Re: [Globalplatform-users] FW: JCOP 41 V 2.3.2

[Karsten O. <wid...@t-...>]

Hi,

I have added these information to the GPShell page:

https://sourceforge.net/apps/mediawiki/globalplatform/index.php?title=GPShell

A wiki with the manuals of all cards would be nice.

Karsten
Am 05.07.2011 18:31, schrieb Michael StJohns:
> 
> 
> Send "00h A4h 04h 00h 09h A0h 00h 00h 01h 67h 41h 30h 00h FFh 00h" to
> the card - this is the JCOP IDENTIFY command.   You can do this with the
> GPShell select command - "select -aid A000000167413000FF"
> 
> Offset 14 (decimal) of the response has the pre-personalized state.  00h
> is not fused (not personalized), 01h is fused.  If the former, you're
> pretty much out of luck unless you have the transport key as the global
> platform keys are set randomly.
> 
> JCOP41 2.3.2 cards are mostly the same as the previous version of the
> card.  They do (or are supposed to) use the aid "A000000003000000".  You
> can try instead using the "select next" version of the select
> command.    CLA=0, ins=A4, P1=04, P2=02, data = "A0 00" to select any
> applet whose AID begins with "A0 00".  The response might be useful.
> 
> Lastly, JCOP41 cards are GP2.01 - AKA Open Platform.  You should  grab a
> copy of the standard from  the global platform web site.  It should help
> when you're poking around.  In particular, it should describe the format
> of the response from the select command.
> 
> Enjoy - Mike
> 
> 
> 
> 
> At 10:30 AM 7/5/2011, Marcel Mauricio Mancini Tavara wrote:
>> Content-class: urn:content-classes:message
>> Content-Type: multipart/alternative;
>>          boundary="----_=_NextPart_001_01CC3B20.1591579A"
>>
>>
>> Thank you so much for your help. I tried the alternatives offered by
>> you and all the different cmds always return the same:
>>
>> 6A81: Function not supported
>>
>> Also, this is the first model of card that has given me so much
>> trouble. Could it be that they are not even pre-personalized? I will
>> try to get a response from the vendor and I will let you know if I
>> make any progresses.
>>
>> Marcel
>>
>> -----Original Message-----
>> From: Karsten Ohme [mailto:wid...@t-... ]
>> Sent: Mon 7/4/2011 7:34 PM
>> To: Marcel Mauricio Mancini Tavara
>> Cc: glo...@li...
>> Subject: Re: [Globalplatform-users] FW: JCOP 41 V 2.3.2
>>
>> Hi,
>>
>> So I guess the AID is different for this card, although this is actually
>> the correct AID. If nothing helps ask the people were you bought it.
>> Actually there should be a manual.
>>
>> One way to find it out:
>>
>> establish_context
>> enable_trace
>> enable_timer
>> card_connect
>> get_data -identifier 004F
>> // or if not working: get_data -identifier 4F
>> card_disconnect
>> release_context
>>
>> Problem with this: Nobody seems to support it.
>>
>> -----------------------
>>
>> Another way to find it out:
>>
>> I assume the Card Issuer Security Domain is the default selected
>> application on new cards. So the select command is not necessary.
>>
>> mode_211
>> enable_trace
>> establish_context
>> // only necessary if you have multiple readers: card_connect
>> -readerNumber 1
>> // not necessary if this is default selected: select -AID a000000003000000
>> open_sc -security 1 -keyind 0 -keyver 0 -mac_key
>> 404142434445464748494a4b4c4d4e4f -enc_key
>> 404142434445464748494a4b4c4d4e4f // Open secure channel
>> get_status -element 10
>> get_status -element 20
>> get_status -element 40
>> card_disconnect
>> release_context
>>
>> The command are also described here:
>>
>> http://sourceforge.net/apps/mediawiki/globalplatform/index.php?title=GPShell
>>
>>
>> get_status -element e0
>>     List applets and packages and security domains
>>
>> get_status -element 20
>>     List packages
>>
>> get_status -element 40
>>     List applets or security domains
>>
>> get_status -element 80
