使用JCShell在空白双界面智能卡上创建和删除辅助安全域,如有纰漏,欢迎吐槽。
实验前的卡片
AID
列表
Card Manager AID : A000000003000000
Card Manager state : OP_READY
Load File : LOADED (——–) A0000000030A0A
Module : A000000003000000
Load File : LOADED (——–) A0000000035350 (Security Domain)
Module : A000000003535041
Load File : LOADED (——–) “PBOC2.EDEP”
Module : 50424F43322E4544455001
Load File : LOADED (——–) “GHOST.FISCARD”
Module : 47484F53542E4649534341524401
Load File : LOADED (——–) A00000033301
Module : A0000003330101
Load File : LOADED (——–) “1PAY.” (PSE)
Module : “1PAY.SYS.DDF01”
PS:
A000000003000000
是
ISD AID
A0000000035350
是
SD
的
Module AID
建立辅助安全域
SSD.01
,并安装
Applet
关联
SSD.01
cm> /card
重启卡片
resetCard with timeout: 0 (ms)
–Waiting for card…
ATR=3B 67 00 00 52 43 01 11 11 10 0A ;g..RC…..
IOCTL().
ATR: T=0, N=0, Hist=5243011111100A
=> 00 A4 04 00 09 A0 00 00 01 67 41 30 00 FF ………gA0..
(61045 usec)
<= 01 00 00 52 01 02 FF FF 43 49 55 39 38 34 38 41 …R….CIU9848A
00 FF FF 90 00 …..
Status: No Error
=> 00 A4 04 00 07 A0 00 00 00 03 00 00 00 ………….
(136284 usec)
<= 6F 4A 84 08 A0 00 00 00 03 00 00 00 A5 3E 9F 65 oJ………..>.e
01 FF 9F 6E 06 47 91 00 78 34 00 73 2F 06 07 2A …n.G..x4.s/..*
86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`…*.H..k
02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ….c…*.H..k.d
0B 06 09 2A 86 48 86 FC 6B 04 02 15 90 00 …*.H..k…..
Status: No Error
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> set-key 1/1/DES-ECB/404142434445464748494a4b4c4d4e4f 1/2/DES-ECB/404142434445464748494a4b4c4d4e4f 1/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> auth
打开安全通道
=> 80 50 00 00 08 AA 30 95 6D 47 D1 91 A5 00 .P….0.mG….
(72804 usec)
<= 00 00 00 00 00 00 00 00 00 00 FF 02 00 10 F7 25 ……………%
27 8F B0 2B 13 8D DA F0 F3 A9 8A E9 90 00 ‘..+……….
Status: No Error
=> 84 82 00 00 10 F5 98 B5 5C AB 35 62 B6 72 DF A0 ……..\.5b.r..
5C 52 F6 2C 43 \R.,C
(55742 usec)
<= 90 00 ..
Status: No Error
cm> install -i |ssd.01 -q c9#(45) -s A0000000035350 A000000003535041
通过
SD Module
创建辅助安全域,安装辅助安全域实例
=> 80 E6 0C 00 1F 07 A0 00 00 00 03 53 50 08 A0 00 ………..SP…
00 00 03 53 50 41 06 73 73 64 2E 30 31 01 80 03 …SPA.ssd.01…
C9 01 45 00 00 ..E..
(2026 msec)
<= 00 90 00 …
Status: No Error
cm> /select |ssd.01
选择辅助安全域
=> 00 A4 04 00 06 73 73 64 2E 30 31 00 …..ssd.01.
(2094 msec)
<= 6F 48 84 06 73 73 64 2E 30 31 A5 3E 9F 65 01 FF oH..ssd.01.>.e..
9F 6E 06 47 91 00 78 34 00 73 2F 06 07 2A 86 48 .n.G..x4.s/..*.H
86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B 02 02 ..k.`…*.H..k..
01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 0B 06 ..c…*.H..k.d..
09 2A 86 48 86 FC 6B 04 02 15 90 00 .*.H..k…..
