Open kategray opened 3 years ago
If you want to send APDU-s in secure channel to an applet, specify the target applet with "--sdaid" (or "--connect" in latest master). This controls with which AID the secure channel is established with.
As a note for anyone needing to do this in the future, sdaid works correctly with -s.
I was able to set the IIN with GP Pro using the ISD on a J2A0XX card.
C:\Kate\JavaCard>gp -d -v --sdaid "A0 00 00 00 03 00 00 00" --mode mac -s "80 E2 80 00 0E 00 70 0B 42 09 38 31 32 33 34 35 36 37 36 00"
GlobalPlatformPro v20.01.23-0-g5ad373b
Running on Windows 10 10.0 amd64, Java 11.0.10 by Amazon.com Inc.
SCardConnect("Dell Dell Smart Card Reader Keyboard 0", T=*) -> T=1, 3BFD1300008131FE4500125553554D49444153000000F6
SCardBeginTransaction("Dell Dell Smart Card Reader Keyboard 0")
Reader: Dell Dell Smart Card Reader Keyboard 0
ATR: 3BFD1300008131FE4500125553554D49444153000000F6
More information about your card:
http://smartcard-atr.appspot.com/parse?ATR=3BFD1300008131FE4500125553554D49444153000000F6
[DEBUG] GPSession - (I)SD AID: A000000003000000
A>> T=1 (4+0008) 00A40400 08 A000000003000000 00
A<< (0103+2) (64ms) 6F658408A000000003000000A5599F6501FF9F6E06FFFF0366FFFF734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040215650B06092B8510864864020103660C060A2B060104012A026E0102 9000
[TRACE] GPSession - [6F]
[TRACE] GPSession - [84] A000000003000000
[TRACE] GPSession - [A5]
[TRACE] GPSession - [9F65] FF
[TRACE] GPSession - [9F6E] FFFF0366FFFF
[TRACE] GPSession - [73]
[TRACE] GPSession - [06] 2A864886FC6B01
[TRACE] GPSession - [60]
[TRACE] GPSession - [06] 2A864886FC6B02020101
[TRACE] GPSession - [63]
[TRACE] GPSession - [06] 2A864886FC6B03
[TRACE] GPSession - [64]
[TRACE] GPSession - [06] 2A864886FC6B040215
[TRACE] GPSession - [65]
[TRACE] GPSession - [06] 2B8510864864020103
[TRACE] GPSession - [66]
[TRACE] GPSession - [06] 2B060104012A026E0102
[DEBUG] GPSession - Auto-detected GP version: GP211
[DEBUG] GPSession - Lifecycle data (ignored): FFFF0366FFFF
[DEBUG] GPSession - Auto-detected block size: 255
Warning: no keys given, using default test key 404142434445464748494A4B4C4D4E4F
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[WARN] PlaintextKeys - Don't know how to calculate KCV, defaulting to SCP02
[INFO] GPSession - Using card master keys: ENC=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) MAC=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) DEK=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) for null
[TRACE] GPSession - Generated host challenge: C43B8E808EF07053
A>> T=1 (4+0008) 80500000 08 C43B8E808EF07053 00
A<< (0028+2) (73ms) 00010203040506070809FF02000D4EB131EA95DE00A16BE23648C39E 9000
[DEBUG] GPSession - Host challenge: C43B8E808EF07053
[DEBUG] GPSession - Card challenge: 000D4EB131EA95DE
[DEBUG] GPSession - Card reports SCP02 with key version 255 (0xFF)
[INFO] GPSession - Diversified card keys: ENC=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) MAC=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) DEK=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) for SCP02
[INFO] GPSession - Session keys: ENC=217ABF8CC47294B2411871F381D7534E MAC=07EFCCEB0BB0CC01A22E0CE1E1E395F8 RMAC=1AC383888CDEAF2F8EF67E16F815ACCB, card keys=ENC=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) MAC=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) DEK=404142434445464748494A4B4C4D4E4F (KCV: 8BAF47) for SCP02
[DEBUG] GPSession - Verified card cryptogram: 00A16BE23648C39E
[DEBUG] GPSession - Calculated host cryptogram: 36BB7684023F671A
[TRACE] SCP02Wrapper - MAC input: 848201001036BB7684023F671A
A>> T=1 (4+0016) 84820100 10 36BB7684023F671ADF8F87C3447998B4
A<< (0000+2) (73ms) 9000
[TRACE] SCP02Wrapper - MAC input: 84E280001600700B4209383132333435363736
A>> T=1 (4+0022) 84E28000 16 00700B42093831323334353637369D7F4049347BA905 00
A<< (0000+2) (67ms) 9000
SCardEndTransaction("Dell Dell Smart Card Reader Keyboard 0")
SCardDisconnect("Dell Dell Smart Card Reader Keyboard 0", true) tx:77/rx:139
C:\Kate\JavaCard>gp --info
GlobalPlatformPro v20.01.23-0-g5ad373b
Running on Windows 10 10.0 amd64, Java 11.0.10 by Amazon.com Inc.
Reader: Dell Dell Smart Card Reader Keyboard 0
ATR: 3BFD1300008131FE4500125553554D49444153000000F6
More information about your card:
http://smartcard-atr.appspot.com/parse?ATR=3BFD1300008131FE4500125553554D49444153000000F6
CPLC: ICFabricator=FFFF
ICType=FFFF
OperatingSystemID=FFFF
OperatingSystemReleaseDate=0366 (2011-01-01)
OperatingSystemReleaseLevel=FFFF
ICFabricationDate=0366 (2011-01-01)
ICSerialNumber=FFFFFFFF
ICBatchIdentifier=FFFF
ICModuleFabricator=FFFF
ICModulePackagingDate=0366 (2011-01-01)
ICCManufacturer=FFFF
ICEmbeddingDate=0366 (2011-01-01)
ICPrePersonalizer=FFFF
ICPrePersonalizationEquipmentDate=0366 (2011-01-01)
ICPrePersonalizationEquipmentID=FFFFFFFF
ICPersonalizer=FFFF
ICPersonalizationDate=0366 (2011-01-01)
ICPersonalizationEquipmentID=FFFFFFFF
IIN: 4209383132333435363736
Card Data:
Tag 6: 1.2.840.114283.1
-> Global Platform card
Tag 60: 1.2.840.114283.2.2.1.1
-> GP Version: 2.1.1
Tag 63: 1.2.840.114283.3
Tag 64: 1.2.840.114283.4.2.21
-> GP SCP02 i=15
Tag 65: 1.3.656.840.100.2.1.3
Tag 66: 1.3.6.1.4.1.42.2.110.1.2
-> JavaCard v2
Card Capabilities:
Version: 255 (0xFF) ID: 1 (0x01) type: DES3 length: 16
Version: 255 (0xFF) ID: 2 (0x02) type: DES3 length: 16
Version: 255 (0xFF) ID: 3 (0x03) type: DES3 length: 16
Key version suggests factory keys
Describe the bug
When attempting to pass APDUs to an applet (the security domain), it does not appear to select the applet before executing the APDUs.
Information about your card
J2A040 Card
Expected behavior
I'm trying to write a new IID to the J2A040, and keep getting 0x6D00. It doesn't appear to select the security domain despite the --applet parameter, so I'm wondering if that might be the issue.
It's entirely possible my APDUs are wrong, I just want to make sure I'm actually sending them to the ISD.
Full log