Lock card manager in GemXpresso jmanager

How can I lock the card manager while authenticating?
for example, I want to lock Card Manager after 3 times failed authentication.

How can I lock the card manager while authenticating?
for example, I want to lock Card Manager after 3 times failed authentication.

Similar Messages

  • Unable to access to GemXpresso Card Manager with JCOP 312 pluggin

    Hello all,
    I´m using JCOP 312 to install applets in GemXpresso 211 cards but I´m not able to achieve it. Before I achieved to install applets with JCOP 312 in JCOP 211 cards without problems. I read in others threads of this forum that it´s possible to install applets in GemXpresso cards with JCOP using com.ibm.jc.GX211CardManager class in JCOP configuration in addition to change Card Manager AID.
    I don´t have the com.ibm.jc.GX211CardManager class so I can´t test this issue. does anyone have this class? I woul´d very appreciated if anyone could pass me this class.
    I don´t know no other form to use GemXpresso cards with JCOP 312 eclipse pluggin.
    Thanks in advance.

    Yes Safarmer, this is the point, "to determine what these setting are" :-). I know to configure JCOP plugin parameters in accordance with javacard type,
    but the problem is find out values of these parameters (AID Card Manager, key values,...).
    Steps I do to test JCOP cards are depicted below:
    /card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
    --Waiting for card...
    ATR=3B 66 00 FF 4A 43 4F 50 32 30 ;f..JCOP20
    ATR: T=0, N=-1, Hist="JCOP20"
    => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
    (92851 usec)
    <= 6F 19 84 08 A0 00 00 00 03 00 00 00 A5 0D 9F 6E o..............n
    06 40 51 30 23 20 17 9F 65 01 FF 90 00 [.@Q0|mailto:.@Q0]# ..e....
    Status: No Error
    cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
    cm> init-update 255
    => 80 50 00 00 08 FA 65 9D CE FA 89 4B BC 00 .P....e....K..
    (116982 usec)
    <= 00 00 61 73 02 05 76 90 99 52 FF 01 0D A4 66 E3 ..as..v..R....f.
    7F D6 2E 15 C5 D3 3D 2A C0 69 98 AE 90 00 ......=*.i....
    Status: No Error
    As you see, there isn&acute;t any problem to access to this card with JCOP.
    Steps I do to test GemXpresso cards are depicted below:
    /card -a a000000003000000 -c com.ibm.jc.CardManagerATR: 3F6D000080318065B00501025E83009000
    ATR: T=0, N=0, Hist=80318065B00501025E83009000
    jcshell: Unable to select Card Manager or invalid FCI: Unknown Global Platform Java Card.
    Subsequent commands might fail! Inspection might not be possible!
    ??> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
    ??> init-update 255
    jcshell: Error code: -5 (Authentication failed)
    jcshell: Wrong response APDU: 434D03070001297400BD0D019EED3933FC1384F99315DD3552508A529000
    Unexpected error; aborting execution
    As you see, there are problems to access to this card with GemXpresso card, basically it&acute;s not be able to select Card Manager.
    I know I should to change AID Card Manager and Card Manager class to this: "/card -a A000000018434D - c com.ibm.jc.GX211CardManager" but the point is
    I don&acute;t have GX211CardManager class. Moreover I don&acute;t know values of the keys to use with this cards type.
    Regards.

  • GemXpresso 211 Card Manager problems ...

    Hello all,
    I would like to install an java card applet in a GemXpresso 211 but I don�t know how to do it.
    I have several GemXpresso 211 cards, a GemPC410 reader and EZMini reader. I have�t Gemplus Development Kit RAD III because is too expensive for me.
    My question is:
    Is it possible to install an applet in a GemXpresso 211 card without GemXpresso RAD III? I�ve seen that it�s necessary to invoke to the Card Manager (the installer) of GemXpresso cards to install other applets. Is it true?
    I know Gemplus provide a "jar" to GemXpresso 211 cards, but this "jar" only is available with GemXpresso RAD III.
    Can I get this "jar" elsewhere ?
    I would be very grateful for your aswers.
    Thaks in advance.
    Grettings.