Status: No Error
cm> auth mac
建立安全通道
=> 80 50 00 00 08 26 ED 3D 7D E1 E1 B7 98 00 .P…&.=}…..
(75107 usec)
<= 00 00 00 00 00 00 00 00 00 00 FF 02 00 00 BB E7 …………….
D2 71 9A 73 25 43 59 AF EF F4 48 EF 90 00 .q.s%CY…H…
Status: No Error
=> 84 82 01 00 10 9B 73 CB 52 E5 31 F5 BF 00 B6 1E ……s.R.1…..
0C 4C 28 18 86 .L(..
(57145 usec)
<= 90 00 ..
Status: No Error
cm> put-keyset 1 putkey
=> 84 D8 00 81 4B 01 80 10 EF BE E6 C6 D9 9D 7B 70 ….K………{p
BD E9 D7 E9 27 F0 20 AF 03 8B AF 47 80 10 EF BE ….’. ….G….
E6 C6 D9 9D 7B 70 BD E9 D7 E9 27 F0 20 AF 03 8B ….{p….’. …
AF 47 80 10 EF BE E6 C6 D9 9D 7B 70 BD E9 D7 E9 .G……..{p….
27 F0 20 AF 03 8B AF 47 15 A9 C0 16 72 4E D7 71 ‘. ….G….rN.q
00 .
(2093 msec)
<= 01 8B AF 47 8B AF 47 8B AF 47 90 00 …G..G..G..
Status: No Error
cm> select
回到
ISD
=> 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 …………..
(137667 usec)
<= 6F 4A 84 08 A0 00 00 00 03 00 00 00 A5 3E 9F 65 oJ………..>.e
01 FF 9F 6E 06 47 91 00 78 34 00 73 2F 06 07 2A …n.G..x4.s/..*
86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`…*.H..k
02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ….c…*.H..k.d
0B 06 09 2A 86 48 86 FC 6B 04 02 15 90 00 …*.H..k…..
Status: No Error
cm> auth
建立安全通道
=> 80 50 00 00 08 58 A7 B3 06 80 90 96 3A 00 .P…X……:.
(72979 usec)
<= 00 00 00 00 00 00 00 00 00 00 FF 02 00 11 B8 59 ……………Y
C7 3F 4E 54 B8 35 4F 37 A9 82 D3 41 90 00 .?NT.5O7…A..
Status: No Error
=> 84 82 00 00 10 0A 44 3B 77 08 AC 18 6C 2A FB D8 ……D;w…l*..
F9 6C AB AA 92 .l…
(55371 usec)
<= 90 00 ..
Status: No Error
cm> ls
列举所有
AID
=> 80 F2 80 00 02 4F 00 00 …..O..
(41036 usec)
<= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 ………….
Status: No Error
=> 80 F2 40 00 02 4F 00 00 ..@..O..
(38555 usec)
<= 06 73 73 64 2E 30 31 07 80 90 00 .ssd.01….
Status: No Error
=> 80 F2 10 00 02 4F 00 00 …..O..
(212518 usec)
<= 07 A0 00 00 00 03 0A 0A 01 00 01 08 A0 00 00 00 …………….
03 00 00 00 07 A0 00 00 00 03 53 50 01 00 01 08 ……….SP….
A0 00 00 00 03 53 50 41 0A 50 42 4F 43 32 2E 45 …..SPA.PBOC2.E
44 45 50 01 00 01 0B 50 42 4F 43 32 2E 45 44 45 DEP….PBOC2.EDE
50 01 0D 47 48 4F 53 54 2E 46 49 53 43 41 52 44 P..GHOST.FISCARD
01 00 01 0E 47 48 4F 53 54 2E 46 49 53 43 41 52 ….GHOST.FISCAR
44 01 06 A0 00 00 03 33 01 01 00 01 07 A0 00 00 D……3……..
