From: Martin Buechler (martin.buechlervrweb.de)
Date: Tue Apr 19 2005 - 18:25:38 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi at muscle,

a new version of the musclecard applet loader for Schlumberger/Axalto
Cyberflex Access cards has been released today.

The number of supported cards has been dramatically increased; basically
to all documented Cyberflex Access card's softmask versions. The ATRs
are validated by ATR-mask: (atr & mask) == (atr' & mask), where atr' is
the set of example values, which come with the Cyberflex Access card
documentation.

Special thanks to Rafael Aggeler, who implemented DAP-Verification for
security level 1 cards, like branded Access e-gate cards from RSA, which
had the luck to cross his way. Rafael also successfully tested a 64K v1
card with the loader.

Martin

David: please update the version and the size hint for the loader at
[1], it's now about 559K, because all support libraries are included
now, except the M$ OCF-PC/SC-Bridge..

Ludovic: If you find the time please add
another
32K e-gate: 3B 75 94 00 00 62 02 02 03 01
and also
64K v1: 3B 75 12 00 00 29 05 01 04 01

to
http://cvs.alioth.debian.org/cgi-bin/cvsweb.cgi/MCardPlugin/src/mscMuscleCard.bundle/Contents/Info.plist?rev=1.7&content-type=text/x-cvsweb-markup&cvsroot=muscleplugins
since they are tested now. ATR mask validation would also be a nice
solution for Info.plist's ATRs.

[1] http://musclecard.com/musclecard/index.html

-----------------------------------------------------------------------

Usage: java smartcard.OCF.app.LoadCFlexAccess32 [OPTIONS]

Global options:
        -auth_enc KEY Authentication/Encoding key (default 404142434445464748494A4B4C4D4E4F)
        -mac KEY MAC key for DAP verification (default 404142434445464748494A4B4C4D4E4F)

Load command:
        -load CAPFILE load transformed CAP file
        -statics STATICSSIZE statics size for loadfile installation (default 6)

Install command:
        -install INSTANCESIZE allocation size for applet instance (default 21000)

Setup command:
        -setup OBJECTSIZE allocation size for objects and keys of CardEdge applet (default 10500)
Setup options:
        -transport_key KEY transport key of CardEdge instance (default Muscle00)
        -chv0 KEY CHV0 (PIN 0) of CardEdge instance (default Muscle00)
        -ublk_chv0 KEY unblock CHV0 (PIN 0) of CardEdge instance (default Muscle00)
        -chv1 KEY CHV1 (PIN 1 or 'User PIN') of CardEdge instance (default 00000000)
        -ublk_chv1 KEY unblock CHV1 (PIN 1) of CardEdge instance (default 11111111)

Other commands:
        -status TYPE dispaly status APDU (default 32)
        -delete AID delete an instance or package (no default)

#####################
###### H O W T O ####
#####################

1. Compile time requirements
- JDK1.3 (http://java.sun.com/products/j2se)
- OCF1.2 (http://www.opencard.org)
- Cryptix JCE (http://www.cryptix.org)
(OCF and Cryptix libs are packaged for convenience)

2. Additional runtime requirements:
- CardEdge.bin (included in this loader package)
- Cyberflex Access card
- CAD + drivers installed (i.e. http://www.towitoko.de)

and if you use PC/SC under WIN32
 - OCF native library Ocfpcsc1.dll installed in %JAVA_HOME%\jre\bin

otherwise use
 - PCSCLite (http://www.linuxnet.com)
 - OCF native library libOCFPCSC1.so (http://www.linuxnet.com/middleware/files/OCFPCSC1-0.0.1.tar.gz) i.e. installed in $JAVA_HOME/jre/bin
or
- just try the included ./lib/libOCFPCSC1.so

3. Running the loader:
java smartcard.OCF.app.LoadCFlexAccess32 -load CardEdge.bin -statics 6

4. Installing the applet instance:
java smartcard.OCF.app.LoadCFlexAccess32 -install 21000 (or 18432 for Developercards)

5. Setting up a musclecard (optional, alternatives: xcard or muscleTool format option):
java smartcard.OCF.app.LoadCFlexAccess32 -setup 10500 (or 9216 for Developer cards)

Congratulations, now you can use your card as cryptographic token i.e. for the muscleframework.

martin.buechlervrweb.de
2005/04/16

#####################################
###### OPTIONAL #####################
#####################################

Create your own load files:

1. Use the converter tool from Java Card Development Kit 2.1.2

CardEdge.opt may look like this:
-----8<----------------
-out EXP JCA CAP
-exportpath .
-applet 0xa0:0x0:0x0:0x0:0x1:0x1 com.sun.javacard.samples.CardEdge.CardEdge
com.sun.javacard.samples.CardEdge
0xa0:0x0:0x0:0x0:0x1 1.0
->8--------------------

1a. (Mandatory for e-gate cards) java -jar captransf.jar lang.exp framework.exp security.exp cryto.exp -noint CardEdge.cap

2. Unjar the generated *.cap file: jar xvf CardEdge.cap.transf

3. Concatenate CAP files to one load file in reference order [2]:

- copy Header.cap + Directory.cap + Import.cap + Applet.cap + Class.cap + Method.cap + StaticField.cap + ConstantPool.cap + RefLocation.cap + Descriptor.cap CardEdge.bin

or with cat
- cat Header.cap Directory.cap Import.cap Applet.cap Class.cap Method.cap StaticField.cap ConstantPool.cap RefLocation.cap Descriptor.cap > CardEdge.bin

[2] http://java.sun.com/products/javacard/specs.html

_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]