In order to thank you for all members' support of our website, we are holding new events - Getting Free Samples by Paying Freight only.
Want to get free samples? Please check this post for more details.

The APDU commands of using OpenKeyChain

This project implement the OpenPGP card functionality

Moderator: Ellisun

User avatar
JavaCardOS
Posts: 263
Joined: Thu Apr 30, 2015 12:00 pm
Points :2295
Contact:

The APDU commands of using OpenKeyChain

Post by JavaCardOS » Thu Feb 04, 2016 5:06 am

In the process of using OpenKeyChain application combined with OpenPGPApplet in A40CR card, the following APDU commands will be used:

1. Create Key:
In the process of create key,there are three key types to be imported, they are Signature Key, Decryption key and Authentication key.

Import Signature Key:

Code: Select all

//select applet 
00A4040006D2760001240100;
//verify command: verify the admin PIN(PW3)
00200083083132333435363738;
//import Signature Key 1/4, and the key type is "0xb6" , the tag of key type is used Digital signatures.
10DB3FFFFE4d8203a2b6007f48159103928180938180948180958180968180978201005f48820383010001e65262b69f40049c340ec0252f22c07222073bdf46bcd34328811216980c1b64635f95f92ff1e50934c56cb3a01bb4ee4501cea5ad1c6796d5a80a14f6eed56495889096bd6379561c16aad3793a336a592837d8ded1a89b546aaecc437dfd564444f2ea1b3a00fdb33217f163a376467409eed797682496a650c97ea6e37755f1f2089c66cff707fba2882180cbfb6281d10b06f3681f6f18fa75882bd6c9c6ff0518b355bab58bbab9003dce56f6d36a7fc92426934ba6fe95089d4d507b354af6f71fed0d4033cecb11a544b8661978d1d1190cf72252;
//import Signature Key 2/4 10DB3FFFFEbc2b99ad443833886168621a295230fea3c0b37c945370c6e9dc15264e4e7a00b04e0e4abd37ce11acd0c4418f43e22c60361ba9461823e4775bb30ef772abc05dd8a511deb3a67038e947924a8884b796547b3a5d1d7d98a645ee4b32f161306b0747b7a8739380f423019deeb3553daace824e4da500e02fad86954217aaeeb7284d45b633399483b30b022f3bc01b03560a12b2cca87751f5516119babd61464048d963526e6c3dc3e433033be0c09ef941aff71703b2d7cb46d4169d36ae70e3441d8902de29aab88c7879d20dd0cd3510748f403ee212e16c3063df152c8ef97452b0f1d58a16cbbbb2a0f1572daf74a8b4f372972d32e1a5306478;
//import Signature Key 3/4
10DB3FFFFEa71598aacf5b79d204a928bfb0c0f53235e7d33160d85c170ef5cfd286198cc1e1e6008df3ab224827cd056f2a42590cd2bf9b274b67753d1fa856c21b3d4cba49fa74d52b4ea3ad6f5ac8df946e72be7ed5649c4325203d53cdebd672ee1cefb2034e348abcfdbf9104e16a2aa2ccf03f40eaa425015149d3013f7576fcd90db3f7a7c252f15156f1d15e5eb9d55c983c017c2c17dbf478eb4f8c7125087739cc03b7f208e024dfdc01d9ad508e86579951b4d4f8495868552a9ce79ca626902e97225427cfb38baf59c2ba5c633770d6968b8244eb089045d4b93e8c33847a1ba496de8fe464f6f2fd9e16418b9bfa06afd4821e7be5d9b54327e49594;
//import Signature Key 4/4:
00DB3FFFacd032483656169db0b23d9867acf6d955439f88322709a13625851012696cf06d67d7aa89296ea2fd5bcf8f0668847c869ae3d0737946eab592680c4f0554d0ccd5742f9d8802ebe9edc44a2a67212e49a39728436e21e9bc6613b37b91f3478c4ec52c4ec0e86c74ead313727044e6976ad9842abf851f89bbc89e127db623e6e0222adffefd5956cea68501e0457a5735bbe210957819538183af98305cfd238ef9f109531a3a3e836452a5;
// putData command: Put Signature key generation date/time.
00DA00ce045690b153;
//putData command: Put Fingerprint signature key.
00DA00c714abf4f80da3a5296e7de6dd775aab33b0092244bb;


Import Decryption key:

Code: Select all

//importKey command 1/4: Import Decryption key,  and the tag of key type is "0xb8".
10DB3FFFFE4d8203a2b8007f48159103928180938180948180958180968180978201005f48820383010001d9c1799e5e7fe231c357458df0ea532b845498c5fa50ca56912ad21a4368f38b99ad82b885bc424b794a9d8f8795c4ecb0c664b3193ea45176351bc69da781e49b164f3ff0e5c291d4b90be0a16d9c84ec81ae238e8a9b7947ca868e3fbebe2f03b1314fb4292c62709d039761127d0d2e17fe6810a22a24f29dfb77223cdac7ecabd9697f3e43a544437c467053d31cb06ca4dd75de9d1c34839b034aa55bd9c25bac0dc54096cc7797a84b8d9b7d9da890e1696936c9d9e36755b679f24a31c7c20571a2ec926d559a604f5b8834cf8e7645451e0bc777;
//importKey command 2/4:  10DB3FFFFE8e040c64c2560ff69e334c1f89db56dd47bb1240e93f7bd951105287c2371abd1824303e37e0a4413eb7739424c95f48fb2f36cb19a724ae1abc5c65bd12b10a4d5d82fcf9b6fa156564bbd78ac689e4a52f0541087ab7b7d199e5556a2edd3e875bf99e94e911743fd52ce6ef427c227b25ffa15955d309f6009cdbfcaf21b3af112ce00ae6a2a6b0962107f48614a3eac9b807fe4a9815e7808ae608a3f445ac623f63de8b655a3bc11bde998ffe422998893daa1ea3340ddc29102ae080a5c0b03f777588174cf79ee5803d32abfe8a0a2fb2734266078d7ae3a742062e912c1ee6c05a02dd621e2cc1128ac881dc02c3c4be9f8db4a5c540d0c87115;
//importKey command 3/4: 10DB3FFFFE1814efde638e256ff2407482eb4533eb1882eae42b581f0b33c5aa206b6fa320dcefc6a4139d5d87d581e1349d8b4fb355f73b3fe44fbaaf6921d1977041f3d94333059d7db1e223fb84f8f6f67f9c055bf9708b756f7f6e4857ef80fd9daaaaa1e49e09447c8109d7240b6b4a76d98bb7c22644e204619af875d0a0264620d32099591fed132c016ceb459a96832450fd154f1e69be2eb5640a64a2dd85a57f7e0815a2c9ed4a8a8e81c9508948f89515bc5c56da0cc826d19ae79e0f8ed3df85a70aaa91ee8527b05a47d42f8dd509d964d410fade7e99ca791504ddefdfcc38b0d5c7ed80fdd75c205fdd9a0942971d08b08f3a5c178588b167d835fe;
//importKey command 4/4: 00DB3FFFacb1714207729ded6ab8f0d54fdd1761bc63bdbd400a104ac8314ce8b3e18e7dedd3a1ba0607eb6706e18ac2c8dfd6a8af84ab2b6fc18c24fb31cd84547296942aea8ad37a5664b46348bdb602a5e43fbc53a059d536e608b2bcf0a55b060d5d845e1d711cdd8c045e876ca342220e022d6f31228b593a9db5309a51ca0f35af36dff9efda4e0aaa2bb8d69361bf786825e4e9a645625c3ff0eb8e498785240e7f19e717538f8c7fa0dcbb0887;
//putData command: Put Decryption key generation date/time.
00DA00cf045690b153;
//putData command: Put the fingerprint decryption key.
00DA00c81404b902792828312915972ae263e0184090b7b621;


Import Authentication key:

Code: Select all

//importKey command 1/4:  Import Authentication key,  and the tag of key type is "0xa4".
10DB3FFFFE4d8203a2a4007f48159103928180938180948180958180968180978201005f48820383010001c337427f4766972a4e10707efb4414eaa981c37edec4eb5087b1720cdd5746822da5b28858bdd7eb0742a096fcdb788f93740fd10add17c7835e416b40dd93afc7caff404c0cde96583e2fdf6fdb3717ac0c7cf84fe943f3d4ea91c6f17e201aa631754d22a0c27681fad01cfe55e46211110c4db0521dd664038481581b5df3e12c9d0a3441bd0202bd603da4c897b43c1f6dee80e65de64b3c74623fe373c80cdd18516f4f636c26a637bff68ad8e153c5e7b8cd05509794b0d5fb2a4bdaf880b3453af34d79635f71b8696ae194c0bf3a5a8ff0a21bd8;
////importKey command 2/4: 10DB3FFFFE4d9b0e2435d4a25bc8c609f17798755e7a1547cdff79d11779ec876e9edc1e8a9d1e2bd083897ec91bedd227c3ee3d2e23351512102135cd9707fa721491f9b2bf4b00d4485239c37c5c3a8e5c6855f7a7fda468bbb5548628c494d9a31e18a8fd4ed500ed571ad3101dd1587b98a1e93bfda978c38b77e1715a54099675b99bd29bd2b8ae5995096cbc468c8485bcce9b6e308c810fce35457c66cbfd97713b502ff33c593eadc70c95033430e5ebd84e2fc1106e217537aab532647af736337a8b754e5ef5c115a2db8b263e91fdd8a81f233a98118d33b3cd4737b1fb8e0ccdeac54ca461a3a330bd64b6403094281c87e58e01279fe566b1675c99c9;
//importKey command 3/4: 10DB3FFFFEef174821d6437c4d24c492f19d1ddb9d80eb227587f4567032c81f5179f987e3c3088e69aba0aa8d19013d59aa6fdd4d0bf2404cd8abf2f9b45ba705e92dd270f1a48d5b2b5a998d9f3e22431b1d14f6cc5feb27de88aee3a5b3bedf6d032cd905dc46e6e766475fe389518786954935129dc0a37b5b3d83b8c3cb565ad65cf9ce1c61089e11bf98efa3925062e52770a289db397116ef448173a4048de1d5e6a36ba0e3578cb849fe01abb596b1f76b72ebf00803652996529c7457115a86d9d69214073d664fff4377728f03ea8be12e65604c70db74a65da257cf604eef54091ce5d4cbbbaca39f2a9d0a9ccb9e5fd695aa23e3610102b3173308311d;
//importKey command 4/4:
00DB3FFFacc60a4ddc62cd7aee618c901f60927683bf6273cde9b362ae743ae0d46d0192c213a5598699889d38a37e9186298355658bec7ec3a700b74cc041a2570e150fdf68663d1bfe048c904f10599896d7e3ed912e96dfc259f4888287cc074d2c2dc45500060e7b1adae969b83d5a59b7e83e326fa4264f265d6881c3a1c246b45d6f70392f1365e4a35992170aa923924fecfcc20f3e4c93f0c9a73bf813f1b61da0a6f7e2f393c7011445c55dcb;
//putdata command: Put the data of authentication key generation date/time.
00DA00d0045690b153;
//putData command: Put Fingerprint authentication key.
00DA00c914d32782bc4a3e937e8d278fe180d52375907fb3f3;

// changeReferenceData command: Change the user PIN(PW1).
002400810c313233343536313437323538;
//changeReferenceData command: Change the admin PIN(PW3).
002400831031323334353637383631363036353831;


2. View the created key and its detailed information.

Code: Select all

//select applet
00A4040006D2760001240100;
//GetData command: Get the Cardholder Related Data.
00CA006500;


3. Encrypt/decrypt files:

Encrypt file:

Code: Select all

//select applet
00A4040006D2760001240100;
//verify command: Verify the user PIN(PW1).
0020008106313437323538;
// computeDigitalSignature command: Sign the data provided using the key for digital signatures.
002A9E9A533051300D060960864801650304020305000440f686388c89c5310d63ae0d611e44b817598a02747bd20e199977727dc42141c43f3d0bdf137d1079cd376a1077e6ce5ecfaceb4ac03f25b5191950ad264082c200;


Decrypt File:

Code: Select all

//select applet
00A4040006D2760001240100;
//verify command: Verify the user PIN(PW1).
0020008206313437323538;
//decipher command 1/2: Decrypt one file.
102a8086feff518f11fc40c63d4dec48595b5a3ecc66ea350f727bf0471cd7b6e366c487193343e715b98f81fcc33d6024902ec572d996db243af5114b564a7fdce1902fd02db32b17e7bc8d3ae0ec5dc717f4b0f94c86d619fabf22e10b1e4004cf96a9061257def95402bd4e76d8e096c2fa59ff585067fd3171302d0db42a115ece7ef2d07a5933aec24bdbcfa0f0a6476591e2645475d72dc9d31997a9526f737000ea5deae6178b20ddc5e7f7a946b11fe16689b0c70f241ac92774f0787f8c817c20038a0992e99f5bc245206540c4b97625e8f690ae7f38da7943e97ee315604e58e2fb2bd3cfb3809945b3592500d2703935a093879604ee180e5ec533058a;
//decipher command 2/2:
 002a80860358f27300;

Who is online

Users browsing this forum: No registered users and 1 guest

JavaCard OS : Disclaimer