Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Last revisionBoth sides next revision
public:smartcard:yubikey [2016-01-23 09:44] petrspublic:smartcard:yubikey [2016-01-23 15:48] petrs
Line 1: Line 1:
 ====== Yubikey ====== ====== Yubikey ======
  
-  * Types: Yubikey 4, Yubikey 4 Nano, Yubikey Nano +  * Types: Yubikey 4, Yubikey 4 Nano, Yubikey Nano (obatined from amazon 01/2016) 
-  * Switch to CCID modeYubikey Neo Manager +    * https://www.yubico.com/products/yubikey-hardware/yubikey4/ 
-    * process with pictures+  * Switch to CCID mode 
 +    * Yubikey Neo Manager https://developers.yubico.com/yubikey-neo-manager/Releases/ 
 +  * Yubikey Neo is no more shipped with developer keys 
 +    * https://www.yubico.com/2014/07/yubikey-neo-updates/ 
 +    * "YubiKey NEOs that have shipped from July 1st 2014, starting with serial number 3,000,000,", also "2624253 to 2624449 and 2624801 to 2625499" 
 +  * Yubikey 4 is not JavaCard at all (probably)
  
 ===== GPShell upload ===== ===== GPShell upload =====
Line 24: Line 29:
 </code>   </code>  
  
-<code>+Resulting trace with cryptogram verification failed error: 
 +<code c>
 >GPShell.exe yubikeyinstall.txt >GPShell.exe yubikeyinstall.txt
 mode_211 mode_211
Line 50: Line 56:
 ram failed.) ram failed.)
 </code> </code>
 +
 +<code c>
 +>GPShell.exe yubikeyinstall.txt
 +mode_211
 +enable_trace
 +establish_context
 +card_connect
 +* reader name Yubico Yubikey 4 CCID 0
 +select -AID a000000003000000
 +Command --> 00A4040008A000000003000000
 +Wrapped command --> 00A4040008A000000003000000
 +Response <-- 6A82
 +select_application() returns 0x80216A82 (6A82: The application to be selected co
 +uld not be found.)
 +</code>
 +
 +===== GlobalPlatformPro =====
 +
 +Used tool: GlobalPlatformPro by Martin Paljak https://github.com/martinpaljak/GlobalPlatformPro
 +
 +
 +==== Obtain CPLC info ====
 +
 +<code c>
 +>gp -info -verbose
 +Reader: Yubico Yubikey NEO CCID 0
 +ATR: 3BFC1300008131FE15597562696B65794E454F7233E1
 +More information about your card:
 +    http://smartcard-atr.appspot.com/parse?ATR=3BFC1300008131FE15597562696B65794
 +E454F7233E1
 +
 +Auto-detected ISD AID: A000000003000000
 +***** Card info:
 +Card CPLC:
 +ICFabricator: 4790
 +ICType: 5168
 +OperatingSystemID: 4791
 +OperatingSystemReleaseDate: 1210
 +OperatingSystemReleaseLevel: 3800
 +ICFabricationDate: 4317
 +ICSerialNumber: 02720893
 +ICBatchIdentifier: 2800
 +ICModuleFabricator: 4812
 +ICModulePackagingDate: 4324
 +ICCManufacturer: 0000
 +ICEmbeddingDate: 0000
 +ICPrePersonalizer: 1215
 +ICPrePersonalizationEquipmentDate: 1532
 +ICPrePersonalizationEquipmentID: 37323038
 +ICPersonalizer: 0000
 +ICPersonalizationDate: 0000
 +ICPersonalizationEquipmentID: 00000000
 +***** CARD DATA
 +GlobalPlatform card
 +Version: 2.1.1
 +TAG3: 1.2.840.114283.3
 +SCP version: SCP_02_55
 +TAG5: 1.3.656.840.100.2.1.3
 +TAG6: 1.3.6.1.4.1.42.2.110.1.2
 +***** KEY INFO
 +VER:2 ID:1 TYPE:DES3 LEN:16
 +VER:2 ID:2 TYPE:DES3 LEN:16
 +VER:2 ID:3 TYPE:DES3 LEN:16
 +</code>
 +
 +<code c>
 +>gp -info -verbose
 +Reader: Yubico Yubikey 4 CCID 0
 +ATR: 3BF81300008131FE15597562696B657934D4
 +More information about your card:
 +    http://smartcard-atr.appspot.com/parse?ATR=3BF81300008131FE15597562696B65793
 +4D4
 +
 +***** Card info:
 +GET DATA(CPLC) returned SW: 6D00
 +NO CPLC
 +***** CARD DATA
 +NO CARD DATA
 +***** KEY INFO
 +GET DATA(Key Information Template) not supported
 +</code>
 +
 +==== List applets ====
 +
 +List applets (gp -list -verbose). Note that same result optioned with -emv option:
 +<code c>
 +>gp -list -verbose
 +Reader: Yubico Yubikey NEO CCID 0
 +ATR: 3BFC1300008131FE15597562696B65794E454F7233E1
 +More information about your card:
 +    http://smartcard-atr.appspot.com/parse?ATR=3BFC1300008131FE15597562696B65794
 +E454F7233E1
 +
 +Auto-detected ISD AID: A000000003000000
 +Host challenge: 502D016B551CC8B5
 +Card challenge: 0002C7333C9DE8A3
 +Card reports SCP02 with version 2 keys
 +Master keys:
 +Version 0
 +ENC: Ver:0 ID:0 Type:DES3 Len:16 Value:404142434445464748494A4B4C4D4E4F
 +MAC: Ver:0 ID:0 Type:DES3 Len:16 Value:404142434445464748494A4B4C4D4E4F
 +KEK: Ver:0 ID:0 Type:DES3 Len:16 Value:404142434445464748494A4B4C4D4E4F
 +Sequnce counter: 0002
 +Derived session keys:
 +Version 0
 +ENC: Ver:0 ID:0 Type:DES3 Len:16 Value:ADC1163BA2A147FBB84BF44C8676FB7D
 +MAC: Ver:0 ID:0 Type:DES3 Len:16 Value:3E06B1C8FCFD788A573B9A9889D0CA50
 +KEK: Ver:0 ID:0 Type:DES3 Len:16 Value:FC01096B6DB13ADEE0D4CB61D03FD3AA
 +openkms.gp.GPException: STRICT WARNING: Card cryptogram invalid!
 +Card: C0F743CBF8907B77
 +Host: 851B1DA65E331000
 +!!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!!
 +        at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java:156)
 +
 +        at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:471)
 +        at openkms.gp.GPTool.main(GPTool.java:348)
 +</code>
 +
 +<code c>
 +>gp -list -verbose
 +Reader: Yubico Yubikey 4 U2F+CCID 0
 +ATR: 3BF81300008131FE15597562696B657934D4
 +More information about your card:
 +    http://smartcard-atr.appspot.com/parse?ATR=3BF81300008131FE15597562696B65793
 +4D4
 +
 +Exception in thread "main" java.lang.IllegalStateException: No selected ISD!
 +        at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:319)
 +        at openkms.gp.GPTool.main(GPTool.java:348)
 +
 +</code>
 +