Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: sferey (s.fereywanadoo.fr)
Date: Fri Mar 21 2008 - 12:04:24 CDT
Great! I will check that log, and back soon with analysis.
Regarding the Get Challenge: a part of the response was in my comment
regarding the ACL.
The 8 bits of the internal security state are described as "strong
authentication" as opposed to the 8 lower bits that store PIN
A "strong authentication" is symmetric key based and consists in a Get
Challenge, External Authenticate sequence (the terminal shall requests a
challenge and send it ciphered with a symm. key in the data field of a
subsequent External Auth. command).
But the 0.9.8 applet does not support such "strong authentication" !
meaning that both Get Challenge & External Auth commands return
"instruction not supported" '6D00'.
OOH, Get Challenge is not supposed to participate to any data encryption
/ decryption scheme. So you should not be worried about that
Amanda Ortega a écrit :
> The sequence of APDUS obtained through pcscd -fda to the same sequence
> of encrypt/decrypt is:
Muscle mailing list