03 33 01 01 05 31 50 41 59 2E 01 00 01 0E 31 50 .3…1PAY…..1P
41 59 2E 53 59 53 2E 44 44 46 30 31 90 00 AY.SYS.DDF01..
Status: No Error
Card Manager AID : A000000003000000
Card Manager state : OP_READY
Sec. Domain: SELECTABLE (S——-) “ssd.01”
看到新建的
ssd.01
Load File : LOADED (——–) A0000000030A0A
Module : A000000003000000
Load File : LOADED (——–) A0000000035350 (Security Domain)
Module : A000000003535041
Load File : LOADED (——–) “PBOC2.EDEP”
Module : 50424F43322E4544455001
Load File : LOADED (——–) “GHOST.FISCARD”
Module : 47484F53542E4649534341524401
Load File : LOADED (——–) A00000033301
Module : A0000003330101
Load File : LOADED (——–) “1PAY.” (PSE)
Module : “1PAY.SYS.DDF01”
cm> upload -b 250 “D:\javacard_testIO\bin\com\hellogv\testIO\javacard\testIO.cap
“
上传
CAP
文件
=> 80 E6 02 00 12 05 00 11 00 22 00 08 A0 00 00 00 ………”……
03 00 00 00 00 00 00 00 ……..
(48486 usec)
<= 00 90 00 …
Status: No Error
=> 80 E8 00 00 FA C4 82 01 98 01 00 22 DE CA FF ED ………..”….
02 02 04 00 01 05 00 11 00 22 00 12 63 6F 6D 2F ………”..com/
68 65 6C 6C 6F 67 76 2F 74 65 73 74 49 4F 02 00 hellogv/testIO..
21 00 22 00 21 00 09 00 0B 00 3A 00 14 00 A9 00 !.”.!…..:…..
1A 00 15 00 00 00 9B 03 A0 00 04 00 02 00 0A 01 …………….
01 00 04 00 0B 01 03 01 07 A0 00 00 00 62 01 01 ………….b..
03 00 09 01 05 11 22 00 11 22 00 08 06 00 14 00 ……”..”……
00 00 80 03 00 FF 00 04 04 00 00 00 29 FF FF 00 …………)…
1C 00 36 07 00 A9 00 01 10 18 8C 00 05 7A 05 30 ..6……….z.0
8F 00 02 3D 8C 00 09 18 1D 04 41 18 1D 25 8B 00 …=……A..%..
06 7A 01 11 10 64 30 59 01 01 18 8C 00 0C 78 01 .z…d0Y……x.
11 10 64 30 59 01 01 18 8C 00 0A 7A 03 23 18 8B ..d0Y……z.#..
00 07 60 03 7A 19 8B 00 01 2D 1A 03 25 11 00 FF ..`.z….-..%…
53 5B 32 1A 04 25 11 00 FF 53 5B 29 04 1F 10 80 S[2..%…S[)….
6A 08 11 6E 00 8D 00 03 16 04 75 00 21 00 02 00 j..n……u.!…
10 00 0D 00 20 00 17 18 19 7B 00 0B 8C 00 04 00 …. ….{……
(1326 msec)
<= 00 90 00 …
Status: No Error
=> 80 E8 80 01 A2 70 12 18 19 7B 00 00 8C 00 04 70 …..p…{…..p
08 11 6D 00 8D 00 03 7A 05 32 19 8B 00 01 2E 1A ..m….z.2……
92 29 04 1A 03 1B 03 16 04 8D 00 0D 3B 19 03 16 .)……….;…
04 8B 00 08 7A 08 00 1A 00 04 00 02 00 02 03 00 ….z………..
05 48 65 6C 6C 6F 03 00 05 57 6F 72 6C 64 00 00 .Hello…World..
00 00 05 00 3A 00 0E 05 00 00 02 03 80 0A 01 01 ….:………..
00 02 00 06 80 07 01 06 00 00 8C 06 80 03 00 03 …………….
80 03 02 03 80 03 03 03 80 0A 08 06 00 00 01 04 …………….
