|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: sferey (s.ferey
wanadoo.fr)
Date: Fri Mar 21 2008 - 12:04:24 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Amanda,
Great! I will check that log, and back soon with analysis.
Regarding the Get Challenge: a part of the response was in my comment
regarding the ACL.
The 8 bits of the internal security state are described as "strong
authentication" as opposed to the 8 lower bits that store PIN
verification results.
A "strong authentication" is symmetric key based and consists in a Get
Challenge, External Authenticate sequence (the terminal shall requests a
challenge and send it ciphered with a symm. key in the data field of a
subsequent External Auth. command).
But the 0.9.8 applet does not support such "strong authentication" !
meaning that both Get Challenge & External Auth commands return
"instruction not supported" '6D00'.
OOH, Get Challenge is not supposed to participate to any data encryption
/ decryption scheme. So you should not be worried about that
(unsupported) command.
Cheers,
Sylvain.
Amanda Ortega a écrit :
> The sequence of APDUS obtained through pcscd -fda to the same sequence
> of encrypt/decrypt is:
>
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]