GlobalPlatform

the 0x80302000 is not known to PCSC/pcsclite.h all the defines tehre are
0x801xxxxx, can you explain whats going on?

In is very uncommon to have 53 tries. You cannot say how much tries are
left. 0x80302000 is generated by the program. But is is only the first step
in the key negotiation, the seond cannot succedd because the program cannot
calculate the cryptogram correctly.

In is very uncommon to have 53 tries. You cannot say how much tries are
left. 0x80302000 is generated by the program. But is is only the first step
in the key negotiation, the seond cannot succedd because the program cannot
calculate the cryptogram correctly.

One strange thing as well...

I've tried this same sequence probably 50 times .. screwing around with
various things... yet it appears as though I had 3 tries left? If the
number of tries I had was 53 to begin with, that would make sense.

Is there any possibility that mutual authentication is actually
succeeding, but gpshell is failing to notice properly? Is 0x80302000
something that was generated by the card, or something that was generated
from the globalplatform library? How would I make this determination?

Yes, maybe the key is only known to the person which issued the card. The
key usually must be kept secret. Well, I had problems wirh the core dump.
Can you send me a gdb gpshell core output? stacktrace prints the stacktrace

I'll leave it to you to find out what's wrong with the stringification...
hopefully the core dump can help you with that.

Okay. That answers my question about what's wrong, then. If the key is
wrong, then I guess they changed it, since it's a retail card.

It makes sense, right? If someone knows the issuer domain key, then they
can make the card do anything, including give up private keys, so a retail
card provider would probably want to change the key before shipping it out.

Or am I mistaken about that?

14/06 22:14:21 -mutual_authentication in GlobalPlatform.c at line 5986 :
end RV(0x80302000)

means:

static const DWORD OPGP_ERROR_CARD_CRYPTOGRAM_VERIFICATION =
((DWORD)0x80302000L); //!< The verification of the card cryptogram failed.

So maybe the key is not correct you are using.

The problems seems to arrise now while stringifying the error code.

in gpsell.c

_tprintf (_T("mutual_authentication() returns 0x%08X (%s)\n"),
rv, stringify_error(rv));

or in globalplatform.c:

if (errorCode == OPGP_ERROR_CARD_CRYPTOGRAM_VERIFICATION)
return _T("The verification of the card cryptogram failed.");

I have no idea why one of both should cause a segmentation fault.

No, you usually have 3 to 10 tries. The keys are all 404142 ... 4F by
default.

I put in a card I used less than this one, and put the original card I've
been using in a different drawer.. I won't mess with it unless we figure
this problem out. Attempt made with debugging variables. Log:

