stepansnigirev
commented
3 years ago Another thing I tried is to install the applet using my domain as a dap domain for verification, but I get an error: Invalid argument: Specified DAP domain does not have (Mandated)DAPVerification privilege: A000000151535041 That's strange because when I list the applets I see that it has DAPVerification privilige there.
gp -d -i -v -load applet.cap --dap-domain A000000151535041 -to A000000151000000
#
# gp -d -i -v -load applet.cap --dap-domain A000000151535041 -to A000000151000000
SCardConnect("Generic Smart Card Reader Interface [Smart Card Reader Interface] (20070818000000000) 00 00", T=*) -> T=1, 3BDC18FF8191FE1FC38073C821136605036351000250
# GlobalPlatformPro 325fe84
# Running on Linux 5.4.0-54-generic amd64, Java 11.0.9.1 by Ubuntu
A>> T=1 (4+0000) 00A40400 00
A<< (0018+2) (22ms) 6F108408A000000151000000A5049F6501FF 9000
[DEBUG] GPSession - Auto-detected ISD: A000000151000000
A>> T=1 (4+0000) 80CA9F7F 00
A<< (0045+2) (19ms) 9F7F2A4790050382116351030280480094010734694E3050383037474D32313030393430311300011EFD175D98 9000
[WARN] GPData - Invalid CPLC date: 474D
[WARN] GPData - Invalid CPLC date: 011E
CPLC: ICFabricator=4790
ICType=0503
OperatingSystemID=8211
OperatingSystemReleaseDate=6351 (2016-12-16)
OperatingSystemReleaseLevel=0302
ICFabricationDate=8048 (2018-02-17)
ICSerialNumber=00940107
ICBatchIdentifier=3469
ICModuleFabricator=4E30
ICModulePackagingDate=5038 (2015-02-07)
ICCManufacturer=3037
ICEmbeddingDate=474D (invalid date format)
ICPrePersonalizer=3231
ICPrePersonalizationEquipmentDate=3030 (2013-01-30)
ICPrePersonalizationEquipmentID=39343031
ICPersonalizer=1300
ICPersonalizationDate=011E (invalid date format)
ICPersonalizationEquipmentID=FD175D98
A>> T=1 (4+0000) 80CA0042 00
A<< (0003+2) (14ms) 420100 9000
IIN: 420100
A>> T=1 (4+0000) 80CA0045 00
A<< (0010+2) (15ms) 45080000000000000000 9000
CIN: 45080000000000000000
Card Data:
A>> T=1 (4+0000) 80CA0066 00
A<< (0065+2) (23ms) 663F733D06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040300660C060A2B060104012A026E0102 9000
Tag 6: 1.2.840.114283.1
-> Global Platform card
Tag 60: 1.2.840.114283.2.2.1.1
-> GP Version: 2.1.1
Tag 63: 1.2.840.114283.3
Tag 64: 1.2.840.114283.4.3.0
-> GP SCP03 i=00
Tag 66: 1.3.6.1.4.1.42.2.110.1.2
-> JavaCard v2
Card Capabilities:
A>> T=1 (4+0000) 80CA0067 00
A<< (0060+2) (21ms) 673A6738A006800102810155A00A8001038102001082010781039EFE8082031E03008301028504010208408602040887040102084088050102030405 9000
[WARN] GPData - Bogus data detected, fixing double tag
Supports SCP02 i=55
Supports SCP03 i=00 i=10 with AES-128 AES-196 AES-256
Supported DOM privileges: SecurityDomain, CardLock, CardTerminate, CardReset, CVMManagement, TrustedPath, AuthorizedManagement, TokenVerification, GlobalDelete, GlobalLock, GlobalRegistry, FinalApplication, ReceiptGeneration
Supported APP privileges: CardLock, CardTerminate, CardReset, CVMManagement, FinalApplication, GlobalService
Supported LFDB hash: SHA-256
Supported Token Verification ciphers: RSA1024_SHA1, ECCP521_SHA512
Supported Receipt Generation ciphers: DES_MAC
Supported DAP Verification ciphers: RSA1024_SHA1, ECCP521_SHA512
Supported ECC Key Parameters: 0102030405
A>> T=1 (4+0000) 80CA00E0 00
A<< (0020+2) (21ms) E012C00401018810C00402018810C00403018810 9000
Version: 1 (0x01) ID: 1 (0x01) type: AES length: 16 (AES-128)
Version: 1 (0x01) ID: 2 (0x02) type: AES length: 16 (AES-128)
