martinpaljak / GlobalPlatformPro

🌐 🔐 Manage applets and keys on JavaCard-s like a pro
https://javacard.pro/globalplatform
GNU Lesser General Public License v3.0
699 stars 212 forks source link

KDF3 master key diversification does not diversify #249

Closed l1980 closed 3 years ago

l1980 commented 3 years ago

When requesting KDF3 counter mode keys diversification, it appears GPPro does not diversify and takes static master key for ENC KEK DEK. Card is an IDEMIA Cosmo v9.0

Full log

# gp -kdf3 --key-kdf KDF3 -key 0E2B4A53DE24D12250908CFE99E3E2573CE63F5224586D30F6AA42C7F9ABB938 -ldvi
[DEBUG] TerminalManager - Selected the only reader with a card
SCardConnect("OMNIKEY CardMan 3x21 0", T=*) -> T=1, 3BFF1800008131FE45006B05052000012101434E5310318079
# GlobalPlatformPro 325fe84
# Running on Windows 10 10.0 amd64, Java 15 by Oracle Corporation
A>> T=1 (4+0000) 00A40400 00
A<< (0066+2) (32ms) 6F408408A000000151000000A534732E06072A864886FC6B01600B06092A864886FC6B020203630906072A864886FC6B03640B06092A864886FC6B0403609F6501FF 9000
[DEBUG] GPSession - Auto-detected ISD: A000000151000000
A>> T=1 (4+0000) 80CA9F7F 00
A<< (0045+2) (22ms) 9F7F2A4830132A8231828100120274517DE166093A1142027411430274114402742A0700000000000000000000 9000
CPLC: ICFabricator=4830
      ICType=132A
      OperatingSystemID=8231
      OperatingSystemReleaseDate=8281 (2018-10-08)
      OperatingSystemReleaseLevel=0012
      ICFabricationDate=0274 (2010-10-01)
      ICSerialNumber=517DE166
      ICBatchIdentifier=093A
      ICModuleFabricator=1142
      ICModulePackagingDate=0274 (2010-10-01)
      ICCManufacturer=1143
      ICEmbeddingDate=0274 (2010-10-01)
      ICPrePersonalizer=1144
      ICPrePersonalizationEquipmentDate=0274 (2010-10-01)
      ICPrePersonalizationEquipmentID=2A070000
      ICPersonalizer=0000
      ICPersonalizationDate=0000 (2010-01-01)
      ICPersonalizationEquipmentID=00000000

A>> T=1 (4+0000) 80CA0042 00
A<< (0000+2) (22ms) 6A88
[DEBUG] GPData - GET DATA(IIN): N/A
A>> T=1 (4+0000) 80CA0045 00
A<< (0000+2) (15ms) 6A88
[DEBUG] GPData - GET DATA(CIN): N/A
Card Data:
A>> T=1 (4+0000) 80CA0066 00
A<< (0050+2) (16ms) 6630732E06072A864886FC6B01600B06092A864886FC6B020203630906072A864886FC6B03640B06092A864886FC6B040360 9000
Tag 6: 1.2.840.114283.1
-> Global Platform card
Tag 60: 1.2.840.114283.2.2.3
-> GP Version: 2.3
Tag 63: 1.2.840.114283.3
Tag 64: 1.2.840.114283.4.3.96
-> GP SCP03 i=60
Card Capabilities:
A>> T=1 (4+0000) 80CA0067 00
A<< (0000+2) (22ms) 6A88
[DEBUG] GPData - GET DATA(Card Capabilities): N/A
A>> T=1 (4+0000) 80CA00E0 00
A<< (0020+2) (16ms) E012C00401018820C00402018820C00403018820 9000
Version:   1 (0x01) ID:   1 (0x01) type: AES          length:  32 (AES-256)
Version:   1 (0x01) ID:   2 (0x02) type: AES          length:  32 (AES-256)
Version:   1 (0x01) ID:   3 (0x03) type: AES          length:  32 (AES-256)

