JavaCard OS

JavaCardOS - JavaCardForum
https://www.javacardos.com/javacardforum/

Authentication failed to java card Manager after changing Global Platform default key in gpshell

https://www.javacardos.com/javacardforum/viewtopic.php?f=15&t=644

Page 1 of 1

Authentication failed to java card Manager after changing Global Platform default key in gpshell

Posted: Thu Apr 07, 2016 12:20 pm
by mhsnmaghsoodloo
Hello everyone

I want to change globalplatform default key for loading applet and secure messaging to card manager.
I could change my gemalto default GP card key using bellow commands successfuly:

Code: Select all

mode_211
    enable_trace
    establish_context
    card_connect -readerNumber 1
    select -AID A000000018434D00
    open_sc -security 1 -keyind 0 -keyver 1 -key 47454d5850524553534f53414d504c45  -keyDerivation visa2 // Open secure channel
    put_sc_key -keyver 0 -newkeyver 1 -key 505152535455565758595a5b5c5d5e5f // Put secure channel keys
    card_disconnect
    release_context


But when i want to make secure channel to card manager by new key, cryptogram which produces in host side doesn't match to card side.
Commands for authentication to card manager are:

Code: Select all

 open_sc -security 1 -keyind 0 -keyver 0 -key 505152535455565758595a5b5c5d5e5f  -keyDerivation visa2 // Open secure channel


also i tested

Code: Select all

open_sc -security 1 -keyind 0 -keyver 1 -key 505152535455565758595a5b5c5d5e5f  -keyDerivation visa2 // Open secure channel


and

Code: Select all

 open_sc -security 1 -keyind 1 -keyver 0 -key 505152535455565758595a5b5c5d5e5f  -keyDerivation visa2 // Open secure channel


and

Code: Select all

open_sc -security 1 -keyind 1 -keyver 0 -key 505152535455565758595a5b5c5d5e5f  -keyDerivation visa2 // Open secure channel


Also i tested the process by smartcafe smart expert 3.2 (G&D card) and the results are same.

I appreciate if anyone can help me.

Re: Authentication failed to java card Manager after changing Global Platform default key in gpshell

Posted: Fri Apr 08, 2016 1:17 am
by lostsiwonlw
mhsnmaghsoodloo wrote:Hello everyone

I want to change globalplatform default key for loading applet and secure messaging to card manager.
I could change my gemalto default GP card key using bellow commands successfuly:

Code: Select all

mode_211
    enable_trace
    establish_context
    card_connect -readerNumber 1
    select -AID A000000018434D00
    open_sc -security 1 -keyind 0 -keyver 1 -key 47454d5850524553534f53414d504c45  -keyDerivation visa2 // Open secure channel
    put_sc_key -keyver 0 -newkeyver 1 -key 505152535455565758595a5b5c5d5e5f // Put secure channel keys
    card_disconnect
    release_context


But when i want to make secure channel to card manager by new key, cryptogram which produces in host side doesn't match to card side.

Also i tested the process by smartcafe smart expert 3.2 (G&D card) and the results are same.

I appreciate if anyone can help me.


1. Are you sure you have executed PUT KEY command successfully?

2. Please get your card Key Information Template. For this you can use GET DATA command

>> 80CA00E000

From card Key Information Template, we can know that if your key is modified successfully.

3. Try to use old key to build secure channel.
All times are UTC-04:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/