Java Card

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Gemplus Authentication Procedure

843851Jan 8 2006 — edited Jan 17 2006

I read the previous posts about gemplus authentication, i'm trying to estabilsh a secure channel with gemsafe cards.
The cards are Gemxpresso R3.2, and i don't have the RAD tools, i'm trying to upload a java applet on it, but i can't authenticate with globalplatform tools.
As far i understood they gave me the KMC (motherkey) with VISA2 diversification.
They KMC they gave me is : 47 45 4D 58 50 52 45 53 53 4F 53 41 4D 50 4C 45

I discovered the diversification is:
K_ENC : XX XX CC CC CC CC F0 01 XX XX CC CC CC CC 0F 01
K_MAC : XX XX CC CC CC CC F0 01 XX XX CC CC CC CC 0F 01
K_KEK : XX XX CC CC CC CC F0 01 XX XX CC CC CC CC 0F 01

Where XX XX are the two least significant bytes of security domain AID, and CC are the 4 bytes of ic serial number, which can be easily take from byte 5,6,7,8 of key diversification data returned by INITIALIZE UPDATE response.

After that i must encrypt key diversification data with the KMC using 3DES_ECB.

I tried but it doesn't work, has someone a hint about that?
And those who have the rad tool can check the default key/keyset of the Gemxpresso R3.2?

thank you.

Locked Post

New comments cannot be posted to this locked post.

Locked on Feb 14 2006

Added on Jan 8 2006

#java-card

1 comment

213 views