Menu
▾
▴
Re: [Globalplatform-users] GPShell and NXP JCOP 31/36K
|
From: Gina <gi...@rb...> - 2007-07-18 08:14:29
|
Hello there, On Wed, 2007-07-18 at 01:53 +0200, Karsten Ohme wrote: > Gina Häußge schrieb: > > I'm currently trying to install my first Java Applet on an NXP JCOP 31 > > smartcard with 36K, using a GemPC Twin USB reader under Debian GNU/Linux > > Testing, 32Bit. > > Unfortunately I do not have such a card. After a quick search in Google > I cannot find a manual for this card. The first important information > should be the AID of the Card Issuer Domain (Card Manager) select -AID ... > Do you know it? There should be some manual. But it seems that this is > OK, because you get further. The AID of the Card Manager is "a0000000030000", so that is ok. > Do not try to authenticate to the card to often! It gets locked if you > need 10 tries. If you are near this limit perform a successful > verification. Yeah, I already read about that, so after each unsuccessful attempt I make a connection in 2.0.1 mode (as there at least the authentication works). So far, it didn't lock up the card *crosses fingers* > Use the JCOP tools (This should work perfectly with this > card. You can develop and install applets for a card within eclipse). > > Maybe this is a correct version: > > http://download.boulder.ibm.com/ibmdl/pub/software/dw/jcop/tools.zip Sadly, I already tried with the JCOP Tools (after finding them on a CD included in the card delivery, as IBM no longer maintains them and it is a pain in the ... to get a copy of them now -- the zip above just contains a readme telling you exactly this :/). Had a rather unpleasant experience of my whole eclipse crashing as soon as I tried to connect to the card via the JCShell, a stack trace revealed a segfault in the JCOP Tools. So no-go there as well, at least I had no idea how to solve that issue either. I had hoped though that maybe someone reading this mailinglist might have had success with that type of card and therefore an idea as to what would be the correct keys etc. What I found online at a couple of sites were the JCOP Tools commands to authenticate with that type of card: set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f set-key 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f set-key 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f set-key 1/3/DES-ECB/505152535455565758595a5b5c5d5e5f set-key 1/1/DES-ECB/707172737475767778797a7b7c7d7e7f set-key 1/2/DES-ECB/606162636465666768696a6b6c6d6e6f init-update 255 ext-auth I have no idea though how to translate those into corresponding gpshell syntax. > Strange that it authenticates successfully in OP 2.0.1' mode. > Do you have connected only one reader to the system? Or are there > multiple readers with inserted cards? It's only one reader. > I you try to install something first try "install -file HelloWorld.cap" > without any parameters. If this is not successful try some variants of > parameters. I've tried a couple of parameter combinations, sadly all with the same effect of a "6A88: Referenced data not found" message. If it is of any help, I also tried a "load -f HelloWorld.cap", and that yielded a "load_applet() returns 0x80206985 (6985: Command not allowed - Conditions of use not satisfied.)". I have to admit that I have some troubles understanding what exactly does each command and each parameter (although having read the included README approx. 10mio times now), so I might be trying to do really stupid things here ;) Kind regards, Gina Häußge > -- Dipl.-Inform. Gina Häußge RBG, FB20, TU Darmstadt Tel: +49 (0)6151 16 6655 Hochschulstr. 10 Fax: +49 (0)6151 16 4701 64289 Darmstadt S2|02 B120 |