Version: 1 (0x01) ID: 3 (0x03) type: AES length: 16 (AES-128)
Warning: no keys given, defaulting to 404142434445464748494A4B4C4D4E4F
[INFO] GPSession - Using card master keys with version 0 for setting up session [MAC]
A>> T=1 (4+0008) 80500000 08 5FFAC63EC27A2C77 00
A<< (0029+2) (98ms) 000080480094010734690103001AB6824185382C998A35165B997988D9 9000
[DEBUG] GPSession - SSC: null
[DEBUG] GPSession - Host challenge: 5FFAC63EC27A2C77
[DEBUG] GPSession - Card challenge: 1AB6824185382C99
[DEBUG] GPSession - Card reports SCP03 with key version 1 (0x01)
[INFO] GPSession - Diversified card keys: ENC=404142434445464748494A4B4C4D4E4F (KCV: 504A77) MAC=404142434445464748494A4B4C4D4E4F (KCV: 504A77) DEK=404142434445464748494A4B4C4D4E4F (KCV: 504A77) for SCP03
[INFO] GPSession - Session keys: ENC=EEF3879B88908E84385ED2265938758E MAC=F8A74AEF2C74F995D282B54BA516BA69 RMAC=1D8DD28F93F6340F019F80370664A800
[DEBUG] GPSession - Verified card cryptogram: 8A35165B997988D9
[DEBUG] GPSession - Calculated host cryptogram: 0066D18CDE71435E
A>> T=1 (4+0016) 84820100 10 0066D18CDE71435EE78E53F1E11A7A14
A<< (0000+2) (147ms) 9000
CAP file (v2.1), contains: exports, applets for JavaCard 3.0.4
Package: secret 1122334455 v0.0
Applet: secret.SecretApplet 112233445500
Import: A0000000620001 v1.0 java.lang
Import: A0000000620101 v1.5 javacard.framework
Generated by Oracle Corporation converter [v3.0.4]
On Sat Nov 14 11:31:12 CET 2020 with JDK 11.0.9.1 (Ubuntu)
Code size 285 bytes (461 with debug)
SHA-256 d6cc2848bf2ac2240f20cc63b9a11d01526f4866d9cc32d1883879532d07dbed
SHA-1 927dd9f441a0a975a5bb2fcd9edfffdc5d02fb9e
A>> T=1 (4+0010) 84F28002 0A 4F0018F232980C3F4148 00
A<< (0044+2) (112ms) E32A4F08A0000001510000009F700107C5039EFE80C407A0000000620001CE020100CC08A000000151000000 9000
A>> T=1 (4+0010) 84F24002 0A 4F006DD3D79FE077904B 00
A<< (0044+2) (104ms) E32A4F08A0000001515350419F70010FC503C08000C407A0000001515350CE020100CC08A000000151535041 9000
A>> T=1 (4+0010) 84F21002 0A 4F00A623198EDAF503CB 00
A<< (0025+2) (101ms) E3174F07A00000015153509F7001018408A000000151535041 9000
A>> T=1 (4+0010) 84F22002 0A 4F00DABC4DF934A284AF 00
A<< (0015+2) (100ms) E30D4F07A00000015153509F700101 9000
Invalid argument: Specified DAP domain does not have (Mandated)DAPVerification privilege: A000000151535041
java.lang.IllegalArgumentException: Specified DAP domain does not have (Mandated)DAPVerification privilege: A000000151535041
at pro.javacard.gp.GPCommands.load(GPCommands.java:128)
at pro.javacard.gp.GPTool.loadCAP(GPTool.java:824)
at pro.javacard.gp.GPTool.run(GPTool.java:375)
at pro.javacard.gp.GPTool.main(GPTool.java:107)
SCardDisconnect("Generic Smart Card Reader Interface [Smart Card Reader Interface] (20070818000000000) 00 00", true) tx:134/rx:404
RzyDS
martinpaljak
Describe the bug
I am trying to create an SSD that will be able to install signed cap files. Using
gpandcapfilefor that.Information about your card
NXP J3H145 (JCOP3) bought from smartcardfocus
Expected behavior
I would expect to be able to install a signed cap file to the SSD with DAP priviliges,
Full log
Initial state of the card:
Cap file is built with AID
112233445500Steps to reproduce:
