|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Karsten Ohme (widerstand
t-online.de)
Date: Tue Mar 11 2008 - 17:47:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Amanda Ortega schrieb:
> I have created two pairs of keys:
> - Putting 0x0000 for all the ACLs (private key 0 and public key 2);
> - Putting the ACLs recommended by muscleTools when creating the keys
> (private key 1 and public key 3).
The ACL for private keys should disallow at least read, only the usage
should be allowed by PIN. Like RSA PRIVATE CRT 1 1024 in your
list. For the public key the settings in RSA PUBLIC 3 1024 are OK.
>
> When I try to crypt using the first pair, I can't do anything. But when
> I try to crypt using the second pair, I can crypt and decrypt, but the
> result at the end isn't equal to the beginning.
>
> I created the keys using the scheme that the public key number is always
> 2 units greater then the private key, is it OK?
Should not matter.
>
> Where can I obtain a documentation about the meaning of the ACLs?
It is a 16 bit mask. 0xFFFF means nobody can do it, 0x0000 always. Or I
have mixed it the wrong way. Every bit in the 16 bit mask is for the PIN
required to operate on the key, e.g. 0x0001 would allow PIN 1 to operate.
Regards,
Karsten
>
> Amanda
>
> 1)
> $ muscleTool
> MuscleCard shell - type "help" for help.
> muscleTool > tokens
> 1. MuscleCard Applet
>
> ListTokens Success.
> muscleTool > connect 1
> Connect Success.
>
> 2)
> muscleTool [MuscleCard Applet] > listkeys
>
> Key Type Key Num SIZE
> --------------- ------- ----
> RSA PRIVATE CRT 0 1024
>
> READ
> ------
> ALWAYS
>
> WRITE
> ------
> ALWAYS
>
> USE
> ------
> ALWAYS
>
> Key Type Key Num SIZE
> --------------- ------- ----
> RSA PRIVATE CRT 1 1024
>
> READ
> ------
> NEVER
>
> WRITE
> ------
> PIN #1
>
> USE
> ------
> PIN #1
>
> Key Type Key Num SIZE
> --------------- ------- ----
> RSA PUBLIC 2 1024
>
> READ
> ------
> ALWAYS
>
> WRITE
> ------
> ALWAYS
>
> USE
> ------
> ALWAYS
>
> Key Type Key Num SIZE
> --------------- ------- ----
> RSA PUBLIC 3 1024
>
> READ
> ------
> PIN #1
>
> WRITE
> ------
> PIN #1
>
> USE
> ------
> ALWAYS
>
> ListKeys Success.
>
> 3)
> muscleTool [MuscleCard Applet] > verify 1
>
> Enter PIN
> 'a' aborts this query.
> Enter PIN : 76543210
> VerifyPIN Successful
> muscleTool [MuscleCard Applet] > crypt 3
>
> Would you like to:
> 0. Abort this selection.
> 1. Verify
> 2. Encrypt
>
> Choose (0-2): 2
>
> Please enter text to encrypt in hexadecimal ASCII (at most 1023 characters)
> Example: 30313233 for 0123
>
> 'a' aborts this query.
> Enter text : 3031
>
> Select the algorithm:
> 0. Abort this selection.
> 1. RSA with no padding
> 2. RSA with PKCS#1 padding
>
> Choose (0-2): 1
> Result :
> 77018EBFF08214E606BD4D6BBE341007F69AF6A32675A9ED8394658491D2578BA2B7044C0CE18FC1770E044D93E61C572FB62B3E0EB8D4CCA92872055A2AB39E93C5E1E9109D6A9AC979ACF9A79CCD97E50D9DB3C8DF1733F0F4C9A29A1C9C1324ECA5F31E710C7DF58149F5F94861B2960CF6BEDAE151FC8CE17B064BE547F7
> Crypt Successful.
> muscleTool [MuscleCard Applet] > crypt 1
>
> Would you like to:
> 0. Abort this selection.
> 1. Sign
> 2. Decrypt
>
> Choose (0-2): 2
>
> Please enter text to decrypt in hexadecimal ASCII (at most 1023 characters)
> Example: 30313233 for 0123
>
> 'a' aborts this query.