----
14/06 22:14:20 +establish_context in GlobalPlatform.c at line 521 : start
14/06 22:14:20 -establish_context in GlobalPlatform.c at line 531 : end
RV(0x0)
14/06 22:14:20 +list_readers in GlobalPlatform.c at line 565 : start
14/06 22:14:20 readerSize: 18
14/06 22:14:20 -list_readers in GlobalPlatform.c at line 602 : end
RV(0x0)
14/06 22:14:20 +card_connect in GlobalPlatform.c at line 625 : start
14/06 22:14:21 -card_connect in GlobalPlatform.c at line 650 : end
RV(0x0)
14/06 22:14:21 +select_application in GlobalPlatform.c at line 1517 :
start
14/06 22:14:21 select_application: Data to send:
14/06 22:14:21 0x00
14/06 22:14:21 0xa4
14/06 22:14:21 0x04
14/06 22:14:21 0x00
14/06 22:14:21 0x07
14/06 22:14:21 0xa0
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x01
14/06 22:14:21 0x51
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 +send_APDU in GlobalPlatform.c at line 1086 : start
14/06 22:14:21 +wrap_command in GlobalPlatform.c at line 709 : start
14/06 22:14:21 -wrap_command in GlobalPlatform.c at line 969 : end
RV(0x0)
14/06 22:14:21 +check_R_MAC in GlobalPlatform.c at line 992 : start
14/06 22:14:21 -check_R_MAC in GlobalPlatform.c at line 1048 : end
RV(0x0)
14/06 22:14:21 -send_APDU in GlobalPlatform.c at line 1500 : end RV(0x0)
14/06 22:14:21 select_application: Data:
14/06 22:14:21 0x6f
14/06 22:14:21 0x0f
14/06 22:14:21 0x84
14/06 22:14:21 0x07
14/06 22:14:21 0xa0
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x01
14/06 22:14:21 0x51
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0xa5
14/06 22:14:21 0x04
14/06 22:14:21 0x9f
14/06 22:14:21 0x65
14/06 22:14:21 0x01
14/06 22:14:21 0xff
14/06 22:14:21 0x90
14/06 22:14:21 0x00
14/06 22:14:21 -select_application in GlobalPlatform.c at line 1561 : end
RV(0x0)
14/06 22:14:21 +get_secure_channel_protocol_details in GlobalPlatform.c at
line 2615 : start
14/06 22:14:21 +get_data in GlobalPlatform.c at line 2493 : start
14/06 22:14:21 get_data: Data to send:
14/06 22:14:21 0x80
14/06 22:14:21 0xca
14/06 22:14:21 0x00
14/06 22:14:21 0x66
14/06 22:14:21 0x00
14/06 22:14:21 +send_APDU in GlobalPlatform.c at line 1086 : start
14/06 22:14:21 +wrap_command in GlobalPlatform.c at line 709 : start
14/06 22:14:21 -wrap_command in GlobalPlatform.c at line 969 : end
RV(0x0)
14/06 22:14:21 +check_R_MAC in GlobalPlatform.c at line 992 : start
14/06 22:14:21 -check_R_MAC in GlobalPlatform.c at line 1048 : end
RV(0x0)
14/06 22:14:21 -send_APDU in GlobalPlatform.c at line 1500 : end RV(0x0)
14/06 22:14:21 get_data: Data:
14/06 22:14:21 0x66
14/06 22:14:21 0x3f
14/06 22:14:21 0x73
14/06 22:14:21 0x3d
14/06 22:14:21 0x06
14/06 22:14:21 0x07
14/06 22:14:21 0x2a
14/06 22:14:21 0x86
14/06 22:14:21 0x48
14/06 22:14:21 0x86
14/06 22:14:21 0xfc
14/06 22:14:21 0x6b
14/06 22:14:21 0x01
14/06 22:14:21 0x60
14/06 22:14:21 0x0c
14/06 22:14:21 0x06
14/06 22:14:21 0x0a
14/06 22:14:21 0x2a
14/06 22:14:21 0x86
14/06 22:14:21 0x48
14/06 22:14:21 0x86
14/06 22:14:21 0xfc
14/06 22:14:21 0x6b
14/06 22:14:21 0x02
14/06 22:14:21 0x02
14/06 22:14:21 0x01
14/06 22:14:21 0x01
14/06 22:14:21 0x63
14/06 22:14:21 0x09
14/06 22:14:21 0x06
14/06 22:14:21 0x07
14/06 22:14:21 0x2a
14/06 22:14:21 0x86
14/06 22:14:21 0x48
14/06 22:14:21 0x86
14/06 22:14:21 0xfc
14/06 22:14:21 0x6b
14/06 22:14:21 0x03