    Thank you Sebastien for your suggestion. This GlobalPlatform works a bit better
    I tried a simple list of applets
    Test with Java 1.7
    java -jar gp.jar -list -v -d  --virgin --visa2 --sdaid A000000018434D
    java -jar gp.jar -list -v -d  --virgin --sdaid A000000018434D
    but I have always this error: "Card cryptogram invalid"
    # Detected readers
    [*] Eutron Smart Pocket 00 00
    SCardConnect("Eutron Smart Pocket 00 00", T=*) -> T=0
    SCardBeginTransaction("Eutron Smart Pocket 00 00")
    Reader: Eutron Smart Pocket 00 00
    ATR: 3F6D000080318065B00501025E83009000
    More information about your card:
        http://smartcard-atr.appspot.com/parse?ATR=3F6D000080318065B00501025E83009000
    A>> T=0 (4+0007) 00A40400 07 A000000018434D 00
    A<< (0026+2) (196ms) 6F188407A000000018434DA50D9F6E063231030033309F6501FF 9000
    Auto-detected ISD AID: A000000018434D
    A>> T=0 (4+0000) 80CA9F7F 00
    A<< (0045+2) (281ms) 9F7F2A0004001532310300333003070001330800BD129211201293112000000000000000000000000000000000 9000
    A>> T=0 (4+0008) 80500000 08 0E46DD4BF57FD99E
    A<< (0028+2) (976ms) 434D03070001330800BD0D01F8B4612181997CC6FA790B39A6BD872E 9000
    Using SCP01 with static version 13 keys:
    ENC: 404142434445464748494A4B4C4D4E4F
    MAC: 404142434445464748494A4B4C4D4E4F
    KEK: 404142434445464748494A4B4C4D4E4F
    Session keys:
    ENC: 9194FA3EBF876D800D69C3387C1F3371
    MAC: 9194FA3EBF876D800D69C3387C1F3371
    KEK: 404142434445464748494A4B4C4D4E4F
    openkms.gp.GPException: Card cryptogram invalid.
    Exp: FA790B39A6BD872E
    Act: E4A8C501AE2E52F1
            at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:428)
            at openkms.gp.GPTool.main(GPTool.java:280)

  • Java Card Manager NetBeans plug-in

    Just to announce, I've uploaded a simple plug-in for NetBeans that provides basic functionality for Java Cards. Send APDU commands to card or simulator, browse content loaded on card, load & install & delete applets, open secure channel... Plug-in follows Open platform specification.
    It has been used with GemXpresso cards (and works well) so there is no experience with other cards, but suppose that the card is OP compliant, it should work ok.
    I have some ideas to improve and to extend it to support full OP/GP specs as well as plug-in for Java Card project type. However, I have no idea about what Sun prepares as tools with JC3.0 (I've noticed that it will be NB plug-ins too).
    http://plugins.netbeans.org/PluginPortal/faces/PluginDetailPage.jsp?pluginid=10935

    Hello, neinaggar1.
    Well, on NetBeans plug-in portal, I've uploaded Java Card Manager plug-in. This plug-in brings to NetBeans the possibility to communicate (APDU commands, installing applets, etc.) with card or running simulator; no project types.
    In comments on plug-in discussion, i.e. http://plugins.netbeans.org/PluginPortal/faces/PluginDetailPage.jsp?pluginid=10935 , I've put a link to second plug-in Java Card Project that provides the "project" functionality - new project type (new project type category "Java Card"), code completion, compiling, converting, starting simulator... However, this plug-in is in "beta" stage because it has some unsolved pitfalls - for example, you can provide just one export path for converting and there is a problem with plug-in depedency to internal NetBeans modules so it is strongly dependent on certain ide version (and probably even on its build).
    Check the link above and discussion present there.
    Just a note:
    the access to the functionality Java Card Manager plug-in is from "Service" tab.
    the access to the functionality Java Card Project plug-in is from properties (right click on the project name in project treeview) of existing java card project made by this plug-in or via new project wizard to make a new java card project.
    Edited by: Vlasakcz on Aug 1, 2008 7:24 AM

  • Java with Card Management Software

    hi every one
    i need java interface for card management software like (EDIsecure CMS or IDExpert CMS)
    please any help me is there any java interface for the CMS.
    in my java application while clicking the print button i need to sent the user information to CMS software.
    i already design the template for my card.
    then this card management Software apply data value to the template then it will print it.
    Thiagu.m

    Note: This thread was originally posted in the [Blades - General Discussion|http://forums.sun.com/forum.jspa?forumID=908] forum, but moved to this forum for closer topic alignment.
    I had no better idea to where to move that thread.

