Jcop tool (jcshell ) vs gpshell *mutual_authentication() returns 0x80302000
I think that jcop tool and gpshell are two technique to upload applet inside the card , M i right? or these both are any real big difference????????
In Jcop i used following command to upload a cap file inside the java card
cm> /terminal "PCSC|SCM Microsystems Inc. SCL010 Contactless Reader 0"
--Opening terminal
<div class="jive-quote"> /card -a a000000003000000 -c com.ibm.jc.CardManager</div>
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> init-update 255
cm> ext-auth plain
Status: No Error
cm> delete a0010203040506070809
j.
cm> delete a00102030405060708
j.
cm> upload "C:\Documents and Settings\amit pathak\workspace\jcop\bin\jcop\javacard\jcop.cap"
cm> install -i a0010203040506070809 -q C9#() a00102030405060708 a0010203040506070809
Status: No Error
cm> card-info
=> 80 F2 80 00 02 4F 00 00 .....O..
(8301 usec)
<= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 .............
Status: No Error
=> 80 F2 40 00 02 4F 00 00 [email protected]..
(279151 usec)
<= 07 A0 00 00 02 47 10 01 07 00 0A A0 01 02 03 04 .....G..........
05 06 07 08 09 07 00 90 00 .........
Status: No Error
=> 80 F2 10 00 02 4F 00 00 .....O..
(24089 usec)
<= 07 A0 00 00 00 03 53 50 01 00 01 08 A0 00 00 00 ......SP........
03 53 50 41 08 44 65 6D 6F 49 4C 4A 41 01 00 01 .SPA.DemoILJA...
07 A0 00 00 02 47 10 01 09 A0 01 02 03 04 05 06 .....G..........
07 08 01 00 01 0A A0 01 02 03 04 05 06 07 08 09 ................
90 00 ..
Status: No Error
Card Manager AID : A000000003000000
Card Manager state : OP_READY
Application: SELECTABLE (--------) A0000002471001
Application: SELECTABLE (--------) A0010203040506070809
Load File : LOADED (--------) A0000000035350 (Security Domain)
Module : A000000003535041
Load File : LOADED (--------) "DemoILJA"
Module : A0000002471001
Load File : LOADED (--------) A00102030405060708
Module : A0010203040506070809
cm> \select a0010203040506070809
jcshell: Backslash only in quotes allowed
cm> /select a0010203040506070809
=> 00 A4 04 00 0A A0 01 02 03 04 05 06 07 08 09 00 ................
(5891 usec)
<= 90 00 ..
Status: No Error
cm> /send 8002000003
=> 80 02 00 00 03 .....
(6023 usec)
<= 01 02 03 90 00 .....
Status: No Error
basically jcop tool automatically write these commands on the shell when uploading cap file in the card...
when i try gpshell to upload cap file i got this error like:-
D:\amit pathak\all in one (java)\GPShell-1.4.4\GPShell-1.4.4>GPShell.exe list.tx
t
mode_201
enable_trace
establish_context
card_connect
select -AID a0000000030000
Command --> 00A4040007A0000000030000
Wrapped command --> 00A4040007A0000000030000
Response <-- 6F198408A000000003000000A50D9F6E064051420422009F6501FF9000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4
f -enc_key 404142434445464748494a4b4c4d4e4f // Open secure channel
Command --> 805000000894918FD9BC6C5F8700
Wrapped command --> 805000000894918FD9BC6C5F8700
Response <-- 00004330001341906809FF02005D6C4BE624901F1DB57E450CE1976E9000
*mutual_authentication() returns 0x80302000 (The verification of the card cryptog*
ram failed.)why it is happening ? i am able to use the commands of jcop and gpshell , but i dont know about command meaning !!! could anybody give me some links where i can learn more about jcop and gpshell, about why it used, about it associated commands and their meaning..
Edited by: rohit pathak on May 8, 2012 9:13 PM
D:\amit pathak\all in one (java)\GPShell-1.4.4\GPShell-1.4.4>GPShell.exe list.tx
t
mode_201
enable_trace
establish_context
card_connect
select -AID a0000000030000
Command --> 00A4040007A0000000030000
Wrapped command --> 00A4040007A0000000030000
Response <-- 6F198408A000000003000000A50D9F6E064051420422009F6501FF9000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4
f -enc_key 404142434445464748494a4b4c4d4e4f // Open secure channel
Command --> 805000000894918FD9BC6C5F8700
Wrapped command --> 805000000894918FD9BC6C5F8700
Response <-- 00004330001341906809FF02005D6C4BE624901F1DB57E450CE1976E9000
*mutual_authentication() returns 0x80302000 (The verification of the card cryptog*
ram failed.)why it is happening ? You may have the wrong GP version (mode_201 sets the operation to OpenPlatform 2.0.1). You could try mode_211.
i am able to use the commands of jcop and gpshell , but i dont know about command meaning !!! could anybody give me some links where i can learn more about jcop and gpshell, about why it used, about it associated commands and their meaning..The GP card spec describes all of the card management commands. You may also need to read some of the JCVM spec for Java Card to understand the format of the load command as well.
Shane
Similar Messages
-
Request for JCOP tool and gpShell tool download URL
Hi friends,
I am not able to get JCOP tool from any downloadable site. If any one have JCOP tool and other tools related to Java card pls send me to my email id [email protected]
Or pls send me the valid URL to download those tools.
regards,
dhaya.Deborah,
It would have been helpful if you had posted here with Firefox, instead of IE; that way we would have seen the Firefox user agent. Based upon the cut off description you posted in the Topic field, your problem is likely caused by a modified user agent that the addons website doesn't understand.
[http://en.wikipedia.org/wiki/User_Agent]
type '''about:config''' in the URL bar and hit Enter
''If you see the warning, you can confirm that you want to access that page.''
Filter = '''general.useragent.'''
Right-click the preferences that are '''bold''', one line at a time, and select '''''Reset''''',
Then restart Firefox -
Simulation using Eclipse plugin for JCOP tools
Dear All,
In search for a simulation environment for java card applet development I tried to use Eclipse plugin for JCOP tools.
The samples which comes with the JCOP tools works fine but when try to debug my applet I receive the error: Wrong Data 6A 80.
Generic JCOP v2.4.1 is selected for Java Card Simulation.
Following is the JCOP Shell screen:
cm- /term "Remote|localhost:8050"
--Opening terminal
/card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
--Waiting for card...
ATR=3B F8 13 00 00 81 31 FE 45 4A 43 4F 50 76 32 34 ;.....1.EJCOPv24
31 B7 1.
IOCTL().
ATR: T=1, FI=1/DI=3 (93clk/etu), N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOPv241"
=> 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
(908058 nsec)
<= 6F 65 84 08 A0 00 00 00 03 00 00 00 A5 59 9F 65 oe...........Y.e
01 FF 9F 6E 06 47 91 92 18 00 00 73 4A 06 07 2A ...n.G.....sJ..*
86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`...*.H..k
02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ....c...*.H..k.d
0B 06 09 2A 86 48 86 FC 6B 04 02 15 65 0B 06 09 ...*.H..k...e...
2B 85 10 86 48 64 02 01 03 66 0C 06 0A 2B 06 01 +...Hd...f...+..
04 01 2A 02 6E 01 02 90 00 ..*.n....
Status: No Error
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> init-update 255
=> 80 50 00 00 08 B1 04 15 2B 41 3F 62 AB 00 .P......+A?b..
(2668 usec)
<= 00 00 F9 02 71 E3 BB AD BD CD FF 02 00 00 3D 02 ....q.........=.
9C 31 C7 89 AD 44 8E 13 17 15 2E 5A 90 00 .1...D.....Z..
