Announce two new product: SmartCard Reader Rockey200 and USB2.0 Extension Cable

ROCKEY 200 is a handy and portable USB Smart Card reader that can perform read/write operations on any ISO 7816-1/2/3/4 smart cards which are compatible with protocol T=0 and T=1.

USB2.0 Extension Cable With high speed USB 2.0 devices such as USB token ,USB Card Reader and so on.

Come to try it now!

BAC problem on reading the data.

Passport Applet

Moderator: Ellisun

t0mkaka
Posts: 1
Joined: Tue May 10, 2016 2:43 am
Points: 18
Contact:

BAC problem on reading the data.

Postby t0mkaka » Wed May 11, 2016 4:22 am

Hi,

I am new to working with the passport applet but here is what I have done.

1. I downloaded the passport applet from http://javacardos.com/tools/passport.html and uploaded it and installed it on the JavaCard that I have.

2. Now from the above page I went to step 2. to create a passport. I entered the information like, Name, Country, Portrait, DOB,DOE, etc. and then genreated AA keys, upload the passport with my Card Encoder and saved it. Now there is no feedback that the card is encoded. Anyways due to no feedback I assume that the card is encoded.

3. Now I closed the whole application and started the JMRTD application again for reading as told in Step 3. But only a blank screen with BAC columns appear which is the first screen of JMRTD application. I add the BAC params that I had encoded earlier.

But now when I start the application there is no output of anything wrong / right.

I tried other passport readers and when they read they show that wrong BAC entered.
How can I read the passport from the tools page of this forum. Are there any more steps.
Please, any help is gratefully received.

User avatar
UNKNwYSHSA
Posts: 628
Joined: Thu May 21, 2015 4:05 am
Points: 2979
Contact:

Re: BAC problem on reading the data.

Postby UNKNwYSHSA » Wed May 11, 2016 5:16 am

1 You can open the APDU trace Window. All apdus the program sent to your card are traced here. You can use it to ensure that the passport is uploaded success or not. The last APDU command shall be "00 DA DE AD" and reponse shall be "9000" when passport uploaded.
Open APDU trace window: Main Window -> menu Tools -> Preferences ... -> tab Terminals -> APDU Tracing -> Check the checkbox Trace APDUs -> OK.
open_apdus_trace.png

2 I don't know what is the "Card Encoder"? What's its function(s)?

Waiting for your APDUs log.
You do not have the required permissions to view the files attached to this post. Please login first.
sense and simplicity

k0v4csistv4n
Posts: 7
Joined: Fri Oct 28, 2016 2:59 pm
Points: 66
Contact:

Re: BAC problem on reading the data.

Postby k0v4csistv4n » Wed Nov 23, 2016 5:50 pm

Hi Everybody,

I Have a little problem with the epassport applet personalization.

I run the Applet on JCIDE and then I Install and select the applet from pyapdotool.

Connect successful.
Select CardManager begin...
Select CardManager successful.
Download Cap begin...
Download Cap error: Download cap file failed. Send: 80 E6 02 00 0B 06 A0 00 00 02 47 10 00 00 00 00 01, Recv: 69 85.
Install Applet begin...
Install Applet successful.
Select Applet begin...
Select Applet successful.
Disconnect successful.

(Download was fail, because the applet was downloaded by JCIDE before... - I think)

Then I try to upload the passport data from JMRTD.

But I have an error:

>> 00 A4 04 0C 07 A0 00 00 02 47 10 01
<< 90 00

>> 00 DA 00 62 1D 62 1B 04 09 31 32 33 34 35 36 37 38 39 04 06 38 30 31 31 32 33 04 06 32 36 31 31 32 33
<< 6F 00

Anybody have an idea how I can solve this problem?

I created the AA key and EAC key. I need more to do before the download? (PKI keys, or other things?)

or:

How I can save this data to bin files and upload the card with apdu commands or with gpshell or any other tools?

Summarize: How I can personalize this virtual card? It is possible?

Thanks your suggestions!

I.

User avatar
mabel
Posts: 219
Joined: Mon May 18, 2015 3:09 am
Points: 1513
Contact:

Re: BAC problem on reading the data.

Postby mabel » Wed Nov 23, 2016 11:03 pm

k0v4csistv4n wrote:Hi Everybody,

I Have a little problem with the epassport applet personalization.

I run the Applet on JCIDE and then I Install and select the applet from pyapdotool.