00 02 04 05 00 00 00 04 00 02 06 06 80 10 02 09 …………….
00 15 00 00 00 11 05 06 04 0A 0D 0D 07 07 1F 14 …………….
03 07 03 08 07 0E 08 00 ……..
(2187 msec)
<= 00 90 00 …
Status: No Error
Load report:
412 bytes loaded in 3.5 seconds
effective code size on card:
+ package AID 5
+ applet AIDs 12
+ classes 23
+ methods 172
+ statics 28
+ exports 0
——————————
overall 240 bytes
cm> install -i 1122001122 -q C9#() 0011002200 1122001122
安装
CAP
文件的
AID
=> 80 E6 0C 00 18 05 00 11 00 22 00 05 11 22 00 11 ………”…”..
22 05 11 22 00 11 22 01 00 02 C9 00 00 00 “..”..”…….
(2019 msec)
<= 00 90 00 …
Status: No Error
cm> ls
列举所有
AID
=> 80 F2 80 00 02 4F 00 00 …..O..
(41317 usec)
<= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 ………….
Status: No Error
=> 80 F2 40 00 02 4F 00 00 ..@..O..
(49160 usec)
<= 06 73 73 64 2E 30 31 07 80 05 11 22 00 11 22 07 .ssd.01….”..”.
00 90 00 …
Status: No Error
=> 80 F2 10 00 02 4F 00 00 …..O..
(232039 usec)
<= 07 A0 00 00 00 03 0A 0A 01 00 01 08 A0 00 00 00 …………….
03 00 00 00 07 A0 00 00 00 03 53 50 01 00 01 08 ……….SP….
A0 00 00 00 03 53 50 41 0A 50 42 4F 43 32 2E 45 …..SPA.PBOC2.E
44 45 50 01 00 01 0B 50 42 4F 43 32 2E 45 44 45 DEP….PBOC2.EDE
50 01 0D 47 48 4F 53 54 2E 46 49 53 43 41 52 44 P..GHOST.FISCARD
01 00 01 0E 47 48 4F 53 54 2E 46 49 53 43 41 52 ….GHOST.FISCAR
44 01 06 A0 00 00 03 33 01 01 00 01 07 A0 00 00 D……3……..
03 33 01 01 05 31 50 41 59 2E 01 00 01 0E 31 50 .3…1PAY…..1P
41 59 2E 53 59 53 2E 44 44 46 30 31 05 00 11 00 AY.SYS.DDF01….
22 00 01 00 01 05 11 22 00 11 22 90 00 “……”..”..
Status: No Error
Card Manager AID : A000000003000000
Card Manager state : OP_READY
Application: SELECTABLE (——–) 1122001122
看到新建的
1122001122
Sec. Domain: SELECTABLE (S——-) “ssd.01”
看到新建的
ssd.01
Load File : LOADED (——–) A0000000030A0A
Module : A000000003000000
Load File : LOADED (——–) A0000000035350 (Security Domain)
Module : A000000003535041
Load File : LOADED (——–) “PBOC2.EDEP”
Module : 50424F43322E4544455001
Load File : LOADED (——–) “GHOST.FISCARD”
Module : 47484F53542E4649534341524401
Load File : LOADED (——–) A00000033301
Module : A0000003330101
Load File : LOADED (——–) “1PAY.” (PSE)
Module : “1PAY.SYS.DDF01”
Load File : LOADED (——–) 0011002200
Module : 1122001122
删除辅助安全域
cm> /card
resetCard with timeout: 0 (ms)
–Waiting for card…
ATR=3B 67 00 00 52 43 01 11 11 10 0A ;g..RC…..
IOCTL().
ATR: T=0, N=0, Hist=5243011111100A
=> 00 A4 04 00 09 A0 00 00 01 67 41 30 00 FF ………gA0..
