Test this series of APDUs to see if it writes an application to the ring

[JohnMcLear]

When I get time I should use nfc-pcsc/cordova nfc to throw these APDUs at a ring and see what I get back

Don't give up on 6A82/6985/error.. It is expected while it tries to auth to various security domains (see below).. The line beginning with 80 E8 00 is where the stack-overflow errored so really we're looking to see if we can get to that point and ideally a 9000 response..

// Trying to auth to security domains
// Should fail
1) 00 A4 04 00 07 A0 00 00 01 51 00 00
// Should fail
2) 00 A4 04 00 08 A0 00 00 00 18 43 4D 00
// Should succeed
3) 00 A4 04 00 08 A0 00 00 00 03 00 00 00
// Authed

// Init
4) 80 50 00 00 08 34 F8 63 3E E3 BC 64 94
5) 84 82 00 00 10 08 EA 79 CD BA 32 F3 1C 69 1B 83 42 CD AA FE 42

// External Auth
6) 84 82 00 00 08 08 EA 79 CD BA 32 F3 1C

// Install
7) 80 E6 02 00 17 0A 01 02 03 04 05 06 07 08 09 00 08 A0 00 00 00 03 00 00 00 00 00 00

// I'm not sure why I do this twice?
8) 80 E6 02 00 17 0A 01 02 03 04 05 06 07 08 09 00 08 A0 00 00 00 03 00 00 00 00 00 00

// I'm a lot of data..  I assume the contents of the application..
9) 80 E8 00 00 FF C4 82 01 63 01 00 1F DE CA FF ED 02 02 06 00 01 0A 01 02 03 04 05 06 07 08 09 00 0A 68 65 6C 6C 6F 57 6F 72 6C 64 02 00 21 00 1F 00 21 00 0F 00 2A 00 22 00 5A 00 35 00 0A 00 0C 00 05 00 AA 00 00 00 00 00 00 00 00 04 01 00 04 00 2A 04 00 01 07 A0 00 00 00 62 00 01 00 01 07 A0 00 00 00 62 00 03 03 01 07 A0 00 00 00 62 01 01 00 01 08 A0 00 00 00 62 01 01 01 03 00 0F 01 0B 01 02 03 04 05 06 07 08 09 00 00 00 13 06 00 5A 00 00 A1 81 00 0C 48 65 6C 6C 6F 57 6F 72 6C 64 52 49 C1 82 02 22 83 05 00 FF 00 01 00 00 00 81 00 00 00 02 00 00 00 10 48 65 6C 6C 6F 57 6F 72 6C 64 52 49 49 6D 70 6C 01 00 02 00 82 03 00 FF 00 07 01 00 00 00 1C 42 80 00 00 FF 00 01 01 00 00 00 31 82 02 00 00 12 01 01 07 00 35 00 01 10 18 8C 00 00 7A 01 10 18 8C 00 01 18 8B 00 02 7A 01 30 8F
// I'm a lot of data..  I assume the contents of the application..  I'm also the same as above..  Is there an echo in here or something?! :P
80 E8 00 00 FF C4 82 01 63 01 00 1F DE CA FF ED 02 02 06 00 01 0A 01 02 03 04 05 06 07 08 09 00 0A 68 65 6C 6C 6F 57 6F 72 6C 64 02 00 21 00 1F 00 21 00 0F 00 2A 00 22 00 5A 00 35 00 0A 00 0C 00 05 00 AA 00 00 00 00 00 00 00 00 04 01 00 04 00 2A 04 00 01 07 A0 00 00 00 62 00 01 00 01 07 A0 00 00 00 62 00 03 03 01 07 A0 00 00 00 62 01 01 00 01 08 A0 00 00 00 62 01 01 01 03 00 0F 01 0B 01 02 03 04 05 06 07 08 09 00 00 00 13 06 00 5A 00 00 A1 81 00 0C 48 65 6C 6C 6F 57 6F 72 6C 64 52 49 C1 82 02 22 83 05 00 FF 00 01 00 00 00 81 00 00 00 02 00 00 00 10 48 65 6C 6C 6F 57 6F 72 6C 64 52 49 49 6D 70 6C 01 00 02 00 82 03 00 FF 00 07 01 00 00 00 1C 42 80 00 00 FF 00 01 01 00 00 00 31 82 02 00 00 12 01 01 07 00 35 00 01 10 18 8C 00 00 7A 01 10 18 8C 00 01 18 8B 00 02 7A 01 30 8F

Source: https://stackoverflow.com/questions/23670367/upload-a-cap-file-on-smart-card

Thinking: Can I use APDUs to upload a simple Hello world.