Connect successful.
Select CardManager begin...
Select CardManager successful.
Download Cap begin...
Download Cap error: Download cap file failed. Send: 80 E6 02 00 0B 06 A0 00 00 02 47 10 00 00 00 00 01, Recv: 69 85.
Install Applet begin...
Install Applet successful.
Select Applet begin...
Select Applet successful.
Disconnect successful.

(Download was fail, because the applet was downloaded by JCIDE before... - I think)

Then I try to upload the passport data from JMRTD.

But I have an error:

>> 00 A4 04 0C 07 A0 00 00 02 47 10 01
<< 90 00

>> 00 DA 00 62 1D 62 1B 04 09 31 32 33 34 35 36 37 38 39 04 06 38 30 31 31 32 33 04 06 32 36 31 31 32 33
<< 6F 00

Anybody have an idea how I can solve this problem?

I created the AA key and EAC key. I need more to do before the download? (PKI keys, or other things?)

or:

How I can save this data to bin files and upload the card with apdu commands or with gpshell or any other tools?

Summarize: How I can personalize this virtual card? It is possible?

Thanks your suggestions!

I.


Have you already solved this problem?

User avatar
UNKNwYSHSA
Posts: 628
Joined: Thu May 21, 2015 4:05 am
Points: 2979
Contact:

Re: BAC problem on reading the data.

Postby UNKNwYSHSA » Wed Nov 23, 2016 11:03 pm

I had test this problem.
Connect your card with protocol T=1. And the command will successfully completed.
Maybe the applet is written for protocol T=1.
sense and simplicity

k0v4csistv4n
Posts: 7
Joined: Fri Oct 28, 2016 2:59 pm
Points: 66
Contact:

Re: BAC problem on reading the data.

Postby k0v4csistv4n » Thu Nov 24, 2016 7:24 am

UNKNwYSHSA wrote:I had test this problem.
Connect your card with protocol T=1. And the command will successfully completed.
Maybe the applet is written for protocol T=1.


Hmmmm.....

Now run the upload successfully..... (but I don't understand why...)

thenks the help...

k0v4csistv4n
Posts: 7
Joined: Fri Oct 28, 2016 2:59 pm
Points: 66
Contact:

Re: BAC problem on reading the data.

Postby k0v4csistv4n » Thu Nov 24, 2016 8:06 am

The passport is very nice now but when I try to upload then I got some error:

Code: Select all

>> 00 A4 04 0C 07 A0 00 00 02 47 10 01
<< 90 00

>> 00 A4 02 0C 02 01 1E
<< 6A 82

>> 00 A4 04 0C 07 A0 00 00 02 47 10 01
<< 90 00

>> 00 84 00 00 08
<< 69 82

>> 00 82 00 00 28 A2 3E 5E 9D 83 C4 8C 70 E0 8F 2D 3E BD 6E C1 78 E9 FC DB 7F FB 1B 78 A8 6F 82 81 B5 92 97 A0 95 15 7D 23 D3 E3 23 C5 29
<< 69 82

>> 00 82 00 00 28 A2 3E 5E 9D 83 C4 8C 70 E0 8F 2D 3E BD 6E C1 78 E9 FC DB 7F FB 1B 78 A8 6F 82 81 B5 92 97 A0 95 15 7D 23 D3 E3 23 C5 29
<< 69 82

>> 00 DA 00 62 1D 62 1B 04 09 31 32 33 34 35 36 37 38 39 04 06 31 36 31 31 32 34 04 06 31 36 31 31 32 34
<< 6F 00


after this all the command was successfull and the end I see the DEAD.

Code: Select all

>> 00 D6 00 00 16 60 14 5F 01 04 30 31 30 37 5F 36 06 30 34 30 30 30 30 5C 02 61 75
<< 90 00

>> 00 DA DE AD
<< 90 00


When I try to testing the BAC the process is stopped here (in GET CHALLENGE function)

Code: Select all

           if (!hasMutualAuthenticationKeys() || hasMutuallyAuthenticated()) {
                ISOException.throwIt(SW_SECURITY_STATUS_NOT_SATISFIED);
            }


Any idea, how can I fix this error?

I try to understand what happened here, but not clear for me what checked here.

If I remove the "!" before the hasMutualAuthenticationKeys() then the process will hang up when I try to extend authentication.

User avatar
UNKNwYSHSA
Posts: 628
Joined: Thu May 21, 2015 4:05 am
Points: 2979
Contact:

Re: BAC problem on reading the data.

