Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Installing applet in javacard

I made a .cap file of the popular "Hello World" javacard code via Eclipse

And now I want to load it in a real javacard via GPShell and ACR38 smart card reader.

question: Am I need any key to load the .cap file in the card? I mean, should I authenticate before uploading my applet in the card or it's not necessory? I think it is mndatory to authenticate. it is irrational to upload .cap without authentication. but I don't know , how to authenticate. question: What's wrong in this?

C:\Users\ghasemi>java -jar e:\gpj\gpj.jar -load e:\helloWorld.cap -install
Found terminals: [PC/SC terminal ACS CCID USB Reader 0]
javax.smartcardio.CardException: connect() failed
        at sun.security.smartcardio.TerminalImpl.connect(Unknown Source)
        at net.sourceforge.gpj.cardservices.GlobalPlatformService.main(Unknown S
ource)
Caused by: sun.security.smartcardio.PCSCException: SCARD_E_SHARING_VIOLATION
        at sun.security.smartcardio.PCSC.SCardConnect(Native Method)
        at sun.security.smartcardio.CardImpl.<init>(Unknown Source)
        ... 2 more
Found card in terminal: ACS CCID USB Reader 0
java.lang.NullPointerException
        at net.sourceforge.gpj.cardservices.GlobalPlatformService.main(Unknown S
ource)

C:\Users\ghasemi>java -jar e:\gpj\gpj.jar -load e:\helloWorld.cap -install

Found terminals: [PC/SC terminal ACS CCID USB Reader 0]

Found card in terminal: ACS CCID USB Reader 0

ATR: 3B 7F 94 00 00 80 31 80 65 B0 85 02 02 ED 12 0F FF 82 90 00

DEBUG: Command  APDU: 00 A4 04 00 07 A0 00 00 01 51 00 00

DEBUG: Response APDU: 6A 82

Failed to select Security Domain GP211 A0 00 00 01 51 00 00 , SW: 6A 82
DEBUG: Command  APDU: 00 A4 04 00 08 A0 00 00 00 18 43 4D 00

DEBUG: Response APDU: 6F 65 84 08 A0 00 00 00 18 43 4D 00 A5 59 73 4A 06 07 2A 8
6 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B 02 02 01 01 63 09 06 07 2A 86 48
86 FC 6B 03 64 0B 06 09 2A 86 48 86 FC 6B 04 01 05 65 0B 06 09 2B 85 10 86 48 64
 02 01 03 66 0C 06 0A 2B 06 01 04 01 2A 02 6E 01 02 9F 6E 06 12 91 20 11 02 02 9
F 65 01 FF 90 00

Successfully selected Security Domain GemaltoXpressPro A0 00 00 00 18 43 4D 00
DEBUG: Command  APDU: 80 50 00 00 08 17 2A 53 4F AC DF 8D 16

DEBUG: Response APDU: 69 82

javax.smartcardio.CardException: Wrong initialize update, SW: 69 82
        at net.sourceforge.gpj.cardservices.GlobalPlatformService.openSecureChan
nel(Unknown Source)
        at net.sourceforge.gpj.cardservices.GlobalPlatformService.main(Unknown S
ource)

tnx

like image 648
Ebrahim Ghasemi Avatar asked May 08 '14 05:05

Ebrahim Ghasemi


2 Answers

Response code 6A 82 is used for Security_Status_Not_Satisfied.

On selection of Security Domain, this status word may occur due to one of following two reasons :

  • Either Card Life Cycle State (CLCS) of Card is LOCKED or TERMINATED, so the selection of Security Domain is not allowed, because if the CLCS is LOCKED then only that security domain and/or application can be selected which has Card Lock privilege, and if CLCS is TERMINATED then if a Security Domain has the Final Application privilege only the GET DATA command shall be processed, all other commands shall be disabled and shall return an error.If the CLCS is LOCKED then try to select that security domain and/or application which has Card Lock privilege and try to move Card Life Cycle State (CLCS) to SECURED using SETSTATUS command with the help of SCP session,otherwise if CLCS is TERMINATED then CLCS can't switch back to SECURED, as this state is irreversible.

  • OR the Security Domain, which you try to select is itself in LOCKED state, in this case that Security Domain may be prevented from further selection by the OPEN and error status word is returned.

@CLCS - Card Life Cycle State.

Happy to Help.

like image 110
Bhanu Avatar answered Dec 21 '22 22:12

Bhanu


You should require about the Global Platform state of the card. 6982 is a general status word that means "Security status not satisfied", so your card may be in the wrong state (e.g. the Global Platform LOCKED or TERMINATED state).

It could also be that you are using an invalid Global Platform key set, or that the keys are not available.

Please contact the supplier of the smart card about the card state and which keys you should use.

like image 21
Maarten Bodewes Avatar answered Dec 21 '22 23:12

Maarten Bodewes