hellogv

使用JCShell创建/删除辅助安全域

使用JCShell在空白双界面智能卡上创建和删除辅助安全域，如有纰漏，欢迎吐槽。

实验前的卡片AID列表

Card Manager AID : A000000003000000

Card Manager state : OP_READY

Load File : LOADED (--------) A0000000030A0A

Module : A000000003000000

Load File : LOADED (--------) A0000000035350 (Security Domain)

Module : A000000003535041

Load File : LOADED (--------) "PBOC2.EDEP"

Module : 50424F43322E4544455001

Load File : LOADED (--------) "GHOST.FISCARD"

Module : 47484F53542E4649534341524401

Load File : LOADED (--------) A00000033301

Module : A0000003330101

Load File : LOADED (--------) "1PAY." (PSE)

Module : "1PAY.SYS.DDF01"

PS:A000000003000000是ISD AID

A0000000035350是SD的Module AID

建立辅助安全域SSD.01，并安装Applet关联SSD.01

cm> /card 重启卡片

resetCard with timeout: 0 (ms)

--Waiting for card...

ATR=3B 67 00 00 52 43 01 11 11 10 0A ;g..RC.....

IOCTL().

ATR: T=0, N=0, Hist=5243011111100A

=> 00 A4 04 00 09 A0 00 00 01 67 41 30 00 FF .........gA0..

(61045 usec)

<= 01 00 00 52 01 02 FF FF 43 49 55 39 38 34 38 41 ...R....CIU9848A

00 FF FF 90 00 .....

Status: No Error

=> 00 A4 04 00 07 A0 00 00 00 03 00 00 00 .............

(136284 usec)

<= 6F 4A 84 08 A0 00 00 00 03 00 00 00 A5 3E 9F 65 oJ...........>.e

01 FF 9F 6E 06 47 91 00 78 34 00 73 2F 06 07 2A ...n.G..x4.s/..*

86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`...*.H..k

02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ....c...*.H..k.d

0B 06 09 2A 86 48 86 FC 6B 04 02 15 90 00 ...*.H..k.....

Status: No Error

cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f

cm> set-key 1/1/DES-ECB/404142434445464748494a4b4c4d4e4f 1/2/DES-ECB/404142434445464748494a4b4c4d4e4f 1/3/DES-ECB/404142434445464748494a4b4c4d4e4f

cm> auth 打开安全通道

=> 80 50 00 00 08 AA 30 95 6D 47 D1 91 A5 00 .P....0.mG....

(72804 usec)

<= 00 00 00 00 00 00 00 00 00 00 FF 02 00 10 F7 25 ...............%

27 8F B0 2B 13 8D DA F0 F3 A9 8A E9 90 00 '..+..........

Status: No Error

=> 84 82 00 00 10 F5 98 B5 5C AB 35 62 B6 72 DF A0 ........\.5b.r..

5C 52 F6 2C 43 \R.,C

(55742 usec)

<= 90 00 ..

Status: No Error

cm> install -i |ssd.01 -q c9#(45) -s A0000000035350 A000000003535041

通过SD Module创建辅助安全域，安装辅助安全域实例

=> 80 E6 0C 00 1F 07 A0 00 00 00 03 53 50 08 A0 00 ...........SP...

00 00 03 53 50 41 06 73 73 64 2E 30 31 01 80 03 ...SPA.ssd.01...

C9 01 45 00 00 ..E..

(2026 msec)

<= 00 90 00 ...

Status: No Error

cm> /select |ssd.01 选择辅助安全域

=> 00 A4 04 00 06 73 73 64 2E 30 31 00 .....ssd.01.

(2094 msec)

<= 6F 48 84 06 73 73 64 2E 30 31 A5 3E 9F 65 01 FF oH..ssd.01.>.e..

9F 6E 06 47 91 00 78 34 00 73 2F 06 07 2A 86 48 .n.G..x4.s/..*.H

86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B 02 02 ..k.`...*.H..k..

01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 0B 06 ..c...*.H..k.d..

09 2A 86 48 86 FC 6B 04 02 15 90 00 .*.H..k.....

Status: No Error

cm> auth mac 建立安全通道

=> 80 50 00 00 08 26 ED 3D 7D E1 E1 B7 98 00 .P...&.=}.....

(75107 usec)

<= 00 00 00 00 00 00 00 00 00 00 FF 02 00 00 BB E7 ................

D2 71 9A 73 25 43 59 AF EF F4 48 EF 90 00 .q.s%CY...H...