[INFO] GPSession - Using card master keys with version 0 for setting up session [MAC]
A>> T=1 (4+0008) 80500000 08 365824E234EE8409 00
A<< (0029+2) (13s288ms) 093A0274517DE16601000103601FB6EC6D854FA19E6E68BB88580B2C4D 9000
[DEBUG] GPSession - SSC: null
[DEBUG] GPSession - Host challenge: 365824E234EE8409
[DEBUG] GPSession - Card challenge: 1FB6EC6D854FA19E
[DEBUG] GPSession - Card reports SCP03 (i=60) with key version 1 (0x01)

[INFO] GPSession - Diversified card keys: **ENC=0E2B4A53DE24D12250908CFE99E3E2573CE63F5224586D30F6AA42C7F9ABB938 (KCV: 855E42) MAC=0E2B4A53DE24D12250908CFE99E3E2573CE63F5224586D30F6AA42C7F9ABB938 (KCV: 855E42) DEK=0E2B4A53DE24D12250908CFE99E3E2573CE63F5224586D30F6AA42C7F9ABB938 (KCV: 855E42) for SCP03 (i=60)**

[INFO] GPSession - Session keys: ENC=F4E9054A3898F6F1BAE14D44061BA2CE3EB037C5EB41AE95CF0413E6277D216D MAC=A1847A5221473A4A3E8A196D0FB207CB9936B3A8CC1CF0CD67AA38AEE2946215 RMAC=1D24AFBC34C06A56F2DAD936EE5FC20D095D35B46AD002D7894CC322F6E2EC12
Failed to open secure channel: Card cryptogram invalid!
Received: 6E68BB88580B2C4D
Expected: B17394C9DF8517AE
!!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!!
Read more from https://github.com/martinpaljak/GlobalPlatformPro/wiki/Keys
SCardDisconnect("OMNIKEY CardMan 3x21 0", true) tx:49/rx:226

Additional context

Add any other context about the problem here.

mnx93 commented 3 years ago

Got the same issue. With Idemia cosmo 8.2 Any fix ?

martinpaljak commented 3 years ago

Press the "Sponsor" button for motivation for a quicker fix ;(

mnx93 commented 3 years ago

If I specifie enc, mac and dek key, it's ok, but if I use Master Key, no diversification even if I use -kdf3 option.

martinpaljak commented 3 years ago

I hear you. Expect some activity on this over the weekend/next week.

mnx93 commented 3 years ago

Thank you.

martinpaljak commented 3 years ago

gp -key KDF3:0E2B4A53DE24D12250908CFE99E3E2573CE63F5224586D30F6AA42C7F9ABB938 does the trick. I'll leave this open as the CLI should indicate that -kdf3 is a deprecated option and also update the documentation accordingly

mnx93 commented 3 years ago

Hi, Thank you.

I tried but I still have issue :
with that : gp.exe -liv -key KDF3:101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F

It answer me : GlobalPlatformPro v20.01.23-0-g5ad373b Running on Windows 10 10.0 amd64, Java 15.0.2 by Oracle Corporation

Detected readers from JNA2PCSC

[ ] Generic Smart Card Reader Interface 0 [] OT MicroSD smartcard Reader 1 SCardConnect("OT MicroSD smartcard Reader 1", T=) -> T=1, 3BDB960081B1FE451F8312340000000000000F9000E3 SCardBeginTransaction("OT MicroSD smartcard Reader 1") Reader: OT MicroSD smartcard Reader 1 ATR: 3BDB960081B1FE451F8312340000000000000F9000E3 More information about your card: http://smartcard-atr.appspot.com/parse?ATR=3BDB960081B1FE451F8312340000000000000F9000E3