  • How to select Card manager on Default JavaCard simulator from NetBeans 7.2

    Hi
    I'm trying to resolve three questions
    1) to find FAQ/Manual about simulator included into 3.0.2 JavaCard Connected platform
    2) which commands for Card Manager of simulated default JavaCard are supported
    3) how to upload simple applet (ex. HelloWorld from JavaCard 3.0.2) using Card Manager applet simulated on Default javaCard Connected platfrom simulator available from NetBeans 7.2
    Thaaaanks

    From my understanding, NetBeans uses the CREF executable from the JCDK for simulation. You can check the documentation (developer guide etc) from the JCDK for more details. The CREF emulator uses a custom applet loader so it does not use standard GP commands and will be different to a real card. As for loading your applet, you should be able to run from NB and it will start your emulator and deploy your code. I do not use netbeans so cannot really comment further.
    - Shane

  • Unable to select Card Manager or invalid FCI

    Hi,
    I have JCOP41V231 but I can not upload the CAP file.
    When I try to select the Card Manager I get an error 6A82.(see trace bellow)
    I asked the card supplier and he answer:
    "our all samples have not initialized. so you can cannot select the card manager.
    if the card have not initialized, and you can select wrong card manager, the card will be damage.
    please initialize the card."
    How can I initialize the card ?
    Is there a special tool to do that?
    /term "winscard:4|SCM Microsystems Inc. SCR33x USB Smart Card Reader 0"
    --Opening terminal
    /card -a a000000003000000 -c com.ibm.jc.CardManager
    resetCard with timeout: 0 (ms)
    --Waiting for card...
    ATR=3B FA 13 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 ;.....1.EJCOP41V
    32 33 31 97 231.
    IOCTL().
    ATR:
    T = 1
    => 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
    (9682 usec)
    <= 6A 82 j.
    Status: File not found
    jcshell: Unable to select Card Manager or invalid FCI: Unknown Global Platform Java Card.
    Subsequent commands might fail! Inspection might not be possible!
    ??> set-key 1/1/DES-ECB/404142434445464748494a4b4c4d4e4f 1/2/DES-ECB/404142434445464748494a4b4c4d4e4f 1/3/DES-ECB/404142434445464748494a4b4c4d4e4f
    ??> init-update 1
    => 80 50 01 00 08 0A D3 1F 2B 09 F1 CD E2 00 .P......+.....
    (8444 usec)
    <= 6A 81 j.
    Status: Function not supported
    jcshell: Error code: 6a81 (Function not supported)
    jcshell: Wrong response APDU: 6A81
    Unexpected error; aborting execution

    Hi,
    I think that you didnt prepersonalisation. Once pre-personalisation you can enter card manager.

  • What is Card Manager and how does it work ?

    Hi everyone,
    I would like to know how can I find complete description about "card manager"?
    If there is any document or link that have explained it ,please inform me.
    yours sincerely,
    Orchid

    Since it is part of the GP API, the only way to handle the CVM PIN is through an Applet. So you need one "Global PIN" Applet, with which you can set/block/submit/verify a the CVM PIN. All other Applets will implement a verification of the CVM PINin the select() method:
         public boolean select () {
              CVM cvm = GPSystem.getCVM(GPSystem.CVM_GLOBAL_PIN);
              if(!cvm.isVerified())
                   return false;
              else
                   return true;
         }

  • Can the card manager of jcop41 v2.2 support multiselect ?

    I find the card manager of simulation of jcop can't be select on multi channel at the same time, but can the real card of jcop41?
    can anyone tell me?

    All JCOP products have by default only the basic logical channel enabled. The reason is that it shall be GP compliant, and GP spec says that the CardManager must be multiple selectable if multiple logical channels are supported. The CM in JCOP is not multi selectable. If you don't care about GP compliancy (at least on this issue), you can set up to 4 logical channels during pre-perso (JCRE_MODE, two lowest bits).

  • Write new card manager AID  for JCOP 4 1 v.2.3.1 problem .

    hello mate can you help us to solve our problem :
    My team have smartcard security project now , we buy blank smart card from some friend in china.
    the suplier already gave us the step for Pre-Personalization, we already follow that step one by one :
    1. select root using transport key >>> ok
    00 a4 04 00 10 (transport key)
    2. boot to jcop card >>> ok
    00 f0 00 00
    3. write the new card manager AID >>> here we have some problem ....
    we follow the instruction to write command from our supplier >> is (a2) B0 (a1) (a0) <DATA>
    can somebody help us to understand this step, to fill a2,a1,a0 variable from that command . ?
    regards
    fixdigital.

