search

martinpaljak / GlobalPlatformPro

šŸŒ šŸ” Manage applets and keys on JavaCard-s like a pro
https://javacard.pro/globalplatform
GNU Lesser General Public License v3.0
702 stars 213 forks source link

How to use gp.jar as a library to convert JCOP jcsh script to java #189

Closed typelogic closed 4 years ago

typelogic commented 4 years ago

Describe the bug

First of all, thank you for gp.jar. This is not a bug, but instead a feature request. I find the tool has accumulated many features/flags/options across its usage and development through the centuries. I have a JCOP jcsh script that I wish to convert into Java using gp.jar. However, in using gp.jar I am unable to extract or combine the needed constructs to execute my design.

Information about your card

As much information as you have:

  1. JCOP3 SecID P60 CS
  2. NXP
  3. Global Platform 2.1.1 (secure channel protocol SCP 02 option 15)

Expected behavior

Current jcsh script:

/atr
/card
/select F76964706173730101000101
set-key 0/1/DES-ECB/404142434445464748494a4b4c4d4e4f 0/2/DES-ECB/404142434445464748494a4b4c4d4e4f 0/3/DES-ECB/404142434445464748494a4b4c4d4e4f
init-update 0
ext-auth enc
send 001A0000 *9000
send "002A0000#(8200910210007F2E868184268B8129A7402DAC91335793342B8437814237C24238D34238E0423EEE423F4F43433F44521A45662D956D664470745379F2527DE64286EF42905B8697939297A0919AF3929F8D94A2878FA3948FA4A250AB854CB0C651B8CF41B8DA51CAA050D03C4CD54D5DD7175BDBBB50E0255CE5415DE72C4CE7FE41F1B05EF2914EF9C880FC258B)" *9000

/atr
/card
/select F76964706173730101000101
set-key 0/1/DES-ECB/404142434445464748494a4b4c4d4e4f 0/2/DES-ECB/404142434445464748494a4b4c4d4e4f 0/3/DES-ECB/404142434445464748494a4b4c4d4e4f
init-update 0
ext-auth mac
send 001B0000 *9000

Current attempt to convert to java using gp.jar: https://github.com/typelogic/usegp/blob/master/App.java

The problem i'm having in the java test app is at step#3 after gp.openSecureChannel() I tried to call the applet via gp.transmit() and it gave me 0x6E00

Full log

https://gist.github.com/typelogic/93b0a86ce4a196abaa5e8d24b991a97d

Additional context

I wish to convert the above JCOP jcsh script to java using gp.jar. My attempt of doing so is in the above log url. Using gp.jar in my App.java I did:

In my applet apdu call after I open secure channel, I get 0x6E00 it seems my applet is no longer selected. This applet is correctly behaving in a secure channel using the above jcsh scripts.

I tried status-im/status-keycard-java and it only work if secure channel is with MAC. If I attempt to add ENC, it returns 0x6982 and this error code is not coming from my applet, but instead I believe it is the system that throws it. With the refutations of gp.jar being a standards-based and versatile swiss-army knife javacard tool, I am planning to use its compatibility with our card to open secure channel. Need your guide and tips on how to convert the above jcsh script using gp.jar

typelogic commented 4 years ago

After advised to use newer version of gp.jar, where the symptoms described here sounded similar to what I encountered, it fixed my issue. The legend of the all-in-one, multipurpose swiss-army knife tool of javacards lives on!