096-098.html

Smart Card Developer s Kit, a smart card manual for development, English

<!-- Edit EirGrabber 3.01 -->
<HTML>
<HEAD>


<TITLE>Smart Card Developer's Kit:The Schlumberger Multiflex Smart Card</TITLE>





<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="094-096.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="099-100.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<P>The two cryptographic key files, 0001<SUB>16</SUB> and 0011<SUB>16</SUB>, both have the structure given in Table 5.12.</P>
<TABLE WIDTH="100%"><CAPTION ALIGN=LEFT><B>Table 5.12.</B> Format of internal and external authentication key files.
<TR>
<TH WIDTH="15%" ALIGN="LEFT" VALIGN="BOTTOM">Byte Number
<TH WIDTH="23%" ALIGN="LEFT" VALIGN="BOTTOM">Description
<TH WIDTH="15%" ALIGN="LEFT" VALIGN="BOTTOM">Sample Values
<TH WIDTH="25%" ALIGN="LEFT">Interpretation of Sample Values
<TH WIDTH="22%" ALIGN="LEFT" VALIGN="BOTTOM">Comment
<TR>
<TD COLSPAN="5"><HR>
<TR>
<TD>1
<TD>Unused
<TD>
<TD>
<TD>
<TR>
<TD VALIGN="TOP">2
<TD VALIGN="TOP">Length of key 0
<TD VALIGN="TOP">8<SUB>16</SUB>
<TD VALIGN="TOP">Key 0 is 8 bytes long.
<TD>Cryptographic keys can be from 1 to 255 bytes long.
<TR>
<TD VALIGN="TOP">3
<TD>Algorithm for key 0
<TD VALIGN="TOP">0<SUB>16</SUB>
<TD VALIGN="TOP">Use DES with key 0.
<TD>
<TR>
<TD VALIGN="TOP">4-11
<TD VALIGN="TOP">Key 0
<TD>FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB>
<TD>
<TD>
<TR>
<TD VALIGN="TOP">12
<TD VALIGN="TOP">Maximum attempts for key 0
<TD VALIGN="TOP">03<SUB>16</SUB>
<TD>Block key after three successive failed attempts.
<TD>
<TR>
<TD VALIGN="TOP">13
<TD VALIGN="TOP">Remaining attempts for key 0
<TD VALIGN="TOP">03<SUB>16</SUB>
<TD>There are three failures left before the key is blocked.
<TD>
<TR>
<TD>14
<TD>Length of key 1
<TD>8<SUB>16</SUB>
<TD>Key 1 is 8 bytes long.
<TD>
<TR>
<TD VALIGN="TOP">15
<TD>Algorithm for key 1
<TD VALIGN="TOP">0<SUB>16</SUB>
<TD VALIGN="TOP">Use DES with key 1.
<TD>
<TR>
<TD VALIGN="TOP">16-23
<TD VALIGN="TOP">Key 1
<TD>47<SUB>16</SUB> 46<SUB>16</SUB> 58<SUB>16</SUB> 49<SUB>16</SUB> 32<SUB>16</SUB> 56<SUB>16</SUB> 78<SUB>16</SUB> 40<SUB>16</SUB>
<TD>
<TD>
<TR>
<TD VALIGN="TOP">24
<TD VALIGN="TOP">Maximum attempts for key 1
<TD VALIGN="TOP">03<SUB>16</SUB>
<TD>Block key after three sequential failed attempts.
<TD>
<TR>
<TD VALIGN="TOP">25
<TD VALIGN="TOP">Remaining attempts for key 1
<TD VALIGN="TOP">03<SUB>16</SUB>
<TD>There are three failures left before the key is blocked.
<TD>
<TR>
<TD>26
<TD>Length of key 2
<TD>8<SUB>16</SUB>
<TD>Key 2 is 8 bytes long.
<TD>
<TR>
<TD VALIGN="TOP">27
<TD>Algorithm for key 2
<TD VALIGN="TOP">0<SUB>16</SUB>
<TD VALIGN="TOP">Use DES with key 2.
<TD>
<TR>
<TD VALIGN="TOP">28-35
<TD VALIGN="TOP">Key 2
<TD>FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB> FF<SUB>16</SUB>
<TD>
<TD>
<TR>
<TD VALIGN="TOP">36
<TD VALIGN="TOP">Maximum attempts for key 2
<TD VALIGN="TOP">03<SUB>16</SUB>
<TD>Block key after three sequential failed attempts.
<TD>
<TR>
<TD VALIGN="TOP">37
<TD VALIGN="TOP">Remaining attempts for key 2
<TD VALIGN="TOP">03<SUB>16</SUB>
<TD>There are three failures left before the key is blocked.
<TD>
<TR>
<TD VALIGN="TOP">38
<TD VALIGN="TOP">Flag for last key
<TD VALIGN="TOP">0<SUB>16</SUB>
<TD>There are more keys in this file.
<TD>
<TR>
<TD COLSPAN="5"><HR>
</TABLE>
<P>Even though you can&#146;t read what&#146;s in 0011<SUB>16</SUB>, we will tell you that the content of the transport key file of your Multiflex card is exactly what is in the Sample Values column in Table 5.12. In other words, cryptographic key 1 for the root directory of your 3K Multiflex card is</P>