Status: No Error

=> 84 82 01 00 10 9B 73 CB 52 E5 31 F5 BF 00 B6 1E ......s.R.1.....

0C 4C 28 18 86 .L(..

(57145 usec)

<= 90 00 ..

Status: No Error

cm> put-keyset 1 putkey

=> 84 D8 00 81 4B 01 80 10 EF BE E6 C6 D9 9D 7B 70 ....K.........{p

BD E9 D7 E9 27 F0 20 AF 03 8B AF 47 80 10 EF BE ....'. ....G....

E6 C6 D9 9D 7B 70 BD E9 D7 E9 27 F0 20 AF 03 8B ....{p....'. ...

AF 47 80 10 EF BE E6 C6 D9 9D 7B 70 BD E9 D7 E9 .G........{p....

27 F0 20 AF 03 8B AF 47 15 A9 C0 16 72 4E D7 71 '. ....G....rN.q

00 .

(2093 msec)

<= 01 8B AF 47 8B AF 47 8B AF 47 90 00 ...G..G..G..

Status: No Error

cm> select 回到ISD

=> 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............

(137667 usec)

<= 6F 4A 84 08 A0 00 00 00 03 00 00 00 A5 3E 9F 65 oJ...........>.e

01 FF 9F 6E 06 47 91 00 78 34 00 73 2F 06 07 2A ...n.G..x4.s/..*

86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`...*.H..k

02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ....c...*.H..k.d

0B 06 09 2A 86 48 86 FC 6B 04 02 15 90 00 ...*.H..k.....

Status: No Error

cm> auth 建立安全通道

=> 80 50 00 00 08 58 A7 B3 06 80 90 96 3A 00 .P...X......:.

(72979 usec)

<= 00 00 00 00 00 00 00 00 00 00 FF 02 00 11 B8 59 ...............Y

C7 3F 4E 54 B8 35 4F 37 A9 82 D3 41 90 00 .?NT.5O7...A..

Status: No Error

=> 84 82 00 00 10 0A 44 3B 77 08 AC 18 6C 2A FB D8 ......D;w...l*..

F9 6C AB AA 92 .l...

(55371 usec)

<= 90 00 ..

Status: No Error

cm> ls 列举所有AID

=> 80 F2 80 00 02 4F 00 00 .....O..

(41036 usec)

<= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 .............

Status: No Error

=> 80 F2 40 00 02 4F 00 00 [email protected]..

(38555 usec)

<= 06 73 73 64 2E 30 31 07 80 90 00 .ssd.01....

Status: No Error

=> 80 F2 10 00 02 4F 00 00 .....O..

(212518 usec)

<= 07 A0 00 00 00 03 0A 0A 01 00 01 08 A0 00 00 00 ................

03 00 00 00 07 A0 00 00 00 03 53 50 01 00 01 08 ..........SP....

A0 00 00 00 03 53 50 41 0A 50 42 4F 43 32 2E 45 .....SPA.PBOC2.E

44 45 50 01 00 01 0B 50 42 4F 43 32 2E 45 44 45 DEP....PBOC2.EDE

50 01 0D 47 48 4F 53 54 2E 46 49 53 43 41 52 44 P..GHOST.FISCARD

01 00 01 0E 47 48 4F 53 54 2E 46 49 53 43 41 52 ....GHOST.FISCAR

44 01 06 A0 00 00 03 33 01 01 00 01 07 A0 00 00 D......3........

03 33 01 01 05 31 50 41 59 2E 01 00 01 0E 31 50 .3...1PAY.....1P

41 59 2E 53 59 53 2E 44 44 46 30 31 90 00 AY.SYS.DDF01..

Status: No Error

Card Manager AID : A000000003000000

Card Manager state : OP_READY

Sec. Domain: SELECTABLE (S-------) "ssd.01" 看到新建的ssd.01

Load File : LOADED (--------) A0000000030A0A

Module : A000000003000000

Load File : LOADED (--------) A0000000035350 (Security Domain)

Module : A000000003535041

Load File : LOADED (--------) "PBOC2.EDEP"

Module : 50424F43322E4544455001

Load File : LOADED (--------) "GHOST.FISCARD"

Module : 47484F53542E4649534341524401

Load File : LOADED (--------) A00000033301

Module : A0000003330101

Load File : LOADED (--------) "1PAY." (PSE)

Module : "1PAY.SYS.DDF01"

cm> upload -b 250 "D:\javacard_testIO\bin\com\hellogv\testIO\javacard\testIO.cap“ 上传CAP文件

=> 80 E6 02 00 12 05 00 11 00 22 00 08 A0 00 00 00 ........."......