openssl genrsa 1024 > rsa.pemcapfile -s rsa.pem applet.capgp -d -v -i -domain A000000151535041 -privs DAPVerification,DelegatedManagement --allow-to --allow-fromA>> T=1 (4+0000) 80CA0042 00 A<< (0003+2) (13ms) 420100 9000 IIN: 420100 A>> T=1 (4+0000) 80CA0045 00 A<< (0010+2) (13ms) 45080000000000000000 9000 CIN: 45080000000000000000 Card Data: A>> T=1 (4+0000) 80CA0066 00 A<< (0065+2) (18ms) 663F733D06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040300660C060A2B060104012A026E0102 9000 Tag 6: 1.2.840.114283.1 -> Global Platform card Tag 60: 1.2.840.114283.2.2.1.1 -> GP Version: 2.1.1 Tag 63: 1.2.840.114283.3 Tag 64: 1.2.840.114283.4.3.0 -> GP SCP03 i=00 Tag 66: 1.3.6.1.4.1.42.2.110.1.2 -> JavaCard v2 Card Capabilities: A>> T=1 (4+0000) 80CA0067 00 A<< (0060+2) (37ms) 673A6738A006800102810155A00A8001038102001082010781039EFE8082031E03008301028504010208408602040887040102084088050102030405 9000 [WARN] GPData - Bogus data detected, fixing double tag Supports SCP02 i=55 Supports SCP03 i=00 i=10 with AES-128 AES-196 AES-256 Supported DOM privileges: SecurityDomain, CardLock, CardTerminate, CardReset, CVMManagement, TrustedPath, AuthorizedManagement, TokenVerification, GlobalDelete, GlobalLock, GlobalRegistry, FinalApplication, ReceiptGeneration Supported APP privileges: CardLock, CardTerminate, CardReset, CVMManagement, FinalApplication, GlobalService Supported LFDB hash: SHA-256 Supported Token Verification ciphers: RSA1024_SHA1, ECCP521_SHA512 Supported Receipt Generation ciphers: DES_MAC Supported DAP Verification ciphers: RSA1024_SHA1, ECCP521_SHA512 Supported ECC Key Parameters: 0102030405 A>> T=1 (4+0000) 80CA00E0 00 A<< (0020+2) (19ms) E012C00401FF8810C00402FF8810C00403FF8810 9000 Version: 255 (0xFF) ID: 1 (0x01) type: AES length: 16 (AES-128, factory key) Version: 255 (0xFF) ID: 2 (0x02) type: AES length: 16 (AES-128, factory key) Version: 255 (0xFF) ID: 3 (0x03) type: AES length: 16 (AES-128, factory key)
Warning: no keys given, defaulting to 404142434445464748494A4B4C4D4E4F [INFO] GPSession - Using card master keys with version 0 for setting up session [MAC] A>> T=1 (4+0008) 80500000 08 781C808DC96E6B10 00 A<< (0029+2) (96ms) 00008048004753073469FF0300B03734C50D5155569A3FAE3106BCC2F1 9000 [DEBUG] GPSession - SSC: null [DEBUG] GPSession - Host challenge: 781C808DC96E6B10 [DEBUG] GPSession - Card challenge: B03734C50D515556 [DEBUG] GPSession - Card reports SCP03 with key version 255 (0xFF) [INFO] GPSession - Diversified card keys: ENC=404142434445464748494A4B4C4D4E4F (KCV: 504A77) MAC=404142434445464748494A4B4C4D4E4F (KCV: 504A77) DEK=404142434445464748494A4B4C4D4E4F (KCV: 504A77) for SCP03 [INFO] GPSession - Session keys: ENC=4FD3ED379299F3F34DEB4BB20100A880 MAC=7069BC235F4FFD12D65D8A56BDAAF02B RMAC=AAE483DE9849B2F9048A02805C36A251 [DEBUG] GPSession - Verified card cryptogram: 9A3FAE3106BCC2F1 [DEBUG] GPSession - Calculated host cryptogram: 4FED32A401912615 A>> T=1 (4+0016) 84820100 10 4FED32A4019126157059490EBB32A8B6 A<< (0000+2) (145ms) 9000 A>> T=1 (4+0010) 84F28002 0A 4F008DB8375643E9A775 00 A<< (0044+2) (109ms) E32A4F08A0000001510000009F700107C5039EFE80C407A0000000620001CE020100CC08A000000151000000 9000 A>> T=1 (4+0010) 84F24002 0A 4F0042E3216FDCC56BF2 00 A<< (0000+2) (113ms) 6A88 A>> T=1 (4+0010) 84F21002 0A 4F001E3C2FDD87FD86A0 00 A<< (0025+2) (99ms) E3174F07A00000015153509F7001018408A000000151535041 9000 A>> T=1 (4+0010) 84F22002 0A 4F00A8336E700AC032F5 00 A<< (0015+2) (118ms) E30D4F07A00000015153509F700101 9000
Note: using detected default AID-s for SSD instantiation: A000000151535041 from A0000001515350
Notice: 0x81 already in parameters or no parameters
Final parameters:
