SecureChannel + CPLC data
Hi,
I am using a Gemalto GX4. I wish to use the SecureChannel implementation within my own applet.
I am doing (mostly) the following:
//First send the command to the Application's associated Security Domain.
try
{
outLength = secureChannel.processSecurity (apdu);
}
catch (ISOException e)
{
if (e.getReason () == ISO7816.SW_INS_NOT_SUPPORTED
|| e.getReason () == ISO7816.SW_CLA_NOT_SUPPORTED)
{
// command not recognized, reset the status
// words to 0x9000 and process the command as a personalization specific command.
boolean success = true;
int value = (int) -1;
// Unwrap any GP secured APDU's
if ((secureChannel.
getSecurityLevel () & (SecureChannel.
C_DECRYPTION | SecureChannel.
C_MAC)) != 0x00)
{
secureChannel.unwrap (apduBuffer, ISO7816.OFFSET_CLA,
(short) (inLen + 5));
inLen = (short) (0xff & apduBuffer[ISO7816.OFFSET_LC]);
}
However when I am testing the applet via GPShell I fail to open the secure channel.
I am doing this:
mode_201
gemXpressoPro
enable_trace
establish_context
card_connect
* reader name Generic MultiCard reader 1.0 0
select -AID A0000000185000000000524144500101
Command --> 00A4040010A0000000185000000000524144500101
Wrapped command --> 00A4040010A0000000185000000000524144500101
Response <-- 9000
open_sc -security 3 -keyind 0 -keyver 0 -key 47454d5850524553534f53414d504c45
Command --> 80CA9F7F00
Wrapped command --> 80CA9F7F00
Response <-- 6986
GemXpressoPro_create_daughter_keys() returns 0x80206986 (Unknown ISO7816 error: 0x6986)
Obviously my applet doesn't handle the GET_CPLC_DATA (VISA stuff).
So practically I am completely lost.
Does anybody have a working example how to use the secure channel with a VISA2 based
card that uses the CPLC data (when diversifying the keys)?
Thanks,