If anyone gets to this before me then feel free to action on my behalf =)

Should the APDU above succeed we can progress onto exploring how .jar's are converted to APDUs by the GP tool and hopefully doing that in JS instead of C/Py/Java

nfc-pcsc snippit (hand written w/ no syntax/sanity checking)

function prepAPDU(apdu){
  apdu = apdu.replace(/\s/g, "")
  return Buffer.from(apdu, 'hex');
}

var response = await reader.transmit(prepAPDU("00 A4 04 00 07 A0 00 00 01 51 00 00"), 200);
console.log(1, response.toString('hex')); // Select Success

var response = await reader.transmit(prepAPDU("00 A4 04 00 08 A0 00 00 01 51 00 00 00", 'hex'), 200);
console.log(2, response.toString('hex')); // Correct AID, works and returns 9000

var response = await reader.transmit(prepAPDU("80 50 00 00 08 34 F8 63 3E E3 BC 64 94", 'hex'), 200);
console.log(3, response.toString('hex')); // Init Success

var response = await reader.transmit(prepAPDU("84 82 00 00 10 40 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F", 'hex'), 200);
console.log(4, response.toString('hex')); // 6982 Ext Auth fails

var response = await reader.transmit(prepAPDU("84 82 00 00 08 08 EA 79 CD BA 32 F3 1C", 'hex'), 200);
console.log(5, response.toString('hex')); // 6985

var response = await reader.transmit(prepAPDU("80 E6 02 00 17 0A 01 02 03 04 05 06 07 08 09 00 08 A0 00 00 00 03 00 00 00 00 00 00", 'hex'), 200);
console.log(6, response.toString('hex'));

var response = await reader.transmit(prepAPDU("80 E6 02 00 17 0A 01 02 03 04 05 06 07 08 09 00 08 A0 00 00 00 03 00 00 00 00 00 00", 'hex'), 200);
console.log(7, response.toString('hex'));

var response = await reader.transmit(prepAPDU("80 E8 00 00 FF C4 82 01 63 01 00 1F DE CA FF ED 02 02 06 00 01 0A 01 02 03 04 05 06 07 08 09 00 0A 68 65 6C 6C 6F 57 6F 72 6C 64 02 00 21 00 1F 00 21 00 0F 00 2A 00 22 00 5A 00 35 00 0A 00 0C 00 05 00 AA 00 00 00 00 00 00 00 00 04 01 00 04 00 2A 04 00 01 07 A0 00 00 00 62 00 01 00 01 07 A0 00 00 00 62 00 03 03 01 07 A0 00 00 00 62 01 01 00 01 08 A0 00 00 00 62 01 01 01 03 00 0F 01 0B 01 02 03 04 05 06 07 08 09 00 00 00 13 06 00 5A 00 00 A1 81 00 0C 48 65 6C 6C 6F 57 6F 72 6C 64 52 49 C1 82 02 22 83 05 00 FF 00 01 00 00 00 81 00 00 00 02 00 00 00 10 48 65 6C 6C 6F 57 6F 72 6C 64 52 49 49 6D 70 6C 01 00 02 00 82 03 00 FF 00 07 01 00 00 00 1C 42 80 00 00 FF 00 01 01 00 00 00 31 82 02 00 00 12 01 01 07 00 35 00 01 10 18 8C 00 00 7A 01 10 18 8C 00 01 18 8B 00 02 7A 01 30 8F", 'hex'), 200);
console.log(8, response.toString('hex'));

var response = await reader.transmit(prepAPDU("80 E8 00 00 FF C4 82 01 63 01 00 1F DE CA FF ED 02 02 06 00 01 0A 01 02 03 04 05 06 07 08 09 00 0A 68 65 6C 6C 6F 57 6F 72 6C 64 02 00 21 00 1F 00 21 00 0F 00 2A 00 22 00 5A 00 35 00 0A 00 0C 00 05 00 AA 00 00 00 00 00 00 00 00 04 01 00 04 00 2A 04 00 01 07 A0 00 00 00 62 00 01 00 01 07 A0 00 00 00 62 00 03 03 01 07 A0 00 00 00 62 01 01 00 01 08 A0 00 00 00 62 01 01 01 03 00 0F 01 0B 01 02 03 04 05 06 07 08 09 00 00 00 13 06 00 5A 00 00 A1 81 00 0C 48 65 6C 6C 6F 57 6F 72 6C 64 52 49 C1 82 02 22 83 05 00 FF 00 01 00 00 00 81 00 00 00 02 00 00 00 10 48 65 6C 6C 6F 57 6F 72 6C 64 52 49 49 6D 70 6C 01 00 02 00 82 03 00 FF 00 07 01 00 00 00 1C 42 80 00 00 FF 00 01 01 00 00 00 31 82 02 00 00 12 01 01 07 00 35 00 01 10 18 8C 00 00 7A 01 10 18 8C 00 01 18 8B 00 02 7A 01 30 8F", 'hex'), 200);
console.log(9, response.toString('hex'));

For examples of nfc-pcsc usage w/ APDUs see https://gist.github.com/JohnMcLear/5cef778b3582ee6ebac7db4bb91a5fc8

For example of an application that appears to take .cap files in and spit out an APDU script see https://askra.de/software/jcdocs/kit-user-2.2.2/cJDKinstaller.html

The scriptgen tool converts a package contained in a CAP file into a script file. The script file contains a sequence of APDUs in ASCII format suitable for another tool, such as apdutool, to send to the CAD. The CAP file component order in the APDU script is identical to the order recommended by the Virtual Machine Specification for the Java Card Platform, Version 2.2.2.