    Can you describe how to change this key ? we used JC shell .
    i mean like command to put key maybe, or you have an example ...
    we already try to change the key but unsucced, like log we post before ...
    still confuse which step we do wrong ...
    the procedure we already do
    *(1) Pre-Personalization*
    /atr
    /send 00a4040010<TranspotKey>
    /send 00f00000 <== boot
    /send 00100000 <== protect
    /send 00000000 <== Fuse
    *(2) then we try auth with default key, the auth still failed*
    *##try use JCShell (eclispse)*
    ??> /card
    --Waiting for card...
    ATR=3B FA 13 00 00 81 31 FE 45 4A 43 4F 50 34 31 56 ;.....1.EJCOP41V
    32 33 31 97 231.
    ATR: T=1, FI=1/DI=3 (93clk/etu), N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOP41V231"
    => 00 A4 04 00 07 A0 00 00 00 03 00 00 00 .............
    (150720 usec)
    <= 6F 65 84 08 A0 00 00 00 03 00 00 00 A5 59 9F 65 oe...........Y.e
    01 FF 9F 6E 06 40 51 63 45 29 00 73 4A 06 07 2A ...n.@QcE).sJ..*
    86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`...*.H..k
    02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ....c...*.H..k.d
    0B 06 09 2A 86 48 86 FC 6B 04 02 15 65 0B 06 09 ...*.H..k...e...
    +2B 85 10 86 48 64 02 01 03 66 0C 06 0A 2B 06 01 ...Hd...f.....+
    04 01 2A 02 6E 01 02 90 00 ..*.n....
    Status: No Error
    cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
    cm> init-update 255
    => 80 50 00 00 08 D4 B8 B8 64 F8 80 7D 22 00 .P......d..}".
    (94420 usec)
    <= 00 00 93 23 00 23 87 91 54 88 FF 02 00 00 46 0C ...#.#..T.....F.
    71 E4 C4 67 5B 71 CA 9D 7B 39 4C CD 90 00 q..g[q..{9L...
    Status: No Error
    jcshell: Error code: -5 (Authentication failed)
    _##try use GPShell_
    D:\Programming\Dongle_SCard\GlobalPlatform\GPShell-1.4.4>GPShell.exe helloInstallGP211.txt
    mode_211
    enable_trace
    enable_timer
    establish_context
    command time: 15 ms
    card_connect
    command time: 219 ms
    select -AID a000000003000000
    Command --> 00A4040008A000000003000000
    Wrapped command --> 00A4040008A000000003000000
    Response <-- 6F658408A000000003000000A5599F6501FF9F6E06405163452900734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040215650B06092B8510864864020103660C060A2B060104012A026E01029000
    command time: 202 ms
    open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f // Open secure channel
    Command --> 80CA006600
    Wrapped command --> 80CA006600
    Response <-- 664C734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040215650B06092B8510864864020103660C060A2B060104012A026E01029000
    Command --> 8050000008CDA19913D438CC9300
    Wrapped command --> 8050000008CDA19913D438CC9300
    Response <-- 00009323002330915488FF020000460C71E4C46792ACEBB71CE0D0739000
    mutual_authentication() returns 0x80302000 (The verification of the card cryptogram failed.)
    thanks

  • Remote Card Management System

    I want to develop a remote card management system.i developed the core such as applet loading,applet deleting,getting info of card,
    establishing secure chanel with SCP01 and SCP02 protocols.my final goal is to develop it in a manner that the application works in a network.maybe internet or local LAN.suppose that the readers are connected to client application and the server have the applet that should be loaded.my problem is How can i fetch the reader connected to client in a network.note that my application use SmartCardIO for connecting to the card.
    thanks
    Edited by: Alireza Firoozian on Dec 24, 2011 10:22 PM
    Edited by: Alireza Firoozian on Dec 24, 2011 10:22 PM

    hi,
    well there is no magic here. You'll have to do the hard work yourself.
    you'll have to either
    - invent a virtual smartcardio terminal that works across a network (I tried this once, it was awfully complex and it did not work properly at all)
    or
    - change you core API for a remote environment paradigm. Try not to think in "card terminal" terms.
    I assure you that this second option is far better, as you can optimize things to avoid useless round trips by grouping commands that do not depend on each other in network messages, for example.
    regards and good luck