A>> T=1 (4+0040) 84E60C00 28 07A000000151535008A00000015153504108A00000015153504101E002C90000681DC890273B57CB A<< (0001+2) (2s687ms) 00 9000 SCardDisconnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", true) tx:179/rx:363
Warning: no keys given, defaulting to 404142434445464748494A4B4C4D4E4F ISD: A000000151000000 (INITIALIZED) Parent: A000000151000000 From: A0000000620001 Privs: SecurityDomain, CardLock, CardTerminate, CardReset, CVMManagement, TrustedPath, AuthorizedManagement, TokenVerification, GlobalDelete, GlobalLock, GlobalRegistry, FinalApplication, ReceiptGeneration
DOM: A000000151535041 (SELECTABLE) Parent: A000000151000000 From: A0000001515350 Privs: SecurityDomain, DAPVerification, DelegatedManagement, TrustedPath
PKG: A0000001515350 (LOADED) Applet: A000000151535041
GP_READER=HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00
gp -d -v -i -sdaid A000000151535041 --lock 404142434445464748494A4B4C4D4E4E
[DEBUG] TerminalManager - Matched JnaCardTerminal{scardHandle=SCardContext{62e32d4e}, name=HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00} SCardConnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", T=*) -> T=1, 3BDC18FF8191FE1FC38073C821136605036351000250
GlobalPlatformPro 325fe84
Running on Linux 5.4.0-52-generic amd64, Java 11.0.9.1 by Ubuntu
-sdaid is deprecated, use -c/--connect
[DEBUG] GPSession - (I)SD AID: A000000151535041 A>> T=1 (4+0008) 00A40400 08 A000000151535041 00 A<< (0018+2) (33ms) 6F108408A000000151535041A5049F6501FF 9000 [DEBUG] GPSession - Auto-detected block size: 255 A>> T=1 (4+0000) 80CA9F7F 00 A<< (0000+2) (14ms) 6A88 A>> T=1 (4+0000) 00CA9F7F 00 A<< (0000+2) (14ms) 6A88 [DEBUG] GPData - GET DATA(CPLC): N/A A>> T=1 (4+0000) 80CA0042 00 A<< (0000+2) (13ms) 6A88 [DEBUG] GPData - GET DATA(IIN): N/A A>> T=1 (4+0000) 80CA0045 00 A<< (0000+2) (14ms) 6A88 [DEBUG] GPData - GET DATA(CIN): N/A Card Data: A>> T=1 (4+0000) 80CA0066 00 A<< (0000+2) (14ms) 6A88 [DEBUG] GPData - GET DATA(Card Data): N/A Card Capabilities: A>> T=1 (4+0000) 80CA0067 00 A<< (0000+2) (14ms) 6A88 [DEBUG] GPData - GET DATA(Card Capabilities): N/A A>> T=1 (4+0000) 80CA00E0 00 A<< (0004+2) (15ms) E002C000 9000 [INFO] GPKeyInfo - Key template has zero length (empty). Skipping.
Warning: no keys given, defaulting to 404142434445464748494A4B4C4D4E4F [INFO] GPSession - Using card master keys with version 0 for setting up session [MAC] A>> T=1 (4+0008) 80500000 08 1F30E2EA904F758C 00 A<< (0029+2) (145ms) 50418048004753073469FF0300DD43707D24B3930CE59582C1EEB02F49 9000 [DEBUG] GPSession - SSC: null [DEBUG] GPSession - Host challenge: 1F30E2EA904F758C [DEBUG] GPSession - Card challenge: DD43707D24B3930C [DEBUG] GPSession - Card reports SCP03 with key version 255 (0xFF) [INFO] GPSession - Diversified card keys: ENC=404142434445464748494A4B4C4D4E4F (KCV: 504A77) MAC=404142434445464748494A4B4C4D4E4F (KCV: 504A77) DEK=404142434445464748494A4B4C4D4E4F (KCV: 504A77) for SCP03 [INFO] GPSession - Session keys: ENC=241CF755EF87D852CCF9F48A1B85428F MAC=083299347DD67A29EDA5F7E3F0D310BF RMAC=6C9F66C80B8AE5F4E2028E89497FE3BC [DEBUG] GPSession - Verified card cryptogram: E59582C1EEB02F49 [DEBUG] GPSession - Calculated host cryptogram: B76ADFFF96CC83B7 A>> T=1 (4+0016) 84820100 10 B76ADFFF96CC83B736BDD5A9D0DE8460 A<< (0000+2) (164ms) 9000 A>> T=1 (4+0008) 84CA00E0 08 A54FFFCA85E6F950 00 A<< (0004+2) (118ms) E002C000 9000 [INFO] GPKeyInfo - Key template has zero length (empty). Skipping.