Status: No Error
cm> ext-auth plain
=> 84 82 00 00 10 CE 6C DC D2 8C BE 5E 33 EC 58 D0 ......l....^3.X.
57 3A 52 D2 24 W:R.$
(2288 usec)
<= 90 00 ..
Status: No Error
cm> delete -r a00000006203010c04
=> 80 E4 00 80 0B 4F 09 A0 00 00 00 62 03 01 0C 04 .....O.....b....
00 .
(1084 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> upload -d -b 250 "D:\JCOP\eclipse\projects\DigitalTachograph\bin\digitaltachograph\javacard\digitaltachograph.cap"
=> 80 E6 02 00 16 09 A0 00 00 00 62 03 01 0C 04 08 ..........b.....
A0 00 00 00 03 00 00 00 00 00 00 00 ............
(2100 usec)
<= 00 90 00 ...
Status: No Error
=> 80 E8 00 00 FA C4 82 84 42 01 00 25 DE CA FF ED ........B..%....
02 02 04 00 01 09 A0 00 00 00 62 03 01 0C 04 11 ..........b.....
64 69 67 69 74 61 6C 74 61 63 68 6F 67 72 61 70 digitaltachograp
68 02 00 21 00 25 00 21 00 0E 00 29 03 3E 00 CD h..!.%.!...).>..
23 D2 01 BB 04 44 00 00 09 E3 4B E5 00 11 00 05 #....D....K.....
01 A2 04 01 00 04 00 29 04 00 01 07 A0 00 00 00 .......)........
62 00 01 02 01 07 A0 00 00 00 62 01 01 02 01 07 b.........b.....
A0 00 00 00 62 01 02 02 01 07 A0 00 00 00 62 02 ....b.........b.
01 03 00 0E 01 0A A0 00 00 00 62 03 01 0C 04 01 ..........b.....
01 DF 06 00 CD 00 00 00 80 00 00 FF 00 01 00 00 ................
00 01 81 03 13 00 12 07 03 00 00 02 01 03 06 0B ................
8C 81 00 00 00 80 00 0B 00 0B 01 01 00 00 0B F9 ................
00 80 00 11 00 0F 01 01 00 10 0E A9 0D D4 0D F7 ................
0E 07 0E 18 0E 26 0E 35 0E 44 0E 50 0E 72 0E 81 .....&.5.D.P.r..
0E 90 0E 9B 0E F5 11 05 11 1A 11 50 00 80 00 05 ...........P....
00 04 01 04 00 01 13 AF 13 B5 13 BA 14 0C 13 00 ................
(6775 usec)
<= 6A 80 j.
Status: Wrong data
jcshell: Error code: 6a80 (Wrong data)
jcshell: Wrong response APDU: 6A80
Unexpected error; aborting execution
I will be very happy if you can help me. I am desperately in need of a working debugging environment.
Thanks in advance!
Kind regards,
Mehmet* Processes incoming READ_BINARY APDUs. Returns data of the currently
* selected file.
* @param apdu where the offset is carried in header bytes p1 and p2.
* @param le expected length by terminal
* @return length of the response APDU
private short processReadBinary(APDU apdu, boolean protectedApdu, short leUnprotected) {
if (!hasFileSelected()) {
ISOException.throwIt(SW_CONDITIONS_NOT_SATISFIED);
byte[] buffer = apdu.getBuffer();
// retrieve p1p2 from apdu buffer
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short offset = Util.makeShort(p1, p2); // offset encoded in P1/P2, 15 lowest bit
// offset encoded in P1/P2, 15 lowest bit
// check if le != 0 <-- no response expected
if (leUnprotected == 0) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
if (selectedFile == null) {
ISOException.throwIt(ISO7816.SW_FILE_NOT_FOUND);
if ((selectedFile.getAccessConditions() & READ_REQUIRES_SM) == READ_REQUIRES_SM) {
if(!protectedApdu)
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
short fileSize = (short) selectedFile.getFileLength();
// check offset
if (offset >= fileSize) {
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
// check expected length
if ((short) (offset + leUnprotected) > fileSize) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
//ISOException.throwIt(SW_TAMAM);
short bufferOffset = 0;
crypto.setEncryptionStatus(isSelectedFileEncrypted());
if (protectedApdu) {
bufferOffset = crypto.getApduBufferOffsetDT(leUnprotected);
if(isSelectedFileEncrypted())
bufferOffset = crypto.getApduBufferOffset(leUnprotected);
apdu.setOutgoing();
Util.arrayCopyNonAtomic(selectedFile.getData(), offset, buffer, bufferOffset, leUnprotected);
return leUnprotected;
* Processes and UPDATE_BINARY apdu. Writes data in the currently selected
* file.
* @param apdu
* carries the offset where to write date in header bytes p1 and
* p2.
private void processUpdateBinary(APDU apdu, boolean protectedApdu) {
if (!hasFileSelected() || isLocked()) {
ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
if ((selectedFile.getAccessConditions() & DigitalTachograph.UPDATE_ALW) != DigitalTachograph.UPDATE_ALW) {
if ((selectedFile.getAccessConditions() & DigitalTachograph.UPDATE_REQUIRES_SM) != DigitalTachograph.UPDATE_REQUIRES_SM) {
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
return;
}else if(!protectedApdu){
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
byte[] buffer = apdu.getBuffer();
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short offset = Util.makeShort(p1, p2);
short readCount = (short) (buffer[ISO7816.OFFSET_LC] & 0xff);
//if (!protectedApdu){
readCount = apdu.setIncomingAndReceive();
while (readCount > 0) {
selectedFile.writeData(offset, buffer, OFFSET_CDATA, readCount);
offset += readCount;
readCount = apdu.receiveBytes(ISO7816.OFFSET_CDATA);
private short processInternalAuthenticate(APDU apdu , boolean protectedApdu) throws CryptoException {
byte[] buffer = apdu.getBuffer();
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (KID_LENGTH * 2)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
// Check if VU.CHR maches the one of the selected certificate on the card
if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + KID_LENGTH), keyStore.selected_KID, (short) 0, KID_LENGTH) != 0) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, Rnd1, (short) 0, (short) 8) != (short) 8) { // Receive Rnd1
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
// Hash(PRnd2||K1||Rnd1||VU.CHR)
random.generateData(PRnd2, (short) 0, (short) 90);
random.generateData(K1, (short) 0, (short) 16);
crypto.shaDigest.update(PRnd2, (short) 0, (short) 90); // PRnd2
crypto.shaDigest.update(K1, (short) 0, (short) 16); // PRnd2||K1
crypto.shaDigest.doFinal(buffer, OFFSET_CDATA, lc, digest, (short) 0); //Rnd1||VU.CHR
BigNumber mod = new BigNumber((short) 128);
mod.init(keyStore.Card_PubMod, (short) 0, (short) keyStore.Card_PubMod.length, BigNumber.FORMAT_HEX);
mod.subtract(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX);
if (mod.compareTo(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX) == -1) {
mod.toBytes(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX);
// To be added: if the selected private key is considered corrupted, the processing state returned is '6400' or '6581'.
signed[0] = (byte) 0x6A;
Util.arrayCopyNonAtomic(PRnd2, (short) 0, signed, (short) 1, (short) 90);
Util.arrayCopyNonAtomic(K1, (short) 0, signed, (short) 91, (short) 16);
Util.arrayCopyNonAtomic(digest, (short) 0, signed, (short) 107, (short) 20);
signed[127] = (byte) 0xBC;
if (!keyStore.cardPrivateKey.isInitialized()) {
CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
try {
crypto.rsaSigner.init(keyStore.cardPrivateKey, Signature.MODE_SIGN);
crypto.rsaSigner.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (!keyStore.selectedPublicKey.isInitialized()) {
CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
try {
crypto.rsaCipher.init(keyStore.selectedPublicKey, Cipher.MODE_ENCRYPT);
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
apdu.setOutgoing();
Util.arrayCopyNonAtomic(signed, (short) 0, buffer, (short) 0, (short) 128);
return (short) signed.length;
private void processExternalAuthenticate(APDU apdu) {
short equipmentType = 0;
if (keyStore.Selected_Cert != null) {
equipmentType = (short) keyStore.Selected_Cert.CHA[6]; // check equipment type
if (equipmentType != (short) 1 && equipmentType != (short) 2 && equipmentType != (short) 3 && equipmentType != (short) 4 && equipmentType != (short) 6) {
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); // Instead of 6F00 throw a more meaningfull SW in case CHA is not valid.