<P>47<SUB>16</SUB> 46<SUB>16</SUB> 58<SUB>16</SUB> 49<SUB>16</SUB> 32<SUB>16</SUB> 56<SUB>16</SUB> 78<SUB>16</SUB> 40<SUB>16</SUB></P>
<H4 ALIGN="LEFT"><A NAME="Heading7"></A><FONT COLOR="#000077">Creating a PIN File and Updating the External Authentication Key File</FONT></H4>
<P>Adding a PIN file to the Multiflex card will require us to use the <TT>Create File</TT> command in the root directory, and this in turn requires Authenticated privileges, so we will have to start out by authenticating ourselves. Since we don&#146;t think there are any malicious hackers lurking on the serial connection between our laptop and the smart card reader, we will use the <TT>Verify Key</TT> command rather than the <TT>External Authentication</TT> command to achieve authenticated status on the card.</P>
<P>With the <TT>Verify Key</TT> command, we give the key number in the external authentication file that we want to use to authenticate ourselves to the card along with the key itself. Here&#146;s the <TT>Verify Key</TT> command that is sent to the card to achieve Authenticated status:</P>
<TABLE WIDTH="100%"><TR>
<TH WIDTH="11%" ALIGN="LEFT">CLS
<TH WIDTH="11%" ALIGN="LEFT">INS
<TH WIDTH="11%" ALIGN="LEFT">P1
<TH WIDTH="21%" ALIGN="LEFT">Key Number
<TH WIDTH="21%" ALIGN="LEFT">Key Length
<TH WIDTH="25%" ALIGN="LEFT">Key
<TR>
<TD COLSPAN="6"><HR>
<TR>
<TD>F0<SUB>16</SUB>
<TD>2A<SUB>16</SUB>
<TD>00<SUB>16</SUB>
<TD>01<SUB>16</SUB>
<TD>08<SUB>16</SUB>
<TD>47<SUB>16</SUB> 46<SUB>16</SUB>
<TR>
<TD>
<TD>
<TD>
<TD>
<TD>
<TD>58<SUB>16</SUB> 49<SUB>16</SUB>
<TR>
<TD>
<TD>
<TD>
<TD>
<TD>
<TD>32<SUB>16</SUB> 56<SUB>16</SUB>
<TR>
<TD>
<TD>
<TD>
<TD>
<TD>
<TD>78<SUB>16</SUB> 40<SUB>16</SUB>
</TABLE>
<P>The card responds with
</P>
<P>90<SUB>16</SUB> 00<SUB>16</SUB></P>
<P>so we know we have successfully logged in.</P>
<P>Now we issue the <TT>Create File</TT> command to actually create the PIN file:</P>
<TABLE WIDTH="100%"><TR>
<TH WIDTH="10%" ALIGN="LEFT" VALIGN="BOTTOM">CLS
<TH WIDTH="10%" ALIGN="LEFT" VALIGN="BOTTOM">INS
<TH WIDTH="15%" ALIGN="LEFT" VALIGN="BOTTOM">Initialize
<TH WIDTH="12%" ALIGN="LEFT">No. of Recs
<TH WIDTH="13%" ALIGN="LEFT">Data Length
<TH WIDTH="20%" ALIGN="LEFT" VALIGN="BOTTOM">Unused
<TH WIDTH="20%" ALIGN="LEFT" VALIGN="BOTTOM">Size
<TR>
<TD COLSPAN="7"><HR>
<TR>
<TD>F0<SUB>16</SUB>
<TD>E0<SUB>16</SUB>
<TD>00<SUB>16</SUB>
<TD>FF<SUB>16</SUB>
<TD>10<SUB>16</SUB>
<TD>FFFF<SUB>16</SUB>
<TD>0017<SUB>16</SUB>
</TABLE>
<TABLE WIDTH="100%">
<TR>
<TH WIDTH="15%" ALIGN="LEFT" VALIGN="BOTTOM">FID
<TH WIDTH="15%" ALIGN="LEFT" VALIGN="BOTTOM">File Type
<TH WIDTH="15%" ALIGN="LEFT">Access Levels
<TH WIDTH="15%" ALIGN="LEFT" VALIGN="BOTTOM">Status
<TH WIDTH="15%" ALIGN="LEFT" VALIGN="BOTTOM">Length
<TH WIDTH="25%" ALIGN="LEFT" VALIGN="BOTTOM">Access Keys
<TR>
<TD COLSPAN="6"><HR>
<TR>
<TD>0000<SUB>16</SUB>
<TD>01<SUB>16</SUB>
<TD>3<SUB>16</SUB>F<SUB>16</SUB>4<SUB>16</SUB>
<TD>01<SUB>16</SUB>
<TD>03<SUB>16</SUB>
<TD>1<SUB>16</SUB>1<SUB>16</SUB>F<SUB>16</SUB>
<TR>
<TD>
<TD>
<TD>4<SUB>16</SUB>F<SUB>16</SUB>F<SUB>16</SUB>
<TD>
<TD>
<TD>F<SUB>16</SUB>1<SUB>16</SUB>1<SUB>16</SUB>
<TR>
<TD>
<TD>
<TD>4<SUB>16</SUB>4<SUB>16</SUB>
<TD>
<TD>
<TD>
</TABLE>
<P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="094-096.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="099-100.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>





</BODY>
</HTML>