Keyset version: 1
Looking at key version [DEBUG] GPSession - PUT KEY version 1 replace=false ENC=404142434445464748494A4B4C4D4E4E (KCV: 943B35) MAC=404142434445464748494A4B4C4D4E4E (KCV: 943B35) DEK=404142434445464748494A4B4C4D4E4E (KCV: 943B35) for SCP03 [DEBUG] PlaintextKeys - Encrypting ENC value (KCV=943B35) with DEK (KCV=504A77) [DEBUG] PlaintextKeys - Encrypting MAC value (KCV=943B35) with DEK (KCV=504A77) [DEBUG] PlaintextKeys - Encrypting DEK value (KCV=943B35) with DEK (KCV=504A77) A>> T=1 (4+0078) 84D80081 4E 018811108C7C9BF1CAF7920A814CD8686E47B21E03943B358811108C7C9BF1CAF7920A814CD8686E47B21E03943B358811108C7C9BF1CAF7920A814CD8686E47B21E03943B35B1730E8F04BCE40D A<< (0010+2) (1s349ms) 01943B35943B35943B35 9000 A000000151535041 locked with: 404142434445464748494A4B4C4D4E4E Write this down, DO NOT FORGET/LOSE IT! SCardDisconnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", true) tx:181/rx:89
GP_READER=HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00
gp -d -v -i -sdaid A000000151535041 -new-keyver 0x73 -put-key rsa.pem -key 404142434445464748494A4B4C4D4E4E
[DEBUG] TerminalManager - Matched JnaCardTerminal{scardHandle=SCardContext{3491082f}, name=HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00} SCardConnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", T=*) -> T=1, 3BDC18FF8191FE1FC38073C821136605036351000250
GlobalPlatformPro 325fe84
Running on Linux 5.4.0-52-generic amd64, Java 11.0.9.1 by Ubuntu
-sdaid is deprecated, use -c/--connect
[DEBUG] GPSession - (I)SD AID: A000000151535041 A>> T=1 (4+0008) 00A40400 08 A000000151535041 00 A<< (0018+2) (33ms) 6F108408A000000151535041A5049F6501FF 9000 [DEBUG] GPSession - Auto-detected block size: 255 A>> T=1 (4+0000) 80CA9F7F 00 A<< (0000+2) (13ms) 6A88 A>> T=1 (4+0000) 00CA9F7F 00 A<< (0000+2) (13ms) 6A88 [DEBUG] GPData - GET DATA(CPLC): N/A A>> T=1 (4+0000) 80CA0042 00 A<< (0000+2) (14ms) 6A88 [DEBUG] GPData - GET DATA(IIN): N/A A>> T=1 (4+0000) 80CA0045 00 A<< (0000+2) (15ms) 6A88 [DEBUG] GPData - GET DATA(CIN): N/A Card Data: A>> T=1 (4+0000) 80CA0066 00 A<< (0000+2) (14ms) 6A88 [DEBUG] GPData - GET DATA(Card Data): N/A Card Capabilities: A>> T=1 (4+0000) 80CA0067 00 A<< (0000+2) (15ms) 6A88 [DEBUG] GPData - GET DATA(Card Capabilities): N/A A>> T=1 (4+0000) 80CA00E0 00 A<< (0020+2) (21ms) E012C00401018810C00402018810C00403018810 9000 Version: 1 (0x01) ID: 1 (0x01) type: AES length: 16 (AES-128) Version: 1 (0x01) ID: 2 (0x02) type: AES length: 16 (AES-128) Version: 1 (0x01) ID: 3 (0x03) type: AES length: 16 (AES-128)
[INFO] GPSession - Using card master keys with version 0 for setting up session [MAC] A>> T=1 (4+0008) 80500000 08 9A3E270F5541B709 00 A<< (0029+2) (104ms) 5041804800475307346901030008A0ED414CDC7A670FBEF258D95F48FC 9000 [DEBUG] GPSession - SSC: null [DEBUG] GPSession - Host challenge: 9A3E270F5541B709 [DEBUG] GPSession - Card challenge: 08A0ED414CDC7A67 [DEBUG] GPSession - Card reports SCP03 with key version 1 (0x01) [INFO] GPSession - Diversified card keys: ENC=404142434445464748494A4B4C4D4E4E (KCV: 943B35) MAC=404142434445464748494A4B4C4D4E4E (KCV: 943B35) DEK=404142434445464748494A4B4C4D4E4E (KCV: 943B35) for SCP03 [INFO] GPSession - Session keys: ENC=700A8DB2F44203BDA14B3F0184C0CCB9 MAC=2B811AB67DC46ED12EFFA6A58A62F8E5 RMAC=2F83761D89D70A6B32F332AD3C599F32 [DEBUG] GPSession - Verified card cryptogram: 0FBEF258D95F48FC [DEBUG] GPSession - Calculated host cryptogram: 7B771C775A769526 A>> T=1 (4+0016) 84820100 10 7B771C775A7695268F02D39801552F69 A<< (0000+2) (147ms) 9000 A>> T=1 (4+0145) 84D80001 91 73A180C9A49BAAF9B7044565FE1A2CF2431EAA8E7F2D19E8A00100315D84742D53AF6AD95E4414FA05E7FB1154A335F9D9B178DBB2E868CC557EC08B62DD5AB7718F49DE9CA42CDF97ACB9866021C5A690037F06FB33A24883482EC8C5C8DB4394E3F235213C9F919491207F39249700849CD1EE41EE6411FCFB6EAC58EB35DF059351A003010001002659FCF91C62BC8D 00 A<< (0001+2) (842ms) 73 9000 SCardDisconnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", true) tx:235/rx:90