14/06 22:14:21 0x64
14/06 22:14:21 0x0b
14/06 22:14:21 0x06
14/06 22:14:21 0x09
14/06 22:14:21 0x2a
14/06 22:14:21 0x86
14/06 22:14:21 0x48
14/06 22:14:21 0x86
14/06 22:14:21 0xfc
14/06 22:14:21 0x6b
14/06 22:14:21 0x04
14/06 22:14:21 0x01
14/06 22:14:21 0x05
14/06 22:14:21 0x66
14/06 22:14:21 0x0c
14/06 22:14:21 0x06
14/06 22:14:21 0x0a
14/06 22:14:21 0x2b
14/06 22:14:21 0x06
14/06 22:14:21 0x01
14/06 22:14:21 0x04
14/06 22:14:21 0x01
14/06 22:14:21 0x2a
14/06 22:14:21 0x02
14/06 22:14:21 0x6e
14/06 22:14:21 0x01
14/06 22:14:21 0x02
14/06 22:14:21 0x90
14/06 22:14:21 0x00
14/06 22:14:21 -get_data in GlobalPlatform.c at line 2525 : end RV(0x0)
14/06 22:14:21 OIDCardRecognitionData:
14/06 22:14:21 0x2a
14/06 22:14:21 0x86
14/06 22:14:21 0x48
14/06 22:14:21 0x86
14/06 22:14:21 0xfc
14/06 22:14:21 0x6b
14/06 22:14:21 0x01
14/06 22:14:21 OIDCardManagementTypeAndVersion:
14/06 22:14:21 0x2a
14/06 22:14:21 0x86
14/06 22:14:21 0x48
14/06 22:14:21 0x86
14/06 22:14:21 0xfc
14/06 22:14:21 0x6b
14/06 22:14:21 0x02
14/06 22:14:21 0x02
14/06 22:14:21 0x01
14/06 22:14:21 0x01
14/06 22:14:21 OIDCardIdentificationScheme:
14/06 22:14:21 0x2a
14/06 22:14:21 0x86
14/06 22:14:21 0x48
14/06 22:14:21 0x86
14/06 22:14:21 0xfc
14/06 22:14:21 0x6b
14/06 22:14:21 0x03
14/06 22:14:21 OIDSecureChannelProtocol:
14/06 22:14:21 0x2a
14/06 22:14:21 0x86
14/06 22:14:21 0x48
14/06 22:14:21 0x86
14/06 22:14:21 0xfc
14/06 22:14:21 0x6b
14/06 22:14:21 0x04
14/06 22:14:21 0x01
14/06 22:14:21 0x05
14/06 22:14:21 CardConfigurationDetails:
14/06 22:14:21 0x06
14/06 22:14:21 0x0a
14/06 22:14:21 0x2b
14/06 22:14:21 0x06
14/06 22:14:21 0x01
14/06 22:14:21 0x04
14/06 22:14:21 0x01
14/06 22:14:21 0x2a
14/06 22:14:21 0x02
14/06 22:14:21 0x6e
14/06 22:14:21 0x01
14/06 22:14:21 0x02
14/06 22:14:21 -get_secure_channel_protocol_details in GlobalPlatform.c
at line 2730 : end RV(0x0)
14/06 22:14:21 +mutual_authentication in GlobalPlatform.c at line 5649 :
start
14/06 22:14:21 Secure Channel Protocol: 0x01
14/06 22:14:21 Secure Channel Protocol Implementation: 0x05
14/06 22:14:21 Generated Host Challenge:
14/06 22:14:21 0x63
14/06 22:14:21 0xdb
14/06 22:14:21 0x61
14/06 22:14:21 0x25
14/06 22:14:21 0xb0
14/06 22:14:21 0xe1
14/06 22:14:21 0x59
14/06 22:14:21 0x38
14/06 22:14:21 mutual_authentication: INITIALIZE UPDATE Data to send:
14/06 22:14:21 0x80
14/06 22:14:21 0x50
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x08
14/06 22:14:21 0x63
14/06 22:14:21 0xdb
14/06 22:14:21 0x61
14/06 22:14:21 0x25
14/06 22:14:21 0xb0
14/06 22:14:21 0xe1
14/06 22:14:21 0x59
14/06 22:14:21 0x38
14/06 22:14:21 0x00
14/06 22:14:21 +send_APDU in GlobalPlatform.c at line 1086 : start
14/06 22:14:21 +wrap_command in GlobalPlatform.c at line 709 : start
14/06 22:14:21 -wrap_command in GlobalPlatform.c at line 969 : end
RV(0x0)
14/06 22:14:21 +check_R_MAC in GlobalPlatform.c at line 992 : start
14/06 22:14:21 -check_R_MAC in GlobalPlatform.c at line 1048 : end
RV(0x0)
14/06 22:14:21 -send_APDU in GlobalPlatform.c at line 1500 : end RV(0x0)
14/06 22:14:21 mutual_authentication: INITIALIZE UPDATE Data:
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x07
14/06 22:14:21 0x52
14/06 22:14:21 0x00
14/06 22:14:21 0x25
14/06 22:14:21 0x24
14/06 22:14:21 0x54
14/06 22:14:21 0x39
14/06 22:14:21 0x73