(60836 usec)
<= 01 00 00 52 01 02 FF FF 43 49 55 39 38 34 38 41 …R….CIU9848A
00 FF FF 90 00 …..
Status: No Error
=> 00 A4 04 00 07 A0 00 00 00 03 00 00 00 ………….
(136802 usec)
<= 6F 4A 84 08 A0 00 00 00 03 00 00 00 A5 3E 9F 65 oJ………..>.e
01 FF 9F 6E 06 47 91 00 78 34 00 73 2F 06 07 2A …n.G..x4.s/..*
86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`…*.H..k
02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ….c…*.H..k.d
0B 06 09 2A 86 48 86 FC 6B 04 02 15 90 00 …*.H..k…..
Status: No Error
cm> auth
=> 80 50 00 00 08 07 4D 4B 53 75 6F 71 01 00 .P….MKSuoq..
(73758 usec)
<= 00 00 00 00 00 00 00 00 00 00 FF 02 00 12 C7 44 ……………D
0F 7E C1 25 DF B4 A0 5A D4 4A AF 3A 90 00 .~.%…Z.J.:..
Status: No Error
=> 84 82 00 00 10 8D 57 78 AB F5 12 8D A1 31 76 9E ……Wx…..1v.
34 54 86 AE 04 4T…
(55427 usec)
<= 90 00 ..
Status: No Error
cm> delete -r 0011002200
先卸载关联
ssd.01
的
applet
=> 80 E4 00 80 07 4F 05 00 11 00 22 00 00 …..O….”..
(1998 msec)
<= 00 90 00 …
Status: No Error
cm> delete |ssd.01
删除辅助安全域
ssd.01
=> 80 E4 00 00 08 4F 06 73 73 64 2E 30 31 00 …..O.ssd.01.
(1999 msec)
<= 00 90 00 …
Status: No Error
cm> ls
=> 80 F2 80 00 02 4F 00 00 …..O..
(41763 usec)
<= 08 A0 00 00 00 03 00 00 00 01 9E 90 00 ………….
Status: No Error
=> 80 F2 40 00 02 4F 00 00 ..@..O..
(37800 usec)
<= 05 11 22 00 11 22 07 00 90 00 ..”..”….
Status: No Error
=> 80 F2 10 00 02 4F 00 00 …..O..
(232522 usec)
<= 07 A0 00 00 00 03 0A 0A 01 00 01 08 A0 00 00 00 …………….
03 00 00 00 07 A0 00 00 00 03 53 50 01 00 01 08 ……….SP….
A0 00 00 00 03 53 50 41 0A 50 42 4F 43 32 2E 45 …..SPA.PBOC2.E
44 45 50 01 00 01 0B 50 42 4F 43 32 2E 45 44 45 DEP….PBOC2.EDE
50 01 0D 47 48 4F 53 54 2E 46 49 53 43 41 52 44 P..GHOST.FISCARD
01 00 01 0E 47 48 4F 53 54 2E 46 49 53 43 41 52 ….GHOST.FISCAR
44 01 06 A0 00 00 03 33 01 01 00 01 07 A0 00 00 D……3……..
03 33 01 01 05 31 50 41 59 2E 01 00 01 0E 31 50 .3…1PAY…..1P
41 59 2E 53 59 53 2E 44 44 46 30 31 05 00 11 00 AY.SYS.DDF01….
22 00 01 00 01 05 11 22 00 11 22 90 00 “……”..”..
Status: No Error
Card Manager AID : A000000003000000
Card Manager state : OP_READY
Load File : LOADED (——–) A0000000030A0A
Module : A000000003000000
Load File : LOADED (——–) A0000000035350 (Security Domain)
Module : A000000003535041
Load File : LOADED (——–) “PBOC2.EDEP”
Module : 50424F43322E4544455001
Load File : LOADED (——–) “GHOST.FISCARD”
Module : 47484F53542E4649534341524401
Load File : LOADED (——–) A00000033301
Module : A0000003330101
Load File : LOADED (——–) “1PAY.” (PSE)
Module : “1PAY.SYS.DDF01”