Warning: no keys given, defaulting to 404142434445464748494A4B4C4D4E4F ISD: A000000151000000 (INITIALIZED) Parent: A000000151000000 From: A0000000620001 Privs: SecurityDomain, CardLock, CardTerminate, CardReset, CVMManagement, TrustedPath, AuthorizedManagement, TokenVerification, GlobalDelete, GlobalLock, GlobalRegistry, FinalApplication, ReceiptGeneration
DOM: A000000151535041 (PERSONALIZED) Parent: A000000151000000 From: A0000001515350 Privs: SecurityDomain, DAPVerification, DelegatedManagement, TrustedPath
PKG: A0000001515350 (LOADED) Applet: A000000151535041
GP_READER=HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00
gp -d -i -v -load applet.cap -to A000000151535041
[DEBUG] TerminalManager - Matched JnaCardTerminal{scardHandle=SCardContext{154d3d2}, name=HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00} SCardConnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", T=*) -> T=1, 3BDC18FF8191FE1FC38073C821136605036351000250
GlobalPlatformPro 325fe84
Running on Linux 5.4.0-52-generic amd64, Java 11.0.9.1 by Ubuntu
A>> T=1 (4+0000) 00A40400 00 A<< (0018+2) (31ms) 6F108408A000000151000000A5049F6501FF 9000 [DEBUG] GPSession - Auto-detected ISD: A000000151000000 A>> T=1 (4+0000) 80CA9F7F 00 A<< (0045+2) (16ms) 9F7F2A4790050382116351030280480047530734694E3050383037474D32313030343735331300011EFDE4C003 9000 [WARN] GPData - Invalid CPLC date: 474D [WARN] GPData - Invalid CPLC date: 011E CPLC: ICFabricator=4790 ICType=0503 OperatingSystemID=8211 OperatingSystemReleaseDate=6351 (2016-12-16) OperatingSystemReleaseLevel=0302 ICFabricationDate=8048 (2018-02-17) ICSerialNumber=00475307 ICBatchIdentifier=3469 ICModuleFabricator=4E30 ICModulePackagingDate=5038 (2015-02-07) ICCManufacturer=3037 ICEmbeddingDate=474D (invalid date format) ICPrePersonalizer=3231 ICPrePersonalizationEquipmentDate=3030 (2013-01-30) ICPrePersonalizationEquipmentID=34373533 ICPersonalizer=1300 ICPersonalizationDate=011E (invalid date format) ICPersonalizationEquipmentID=FDE4C003
A>> T=1 (4+0000) 80CA0042 00 A<< (0003+2) (12ms) 420100 9000 IIN: 420100 A>> T=1 (4+0000) 80CA0045 00 A<< (0010+2) (14ms) 45080000000000000000 9000 CIN: 45080000000000000000 Card Data: A>> T=1 (4+0000) 80CA0066 00 A<< (0065+2) (96ms) 663F733D06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040300660C060A2B060104012A026E0102 9000 Tag 6: 1.2.840.114283.1 -> Global Platform card Tag 60: 1.2.840.114283.2.2.1.1 -> GP Version: 2.1.1 Tag 63: 1.2.840.114283.3 Tag 64: 1.2.840.114283.4.3.0 -> GP SCP03 i=00 Tag 66: 1.3.6.1.4.1.42.2.110.1.2 -> JavaCard v2 Card Capabilities: A>> T=1 (4+0000) 80CA0067 00 A<< (0060+2) (18ms) 673A6738A006800102810155A00A8001038102001082010781039EFE8082031E03008301028504010208408602040887040102084088050102030405 9000 [WARN] GPData - Bogus data detected, fixing double tag Supports SCP02 i=55 Supports SCP03 i=00 i=10 with AES-128 AES-196 AES-256 Supported DOM privileges: SecurityDomain, CardLock, CardTerminate, CardReset, CVMManagement, TrustedPath, AuthorizedManagement, TokenVerification, GlobalDelete, GlobalLock, GlobalRegistry, FinalApplication, ReceiptGeneration Supported APP privileges: CardLock, CardTerminate, CardReset, CVMManagement, FinalApplication, GlobalService Supported LFDB hash: SHA-256 Supported Token Verification ciphers: RSA1024_SHA1, ECCP521_SHA512 Supported Receipt Generation ciphers: DES_MAC Supported DAP Verification ciphers: RSA1024_SHA1, ECCP521_SHA512 Supported ECC Key Parameters: 0102030405 A>> T=1 (4+0000) 80CA00E0 00 A<< (0020+2) (20ms) E012C00401FF8810C00402FF8810C00403FF8810 9000 Version: 255 (0xFF) ID: 1 (0x01) type: AES length: 16 (AES-128, factory key) Version: 255 (0xFF) ID: 2 (0x02) type: AES length: 16 (AES-128, factory key) Version: 255 (0xFF) ID: 3 (0x03) type: AES length: 16 (AES-128, factory key)