14/06 22:14:21 0x01
14/06 22:14:21 0x01
14/06 22:14:21 0xdb
14/06 22:14:21 0x96
14/06 22:14:21 0xac
14/06 22:14:21 0xe7
14/06 22:14:21 0x42
14/06 22:14:21 0x60
14/06 22:14:21 0xbe
14/06 22:14:21 0x03
14/06 22:14:21 0x41
14/06 22:14:21 0xf7
14/06 22:14:21 0xdf
14/06 22:14:21 0xb0
14/06 22:14:21 0x3d
14/06 22:14:21 0x13
14/06 22:14:21 0x94
14/06 22:14:21 0xb9
14/06 22:14:21 0x90
14/06 22:14:21 0x00
14/06 22:14:21 Key Diversification Data:
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x07
14/06 22:14:21 0x52
14/06 22:14:21 0x00
14/06 22:14:21 0x25
14/06 22:14:21 0x24
14/06 22:14:21 0x54
14/06 22:14:21 0x39
14/06 22:14:21 0x73
14/06 22:14:21 Key Information Data:
14/06 22:14:21 0x01
14/06 22:14:21 0x01
14/06 22:14:21 Card Challenge:
14/06 22:14:21 0xdb
14/06 22:14:21 0x96
14/06 22:14:21 0xac
14/06 22:14:21 0xe7
14/06 22:14:21 0x42
14/06 22:14:21 0x60
14/06 22:14:21 0xbe
14/06 22:14:21 0x03
14/06 22:14:21 Retrieved Card Cryptogram:
14/06 22:14:21 0x41
14/06 22:14:21 0xf7
14/06 22:14:21 0xdf
14/06 22:14:21 0xb0
14/06 22:14:21 0x3d
14/06 22:14:21 0x13
14/06 22:14:21 0x94
14/06 22:14:21 0xb9
14/06 22:14:21 +create_session_key_SCP01 in GlobalPlatform.c at line 5114
: start
14/06 22:14:21 +calculate_enc_ecb_two_key_triple_des in GlobalPlatform.c
at line 5178 : start
14/06 22:14:21 -calculate_enc_ecb_two_key_triple_des in GlobalPlatform.c
at line 5221 : end RV(0x0)
14/06 22:14:21 -create_session_key_SCP01 in GlobalPlatform.c at line 5126
: end RV(0x0)
14/06 22:14:21 +create_session_key_SCP01 in GlobalPlatform.c at line 5114
: start
14/06 22:14:21 +calculate_enc_ecb_two_key_triple_des in GlobalPlatform.c
at line 5178 : start
14/06 22:14:21 -calculate_enc_ecb_two_key_triple_des in GlobalPlatform.c
at line 5221 : end RV(0x0)
14/06 22:14:21 -create_session_key_SCP01 in GlobalPlatform.c at line 5126
: end RV(0x0)
14/06 22:14:21 S-ENC Session Key:
14/06 22:14:21 0xa9
14/06 22:14:21 0xcc
14/06 22:14:21 0x02
14/06 22:14:21 0xe9
14/06 22:14:21 0x6e
14/06 22:14:21 0xaa
14/06 22:14:21 0x0d
14/06 22:14:21 0xb7
14/06 22:14:21 0xf9
14/06 22:14:21 0xf9
14/06 22:14:21 0xba
14/06 22:14:21 0xb0
14/06 22:14:21 0x03
14/06 22:14:21 0x2f
14/06 22:14:21 0x5b
14/06 22:14:21 0x2c
14/06 22:14:21 C-MAC Session Key:
14/06 22:14:21 0xa9
14/06 22:14:21 0xcc
14/06 22:14:21 0x02
14/06 22:14:21 0xe9
14/06 22:14:21 0x6e
14/06 22:14:21 0xaa
14/06 22:14:21 0x0d
14/06 22:14:21 0xb7
14/06 22:14:21 0xf9
14/06 22:14:21 0xf9
14/06 22:14:21 0xba
14/06 22:14:21 0xb0
14/06 22:14:21 0x03
14/06 22:14:21 0x2f
14/06 22:14:21 0x5b
14/06 22:14:21 0x2c
14/06 22:14:21 Data Encryption Key:
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 0x00
14/06 22:14:21 +calculate_card_cryptogram_SCP01 in GlobalPlatform.c at
line 5478 : start
14/06 22:14:21 +calculate_MAC in GlobalPlatform.c at line 5302 : start
14/06 22:14:21 -calculate_MAC in GlobalPlatform.c at line 5339 : end
RV(0x0)
14/06 22:14:21 -calculate_card_cryptogram_SCP01 in GlobalPlatform.c at
line 5487 : end RV(0x0)
14/06 22:14:21 Card Cryptogram to compare:
14/06 22:14:21 0x2c
14/06 22:14:21 0x40
14/06 22:14:21 0xe1
14/06 22:14:21 0xc6
14/06 22:14:21 0x6a
14/06 22:14:21 0x02
14/06 22:14:21 0xa1
14/06 22:14:21 0x78
14/06 22:14:21 -mutual_authentication in GlobalPlatform.c at line 5986 :
end RV(0x80302000)
----