if (Util.arrayCompare(keyStore.Selected_Cert.CHA, (short) 0, TACHOGRAPH_AID, (short) 0, (short) 6) != 0) {
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
if (p1 != 0 || p2 != 0) {
ISOException.throwIt(SW_WRONG_P1P2);
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (128)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, signed, (short) 0, (short) 128); // receive the cryptogram from the VU
// decrypt the encrypted message with the card private key
try {
crypto.rsaCipher.init(keyStore.cardPrivateKey, Cipher.MODE_DECRYPT);
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
// verify the signature with the VU public key
try {
crypto.rsaCipher.init(keyStore.selectedPublicKey, Signature.MODE_VERIFY); // Cipher.MODE_ENCRYPT
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (signed[0] != (byte) 0x6A || signed[127] != (byte) 0xBC) {
ISOException.throwIt(Util.makeShort(signed[0], signed[127]));
try {
verifyCardCertificates();
Util.arrayCopyNonAtomic(signed, (short) 1, preDigest, (short) 0, (short) 106); // accumulate preDigest
Util.arrayCopyNonAtomic(Rnd3, (short) 0, preDigest, (short) 106, (short) 8); // accumulate preDigest
Util.arrayCopyNonAtomic(keyStore.Card_Cert.CHR, (short) 0, preDigest, (short) 114, (short) 8); // accumulate preDigest
Util.arrayCopyNonAtomic(signed, (short) 91, K2, (short) 0, (short) 16); // receive K2 value
crypto.shaDigest.update(signed, (short) 1, (short) 106); // PRnd4||K2
crypto.shaDigest.update(Rnd3, (short) 0, (short) 8); // Rnd3
crypto.shaDigest.doFinal(keyStore.Card_Cert.CHR, (short) 0, (short) 8, digest, (short) 0); //||Card.CHR
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
if (Util.arrayCompare(signed, (short) 107, digest, (short) 0, (short) 20) != 0) {
ISOException.throwIt(SW_TAMAM);
volatileState[0] |= MUTUAL_AUTHENTICATED;
try {
DTUtil.xor(K1, (short) 0, K2, (short) 0, KaKb, (short) 0, (short) 16);
Util.arrayCopyNonAtomic(Rnd3, (short) 4, SSC, (short) 0, (short) 4); // tail of Rnd3
Util.arrayCopyNonAtomic(Rnd1, (short) 4, SSC, (short) 4, (short) 4); // tail of Rnd1
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
try {
keyStore.setKey_Ka(KaKb, (short) 0);
keyStore.setKey_Kb(KaKb, (short) 8);
keyStore.setSecureMessagingKeys(KaKb, (short) 0, KaKb, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM_DEGIL);
return;
private short returnPreDigest(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(preDigest, (short) 0, buffer, (short) 0, (short) 122);
return (short)preDigest.length;
private short returnDigest(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(digest, (short) 0, buffer, (short) 0, (short) 20);
return (short)digest.length;
private short returnOriginalText(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(signed, (short) 0, buffer, (short) 0, (short) 128);
return (short)signed.length;
private void processVerify(APDU apdu) { // Verify_CHV(Pin_Ws)
byte[] buffer = apdu.getBuffer();
// retrieve the PIN data for validation.
byte byteRead = (byte) (apdu.setIncomingAndReceive());
// the PIN data is read into the APDU buffer
// at the offset ISO7816.OFFSET_CDATA the PIN data length = byteRead
if (pin.check(buffer, ISO7816.OFFSET_CDATA, byteRead) == false) {
ISOException.throwIt(SW_VERIFICATION_FAILED);
return;
private void processPSO(APDU apdu) { // verify certificate
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
short lc = (short) (buffer[ISO7816.OFFSET_LC] & 0xFF);
if (p1 == (byte) 0x00 && p2 == P2_VERIFYCERT) {
if (lc != TACHO_CERT_LENGTH) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
try { // copy the certificate to be verified from APDU buffer to cert object
Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, cert, (short) 0, lc);
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
if (Util.arrayCompare(keyStore.selected_KID, (short) 0, keyStore.ERCA_KID, (short) 0, KID_LENGTH) == 0) {
keyStore.VUCA_Cert.verifyCert(cert, keyStore.selectedPublicKey, keyStore.selected_KID);
} else if (Util.arrayCompare(keyStore.selected_KID, (short) 0, keyStore.VUCA_Cert.CHR, (short) 0, KID_LENGTH) == 0) {
keyStore.VU_Cert.verifyCert(cert, keyStore.selectedPublicKey, keyStore.selected_KID);
} else {
ISOException.throwIt(SW_CERT_VERIFICATION_FAILED); // Selected keyId, with MSE, is neither ERCA_KID nor VUCA_KID
} else {
ISOException.throwIt(SW_CERT_VERIFICATION_FAILED);
return;
private short processGetChallenge(APDU apdu, boolean protectedApdu) {
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
if (p1 != 0 || p2 != 0) {
ISOException.throwIt(SW_WRONG_P1P2);
random.generateData(Rnd3, (short) 0, (short) 8);
short Le = apdu.setOutgoing();
if (Le != (short) 8) {
ISOException.throwIt(SW_WRONG_LENGTH);
Util.arrayCopyNonAtomic(Rnd3, (short) 0, buffer, (short) 0, (short) 8);
return Le;
private void processMSE(APDU apdu) {
byte[] buffer = apdu.getBuffer();
if (buffer[OFFSET_P1] == (byte) 0xC1 && buffer[OFFSET_P2] == P2_DST) {
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (KID_LENGTH + 2)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
if (buffer[OFFSET_CDATA] != (byte) 0x83) {//check the tag of the data
ISOException.throwIt(SW_SECURE_MESSAGING_DATA_OBJECTS_MISSING);
} else if (buffer[OFFSET_CDATA + 1] != (byte) 0x08) {
ISOException.throwIt(SW_INCORRECT_DATA_OBJECT); // check if the key is already selected one
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.selected_KID, (short) 0, KID_LENGTH) != 0) {
if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.ERCA_KID, (short) 0, KID_LENGTH) == 0) {// KID is EUR_KID
keyStore.selected_KID = keyStore.ERCA_KID;
keyStore.selectedPublicKey = keyStore.eurPublicKey;
keyStore.Selected_Cert = null; // ERCA public key is selected
return;
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.VUCA_Cert.CHR, (short) 0, KID_LENGTH) == 0) {// KID is MSCA_KID
keyStore.Selected_Cert = keyStore.VUCA_Cert;
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.VU_Cert.CHR, (short) 0, KID_LENGTH) == 0) { // KID is VU_KID
keyStore.Selected_Cert = keyStore.VU_Cert;
} else {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
}// KID not found
keyStore.selectedPublicKey = keyStore.Selected_Cert.publicKey;
keyStore.selected_KID = keyStore.Selected_Cert.CHR;
} else { // if the KID is already set, just return
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
private void processSelectFile(APDU apdu) {
byte[] buffer = apdu.getBuffer();
short lc = (short) (buffer[OFFSET_LC] & 0x00FF);
// retrieve p1p2 from apdu buffer
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short p1p2 = Util.makeShort(p1, p2);
apdu.setIncomingAndReceive();
if (p1 == 4) {
if (lc == (short) TACHO_AID_LENGTH) {
if (Util.arrayCompare(buffer, (short) OFFSET_CDATA, TACHOGRAPH_AID, (short) 0, (short) TACHO_AID_LENGTH) == 0) {
selectedFile = fileSystem.getDT();
fileSystem.selectDT();
volatileState[0] |= FILE_SELECTED;
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
} else if (lc != 2) {
ISOException.throwIt(SW_WRONG_LENGTH);
short fid = Util.getShort(buffer, OFFSET_CDATA);
if (fileSystem.getFile(fid) != null) {
selectedFile = fileSystem.getDT();
fileSystem.selectDT();
volatileState[0] |= FILE_SELECTED;
return;
} else if (p1 == 2) {
if (lc != 2) {
ISOException.throwIt(SW_WRONG_LENGTH);
short fid = Util.getShort(buffer, OFFSET_CDATA);
if (fileSystem.getFile(fid) != null) {
selectedFile = fileSystem.getFile(fid);
volatileState[0] |= FILE_SELECTED;
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
setNoFileSelected();
ISOException.throwIt(ISO7816.SW_FILE_NOT_FOUND);
public static void setNoFileSelected() {
if (hasFileSelected()) {
volatileState[0] ^= FILE_SELECTED;
public static boolean hasFileSelected() {
return (volatileState[0] & FILE_SELECTED) == FILE_SELECTED;
public static boolean hasMutuallyAuthenticated() {
return (volatileState[0] & MUTUAL_AUTHENTICATED) == MUTUAL_AUTHENTICATED;
static boolean isLocked() {
return (persistentState & LOCKED) == LOCKED;
public boolean isSelectedFileEncrypted() {
return ((selectedFile.getAccessConditions() & DigitalTachograph.ENCRYPTED) == DigitalTachograph.ENCRYPTED);
} -
Hello,
I have developed a Java Card Applet on Eclipse and I can run it through Jcop Tools' simulator. However, when I try to debug it, simulator returns 6A80 to upload command. Would you please tell me, what can be the reason of this problem?