Warning: no keys given, defaulting to 404142434445464748494A4B4C4D4E4F [INFO] GPSession - Using card master keys with version 0 for setting up session [MAC] A>> T=1 (4+0008) 80500000 08 97ADB6BB81F0B0ED 00 A<< (0029+2) (95ms) 00008048004753073469FF030051ABA6305B606E7531149DA9A70614D4 9000 [DEBUG] GPSession - SSC: null [DEBUG] GPSession - Host challenge: 97ADB6BB81F0B0ED [DEBUG] GPSession - Card challenge: 51ABA6305B606E75 [DEBUG] GPSession - Card reports SCP03 with key version 255 (0xFF) [INFO] GPSession - Diversified card keys: ENC=404142434445464748494A4B4C4D4E4F (KCV: 504A77) MAC=404142434445464748494A4B4C4D4E4F (KCV: 504A77) DEK=404142434445464748494A4B4C4D4E4F (KCV: 504A77) for SCP03 [INFO] GPSession - Session keys: ENC=55CF6EEA780505D77269685C28D2FBA2 MAC=AE5D5A8B664BE89BBA95D8545F540C11 RMAC=CCA97E422FC46EC9753754F3DB7B915D [DEBUG] GPSession - Verified card cryptogram: 31149DA9A70614D4 [DEBUG] GPSession - Calculated host cryptogram: 533FBA65C2ABBB8C A>> T=1 (4+0016) 84820100 10 533FBA65C2ABBB8C8C30561BCA69A433 A<< (0000+2) (145ms) 9000 CAP file (v2.1), contains: exports, applets for JavaCard 3.0.4 Package: secret 1122334455 v0.0 Applet: secret.SecretApplet 112233445500 Import: A0000000620001 v1.0 java.lang Import: A0000000620101 v1.5 javacard.framework Generated by Oracle Corporation converter [v3.0.4] On Sat Nov 14 11:31:12 CET 2020 with JDK 11.0.9.1 (Ubuntu) Code size 285 bytes (461 with debug) SHA-256 d6cc2848bf2ac2240f20cc63b9a11d01526f4866d9cc32d1883879532d07dbed SHA-1 927dd9f441a0a975a5bb2fcd9edfffdc5d02fb9e A>> T=1 (4+0010) 84F28002 0A 4F001C484ED39D4DDC2B 00 A<< (0044+2) (115ms) E32A4F08A0000001510000009F700107C5039EFE80C407A0000000620001CE020100CC08A000000151000000 9000 A>> T=1 (4+0010) 84F24002 0A 4F0089805CC478C25074 00 A<< (0044+2) (100ms) E32A4F08A0000001515350419F70010FC503E08000C407A0000001515350CE020100CC08A000000151000000 9000 A>> T=1 (4+0010) 84F21002 0A 4F00A04385A140D9D04C 00 A<< (0025+2) (100ms) E3174F07A00000015153509F7001018408A000000151535041 9000 A>> T=1 (4+0010) 84F22002 0A 4F00A7E4957369A1A06B 00 A<< (0015+2) (117ms) E30D4F07A00000015153509F700101 9000 A>> T=1 (4+0046) 84E60200 2E 05112233445508A00000015153504114927DD9F441A0A975A5BB2FCD9EDFFFDC5D02FB9E00000C1CF1261D6F446F A<< (0000+2) (116ms) 6985 Applet loading not allowed. Are you sure the domain can accept it? Error: INSTALL [for load] failed: 0x6985 (Conditions of use not satisfied) pro.javacard.gp.GPException: INSTALL [for load] failed: 0x6985 (Conditions of use not satisfied) at pro.javacard.gp.GPException.check(GPException.java:64) at pro.javacard.gp.GPSession.loadCapFile(GPSession.java:579) at pro.javacard.gp.GPCommands.load(GPCommands.java:155) at pro.javacard.gp.GPTool.loadCAP(GPTool.java:824) at pro.javacard.gp.GPTool.run(GPTool.java:375) at pro.javacard.gp.GPTool.main(GPTool.java:107) SCardDisconnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", true) tx:185/rx:406
GP_READER=HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00
gp -d -i -v -c A000000151535041 -load applet.cap -key 404142434445464748494A4B4C4D4E4E
[DEBUG] TerminalManager - Matched JnaCardTerminal{scardHandle=SCardContext{5a05bc30}, name=HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00} SCardConnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", T=*) -> T=1, 3BDC18FF8191FE1FC38073C821136605036351000250
GlobalPlatformPro 325fe84
Running on Linux 5.4.0-52-generic amd64, Java 11.0.9.1 by Ubuntu