A>> T=1 (4+0000) 00A40400 00 A<< (0066+2) (56ms) 6F408407A0000001510000A535732F06072A864886FC6B01600C060A2A864886FC6B02020201630906072A864886FC6B03640B06092A864886FC6B0403609F6501FF 9000 [TRACE] GPSession - [6F] [TRACE] GPSession - [84] A0000001510000 [TRACE] GPSession - [A5] [TRACE] GPSession - [73] [TRACE] GPSession - [06] 2A864886FC6B01 [TRACE] GPSession - [60] [TRACE] GPSession - [06] 2A864886FC6B02020201 [TRACE] GPSession - [63] [TRACE] GPSession - [06] 2A864886FC6B03 [TRACE] GPSession - [64] [TRACE] GPSession - [06] 2A864886FC6B040360 [TRACE] GPSession - [9F65] FF [DEBUG] GPSession - Auto-detected ISD: A0000001510000 [TRACE] GPData - GET DATA(CPLC) A>> T=1 (4+0000) 80CA9F7F 00 A<< (0045+2) (41ms) 9F7F2A47906B4882318222300E0185A800108A2900114210291143102911441029010000000000000000000000 9000 CPLC: ICFabricator=4790 ICType=6B48 OperatingSystemID=8231 OperatingSystemReleaseDate=8222 (2018-08-10) OperatingSystemReleaseLevel=300E ICFabricationDate=0185 (2010-07-04) ICSerialNumber=A800108A ICBatchIdentifier=2900 ICModuleFabricator=1142 ICModulePackagingDate=1029 (2011-01-29) ICCManufacturer=1143 ICEmbeddingDate=1029 (2011-01-29) ICPrePersonalizer=1144 ICPrePersonalizationEquipmentDate=1029 (2011-01-29) ICPrePersonalizationEquipmentID=01000000 ICPersonalizer=0000 ICPersonalizationDate=0000 (2010-01-01) ICPersonalizationEquipmentID=00000000

[TRACE] GPData - GET DATA(IIN) A>> T=1 (4+0000) 80CA0042 00 A<< (0000+2) (39ms) 6A88 [DEBUG] GPData - GET DATA(IIN): N/A [TRACE] GPData - GET DATA(CIN) A>> T=1 (4+0000) 80CA0045 00 A<< (0000+2) (83ms) 6A88 [DEBUG] GPData - GET DATA(CIN): N/A Card Data: [TRACE] GPData - GET DATA(Card Data) A>> T=1 (4+0000) 80CA0066 00 A<< (0051+2) (43ms) 6631732F06072A864886FC6B01600C060A2A864886FC6B02020201630906072A864886FC6B03640B06092A864886FC6B040360 9000 [TRACE] GPData - [66] [TRACE] GPData - [73] [TRACE] GPData - [06] 2A864886FC6B01 [TRACE] GPData - [60] [TRACE] GPData - [06] 2A864886FC6B02020201 [TRACE] GPData - [63] [TRACE] GPData - [06] 2A864886FC6B03 [TRACE] GPData - [64] [TRACE] GPData - [06] 2A864886FC6B040360 Tag 6: 1.2.840.114283.1 -> Global Platform card Tag 60: 1.2.840.114283.2.2.2.1 -> GP Version: 2.2.1 Tag 63: 1.2.840.114283.3 Tag 64: 1.2.840.114283.4.3.96 -> GP SCP03 i=60 Card Capabilities: [TRACE] GPData - GET DATA(Card Capabilities) A>> T=1 (4+0000) 80CA0067 00 A<< (0000+2) (46ms) 6A88 [DEBUG] GPData - GET DATA(Card Capabilities): N/A [TRACE] GPData - GET DATA(Key Info Template) A>> T=1 (4+0000) 80CA00E0 00 A<< (0020+2) (51ms) E012C00401018820C00402018820C00403018820 9000 [TRACE] GPKeyInfo - [E0] [TRACE] GPKeyInfo - [C0] 01018820 [TRACE] GPKeyInfo - [C0] 02018820 [TRACE] GPKeyInfo - [C0] 03018820 Version: 1 (0x01) ID: 1 (0x01) type: AES length: 32 (AES-256) Version: 1 (0x01) ID: 2 (0x02) type: AES length: 32 (AES-256) Version: 1 (0x01) ID: 3 (0x03) type: AES length: 32 (AES-256) SCardEndTransaction("OT MicroSD smartcard Reader 1") SCardDisconnect("OT MicroSD smartcard Reader 1", true) tx:35/rx:196 Exception in thread "main" java.lang.IllegalArgumentException: Illegal hex: K at apdu4j.HexUtils.decodeHexString_imp(HexUtils.java:58) at apdu4j.HexUtils.stringToBin(HexUtils.java:83) at pro.javacard.gp.GPTool.main(GPTool.java:266)

mnx93 commented 3 years ago

Now it's ok, i've rebuild with last sources and all works great. Thank you.

martinpaljak commented 3 years ago

This regression was fixed with #257