I have a javacard, this is outputs when I want to authenticate the card via GPJ and JC-Manager :
GPJ Tool Output :
C:\Users\ghasemi\Desktop\gpj-20120310>java -jar gpj.jar
Found terminals: [PC/SC terminal ACS CCID USB Reader 0]
Found card in terminal: ACS CCID USB Reader 0
ATR: 3B 68 00 00 00 73 C8 40 12 00 90 00
DEBUG: Command APDU: 00 A4 04 00 08 A0 00 00 00 03 00 00 00
DEBUG: Response APDU: 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 01 FF 90 00
Successfully selected Security Domain OP201a A0 00 00 00 03 00 00 00
DEBUG: Command APDU: 80 50 00 00 08 C8 12 42 39 22 8D 5E 24
DEBUG: Response APDU: 00 00 11 60 01 00 7F 8B 0A F9 02 02 02 24 AB 7A 47 C8 17 DD 03 75 44 3F 76 8E 12 BE 90 00
DEBUG: Command APDU: 84 82 00 00 10 B6 09 4F FF C0 0D D2 CC B0 CE B1 3E 20 57 30 D4
DEBUG: Response APDU: 69 85
DEBUG: Command APDU: 84 82 00 00 08 B6 09 4F FF C0 0D D2 CC
DEBUG: Response APDU: 69 85
javax.smartcardio.CardException: External authenticate failed. SW: 69 85
at net.sourceforge.gpj.cardservices.GlobalPlatformService.openSecureChannel(Unknown Source)
at net.sourceforge.gpj.cardservices.GlobalPlatformService.main(Unknown Source)
JC-Manager Output :
Note: Keys set to 404142434445464748494A4B4C4D4E4F
Selecting Card Manager
***********************
-> 00 A4 04 00 08 A0 00 00 00 03 00 00 00
<- 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 01 FF 90 00
************
Init Update
*************
-> 80 50 00 00 08 B6 42 6E BB DC 0E DF E8
<- 00 00 11 60 01 00 7F 8B 0A F9 02 02 02 23 7E 5D E1 67 E0 0A 3D 67 91 7E B8 D6 14 59 90 00
HostChallenge: B6 42 6E BB DC 0E DF E8
CardChallenge: 7E 5D E1 67 E0 0A
Card Calculated Card Cryptogram: 3D 67 91 7E B8 D6 14 59
Derivation Data is 01 82 02 23 00 00 00 00 00 00 00 00 00 00 00 00
Host Cryptogram Data (to encrypt) 02 23 7E 5D E1 67 E0 0A B6 42 6E BB DC 0E DF E8 80 00 00 00 00 00 00 00
Card Cryptogram Data (to encrypt for verification) B6 42 6E BB DC 0E DF E8 02 23 7E 5D E1 67 E0 0A 80 00 00 00 00 00 00 00
S_ENC: 9F 46 0D 11 18 88 F2 E2 1C D2 4A F5 00 D0 51 7D 9F 46 0D 11 18 88 F2 E2
The Current session MAC key is 99 96 8E ED 46 99 59 DE 20 B1 F8 36 0E 0C 7F DE
The Current session DEK key is 98 4D 50 CA 56 5A F3 4E 84 0E CF 12 3B E0 1D C3
Encrypted CardCryptoGram is 8E 07 30 FB E7 13 23 F4 CD D9 13 12 29 F3 7C 16 3D 67 91 7E B8 D6 14 59
Encrypted HostCryptoGram is 41 34 E9 1E C7 41 0D 62 EC D3 E1 2A 6A D1 7D 13 A9 CD 65 16 AE 5B 99 59
-> 84 82 03 00 10 A9 CD 65 16 AE 5B 99 59 1D 88 41 EF 90 09 03 32
<- 90 00
Authenticated
As you see, a same card, has two output via External AUTHENTICATION .successfully authenticate with JC-Manager , but received 6985
[ Conditions of use not satisfied ] in GPJ . Why?
P1
in the EXTERNAL AUTHENTICATE
APDU command accept 00
or 01
or 03
values.
03 ---> C-DECRYPTION and C-MAC
01 ---> C-MAC
00 ---> No secure messaging expected
as you see in the codes that you put in the question, JC-Manager send External Authenticate with P1=03
, but GPJ send External Authenticate command with P1=00
I think your card is in SECURED state. and in SECUTED
state the only way to authentate is using C-DECRYPTION and C-MAC . [I don't know why!] so, GPJ use P1=00
in authentication and it fails.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.