  • Cryptographic operations with the Card Manager

    Hello,
    I'm new to smart card programming and could need a little help.
    Here is what I'm trying to do:
    First off, I don't want to develop a java applet, I want to use the functionality of the Card Manager (Issuer Security Domain) only. With the ISD, I'm trying to put a cryptographic key (e.g. RSA key pair) on the card and read it back afterwards. Is this generally possible?
    Also, can you do cryptographic operations (e.g. RSA signing) using only the ISD?
    It would help me a lot if somebody could give me some hints and, if it's possible, the sequence of APDU commands I have to send to the card.
    Thank you.

    misfire wrote:
    Hello,Hello.
    I'm new to smart card programming and could need a little help.
    Here is what I'm trying to do:
    First off, I don't want to develop a java applet, I want to use the functionality of the Card Manager (Issuer Security Domain) only. With the ISD, I'm trying to put a cryptographic key (e.g. RSA key pair) on the card and read it back afterwards. Is this generally possible?ISD has cryptographic capabilities. It is limited to secure channel protocol handling. DES for SCP02 and RSA for SCP10 plus RSA for DAP (data authentication pattern). You do not have the possibility to use it for something else. What you can do though is access the DES/RSA part of the ISD via an applet (GP API) to e.g. decrypt and encrypt data.
    Also, can you do cryptographic operations (e.g. RSA signing) using only the ISD?Yes, but only via an applet.
    It would help me a lot if somebody could give me some hints and, if it's possible, the sequence of APDU commands I have to send to the card.Check out the GP specifications: SCP02/GP API in GP2.1.1 and SCP10/GP API in GP2.2 .

  • Where is Card Manager ID "A000000003000000" being defined?

    Hi all,
    I'm newbie to Java Card technology, I'm wondering where is the Card Manager applet ID - A000000003000000 is defined? I read throught GlobalPlatform Card Spec _v2.2 and Sun's Java Card document, I didn't get answer..
    Thanks
    Michael

    Hi,
    That is the AID that was used by Visa for their OpenPlatform cards. It is by no means guaranteed to be the AID of the card manager for a given card. It is a kind of defacto standard that some card manufacturers still use but there are some that use a different AID (Gemalto and Mastercard for example).
    This is simply an AID that is made up of the Visa RID (A000000003) and an arbitrary PIX chosen by Visa (000000).
    Cheers,
    Shane

  • Upgrading Prime system (Card Management System)

    we have project for upgrading Prime system (Card Management System). As part of the business requirement, Prime system should update online Base24 with any cards updates (e.g. if new card is issued in prime, prime is to send this record to Base24 system at the same moment of the creation. If card status is changed in Prime to be lost or stolen, prime is to send this update to Base24).
    Current version of Prime in QIB is working on Informix database. The upgraded version will work on Oracle database. TSYS (the vendor of prime) told that Prime is a back office application. It cannot and is not supposed to interface with any other systems. Hence, they told that there aren’t any way to online update any other system.
    As new prime is working on Oracle database, we need your consultation if this online updates can be achieved through oracle by maybe triggering services or calls to Middleware services or API’s which can in turn update Base24 system.
    Regards
    IMTEYAZ

    RAID won't be of a benefit unless you have two identical hard drives. It is possible to use two different ones, but there are performance/size issues.
    The IDE2 and IDE3 ports support drives in a non-raid configuration.

  • Memory Card Manager Buttinski

    Every time I add a song to, or delete a song from my Shuffle, I get a message from the "Memory Card Manager" that says "Failed to locate supported file types or there are no photos found on this device." Everything works, mind you, but that noise and announcement each time is mighty annoying. Any suggestions?

    Mark, I am having the same issue, as my (just bought a few days ago) 4GB Nano is being recognized by my Dell Memory card manager as a memory card, and indicating "Failed to locate supported file types as there no photos found on the device." Same thing occurs whenever I disconnect and reconnect to the USB cable. I have already had my iPod Nano restored at the Apple Store, and have downloaded the newest 6.0.5 iTunes and 1.1.2 iPod software, so I should be good to go. I should also tell you that I have tested all the USB ports, and they are fine. iPod also runs ok on my other Dell Desktop computer, which isn't running with the same Dell Memory Card Manager software (Dell 964 Printer). Are there a portion of the Dell software related to the memory card functions only, or do I have to uninstall the entire software? How will that effect functionality of my 4 in 1 Dell printer? Thanks!
    Dell Desktop 8300   Windows XP Pro  
    Dell Desktop 8300   Windows XP Pro  
    Dell Desktop 8300   Windows XP Pro  
    Dell Desktop 8300   Windows XP Pro  

Maybe you are looking for