Postby UNKNwYSHSA » Thu Nov 24, 2016 10:38 pm

k0v4csistv4n wrote:
UNKNwYSHSA wrote:I had test this problem.
Connect your card with protocol T=1. And the command will successfully completed.
Maybe the applet is written for protocol T=1.


Hmmmm.....

Now run the upload successfully..... (but I don't understand why...)

thenks the help...


When using T=0, the command header (5 bytes) are received. But data field bytes not received.
So the tlv data parse failed.
Then the exception 0x6F00 raised.
When using T=1, the IFSC normally (depend on parameters of each card) is APDU buffer size, it is greater than command size, So the receive process not needed.

If you want to use T=0, you have to code for data field bytes receive (Use api method apdu.setIncomingAndReceive() and apdu.receiveBytes()), then parse data after all data bytes received.
Use T=1 is the simplest.

To implement command data receive function, see JavaCard API specification vx.x.x -> class APDU.
sense and simplicity

User avatar
UNKNwYSHSA
Posts: 628
Joined: Thu May 21, 2015 4:05 am
Points: 2979
Contact:

Re: BAC problem on reading the data.

Postby UNKNwYSHSA » Fri Nov 25, 2016 1:54 am

k0v4csistv4n wrote:The passport is very nice now but when I try to upload then I got some error:

Code: Select all

>> 00 A4 04 0C 07 A0 00 00 02 47 10 01
<< 90 00

>> 00 A4 02 0C 02 01 1E
<< 6A 82

>> 00 A4 04 0C 07 A0 00 00 02 47 10 01
<< 90 00

>> 00 84 00 00 08
<< 69 82

>> 00 82 00 00 28 A2 3E 5E 9D 83 C4 8C 70 E0 8F 2D 3E BD 6E C1 78 E9 FC DB 7F FB 1B 78 A8 6F 82 81 B5 92 97 A0 95 15 7D 23 D3 E3 23 C5 29
<< 69 82

>> 00 82 00 00 28 A2 3E 5E 9D 83 C4 8C 70 E0 8F 2D 3E BD 6E C1 78 E9 FC DB 7F FB 1B 78 A8 6F 82 81 B5 92 97 A0 95 15 7D 23 D3 E3 23 C5 29
<< 69 82

>> 00 DA 00 62 1D 62 1B 04 09 31 32 33 34 35 36 37 38 39 04 06 31 36 31 31 32 34 04 06 31 36 31 31 32 34
<< 6F 00


after this all the command was successfull and the end I see the DEAD.

Code: Select all

>> 00 D6 00 00 16 60 14 5F 01 04 30 31 30 37 5F 36 06 30 34 30 30 30 30 5C 02 61 75
<< 90 00

>> 00 DA DE AD
<< 90 00


When I try to testing the BAC the process is stopped here (in GET CHALLENGE function)

Code: Select all

           if (!hasMutualAuthenticationKeys() || hasMutuallyAuthenticated()) {
                ISOException.throwIt(SW_SECURITY_STATUS_NOT_SATISFIED);
            }


Any idea, how can I fix this error?

I try to understand what happened here, but not clear for me what checked here.

If I remove the "!" before the hasMutualAuthenticationKeys() then the process will hang up when I try to extend authentication.


First log block:
1 SELECT APPLET: passed;
2 SELECT FILE: failed;
3 GET CHALLENGE: failed;
4 EXT AUTH: failed;
5 EXT AUTH: failed;
All OK, because the passport is not uploaded, that means the passport applet is not personalized.

// Upload passport begin ...
6 PUT DATA...: failed;
This command personalize the BAC data (doc number, birthday, expireday), the applet don't know the BAC data, then applet unable to execute BAC auth.

So you need take attention to this command.
And We already discusses this problem right now, Use T=1 please!
Maybe you need to set your card ATR to support T=1 only.
sense and simplicity

k0v4csistv4n
Posts: 7
Joined: Fri Oct 28, 2016 2:59 pm
Points: 66
Contact:

Re: BAC problem on reading the data.

Postby k0v4csistv4n » Sat Nov 26, 2016 12:44 pm

Hi UNKNwYSHSA!

Thanks man, I solved this problem. The apdu.getBuffer() was wrong. But I set the simulator to force use T=1 mode and voila, everything is works now.
I can personalised the epassport succesfully with jmrtd.

I try to verify BAC with openscdp scripts and RFiDiOT mrpkey.py but it was unsuccesfull at this time (but this is another story)

Thanks again.

Regards!


Return to “PassportApplet”

Who is online

Users browsing this forum: No registered users and 1 guest

JavaCard OS : Disclaimer