Thanks in Advance,
RegardsDear ankey21, thank you for your response. Restarting Eclipse could not solve the problem.
Here is apdu trace:
cm> upload -d -b 250 "D:\**.cap"
=> 80 E6 02 00 12 05 6D 79 61 70 70 08 A0 00 00 00 ......myapp.....
03 00 00 00 00 00 00 00 ........
(1556 usec)
<= 00 90 00 ...
Status: No Error
=> 80 E8 00 00 FA C4 83 01 1E D7 01 00 15 DE CA FF ................
ED 02 02 04 00 01 05 6D 79 61 70 70 05 6D 79 61 .......myapp.mya
70 70 02 00 21 00 15 00 21 00 09 00 32 04 56 00 pp..!...!...2.V.
55 4A 89 00 DD 0A 62 00 00 0C 5F B7 73 00 18 00 UJ....b..._.s...
0B 00 B2 05 01 00 04 00 32 05 02 01 07 A0 00 00 ........2.......
00 62 01 01 02 01 07 A0 00 00 00 62 02 01 02 01 .b.........b....
07 A0 00 00 00 62 01 02 00 01 06 A0 00 00 01 51 .....b.........Q
00 00 01 07 A0 00 00 00 62 00 01 03 00 09 01 05 ........b.......
4D 79 41 70 70 04 09 06 00 55 00 00 80 00 80 03 MyApp....U......
43 00 40 04 06 00 00 04 32 FF FF 04 1D 04 3C 32 [email protected].....<2
E3 32 EE 00 84 00 07 00 07 01 02 00 08 47 4D 47 .2...........GMG
72 46 56 46 66 46 95 46 D1 47 11 47 E1 47 F6 48 rFVFfF.F.G.G.G.H
04 00 84 00 08 00 07 01 00 00 0A 49 6E 49 BA 49 ...........InI.I
C4 49 D0 49 EB 4A 0C 4A 1B 4A 2D 4A 3F 4A 71 07 .I.I.J.J.J-J?Jq.
4A 89 24 03 D3 80 1A 03 ED 00 00 04 25 80 04 04 J.$.........%...
2B 00 AB 04 54 01 AE 06 04 00 64 04 54 01 AE 00 +...T.....d.T...
(864915 nsec)
<= 6A 80 j.
Status: Wrong data
jcshell: Error code: 6a80 (Wrong data)
jcshell: Wrong response APDU: 6A80
Unexpected error; aborting executionRegards, -
JCOP tools plugin is unable to upload the applet
Greetings.
I have installed Eclipse 3.3 and JCOP tools (activated). We got ready Java Card applet and my task is to upload it into the Java Card. Firstly I want test it on a simulator.
The applet compiled successfully and the .CAP file is created. But when upload -d "blah blah blah .cap" command is executed either by me or by jcshell, it returns immediately and I don't actually see any data transmitted to the card (in this case simulator). After the card-info command is executed I see this:
Card Manager AID : A000000003000000
Card Manager state : OP_READY
Load File : LOADED (--------) A0000000035350 (Security Domain)
Module : A000000003535041
Load File : LOADED (--------) 01020304054F5449
Module : 0102030405
The last file has AID of my applet. But I know it is not there (on the card). When I run install command it does not return. I get nothing. JCOP tools seems to be busy and working but no response... neither error code nor exception.
I'm stuck with this issue three days already. Could anybody help me?
Thank you in advance.
Best regards, Greg
Software engineer at OTI
Edited by: neutrino on Oct 31, 2007 6:01 AMHi.
It is advised to install Eclipse 3.1.2, jdk 1.4.2 for JCOP tools plug-in 3.1.1.b/3.1.2.
Also, regarding the usage of JCOP shell, write:
/mode trace=on
before uploading of your cap file to trace all the APDUs.
Best regards,
Eve
Edited by: Ieva on Oct 31, 2007 6:38 AM -
JCOP Tools init-update problem
Hello, everybody!!!
I wanna simulate CardManager authentication behaviour and have some problems... Below i show you excerpts from my applet and the process of sending INITIALIZE UPDATE command to it using JCOP Shell.
If somebody has an idea to deal with this issue, please help.
Here's the definition of key i've used:
byte[] secKey = new byte[] {
(byte)0x40, (byte)0x41, (byte)0x42, (byte)0x43,
(byte)0x44, (byte)0x45, (byte)0x46, (byte)0x47
};This is done inside the constructor (secKey declared as a class field).
Next, i've added method to process INITIALIZE UPDATE command:
private boolean processInitUpdate(APDU apdu) {
byte[] buffer = apdu.getBuffer();
if((buffer[ISO7816.OFFSET_CLA] != 0x80) &&
(buffer[ISO7816.OFFSET_INS] != 0x50))
return false;
byte challengeLen = buffer[ISO7816.OFFSET_LC];
byte dataRead = (byte)apdu.setIncomingAndReceive();
if((challengeLen != 0x08) || (dataRead != 0x08)) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
// Encrypted cryptogram buffer
byte[] cryptogram = new byte[8];
DESKey des_key = (DESKey)KeyBuilder.buildKey(
KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES, false);
des_key.setKey(secKey, (short)0);
Cipher cipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
cipher.init(des_key, Cipher.MODE_ENCRYPT);
// Encrypt the incoming challenge
cipher.doFinal(buffer, ISO7816.OFFSET_CDATA, (byte)8, cryptogram, (byte)0);
// Output data
byte[] keyDeriviation = new byte[] {
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00,
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00
byte[] keyInfo = new byte[] {
(byte)0xff, (byte)0x02
// TODO generate random
byte[] challenge = new byte[] {
(byte)0x11, (byte)0x22, (byte)0x33, (byte)0x44,
(byte)0x55, (byte)0x66, (byte)0x77, (byte)0x88
// Calculate total length of the data to be sent
short totalLen = (short)(keyDeriviation.length + keyInfo.length +
cryptogram.length + challenge.length);
apdu.setOutgoing();
apdu.setOutgoingLength(totalLen);
apdu.sendBytesLong(keyDeriviation, (short)0, (short)keyDeriviation.length);
apdu.sendBytesLong(keyInfo, (short)0, (short)keyInfo.length);
apdu.sendBytesLong(challenge, (short)0, (short)challenge.length);
apdu.sendBytesLong(cryptogram, (short)0, (short)cryptogram.length);
return true;
}This method returns true if command has been processed successfully.