And here's the main output
----mode_211
enable_trace
establish_context
card_connect
select -AID A0000001510000
Command --> 00A4040007A0000001510000
Wrapped command --> 00A4040007A0000001510000
Response <-- 6F0F8407A0000001510000A5049F6501FF9000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key
404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f
// Open secure channel
Command --> 80CA006600
Wrapped command --> 80CA006600
Response <--
663F733D06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040105660C060A2B060104012A026E01029000
Command --> 805000000863DB6125B0E1593800
Wrapped command --> 805000000863DB6125B0E1593800
Response <-- 000007520025245439730101DB96ACE74260BE0341F7DFB03D1394B99000
Segmentation fault
----

Oh.. unless you're saying I have 3 more tries on that *particular card* and
you can tell from the output, and a card normally has many more than 3
tries?

*sigh* Then I've likely destroied all five of the cards I bought.
I didn't know that this type of thing could irreversably damage the card.

In fact, I don't even know whether the keys I'm using are actually the
right keys for the card. I just saw that same key used for a bunch of
other cards. I have no idea if the retailer that supplied me with these
cards uses the same key or what (Although the same retailer has different
types of java cards that reportedly use the same key)

I've blown way past that limit, and I still get segfaults. So at least
even though I probably wrecked my cards (sigh), I can still generate
segfaults. So I should be able to help you?

Can you run a "gdb gpshell core" on the core file. The files you sent me
cannot be used as core file on my side.

OK, I have received now the core with some delay.

Stop trying to use this card. The mutual authentication is not successful.
The card gets locked forever after 3 up more tries. the INITIALIZE UPDATE
command causes an error in the code.

I you have already reached this limit, be careful. If you have a try left
use the debug feature:

If you experience problems a DEBUG output is always helpful.
Set the varibale GLOBALPLATFORM_DEBUG=1 in the environment. You can set
the logfile with GLOBALPLATFORM_LOGFILE=<file>. Under Windows by
default C:\Temp\GlobalPlatform.log is chosen. The log file must be
writable for the user. The default log file under Unix systems is
/tmp/GlobalPlatform.log. But usually syslog is available and this will
be used by default, so you may have to specify the log file manually,
if you don't have access to the syslog or don't want to use it.
Keep in mind that the debugging output may contain sensitive information,
e.g. keys!

Really? I have received no mail.

It is a Java Card. The mutual authentication is successful. After this
something happens. Can can also enable debugging: "set
GLOBALPLATFORM_DEBUG=1" and there should be a log file in the temp
dirtectory.

I've e-mailed you the core dump.

Also, does the output I supplied above give no indication at all of
whether it's actually a JavaCard, and what may have caused the segfault?

Hi,

Well, I guess it it is some memory leak. I do not have such a card, so I
can analyze the code, but maybe it is hard to get it. If you have the core
you can sent it to me by email.

If it is a JavaCard it should be possible to install the MuscleCard applet
on it, if gpshell works.