Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision | ||
public:smartcard:yubikey [2016-01-23 09:44] – petrs | public:smartcard:yubikey [2016-01-23 15:48] – petrs | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Yubikey ====== | ====== Yubikey ====== | ||
- | * Types: Yubikey 4, Yubikey 4 Nano, Yubikey Nano | + | * Types: Yubikey 4, Yubikey 4 Nano, Yubikey Nano (obatined from amazon 01/2016) |
- | * Switch to CCID mode: Yubikey Neo Manager | + | * https:// |
- | * process | + | * Switch to CCID mode |
+ | * Yubikey Neo Manager | ||
+ | * Yubikey Neo is no more shipped with developer keys | ||
+ | * https:// | ||
+ | * " | ||
+ | * Yubikey 4 is not JavaCard at all (probably) | ||
===== GPShell upload ===== | ===== GPShell upload ===== | ||
Line 9: | Line 14: | ||
Upload JavaCard applet via GPShell. Used script: | Upload JavaCard applet via GPShell. Used script: | ||
- | <code yubikeyinstall.txt> | + | < |
mode_211 | mode_211 | ||
enable_trace | enable_trace | ||
Line 22: | Line 27: | ||
card_disconnect | card_disconnect | ||
release_context | release_context | ||
- | < | + | </code> |
- | < | + | Resulting trace with cryptogram verification failed error: |
+ | < | ||
> | > | ||
mode_211 | mode_211 | ||
Line 50: | Line 56: | ||
ram failed.) | ram failed.) | ||
</ | </ | ||
+ | |||
+ | <code c> | ||
+ | > | ||
+ | mode_211 | ||
+ | enable_trace | ||
+ | establish_context | ||
+ | card_connect | ||
+ | * reader name Yubico Yubikey 4 CCID 0 | ||
+ | select -AID a000000003000000 | ||
+ | Command --> 00A4040008A000000003000000 | ||
+ | Wrapped command --> 00A4040008A000000003000000 | ||
+ | Response <-- 6A82 | ||
+ | select_application() returns 0x80216A82 (6A82: The application to be selected co | ||
+ | uld not be found.) | ||
+ | </ | ||
+ | |||
+ | ===== GlobalPlatformPro ===== | ||
+ | |||
+ | Used tool: GlobalPlatformPro by Martin Paljak https:// | ||
+ | |||
+ | |||
+ | ==== Obtain CPLC info ==== | ||
+ | |||
+ | <code c> | ||
+ | >gp -info -verbose | ||
+ | Reader: Yubico Yubikey NEO CCID 0 | ||
+ | ATR: 3BFC1300008131FE15597562696B65794E454F7233E1 | ||
+ | More information about your card: | ||
+ | http:// | ||
+ | E454F7233E1 | ||
+ | |||
+ | Auto-detected ISD AID: A000000003000000 | ||
+ | ***** Card info: | ||
+ | Card CPLC: | ||
+ | ICFabricator: | ||
+ | ICType: 5168 | ||
+ | OperatingSystemID: | ||
+ | OperatingSystemReleaseDate: | ||
+ | OperatingSystemReleaseLevel: | ||
+ | ICFabricationDate: | ||
+ | ICSerialNumber: | ||
+ | ICBatchIdentifier: | ||
+ | ICModuleFabricator: | ||
+ | ICModulePackagingDate: | ||
+ | ICCManufacturer: | ||
+ | ICEmbeddingDate: | ||
+ | ICPrePersonalizer: | ||
+ | ICPrePersonalizationEquipmentDate: | ||
+ | ICPrePersonalizationEquipmentID: | ||
+ | ICPersonalizer: | ||
+ | ICPersonalizationDate: | ||
+ | ICPersonalizationEquipmentID: | ||
+ | ***** CARD DATA | ||
+ | GlobalPlatform card | ||
+ | Version: 2.1.1 | ||
+ | TAG3: 1.2.840.114283.3 | ||
+ | SCP version: SCP_02_55 | ||
+ | TAG5: 1.3.656.840.100.2.1.3 | ||
+ | TAG6: 1.3.6.1.4.1.42.2.110.1.2 | ||
+ | ***** KEY INFO | ||
+ | VER:2 ID:1 TYPE:DES3 LEN:16 | ||
+ | VER:2 ID:2 TYPE:DES3 LEN:16 | ||
+ | VER:2 ID:3 TYPE:DES3 LEN:16 | ||
+ | </ | ||
+ | |||
+ | <code c> | ||
+ | >gp -info -verbose | ||
+ | Reader: Yubico Yubikey 4 CCID 0 | ||
+ | ATR: 3BF81300008131FE15597562696B657934D4 | ||
+ | More information about your card: | ||
+ | http:// | ||
+ | 4D4 | ||
+ | |||
+ | ***** Card info: | ||
+ | GET DATA(CPLC) returned SW: 6D00 | ||
+ | NO CPLC | ||
+ | ***** CARD DATA | ||
+ | NO CARD DATA | ||
+ | ***** KEY INFO | ||
+ | GET DATA(Key Information Template) not supported | ||
+ | </ | ||
+ | |||
+ | ==== List applets ==== | ||
+ | |||
+ | List applets (gp -list -verbose). Note that same result optioned with -emv option: | ||
+ | <code c> | ||
+ | >gp -list -verbose | ||
+ | Reader: Yubico Yubikey NEO CCID 0 | ||
+ | ATR: 3BFC1300008131FE15597562696B65794E454F7233E1 | ||
+ | More information about your card: | ||
+ | http:// | ||
+ | E454F7233E1 | ||
+ | |||
+ | Auto-detected ISD AID: A000000003000000 | ||
+ | Host challenge: 502D016B551CC8B5 | ||
+ | Card challenge: 0002C7333C9DE8A3 | ||
+ | Card reports SCP02 with version 2 keys | ||
+ | Master keys: | ||
+ | Version 0 | ||
+ | ENC: Ver:0 ID:0 Type:DES3 Len:16 Value: | ||
+ | MAC: Ver:0 ID:0 Type:DES3 Len:16 Value: | ||
+ | KEK: Ver:0 ID:0 Type:DES3 Len:16 Value: | ||
+ | Sequnce counter: 0002 | ||
+ | Derived session keys: | ||
+ | Version 0 | ||
+ | ENC: Ver:0 ID:0 Type:DES3 Len:16 Value: | ||
+ | MAC: Ver:0 ID:0 Type:DES3 Len:16 Value: | ||
+ | KEK: Ver:0 ID:0 Type:DES3 Len:16 Value: | ||
+ | openkms.gp.GPException: | ||
+ | Card: C0F743CBF8907B77 | ||
+ | Host: 851B1DA65E331000 | ||
+ | !!! DO NOT RE-TRY THE SAME COMMAND/ | ||
+ | at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java: | ||
+ | |||
+ | at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java: | ||
+ | at openkms.gp.GPTool.main(GPTool.java: | ||
+ | </ | ||
+ | |||
+ | <code c> | ||
+ | >gp -list -verbose | ||
+ | Reader: Yubico Yubikey 4 U2F+CCID 0 | ||
+ | ATR: 3BF81300008131FE15597562696B657934D4 | ||
+ | More information about your card: | ||
+ | http:// | ||
+ | 4D4 | ||
+ | |||
+ | Exception in thread " | ||
+ | at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java: | ||
+ | at openkms.gp.GPTool.main(GPTool.java: | ||
+ | |||
+ | </ | ||
+ | |||
| |