I've used GlobalPlatform specification to properly parse command APDU and to generate response APDU.
Then i use JCOP Tools for Eclipse shell. I select above applet and define keys as follows:
set-key 255/1/DES-ECB/4041424344454647
set-key 255/2/DES-ECB/4041424344454647
set-key 255/3/DES-ECB/4041424344454647Then i use init-update command:
init-update 255Shell generates the following APDU command sequence:
80 50 00 00 08 C3 17 13 59 C6 0F ED ED 00We can see the challenge, generated by simulator: C3 17 13 59 C6 0F ED ED.
I got the response:
00 00 00 00 00 00 00 00 00 00 FF 02 11 22 33 44 55 66 77 88 4D 4C E8 7E 6A 04 B1 43 90 00It seems everything all right, but shell shows an error:
Status: No Error
jcshell: Error code: -5 (Authentication failed)
jcshell: Wrong response APDU: 00000000000000000000FF0211223344556677884D4CE87E6A04B1439000I think I set keys inside the shell incorrectly. I use triple-DES, but code uses simple DES. However, i use equal keysets for triple-DES so it's the same as DES.
What's wrong?
Thank you.Hello everybody, again!
At last, I solved my problem. The issue was I incorrectly generated card cryptogram data. Cryptogram must be constructed using full triple DES algorithm. After that JCOP shell processes init-update 255 successfully.
Below I'll present working code for processing INITIALIZE UPDATE command in JCOP tools, maybe this will be helpful for somebody.
private boolean processInitUpdate(APDU apdu) {
byte[] buffer = apdu.getBuffer();
// Whether this INITIALIZE UPDATE command?
if((buffer[ISO7816.OFFSET_CLA] != 0x80) &&
(buffer[ISO7816.OFFSET_INS] != 0x50))
return false;
byte challengeLen = buffer[ISO7816.OFFSET_LC];
byte dataRead = (byte)apdu.setIncomingAndReceive();
if((challengeLen != 0x08) || (dataRead != 0x08)) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
// TODO generate random
// Card challange
byte[] challenge = new byte[] {
(byte)0x11, (byte)0x22, (byte)0x33, (byte)0x44,
(byte)0x55, (byte)0x66, (byte)0x77, (byte)0x88
// DES Secure Channel Encryption Key (S-ENC) generation
// Deriviation data array
byte[] derivData = new byte[16];
// Secure Channel Encryption Key data array
byte[] s_enc_key = new byte[16];
// The construction of deriviation data
Util.arrayCopy(buffer, (short)(ISO7816.OFFSET_CDATA + 4), derivData, (short)12, (short)4);
Util.arrayCopy(challenge, (short)0, derivData, (short)8, (short)4);
Util.arrayCopy(buffer, ISO7816.OFFSET_CDATA, derivData, (short)4, (short)4);
Util.arrayCopy(challenge, (short)4, derivData, (short)0, (short)4);
// Construct and initialize Cipher with des_key
DESKey des_key = (DESKey)KeyBuilder.buildKey(
KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_2KEY, false);
des_key.setKey(secKey, (short)0);
Cipher cipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
cipher.init(des_key, Cipher.MODE_ENCRYPT);
// Generate session S-ENC key
cipher.doFinal(derivData, (byte)0, (byte)derivData.length, s_enc_key, (byte)0);
// Card Authentication Cryptogram generation
// Cryptogram data array
byte[] cryptogram = new byte[8];
// Initial vector data
byte[] initVector = new byte[] {
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00,
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00
// Construct and initialize Cipher with s_enc_key
des_key.setKey(s_enc_key, (short)0);
cipher = Cipher.getInstance(Cipher.ALG_DES_CBC_NOPAD, false);
cipher.init(des_key, Cipher.MODE_ENCRYPT, initVector, (short)0, (short)initVector.length);
// Extract host challenge from input buffer
byte[] hostChallenge = new byte[8];
Util.arrayCopy(buffer, ISO7816.OFFSET_CDATA, hostChallenge, (short)0, (short)hostChallenge.length);
// Step 1: Encrypt host challenge using ICV of binary zeroes
byte[] inputData = xorOperation(initVector, hostChallenge);
cipher.doFinal(inputData, (short)0, (short)inputData.length, cryptogram, (short)0);
// Step 2: Encrypt card challenge using results of the previous operation
inputData = xorOperation(cryptogram, challenge);
cipher.doFinal(inputData, (short)0, (short)inputData.length, cryptogram, (short)0);
// Step 3: Encrypt DES padding data using results of the previous operation
byte[] pad = new byte[] {
(byte)0x80, (byte)0x00, (byte)0x00, (byte)0x00,
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00
inputData = xorOperation(cryptogram, pad);
cipher.doFinal(inputData, (short)0, (short)inputData.length, cryptogram, (short)0);
// Generate output
byte[] keyDeriviation = new byte[] {
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00,
(byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00
byte[] keyInfo = new byte[] {
(byte)0xff, (byte)0x01
// Calculate total length of the data to be sent
short totalLen = (short)(keyDeriviation.length + keyInfo.length +
cryptogram.length + challenge.length);
apdu.setOutgoing();
apdu.setOutgoingLength(totalLen);
apdu.sendBytesLong(keyDeriviation, (short)0, (short)keyDeriviation.length);
apdu.sendBytesLong(keyInfo, (short)0, (short)keyInfo.length);
apdu.sendBytesLong(challenge, (short)0, (short)challenge.length);
apdu.sendBytesLong(cryptogram, (short)0, (short)cryptogram.length);
return true;
private byte[] xorOperation(byte[] op1, byte[] op2) {
byte[] res = new byte[8];
if((op1.length != 8) || (op2.length != 8)) return null;
for(byte i = 0; i < res.length; i++) {
res[i] = (byte)(op1[i] ^ op2);
return res;
Regards, Eugene. -
Hi everyone,
I need to develop a Java Card application for NXP JCOP 21 - 36Kb cards. I don't have cards so far but want to look at JCOP API to ensure it is what I need and can work with.
However, it seems that I simply can't get JCOP from anywhere! I tried to download it from IBM and here's what I got it tools.zip:
As of July 1st 2007, all support activities for the JCOP operating system on NXP/Philips silicon will be serviced by NXP Semiconductors.
Please email requests for the JCOP Tools to: [email protected]
As you may have guessed I wrote them to NXP. They don't reply for 4 days already. What am I supposed to do? Any ideas would be appreciated.
Thanks in advance.Hi DomElion
Ive been researching extensively on java smartcard project for a while since I got involved in one such project very recently. Im a total newbie hence need some guidance regarding the same. Came across this posting and thought maybe I could get some help (which I desparately need now :(( )
Ive got SETECS 256k java smart card and a card reader. I installed java card 2.2, gpshell and java 6 (for smartcard IO). But sinct smart card IO can be used only to communicate with the card (and applets already on card) I still need java card kit and GPShell to install/load applets on the card. Hence Im now trying to understand the helloWorld applet loading given as example in the GPShell installation. But Im unable to understand few things in their script (which Im sure might be very basic and foolish of me to not understand that too :( ). But Ive successfully tried simulator, but I really need to write something and read it back from the "real" card !!