03 00 00 00 00 00 00 00 ........

(48486 usec)

<= 00 90 00 ...

Status: No Error

=> 80 E8 00 00 FA C4 82 01 98 01 00 22 DE CA FF ED ..........."....

02 02 04 00 01 05 00 11 00 22 00 12 63 6F 6D 2F ........."..com/

68 65 6C 6C 6F 67 76 2F 74 65 73 74 49 4F 02 00 hellogv/testIO..

21 00 22 00 21 00 09 00 0B 00 3A 00 14 00 A9 00 !.".!.....:.....

1A 00 15 00 00 00 9B 03 A0 00 04 00 02 00 0A 01 ................

01 00 04 00 0B 01 03 01 07 A0 00 00 00 62 01 01 .............b..

03 00 09 01 05 11 22 00 11 22 00 08 06 00 14 00 ......".."......

00 00 80 03 00 FF 00 04 04 00 00 00 29 FF FF 00 ............)...

1C 00 36 07 00 A9 00 01 10 18 8C 00 05 7A 05 30 ..6..........z.0

8F 00 02 3D 8C 00 09 18 1D 04 41 18 1D 25 8B 00 ...=......A..%..

06 7A 01 11 10 64 30 59 01 01 18 8C 00 0C 78 01 .z...d0Y......x.

11 10 64 30 59 01 01 18 8C 00 0A 7A 03 23 18 8B ..d0Y......z.#..

00 07 60 03 7A 19 8B 00 01 2D 1A 03 25 11 00 FF ..`.z....-..%...

53 5B 32 1A 04 25 11 00 FF 53 5B 29 04 1F 10 80 S[2..%...S[)....

6A 08 11 6E 00 8D 00 03 16 04 75 00 21 00 02 00 j..n......u.!...

10 00 0D 00 20 00 17 18 19 7B 00 0B 8C 00 04 00 .... ....{......

(1326 msec)

<= 00 90 00 ...

Status: No Error

=> 80 E8 80 01 A2 70 12 18 19 7B 00 00 8C 00 04 70 .....p...{.....p

08 11 6D 00 8D 00 03 7A 05 32 19 8B 00 01 2E 1A ..m....z.2......

92 29 04 1A 03 1B 03 16 04 8D 00 0D 3B 19 03 16 .)..........;...

04 8B 00 08 7A 08 00 1A 00 04 00 02 00 02 03 00 ....z...........

05 48 65 6C 6C 6F 03 00 05 57 6F 72 6C 64 00 00 .Hello...World..

00 00 05 00 3A 00 0E 05 00 00 02 03 80 0A 01 01 ....:...........

00 02 00 06 80 07 01 06 00 00 8C 06 80 03 00 03 ................

80 03 02 03 80 03 03 03 80 0A 08 06 00 00 01 04 ................

00 02 04 05 00 00 00 04 00 02 06 06 80 10 02 09 ................

00 15 00 00 00 11 05 06 04 0A 0D 0D 07 07 1F 14 ................

03 07 03 08 07 0E 08 00 ........

(2187 msec)

<= 00 90 00 ...

Status: No Error

Load report:

412 bytes loaded in 3.5 seconds

effective code size on card:

+ package AID 5

+ applet AIDs 12

+ classes 23

+ methods 172

+ statics 28

+ exports 0

------------------------------

overall 240 bytes

cm> install -i 1122001122 -q C9#() 0011002200 1122001122 安装CAP文件的AID

=> 80 E6 0C 00 18 05 00 11 00 22 00 05 11 22 00 11 ........."..."..

22 05 11 22 00 11 22 01 00 02 C9 00 00 00 ".."..".......

(2019 msec)

<= 00 90 00 ...

Status: No Error

cm> ls 列举所有AID

=> 80 F2 80 00 02 4F 00 00 .....O..

(41317 usec)

<= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 .............

Status: No Error

=> 80 F2 40 00 02 4F 00 00 [email protected]..

(49160 usec)

<= 06 73 73 64 2E 30 31 07 80 05 11 22 00 11 22 07 .ssd.01...."..".

00 90 00 ...

Status: No Error

=> 80 F2 10 00 02 4F 00 00 .....O..

(232039 usec)