[Muscle] Impossible to crypt using MuscleTool
sferey
s.ferey at wanadoo.fr
Fri Mar 21 10:04:24 PDT 2008
Hi Amanda,
Great! I will check that log, and back soon with analysis.
Regarding the Get Challenge: a part of the response was in my comment
regarding the ACL.
The 8 bits of the internal security state are described as "strong
authentication" as opposed to the 8 lower bits that store PIN
verification results.
A "strong authentication" is symmetric key based and consists in a Get
Challenge, External Authenticate sequence (the terminal shall requests a
challenge and send it ciphered with a symm. key in the data field of a
subsequent External Auth. command).
But the 0.9.8 applet does not support such "strong authentication" !
meaning that both Get Challenge & External Auth commands return
"instruction not supported" '6D00'.
OOH, Get Challenge is not supposed to participate to any data encryption
/ decryption scheme. So you should not be worried about that
(unsupported) command.
Cheers,
Sylvain.
Amanda Ortega a écrit :
> The sequence of APDUS obtained through pcscd -fda to the same sequence
> of encrypt/decrypt is:
>
More information about the Muscle
mailing list