Request to please please help me understand how to write and read back using GPShell. For example this is the script provided as sample by GPShell
mode_211
enable_trace
establish_context
card_connect
select -AID a000000003000000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f // Open secure channel
delete -AID a00000006203010c0101
delete -AID a00000006203010c01
install -file HelloWorld.cap -nvDataLimit 2000 -instParam 00 -priv 2
getdata
# close_sc // Close secure channel
# putkey // Put key
// options:
// -keyind Key index
// -keyver Key version
// -key Key value in hex
card_disconnect
release_context
As seen above the line in bold is installing the helloworld on the card. But where is the AID assigned to it? What are the AIDs which are getting deleted? And what is the "select -AID a000000003000000" meaning?
Also now that I have the helloWorld on the card how can I read that applet back to return to me "hello world" using smartcard io or even java card 2.2?
Please please please please help !
Thanks so much
WAITING to hear back
Best Regards -
Hello.
Is there any way to find jct.dll, jcpcsc.dll (those are in the jcop plug-in os/ directory) analogues for 64-bit platform?
As i know, jcop tools provides only dll's and so libraries for 32-bit platforms to communicate with the card? Are there any 64-bit compatible?
I want to use Offcard API from JCOP tools on 64-bit platform (it uses mentioned above dlls or shared objects on Linux).
Best regards,
eveline-zeveline-z wrote:
Thanks for your reply.
So, Eclipse IDE with JCOP plug-in work fine on 64-bit platform without any emulation?Yes
I mean, you had no problems with connecting to a real card through the JCShell or even using JCOP Offcard API (because those are using native dll's for 32-bit platform which reside in com.ibm.bluez.jcop.eclipse_3.1.2\os\win32\x86\ directory)?I tested only on the simulator
The "com.ibm.bluez.jcop.eclipse_3.1.2\os\win32\x86\" directory is in the folder plugins in your eclipse path.
example : c:\eclipse\plugins\com.ibm.bluez.jcop.eclipse_3.1.2\os\win32\x86\
>
>
Thanks.
Best regards,
eveline-zMaDmEd -
Java card cap file install error in jcop tools
When i try to run java card applet in real java card it gives this error.i used jcop tools and java version 1.5 and eclipse 3.2.when i run the applet in simulater it works fine.i saw some document it says allocate memory for the installation process.i don't know how to do that.
/term "winscard:4|SCM Microsystems Inc. SCL010 Contactless Reader 0"
--Opening terminal
> /card -a a000000003000000 -c com.ibm.jc.CardManager
resetCard with timeout: 0 (ms)
--Waiting for card...
ATR=3B 8A 80 01 4A 43 4F 50 33 31 56 32 33 32 7A ;...JCOP31V232z
ATR: T=0, T=1, Hist="JCOP31V232"
=> 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
(23807 usec)
<= 6F 65 84 08 A0 00 00 00 03 00 00 00 A5 59 9F 65 oe...........Y.e
01 FF 9F 6E 06 47 91 73 51 2E 00 73 4A 06 07 2A ...n.G.sQ..sJ..*
86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`...*.H..k
02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ....c...*.H..k.d
0B 06 09 2A 86 48 86 FC 6B 04 02 15 65 0B 06 09 ...*.H..k...e...
2B 85 10 86 48 64 02 01 03 66 0C 06 0A 2B 06 01 +...Hd...f...+..
04 01 2A 02 6E 01 02 90 00 ..*.n....
Status: No Error
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> init-update 255
=> 80 50 00 00 08 AC B1 90 01 BF 2D 24 A0 00 .P........-$..
(49906 usec)
<= 00 00 91 18 01 39 93 95 05 59 FF 02 00 2C BE 39 .....9...Y...,.9
5E A5 07 55 87 B8 C3 A8 A6 93 66 2B 90 00 ^..U......f+..
Status: No Error
cm> ext-auth plain
=> 84 82 00 00 10 0C AE 50 3E C8 7E 1D 92 29 E2 59 .......P>.~..).Y
08 D9 DA 02 16 .....
(57276 usec)
<= 90 00 ..
Status: No Error
cm> delete 060504030201
=> 80 E4 00 00 08 4F 06 06 05 04 03 02 01 00 .....O........
(40041 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> delete 010203040506
=> 80 E4 00 00 08 4F 06 01 02 03 04 05 06 00 .....O........
(17392 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> upload -d -b 250 "Cap File location"
=> 80 E6 02 00 13 06 01 02 03 04 05 06 08 A0 00 00 ................
00 03 00 00 00 00 00 00 00 .........
(32303 usec)
<= 00 90 00 ...
Status: No Error
=> 80 E8 00 00 FA C4 81 F2 01 00 23 DE CA FF ED 02 ..........#.....
02 04 00 01 06 01 02 03 04 05 06 12 68 6D 73 2F ............hms/
6A 61 76 61 63 61 72 64 2F 68 65 6C 6C 6F 02 00 javacard/hello..
21 00 23 00 21 00 0A 00 0B 00 1E 00 0E 00 3D 00 !.#.!.........=.
0A 00 0B 00 00 00 4D 01 BE 00 00 00 00 00 00 01 ......M.........
01 00 04 00 0B 01 02 01 07 A0 00 00 00 62 01 01 .............b..
03 00 0A 01 06 06 05 04 03 02 01 00 08 06 00 0E ................
00 00 00 80 03 00 FF 00 07 01 00 00 00 1C 07 00 ................
3D 00 01 10 18 8C 00 05 7A 05 30 8F 00 00 3D 8C =.......z.0...=.
00 01 18 1D 04 41 18 1D 25 8B 00 02 7A 02 21 18 .....A..%...z.!.
8B 00 03 60 03 7A 19 8B 00 04 2D 1A 04 25 73 00 ...`.z....-..%s.
09 00 00 00 00 00 0F 11 6D 00 8D 00 06 7A 08 00 ........m....z..
0A 00 00 00 00 00 00 00 00 00 00 05 00 1E 00 07 ................
01 00 02 00 06 00 00 01 03 80 03 02 03 80 03 03 ................
03 80 0A 01 06 80 03 00 06 80 07 01 09 00 0B 00 ................
00 00 07 05 06 04 0A 07 07 13 0B 00 4D 01 00 00 ............M...
(764519 usec)
<= 6A 80 j.
Status: Wrong data
jcshell: Error code: 6a80 (Wrong data)
jcshell: Wrong response APDU: 6A80
Unexpected error; aborting executionThanks ReNa
i am using nxp jcop 31 contact-less card.and it will support for java card 2.2.1 and global-platform card specification 2.1.1 .so i am using nxp jcop training 2007 tools and it has java card 2.2.1 and global-platform card specification 2.1.1.Inside my project there are three jar files these are jc221.jar and gp211.jar and bio10.jar
i will appreciate your help
Thanks -
Hi all,
I wrote simple applet and I tried to test it with JCOP Tool (eclipse) but I get this error
cm> /term "Remote|localhost:8050"
/card -a a000000003000000 -c com.ibm.jc.CardManagerATR: 3BFA1300008131FE454A434F5034315632323196
ATR: T=1, FI=1/DI=3 (93clk/etu), N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V221"
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> init-update 255
cm> ext-auth plain
cm> delete 4422331234
cm> delete 4422331234
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> delete 0000000001
cm> delete 0000000011
cm> upload -b 250 "D:\Development\Java\projects\JavaCard\HelloWorld\bin\org\erno\jc\hello\javacard\hello.cap"
cm> install -i 0000000001 -q C9#() 0000000011 0000000001
cm> upload -b 250 "D:\Development\Java\projects\JavaCard\test\bin\org\erno\test\javacard\test.cap"
cm> install -i 4422331234 -q C9#() 4422331234 4422331234
jcshell: Error code: 6985 (Conditions of use not satisfied)
jcshell: Wrong response APDU: 6985
Unexpected error; aborting executiondoes anybody know what is wrong with it? I am new about this :-(. thanx for any help.
regards
p.s. I'm using simulator not real card.Hy,
here is the status I get when I try to run my applet
- /term "Remote|localhost:50337"
--Opening terminal
/card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
--Waiting for card...
