736:pcsc_unlock: called
P:3044; T:0x140079225365888 17:46:26.839 [npa-tool] sm-eac.c:903:eac_gen_auth_4_mutual_authentication: 
General authenticate (Perform Key Agreement) response data (12 bytes):
7C 0A 86 08 0D F9 A8 A8 4C E2 7D 9A |.......L.}.
P:3044; T:0x140079225365888 17:46:26.840 [npa-tool] sm-eac.c:1305:perform_pace: 
ID ICC (32 bytes):
63 88 13 54 DE D2 9D 8F DE FA 10 33 FA E4 FB 27 c..T.......3...'
27 98 A3 95 A2 E7 64 A8 E9 F8 B8 FB A9 02 37 42 '.....d.......7B
P:3044; T:0x140079225365888 17:46:26.840 [npa-tool] sm-eac.c:1321:perform_pace: 
ID PCD (32 bytes):
26 08 D5 6D 81 E3 D4 3F 9A 54 47 7D 36 66 E9 DF &..m...?.TG}6f..
78 19 D2 B6 2A 5E 20 1A 0E 9E D0 E4 E9 51 F1 B8 x...*^ ......Q..
P:3044; T:0x140079225365888 17:46:26.840 [npa-tool] sm-eac.c:1358:perform_pace: returning with: 0 (Success)
Established PACE channel with eID PIN.
P:3044; T:0x140079225365888 17:46:26.840 [npa-tool] reader-pcsc.c:534:pcsc_reconnect: Reconnecting to the card...
P:3044; T:0x140079225365888 17:46:26.840 [npa-tool] reader-pcsc.c:360:refresh_attributes: Virtual PCD 00 00 check
P:3044; T:0x140079225365888 17:46:26.840 [npa-tool] reader-pcsc.c:385:refresh_attributes: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:27.018 [npa-tool] reader-pcsc.c:557:pcsc_reconnect: Virtual PCD 00 00:SCardReconnect returned: 0x00000000
P:3044; T:0x140079225365888 17:46:27.018 [npa-tool] card.c:414:sc_disconnect_card: called
P:3044; T:0x140079225365888 17:46:27.018 [npa-tool] reader-pcsc.c:669:pcsc_disconnect: Virtual PCD 00 00:SCardDisconnect returned: 0x00000000
P:3044; T:0x140079225365888 17:46:27.018 [npa-tool] card.c:436:sc_disconnect_card: returning with: 0 (Success)
P:3044; T:0x140079225365888 17:46:27.018 [npa-tool] ctx.c:931:sc_release_context: called
P:3044; T:0x140079225365888 17:46:27.018 [npa-tool] reader-pcsc.c:973:pcsc_finish: called
frankmorgner commented 4 years ago

Great, everything is fine, your PIN was verified successfully, that's why it printed

Established PACE channel with eID PIN.

What kind of result or test did you expect?

xaqfan commented 4 years ago
Command APDU Response APDU

GetReaderPACECapabilities | 0xFF | 0x9A | 0x04 | 0x01 | (No Data) | PACECapabilities | 0x9000 or other in case of an error EstablishPACEChannel | 0xFF | 0x9A | 0x04 | 0x02 | EstablishPACEChannelInput | EstablishPACEChannelOutput DestroyPACEChannel | 0xFF | 0x9A | 0x04 | 0x03 | (No Data) | (No Data) Verify/Modify PIN | 0xFF | 0x9A | 0x04 | 0x10 | Coding as PC_to_RDR_Secure | Coding as RDR_to_PC_DataBlock

I can't find the apdu above. I want to test pace specification with vicc type of nPA.

frankmorgner commented 4 years ago

What you've listed are formatted as APDUs, but they are interpreted by the reader, not by the card. These commands instruct the reader to perform PACE. In opensc.conf, you need to enable these commands:

app default {
    reader_driver pcsc {
        enable_escape = true;
    }
}
xaqfan commented 4 years ago

What you've listed are formatted as APDUs, but they are interpreted by the reader, not by the card. These commands instruct the reader to perform PACE. In opensc.conf, you need to enable these commands:

app default {
  reader_driver pcsc {
      enable_escape = true;
  }
}

Sorry ,I don't understand your means. how can i do test with this apdus(FF 9A) ? And I reconfied opensc.conf file by your written ,but the results are the same。

frankmorgner commented 4 years ago

please, again paste the log. The commands should have been issued...

And please also read BSI TR-03119, which explains that those commands are interpreted by the reader rather than the card.

xaqfan commented 4 years ago

NO ,I don't found this commands. I will create new issue.

frankmorgner commented 4 years ago

Creating a new issue doesn't change the matter of fact that I've already answered your question.

Let me reformulate the answer:

In your run npa-tool has successfully verified the PIN of vicc by using the PACE protocol. You can see all commands from BSI TR-03110 in the log.

The command, you want to see (0xFF | 0x9A | 0x04 | 0x02 | EstablishPACEChannelInput) is not a command for the smart card. Rather, it's a command for a reader with pin-pad so that the reader performs PACE with the card (BSI TR-03119).

xaqfan commented 4 years ago

OK。 Command "vicc -t nPA" is understood that it is equivalent to a smart card, not a card reader with a card inserted