[DEBUG] GPSession - (I)SD AID: A000000151535041 A>> T=1 (4+0008) 00A40400 08 A000000151535041 00 A<< (0018+2) (80ms) 6F108408A000000151535041A5049F6501FF 9000 [DEBUG] GPSession - Auto-detected block size: 255 A>> T=1 (4+0000) 80CA9F7F 00 A<< (0000+2) (14ms) 6A88 A>> T=1 (4+0000) 00CA9F7F 00 A<< (0000+2) (15ms) 6A88 [DEBUG] GPData - GET DATA(CPLC): N/A A>> T=1 (4+0000) 80CA0042 00 A<< (0000+2) (15ms) 6A88 [DEBUG] GPData - GET DATA(IIN): N/A A>> T=1 (4+0000) 80CA0045 00 A<< (0000+2) (15ms) 6A88 [DEBUG] GPData - GET DATA(CIN): N/A Card Data: A>> T=1 (4+0000) 80CA0066 00 A<< (0000+2) (14ms) 6A88 [DEBUG] GPData - GET DATA(Card Data): N/A Card Capabilities: A>> T=1 (4+0000) 80CA0067 00 A<< (0000+2) (14ms) 6A88 [DEBUG] GPData - GET DATA(Card Capabilities): N/A A>> T=1 (4+0000) 80CA00E0 00 A<< (0028+2) (24ms) E01AC00401018810C00402018810C00403018810C0060173A180A003 9000 Version: 1 (0x01) ID: 1 (0x01) type: AES length: 16 (AES-128) Version: 1 (0x01) ID: 2 (0x02) type: AES length: 16 (AES-128) Version: 1 (0x01) ID: 3 (0x03) type: AES length: 16 (AES-128) Version: 115 (0x73) ID: 1 (0x01) type: RSA_PUB_N length: 128 (RSA-1024 public, DAP Verification)
[INFO] GPSession - Using card master keys with version 0 for setting up session [MAC] A>> T=1 (4+0008) 80500000 08 29C1DA87638D7F7B 00 A<< (0029+2) (104ms) 50418048004753073469010300B8C878774EDAB0178D39E03D978E7DC7 9000 [DEBUG] GPSession - SSC: null [DEBUG] GPSession - Host challenge: 29C1DA87638D7F7B [DEBUG] GPSession - Card challenge: B8C878774EDAB017 [DEBUG] GPSession - Card reports SCP03 with key version 1 (0x01) [INFO] GPSession - Diversified card keys: ENC=404142434445464748494A4B4C4D4E4E (KCV: 943B35) MAC=404142434445464748494A4B4C4D4E4E (KCV: 943B35) DEK=404142434445464748494A4B4C4D4E4E (KCV: 943B35) for SCP03 [INFO] GPSession - Session keys: ENC=A61FED3B33EDD47DAEF29F99BAD93C2A MAC=ACCB8F90182FF1556A58B0ED5D3CFC07 RMAC=D123F445A5D5DCF60195A9D30027C298 [DEBUG] GPSession - Verified card cryptogram: 8D39E03D978E7DC7 [DEBUG] GPSession - Calculated host cryptogram: 2F7E5D0F4360694B A>> T=1 (4+0016) 84820100 10 2F7E5D0F4360694BE5616054F4FD3554 A<< (0000+2) (148ms) 9000 CAP file (v2.1), contains: exports, applets for JavaCard 3.0.4 Package: secret 1122334455 v0.0 Applet: secret.SecretApplet 112233445500 Import: A0000000620001 v1.0 java.lang Import: A0000000620101 v1.5 javacard.framework Generated by Oracle Corporation converter [v3.0.4] On Sat Nov 14 11:31:12 CET 2020 with JDK 11.0.9.1 (Ubuntu) Code size 285 bytes (461 with debug) SHA-256 d6cc2848bf2ac2240f20cc63b9a11d01526f4866d9cc32d1883879532d07dbed SHA-1 927dd9f441a0a975a5bb2fcd9edfffdc5d02fb9e A>> T=1 (4+0010) 84F28002 0A 4F000C591A7A6F6D3C5B 00 A<< (0044+2) (110ms) E32A4F08A0000001510000009F700107C5039EFE80C407A0000000620001CE020100CC08A000000151000000 9000 A>> T=1 (4+0010) 84F24002 0A 4F00590C7625FE31CC5F 00 A<< (0044+2) (102ms) E32A4F08A0000001515350419F70010FC503E08000C407A0000001515350CE020100CC08A000000151000000 9000 A>> T=1 (4+0010) 84F21002 0A 4F006EF7050F8A60382B 00 A<< (0000+2) (119ms) 6A88 A>> T=1 (4+0010) 84F22002 0A 4F008E905ED25ED324CD 00 A<< (0000+2) (100ms) 6A88 A>> T=1 (4+0046) 84E60200 2E 05112233445508A00000015153504114927DD9F441A0A975A5BB2FCD9EDFFFDC5D02FB9E0000F21D908B8CF2A45C A<< (0000+2) (122ms) 6A80 Applet loading failed. Are you sure the card can handle it? Error: INSTALL [for load] failed: 0x6A80 (Wrong data/incorrect values in data) pro.javacard.gp.GPException: INSTALL [for load] failed: 0x6A80 (Wrong data/incorrect values in data) at pro.javacard.gp.GPException.check(GPException.java:64) at pro.javacard.gp.GPSession.loadCapFile(GPSession.java:579) at pro.javacard.gp.GPCommands.load(GPCommands.java:155) at pro.javacard.gp.GPTool.loadCAP(GPTool.java:824) at pro.javacard.gp.GPTool.run(GPTool.java:375) at pro.javacard.gp.GPTool.main(GPTool.java:107) SCardDisconnect("HID Global OMNIKEY 5422 Smartcard Reader [OMNIKEY 5422 Smartcard Reader] (KJ0I2A00EY10673763) 01 00", true) tx:199/rx:193