ATR=3B FA 13 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 ;.....1.EJCOP41V
32 32 31 96 221.
ATR: T=1, FI=1/DI=3 (93clk/etu), N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V221"
=> 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
(15538 usec)
<= 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 o..............e
01 FF 90 00 ....
Status: No Error
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> init-update 255
=> 80 50 00 00 08 D7 5D 16 84 88 87 8B B0 00 .P....].......
(4177 usec)
<= 00 00 57 F3 97 D9 7F 72 88 55 FF 02 00 00 3D 02 ..W....r.U....=.
9C 31 C7 89 90 D8 41 D7 23 6B DD B4 90 00 .1....A.#k....
Status: No Error
cm> ext-auth plain
=> 84 82 00 00 10 45 11 3E D7 C1 3E 63 40 3A 2F EF .....E.>..>c@:/.
C1 E6 93 3C 0F ...<.
(3099 usec)
<= 90 00 ..
Status: No Error
cm> delete 0000000012
=> 80 E4 00 00 07 4F 05 00 00 00 00 12 00 .....O.......
(1459 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> delete 0000000012
=> 80 E4 00 00 07 4F 05 00 00 00 00 12 00 .....O.......
(1613 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> upload -b 250 "D:\Development\Java\projects\JavaCard\JCErnad\bin\erno\jc\javacard\jc.cap"
=> 80 E6 02 00 12 05 00 00 00 00 12 08 A0 00 00 00 ................
03 00 00 00 00 00 00 00 ........
(3475 usec)
<= 00 90 00 ...
Status: No Error
=> 80 E8 80 00 E8 C4 81 E5 01 00 17 DE CA FF ED 02 ................
02 04 00 01 05 00 00 00 00 12 07 65 72 6E 6F 2F ...........erno/
6A 63 02 00 21 00 17 00 21 00 09 00 0B 00 1E 00 jc..!...!.......
0E 00 3D 00 0A 00 0B 00 00 00 4D 01 A3 00 00 00 ..=.......M.....
00 00 00 01 01 00 04 00 0B 01 02 01 07 A0 00 00 ................
00 62 01 01 03 00 09 01 05 00 00 00 00 12 00 08 .b..............
06 00 0E 00 00 00 80 03 00 FF 00 07 01 00 00 00 ................
1C 07 00 3D 00 01 10 18 8C 00 06 7A 05 30 8F 00 ...=.......z.0..
03 3D 8C 00 00 18 1D 04 41 18 1D 25 8B 00 01 7A .=......A..%...z
02 21 18 8B 00 02 60 03 7A 19 8B 00 04 2D 1A 04 .!....`.z....-..
25 73 00 09 00 00 00 00 00 0F 11 6D 00 8D 00 05 %s.........m....
7A 08 00 0A 00 00 00 00 00 00 00 00 00 00 05 00 z...............
1E 00 07 06 00 00 01 03 80 03 02 03 80 03 03 01 ................
00 02 00 03 80 0A 01 06 80 07 01 06 80 03 00 09 ................
00 0B 00 00 00 07 05 06 04 0A 07 07 13 00 ..............
(18434 usec)
<= 00 90 00 ...
Status: No Error
Load report:
232 bytes loaded in 0.0 seconds
effective code size on card:
+ package AID 5
+ applet AIDs 12
+ classes 17
+ methods 64
+ statics 0
+ exports 0
overall 98 bytes
cm> install -i 0000000012 -q C9#() 0000000012 0000000012
=> 80 E6 0C 00 18 05 00 00 00 00 12 05 00 00 00 00 ................
12 05 00 00 00 00 12 01 00 02 C9 00 00 00 ..............
(3280 usec)
<= 69 85 i.
Status: Conditions of use not satisfied
jcshell: Error code: 6985 (Conditions of use not satisfied)
jcshell: Wrong response APDU: 6985
Unexpected error; aborting executionthanks
regards
erno -
JCOP tools and walllet example
Hi,
I'm trying to execute the well known (not for me ;-)) Wallet example with JCOP tools 3.1.1 but I have some problems.
The first is related to install parameters: searching into other threads I was able to install the applet using 0102030405 parameter (even if it's not clear for me the meaning of this parameter, the install method accepts 3 parameters, bArray, bOffset and bLength).
Here the install APDU trace:
cm> install -i 77616c6c65742e617070 -q C9#(0102030405) 6578616d706c6573 77616c6c65742e617070
=> 80 E6 0C 00 2A 08 65 78 61 6D 70 6C 65 73 0A 77 ....*.examples.w
61 6C 6C 65 74 2E 61 70 70 0A 77 61 6C 6C 65 74 allet.app.wallet
2E 61 70 70 01 00 07 C9 05 01 02 03 04 05 00 00 .app............
(2002 usec)
<= 90 00 ..
Status: No Error
cm> card-info
=> 80 F2 80 00 02 4F 00 00 .....O..
(471848 nsec)
<= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 .............
Status: No Error
=> 80 F2 40 00 02 4F 00 00 [email protected]..
(521854 nsec)
<= 0A 77 61 6C 6C 65 74 2E 61 70 70 07 00 90 00 .wallet.app....
Status: No Error
=> 80 F2 10 00 02 4F 00 00 .....O..
(762666 nsec)
<= 07 A0 00 00 00 03 53 50 01 00 01 08 A0 00 00 00 ......SP........
03 53 50 41 08 65 78 61 6D 70 6C 65 73 01 00 01 .SPA.examples...
0A 77 61 6C 6C 65 74 2E 61 70 70 90 00 .wallet.app..
Status: No Error
Card Manager AID : A000000003000000
Card Manager state : OP_READY
Application: SELECTABLE (--------) "wallet.app"
Load File : LOADED (--------) A0000000035350 (Security Domain)
Module : A000000003535041
Load File : LOADED (--------) "examples"
Module : "wallet.app"
After that I'm not able to select the applet, here the APDU trace:
cm> /select |wallet.app
=> 00 A4 04 00 0A 77 61 6C 6C 65 74 2E 61 70 70 00 .....wallet.app.
(334400 nsec)
<= 6E 00 n.
Status: CLA value not supported
jcshell: Error code: 6e00 (CLA value not supported)
jcshell: Wrong response APDU: 6E00
Any help would be very appreciated.
Dariush.Dariush, whether this pin data or not is defined inside an applet. As for Wallet it must be pin value. But I saw several implementations of Wallet applet with different initialize parameters processing.
Consider this code:
private Wallet(byte[] bArray, short bOffset, byte bLength) {
pin = new OwnerPIN(PIN_TRY_LIMIT, MAX_PIN_SIZE);
byte iLen = bArray[bOffset]; // aid length
bOffset = (short) (bOffset + iLen + 1);
byte cLen = bArray[bOffset]; // info length
bOffset = (short) (bOffset + cLen + 1);
byte aLen = bArray[bOffset]; // applet data length
pin.update(bArray, (short) (bOffset + 1), aLen);
register();
public static void install(byte[] bArray, short bOffset, byte bLength) {
new Wallet(bArray, bOffset, bLength);
}Think of bArray data array as installation parameters (like command-line params in main method of the Java application); some of them you defined using C9 tag in JCOP Shell. Look at the comments in Wallet constructor and you will understand what data is passed. aLen variable denotes the length of parameters you passed through C9 tag.
