OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Eelco Daams (eelcobuyways.nl)
Date: Wed Dec 12 2001 - 06:32:43 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi,

    can anyone tell me what's wrong with this piece of code?
    The access condition for the create file command in the root file is
    0x04, which means "you must know a cryptographic key". I'm using the 3k
    Multiflex card from Schlumberger which comes with the book "Smart Card
    Developer's Kit".

    ********************************************************
     // command to ask card for a challenge
     byte[] chall = { (byte) 0xC0, (byte) 0x84, (byte) 0x00, (byte) 0x00,
    (byte) 0x08};

     // first bytes for creating a file
     byte[] CREATE_FILE = { (byte) 0xF0, (byte) 0xE0, (byte) 0x00};
             
     String sfilename = "EF_TEST_CHD";
     byte[] bfilename = sfilename.getBytes();

     // 0x05 is number of records, 0x11 is sum of length of following 2
    fields
     byte[] temp = { (byte) 0x05, (byte) 0x11 };
     try {
        CommandAPDU capdu = new CommandAPDU(5);
        capdu.append(chall);
        ResponseAPDU rapdu = terminal.sendAPDU(currentSlot,capdu);
        byte sw1 = rapdu.sw1();
        byte sw2 = rapdu.sw2();
        byte[] data = rapdu.data();
        if ((sw1 == (byte) 0x90) && (sw2 == (byte) 0x00)) {
             System.out.print("Encrypting challenge...\n");
             byte[] crypt = new byte[8];
             // the DES_KEY is the key that is provided with the book
             DESKey deskey = new DESKey(DES_KEY);
             deskey.encrypt(data,0,crypt,0);
             System.out.print("Encrypted data: " + HexString.hexify(crypt) +
    "\n");
                     
             CommandAPDU capdufile = new CommandAPDU(30);
             capdufile.append(CREATE_FILE);
             capdufile.append(temp);
             capdufile.append(bfilename);
             int i;
             byte[] auth = new byte[6];

             // the create file command needs the first 6 bytes of the
    encryption as a last parameter
             for (i=0;i<6;i++) {
               auth[i] = crypt[i];
             }
             capdufile.append(auth);

             System.out.print("APDU: " +
    HexString.hexify(capdufile.getBytes()) + "\n");

             ResponseAPDU rapdufile =
    terminal.sendAPDU(currentSlot,capdufile);
             byte swfile1 = rapdufile.sw1();
             byte swfile2 = rapdufile.sw2();
             byte[] datafile = rapdufile.data();
             System.out.print("SW1: " + HexString.hexify(swfile1) +
    "\n");
             System.out.print("SW2: " + HexString.hexify(swfile2) + "\n");
               }
             }
             catch (Exception e) {
             
             }

    ***********************************************************************************
    Thanks, 

    -- 
Eelco Daams
Internet Developer

    BuyWays, de bouwers van www.surfze.nl

    ______________________________________________________
BuyWays Internet Strategie & Technologie
Damsterdiep 31a/b
9711 SG GRONINGEN
tel. 050-3118123
fax 050-3118124
gsm 06-10090866
http://www.buyways.nl
_______________________________________________________
Op al onze diensten zijn onze algemene voorwaarden
voor dienstverlening van toepassing, zoals gedeponeerd
bij de Kamer van Koophandel te Groningen, onder
nummer 3057.
***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to majordomolinuxnet.com with
unsubscribe sclinux
***************************************************************