> Enter text :
> 77018EBFF08214E606BD4D6BBE341007F69AF6A32675A9ED8394658491D2578BA2B7044C0CE18FC1770E044D93E61C572FB62B3E0EB8D4CCA92872055A2AB39E93C5E1E9109D6A9AC979ACF9A79CCD97E50D9DB3C8DF1733F0F4C9A29A1C9C1324ECA5F31E710C7DF58149F5F94861B2960CF6BEDAE151FC8CE17B064BE547F7
>
> Select the algorithm:
> 0. Abort this selection.
> 1. RSA with no padding
> 2. RSA with PKCS#1 padding
>
> Choose (0-2): 1
> Result :
> 7BAE4A30262F2110522759135CF5581BB818F8A44080ABCA4DEF7398535C13213F8668AB442D6FDC18B270C7881F23DCAC1F78415C455441F114A36F12C59F0411A2054E06FB393585B5214160CC7EA2DAED3CD4DCA93634C1D402B0AC22206B06BAA82036539489D79194B81C37EC7496D5AC68B984DEF5ED0FFC2FFBB1D8C8
> Crypt Successful.
>
>
> 2008/3/3, Michael StJohns <mstjohnscomcast.net
> <mailto:mstjohnscomcast.net>>:
>
> Amanda -
>
> Using muscletools do
>
> 1) Log yourself in (verify)
> 2) Do a "listkeys"
> 3) Try and do the signature again.
>
> Post the output of the above here.
>
> There are a number of possibilities - rather than randomly guessing,
> perhaps we can help you interpret the output.
>
>
>
>
> At 12:26 PM 3/3/2008, Amanda Ortega wrote:
>> I didn't solve that problem, I am testing with version 0.9.8. I
>> had already verified the PIN successfully...
>>
>> Amanda
>>
>> 2008/3/3, Karsten Ohme <widerstandt-online.de
>> <mailto:widerstandt-online.de> >:
>>
>> Amanda Ortega schrieb:
>>
>> > Hi!
>> >
>> > I have installed the applet CardEdge version 0.9.8 in my
>> GemXpresso R3 card
>> > and muscleTool version 2.1.0 in my PC.
>>
>>
>> You have successfully installed the applet? What was the solution?
>>
>>
>>
>> > I have already formatted the card and
>> > created a pair of keys. When I try to crypt a text, an error
>> happens. Here
>> > is the output of muscleTool:
>>
>>
>> You must verify to the applet, before you can use the private
>> key to sign.
>>
>> See the verify command, e.g. help or help verify in muscleTool.
>>
>> Regards,
>> Karsten
>>
>> >
>> > muscleTool [MuscleCard Applet] > crypt 1
>> >
>> > Would you like to:
>> > 0. Abort this selection.
>> > 1. Sign
>> > 2. Decrypt
>> >
>> > Choose (0-2): 1
>> >
>> > Please enter text to sign in hexadecimal ASCII (at most 1023
>> characters)
>> > Example: 30313233 for 0123
>> >
>> > 'a' aborts this query.
>> > Enter text : 30313233
>> >
>> > Select the algorithm:
>> > 0. Abort this selection.
>> > 1. RSA with MD5 hash and PKCS#1 padding
>> >
>> > Choose (0-1): 1
>> > ERR: Crypt Failed ! (0x9C06 Unauthorized usage)
>> > muscleTool [MuscleCard Applet] > muscleTool [MuscleCard Applet] >
>> >
>> > Why is happening this?
>> >
>> > Regards,
>> > Amanda
>> >
>> >
>> >
>>
>> > ------------------------------------------------------------------------
>> >
>> > _______________________________________________
>> > Muscle mailing list
>> > Musclelists.musclecard.com <mailto:Musclelists.musclecard.com>
>> > http://lists.drizzle.com/mailman/listinfo/muscle
>>
>> _______________________________________________
>> Muscle mailing list
>> Musclelists.musclecard.com <mailto:Musclelists.musclecard.com>
>> http://lists.drizzle.com/mailman/listinfo/muscle
>>
>>
>> _______________________________________________
>> Muscle mailing list
>> Musclelists.musclecard.com <mailto:Musclelists.musclecard.com>
>> http://lists.drizzle.com/mailman/listinfo/muscle
>
>
> _______________________________________________
> Muscle mailing list
> Musclelists.musclecard.com <mailto:Musclelists.musclecard.com>
> http://lists.drizzle.com/mailman/listinfo/muscle
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Muscle mailing list
> Musclelists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]