>>     List Card Manager / Security Issuer Domain
>>
>>
>> (-element 40 or 80 should help). If you have found out the correct AID
>> you can use it in later scripts, when the Issuer Security Domain is no
>> longer the default application of the card.
>>
>> I have just added some information about default Security Issuer Domain
>> AIDs.
>>
>> But be careful. Too many unsuccessful attempts to authenticate will lock
>> the card. So if the keys are not correct, do try it more than a few
>> times (less than 3) and use for further testing a different card.
>> Remember the number of unsuccesful authentication attempts on the card.
>> To reset it you must successfully authenticate.
>> All commands before calling open_sc are safe. No attempt limit can lock
>> the card.
>>
>> BR,
>> Karsten
>>
>> Am 04.07.2011 21:59, schrieb Marcel Mauricio Mancini Tavara:
>> >
>> > Good Day,
>> >
>> > I'm trying to load the test applet in a JCOP 41 v 2.3.2 card using
>> > GPShell (1.4.4) and the script helloInstalGP211.txt:
>> >
>> > mode_211
>> > enable_trace
>> > enable_timer
>> >
>> > establish_context
>> > card_connect
>> > select -AID a000000003000000
>> >
>>
>>
>> > open_sc -security 1 -keyind 0 -keyver 0 -mac_key
>> > 404142434445464748494a4b4c4d4e4f -enc_key
>> > 404142434445464748494a4b4c4d4e4f // Open secure channel
>> > delete -AID D0D1D2D3D4D50101
>> > delete -AID D0D1D2D3D4D501
>> > install -file helloworld.cap -nvDataLimit 2000 -instParam 00 -priv 2
>> > # getdata
>> > # close_sc // Close secure channel
>> > # putkey // Put key
>> >   // options:
>> >   //          -keyind Key index
>> >   //          -keyver Key version
>> >   //          -key Key value in hex
>> > card_disconnect
>> > release_context
>> >
>> > However, it always fails when selecting the master file (select -AID
>> > a000000003000000) without mattering which AID I put.
>> >
>> > The response for the select is always 6A82 (file not found).
>> >
>> > I have already tested it with 3 JCOP 41 v 2.3.2
>> >
>> > Any ideas why could this be happening?
>> >
>> > Thanks for your help,
>> >
>> > Marcel
>> >
>> >
>> >
>> ------------------------------------------------------------------------------
>> > All of the data generated in your IT infrastructure is seriously
>> valuable.
>> > Why? It contains a definitive record of application performance,
>> security
>> > threats, fraudulent activity, and more. Splunk takes this data and makes
>> > sense of it. IT sense. And common sense.
>> > http://p.sf.net/sfu/splunk-d2d-c2
>> >
>> >
>> > _______________________________________________
>> > Globalplatform-users mailing list
>> > Glo...@li...
>> > https://lists.sourceforge.net/lists/listinfo/globalplatform-users
>>
>>
>> ------------------------------------------------------------------------------
>> All of the data generated in your IT infrastructure is seriously valuable.
>> Why? It contains a definitive record of application performance, security
>> threats, fraudulent activity, and more. Splunk takes this data and makes
>> sense of it. IT sense. And common sense.
>> http://p.sf.net/sfu/splunk-d2d-c2
>> _______________________________________________
>> Globalplatform-users mailing list
>> Glo...@li...
>> https://lists.sourceforge.net/lists/listinfo/globalplatform-users 
> 
> 
> 
> ------------------------------------------------------------------------------
> All of the data generated in your IT infrastructure is seriously valuable.
> Why? It contains a definitive record of application performance, security 
> threats, fraudulent activity, and more. Splunk takes this data and makes 
> sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-d2d-c2
> 
> 
> 
> _______________________________________________
> Globalplatform-users mailing list
> Glo...@li...
> https://lists.sourceforge.net/lists/listinfo/globalplatform-users