It is possible that we host an API that exposes various "scripts" for each .cap/.jar we want to support on the rings and/or make that public/open source for others to contribute their projects. It really depends on how the ecosystem wants to look.

Output

transmitting <Buffer 00 a4 04 00 07 a0 00 00 01 51 00 00> 250
1 '6f5f8408a000000151000000a553734906072a864886fc6b01600b06092a864886fc6b020202630906072a864886fc6b03640b06092a864886fc6b040215650b06092a864886fc6b020101660c060a2b060104012a026e01039f6e01019f6501fe9000'
00A4040008A000000003000000
transmitting <Buffer 00 a4 04 00 08 a0 00 00 00 03 00 00 00> 47
2 '6a82'
805000000834F8633EE3BC6494
transmitting <Buffer 80 50 00 00 08 34 f8 63 3e e3 bc 64 94> 47
3 '0000832928013f48b97301020002da54f7d79b9e7d1c19e06ba427ff9000'
848200001008EA79CDBA32F31C691B8342CDAAFE42
transmitting <Buffer 84 82 00 00 10 08 ea 79 cd ba 32 f3 1c 69 1b 83 42 cd aa fe 42> 47
4 '6982'
848200000808EA79CDBA32F31C
transmitting <Buffer 84 82 00 00 08 08 ea 79 cd ba 32 f3 1c> 47
5 '6985'
80E60200170A0102030405060708090008A000000003000000000000
transmitting <Buffer 80 e6 02 00 17 0a 01 02 03 04 05 06 07 08 09 00 08 a0 00 00 00 03 00 00 00 00 00 00> 47
6 '6985'
80E60200170A0102030405060708090008A000000003000000000000
transmitting <Buffer 80 e6 02 00 17 0a 01 02 03 04 05 06 07 08 09 00 08 a0 00 00 00 03 00 00 00 00 00 00> 47
7 '6985'
80E80000FFC482016301001FDECAFFED02020600010A010203040506070809000A68656C6C6F576F726C64020021001F0021000F002A0022005A0035000A000C000500AA000000000000000004010004002A04000107A0000000620001000107A0000000620003030107A0000000620101000108A00000006201010103000F010B0102030405060708090000001306005A0000A181000C48656C6C6F576F726C645249C1820222830500FF000100000081000000020000001048656C6C6F576F726C645249496D706C01000200820300FF0007010000001C42800000FF0001010000003182020000120101070035000110188C00007A0110188C0001188B00027A01308F
transmitting <Buffer 80 e8 00 00 ff c4 82 01 63 01 00 1f de ca ff ed 02 02 06 00 01 0a 01 02 03 04 05 06 07 08 09 00 0a 68 65 6c 6c 6f 57 6f 72 6c 64 02 00 21 00 1f 00 21 ... > 47
8 '6985'
80E80000FFC482016301001FDECAFFED02020600010A010203040506070809000A68656C6C6F576F726C64020021001F0021000F002A0022005A0035000A000C000500AA000000000000000004010004002A04000107A0000000620001000107A0000000620003030107A0000000620101000108A00000006201010103000F010B0102030405060708090000001306005A0000A181000C48656C6C6F576F726C645249C1820222830500FF000100000081000000020000001048656C6C6F576F726C645249496D706C01000200820300FF0007010000001C42800000FF0001010000003182020000120101070035000110188C00007A0110188C0001188B00027A01308F
transmitting <Buffer 80 e8 00 00 ff c4 82 01 63 01 00 1f de ca ff ed 02 02 06 00 01 0a 01 02 03 04 05 06 07 08 09 00 0a 68 65 6c 6c 6f 57 6f 72 6c 64 02 00 21 00 1f 00 21 ... > 47
9 '6985'

[benbenbenbenbenben]

I'm working on some node.js stuff for this uploading challenge. In the meantime, get a copy of the GlobalPlatform spec. It'll explain a lot of the APDUs above.

e.g. see page 209 for an explanation of the secure channel handshake

https://www.win.tue.nl/pinpasjc/docs/Card%20Spec%20v2.1.1%20v0303.pdf

[JohnMcLear]

Javascript APDU Parser :: https://github.com/mclear/javascript_apdu_parser/

[PaddeK]

Working example with node-gp: https://github.com/PaddeK/omni-ring-example

[PaddeK]

And now https://github.com/PaddeK/omni-ring-example has a CAP to APDU convert example.

Simply run npx -q github:PaddeK/omni-ring-example convert