You can make a breakpoint on the first line in the constructor and then inspect what bArray actually contains.
bOffset - is the offset in bArray, bLength - length of the installation params.
Regards, Eugene -
JCOP Tools "This package has not been built"
Hello,
I'm using the Eclipse with JCOP Tools 3.1.1 and sometimes the .cap file is not built and the upload of the Applet fails when running the project
cm> upload ".../workspace.1j.../myapp.cap"
jcshell: Cannot read </../../myapp.cap>: java.util.zip.ZipException: error in opening zip fileThe "CAP File Properties" view in Eclipse says "This package has not been built" but I don't know how to force the build of the package. I tried to clean, manually/automatically build the project but it just won't get build :(
Any ideas ?
Thanks.
Texwell nevermind, when this happens I just build the .cap alone:
cd myproject/bin
..../java_card_kit-2_2_1/bin/converter -out CAP -applet 0x01:0x02:0x03:0x04:0x05:0x2E:0x61:0x70:0x70 com.test.MyApplet com.test 0x01:0x02:0x03:0x04:0x05 1.0 Tex -
JCOP Tools Problem Error code: 6985 (Conditions of use not satisfied)
I have a problem with the JCOP tools. I am developing a very simple applet which does nothing at all. It is a "hello world" type applet so that I can get something working. It compiles ok, however as soon as I try to run it under the emulator I get an error.
Status: Conditions of use not satisfied jcshell: Error code: 6985 (Conditions of use not satisfied) jcshell: Wrong response APDU: 6985
This always happens when the jcshell issues the install command.
The install command is:
install -i 1234567890 -t -l -d -m -p -s -b -e -q C9#(1234567890) 1234567890 1234567890
I must be doing something very basic incorrectly. I have tried searching the forums and internet and I haven't found anything. Any help would be appreciated.
The code is this:
package pt.microfil.test;
import javacard.framework.*;
import javacard.framework.ISO7816;
import javacard.framework.ISOException;
import javacard.framework.APDU;
public class testcard extends Applet {
final static byte CLASS = (byte) 0x80; // Class of the APDU commands
final static byte INS_READ = (byte) 0x02; // instruction for the READ APDU command
// this is the text string which will send back from the ICC to the IFD
final static byte[] text = {(byte) 'e', (byte) 't', (byte) 's', (byte) ' ',
(byte) 'g', (byte) 'e', (byte) 'h', (byte) 't', (byte) 's', (byte) ' ',
(byte) 'd', (byte) 'e', (byte) 's', (byte) ' ',
(byte) 'G', (byte) 'l', (byte) 'u', (byte) 'm', (byte) 'p'};
public static void install(byte[] bArray, short bOffset, byte bLength) {
// GP-compliant JavaCard applet registration
//new testcard().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
new testcard().register();
public static void install() {
new testcard().register();
public void process(APDU apdu) {
byte[] cmd_apdu = apdu.getBuffer(); // the cmd_apdu variable is used because of performance reasons
if (cmd_apdu[ISO7816.OFFSET_CLA] == CLASS) { // it is the rigth class
switch(cmd_apdu[ISO7816.OFFSET_INS]) { // check the instruction byte
case INS_READ: // it is a READ instruction
// check if P1=P2=0
if ((cmd_apdu[ISO7816.OFFSET_P1] != 0) || (cmd_apdu[ISO7816.OFFSET_P2] != 0)) {
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
} // if
// check if P3=length of the text field
short le = (short)(cmd_apdu[ISO7816.OFFSET_LC] & 0x00FF); // calculate Le (expected length)
short len_text = (short)text.length; // the len_text variable is used because of performance reasons
if (le != len_text) {
ISOException.throwIt((short)(ISO7816.SW_CORRECT_LENGTH_00 + len_text)); // give the expected length back to the IFD
} // if
apdu.setOutgoing(); // set transmission to outgoing data
apdu.setOutgoingLength((short)len_text); // set the number of bytes to send to the IFD
apdu.sendBytesLong(text, (short)0, (short)len_text);
break;
default : // the instruction in the command apdu is not supported
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
} // switch
} // if
else { // the class in the command apdu is not supported
ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED);
}i also found this error and i change the package name and applet id.it is not changing.now i got same error.
cm> install -i 6d796170702e617070 -q C9#() 6d797061636b616765 6d796170702e617070
jcshell: Error code: 6985 (Conditions of use not satisfied)
jcshell: Wrong response APDU: 6985
Unexpected error; aborting execution
how can i solve the problem?? -
Hi All,
I want to debug/run JavaCard applet. So, I need to send APDUs to the applet. I heard that JCOP tool will be useful to send command APDUs and debug the applet. I cant find complete JCOP tool setup on internet. Can anyone share a link or share the setup for JCOP(jcshell)?
Thanks in advance,
Regards,
NaveedHi,
take a look at these links:
http://andyhua.sg1001.myweb.hinet.net/Java%20Card%20Applet%20by%20JCOP%203.0%20with%20Eclipse.pdf
http://www.youtube.com/watch?v=B7VPK1NDbw0
Regards,
Hana -
I just bought the JCOP tools and a javacard reader/writer and i am so much confused as per its functions one of the problems i am having
is that
(1) In Suns Javacard parkage , AIDS are in the form 0xa0:0x0:0x0:0x0:0x62:0x3:0x1:0x8:0x1 while in the JCOP
environment i noticed was in the form 01020304050601 which i assumed is in the decimal format how do i convert.
(2) i tried writing a program which compiled well , when i wanted to test it with the JCShell it came out with this
error "Not yet Connected to terminal" What could be the cause of this.
(3) I have a Gemplus GPR400 Reader/writer attached to my laptop, though the computer has located and loaded drivers for it
i still don't know how to like access the reader or download applets onto it , I don't know if the JCOP tool can download onto it>
3. JCOP requires a PC/SC reader attached if you want
to load onto one of the JCOP cards. You can also use
the simulator for debugging. It appears that your
reader might not be found, which could be related to
question 2.yeah i guess so cos when i went to services i tried starting "Smart Card Resource Manager" and "Smart Card Helper" they would not start , they always give this error "The Dependency Service or group failed to start" what can be causing this probs i am using win Xp
Maybe you are looking for
-
Server Manager Error, Windows Server 2012 Standed
Windows Server 2012 on my desktop and I've been in it then open Server Manager "ServerManager.exe - This application could not be started" error this time. In it, the option is YES and NO. YES is open to the side of .net. Please help me as soon as po
-
Questions on Marvell vs. intel Raid setup for new build
I'm getting ready to do my first build this weekend, and had some questions on the Asus p9x79pro motherboard's raid controllers. They are: What is the difference between the Marvell controller and the intel software controller? Why would I use one o
-
How can I organize all my photo's in Iphoto
I would love if someone could tell me how I can create less folders in Iphoto to organize my photos. Every time I import something new iphoto puts it into a new folder, from the past 3 years I have way too many folders and would like to organize them
-
Non US characters in login and email generation
I have a design problem that I would like to check if anyone else has found a good solution to. Once you leave the safe shores of the United States your users start having names that includes all kinds of funny characters. In the good old days this p
-
Custom enhancement spot not getting called.
Hello guros, We are currently upgrading to ECC6 and I started playing a little bit with enhancement spots. I've tried inserting my own enhancement spot using ENHANCEMENT-SPOT ELI SPOTS ZELI_SPOT. I've created the ZELI_SPOT badi definition and created